1 /*
2 * Copyright (C) 2017 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16 #define LOG_TAG "android.hardware.biometrics.fingerprint@2.1-service"
17 #define LOG_VERBOSE "android.hardware.biometrics.fingerprint@2.1-service"
18
19 #include <hardware/hw_auth_token.h>
20
21 #include <hardware/hardware.h>
22 #include <hardware/fingerprint.h>
23 #include "BiometricsFingerprint.h"
24
25 #include <inttypes.h>
26 #include <unistd.h>
27
28 namespace android {
29 namespace hardware {
30 namespace biometrics {
31 namespace fingerprint {
32 namespace V2_1 {
33 namespace implementation {
34
35 // Supported fingerprint HAL version
36 static const uint16_t kVersion = HARDWARE_MODULE_API_VERSION(2, 1);
37
38 using RequestStatus =
39 android::hardware::biometrics::fingerprint::V2_1::RequestStatus;
40
41 BiometricsFingerprint *BiometricsFingerprint::sInstance = nullptr;
42
BiometricsFingerprint()43 BiometricsFingerprint::BiometricsFingerprint() : mClientCallback(nullptr), mDevice(nullptr) {
44 sInstance = this; // keep track of the most recent instance
45 mDevice = openHal();
46 if (!mDevice) {
47 ALOGE("Can't open HAL module");
48 }
49 }
50
~BiometricsFingerprint()51 BiometricsFingerprint::~BiometricsFingerprint() {
52 ALOGV("~BiometricsFingerprint()");
53 if (mDevice == nullptr) {
54 ALOGE("No valid device");
55 return;
56 }
57 int err;
58 if (0 != (err = mDevice->common.close(
59 reinterpret_cast<hw_device_t*>(mDevice)))) {
60 ALOGE("Can't close fingerprint module, error: %d", err);
61 return;
62 }
63 mDevice = nullptr;
64 }
65
ErrorFilter(int32_t error)66 Return<RequestStatus> BiometricsFingerprint::ErrorFilter(int32_t error) {
67 switch(error) {
68 case 0: return RequestStatus::SYS_OK;
69 case -2: return RequestStatus::SYS_ENOENT;
70 case -4: return RequestStatus::SYS_EINTR;
71 case -5: return RequestStatus::SYS_EIO;
72 case -11: return RequestStatus::SYS_EAGAIN;
73 case -12: return RequestStatus::SYS_ENOMEM;
74 case -13: return RequestStatus::SYS_EACCES;
75 case -14: return RequestStatus::SYS_EFAULT;
76 case -16: return RequestStatus::SYS_EBUSY;
77 case -22: return RequestStatus::SYS_EINVAL;
78 case -28: return RequestStatus::SYS_ENOSPC;
79 case -110: return RequestStatus::SYS_ETIMEDOUT;
80 default:
81 ALOGE("An unknown error returned from fingerprint vendor library: %d", error);
82 return RequestStatus::SYS_UNKNOWN;
83 }
84 }
85
86 // Translate from errors returned by traditional HAL (see fingerprint.h) to
87 // HIDL-compliant FingerprintError.
VendorErrorFilter(int32_t error,int32_t * vendorCode)88 FingerprintError BiometricsFingerprint::VendorErrorFilter(int32_t error,
89 int32_t* vendorCode) {
90 *vendorCode = 0;
91 switch(error) {
92 case FINGERPRINT_ERROR_HW_UNAVAILABLE:
93 return FingerprintError::ERROR_HW_UNAVAILABLE;
94 case FINGERPRINT_ERROR_UNABLE_TO_PROCESS:
95 return FingerprintError::ERROR_UNABLE_TO_PROCESS;
96 case FINGERPRINT_ERROR_TIMEOUT:
97 return FingerprintError::ERROR_TIMEOUT;
98 case FINGERPRINT_ERROR_NO_SPACE:
99 return FingerprintError::ERROR_NO_SPACE;
100 case FINGERPRINT_ERROR_CANCELED:
101 return FingerprintError::ERROR_CANCELED;
102 case FINGERPRINT_ERROR_UNABLE_TO_REMOVE:
103 return FingerprintError::ERROR_UNABLE_TO_REMOVE;
104 case FINGERPRINT_ERROR_LOCKOUT:
105 return FingerprintError::ERROR_LOCKOUT;
106 default:
107 if (error >= FINGERPRINT_ERROR_VENDOR_BASE) {
108 // vendor specific code.
109 *vendorCode = error - FINGERPRINT_ERROR_VENDOR_BASE;
110 return FingerprintError::ERROR_VENDOR;
111 }
112 }
113 ALOGE("Unknown error from fingerprint vendor library: %d", error);
114 return FingerprintError::ERROR_UNABLE_TO_PROCESS;
115 }
116
117 // Translate acquired messages returned by traditional HAL (see fingerprint.h)
118 // to HIDL-compliant FingerprintAcquiredInfo.
VendorAcquiredFilter(int32_t info,int32_t * vendorCode)119 FingerprintAcquiredInfo BiometricsFingerprint::VendorAcquiredFilter(
120 int32_t info, int32_t* vendorCode) {
121 *vendorCode = 0;
122 switch(info) {
123 case FINGERPRINT_ACQUIRED_GOOD:
124 return FingerprintAcquiredInfo::ACQUIRED_GOOD;
125 case FINGERPRINT_ACQUIRED_PARTIAL:
126 return FingerprintAcquiredInfo::ACQUIRED_PARTIAL;
127 case FINGERPRINT_ACQUIRED_INSUFFICIENT:
128 return FingerprintAcquiredInfo::ACQUIRED_INSUFFICIENT;
129 case FINGERPRINT_ACQUIRED_IMAGER_DIRTY:
130 return FingerprintAcquiredInfo::ACQUIRED_IMAGER_DIRTY;
131 case FINGERPRINT_ACQUIRED_TOO_SLOW:
132 return FingerprintAcquiredInfo::ACQUIRED_TOO_SLOW;
133 case FINGERPRINT_ACQUIRED_TOO_FAST:
134 return FingerprintAcquiredInfo::ACQUIRED_TOO_FAST;
135 default:
136 if (info >= FINGERPRINT_ACQUIRED_VENDOR_BASE) {
137 // vendor specific code.
138 *vendorCode = info - FINGERPRINT_ACQUIRED_VENDOR_BASE;
139 return FingerprintAcquiredInfo::ACQUIRED_VENDOR;
140 }
141 }
142 ALOGE("Unknown acquiredmsg from fingerprint vendor library: %d", info);
143 return FingerprintAcquiredInfo::ACQUIRED_INSUFFICIENT;
144 }
145
setNotify(const sp<IBiometricsFingerprintClientCallback> & clientCallback)146 Return<uint64_t> BiometricsFingerprint::setNotify(
147 const sp<IBiometricsFingerprintClientCallback>& clientCallback) {
148 std::lock_guard<std::mutex> lock(mClientCallbackMutex);
149 mClientCallback = clientCallback;
150 // This is here because HAL 2.1 doesn't have a way to propagate a
151 // unique token for its driver. Subsequent versions should send a unique
152 // token for each call to setNotify(). This is fine as long as there's only
153 // one fingerprint device on the platform.
154 return reinterpret_cast<uint64_t>(mDevice);
155 }
156
preEnroll()157 Return<uint64_t> BiometricsFingerprint::preEnroll() {
158 return mDevice->pre_enroll(mDevice);
159 }
160
enroll(const hidl_array<uint8_t,69> & hat,uint32_t gid,uint32_t timeoutSec)161 Return<RequestStatus> BiometricsFingerprint::enroll(const hidl_array<uint8_t, 69>& hat,
162 uint32_t gid, uint32_t timeoutSec) {
163 const hw_auth_token_t* authToken =
164 reinterpret_cast<const hw_auth_token_t*>(hat.data());
165 return ErrorFilter(mDevice->enroll(mDevice, authToken, gid, timeoutSec));
166 }
167
postEnroll()168 Return<RequestStatus> BiometricsFingerprint::postEnroll() {
169 return ErrorFilter(mDevice->post_enroll(mDevice));
170 }
171
getAuthenticatorId()172 Return<uint64_t> BiometricsFingerprint::getAuthenticatorId() {
173 return mDevice->get_authenticator_id(mDevice);
174 }
175
cancel()176 Return<RequestStatus> BiometricsFingerprint::cancel() {
177 return ErrorFilter(mDevice->cancel(mDevice));
178 }
179
enumerate()180 Return<RequestStatus> BiometricsFingerprint::enumerate() {
181 return ErrorFilter(mDevice->enumerate(mDevice));
182 }
183
remove(uint32_t gid,uint32_t fid)184 Return<RequestStatus> BiometricsFingerprint::remove(uint32_t gid, uint32_t fid) {
185 return ErrorFilter(mDevice->remove(mDevice, gid, fid));
186 }
187
setActiveGroup(uint32_t gid,const hidl_string & storePath)188 Return<RequestStatus> BiometricsFingerprint::setActiveGroup(uint32_t gid,
189 const hidl_string& storePath) {
190 if (storePath.size() >= PATH_MAX || storePath.size() <= 0) {
191 ALOGE("Bad path length: %zd", storePath.size());
192 return RequestStatus::SYS_EINVAL;
193 }
194 if (access(storePath.c_str(), W_OK)) {
195 return RequestStatus::SYS_EINVAL;
196 }
197
198 return ErrorFilter(mDevice->set_active_group(mDevice, gid,
199 storePath.c_str()));
200 }
201
authenticate(uint64_t operationId,uint32_t gid)202 Return<RequestStatus> BiometricsFingerprint::authenticate(uint64_t operationId,
203 uint32_t gid) {
204 return ErrorFilter(mDevice->authenticate(mDevice, operationId, gid));
205 }
206
getInstance()207 IBiometricsFingerprint* BiometricsFingerprint::getInstance() {
208 if (!sInstance) {
209 sInstance = new BiometricsFingerprint();
210 }
211 return sInstance;
212 }
213
openHal()214 fingerprint_device_t* BiometricsFingerprint::openHal() {
215 int err;
216 const hw_module_t *hw_mdl = nullptr;
217 ALOGD("Opening fingerprint hal library...");
218 if (0 != (err = hw_get_module(FINGERPRINT_HARDWARE_MODULE_ID, &hw_mdl))) {
219 ALOGE("Can't open fingerprint HW Module, error: %d", err);
220 return nullptr;
221 }
222
223 if (hw_mdl == nullptr) {
224 ALOGE("No valid fingerprint module");
225 return nullptr;
226 }
227
228 fingerprint_module_t const *module =
229 reinterpret_cast<const fingerprint_module_t*>(hw_mdl);
230 if (module->common.methods->open == nullptr) {
231 ALOGE("No valid open method");
232 return nullptr;
233 }
234
235 hw_device_t *device = nullptr;
236
237 if (0 != (err = module->common.methods->open(hw_mdl, nullptr, &device))) {
238 ALOGE("Can't open fingerprint methods, error: %d", err);
239 return nullptr;
240 }
241
242 if (kVersion != device->version) {
243 // enforce version on new devices because of HIDL@2.1 translation layer
244 ALOGE("Wrong fp version. Expected %d, got %d", kVersion, device->version);
245 return nullptr;
246 }
247
248 fingerprint_device_t* fp_device =
249 reinterpret_cast<fingerprint_device_t*>(device);
250
251 if (0 != (err =
252 fp_device->set_notify(fp_device, BiometricsFingerprint::notify))) {
253 ALOGE("Can't register fingerprint module callback, error: %d", err);
254 return nullptr;
255 }
256
257 return fp_device;
258 }
259
notify(const fingerprint_msg_t * msg)260 void BiometricsFingerprint::notify(const fingerprint_msg_t *msg) {
261 BiometricsFingerprint* thisPtr = static_cast<BiometricsFingerprint*>(
262 BiometricsFingerprint::getInstance());
263 std::lock_guard<std::mutex> lock(thisPtr->mClientCallbackMutex);
264 if (thisPtr == nullptr || thisPtr->mClientCallback == nullptr) {
265 ALOGE("Receiving callbacks before the client callback is registered.");
266 return;
267 }
268 const uint64_t devId = reinterpret_cast<uint64_t>(thisPtr->mDevice);
269 switch (msg->type) {
270 case FINGERPRINT_ERROR: {
271 int32_t vendorCode = 0;
272 FingerprintError result = VendorErrorFilter(msg->data.error, &vendorCode);
273 ALOGD("onError(%d)", result);
274 if (!thisPtr->mClientCallback->onError(devId, result, vendorCode).isOk()) {
275 ALOGE("failed to invoke fingerprint onError callback");
276 }
277 }
278 break;
279 case FINGERPRINT_ACQUIRED: {
280 int32_t vendorCode = 0;
281 FingerprintAcquiredInfo result =
282 VendorAcquiredFilter(msg->data.acquired.acquired_info, &vendorCode);
283 ALOGD("onAcquired(%d)", result);
284 if (!thisPtr->mClientCallback->onAcquired(devId, result, vendorCode).isOk()) {
285 ALOGE("failed to invoke fingerprint onAcquired callback");
286 }
287 }
288 break;
289 case FINGERPRINT_TEMPLATE_ENROLLING:
290 ALOGD("onEnrollResult(fid=%d, gid=%d, rem=%d)",
291 msg->data.enroll.finger.fid,
292 msg->data.enroll.finger.gid,
293 msg->data.enroll.samples_remaining);
294 if (!thisPtr->mClientCallback->onEnrollResult(devId,
295 msg->data.enroll.finger.fid,
296 msg->data.enroll.finger.gid,
297 msg->data.enroll.samples_remaining).isOk()) {
298 ALOGE("failed to invoke fingerprint onEnrollResult callback");
299 }
300 break;
301 case FINGERPRINT_TEMPLATE_REMOVED:
302 ALOGD("onRemove(fid=%d, gid=%d, rem=%d)",
303 msg->data.removed.finger.fid,
304 msg->data.removed.finger.gid,
305 msg->data.removed.remaining_templates);
306 if (!thisPtr->mClientCallback->onRemoved(devId,
307 msg->data.removed.finger.fid,
308 msg->data.removed.finger.gid,
309 msg->data.removed.remaining_templates).isOk()) {
310 ALOGE("failed to invoke fingerprint onRemoved callback");
311 }
312 break;
313 case FINGERPRINT_AUTHENTICATED:
314 if (msg->data.authenticated.finger.fid != 0) {
315 ALOGD("onAuthenticated(fid=%d, gid=%d)",
316 msg->data.authenticated.finger.fid,
317 msg->data.authenticated.finger.gid);
318 const uint8_t* hat =
319 reinterpret_cast<const uint8_t *>(&msg->data.authenticated.hat);
320 const hidl_vec<uint8_t> token(
321 std::vector<uint8_t>(hat, hat + sizeof(msg->data.authenticated.hat)));
322 if (!thisPtr->mClientCallback->onAuthenticated(devId,
323 msg->data.authenticated.finger.fid,
324 msg->data.authenticated.finger.gid,
325 token).isOk()) {
326 ALOGE("failed to invoke fingerprint onAuthenticated callback");
327 }
328 } else {
329 // Not a recognized fingerprint
330 if (!thisPtr->mClientCallback->onAuthenticated(devId,
331 msg->data.authenticated.finger.fid,
332 msg->data.authenticated.finger.gid,
333 hidl_vec<uint8_t>()).isOk()) {
334 ALOGE("failed to invoke fingerprint onAuthenticated callback");
335 }
336 }
337 break;
338 case FINGERPRINT_TEMPLATE_ENUMERATING:
339 ALOGD("onEnumerate(fid=%d, gid=%d, rem=%d)",
340 msg->data.enumerated.finger.fid,
341 msg->data.enumerated.finger.gid,
342 msg->data.enumerated.remaining_templates);
343 if (!thisPtr->mClientCallback->onEnumerate(devId,
344 msg->data.enumerated.finger.fid,
345 msg->data.enumerated.finger.gid,
346 msg->data.enumerated.remaining_templates).isOk()) {
347 ALOGE("failed to invoke fingerprint onEnumerate callback");
348 }
349 break;
350 }
351 }
352
353 } // namespace implementation
354 } // namespace V2_1
355 } // namespace fingerprint
356 } // namespace biometrics
357 } // namespace hardware
358 } // namespace android
359