Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit cb51b8b8 authored by Gilad Bretter's avatar Gilad Bretter Committed by Kevin Chyn
Browse files

4/n: Add face authentication framework 

This change is cherry-picked and rebased from AOSP
https://android-review.googlesource.com/c/platform/frameworks/base/+/660242



Add face recognition as an identification method, following fingerprint
design. Unlike fingerprint, only one face template can be enrolled per
user, and a vendor message is passed from the HAL all the way to the
client callback to allow GUI indication about the enrolled face
templates.

Add FaceAuthenticationManager and FaceService.
Add face authentication capability to TrustManager and Keyguard.
Modify TrustManager and KeyguardUpdateMonitorCallback fingerprint code
to support generic biometric method to eliminate duplications.
Add BiometricSourceType enum to keep track of the specific biometric
method.

Test: biometric authentication still works on the device

Fixes: 110385761

Change-Id: I5d04fe69a112c13d3ef7330b9c08c146e36c5335
Signed-off-by: default avatarGilad Bretter <gilad.bretter@intel.com>
parent 55a5b59a

Android.bp

+3 −0
Original line number Diff line number Diff line
@@ -152,6 +152,9 @@ java_library { 
        "core/java/android/hardware/display/IDisplayManagerCallback.aidl",

        "core/java/android/hardware/display/IVirtualDisplayCallback.aidl",

        "core/java/android/hardware/fingerprint/IFingerprintClientActiveCallback.aidl",

        "core/java/android/hardware/face/IFaceService.aidl",

        "core/java/android/hardware/face/IFaceServiceLockoutResetCallback.aidl",

        "core/java/android/hardware/face/IFaceServiceReceiver.aidl",

        "core/java/android/hardware/fingerprint/IFingerprintService.aidl",

        "core/java/android/hardware/fingerprint/IFingerprintServiceLockoutResetCallback.aidl",

        "core/java/android/hardware/fingerprint/IFingerprintServiceReceiver.aidl",

core/java/android/app/AppOpsManager.java

+16 −1
Original line number Diff line number Diff line
@@ -352,8 +352,10 @@ public class AppOpsManager { 
    public static final int OP_START_FOREGROUND = 76;

    /** @hide */

    public static final int OP_BLUETOOTH_SCAN = 77;

    /** @hide Use the face authentication API. */

    public static final int OP_USE_FACE = 78;

    /** @hide */

    public static final int _NUM_OP = 78;

    public static final int _NUM_OP = 79;



    /** Access to coarse location information. */

    public static final String OPSTR_COARSE_LOCATION = "android:coarse_location";
@@ -598,6 +600,11 @@ public class AppOpsManager { 
    /** @hide */

    public static final String OPSTR_BLUETOOTH_SCAN = "android:bluetooth_scan";



    /** @hide Use the face authentication API. */

    public static final String OPSTR_USE_FACE = "android:use_FACE";







    // Warning: If an permission is added here it also has to be added to

    // com.android.packageinstaller.permission.utils.EventLogger

    private static final int[] RUNTIME_AND_APPOP_PERMISSIONS_OPS = {
@@ -735,6 +742,7 @@ public class AppOpsManager { 
            OP_MANAGE_IPSEC_TUNNELS,            // MANAGE_IPSEC_HANDOVERS

            OP_START_FOREGROUND,                // START_FOREGROUND

            OP_COARSE_LOCATION,                 // BLUETOOTH_SCAN

            OP_USE_FACE,                        // FACE

    };



    /**
@@ -819,6 +827,7 @@ public class AppOpsManager { 
            OPSTR_MANAGE_IPSEC_TUNNELS,

            OPSTR_START_FOREGROUND,

            OPSTR_BLUETOOTH_SCAN,

            OPSTR_USE_FACE,

    };



    /**
@@ -904,6 +913,7 @@ public class AppOpsManager { 
            "MANAGE_IPSEC_TUNNELS",

            "START_FOREGROUND",

            "BLUETOOTH_SCAN",

            "USE_FACE",

    };



    /**
@@ -989,6 +999,7 @@ public class AppOpsManager { 
            null, // no permission for OP_MANAGE_IPSEC_TUNNELS

            Manifest.permission.FOREGROUND_SERVICE,

            null, // no permission for OP_BLUETOOTH_SCAN

            Manifest.permission.USE_BIOMETRIC,

    };



    /**
@@ -1075,6 +1086,7 @@ public class AppOpsManager { 
            null, // MANAGE_IPSEC_TUNNELS

            null, // START_FOREGROUND

            null, // maybe should be UserManager.DISALLOW_SHARE_LOCATION, //BLUETOOTH_SCAN

            null, // USE_FACE

    };



    /**
@@ -1160,6 +1172,7 @@ public class AppOpsManager { 
            false, // MANAGE_IPSEC_HANDOVERS

            false, // START_FOREGROUND

            true, // BLUETOOTH_SCAN

            false, // USE_FACE

    };



    /**
@@ -1244,6 +1257,7 @@ public class AppOpsManager { 
            AppOpsManager.MODE_ERRORED,  // MANAGE_IPSEC_TUNNELS

            AppOpsManager.MODE_ALLOWED,  // OP_START_FOREGROUND

            AppOpsManager.MODE_ALLOWED,  // OP_BLUETOOTH_SCAN

            AppOpsManager.MODE_ALLOWED,  // USE_FACE

    };



    /**
@@ -1332,6 +1346,7 @@ public class AppOpsManager { 
            false, // MANAGE_IPSEC_TUNNELS

            false, // START_FOREGROUND

            false, // BLUETOOTH_SCAN

            false, // USE_FACE

    };



    /**

core/java/android/app/SystemServiceRegistry.java

+18 −0
Original line number Diff line number Diff line
@@ -54,6 +54,8 @@ import android.hardware.SerialManager; 
import android.hardware.SystemSensorManager;

import android.hardware.camera2.CameraManager;

import android.hardware.display.DisplayManager;

import android.hardware.face.FaceManager;

import android.hardware.face.IFaceService;

import android.hardware.fingerprint.FingerprintManager;

import android.hardware.fingerprint.IFingerprintService;

import android.hardware.hdmi.HdmiControlManager;
@@ -791,6 +793,22 @@ final class SystemServiceRegistry { 
                return new FingerprintManager(ctx.getOuterContext(), service);

            }});



        registerService(Context.FACE_SERVICE, FaceManager.class,

                new CachedServiceFetcher<FaceManager>() {

                    @Override

                    public FaceManager createService(ContextImpl ctx)

                            throws ServiceNotFoundException {

                        final IBinder binder;

                        if (ctx.getApplicationInfo().targetSdkVersion >= Build.VERSION_CODES.O) {

                            binder = ServiceManager.getServiceOrThrow(Context.FACE_SERVICE);

                        } else {

                            binder = ServiceManager.getService(Context.FACE_SERVICE);

                        }

                        IFaceService service = IFaceService.Stub.asInterface(binder);

                        return new FaceManager(ctx.getOuterContext(), service);

                    }

                });



        registerService(Context.TV_INPUT_SERVICE, TvInputManager.class,

                new CachedServiceFetcher<TvInputManager>() {

            @Override

core/java/android/app/admin/DevicePolicyManager.java

+6 −7
Original line number Diff line number Diff line
@@ -3237,8 +3237,8 @@ public class DevicePolicyManager { 


    /**

     * Called by a device/profile owner to set the timeout after which unlocking with secondary, non

     * strong auth (e.g. fingerprint, trust agents) times out, i.e. the user has to use a strong

     * authentication method like password, pin or pattern.

     * strong auth (e.g. fingerprint, face, trust agents) times out, i.e. the user has to use a

     * strong authentication method like password, pin or pattern.

     *

     * <p>This timeout is used internally to reset the timer to require strong auth again after

     * specified timeout each time it has been successfully used.
@@ -3710,7 +3710,6 @@ public class DevicePolicyManager { 
            | DevicePolicyManager.KEYGUARD_DISABLE_IRIS

            | DevicePolicyManager.KEYGUARD_DISABLE_FINGERPRINT;





    /**

     * Disable all current and future keyguard customizations.

     */
@@ -4898,10 +4897,10 @@ public class DevicePolicyManager { 
    /**

     * @hide

     */

    public void reportFailedFingerprintAttempt(int userHandle) {

    public void reportFailedBiometricAttempt(int userHandle) {

        if (mService != null) {

            try {

                mService.reportFailedFingerprintAttempt(userHandle);

                mService.reportFailedBiometricAttempt(userHandle);

            } catch (RemoteException e) {

                throw e.rethrowFromSystemServer();

            }
@@ -4911,10 +4910,10 @@ public class DevicePolicyManager { 
    /**

     * @hide

     */

    public void reportSuccessfulFingerprintAttempt(int userHandle) {

    public void reportSuccessfulBiometricAttempt(int userHandle) {

        if (mService != null) {

            try {

                mService.reportSuccessfulFingerprintAttempt(userHandle);

                mService.reportSuccessfulBiometricAttempt(userHandle);

            } catch (RemoteException e) {

                throw e.rethrowFromSystemServer();

            }

core/java/android/app/admin/IDevicePolicyManager.aidl

+2 −2
Original line number Diff line number Diff line
@@ -132,8 +132,8 @@ interface IDevicePolicyManager { 
    void reportPasswordChanged(int userId);

    void reportFailedPasswordAttempt(int userHandle);

    void reportSuccessfulPasswordAttempt(int userHandle);

    void reportFailedFingerprintAttempt(int userHandle);

    void reportSuccessfulFingerprintAttempt(int userHandle);

    void reportFailedBiometricAttempt(int userHandle);

    void reportSuccessfulBiometricAttempt(int userHandle);

    void reportKeyguardDismissed(int userHandle);

    void reportKeyguardSecured(int userHandle);