Merge "Move from native FingerprintService implementation to fingerprintd" into mnc-dev (62de207f) · Commits · e / os / android_system_core

fingerprintd/Android.mk

0 → 100644

+33 −0

Original line number	Diff line number	Diff line
		#
		# Copyright (C) 2015 The Android Open Source Project
		#
		# Licensed under the Apache License, Version 2.0 (the "License");
		# you may not use this file except in compliance with the License.
		# You may obtain a copy of the License at
		#
		# http://www.apache.org/licenses/LICENSE-2.0
		#
		# Unless required by applicable law or agreed to in writing, software
		# distributed under the License is distributed on an "AS IS" BASIS,
		# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		# See the License for the specific language governing permissions and
		# limitations under the License.
		#

		LOCAL_PATH := $(call my-dir)

		include $(CLEAR_VARS)
		LOCAL_CFLAGS := -Wall -Wextra -Werror -Wunused
		LOCAL_SRC_FILES := \
		FingerprintDaemonProxy.cpp \
		IFingerprintDaemon.cpp \
		IFingerprintDaemonCallback.cpp \
		fingerprintd.cpp
		LOCAL_MODULE := fingerprintd
		LOCAL_SHARED_LIBRARIES := \
		libbinder \
		liblog \
		libhardware \
		libutils \
		libkeystore_binder
		include $(BUILD_EXECUTABLE)

fingerprintd/FingerprintDaemonProxy.cpp

0 → 100644

+238 −0

Original line number	Diff line number	Diff line
		/*
		* Copyright (C) 2015 The Android Open Source Project
		*
		* Licensed under the Apache License, Version 2.0 (the "License");
		* you may not use this file except in compliance with the License.
		* You may obtain a copy of the License at
		*
		* http://www.apache.org/licenses/LICENSE-2.0
		*
		* Unless required by applicable law or agreed to in writing, software
		* distributed under the License is distributed on an "AS IS" BASIS,
		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		* See the License for the specific language governing permissions and
		* limitations under the License.
		*/

		#define LOG_TAG "fingerprintd"

		#include <binder/IServiceManager.h>
		#include <hardware/hardware.h>
		#include <hardware/fingerprint.h>
		#include <hardware/hw_auth_token.h>
		#include <keystore/IKeystoreService.h>
		#include <keystore/keystore.h> // for error codes
		#include <utils/Log.h>

		#include "FingerprintDaemonProxy.h"

		namespace android {

		FingerprintDaemonProxy* FingerprintDaemonProxy::sInstance = NULL;

		// Supported fingerprint HAL version
		static const uint16_t kVersion = HARDWARE_MODULE_API_VERSION(2, 0);

		FingerprintDaemonProxy::FingerprintDaemonProxy() : mModule(NULL), mDevice(NULL), mCallback(NULL) {

		}

		FingerprintDaemonProxy::~FingerprintDaemonProxy() {
		closeHal();
		}

		void FingerprintDaemonProxy::hal_notify_callback(fingerprint_msg_t msg) {
		FingerprintDaemonProxy* instance = FingerprintDaemonProxy::getInstance();
		const sp<IFingerprintDaemonCallback> callback = instance->mCallback;
		if (callback == NULL) {
		ALOGE("Invalid callback object");
		return;
		}
		const int64_t device = (int64_t) instance->mDevice;
		switch (msg.type) {
		case FINGERPRINT_ERROR:
		ALOGD("onError(%d)", msg.data.error);
		callback->onError(device, msg.data.error);
		break;
		case FINGERPRINT_ACQUIRED:
		ALOGD("onAcquired(%d)", msg.data.acquired.acquired_info);
		callback->onAcquired(device, msg.data.acquired.acquired_info);
		break;
		case FINGERPRINT_AUTHENTICATED:
		ALOGD("onAuthenticated(fid=%d, gid=%d)",
		msg.data.authenticated.finger.fid,
		msg.data.authenticated.finger.gid);
		if (msg.data.authenticated.finger.fid != 0) {
		uint8_t* hat = reinterpret_cast<uint8_t *>(&msg.data.authenticated.hat);
		instance->notifyKeystore(hat, sizeof(msg.data.authenticated.hat));
		}
		callback->onAuthenticated(device,
		msg.data.authenticated.finger.fid,
		msg.data.authenticated.finger.gid);
		break;
		case FINGERPRINT_TEMPLATE_ENROLLING:
		ALOGD("onEnrollResult(fid=%d, gid=%d, rem=%d)",
		msg.data.enroll.finger.fid,
		msg.data.enroll.finger.gid,
		msg.data.enroll.samples_remaining);
		callback->onEnrollResult(device,
		msg.data.enroll.finger.fid,
		msg.data.enroll.finger.gid,
		msg.data.enroll.samples_remaining);
		break;
		case FINGERPRINT_TEMPLATE_REMOVED:
		ALOGD("onRemove(fid=%d, gid=%d)",
		msg.data.removed.finger.fid,
		msg.data.removed.finger.gid);
		callback->onRemoved(device,
		msg.data.removed.finger.fid,
		msg.data.removed.finger.gid);
		break;
		default:
		ALOGE("invalid msg: %d", msg.type);
		return;
		}
		}

		void FingerprintDaemonProxy::notifyKeystore(uint8_t *auth_token, size_t auth_token_length) {
		if (auth_token != NULL && auth_token_length > 0) {
		// TODO: cache service?
		sp < IServiceManager > sm = defaultServiceManager();
		sp < IBinder > binder = sm->getService(String16("android.security.keystore"));
		sp < IKeystoreService > service = interface_cast < IKeystoreService > (binder);
		if (service != NULL) {
		status_t ret = service->addAuthToken(auth_token, auth_token_length);
		if (ret != ResponseCode::NO_ERROR) {
		ALOGE("Falure sending auth token to KeyStore: %d", ret);
		}
		} else {
		ALOGE("Unable to communicate with KeyStore");
		}
		}
		}

		void FingerprintDaemonProxy::init(const sp<IFingerprintDaemonCallback>& callback) {
		if (mCallback != NULL && IInterface::asBinder(callback) != IInterface::asBinder(mCallback)) {
		IInterface::asBinder(mCallback)->unlinkToDeath(this);
		}
		IInterface::asBinder(callback)->linkToDeath(this);
		mCallback = callback;
		}

		int32_t FingerprintDaemonProxy::enroll(const uint8_t* token, ssize_t tokenSize, int32_t groupId,
		int32_t timeout) {
		ALOG(LOG_VERBOSE, LOG_TAG, "enroll(gid=%d, timeout=%d)\n", groupId, timeout);
		if (tokenSize != sizeof(hw_auth_token_t) ) {
		ALOG(LOG_VERBOSE, LOG_TAG, "enroll() : invalid token size %d\n", tokenSize);
		return -1;
		}
		const hw_auth_token_t* authToken = reinterpret_cast<const hw_auth_token_t*>(token);
		return mDevice->enroll(mDevice, authToken, groupId, timeout);
		}

		uint64_t FingerprintDaemonProxy::preEnroll() {
		return mDevice->pre_enroll(mDevice);
		}

		int32_t FingerprintDaemonProxy::stopEnrollment() {
		ALOG(LOG_VERBOSE, LOG_TAG, "stopEnrollment()\n");
		return mDevice->cancel(mDevice);
		}

		int32_t FingerprintDaemonProxy::authenticate(uint64_t sessionId, uint32_t groupId) {
		ALOG(LOG_VERBOSE, LOG_TAG, "authenticate(sid=%" PRId64 ", gid=%d)\n", sessionId, groupId);
		return mDevice->authenticate(mDevice, sessionId, groupId);
		}

		int32_t FingerprintDaemonProxy::stopAuthentication() {
		ALOG(LOG_VERBOSE, LOG_TAG, "stopAuthentication()\n");
		return mDevice->cancel(mDevice);
		}

		int32_t FingerprintDaemonProxy::remove(int32_t fingerId, int32_t groupId) {
		ALOG(LOG_VERBOSE, LOG_TAG, "remove(fid=%d, gid=%d)\n", fingerId, groupId);
		fingerprint_finger_id_t finger;
		finger.fid = fingerId;
		finger.gid = groupId;
		return mDevice->remove(mDevice, finger);
		}

		uint64_t FingerprintDaemonProxy::getAuthenticatorId() {
		return mDevice->get_authenticator_id(mDevice);
		}

		int32_t FingerprintDaemonProxy::setActiveGroup(int32_t groupId, const uint8_t* path,
		ssize_t pathlen) {
		if (pathlen >= PATH_MAX) {
		ALOGE("Path name is too long\n");
		return -1;
		}
		// Convert to null-terminated string
		char path_name[PATH_MAX];
		memcpy(path_name, path, pathlen);
		path_name[pathlen] = '\0';
		ALOG(LOG_VERBOSE, LOG_TAG, "setActiveGroup(%d, %s, %d)", groupId, path_name, pathlen);
		return mDevice->set_active_group(mDevice, groupId, path_name);
		return -1;
		}

		int64_t FingerprintDaemonProxy::openHal() {
		ALOG(LOG_VERBOSE, LOG_TAG, "nativeOpenHal()\n");
		int err;
		const hw_module_t *hw_module = NULL;
		if (0 != (err = hw_get_module(FINGERPRINT_HARDWARE_MODULE_ID, &hw_module))) {
		ALOGE("Can't open fingerprint HW Module, error: %d", err);
		return 0;
		}
		if (NULL == hw_module) {
		ALOGE("No valid fingerprint module");
		return 0;
		}

		mModule = reinterpret_cast<const fingerprint_module_t*>(hw_module);

		if (mModule->common.methods->open == NULL) {
		ALOGE("No valid open method");
		return 0;
		}

		hw_device_t *device = NULL;

		if (0 != (err = mModule->common.methods->open(hw_module, NULL, &device))) {
		ALOGE("Can't open fingerprint methods, error: %d", err);
		return 0;
		}

		if (kVersion != device->version) {
		ALOGE("Wrong fp version. Expected %d, got %d", kVersion, device->version);
		// return 0; // FIXME
		}

		mDevice = reinterpret_cast<fingerprint_device_t*>(device);
		err = mDevice->set_notify(mDevice, hal_notify_callback);
		if (err < 0) {
		ALOGE("Failed in call to set_notify(), err=%d", err);
		return 0;
		}

		// Sanity check - remove
		if (mDevice->notify != hal_notify_callback) {
		ALOGE("NOTIFY not set properly: %p != %p", mDevice->notify, hal_notify_callback);
		}

		ALOG(LOG_VERBOSE, LOG_TAG, "fingerprint HAL successfully initialized");
		return reinterpret_cast<int64_t>(mDevice); // This is just a handle
		}

		int32_t FingerprintDaemonProxy::closeHal() {
		return -ENOSYS; // TODO
		}

		void FingerprintDaemonProxy::binderDied(const wp<IBinder>& who) {
		ALOGD("binder died");
		if (IInterface::asBinder(mCallback) == who) {
		mCallback = NULL;
		}
		}

		}

fingerprintd/FingerprintDaemonProxy.h

0 → 100644

+62 −0

Original line number	Diff line number	Diff line
		/*
		* Copyright (C) 2015 The Android Open Source Project
		*
		* Licensed under the Apache License, Version 2.0 (the "License");
		* you may not use this file except in compliance with the License.
		* You may obtain a copy of the License at
		*
		* http://www.apache.org/licenses/LICENSE-2.0
		*
		* Unless required by applicable law or agreed to in writing, software
		* distributed under the License is distributed on an "AS IS" BASIS,
		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		* See the License for the specific language governing permissions and
		* limitations under the License.
		*/

		#ifndef FINGERPRINT_DAEMON_PROXY_H_
		#define FINGERPRINT_DAEMON_PROXY_H_

		#include "IFingerprintDaemon.h"
		#include "IFingerprintDaemonCallback.h"

		namespace android {

		class FingerprintDaemonProxy : public BnFingerprintDaemon {
		public:
		static FingerprintDaemonProxy* getInstance() {
		if (sInstance == NULL) {
		sInstance = new FingerprintDaemonProxy();
		}
		return sInstance;
		}

		// These reflect binder methods.
		virtual void init(const sp<IFingerprintDaemonCallback>& callback);
		virtual int32_t enroll(const uint8_t* token, ssize_t tokenLength, int32_t groupId, int32_t timeout);
		virtual uint64_t preEnroll();
		virtual int32_t stopEnrollment();
		virtual int32_t authenticate(uint64_t sessionId, uint32_t groupId);
		virtual int32_t stopAuthentication();
		virtual int32_t remove(int32_t fingerId, int32_t groupId);
		virtual uint64_t getAuthenticatorId();
		virtual int32_t setActiveGroup(int32_t groupId, const uint8_t* path, ssize_t pathLen);
		virtual int64_t openHal();
		virtual int32_t closeHal();

		private:
		FingerprintDaemonProxy();
		virtual ~FingerprintDaemonProxy();
		void binderDied(const wp<IBinder>& who);
		void notifyKeystore(uint8_t *auth_token, size_t auth_token_length);
		static void hal_notify_callback(fingerprint_msg_t msg);

		static FingerprintDaemonProxy* sInstance;
		fingerprint_module_t const* mModule;
		fingerprint_device_t* mDevice;
		sp<IFingerprintDaemonCallback> mCallback;
		};

		} // namespace android

		#endif // FINGERPRINT_DAEMON_PROXY_H_

fingerprintd/IFingerprintDaemon.cpp

0 → 100644

+186 −0

Original line number	Diff line number	Diff line
		/*
		* Copyright 2015, The Android Open Source Project
		*
		* Licensed under the Apache License, Version 2.0 (the "License");
		* you may not use this file except in compliance with the License.
		* You may obtain a copy of the License at
		*
		* http://www.apache.org/licenses/LICENSE-2.0
		*
		* Unless required by applicable law or agreed to in writing, software
		* distributed under the License is distributed on an "AS IS" BASIS,
		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		* See the License for the specific language governing permissions and
		* limitations under the License.
		*/

		#include <inttypes.h>

		#include <android_runtime/AndroidRuntime.h>
		#include <binder/IPCThreadState.h>
		#include <binder/IServiceManager.h>
		#include <binder/PermissionCache.h>
		#include <utils/String16.h>
		#include <utils/Looper.h>
		#include <keystore/IKeystoreService.h>
		#include <keystore/keystore.h> // for error code
		#include <hardware/hardware.h>
		#include <hardware/fingerprint.h>
		#include <hardware/hw_auth_token.h>
		#include "IFingerprintDaemon.h"
		#include "IFingerprintDaemonCallback.h"

		namespace android {

		static const String16 USE_FINGERPRINT_PERMISSION("android.permission.USE_FINGERPRINT");
		static const String16 MANAGE_FINGERPRINT_PERMISSION("android.permission.MANAGE_FINGERPRINT");
		static const String16 HAL_FINGERPRINT_PERMISSION("android.permission.MANAGE_FINGERPRINT"); // TODO
		static const String16 DUMP_PERMISSION("android.permission.DUMP");

		const android::String16
		IFingerprintDaemon::descriptor("android.hardware.fingerprint.IFingerprintDaemon");

		const android::String16&
		IFingerprintDaemon::getInterfaceDescriptor() const {
		return IFingerprintDaemon::descriptor;
		}

		status_t BnFingerprintDaemon::onTransact(uint32_t code, const Parcel& data, Parcel* reply,
		uint32_t flags) {
		switch(code) {
		case AUTHENTICATE: {
		CHECK_INTERFACE(IFingerprintDaemon, data, reply);
		if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
		return PERMISSION_DENIED;
		}
		const uint64_t sessionId = data.readInt64();
		const uint32_t groupId = data.readInt32();
		const int32_t ret = authenticate(sessionId, groupId);
		reply->writeNoException();
		reply->writeInt32(ret);
		return NO_ERROR;
		};
		case CANCEL_AUTHENTICATION: {
		CHECK_INTERFACE(IFingerprintDaemon, data, reply);
		if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
		return PERMISSION_DENIED;
		}
		const int32_t ret = stopAuthentication();
		reply->writeNoException();
		reply->writeInt32(ret);
		return NO_ERROR;
		}
		case ENROLL: {
		CHECK_INTERFACE(IFingerprintDaemon, data, reply);
		if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
		return PERMISSION_DENIED;
		}
		const ssize_t tokenSize = data.readInt32();
		const uint8_t* token = static_cast<const uint8_t *>(data.readInplace(tokenSize));
		const int32_t groupId = data.readInt32();
		const int32_t timeout = data.readInt32();
		const int32_t ret = enroll(token, tokenSize, groupId, timeout);
		reply->writeNoException();
		reply->writeInt32(ret);
		return NO_ERROR;
		}
		case CANCEL_ENROLLMENT: {
		CHECK_INTERFACE(IFingerprintDaemon, data, reply);
		if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
		return PERMISSION_DENIED;
		}
		const int32_t ret = stopEnrollment();
		reply->writeNoException();
		reply->writeInt32(ret);
		return NO_ERROR;
		}
		case PRE_ENROLL: {
		CHECK_INTERFACE(IFingerprintDaemon, data, reply);
		if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
		return PERMISSION_DENIED;
		}
		const uint64_t ret = preEnroll();
		reply->writeNoException();
		reply->writeInt64(ret);
		return NO_ERROR;
		}
		case REMOVE: {
		CHECK_INTERFACE(IFingerprintDaemon, data, reply);
		if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
		return PERMISSION_DENIED;
		}
		const int32_t fingerId = data.readInt32();
		const int32_t groupId = data.readInt32();
		const int32_t ret = remove(fingerId, groupId);
		reply->writeNoException();
		reply->writeInt32(ret);
		return NO_ERROR;
		}
		case GET_AUTHENTICATOR_ID: {
		CHECK_INTERFACE(IFingerprintDaemon, data, reply);
		if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
		return PERMISSION_DENIED;
		}
		const uint64_t ret = getAuthenticatorId();
		reply->writeNoException();
		reply->writeInt64(ret);
		return NO_ERROR;
		}
		case SET_ACTIVE_GROUP: {
		CHECK_INTERFACE(IFingerprintDaemon, data, reply);
		if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
		return PERMISSION_DENIED;
		}
		const int32_t group = data.readInt32();
		const ssize_t pathSize = data.readInt32();
		const uint8_t* path = static_cast<const uint8_t *>(data.readInplace(pathSize));
		const int32_t ret = setActiveGroup(group, path, pathSize);
		reply->writeNoException();
		reply->writeInt32(ret);
		return NO_ERROR;
		}
		case OPEN_HAL: {
		CHECK_INTERFACE(IFingerprintDaemon, data, reply);
		if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
		return PERMISSION_DENIED;
		}
		const int64_t ret = openHal();
		reply->writeNoException();
		reply->writeInt64(ret);
		return NO_ERROR;
		}
		case CLOSE_HAL: {
		CHECK_INTERFACE(IFingerprintDaemon, data, reply);
		if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
		return PERMISSION_DENIED;
		}
		const int32_t ret = closeHal();
		reply->writeNoException();
		reply->writeInt32(ret);
		return NO_ERROR;
		}
		case INIT: {
		CHECK_INTERFACE(IFingerprintDaemon, data, reply);
		if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
		return PERMISSION_DENIED;
		}
		sp<IFingerprintDaemonCallback> callback =
		interface_cast<IFingerprintDaemonCallback>(data.readStrongBinder());
		init(callback);
		reply->writeNoException();
		return NO_ERROR;
		}
		default:
		return BBinder::onTransact(code, data, reply, flags);
		}
		};

		bool BnFingerprintDaemon::checkPermission(const String16& permission) {
		const IPCThreadState* ipc = IPCThreadState::self();
		const int calling_pid = ipc->getCallingPid();
		const int calling_uid = ipc->getCallingUid();
		return PermissionCache::checkPermission(permission, calling_pid, calling_uid);
		}


		}; // namespace android

fingerprintd/IFingerprintDaemon.h

0 → 100644

+84 −0

Original line number	Diff line number	Diff line
		/*
		* Copyright (C) 2015 The Android Open Source Project
		*
		* Licensed under the Apache License, Version 2.0 (the "License");
		* you may not use this file except in compliance with the License.
		* You may obtain a copy of the License at
		*
		* http://www.apache.org/licenses/LICENSE-2.0
		*
		* Unless required by applicable law or agreed to in writing, software
		* distributed under the License is distributed on an "AS IS" BASIS,
		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		* See the License for the specific language governing permissions and
		* limitations under the License.
		*/

		#ifndef IFINGERPRINT_DAEMON_H_
		#define IFINGERPRINT_DAEMON_H_

		#include <binder/IInterface.h>
		#include <binder/Parcel.h>

		namespace android {

		class IFingerprintDaemonCallback;

		/*
		* Abstract base class for native implementation of FingerprintService.
		*
		* Note: This must be kept manually in sync with IFingerprintDaemon.aidl
		*/
		class IFingerprintDaemon : public IInterface, public IBinder::DeathRecipient {
		public:
		enum {
		AUTHENTICATE = IBinder::FIRST_CALL_TRANSACTION + 0,
		CANCEL_AUTHENTICATION = IBinder::FIRST_CALL_TRANSACTION + 1,
		ENROLL = IBinder::FIRST_CALL_TRANSACTION + 2,
		CANCEL_ENROLLMENT = IBinder::FIRST_CALL_TRANSACTION + 3,
		PRE_ENROLL = IBinder::FIRST_CALL_TRANSACTION + 4,
		REMOVE = IBinder::FIRST_CALL_TRANSACTION + 5,
		GET_AUTHENTICATOR_ID = IBinder::FIRST_CALL_TRANSACTION + 6,
		SET_ACTIVE_GROUP = IBinder::FIRST_CALL_TRANSACTION + 7,
		OPEN_HAL = IBinder::FIRST_CALL_TRANSACTION + 8,
		CLOSE_HAL = IBinder::FIRST_CALL_TRANSACTION + 9,
		INIT = IBinder::FIRST_CALL_TRANSACTION + 10,
		};

		IFingerprintDaemon() { }
		virtual ~IFingerprintDaemon() { }
		virtual const android::String16& getInterfaceDescriptor() const;

		// Binder interface methods
		virtual void init(const sp<IFingerprintDaemonCallback>& callback) = 0;
		virtual int32_t enroll(const uint8_t* token, ssize_t tokenLength, int32_t groupId,
		int32_t timeout) = 0;
		virtual uint64_t preEnroll() = 0;
		virtual int32_t stopEnrollment() = 0;
		virtual int32_t authenticate(uint64_t sessionId, uint32_t groupId) = 0;
		virtual int32_t stopAuthentication() = 0;
		virtual int32_t remove(int32_t fingerId, int32_t groupId) = 0;
		virtual uint64_t getAuthenticatorId() = 0;
		virtual int32_t setActiveGroup(int32_t groupId, const uint8_t* path, ssize_t pathLen) = 0;
		virtual int64_t openHal() = 0;
		virtual int32_t closeHal() = 0;

		// DECLARE_META_INTERFACE - C++ client interface not needed
		static const android::String16 descriptor;
		static void hal_notify_callback(fingerprint_msg_t msg);
		};

		// ----------------------------------------------------------------------------

		class BnFingerprintDaemon: public BnInterface<IFingerprintDaemon> {
		public:
		virtual status_t onTransact(uint32_t code, const Parcel& data, Parcel* reply,
		uint32_t flags = 0);
		private:
		bool checkPermission(const String16& permission);
		};

		} // namespace android

		#endif // IFINGERPRINT_DAEMON_H_