| Alexander Martinz | 6b59526 | 2024-09-02 11:18:25 +0200 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2017 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| Alexander Martinz | 0b272c8 | 2024-09-02 11:21:59 +0200 | [diff] [blame^] | 16 | #define LOG_TAG "android.hardware.biometrics.fingerprint@2.1-service.otter" |
| 17 | #define LOG_VERBOSE "android.hardware.biometrics.fingerprint@2.1-service.otter" |
| Alexander Martinz | 6b59526 | 2024-09-02 11:18:25 +0200 | [diff] [blame] | 18 | |
| 19 | #include <hardware/hw_auth_token.h> |
| 20 | |
| 21 | #include <hardware/hardware.h> |
| 22 | #include <hardware/fingerprint.h> |
| 23 | #include "BiometricsFingerprint.h" |
| 24 | |
| 25 | #include <inttypes.h> |
| 26 | #include <unistd.h> |
| 27 | |
| 28 | namespace android { |
| 29 | namespace hardware { |
| 30 | namespace biometrics { |
| 31 | namespace fingerprint { |
| 32 | namespace V2_1 { |
| 33 | namespace implementation { |
| 34 | |
| 35 | // Supported fingerprint HAL version |
| 36 | static const uint16_t kVersion = HARDWARE_MODULE_API_VERSION(2, 1); |
| 37 | |
| 38 | using RequestStatus = |
| 39 | android::hardware::biometrics::fingerprint::V2_1::RequestStatus; |
| 40 | |
| 41 | BiometricsFingerprint *BiometricsFingerprint::sInstance = nullptr; |
| 42 | |
| 43 | BiometricsFingerprint::BiometricsFingerprint() : mClientCallback(nullptr), mDevice(nullptr) { |
| 44 | sInstance = this; // keep track of the most recent instance |
| 45 | mDevice = openHal(); |
| 46 | if (!mDevice) { |
| 47 | ALOGE("Can't open HAL module"); |
| 48 | } |
| 49 | } |
| 50 | |
| 51 | BiometricsFingerprint::~BiometricsFingerprint() { |
| 52 | ALOGV("~BiometricsFingerprint()"); |
| 53 | if (mDevice == nullptr) { |
| 54 | ALOGE("No valid device"); |
| 55 | return; |
| 56 | } |
| 57 | int err; |
| 58 | if (0 != (err = mDevice->common.close( |
| 59 | reinterpret_cast<hw_device_t*>(mDevice)))) { |
| 60 | ALOGE("Can't close fingerprint module, error: %d", err); |
| 61 | return; |
| 62 | } |
| 63 | mDevice = nullptr; |
| 64 | } |
| 65 | |
| 66 | Return<RequestStatus> BiometricsFingerprint::ErrorFilter(int32_t error) { |
| 67 | switch(error) { |
| 68 | case 0: return RequestStatus::SYS_OK; |
| 69 | case -2: return RequestStatus::SYS_ENOENT; |
| 70 | case -4: return RequestStatus::SYS_EINTR; |
| 71 | case -5: return RequestStatus::SYS_EIO; |
| 72 | case -11: return RequestStatus::SYS_EAGAIN; |
| 73 | case -12: return RequestStatus::SYS_ENOMEM; |
| 74 | case -13: return RequestStatus::SYS_EACCES; |
| 75 | case -14: return RequestStatus::SYS_EFAULT; |
| 76 | case -16: return RequestStatus::SYS_EBUSY; |
| 77 | case -22: return RequestStatus::SYS_EINVAL; |
| 78 | case -28: return RequestStatus::SYS_ENOSPC; |
| 79 | case -110: return RequestStatus::SYS_ETIMEDOUT; |
| 80 | default: |
| 81 | ALOGE("An unknown error returned from fingerprint vendor library: %d", error); |
| 82 | return RequestStatus::SYS_UNKNOWN; |
| 83 | } |
| 84 | } |
| 85 | |
| 86 | // Translate from errors returned by traditional HAL (see fingerprint.h) to |
| 87 | // HIDL-compliant FingerprintError. |
| 88 | FingerprintError BiometricsFingerprint::VendorErrorFilter(int32_t error, |
| 89 | int32_t* vendorCode) { |
| 90 | *vendorCode = 0; |
| 91 | switch(error) { |
| 92 | case FINGERPRINT_ERROR_HW_UNAVAILABLE: |
| 93 | return FingerprintError::ERROR_HW_UNAVAILABLE; |
| 94 | case FINGERPRINT_ERROR_UNABLE_TO_PROCESS: |
| 95 | return FingerprintError::ERROR_UNABLE_TO_PROCESS; |
| 96 | case FINGERPRINT_ERROR_TIMEOUT: |
| 97 | return FingerprintError::ERROR_TIMEOUT; |
| 98 | case FINGERPRINT_ERROR_NO_SPACE: |
| 99 | return FingerprintError::ERROR_NO_SPACE; |
| 100 | case FINGERPRINT_ERROR_CANCELED: |
| 101 | return FingerprintError::ERROR_CANCELED; |
| 102 | case FINGERPRINT_ERROR_UNABLE_TO_REMOVE: |
| 103 | return FingerprintError::ERROR_UNABLE_TO_REMOVE; |
| 104 | case FINGERPRINT_ERROR_LOCKOUT: |
| 105 | return FingerprintError::ERROR_LOCKOUT; |
| 106 | default: |
| 107 | if (error >= FINGERPRINT_ERROR_VENDOR_BASE) { |
| 108 | // vendor specific code. |
| 109 | *vendorCode = error - FINGERPRINT_ERROR_VENDOR_BASE; |
| 110 | return FingerprintError::ERROR_VENDOR; |
| 111 | } |
| 112 | } |
| 113 | ALOGE("Unknown error from fingerprint vendor library: %d", error); |
| 114 | return FingerprintError::ERROR_UNABLE_TO_PROCESS; |
| 115 | } |
| 116 | |
| 117 | // Translate acquired messages returned by traditional HAL (see fingerprint.h) |
| 118 | // to HIDL-compliant FingerprintAcquiredInfo. |
| 119 | FingerprintAcquiredInfo BiometricsFingerprint::VendorAcquiredFilter( |
| 120 | int32_t info, int32_t* vendorCode) { |
| 121 | *vendorCode = 0; |
| 122 | switch(info) { |
| 123 | case FINGERPRINT_ACQUIRED_GOOD: |
| 124 | return FingerprintAcquiredInfo::ACQUIRED_GOOD; |
| 125 | case FINGERPRINT_ACQUIRED_PARTIAL: |
| 126 | return FingerprintAcquiredInfo::ACQUIRED_PARTIAL; |
| 127 | case FINGERPRINT_ACQUIRED_INSUFFICIENT: |
| 128 | return FingerprintAcquiredInfo::ACQUIRED_INSUFFICIENT; |
| 129 | case FINGERPRINT_ACQUIRED_IMAGER_DIRTY: |
| 130 | return FingerprintAcquiredInfo::ACQUIRED_IMAGER_DIRTY; |
| 131 | case FINGERPRINT_ACQUIRED_TOO_SLOW: |
| 132 | return FingerprintAcquiredInfo::ACQUIRED_TOO_SLOW; |
| 133 | case FINGERPRINT_ACQUIRED_TOO_FAST: |
| 134 | return FingerprintAcquiredInfo::ACQUIRED_TOO_FAST; |
| 135 | default: |
| 136 | if (info >= FINGERPRINT_ACQUIRED_VENDOR_BASE) { |
| 137 | // vendor specific code. |
| 138 | *vendorCode = info - FINGERPRINT_ACQUIRED_VENDOR_BASE; |
| 139 | return FingerprintAcquiredInfo::ACQUIRED_VENDOR; |
| 140 | } |
| 141 | } |
| 142 | ALOGE("Unknown acquiredmsg from fingerprint vendor library: %d", info); |
| 143 | return FingerprintAcquiredInfo::ACQUIRED_INSUFFICIENT; |
| 144 | } |
| 145 | |
| 146 | Return<uint64_t> BiometricsFingerprint::setNotify( |
| 147 | const sp<IBiometricsFingerprintClientCallback>& clientCallback) { |
| 148 | std::lock_guard<std::mutex> lock(mClientCallbackMutex); |
| 149 | mClientCallback = clientCallback; |
| 150 | // This is here because HAL 2.1 doesn't have a way to propagate a |
| 151 | // unique token for its driver. Subsequent versions should send a unique |
| 152 | // token for each call to setNotify(). This is fine as long as there's only |
| 153 | // one fingerprint device on the platform. |
| 154 | return reinterpret_cast<uint64_t>(mDevice); |
| 155 | } |
| 156 | |
| 157 | Return<uint64_t> BiometricsFingerprint::preEnroll() { |
| 158 | return mDevice->pre_enroll(mDevice); |
| 159 | } |
| 160 | |
| 161 | Return<RequestStatus> BiometricsFingerprint::enroll(const hidl_array<uint8_t, 69>& hat, |
| 162 | uint32_t gid, uint32_t timeoutSec) { |
| 163 | const hw_auth_token_t* authToken = |
| 164 | reinterpret_cast<const hw_auth_token_t*>(hat.data()); |
| 165 | return ErrorFilter(mDevice->enroll(mDevice, authToken, gid, timeoutSec)); |
| 166 | } |
| 167 | |
| 168 | Return<RequestStatus> BiometricsFingerprint::postEnroll() { |
| 169 | return ErrorFilter(mDevice->post_enroll(mDevice)); |
| 170 | } |
| 171 | |
| 172 | Return<uint64_t> BiometricsFingerprint::getAuthenticatorId() { |
| 173 | return mDevice->get_authenticator_id(mDevice); |
| 174 | } |
| 175 | |
| 176 | Return<RequestStatus> BiometricsFingerprint::cancel() { |
| 177 | return ErrorFilter(mDevice->cancel(mDevice)); |
| 178 | } |
| 179 | |
| 180 | Return<RequestStatus> BiometricsFingerprint::enumerate() { |
| 181 | return ErrorFilter(mDevice->enumerate(mDevice)); |
| 182 | } |
| 183 | |
| 184 | Return<RequestStatus> BiometricsFingerprint::remove(uint32_t gid, uint32_t fid) { |
| 185 | return ErrorFilter(mDevice->remove(mDevice, gid, fid)); |
| 186 | } |
| 187 | |
| 188 | Return<RequestStatus> BiometricsFingerprint::setActiveGroup(uint32_t gid, |
| 189 | const hidl_string& storePath) { |
| 190 | if (storePath.size() >= PATH_MAX || storePath.size() <= 0) { |
| 191 | ALOGE("Bad path length: %zd", storePath.size()); |
| 192 | return RequestStatus::SYS_EINVAL; |
| 193 | } |
| 194 | if (access(storePath.c_str(), W_OK)) { |
| 195 | return RequestStatus::SYS_EINVAL; |
| 196 | } |
| 197 | |
| 198 | return ErrorFilter(mDevice->set_active_group(mDevice, gid, |
| 199 | storePath.c_str())); |
| 200 | } |
| 201 | |
| 202 | Return<RequestStatus> BiometricsFingerprint::authenticate(uint64_t operationId, |
| 203 | uint32_t gid) { |
| 204 | return ErrorFilter(mDevice->authenticate(mDevice, operationId, gid)); |
| 205 | } |
| 206 | |
| 207 | IBiometricsFingerprint* BiometricsFingerprint::getInstance() { |
| 208 | if (!sInstance) { |
| 209 | sInstance = new BiometricsFingerprint(); |
| 210 | } |
| 211 | return sInstance; |
| 212 | } |
| 213 | |
| 214 | fingerprint_device_t* BiometricsFingerprint::openHal() { |
| 215 | int err; |
| 216 | const hw_module_t *hw_mdl = nullptr; |
| 217 | ALOGD("Opening fingerprint hal library..."); |
| 218 | if (0 != (err = hw_get_module(FINGERPRINT_HARDWARE_MODULE_ID, &hw_mdl))) { |
| 219 | ALOGE("Can't open fingerprint HW Module, error: %d", err); |
| 220 | return nullptr; |
| 221 | } |
| 222 | |
| 223 | if (hw_mdl == nullptr) { |
| 224 | ALOGE("No valid fingerprint module"); |
| 225 | return nullptr; |
| 226 | } |
| 227 | |
| 228 | fingerprint_module_t const *module = |
| 229 | reinterpret_cast<const fingerprint_module_t*>(hw_mdl); |
| 230 | if (module->common.methods->open == nullptr) { |
| 231 | ALOGE("No valid open method"); |
| 232 | return nullptr; |
| 233 | } |
| 234 | |
| 235 | hw_device_t *device = nullptr; |
| 236 | |
| 237 | if (0 != (err = module->common.methods->open(hw_mdl, nullptr, &device))) { |
| 238 | ALOGE("Can't open fingerprint methods, error: %d", err); |
| 239 | return nullptr; |
| 240 | } |
| 241 | |
| 242 | if (kVersion != device->version) { |
| 243 | // enforce version on new devices because of HIDL@2.1 translation layer |
| 244 | ALOGE("Wrong fp version. Expected %d, got %d", kVersion, device->version); |
| 245 | return nullptr; |
| 246 | } |
| 247 | |
| 248 | fingerprint_device_t* fp_device = |
| 249 | reinterpret_cast<fingerprint_device_t*>(device); |
| 250 | |
| 251 | if (0 != (err = |
| 252 | fp_device->set_notify(fp_device, BiometricsFingerprint::notify))) { |
| 253 | ALOGE("Can't register fingerprint module callback, error: %d", err); |
| 254 | return nullptr; |
| 255 | } |
| 256 | |
| 257 | return fp_device; |
| 258 | } |
| 259 | |
| 260 | void BiometricsFingerprint::notify(const fingerprint_msg_t *msg) { |
| 261 | BiometricsFingerprint* thisPtr = static_cast<BiometricsFingerprint*>( |
| 262 | BiometricsFingerprint::getInstance()); |
| 263 | std::lock_guard<std::mutex> lock(thisPtr->mClientCallbackMutex); |
| 264 | if (thisPtr == nullptr || thisPtr->mClientCallback == nullptr) { |
| 265 | ALOGE("Receiving callbacks before the client callback is registered."); |
| 266 | return; |
| 267 | } |
| 268 | const uint64_t devId = reinterpret_cast<uint64_t>(thisPtr->mDevice); |
| 269 | switch (msg->type) { |
| 270 | case FINGERPRINT_ERROR: { |
| 271 | int32_t vendorCode = 0; |
| 272 | FingerprintError result = VendorErrorFilter(msg->data.error, &vendorCode); |
| 273 | ALOGD("onError(%d)", result); |
| 274 | if (!thisPtr->mClientCallback->onError(devId, result, vendorCode).isOk()) { |
| 275 | ALOGE("failed to invoke fingerprint onError callback"); |
| 276 | } |
| 277 | } |
| 278 | break; |
| 279 | case FINGERPRINT_ACQUIRED: { |
| 280 | int32_t vendorCode = 0; |
| 281 | FingerprintAcquiredInfo result = |
| 282 | VendorAcquiredFilter(msg->data.acquired.acquired_info, &vendorCode); |
| 283 | ALOGD("onAcquired(%d)", result); |
| 284 | if (!thisPtr->mClientCallback->onAcquired(devId, result, vendorCode).isOk()) { |
| 285 | ALOGE("failed to invoke fingerprint onAcquired callback"); |
| 286 | } |
| 287 | } |
| 288 | break; |
| 289 | case FINGERPRINT_TEMPLATE_ENROLLING: |
| 290 | ALOGD("onEnrollResult(fid=%d, gid=%d, rem=%d)", |
| 291 | msg->data.enroll.finger.fid, |
| 292 | msg->data.enroll.finger.gid, |
| 293 | msg->data.enroll.samples_remaining); |
| 294 | if (!thisPtr->mClientCallback->onEnrollResult(devId, |
| 295 | msg->data.enroll.finger.fid, |
| 296 | msg->data.enroll.finger.gid, |
| 297 | msg->data.enroll.samples_remaining).isOk()) { |
| 298 | ALOGE("failed to invoke fingerprint onEnrollResult callback"); |
| 299 | } |
| 300 | break; |
| 301 | case FINGERPRINT_TEMPLATE_REMOVED: |
| 302 | ALOGD("onRemove(fid=%d, gid=%d, rem=%d)", |
| 303 | msg->data.removed.finger.fid, |
| 304 | msg->data.removed.finger.gid, |
| 305 | msg->data.removed.remaining_templates); |
| 306 | if (!thisPtr->mClientCallback->onRemoved(devId, |
| 307 | msg->data.removed.finger.fid, |
| 308 | msg->data.removed.finger.gid, |
| 309 | msg->data.removed.remaining_templates).isOk()) { |
| 310 | ALOGE("failed to invoke fingerprint onRemoved callback"); |
| 311 | } |
| 312 | break; |
| 313 | case FINGERPRINT_AUTHENTICATED: |
| 314 | if (msg->data.authenticated.finger.fid != 0) { |
| 315 | ALOGD("onAuthenticated(fid=%d, gid=%d)", |
| 316 | msg->data.authenticated.finger.fid, |
| 317 | msg->data.authenticated.finger.gid); |
| 318 | const uint8_t* hat = |
| 319 | reinterpret_cast<const uint8_t *>(&msg->data.authenticated.hat); |
| 320 | const hidl_vec<uint8_t> token( |
| 321 | std::vector<uint8_t>(hat, hat + sizeof(msg->data.authenticated.hat))); |
| 322 | if (!thisPtr->mClientCallback->onAuthenticated(devId, |
| 323 | msg->data.authenticated.finger.fid, |
| 324 | msg->data.authenticated.finger.gid, |
| 325 | token).isOk()) { |
| 326 | ALOGE("failed to invoke fingerprint onAuthenticated callback"); |
| 327 | } |
| 328 | } else { |
| 329 | // Not a recognized fingerprint |
| 330 | if (!thisPtr->mClientCallback->onAuthenticated(devId, |
| 331 | msg->data.authenticated.finger.fid, |
| 332 | msg->data.authenticated.finger.gid, |
| 333 | hidl_vec<uint8_t>()).isOk()) { |
| 334 | ALOGE("failed to invoke fingerprint onAuthenticated callback"); |
| 335 | } |
| 336 | } |
| 337 | break; |
| 338 | case FINGERPRINT_TEMPLATE_ENUMERATING: |
| 339 | ALOGD("onEnumerate(fid=%d, gid=%d, rem=%d)", |
| 340 | msg->data.enumerated.finger.fid, |
| 341 | msg->data.enumerated.finger.gid, |
| 342 | msg->data.enumerated.remaining_templates); |
| 343 | if (!thisPtr->mClientCallback->onEnumerate(devId, |
| 344 | msg->data.enumerated.finger.fid, |
| 345 | msg->data.enumerated.finger.gid, |
| 346 | msg->data.enumerated.remaining_templates).isOk()) { |
| 347 | ALOGE("failed to invoke fingerprint onEnumerate callback"); |
| 348 | } |
| 349 | break; |
| 350 | } |
| 351 | } |
| 352 | |
| 353 | } // namespace implementation |
| 354 | } // namespace V2_1 |
| 355 | } // namespace fingerprint |
| 356 | } // namespace biometrics |
| 357 | } // namespace hardware |
| 358 | } // namespace android |