am c1d796f4: am ef6c1c57: Merge changes Ie449043b,I0c08e8cd
* commit 'c1d796f44ae74a629f4d6d5d487bdf028d3d2eb2':
GPU: Build gralloc.ranchu.so
init.ranchu.rc: enable qemu-props & use GPU emulation if available
diff --git a/fingerprint/fingerprint.c b/fingerprint/fingerprint.c
index c3dc787..baa7ad6 100644
--- a/fingerprint/fingerprint.c
+++ b/fingerprint/fingerprint.c
@@ -14,11 +14,18 @@
* limitations under the License.
*/
-#define FINGERPRINT_LISTEN_SERVICE_NAME "fingerprintlisten"
-#define FINGERPRINT_TXT_FILENAME "/data/fingerprint.txt"
-
+/**
+ * This is a very basic implementation of fingerprint to allow testing on the emulator. It
+ * is *not* meant to be the final implementation on real devices. For example, it does *not*
+ * implement all of the required features, such as secure template storage and recognition
+ * inside a Trusted Execution Environment (TEE). However, this file is a reasonable starting
+ * point as developers add fingerprint support to their platform. See inline comments and
+ * recommendations for details.
+ *
+ * Please see the Android Compatibility Definition Document (CDD) for a full list of requirements
+ * and suggestions.
+ */
#define LOG_TAG "FingerprintHal"
-#define MAX_NUM_FINGERS 32
#include <errno.h>
#include <endian.h>
@@ -30,252 +37,203 @@
#include <hardware/fingerprint.h>
#include <hardware/qemud.h>
+#include <poll.h>
+
+#define FINGERPRINT_LISTEN_SERVICE_NAME "fingerprintlisten"
+#define FINGERPRINT_FILENAME \
+ "/data/system/users/0/fpdata/emulator_fingerprint_storage.bin"
+#define MAX_COMM_CHARS 128
+#define MAX_COMM_ERRORS 8
+// Typical devices will allow up to 5 fingerprints per user to maintain performance of
+// t < 500ms for recognition. This is the total number of fingerprints we'll store.
+#define MAX_NUM_FINGERS 20
+#define MAX_FID_VALUE 0x7FFFFFFF // Arbitrary limit
+
+/**
+ * Most devices will have an internal state machine resembling this. There are 3 basic states, as
+ * shown below. When device is not authenticating or enrolling, it is expected to be in
+ * the idle state.
+ *
+ * Note that this is completely independent of device wake state. If the hardware device was in
+ * the "scan" state when the device drops into power collapse, it should resume scanning when power
+ * is restored. This is to facilitate rapid touch-to-unlock from keyguard.
+ */
typedef enum worker_state_t {
- STATE_ENROLL = 1,
- STATE_SCAN = 2,
- STATE_IDLE = 3,
- STATE_EXIT = 4
+ STATE_IDLE = 0,
+ STATE_ENROLL,
+ STATE_SCAN,
+ STATE_EXIT
} worker_state_t;
typedef struct worker_thread_t {
pthread_t thread;
- pthread_mutex_t mutex;
- int request;
worker_state_t state;
- int fingerid;
- int finger_is_on;
- int all_fingerids[MAX_NUM_FINGERS];
- uint64_t all_secureids[MAX_NUM_FINGERS];
- uint64_t all_authenids[MAX_NUM_FINGERS];
- int num_fingers_enrolled;
- FILE *fp_write;;
+ uint64_t secureid[MAX_NUM_FINGERS];
+ uint64_t authenid[MAX_NUM_FINGERS];
} worker_thread_t;
-typedef struct emu_fingerprint_hal_device_t {
- fingerprint_device_t device; //inheritance
+typedef struct qemu_fingerprint_device_t {
+ fingerprint_device_t device; // "inheritance"
worker_thread_t listener;
uint64_t op_id;
uint64_t challenge;
- uint64_t secure_user_id;
uint64_t user_id;
+ uint64_t group_id;
+ uint64_t secure_user_id;
uint64_t authenticator_id;
+ int qchanfd;
pthread_mutex_t lock;
-} emu_fingerprint_hal_device_t;
+} qemu_fingerprint_device_t;
+
+/******************************************************************************/
+
+static void saveFingerprint(worker_thread_t* listener, int idx) {
+ ALOGD("----------------> %s -----------------> idx %d", __FUNCTION__, idx);
+
+ // Save fingerprints to file
+ FILE* fp = fopen(FINGERPRINT_FILENAME, "r+"); // write but don't truncate
+ if (fp == NULL) {
+ ALOGE("Could not open fingerprints storage at %s; "
+ "fingerprints won't be saved",
+ FINGERPRINT_FILENAME);
+ perror("Failed to open file");
+ return;
+ }
+
+ ALOGD("Write fingerprint[%d] (0x%" PRIx64 ",0x%" PRIx64 ")", idx,
+ listener->secureid[idx], listener->authenid[idx]);
+
+ if (fseek(fp, (idx) * sizeof(uint64_t), SEEK_SET) < 0) {
+ ALOGE("Failed while seeking for fingerprint[%d] in emulator storage",
+ idx);
+ fclose(fp);
+ return;
+ }
+ int ns = fwrite(&listener->secureid[idx], sizeof(uint64_t), 1, fp);
+ if (fseek(fp, (MAX_NUM_FINGERS + idx) * sizeof(uint64_t), SEEK_SET) < 0) {
+ ALOGE("Failed while seeking for fingerprint[%d] in emulator storage",
+ idx);
+ fclose(fp);
+ return;
+ }
+ int na = fwrite(&listener->authenid[idx], sizeof(uint64_t), 1, fp);
+ if (ns != 1 || na != 1)
+ ALOGW("Corrupt emulator fingerprints storage; could not save "
+ "fingerprints");
+
+ fclose(fp);
+
+ return;
+}
+
+static void loadFingerprints(worker_thread_t* listener) {
+ ALOGD("----------------> %s ----------------->", __FUNCTION__);
+ FILE* fp = fopen(FINGERPRINT_FILENAME, "a+"); // so we can create if empty
+ if (fp == NULL) {
+ ALOGE("Could not load fingerprints from storage at %s; "
+ "it has not yet been created.",
+ FINGERPRINT_FILENAME);
+ perror("Failed to open/create file");
+ return;
+ }
+
+ int ns = fread(listener->secureid, MAX_NUM_FINGERS * sizeof(uint64_t), 1,
+ fp);
+ int na = fread(listener->authenid, MAX_NUM_FINGERS * sizeof(uint64_t), 1,
+ fp);
+ if (ns != 1 || na != 1)
+ ALOGW("Corrupt emulator fingerprints storage (read %d+%db)", ns, na);
+
+ int i = 0;
+ for (i = 0; i < MAX_NUM_FINGERS; i++)
+ ALOGD("Read fingerprint %d (0x%" PRIx64 ",0x%" PRIx64 ")", i,
+ listener->secureid[i], listener->authenid[i]);
+
+ fclose(fp);
+
+ return;
+}
+
+/******************************************************************************/
static uint64_t get_64bit_rand() {
- return (((uint64_t) rand()) << 32) | ((uint64_t) rand());
+ // This should use a cryptographically-secure random number generator like arc4random().
+ // It should be generated inside of the TEE where possible. Here we just use something
+ // very simple.
+ ALOGD("----------------> %s ----------------->", __FUNCTION__);
+ uint64_t r = (((uint64_t)rand()) << 32) | ((uint64_t)rand());
+ return r != 0 ? r : 1;
}
-static void destroyListenerThread(emu_fingerprint_hal_device_t* dev)
-{
- pthread_join(dev->listener.thread, NULL);
- pthread_mutex_destroy(&dev->listener.mutex);
-}
+static uint64_t fingerprint_get_auth_id(struct fingerprint_device* device) {
+ // This should return the authentication_id generated when the fingerprint template database
+ // was created. Though this isn't expected to be secret, it is reasonable to expect it to be
+ // cryptographically generated to avoid replay attacks.
+ qemu_fingerprint_device_t* qdev = (qemu_fingerprint_device_t*)device;
+ ALOGD("----------------> %s ----------------->", __FUNCTION__);
+ uint64_t authenticator_id = 0;
+ pthread_mutex_lock(&qdev->lock);
+ authenticator_id = qdev->authenticator_id;
+ pthread_mutex_unlock(&qdev->lock);
-bool finger_already_enrolled(emu_fingerprint_hal_device_t* dev) {
- int i;
- for (i = 0; i < dev->listener.num_fingers_enrolled; ++ i) {
- if (dev->listener.fingerid == dev->listener.all_fingerids[i % MAX_NUM_FINGERS]) {
- dev->secure_user_id = dev->listener.all_secureids[i % MAX_NUM_FINGERS];
- dev->authenticator_id = dev->listener.all_authenids[i % MAX_NUM_FINGERS];
- return true;
- }
- }
- return false;
-}
-
-static void save_fingerid(FILE* fp, int fingerid, uint64_t secureid, uint64_t authenid) {
- if (!fp) return;
- fprintf(fp, " %d %" PRIu64 " %" PRIu64, fingerid, secureid, authenid);
- fflush(fp);
-}
-
-static void listener_send_notice(emu_fingerprint_hal_device_t* dev)
-{
- fingerprint_msg_t message = {0};
- bool is_authentication = false;
- bool is_valid_finger = false;
- pthread_mutex_lock(&dev->listener.mutex);
- if (dev->listener.state == STATE_ENROLL) {
- message.type = FINGERPRINT_TEMPLATE_ENROLLING;
- message.data.enroll.finger.fid = dev->listener.fingerid;
- message.data.enroll.samples_remaining = 0;
- dev->authenticator_id = get_64bit_rand();
- dev->listener.state = STATE_SCAN;
- if (!finger_already_enrolled(dev)) {
- dev->listener.all_fingerids[dev->listener.num_fingers_enrolled % MAX_NUM_FINGERS] = dev->listener.fingerid;
- dev->listener.all_secureids[dev->listener.num_fingers_enrolled % MAX_NUM_FINGERS] = dev->secure_user_id;
- dev->listener.all_authenids[dev->listener.num_fingers_enrolled % MAX_NUM_FINGERS] = dev->authenticator_id;
- ++ dev->listener.num_fingers_enrolled;
- save_fingerid(dev->listener.fp_write, dev->listener.fingerid, dev->secure_user_id, dev->authenticator_id);
- is_valid_finger = true;
- }
- } else {
- is_authentication = true;
- is_valid_finger = finger_already_enrolled(dev);
- message.type = FINGERPRINT_AUTHENTICATED;
- message.data.authenticated.finger.gid = 0;
- message.data.authenticated.finger.fid = is_valid_finger ? dev->listener.fingerid : 0;
- message.data.authenticated.hat.version = HW_AUTH_TOKEN_VERSION;
- message.data.authenticated.hat.authenticator_type = htobe32(HW_AUTH_FINGERPRINT);
- message.data.authenticated.hat.challenge = dev->op_id;
- message.data.authenticated.hat.authenticator_id = dev->authenticator_id;
- message.data.authenticated.hat.user_id = dev->secure_user_id;
- struct timespec ts;
- clock_gettime(CLOCK_MONOTONIC, &ts);
- message.data.authenticated.hat.timestamp =
- htobe64((uint64_t)ts.tv_sec * 1000 + ts.tv_nsec / 1000000);
- }
- pthread_mutex_unlock(&dev->listener.mutex);
-
- pthread_mutex_lock(&dev->lock);
- if (is_authentication) {
- fingerprint_msg_t acquired_message = {0};
- acquired_message.type = FINGERPRINT_ACQUIRED;
- message.data.acquired.acquired_info = FINGERPRINT_ACQUIRED_GOOD;
- dev->device.notify(&acquired_message);
- }
- if (is_valid_finger || is_authentication) {
- dev->device.notify(&message);
- }
- pthread_mutex_unlock(&dev->lock);
-}
-
-static void* listenerFunction(void* data)
-{
- emu_fingerprint_hal_device_t* dev = (emu_fingerprint_hal_device_t*) data;
-
- int fd = qemud_channel_open(FINGERPRINT_LISTEN_SERVICE_NAME);
- if (fd < 0) {
- ALOGE("listener cannot open fingerprint listener service exit");
- return NULL;
- }
-
- const char* cmd = "listen";
- if (qemud_channel_send(fd, cmd, strlen(cmd)) < 0) {
- ALOGE("cannot write fingerprint 'listen' to host");
- return NULL;
- }
-
- int i;
- for (i = 0; i < MAX_NUM_FINGERS; ++ i) {
- dev->listener.all_fingerids[i] = 0;
- }
- //read registered fingerprint ids from /data/local/fingerprint.txt
- //TODO: store it in a better location
- dev->listener.num_fingers_enrolled = 0;
- FILE* fp_stored = fopen(FINGERPRINT_TXT_FILENAME, "r");
- if (fp_stored) {
- while (1) {
- int fingerid = 0;
- uint64_t secureid = 0;
- uint64_t authenid = 0;
- if(fscanf(fp_stored, "%d %" SCNu64 " %" SCNu64, &fingerid, &secureid, &authenid) == 3) {
- dev->listener.all_fingerids[dev->listener.num_fingers_enrolled % MAX_NUM_FINGERS] = fingerid;
- dev->listener.all_secureids[dev->listener.num_fingers_enrolled % MAX_NUM_FINGERS] = secureid;
- dev->listener.all_authenids[dev->listener.num_fingers_enrolled % MAX_NUM_FINGERS] = authenid;
- ++ dev->listener.num_fingers_enrolled;
- } else {
- break;
- }
- }
- fclose(fp_stored);
- }
-
- dev->listener.fp_write = fopen(FINGERPRINT_TXT_FILENAME, "a");
-
- char buffer[128];
- int fingerid=-1;
- int size;
- while (1) {
- //simply listen in blocking mode
- if ((size = qemud_channel_recv(fd, buffer, sizeof buffer - 1)) >0) {
- buffer[size] = '\0';
- if (sscanf(buffer, "on:%d", &fingerid) == 1) {
- if (fingerid > 0 ) {
- dev->listener.fingerid = fingerid;
- dev->listener.finger_is_on = 1;
- ALOGD("got finger %d", fingerid);
- listener_send_notice(dev);
- ALOGD("send notice finger %d", fingerid);
- }
- else {
- ALOGE("finger id should be positive");
- }
- } else if (strncmp("off", buffer, 3) == 0) {
- dev->listener.finger_is_on = 0;
- ALOGD("finger off %d", fingerid);
- } else {
- ALOGE("error: '%s'", buffer);
- }
- } else {
- ALOGE("receive failure");
- // return NULL;
- }
- //TODO: check for request to exit thread
- }
-
- ALOGD("listener exit");
- return NULL;
-}
-
-static void createListenerThread(emu_fingerprint_hal_device_t* dev)
-{
- pthread_mutex_init(&dev->listener.mutex, NULL);
- pthread_create(&dev->listener.thread, NULL, listenerFunction, dev);
-}
-
-static int fingerprint_close(hw_device_t *dev)
-{
- if (dev) {
- destroyListenerThread((emu_fingerprint_hal_device_t*) dev);
- free(dev);
- return 0;
- } else {
- return -1;
- }
-}
-
-static void setListenerState(emu_fingerprint_hal_device_t* dev, worker_state_t state) {
- pthread_mutex_lock(&dev->listener.mutex);
- dev->listener.state = state;
- pthread_mutex_unlock(&dev->listener.mutex);
-}
-
-static uint64_t fingerprint_get_auth_id(struct fingerprint_device __unused *device) {
- emu_fingerprint_hal_device_t* dev = (emu_fingerprint_hal_device_t*) device;
- return dev->authenticator_id;
+ return authenticator_id;
}
static int fingerprint_set_active_group(struct fingerprint_device __unused *device, uint32_t gid,
const char *path) {
- // TODO: implements me
+ // Groups are a future feature. For now, the framework sends the profile owner's id (userid)
+ // as the primary group id for the user. This code should create a tuple (groupId, fingerId)
+ // that represents a single fingerprint entity in the database. For now we just generate
+ // globally unique ids.
+ ALOGW("Setting active finger group not implemented");
return 0;
}
-static int fingerprint_authenticate(struct fingerprint_device __unused *device,
- uint64_t __unused operation_id, __unused uint32_t gid)
+/**
+ * If fingerprints are enrolled, then this function is expected to put the sensor into a
+ * "scanning" state where it's actively scanning and recognizing fingerprint features.
+ * Actual authentication must happen in TEE and should be monitored in a separate thread
+ * since this function is expected to return immediately.
+ */
+static int fingerprint_authenticate(struct fingerprint_device *device,
+ uint64_t operation_id, __unused uint32_t gid)
{
- ALOGD("fingerprint_authenticate");
+ qemu_fingerprint_device_t* qdev = (qemu_fingerprint_device_t*)device;
- emu_fingerprint_hal_device_t* dev = (emu_fingerprint_hal_device_t*) device;
- pthread_mutex_lock(&dev->lock);
- dev->op_id = operation_id;
- pthread_mutex_unlock(&dev->lock);
- setListenerState(dev, STATE_SCAN);
+ pthread_mutex_lock(&qdev->lock);
+ qdev->op_id = operation_id;
+ qdev->listener.state = STATE_SCAN;
+ pthread_mutex_unlock(&qdev->lock);
+
return 0;
}
+/**
+ * This is expected to put the sensor into an "enroll" state where it's actively scanning and
+ * working towards a finished fingerprint database entry. Authentication must happen in
+ * a separate thread since this function is expected to return immediately.
+ *
+ * Note: This method should always generate a new random authenticator_id.
+ *
+ * Note: As with fingerprint_authenticate(), this would run in TEE on a real device.
+ */
static int fingerprint_enroll(struct fingerprint_device *device,
const hw_auth_token_t *hat,
uint32_t __unused gid,
uint32_t __unused timeout_sec) {
ALOGD("fingerprint_enroll");
- emu_fingerprint_hal_device_t* dev = (emu_fingerprint_hal_device_t*) device;
- if (hat && hat->challenge == dev->challenge) {
+ qemu_fingerprint_device_t* dev = (qemu_fingerprint_device_t*)device;
+ if (!hat) {
+ ALOGW("%s: null auth token", __func__);
+ return -EPROTONOSUPPORT;
+ }
+ if (hat->challenge == dev->challenge) {
+ // The secure_user_id retrieved from the auth token should be stored
+ // with the enrolled fingerprint template and returned in the auth result
+ // for a successful authentication with that finger.
dev->secure_user_id = hat->user_id;
} else {
- ALOGW("%s: invalid or null auth token", __func__);
+ ALOGW("%s: invalid auth token", __func__);
}
if (hat->version != HW_AUTH_TOKEN_VERSION) {
@@ -287,81 +245,489 @@
dev->user_id = hat->user_id;
- // TODO: store enrolled fingerprints, authenticator id, and secure_user_id
- setListenerState(dev, STATE_ENROLL);
+ pthread_mutex_lock(&dev->lock);
+ dev->listener.state = STATE_ENROLL;
+ pthread_mutex_unlock(&dev->lock);
+
+ // fingerprint id, authenticator id, and secure_user_id
+ // will be stored by worked thread
+
return 0;
}
+/**
+ * The pre-enrollment step is simply to get an authentication token that can be wrapped and
+ * verified at a later step. The primary purpose is to return a token that protects against
+ * spoofing and replay attacks. It is passed to password authentication where it is wrapped and
+ * propagated to the enroll step.
+ */
static uint64_t fingerprint_pre_enroll(struct fingerprint_device *device) {
- ALOGD("fingerprint_pre_enroll");
- emu_fingerprint_hal_device_t* dev = (emu_fingerprint_hal_device_t*) device;
- dev->challenge = get_64bit_rand();
- return dev->challenge;
+ ALOGD("----------------> %s ----------------->", __FUNCTION__);
+ uint64_t challenge = 0;
+ qemu_fingerprint_device_t* qdev = (qemu_fingerprint_device_t*)device;
+
+ // The challenge will typically be a cryptographically-secure key
+ // coming from the TEE so it can be verified at a later step. For now we just generate a
+ // random value.
+ challenge = get_64bit_rand();
+
+ pthread_mutex_lock(&qdev->lock);
+ qdev->challenge = challenge;
+ pthread_mutex_unlock(&qdev->lock);
+
+ return challenge;
}
-static int fingerprint_cancel(struct fingerprint_device __unused *device) {
- ALOGD("fingerprint_cancel");
- emu_fingerprint_hal_device_t* dev = (emu_fingerprint_hal_device_t*) device;
- setListenerState(dev, STATE_IDLE);
+static int fingerprint_post_enroll(struct fingerprint_device* device) {
+ ALOGD("----------------> %s ----------------->", __FUNCTION__);
+ qemu_fingerprint_device_t* qdev = (qemu_fingerprint_device_t*)device;
+
+ pthread_mutex_lock(&qdev->lock);
+ qdev->challenge = 0;
+ pthread_mutex_unlock(&qdev->lock);
+
+ return 0;
+}
+
+/**
+ * Cancel is called by the framework to cancel an outstanding event. This should *not* be called
+ * by the driver since it will cause the framework to stop listening for fingerprints.
+ */
+static int fingerprint_cancel(struct fingerprint_device *device) {
+ ALOGD("----------------> %s ----------------->", __FUNCTION__);
+ qemu_fingerprint_device_t* qdev = (qemu_fingerprint_device_t*)device;
+
+ fingerprint_msg_t msg = {0};
+ msg.type = FINGERPRINT_ERROR;
+ msg.data.error = FINGERPRINT_ERROR_CANCELED;
+
+ pthread_mutex_lock(&qdev->lock);
+ qdev->listener.state = STATE_IDLE;
+ pthread_mutex_unlock(&qdev->lock);
+
+ device->notify(&msg);
+
return 0;
}
static int fingerprint_enumerate(struct fingerprint_device *device,
fingerprint_finger_id_t *results, uint32_t *max_size) {
- // TODO: implement me
+ ALOGD("----------------> %s ----------------->", __FUNCTION__);
+ if (device == NULL || results == NULL || max_size == NULL) {
+ ALOGE("Cannot enumerate saved fingerprints with uninitialized params");
+ return -1;
+ }
+
+ qemu_fingerprint_device_t* qdev = (qemu_fingerprint_device_t*)device;
+ unsigned int i = 0;
+ int num = 0;
+ for (i = 0; i < MAX_NUM_FINGERS; i++) {
+ if (qdev->listener.secureid[i] != 0 ||
+ qdev->listener.authenid[i] != 0) {
+ ALOGD("ENUM: Fingerprint [%d] = 0x%" PRIx64 ",%" PRIx64, i,
+ qdev->listener.secureid[i], qdev->listener.authenid[i]);
+ num++;
+ }
+ }
+
+ return num;
+}
+
+static int fingerprint_remove(struct fingerprint_device *device,
+ uint32_t __unused gid, uint32_t fid) {
+ int idx = 0;
+ fingerprint_msg_t msg = {0};
+ ALOGD("----------------> %s -----------------> fid %d", __FUNCTION__, fid);
+ if (device == NULL) {
+ ALOGE("Can't remove fingerprint (gid=%d, fid=%d); "
+ "device not initialized properly",
+ gid, fid);
+ return -1;
+ }
+
+ qemu_fingerprint_device_t* qdev = (qemu_fingerprint_device_t*)device;
+
+ if (fid == 0) {
+ // Delete all fingerprints
+ // I'll do this one at a time, so I am not
+ // holding the mutext during the notification
+ bool listIsEmpty;
+ do {
+ pthread_mutex_lock(&qdev->lock);
+ listIsEmpty = true; // Haven't seen a valid entry yet
+ for (idx = 0; idx < MAX_NUM_FINGERS; idx++) {
+ uint32_t theFid = qdev->listener.authenid[idx];
+ if (theFid != 0) {
+ // Delete this entry
+ qdev->listener.secureid[idx] = 0;
+ qdev->listener.authenid[idx] = 0;
+ saveFingerprint(&qdev->listener, idx);
+
+ // Send a notification that we deleted this one
+ pthread_mutex_unlock(&qdev->lock);
+ msg.type = FINGERPRINT_TEMPLATE_REMOVED;
+ msg.data.removed.finger.fid = theFid;
+ device->notify(&msg);
+
+ // Because we released the mutex, the list
+ // may have changed. Restart the 'for' loop
+ // after reacquiring the mutex.
+ listIsEmpty = false;
+ break;
+ }
+ } // end for (idx < MAX_NUM_FINGERS)
+ } while (!listIsEmpty);
+ qdev->listener.state = STATE_IDLE;
+ pthread_mutex_unlock(&qdev->lock);
+ } else {
+ // Delete one fingerprint
+ // Look for this finger ID in our table.
+ pthread_mutex_lock(&qdev->lock);
+ for (idx = 0; idx < MAX_NUM_FINGERS; idx++) {
+ if (qdev->listener.authenid[idx] == fid &&
+ qdev->listener.secureid[idx] != 0) {
+ // Found it!
+ break;
+ }
+ }
+ if (idx >= MAX_NUM_FINGERS) {
+ qdev->listener.state = STATE_IDLE;
+ pthread_mutex_unlock(&qdev->lock);
+ ALOGE("Fingerprint ID %d not found", fid);
+ return FINGERPRINT_ERROR;
+ }
+
+ qdev->listener.secureid[idx] = 0;
+ qdev->listener.authenid[idx] = 0;
+ saveFingerprint(&qdev->listener, idx);
+
+ qdev->listener.state = STATE_IDLE;
+ pthread_mutex_unlock(&qdev->lock);
+
+ msg.type = FINGERPRINT_TEMPLATE_REMOVED;
+ msg.data.removed.finger.fid = fid;
+ device->notify(&msg);
+ }
+
return 0;
}
-static int fingerprint_remove(struct fingerprint_device __unused *dev,
- uint32_t __unused gid, uint32_t __unused fid) {
- // TODO: implement enroll and remove, and set dev->authenticator_id = 0 when no FPs enrolled
- return FINGERPRINT_ERROR;
+static int set_notify_callback(struct fingerprint_device *device,
+ fingerprint_notify_t notify) {
+ ALOGD("----------------> %s ----------------->", __FUNCTION__);
+ if (device == NULL || notify == NULL) {
+ ALOGE("Failed to set notify callback @ %p for fingerprint device %p",
+ device, notify);
+ return -1;
+ }
+
+ qemu_fingerprint_device_t* qdev = (qemu_fingerprint_device_t*)device;
+ pthread_mutex_lock(&qdev->lock);
+ qdev->listener.state = STATE_IDLE;
+ device->notify = notify;
+ pthread_mutex_unlock(&qdev->lock);
+ ALOGD("fingerprint callback notification set");
+
+ return 0;
}
-static int set_notify_callback(struct fingerprint_device *device,
- fingerprint_notify_t notify) {
- ALOGD("set_notify");
- emu_fingerprint_hal_device_t* dev =(emu_fingerprint_hal_device_t*) device;
+static void send_scan_notice(qemu_fingerprint_device_t* qdev, int fid) {
+ ALOGD("----------------> %s ----------------->", __FUNCTION__);
+
+ // acquired message
+ fingerprint_msg_t acqu_msg = {0};
+ acqu_msg.type = FINGERPRINT_ACQUIRED;
+ acqu_msg.data.acquired.acquired_info = FINGERPRINT_ACQUIRED_GOOD;
+
+ // authenticated message
+ fingerprint_msg_t auth_msg = {0};
+ auth_msg.type = FINGERPRINT_AUTHENTICATED;
+ auth_msg.data.authenticated.finger.fid = fid;
+ auth_msg.data.authenticated.finger.gid = 0; // unused
+ auth_msg.data.authenticated.hat.version = HW_AUTH_TOKEN_VERSION;
+ auth_msg.data.authenticated.hat.authenticator_type =
+ htobe32(HW_AUTH_FINGERPRINT);
+ auth_msg.data.authenticated.hat.challenge = qdev->op_id;
+ auth_msg.data.authenticated.hat.authenticator_id = qdev->authenticator_id;
+ auth_msg.data.authenticated.hat.user_id = qdev->secure_user_id;
+ struct timespec ts;
+ clock_gettime(CLOCK_MONOTONIC, &ts);
+ auth_msg.data.authenticated.hat.timestamp =
+ htobe64((uint64_t)ts.tv_sec * 1000 + ts.tv_nsec / 1000000);
+
+ // pthread_mutex_lock(&qdev->lock);
+ qdev->device.notify(&acqu_msg);
+ qdev->device.notify(&auth_msg);
+ // pthread_mutex_unlock(&qdev->lock);
+
+ return;
+}
+
+static void send_enroll_notice(qemu_fingerprint_device_t* qdev, int fid) {
+ ALOGD("----------------> %s -----------------> fid %d", __FUNCTION__, fid);
+
+ if (fid == 0) {
+ ALOGD("Fingerprint ID is zero (invalid)");
+ return;
+ }
+ if (qdev->secure_user_id == 0) {
+ ALOGD("Secure user ID is zero (invalid)");
+ return;
+ }
+
+ // Find an available entry in the table
+ pthread_mutex_lock(&qdev->lock);
+ int idx = 0;
+ for (idx = 0; idx < MAX_NUM_FINGERS; idx++) {
+ if (qdev->listener.secureid[idx] == 0 ||
+ qdev->listener.authenid[idx] == 0) {
+ // This entry is available
+ break;
+ }
+ }
+ if (idx >= MAX_NUM_FINGERS) {
+ qdev->listener.state = STATE_SCAN;
+ pthread_mutex_unlock(&qdev->lock);
+ ALOGD("Fingerprint ID table is full");
+ return;
+ }
+
+ qdev->listener.secureid[idx] = qdev->secure_user_id;
+ qdev->listener.authenid[idx] = fid;
+ saveFingerprint(&qdev->listener, idx);
+
+ qdev->listener.state = STATE_SCAN;
+ pthread_mutex_unlock(&qdev->lock);
+
+ // LOCKED notification?
+ fingerprint_msg_t msg = {0};
+ msg.type = FINGERPRINT_TEMPLATE_ENROLLING;
+ msg.data.enroll.finger.fid = fid;
+ msg.data.enroll.samples_remaining = 0;
+ qdev->device.notify(&msg);
+
+ return;
+}
+
+static worker_state_t getListenerState(qemu_fingerprint_device_t* dev) {
+ ALOGV("----------------> %s ----------------->", __FUNCTION__);
+ worker_state_t state = STATE_IDLE;
+
pthread_mutex_lock(&dev->lock);
- device->notify = notify;
+ state = dev->listener.state;
pthread_mutex_unlock(&dev->lock);
+
+ return state;
+}
+
+/**
+ * This a very simple event loop for the fingerprint sensor. For a given state (enroll, scan),
+ * this would receive events from the sensor and forward them to fingerprintd using the
+ * notify() method.
+ *
+ * In this simple example, we open a qemu channel (a pipe) where the developer can inject events to
+ * exercise the API and test application code.
+ *
+ * The scanner should remain in the scanning state until either an error occurs or the operation
+ * completes.
+ *
+ * Recoverable errors such as EINTR should be handled locally; they should not
+ * be propagated unless there's something the user can do about it (e.g. "clean sensor"). Such
+ * messages should go through the onAcquired() interface.
+ *
+ * If an unrecoverable error occurs, an acquired message (e.g. ACQUIRED_PARTIAL) should be sent,
+ * followed by an error message (e.g. FINGERPRINT_ERROR_UNABLE_TO_PROCESS).
+ *
+ * Note that this event loop would typically run in TEE since it must interact with the sensor
+ * hardware and handle raw fingerprint data and encrypted templates. It is expected that
+ * this code monitors the TEE for resulting events, such as enrollment and authentication status.
+ * Here we just have a very simple event loop that monitors a qemu channel for pseudo events.
+ */
+static void* listenerFunction(void* data) {
+ ALOGD("----------------> %s ----------------->", __FUNCTION__);
+ qemu_fingerprint_device_t* qdev = (qemu_fingerprint_device_t*)data;
+
+ pthread_mutex_lock(&qdev->lock);
+ qdev->qchanfd = qemud_channel_open(FINGERPRINT_LISTEN_SERVICE_NAME);
+ if (qdev->qchanfd < 0) {
+ ALOGE("listener cannot open fingerprint listener service exit");
+ pthread_mutex_unlock(&qdev->lock);
+ return NULL;
+ }
+ qdev->listener.state = STATE_IDLE;
+ pthread_mutex_unlock(&qdev->lock);
+
+ const char* cmd = "listen";
+ if (qemud_channel_send(qdev->qchanfd, cmd, strlen(cmd)) < 0) {
+ ALOGE("cannot write fingerprint 'listen' to host");
+ goto done_quiet;
+ }
+
+ int comm_errors = 0;
+ struct pollfd pfd = {
+ .fd = qdev->qchanfd,
+ .events = POLLIN,
+ };
+ while (1) {
+ int size = 0;
+ int fid = 0;
+ char buffer[MAX_COMM_CHARS] = {0};
+ bool disconnected = false;
+ while (1) {
+ if (getListenerState(qdev) == STATE_EXIT) {
+ ALOGD("Received request to exit listener thread");
+ goto done;
+ }
+
+ // Reset revents before poll() (just to be safe)
+ pfd.revents = 0;
+
+ // Poll qemud channel for 5 seconds
+ // TODO: Eliminate the timeout so that polling can be interrupted
+ // instantly. One possible solution is to follow the example of
+ // android::Looper ($AOSP/system/core/include/utils/Looper.h and
+ // $AOSP/system/core/libutils/Looper.cpp), which makes use of an
+ // additional file descriptor ("wake event fd").
+ int nfds = poll(&pfd, 1, 5000);
+ if (nfds < 0) {
+ ALOGE("Could not poll qemud channel: %s", strerror(errno));
+ goto done;
+ }
+
+ if (!nfds) {
+ // poll() timed out - try again
+ continue;
+ }
+
+ // assert(nfds == 1)
+ if (pfd.revents & POLLIN) {
+ // Input data being available doesn't rule out a disconnection
+ disconnected = pfd.revents & (POLLERR | POLLHUP);
+ break; // Exit inner while loop
+ } else {
+ // Some event(s) other than "input data available" occurred,
+ // i.e. POLLERR or POLLHUP, indicating a disconnection
+ ALOGW("Lost connection to qemud channel");
+ goto done;
+ }
+ }
+
+ // Shouldn't block since we were just notified of a POLLIN event
+ if ((size = qemud_channel_recv(qdev->qchanfd, buffer,
+ sizeof(buffer) - 1)) > 0) {
+ buffer[size] = '\0';
+ if (sscanf(buffer, "on:%d", &fid) == 1) {
+ if (fid > 0 && fid <= MAX_FID_VALUE) {
+ switch (qdev->listener.state) {
+ case STATE_ENROLL:
+ send_enroll_notice(qdev, fid);
+ break;
+ case STATE_SCAN:
+ send_scan_notice(qdev, fid);
+ break;
+ default:
+ ALOGE("fingerprint event listener at unexpected "
+ "state 0%x",
+ qdev->listener.state);
+ }
+ } else {
+ ALOGE("fingerprintid %d not in valid range [%d, %d] and "
+ "will be "
+ "ignored",
+ fid, 1, MAX_FID_VALUE);
+ continue;
+ }
+ } else if (strncmp("off", buffer, 3) == 0) {
+ // TODO: Nothing to do here ? Looks valid
+ ALOGD("fingerprint ID %d off", fid);
+ } else {
+ ALOGE("Invalid command '%s' to fingerprint listener", buffer);
+ }
+
+ if (disconnected) {
+ ALOGW("Connection to qemud channel has been lost");
+ break;
+ }
+ } else {
+ ALOGE("fingerprint listener receive failure");
+ if (comm_errors > MAX_COMM_ERRORS)
+ break;
+ }
+ }
+
+done:
+ ALOGD("Listener exit with %d receive errors", comm_errors);
+done_quiet:
+ close(qdev->qchanfd);
+ return NULL;
+}
+
+static int fingerprint_close(hw_device_t* device) {
+ ALOGD("----------------> %s ----------------->", __FUNCTION__);
+ if (device == NULL) {
+ ALOGE("fingerprint hw device is NULL");
+ return -1;
+ }
+
+ qemu_fingerprint_device_t* qdev = (qemu_fingerprint_device_t*)device;
+ pthread_mutex_lock(&qdev->lock);
+ // Ask listener thread to exit
+ qdev->listener.state = STATE_EXIT;
+ pthread_mutex_unlock(&qdev->lock);
+
+ pthread_join(qdev->listener.thread, NULL);
+ pthread_mutex_destroy(&qdev->lock);
+ free(qdev);
+
return 0;
}
static int fingerprint_open(const hw_module_t* module, const char __unused *id,
hw_device_t** device)
{
+
+ ALOGD("----------------> %s ----------------->", __FUNCTION__);
if (device == NULL) {
ALOGE("NULL device on open");
return -EINVAL;
- } else {
- ALOGD("fingerprint open\n");
}
- emu_fingerprint_hal_device_t *dev = malloc(sizeof(emu_fingerprint_hal_device_t));
- memset(dev, 0, sizeof(emu_fingerprint_hal_device_t));
+ qemu_fingerprint_device_t* qdev = (qemu_fingerprint_device_t*)calloc(
+ 1, sizeof(qemu_fingerprint_device_t));
+ if (qdev == NULL) {
+ ALOGE("Insufficient memory for virtual fingerprint device");
+ return -ENOMEM;
+ }
- dev->device.common.tag = HARDWARE_DEVICE_TAG;
- dev->device.common.version = HARDWARE_MODULE_API_VERSION(2, 0);
- dev->device.common.module = (struct hw_module_t*) module;
- dev->device.common.close = fingerprint_close;
- dev->device.pre_enroll = fingerprint_pre_enroll;
- dev->device.enroll = fingerprint_enroll;
- dev->device.get_authenticator_id = fingerprint_get_auth_id;
- dev->device.set_active_group = fingerprint_set_active_group;
- dev->device.authenticate = fingerprint_authenticate;
- dev->device.cancel = fingerprint_cancel;
- dev->device.enumerate = fingerprint_enumerate;
- dev->device.remove = fingerprint_remove;
- dev->device.set_notify = set_notify_callback;
- dev->device.notify = NULL;
+ loadFingerprints(&qdev->listener);
- dev->authenticator_id = 0xdeadbeef;
+ qdev->device.common.tag = HARDWARE_DEVICE_TAG;
+ qdev->device.common.version = HARDWARE_MODULE_API_VERSION(2, 0);
+ qdev->device.common.module = (struct hw_module_t*)module;
+ qdev->device.common.close = fingerprint_close;
- pthread_mutex_init(&dev->lock, NULL);
- createListenerThread(dev);
- *device = (hw_device_t*) dev;
+ qdev->device.pre_enroll = fingerprint_pre_enroll;
+ qdev->device.enroll = fingerprint_enroll;
+ qdev->device.post_enroll = fingerprint_post_enroll;
+ qdev->device.get_authenticator_id = fingerprint_get_auth_id;
+ qdev->device.set_active_group = fingerprint_set_active_group;
+ qdev->device.authenticate = fingerprint_authenticate;
+ qdev->device.cancel = fingerprint_cancel;
+ qdev->device.enumerate = fingerprint_enumerate;
+ qdev->device.remove = fingerprint_remove;
+ qdev->device.set_notify = set_notify_callback;
+ qdev->device.notify = NULL;
+
+ // init and create listener thread
+ pthread_mutex_init(&qdev->lock, NULL);
+ if (pthread_create(&qdev->listener.thread, NULL, listenerFunction, qdev) !=
+ 0)
+ return -1;
+
+ // "Inheritance" / casting
+ *device = &qdev->device.common;
+
return 0;
}
diff --git a/init.ranchu.rc b/init.ranchu.rc
index 51ed4b8..27cf95e 100644
--- a/init.ranchu.rc
+++ b/init.ranchu.rc
@@ -8,8 +8,6 @@
# See storage config details at http://source.android.com/tech/storage/
mkdir /storage/sdcard 0555 root root
- export EXTERNAL_STORAGE /storage/sdcard
-
# Support legacy paths
#symlink /storage/sdcard /sdcard
#symlink /storage/sdcard /mnt/sdcard
