Fix a security bypass issue in access_secure_service_from_temp_bond

Bug: 318374503 Test: m com.android.btservices | manual test against PoC | QA Ignore-AOSP-First: security (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:62944f39f502b28687a5142ec2d77585525591bc) Merged-In: I48df2c2d77810077e97d4131540277273d441998 Change-Id: I48df2c2d77810077e97d4131540277273d441998
author: Hui Peng <phui@google.com> 2024-01-04 06:27:52 +0000
committer: George Zacharia <george.zcharia@gmail.com> 2024-03-09 15:20:01 +0530
commit: bec7d542b728b2e79816d0f6f5f5eb29e6ddda29 (patch)
tree: b32fc9776e3c999dfa2a236eb9cdf33b53028502
parent: 92a8d911dc48f667e70b0e0d07ed8b5771f74ddb (diff)
1 files changed, 1 insertions, 2 deletions
diff --git a/system/stack/btm/btm_sec.cc b/system/stack/btm/btm_sec.cc
index 75e80eba82..e20393a363 100644
--- a/system/stack/btm/btm_sec.cc
+++ b/system/stack/btm/btm_sec.cc
@@ -232,8 +232,7 @@ static bool access_secure_service_from_temp_bond(const tBTM_SEC_DEV_REC* p_dev_r
                                                  bool locally_initiated,
                                                  uint16_t security_req) {
   return !locally_initiated && (security_req & BTM_SEC_IN_AUTHENTICATE) &&
-    p_dev_rec->is_device_authenticated() &&
-    p_dev_rec->is_bond_type_temporary();
+         p_dev_rec->is_bond_type_temporary();
 }
 
 /*******************************************************************************
author	Hui Peng <phui@google.com>	2024-01-04 06:27:52 +0000
committer	George Zacharia <george.zcharia@gmail.com>	2024-03-09 15:20:01 +0530
commit	bec7d542b728b2e79816d0f6f5f5eb29e6ddda29 (patch)
tree	b32fc9776e3c999dfa2a236eb9cdf33b53028502
parent	92a8d911dc48f667e70b0e0d07ed8b5771f74ddb (diff)