Loading core/java/android/app/AppOpsManager.java +16 −6 Original line number Diff line number Diff line Loading @@ -221,8 +221,10 @@ public class AppOpsManager { public static final int OP_USE_SIP = 53; /** @hide Intercept outgoing calls. */ public static final int OP_PROCESS_OUTGOING_CALLS = 54; /** @hide User the fingerprint API. */ public static final int OP_USE_FINGERPRINT = 55; /** @hide */ public static final int _NUM_OP = 55; public static final int _NUM_OP = 56; /** Access to coarse location information. */ public static final String OPSTR_COARSE_LOCATION = "android:coarse_location"; Loading Loading @@ -357,7 +359,8 @@ public class AppOpsManager { OP_READ_PHONE_STATE, OP_ADD_VOICEMAIL, OP_USE_SIP, OP_PROCESS_OUTGOING_CALLS OP_PROCESS_OUTGOING_CALLS, OP_USE_FINGERPRINT }; /** Loading Loading @@ -419,6 +422,7 @@ public class AppOpsManager { null, null, null, null, null }; Loading Loading @@ -481,7 +485,8 @@ public class AppOpsManager { "OP_READ_PHONE_STATE", "ADD_VOICEMAIL", "USE_SIP", "PROCESS_OUTGOING_CALLS" "PROCESS_OUTGOING_CALLS", "USE_FINGERPRINT" }; /** Loading Loading @@ -543,7 +548,8 @@ public class AppOpsManager { Manifest.permission.READ_PHONE_STATE, Manifest.permission.ADD_VOICEMAIL, Manifest.permission.USE_SIP, Manifest.permission.PROCESS_OUTGOING_CALLS Manifest.permission.PROCESS_OUTGOING_CALLS, Manifest.permission.USE_FINGERPRINT }; /** Loading Loading @@ -606,7 +612,8 @@ public class AppOpsManager { null, // READ_PHONE_STATE null, // ADD_VOICEMAIL null, // USE_SIP null // PROCESS_OUTGOING_CALLS null, // PROCESS_OUTGOING_CALLS null // USE_FINGERPRINT }; /** Loading Loading @@ -668,7 +675,8 @@ public class AppOpsManager { false, //READ_PHONE_STATE false, //ADD_VOICEMAIL false, // USE_SIP false // PROCESS_OUTGOING_CALLS false, // PROCESS_OUTGOING_CALLS false // USE_FINGERPRINT }; /** Loading Loading @@ -729,6 +737,7 @@ public class AppOpsManager { AppOpsManager.MODE_ALLOWED, AppOpsManager.MODE_ALLOWED, AppOpsManager.MODE_ALLOWED, AppOpsManager.MODE_ALLOWED, AppOpsManager.MODE_ALLOWED }; Loading Loading @@ -794,6 +803,7 @@ public class AppOpsManager { false, false, false, false, false }; Loading core/java/android/hardware/fingerprint/FingerprintManager.java +8 −6 Original line number Diff line number Diff line Loading @@ -434,7 +434,8 @@ public class FingerprintManager { mAuthenticationCallback = callback; mCryptoObject = crypto; long sessionId = crypto != null ? crypto.getOpId() : 0; mService.authenticate(mToken, sessionId, userId, mServiceReceiver, flags); mService.authenticate(mToken, sessionId, userId, mServiceReceiver, flags, mContext.getOpPackageName()); } catch (RemoteException e) { Log.w(TAG, "Remote exception while authenticating: ", e); if (callback != null) { Loading Loading @@ -555,7 +556,7 @@ public class FingerprintManager { */ public List<Fingerprint> getEnrolledFingerprints(int userId) { if (mService != null) try { return mService.getEnrolledFingerprints(userId); return mService.getEnrolledFingerprints(userId, mContext.getOpPackageName()); } catch (RemoteException e) { Log.v(TAG, "Remote exception in getEnrolledFingerprints: ", e); } Loading @@ -579,7 +580,8 @@ public class FingerprintManager { */ public boolean hasEnrolledFingerprints() { if (mService != null) try { return mService.hasEnrolledFingerprints(UserHandle.myUserId()); return mService.hasEnrolledFingerprints(UserHandle.myUserId(), mContext.getOpPackageName()); } catch (RemoteException e) { Log.v(TAG, "Remote exception in getEnrolledFingerprints: ", e); } Loading @@ -595,7 +597,7 @@ public class FingerprintManager { if (mService != null) { try { long deviceId = 0; /* TODO: plumb hardware id to FPMS */ return mService.isHardwareDetected(deviceId); return mService.isHardwareDetected(deviceId, mContext.getOpPackageName()); } catch (RemoteException e) { Log.v(TAG, "Remote exception in isFingerprintHardwareDetected(): ", e); } Loading @@ -614,7 +616,7 @@ public class FingerprintManager { public long getAuthenticatorId() { if (mService != null) { try { return mService.getAuthenticatorId(); return mService.getAuthenticatorId(mContext.getOpPackageName()); } catch (RemoteException e) { Log.v(TAG, "Remote exception in getAuthenticatorId(): ", e); } Loading Loading @@ -736,7 +738,7 @@ public class FingerprintManager { private void cancelAuthentication(CryptoObject cryptoObject) { if (mService != null) try { mService.cancelAuthentication(mToken); mService.cancelAuthentication(mToken, mContext.getOpPackageName()); } catch (RemoteException e) { if (DEBUG) Log.w(TAG, "Remote exception while canceling enrollment"); } Loading core/java/android/hardware/fingerprint/IFingerprintService.aidl +6 −6 Original line number Diff line number Diff line Loading @@ -27,10 +27,10 @@ import java.util.List; interface IFingerprintService { // Authenticate the given sessionId with a fingerprint void authenticate(IBinder token, long sessionId, int groupId, IFingerprintServiceReceiver receiver, int flags); IFingerprintServiceReceiver receiver, int flags, String opPackageName); // Cancel authentication for the given sessionId void cancelAuthentication(IBinder token); void cancelAuthentication(IBinder token, String opPackageName); // Start fingerprint enrollment void enroll(IBinder token, in byte [] cryptoToken, int groupId, IFingerprintServiceReceiver receiver, Loading @@ -46,16 +46,16 @@ interface IFingerprintService { void rename(int fingerId, int groupId, String name); // Get a list of enrolled fingerprints in the given group. List<Fingerprint> getEnrolledFingerprints(int groupId); List<Fingerprint> getEnrolledFingerprints(int groupId, String opPackageName); // Determine if HAL is loaded and ready boolean isHardwareDetected(long deviceId); boolean isHardwareDetected(long deviceId, String opPackageName); // Get a pre-enrollment authentication token long preEnroll(IBinder token); // Determine if a user has at least one enrolled fingerprint boolean hasEnrolledFingerprints(int groupId); boolean hasEnrolledFingerprints(int groupId, String opPackageName); // Gets the number of hardware devices // int getHardwareDeviceCount(); Loading @@ -64,5 +64,5 @@ interface IFingerprintService { // long getHardwareDevice(int i); // Gets the authenticator ID for fingerprint long getAuthenticatorId(); long getAuthenticatorId(String opPackageName); } services/core/java/com/android/server/fingerprint/FingerprintService.java +37 −12 Original line number Diff line number Diff line Loading @@ -16,14 +16,15 @@ package com.android.server.fingerprint; import android.app.AppOpsManager; import android.content.ContentResolver; import android.content.Context; import android.os.Binder; import android.os.Handler; import android.os.IBinder; import android.os.Looper; import android.os.MessageQueue; import android.os.RemoteException; import android.util.ArrayMap; import android.util.Slog; import com.android.server.SystemService; Loading @@ -39,6 +40,7 @@ import static android.Manifest.permission.USE_FINGERPRINT; import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; import java.util.List; /** Loading @@ -55,6 +57,8 @@ public class FingerprintService extends SystemService { private ClientMonitor mEnrollClient = null; private ClientMonitor mRemoveClient = null; private final AppOpsManager mAppOps; private static final int MSG_NOTIFY = 10; private static final int ENROLLMENT_TIMEOUT_MS = 60 * 1000; // 1 minute Loading Loading @@ -96,6 +100,7 @@ public class FingerprintService extends SystemService { public FingerprintService(Context context) { super(context); mContext = context; mAppOps = context.getSystemService(AppOpsManager.class); nativeInit(Looper.getMainLooper().getQueue(), this); } Loading Loading @@ -361,6 +366,13 @@ public class FingerprintService extends SystemService { "Must have " + permission + " permission."); } private boolean canUserFingerPrint(String opPackageName) { checkPermission(USE_FINGERPRINT); return mAppOps.noteOp(AppOpsManager.OP_USE_FINGERPRINT, Binder.getCallingUid(), opPackageName) == AppOpsManager.MODE_ALLOWED; } private class ClientMonitor implements IBinder.DeathRecipient { IBinder token; IFingerprintServiceReceiver receiver; Loading Loading @@ -522,8 +534,11 @@ public class FingerprintService extends SystemService { @Override // Binder call public void authenticate(final IBinder token, final long opId, final int groupId, final IFingerprintServiceReceiver receiver, final int flags) { final IFingerprintServiceReceiver receiver, final int flags, String opPackageName) { checkPermission(USE_FINGERPRINT); if (!canUserFingerPrint(opPackageName)) { return; } mHandler.post(new Runnable() { @Override public void run() { Loading @@ -535,8 +550,10 @@ public class FingerprintService extends SystemService { @Override // Binder call public void cancelAuthentication(final IBinder token) { checkPermission(USE_FINGERPRINT); public void cancelAuthentication(final IBinder token, String opPackageName) { if (!canUserFingerPrint(opPackageName)) { return; } mHandler.post(new Runnable() { @Override public void run() { Loading @@ -561,8 +578,10 @@ public class FingerprintService extends SystemService { @Override // Binder call public boolean isHardwareDetected(long deviceId) { checkPermission(USE_FINGERPRINT); public boolean isHardwareDetected(long deviceId, String opPackageName) { if (!canUserFingerPrint(opPackageName)) { return false; } return mHalDeviceId != 0; // TODO } Loading @@ -580,21 +599,27 @@ public class FingerprintService extends SystemService { @Override // Binder call public List<Fingerprint> getEnrolledFingerprints(int groupId) { checkPermission(USE_FINGERPRINT); public List<Fingerprint> getEnrolledFingerprints(int groupId, String opPackageName) { if (!canUserFingerPrint(opPackageName)) { return Collections.emptyList(); } return FingerprintService.this.getEnrolledFingerprints(groupId); } @Override // Binder call public boolean hasEnrolledFingerprints(int groupId) { checkPermission(USE_FINGERPRINT); public boolean hasEnrolledFingerprints(int groupId, String opPackageName) { if (!canUserFingerPrint(opPackageName)) { return false; } return FingerprintService.this.hasEnrolledFingerprints(groupId); } @Override public long getAuthenticatorId() { checkPermission(USE_FINGERPRINT); public long getAuthenticatorId(String opPackageName) { if (!canUserFingerPrint(opPackageName)) { return 0; } return nativeGetAuthenticatorId(); } } Loading Loading
core/java/android/app/AppOpsManager.java +16 −6 Original line number Diff line number Diff line Loading @@ -221,8 +221,10 @@ public class AppOpsManager { public static final int OP_USE_SIP = 53; /** @hide Intercept outgoing calls. */ public static final int OP_PROCESS_OUTGOING_CALLS = 54; /** @hide User the fingerprint API. */ public static final int OP_USE_FINGERPRINT = 55; /** @hide */ public static final int _NUM_OP = 55; public static final int _NUM_OP = 56; /** Access to coarse location information. */ public static final String OPSTR_COARSE_LOCATION = "android:coarse_location"; Loading Loading @@ -357,7 +359,8 @@ public class AppOpsManager { OP_READ_PHONE_STATE, OP_ADD_VOICEMAIL, OP_USE_SIP, OP_PROCESS_OUTGOING_CALLS OP_PROCESS_OUTGOING_CALLS, OP_USE_FINGERPRINT }; /** Loading Loading @@ -419,6 +422,7 @@ public class AppOpsManager { null, null, null, null, null }; Loading Loading @@ -481,7 +485,8 @@ public class AppOpsManager { "OP_READ_PHONE_STATE", "ADD_VOICEMAIL", "USE_SIP", "PROCESS_OUTGOING_CALLS" "PROCESS_OUTGOING_CALLS", "USE_FINGERPRINT" }; /** Loading Loading @@ -543,7 +548,8 @@ public class AppOpsManager { Manifest.permission.READ_PHONE_STATE, Manifest.permission.ADD_VOICEMAIL, Manifest.permission.USE_SIP, Manifest.permission.PROCESS_OUTGOING_CALLS Manifest.permission.PROCESS_OUTGOING_CALLS, Manifest.permission.USE_FINGERPRINT }; /** Loading Loading @@ -606,7 +612,8 @@ public class AppOpsManager { null, // READ_PHONE_STATE null, // ADD_VOICEMAIL null, // USE_SIP null // PROCESS_OUTGOING_CALLS null, // PROCESS_OUTGOING_CALLS null // USE_FINGERPRINT }; /** Loading Loading @@ -668,7 +675,8 @@ public class AppOpsManager { false, //READ_PHONE_STATE false, //ADD_VOICEMAIL false, // USE_SIP false // PROCESS_OUTGOING_CALLS false, // PROCESS_OUTGOING_CALLS false // USE_FINGERPRINT }; /** Loading Loading @@ -729,6 +737,7 @@ public class AppOpsManager { AppOpsManager.MODE_ALLOWED, AppOpsManager.MODE_ALLOWED, AppOpsManager.MODE_ALLOWED, AppOpsManager.MODE_ALLOWED, AppOpsManager.MODE_ALLOWED }; Loading Loading @@ -794,6 +803,7 @@ public class AppOpsManager { false, false, false, false, false }; Loading
core/java/android/hardware/fingerprint/FingerprintManager.java +8 −6 Original line number Diff line number Diff line Loading @@ -434,7 +434,8 @@ public class FingerprintManager { mAuthenticationCallback = callback; mCryptoObject = crypto; long sessionId = crypto != null ? crypto.getOpId() : 0; mService.authenticate(mToken, sessionId, userId, mServiceReceiver, flags); mService.authenticate(mToken, sessionId, userId, mServiceReceiver, flags, mContext.getOpPackageName()); } catch (RemoteException e) { Log.w(TAG, "Remote exception while authenticating: ", e); if (callback != null) { Loading Loading @@ -555,7 +556,7 @@ public class FingerprintManager { */ public List<Fingerprint> getEnrolledFingerprints(int userId) { if (mService != null) try { return mService.getEnrolledFingerprints(userId); return mService.getEnrolledFingerprints(userId, mContext.getOpPackageName()); } catch (RemoteException e) { Log.v(TAG, "Remote exception in getEnrolledFingerprints: ", e); } Loading @@ -579,7 +580,8 @@ public class FingerprintManager { */ public boolean hasEnrolledFingerprints() { if (mService != null) try { return mService.hasEnrolledFingerprints(UserHandle.myUserId()); return mService.hasEnrolledFingerprints(UserHandle.myUserId(), mContext.getOpPackageName()); } catch (RemoteException e) { Log.v(TAG, "Remote exception in getEnrolledFingerprints: ", e); } Loading @@ -595,7 +597,7 @@ public class FingerprintManager { if (mService != null) { try { long deviceId = 0; /* TODO: plumb hardware id to FPMS */ return mService.isHardwareDetected(deviceId); return mService.isHardwareDetected(deviceId, mContext.getOpPackageName()); } catch (RemoteException e) { Log.v(TAG, "Remote exception in isFingerprintHardwareDetected(): ", e); } Loading @@ -614,7 +616,7 @@ public class FingerprintManager { public long getAuthenticatorId() { if (mService != null) { try { return mService.getAuthenticatorId(); return mService.getAuthenticatorId(mContext.getOpPackageName()); } catch (RemoteException e) { Log.v(TAG, "Remote exception in getAuthenticatorId(): ", e); } Loading Loading @@ -736,7 +738,7 @@ public class FingerprintManager { private void cancelAuthentication(CryptoObject cryptoObject) { if (mService != null) try { mService.cancelAuthentication(mToken); mService.cancelAuthentication(mToken, mContext.getOpPackageName()); } catch (RemoteException e) { if (DEBUG) Log.w(TAG, "Remote exception while canceling enrollment"); } Loading
core/java/android/hardware/fingerprint/IFingerprintService.aidl +6 −6 Original line number Diff line number Diff line Loading @@ -27,10 +27,10 @@ import java.util.List; interface IFingerprintService { // Authenticate the given sessionId with a fingerprint void authenticate(IBinder token, long sessionId, int groupId, IFingerprintServiceReceiver receiver, int flags); IFingerprintServiceReceiver receiver, int flags, String opPackageName); // Cancel authentication for the given sessionId void cancelAuthentication(IBinder token); void cancelAuthentication(IBinder token, String opPackageName); // Start fingerprint enrollment void enroll(IBinder token, in byte [] cryptoToken, int groupId, IFingerprintServiceReceiver receiver, Loading @@ -46,16 +46,16 @@ interface IFingerprintService { void rename(int fingerId, int groupId, String name); // Get a list of enrolled fingerprints in the given group. List<Fingerprint> getEnrolledFingerprints(int groupId); List<Fingerprint> getEnrolledFingerprints(int groupId, String opPackageName); // Determine if HAL is loaded and ready boolean isHardwareDetected(long deviceId); boolean isHardwareDetected(long deviceId, String opPackageName); // Get a pre-enrollment authentication token long preEnroll(IBinder token); // Determine if a user has at least one enrolled fingerprint boolean hasEnrolledFingerprints(int groupId); boolean hasEnrolledFingerprints(int groupId, String opPackageName); // Gets the number of hardware devices // int getHardwareDeviceCount(); Loading @@ -64,5 +64,5 @@ interface IFingerprintService { // long getHardwareDevice(int i); // Gets the authenticator ID for fingerprint long getAuthenticatorId(); long getAuthenticatorId(String opPackageName); }
services/core/java/com/android/server/fingerprint/FingerprintService.java +37 −12 Original line number Diff line number Diff line Loading @@ -16,14 +16,15 @@ package com.android.server.fingerprint; import android.app.AppOpsManager; import android.content.ContentResolver; import android.content.Context; import android.os.Binder; import android.os.Handler; import android.os.IBinder; import android.os.Looper; import android.os.MessageQueue; import android.os.RemoteException; import android.util.ArrayMap; import android.util.Slog; import com.android.server.SystemService; Loading @@ -39,6 +40,7 @@ import static android.Manifest.permission.USE_FINGERPRINT; import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; import java.util.List; /** Loading @@ -55,6 +57,8 @@ public class FingerprintService extends SystemService { private ClientMonitor mEnrollClient = null; private ClientMonitor mRemoveClient = null; private final AppOpsManager mAppOps; private static final int MSG_NOTIFY = 10; private static final int ENROLLMENT_TIMEOUT_MS = 60 * 1000; // 1 minute Loading Loading @@ -96,6 +100,7 @@ public class FingerprintService extends SystemService { public FingerprintService(Context context) { super(context); mContext = context; mAppOps = context.getSystemService(AppOpsManager.class); nativeInit(Looper.getMainLooper().getQueue(), this); } Loading Loading @@ -361,6 +366,13 @@ public class FingerprintService extends SystemService { "Must have " + permission + " permission."); } private boolean canUserFingerPrint(String opPackageName) { checkPermission(USE_FINGERPRINT); return mAppOps.noteOp(AppOpsManager.OP_USE_FINGERPRINT, Binder.getCallingUid(), opPackageName) == AppOpsManager.MODE_ALLOWED; } private class ClientMonitor implements IBinder.DeathRecipient { IBinder token; IFingerprintServiceReceiver receiver; Loading Loading @@ -522,8 +534,11 @@ public class FingerprintService extends SystemService { @Override // Binder call public void authenticate(final IBinder token, final long opId, final int groupId, final IFingerprintServiceReceiver receiver, final int flags) { final IFingerprintServiceReceiver receiver, final int flags, String opPackageName) { checkPermission(USE_FINGERPRINT); if (!canUserFingerPrint(opPackageName)) { return; } mHandler.post(new Runnable() { @Override public void run() { Loading @@ -535,8 +550,10 @@ public class FingerprintService extends SystemService { @Override // Binder call public void cancelAuthentication(final IBinder token) { checkPermission(USE_FINGERPRINT); public void cancelAuthentication(final IBinder token, String opPackageName) { if (!canUserFingerPrint(opPackageName)) { return; } mHandler.post(new Runnable() { @Override public void run() { Loading @@ -561,8 +578,10 @@ public class FingerprintService extends SystemService { @Override // Binder call public boolean isHardwareDetected(long deviceId) { checkPermission(USE_FINGERPRINT); public boolean isHardwareDetected(long deviceId, String opPackageName) { if (!canUserFingerPrint(opPackageName)) { return false; } return mHalDeviceId != 0; // TODO } Loading @@ -580,21 +599,27 @@ public class FingerprintService extends SystemService { @Override // Binder call public List<Fingerprint> getEnrolledFingerprints(int groupId) { checkPermission(USE_FINGERPRINT); public List<Fingerprint> getEnrolledFingerprints(int groupId, String opPackageName) { if (!canUserFingerPrint(opPackageName)) { return Collections.emptyList(); } return FingerprintService.this.getEnrolledFingerprints(groupId); } @Override // Binder call public boolean hasEnrolledFingerprints(int groupId) { checkPermission(USE_FINGERPRINT); public boolean hasEnrolledFingerprints(int groupId, String opPackageName) { if (!canUserFingerPrint(opPackageName)) { return false; } return FingerprintService.this.hasEnrolledFingerprints(groupId); } @Override public long getAuthenticatorId() { checkPermission(USE_FINGERPRINT); public long getAuthenticatorId(String opPackageName) { if (!canUserFingerPrint(opPackageName)) { return 0; } return nativeGetAuthenticatorId(); } } Loading
