1 /*
2  * Copyright (C) 2020 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package com.android.server.biometrics.sensors.fingerprint;
18 
19 import static android.Manifest.permission.INTERACT_ACROSS_USERS;
20 import static android.Manifest.permission.MANAGE_FINGERPRINT;
21 import static android.Manifest.permission.TEST_BIOMETRIC;
22 import static android.Manifest.permission.USE_BIOMETRIC;
23 import static android.Manifest.permission.USE_BIOMETRIC_INTERNAL;
24 import static android.Manifest.permission.USE_FINGERPRINT;
25 import static android.hardware.biometrics.BiometricFingerprintConstants.FINGERPRINT_ACQUIRED_VENDOR;
26 import static android.hardware.biometrics.BiometricFingerprintConstants.FINGERPRINT_ERROR_USER_CANCELED;
27 import static android.hardware.biometrics.BiometricFingerprintConstants.FINGERPRINT_ERROR_VENDOR;
28 import static android.hardware.biometrics.SensorProperties.STRENGTH_STRONG;
29 
30 import android.annotation.NonNull;
31 import android.annotation.Nullable;
32 import android.app.ActivityManager;
33 import android.app.AppOpsManager;
34 import android.content.Context;
35 import android.content.pm.PackageManager;
36 import android.hardware.biometrics.AuthenticationStateListener;
37 import android.hardware.biometrics.BiometricPrompt;
38 import android.hardware.biometrics.BiometricsProtoEnums;
39 import android.hardware.biometrics.IBiometricSensorReceiver;
40 import android.hardware.biometrics.IBiometricService;
41 import android.hardware.biometrics.IBiometricServiceLockoutResetCallback;
42 import android.hardware.biometrics.IBiometricStateListener;
43 import android.hardware.biometrics.IInvalidationCallback;
44 import android.hardware.biometrics.ITestSession;
45 import android.hardware.biometrics.ITestSessionCallback;
46 import android.hardware.biometrics.fingerprint.IFingerprint;
47 import android.hardware.biometrics.fingerprint.PointerContext;
48 import android.hardware.biometrics.fingerprint.SensorProps;
49 import android.hardware.fingerprint.Fingerprint;
50 import android.hardware.fingerprint.FingerprintAuthenticateOptions;
51 import android.hardware.fingerprint.FingerprintEnrollOptions;
52 import android.hardware.fingerprint.FingerprintManager;
53 import android.hardware.fingerprint.FingerprintSensorConfigurations;
54 import android.hardware.fingerprint.FingerprintSensorPropertiesInternal;
55 import android.hardware.fingerprint.FingerprintServiceReceiver;
56 import android.hardware.fingerprint.IFingerprintAuthenticatorsRegisteredCallback;
57 import android.hardware.fingerprint.IFingerprintClientActiveCallback;
58 import android.hardware.fingerprint.IFingerprintService;
59 import android.hardware.fingerprint.IFingerprintServiceReceiver;
60 import android.hardware.fingerprint.IUdfpsOverlayController;
61 import android.os.Binder;
62 import android.os.Build;
63 import android.os.CancellationSignal;
64 import android.os.Handler;
65 import android.os.IBinder;
66 import android.os.Looper;
67 import android.os.Process;
68 import android.os.RemoteException;
69 import android.os.ResultReceiver;
70 import android.os.ServiceManager;
71 import android.os.ShellCallback;
72 import android.os.UserHandle;
73 import android.os.UserManager;
74 import android.util.EventLog;
75 import android.util.Pair;
76 import android.util.Slog;
77 import android.util.proto.ProtoOutputStream;
78 
79 import com.android.internal.R;
80 import com.android.internal.annotations.VisibleForTesting;
81 import com.android.internal.util.DumpUtils;
82 import com.android.internal.widget.LockPatternUtils;
83 import com.android.server.SystemService;
84 import com.android.server.biometrics.Utils;
85 import com.android.server.biometrics.log.BiometricContext;
86 import com.android.server.biometrics.sensors.AuthenticationStateListeners;
87 import com.android.server.biometrics.sensors.BaseClientMonitor;
88 import com.android.server.biometrics.sensors.BiometricStateCallback;
89 import com.android.server.biometrics.sensors.ClientMonitorCallback;
90 import com.android.server.biometrics.sensors.ClientMonitorCallbackConverter;
91 import com.android.server.biometrics.sensors.LockoutResetDispatcher;
92 import com.android.server.biometrics.sensors.LockoutTracker;
93 import com.android.server.biometrics.sensors.fingerprint.aidl.FingerprintProvider;
94 import com.android.server.companion.virtual.VirtualDeviceManagerInternal;
95 
96 import java.io.FileDescriptor;
97 import java.io.PrintWriter;
98 import java.util.ArrayList;
99 import java.util.Collections;
100 import java.util.List;
101 import java.util.concurrent.CountDownLatch;
102 import java.util.concurrent.Executor;
103 import java.util.concurrent.TimeUnit;
104 import java.util.function.Function;
105 import java.util.function.Supplier;
106 
107 /**
108  * A service to manage multiple clients that want to access the fingerprint HAL API.
109  * The service is responsible for maintaining a list of clients and dispatching all
110  * fingerprint-related events.
111  */
112 public class FingerprintService extends SystemService {
113 
114     protected static final String TAG = "FingerprintService";
115 
116     private final AppOpsManager mAppOps;
117     private final LockoutResetDispatcher mLockoutResetDispatcher;
118     private final GestureAvailabilityDispatcher mGestureAvailabilityDispatcher;
119     private final LockPatternUtils mLockPatternUtils;
120     @NonNull
121     private final BiometricContext mBiometricContext;
122     @NonNull
123     private final Supplier<String[]> mAidlInstanceNameSupplier;
124     @NonNull
125     private final Function<String, FingerprintProvider> mFingerprintProvider;
126     @NonNull
127     private final FingerprintProviderFunction mFingerprintProviderFunction;
128     @NonNull
129     private final BiometricStateCallback<ServiceProvider, FingerprintSensorPropertiesInternal>
130             mBiometricStateCallback;
131     @NonNull
132     private final AuthenticationStateListeners mAuthenticationStateListeners;
133     @NonNull
134     private final Handler mHandler;
135     @NonNull
136     private final FingerprintServiceRegistry mRegistry;
137 
138     interface FingerprintProviderFunction {
getFingerprintProvider(Pair<String, SensorProps[]> filteredSensorProp, boolean resetLockoutRequiresHardwareAuthToken)139         FingerprintProvider getFingerprintProvider(Pair<String, SensorProps[]> filteredSensorProp,
140                 boolean resetLockoutRequiresHardwareAuthToken);
141     }
142 
143     /** Receives the incoming binder calls from FingerprintManager. */
144     @VisibleForTesting
145     final IFingerprintService.Stub mServiceWrapper = new IFingerprintService.Stub() {
146         @android.annotation.EnforcePermission(android.Manifest.permission.TEST_BIOMETRIC)
147         @Override
148         public ITestSession createTestSession(int sensorId, @NonNull ITestSessionCallback callback,
149                 @NonNull String opPackageName) {
150             super.createTestSession_enforcePermission();
151 
152             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
153 
154             if (provider == null) {
155                 Slog.w(TAG, "Null provider for createTestSession, sensorId: " + sensorId);
156                 return null;
157             }
158 
159             return provider.createTestSession(sensorId, callback, opPackageName);
160         }
161 
162         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
163         @Override
164         public byte[] dumpSensorServiceStateProto(int sensorId, boolean clearSchedulerBuffer) {
165             super.dumpSensorServiceStateProto_enforcePermission();
166 
167             final ProtoOutputStream proto = new ProtoOutputStream();
168             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
169             if (provider != null) {
170                 provider.dumpProtoState(sensorId, proto, clearSchedulerBuffer);
171             }
172             proto.flush();
173             return proto.getBytes();
174         }
175 
176         @Override // Binder call
177         public List<FingerprintSensorPropertiesInternal> getSensorPropertiesInternal(
178                 @NonNull String opPackageName) {
179             if (getContext().checkCallingOrSelfPermission(USE_BIOMETRIC_INTERNAL)
180                     != PackageManager.PERMISSION_GRANTED) {
181                 Utils.checkPermission(getContext(), TEST_BIOMETRIC);
182             }
183             return mRegistry.getAllProperties();
184         }
185 
186         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
187         @Override
188         public FingerprintSensorPropertiesInternal getSensorProperties(int sensorId,
189                 @NonNull String opPackageName) {
190             super.getSensorProperties_enforcePermission();
191 
192             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
193             if (provider == null) {
194                 Slog.w(TAG, "No matching sensor for getSensorProperties, sensorId: " + sensorId
195                         + ", caller: " + opPackageName);
196                 return null;
197             }
198             return provider.getSensorProperties(sensorId);
199         }
200 
201         @android.annotation.EnforcePermission(android.Manifest.permission.MANAGE_FINGERPRINT)
202         @Override // Binder call
203         public void generateChallenge(IBinder token, int sensorId, int userId,
204                 IFingerprintServiceReceiver receiver, String opPackageName) {
205             super.generateChallenge_enforcePermission();
206 
207             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
208             if (provider == null) {
209                 Slog.w(TAG, "No matching sensor for generateChallenge, sensorId: " + sensorId);
210                 return;
211             }
212 
213             provider.scheduleGenerateChallenge(sensorId, userId, token, receiver, opPackageName);
214         }
215 
216         @android.annotation.EnforcePermission(android.Manifest.permission.MANAGE_FINGERPRINT)
217         @Override // Binder call
218         public void revokeChallenge(IBinder token, int sensorId, int userId, String opPackageName,
219                 long challenge) {
220             super.revokeChallenge_enforcePermission();
221 
222             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
223             if (provider == null) {
224                 Slog.w(TAG, "No matching sensor for revokeChallenge, sensorId: " + sensorId);
225                 return;
226             }
227 
228             provider.scheduleRevokeChallenge(sensorId, userId, token, opPackageName,
229                     challenge);
230         }
231 
232         @android.annotation.EnforcePermission(android.Manifest.permission.MANAGE_FINGERPRINT)
233         @Override // Binder call
234         public long enroll(final IBinder token, @NonNull final byte[] hardwareAuthToken,
235                 final int userId, final IFingerprintServiceReceiver receiver,
236                 final String opPackageName, @FingerprintManager.EnrollReason int enrollReason,
237                 FingerprintEnrollOptions options) {
238             super.enroll_enforcePermission();
239 
240             final Pair<Integer, ServiceProvider> provider = mRegistry.getSingleProvider();
241             if (provider == null) {
242                 Slog.w(TAG, "Null provider for enroll");
243                 return -1;
244             }
245 
246             return provider.second.scheduleEnroll(provider.first, token, hardwareAuthToken, userId,
247                     receiver, opPackageName, enrollReason, options);
248         }
249 
250         @android.annotation.EnforcePermission(android.Manifest.permission.MANAGE_FINGERPRINT)
251         @Override // Binder call
252         public void cancelEnrollment(final IBinder token, long requestId) {
253             super.cancelEnrollment_enforcePermission();
254 
255             final Pair<Integer, ServiceProvider> provider = mRegistry.getSingleProvider();
256             if (provider == null) {
257                 Slog.w(TAG, "Null provider for cancelEnrollment");
258                 return;
259             }
260 
261             provider.second.cancelEnrollment(provider.first, token, requestId);
262         }
263 
264         @SuppressWarnings("deprecation")
265         @Override // Binder call
266         public long authenticate(
267                 final IBinder token,
268                 final long operationId,
269                 final IFingerprintServiceReceiver receiver,
270                 final FingerprintAuthenticateOptions options) {
271             final int callingUid = Binder.getCallingUid();
272             final int callingPid = Binder.getCallingPid();
273             final int callingUserId = UserHandle.getCallingUserId();
274             final String opPackageName = options.getOpPackageName();
275             final String attributionTag = options.getAttributionTag();
276             final int userId = options.getUserId();
277 
278             if (!canUseFingerprint(
279                     opPackageName,
280                     attributionTag,
281                     true /* requireForeground */,
282                     callingUid,
283                     callingPid,
284                     callingUserId)) {
285                 Slog.w(TAG, "Authenticate rejecting package: " + opPackageName);
286                 return -1;
287             }
288 
289             // Keyguard check must be done on the caller's binder identity, since it also checks
290             // permission.
291             final boolean isKeyguard = Utils.isKeyguard(getContext(), opPackageName);
292 
293             // Clear calling identity when checking LockPatternUtils for StrongAuth flags.
294             final long identity1 = Binder.clearCallingIdentity();
295             try {
296                 if (isKeyguard && Utils.isUserEncryptedOrLockdown(mLockPatternUtils, userId)) {
297                     // If this happens, something in KeyguardUpdateMonitor is wrong.
298                     // SafetyNet for b/79776455
299                     EventLog.writeEvent(0x534e4554, "79776455");
300                     Slog.e(TAG, "Authenticate invoked when user is encrypted or lockdown");
301                     return -1;
302                 }
303             } finally {
304                 Binder.restoreCallingIdentity(identity1);
305             }
306 
307             final boolean restricted = getContext().checkCallingPermission(MANAGE_FINGERPRINT)
308                     != PackageManager.PERMISSION_GRANTED;
309             final int statsClient = isKeyguard ? BiometricsProtoEnums.CLIENT_KEYGUARD
310                     : BiometricsProtoEnums.CLIENT_FINGERPRINT_MANAGER;
311 
312             final Pair<Integer, ServiceProvider> provider;
313             if (options.getSensorId() == FingerprintManager.SENSOR_ID_ANY) {
314                 provider = mRegistry.getSingleProvider();
315             } else {
316                 Utils.checkPermission(getContext(), USE_BIOMETRIC_INTERNAL);
317                 provider = new Pair<>(options.getSensorId(),
318                         mRegistry.getProviderForSensor(options.getSensorId()));
319             }
320 
321             if (provider == null) {
322                 Slog.w(TAG, "Null provider for authenticate");
323                 return -1;
324             }
325             options.setSensorId(provider.first);
326 
327             final FingerprintSensorPropertiesInternal sensorProps =
328                     provider.second.getSensorProperties(options.getSensorId());
329             if (!isKeyguard && !Utils.isSettings(getContext(), opPackageName)
330                     && sensorProps != null && (sensorProps.isAnyUdfpsType()
331                     || sensorProps.isAnySidefpsType())) {
332                 try {
333                     return authenticateWithPrompt(operationId, sensorProps, callingUid,
334                             callingUserId, receiver, opPackageName,
335                             options.isIgnoreEnrollmentState());
336                 } catch (PackageManager.NameNotFoundException e) {
337                     Slog.e(TAG, "Invalid package", e);
338                     return -1;
339                 }
340             }
341             final long identity2 = Binder.clearCallingIdentity();
342             try {
343                 VirtualDeviceManagerInternal vdm = getLocalService(
344                         VirtualDeviceManagerInternal.class);
345                 if (vdm != null) {
346                     vdm.onAuthenticationPrompt(callingUid);
347                 }
348             } finally {
349                 Binder.restoreCallingIdentity(identity2);
350             }
351             return provider.second.scheduleAuthenticate(token, operationId,
352                     0 /* cookie */, new ClientMonitorCallbackConverter(receiver), options,
353                     restricted, statsClient, isKeyguard);
354         }
355 
356         private long authenticateWithPrompt(
357                 final long operationId,
358                 @NonNull final FingerprintSensorPropertiesInternal props,
359                 final int uId,
360                 final int userId,
361                 final IFingerprintServiceReceiver receiver,
362                 final String opPackageName,
363                 boolean ignoreEnrollmentState) throws PackageManager.NameNotFoundException {
364             final Context context = getUiContext();
365             final Context promptContext = context.createPackageContextAsUser(
366                     opPackageName, 0 /* flags */, UserHandle.getUserHandleForUid(uId));
367             final Executor executor = context.getMainExecutor();
368 
369             final BiometricPrompt biometricPrompt = new BiometricPrompt.Builder(promptContext)
370                     .setTitle(context.getString(R.string.biometric_dialog_default_title))
371                     .setSubtitle(context.getString(R.string.fingerprint_dialog_default_subtitle))
372                     .setNegativeButton(
373                             context.getString(R.string.cancel),
374                             executor,
375                             (dialog, which) -> {
376                                 try {
377                                     receiver.onError(
378                                             FINGERPRINT_ERROR_USER_CANCELED, 0 /* vendorCode */);
379                                 } catch (RemoteException e) {
380                                     Slog.e(TAG, "Remote exception in negative button onClick()", e);
381                                 }
382                             })
383                     .setIsForLegacyFingerprintManager(props.sensorId)
384                     .setIgnoreEnrollmentState(ignoreEnrollmentState)
385                     .build();
386 
387             final BiometricPrompt.AuthenticationCallback promptCallback =
388                     new BiometricPrompt.AuthenticationCallback() {
389                         @Override
390                         public void onAuthenticationError(int errorCode, CharSequence errString) {
391                             try {
392                                 if (FingerprintUtils.isKnownErrorCode(errorCode)) {
393                                     receiver.onError(errorCode, 0 /* vendorCode */);
394                                 } else {
395                                     receiver.onError(FINGERPRINT_ERROR_VENDOR, errorCode);
396                                 }
397                             } catch (RemoteException e) {
398                                 Slog.e(TAG, "Remote exception in onAuthenticationError()", e);
399                             }
400                         }
401 
402                         @Override
403                         public void onAuthenticationSucceeded(
404                                 BiometricPrompt.AuthenticationResult result) {
405                             final Fingerprint fingerprint = new Fingerprint("", 0, 0L);
406                             final boolean isStrong = props.sensorStrength == STRENGTH_STRONG;
407                             try {
408                                 receiver.onAuthenticationSucceeded(fingerprint, userId, isStrong);
409                             } catch (RemoteException e) {
410                                 Slog.e(TAG, "Remote exception in onAuthenticationSucceeded()", e);
411                             }
412                         }
413 
414                         @Override
415                         public void onAuthenticationFailed() {
416                             try {
417                                 receiver.onAuthenticationFailed();
418                             } catch (RemoteException e) {
419                                 Slog.e(TAG, "Remote exception in onAuthenticationFailed()", e);
420                             }
421                         }
422 
423                         @Override
424                         public void onAuthenticationAcquired(int acquireInfo) {
425                             try {
426                                 if (FingerprintUtils.isKnownAcquiredCode(acquireInfo)) {
427                                     receiver.onAcquired(acquireInfo, 0 /* vendorCode */);
428                                 } else {
429                                     receiver.onAcquired(FINGERPRINT_ACQUIRED_VENDOR, acquireInfo);
430                                 }
431                             } catch (RemoteException e) {
432                                 Slog.e(TAG, "Remote exception in onAuthenticationAcquired()", e);
433                             }
434                         }
435 
436                         @Override
437                         public void onAuthenticationHelp(int acquireInfo, CharSequence helpString) {
438                             onAuthenticationAcquired(acquireInfo);
439                         }
440                     };
441 
442             return biometricPrompt.authenticateForOperation(
443                     new CancellationSignal(), executor, promptCallback, operationId);
444         }
445 
446         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
447         @Override
448         public long detectFingerprint(final IBinder token,
449                 final IFingerprintServiceReceiver receiver,
450                 final FingerprintAuthenticateOptions options) {
451             super.detectFingerprint_enforcePermission();
452 
453             final String opPackageName = options.getOpPackageName();
454             if (!Utils.isKeyguard(getContext(), opPackageName)) {
455                 Slog.w(TAG, "detectFingerprint called from non-sysui package: " + opPackageName);
456                 return -1;
457             }
458 
459             final Pair<Integer, ServiceProvider> provider = mRegistry.getSingleProvider();
460             if (provider == null) {
461                 Slog.w(TAG, "Null provider for detectFingerprint");
462                 return -1;
463             }
464             options.setSensorId(provider.first);
465 
466             return provider.second.scheduleFingerDetect(token,
467                     new ClientMonitorCallbackConverter(receiver), options,
468                     BiometricsProtoEnums.CLIENT_KEYGUARD);
469         }
470 
471         @android.annotation.EnforcePermission(android.Manifest.permission.MANAGE_BIOMETRIC)
472         @Override // Binder call
473         public void prepareForAuthentication(IBinder token, long operationId,
474                 IBiometricSensorReceiver sensorReceiver,
475                 @NonNull FingerprintAuthenticateOptions options,
476                 long requestId, int cookie, boolean allowBackgroundAuthentication,
477                 boolean isForLegacyFingerprintManager) {
478             super.prepareForAuthentication_enforcePermission();
479 
480             final ServiceProvider provider = mRegistry.getProviderForSensor(options.getSensorId());
481             if (provider == null) {
482                 Slog.w(TAG, "Null provider for prepareForAuthentication");
483                 return;
484             }
485 
486             final int statsClient =
487                     isForLegacyFingerprintManager ? BiometricsProtoEnums.CLIENT_FINGERPRINT_MANAGER
488                             : BiometricsProtoEnums.CLIENT_BIOMETRIC_PROMPT;
489             final boolean restricted = true; // BiometricPrompt is always restricted
490             provider.scheduleAuthenticate(token, operationId, cookie,
491                     new ClientMonitorCallbackConverter(sensorReceiver), options, requestId,
492                     restricted, statsClient,
493                     allowBackgroundAuthentication);
494         }
495 
496         @android.annotation.EnforcePermission(android.Manifest.permission.MANAGE_BIOMETRIC)
497         @Override // Binder call
498         public void startPreparedClient(int sensorId, int cookie) {
499             super.startPreparedClient_enforcePermission();
500 
501             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
502             if (provider == null) {
503                 Slog.w(TAG, "Null provider for startPreparedClient");
504                 return;
505             }
506 
507             provider.startPreparedClient(sensorId, cookie);
508         }
509 
510         @Override // Binder call
511         public void cancelAuthentication(
512                 final IBinder token,
513                 final String opPackageName,
514                 final String attributionTag,
515                 long requestId) {
516             final int callingUid = Binder.getCallingUid();
517             final int callingPid = Binder.getCallingPid();
518             final int callingUserId = UserHandle.getCallingUserId();
519 
520             if (!canUseFingerprint(
521                     opPackageName,
522                     attributionTag,
523                     true /* requireForeground */,
524                     callingUid,
525                     callingPid,
526                     callingUserId)) {
527                 Slog.w(TAG, "cancelAuthentication rejecting package: " + opPackageName);
528                 return;
529             }
530 
531             final Pair<Integer, ServiceProvider> provider = mRegistry.getSingleProvider();
532             if (provider == null) {
533                 Slog.w(TAG, "Null provider for cancelAuthentication");
534                 return;
535             }
536 
537             provider.second.cancelAuthentication(provider.first, token, requestId);
538         }
539 
540         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
541         @Override // Binder call
542         public void cancelFingerprintDetect(final IBinder token, final String opPackageName,
543                 final long requestId) {
544             super.cancelFingerprintDetect_enforcePermission();
545 
546             if (!Utils.isKeyguard(getContext(), opPackageName)) {
547                 Slog.w(TAG, "cancelFingerprintDetect called from non-sysui package: "
548                         + opPackageName);
549                 return;
550             }
551 
552             // For IBiometricsFingerprint2.1, cancelling fingerprint detect is the same as
553             // cancelling authentication.
554             final Pair<Integer, ServiceProvider> provider = mRegistry.getSingleProvider();
555             if (provider == null) {
556                 Slog.w(TAG, "Null provider for cancelFingerprintDetect");
557                 return;
558             }
559 
560             provider.second.cancelAuthentication(provider.first, token, requestId);
561         }
562 
563         @android.annotation.EnforcePermission(android.Manifest.permission.MANAGE_BIOMETRIC)
564         @Override // Binder call
565         public void cancelAuthenticationFromService(final int sensorId, final IBinder token,
566                 final String opPackageName, final long requestId) {
567             super.cancelAuthenticationFromService_enforcePermission();
568 
569             Slog.d(TAG, "cancelAuthenticationFromService, sensorId: " + sensorId);
570 
571             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
572             if (provider == null) {
573                 Slog.w(TAG, "Null provider for cancelAuthenticationFromService");
574                 return;
575             }
576 
577             provider.cancelAuthentication(sensorId, token, requestId);
578         }
579 
580         @android.annotation.EnforcePermission(android.Manifest.permission.MANAGE_FINGERPRINT)
581         @Override // Binder call
582         public void remove(final IBinder token, final int fingerId, final int userId,
583                 final IFingerprintServiceReceiver receiver, final String opPackageName) {
584             super.remove_enforcePermission();
585 
586             final Pair<Integer, ServiceProvider> provider = mRegistry.getSingleProvider();
587             if (provider == null) {
588                 Slog.w(TAG, "Null provider for remove");
589                 return;
590             }
591             provider.second.scheduleRemove(provider.first, token, receiver, fingerId, userId,
592                     opPackageName);
593         }
594 
595         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
596         @Override // Binder call
597         public void removeAll(final IBinder token, final int userId,
598                 final IFingerprintServiceReceiver receiver, final String opPackageName) {
599 
600             super.removeAll_enforcePermission();
601 
602             final FingerprintServiceReceiver internalReceiver = new FingerprintServiceReceiver() {
603                 int sensorsFinishedRemoving = 0;
604                 final int numSensors = getSensorPropertiesInternal(
605                         getContext().getOpPackageName()).size();
606                 @Override
607                 public void onRemoved(Fingerprint fp, int remaining) throws RemoteException {
608                     if (remaining == 0) {
609                         sensorsFinishedRemoving++;
610                         Slog.d(TAG, "sensorsFinishedRemoving: " + sensorsFinishedRemoving
611                                 + ", numSensors: " + numSensors);
612                         if (sensorsFinishedRemoving == numSensors) {
613                             receiver.onRemoved(null, 0 /* remaining */);
614                         }
615                     }
616                 }
617             };
618 
619             // This effectively iterates through all sensors, but has to do so by finding all
620             // sensors under each provider.
621             for (ServiceProvider provider : mRegistry.getProviders()) {
622                 List<FingerprintSensorPropertiesInternal> props = provider.getSensorProperties();
623                 for (FingerprintSensorPropertiesInternal prop : props) {
624                     provider.scheduleRemoveAll(prop.sensorId, token, internalReceiver, userId,
625                             opPackageName);
626                 }
627             }
628         }
629 
630         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
631         @Override // Binder call
632         public void addLockoutResetCallback(final IBiometricServiceLockoutResetCallback callback,
633                 final String opPackageName) {
634             super.addLockoutResetCallback_enforcePermission();
635 
636             mLockoutResetDispatcher.addCallback(callback, opPackageName);
637         }
638 
639         @Override // Binder call
640         public void onShellCommand(@Nullable FileDescriptor in, @Nullable FileDescriptor out,
641                 @Nullable FileDescriptor err, @NonNull String[] args,
642                 @Nullable ShellCallback callback, @NonNull ResultReceiver resultReceiver)
643                 throws RemoteException {
644             (new FingerprintShellCommand(getContext(), FingerprintService.this))
645                     .exec(this, in, out, err, args, callback, resultReceiver);
646         }
647 
648         @Override // Binder call
649         protected void dump(@NonNull FileDescriptor fd, @NonNull PrintWriter pw, String[] args) {
650             if (!DumpUtils.checkDumpPermission(getContext(), TAG, pw)) {
651                 return;
652             }
653 
654             final long ident = Binder.clearCallingIdentity();
655             try {
656                 if (args.length > 1 && "--proto".equals(args[0]) && "--state".equals(args[1])) {
657                     final ProtoOutputStream proto = new ProtoOutputStream(fd);
658                     for (ServiceProvider provider : mRegistry.getProviders()) {
659                         for (FingerprintSensorPropertiesInternal props
660                                 : provider.getSensorProperties()) {
661                             provider.dumpProtoState(props.sensorId, proto, false);
662                         }
663                     }
664                     proto.flush();
665                 } else if (args.length > 0 && "--proto".equals(args[0])) {
666                     for (ServiceProvider provider : mRegistry.getProviders()) {
667                         for (FingerprintSensorPropertiesInternal props
668                                 : provider.getSensorProperties()) {
669                             provider.dumpProtoMetrics(props.sensorId, fd);
670                         }
671                     }
672                 } else {
673                     for (ServiceProvider provider : mRegistry.getProviders()) {
674                         for (FingerprintSensorPropertiesInternal props
675                                 : provider.getSensorProperties()) {
676                             pw.println("Dumping for sensorId: " + props.sensorId
677                                     + ", provider: " + provider.getClass().getSimpleName());
678                             pw.println("Fps state: "
679                                     + mBiometricStateCallback.getBiometricState());
680                             provider.dumpInternal(props.sensorId, pw);
681                             pw.println();
682                         }
683                     }
684                 }
685             } finally {
686                 Binder.restoreCallingIdentity(ident);
687             }
688         }
689 
690         @Override // Binder call
691         public boolean isHardwareDetectedDeprecated(String opPackageName, String attributionTag) {
692             if (!canUseFingerprint(
693                     opPackageName,
694                     attributionTag,
695                     false /* foregroundOnly */,
696                     Binder.getCallingUid(),
697                     Binder.getCallingPid(),
698                     UserHandle.getCallingUserId())) {
699                 return false;
700             }
701 
702             final long token = Binder.clearCallingIdentity();
703             try {
704                 final Pair<Integer, ServiceProvider> provider = mRegistry.getSingleProvider();
705                 if (provider == null) {
706                     Slog.w(TAG, "Null provider for isHardwareDetectedDeprecated, caller: "
707                             + opPackageName);
708                     return false;
709                 }
710                 return provider.second.isHardwareDetected(provider.first);
711             } finally {
712                 Binder.restoreCallingIdentity(token);
713             }
714         }
715 
716         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
717         @Override // Binder call
718         public boolean isHardwareDetected(int sensorId, String opPackageName) {
719             super.isHardwareDetected_enforcePermission();
720 
721             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
722             if (provider == null) {
723                 Slog.w(TAG, "Null provider for isHardwareDetected, caller: " + opPackageName);
724                 return false;
725             }
726 
727             return provider.isHardwareDetected(sensorId);
728         }
729 
730         @android.annotation.EnforcePermission(android.Manifest.permission.MANAGE_FINGERPRINT)
731         @Override // Binder call
732         public void rename(final int fingerId, final int userId, final String name) {
733             super.rename_enforcePermission();
734 
735             if (!Utils.isCurrentUserOrProfile(getContext(), userId)) {
736                 return;
737             }
738 
739             final Pair<Integer, ServiceProvider> provider = mRegistry.getSingleProvider();
740             if (provider == null) {
741                 Slog.w(TAG, "Null provider for rename");
742                 return;
743             }
744 
745             provider.second.rename(provider.first, fingerId, userId, name);
746         }
747 
748         @Override // Binder call
749         public List<Fingerprint> getEnrolledFingerprints(
750                 int userId, String opPackageName, String attributionTag) {
751             if (!canUseFingerprint(
752                     opPackageName,
753                     attributionTag,
754                     false /* foregroundOnly */,
755                     Binder.getCallingUid(),
756                     Binder.getCallingPid(),
757                     UserHandle.getCallingUserId())) {
758                 return Collections.emptyList();
759             }
760 
761             if (userId != UserHandle.getCallingUserId()) {
762                 Utils.checkPermission(getContext(), INTERACT_ACROSS_USERS);
763             }
764 
765             return FingerprintService.this.getEnrolledFingerprintsDeprecated(userId, opPackageName);
766         }
767 
768         @Override // Binder call
769         public boolean hasEnrolledFingerprintsDeprecated(
770                 int userId, String opPackageName, String attributionTag) {
771             if (!canUseFingerprint(
772                     opPackageName,
773                     attributionTag,
774                     false /* foregroundOnly */,
775                     Binder.getCallingUid(),
776                     Binder.getCallingPid(),
777                     UserHandle.getCallingUserId())) {
778                 return false;
779             }
780 
781             if (userId != UserHandle.getCallingUserId()) {
782                 Utils.checkPermission(getContext(), INTERACT_ACROSS_USERS);
783             }
784             return !FingerprintService.this.getEnrolledFingerprintsDeprecated(userId, opPackageName)
785                     .isEmpty();
786         }
787 
788         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
789         public boolean hasEnrolledFingerprints(int sensorId, int userId, String opPackageName) {
790             super.hasEnrolledFingerprints_enforcePermission();
791 
792             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
793             if (provider == null) {
794                 Slog.w(TAG, "Null provider for hasEnrolledFingerprints, caller: " + opPackageName);
795                 return false;
796             }
797 
798             return provider.getEnrolledFingerprints(sensorId, userId).size() > 0;
799         }
800 
801         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
802         @Override // Binder call
803         public @LockoutTracker.LockoutMode int getLockoutModeForUser(int sensorId, int userId) {
804             super.getLockoutModeForUser_enforcePermission();
805 
806             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
807             if (provider == null) {
808                 Slog.w(TAG, "Null provider for getLockoutModeForUser");
809                 return LockoutTracker.LOCKOUT_NONE;
810             }
811             return provider.getLockoutModeForUser(sensorId, userId);
812         }
813 
814         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
815         @Override
816         public void invalidateAuthenticatorId(int sensorId, int userId,
817                 IInvalidationCallback callback) {
818             super.invalidateAuthenticatorId_enforcePermission();
819 
820             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
821             if (provider == null) {
822                 Slog.w(TAG, "Null provider for invalidateAuthenticatorId");
823                 return;
824             }
825             provider.scheduleInvalidateAuthenticatorId(sensorId, userId, callback);
826         }
827 
828         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
829         @Override // Binder call
830         public long getAuthenticatorId(int sensorId, int userId) {
831             super.getAuthenticatorId_enforcePermission();
832 
833             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
834             if (provider == null) {
835                 Slog.w(TAG, "Null provider for getAuthenticatorId");
836                 return 0;
837             }
838             return provider.getAuthenticatorId(sensorId, userId);
839         }
840 
841         @android.annotation.EnforcePermission(android.Manifest.permission.RESET_FINGERPRINT_LOCKOUT)
842         @Override // Binder call
843         public void resetLockout(IBinder token, int sensorId, int userId,
844                 @Nullable byte[] hardwareAuthToken, String opPackageName) {
845             super.resetLockout_enforcePermission();
846 
847             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
848             if (provider == null) {
849                 Slog.w(TAG, "Null provider for resetLockout, caller: " + opPackageName);
850                 return;
851             }
852 
853             provider.scheduleResetLockout(sensorId, userId, hardwareAuthToken);
854         }
855 
856         @android.annotation.EnforcePermission(android.Manifest.permission.MANAGE_FINGERPRINT)
857         @Override
858         public boolean isClientActive() {
859             super.isClientActive_enforcePermission();
860 
861             return mGestureAvailabilityDispatcher.isAnySensorActive();
862         }
863 
864         @android.annotation.EnforcePermission(android.Manifest.permission.MANAGE_FINGERPRINT)
865         @Override
866         public void addClientActiveCallback(IFingerprintClientActiveCallback callback) {
867             super.addClientActiveCallback_enforcePermission();
868 
869             mGestureAvailabilityDispatcher.registerCallback(callback);
870         }
871 
872         @android.annotation.EnforcePermission(android.Manifest.permission.MANAGE_FINGERPRINT)
873         @Override
874         public void removeClientActiveCallback(IFingerprintClientActiveCallback callback) {
875             super.removeClientActiveCallback_enforcePermission();
876 
877             mGestureAvailabilityDispatcher.removeCallback(callback);
878         }
879 
880         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
881         @Override // Binder call
882         public void registerAuthenticators(
883                 @NonNull FingerprintSensorConfigurations fingerprintSensorConfigurations) {
884             super.registerAuthenticators_enforcePermission();
885             if (!fingerprintSensorConfigurations.hasSensorConfigurations()) {
886                 Slog.d(TAG, "No fingerprint sensors available.");
887                 return;
888             }
889             mRegistry.registerAll(() -> getProviders(fingerprintSensorConfigurations));
890         }
891 
892         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
893         @Override
894         public void addAuthenticatorsRegisteredCallback(
895                 IFingerprintAuthenticatorsRegisteredCallback callback) {
896             super.addAuthenticatorsRegisteredCallback_enforcePermission();
897 
898             mRegistry.addAllRegisteredCallback(callback);
899         }
900 
901         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
902         @Override
903         public void registerAuthenticationStateListener(
904                 @NonNull AuthenticationStateListener listener) {
905             super.registerAuthenticationStateListener_enforcePermission();
906 
907             mAuthenticationStateListeners.registerAuthenticationStateListener(listener);
908         }
909 
910         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
911         @Override
912         public void unregisterAuthenticationStateListener(
913                 @NonNull AuthenticationStateListener listener) {
914             super.unregisterAuthenticationStateListener_enforcePermission();
915 
916             mAuthenticationStateListeners.unregisterAuthenticationStateListener(listener);
917         }
918 
919         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
920         @Override
921         public void registerBiometricStateListener(@NonNull IBiometricStateListener listener) {
922             super.registerBiometricStateListener_enforcePermission();
923 
924             mBiometricStateCallback.registerBiometricStateListener(listener);
925         }
926 
927         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
928         @Override
929         public void onPointerDown(long requestId, int sensorId, PointerContext pc) {
930             super.onPointerDown_enforcePermission();
931             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
932             if (provider == null) {
933                 Slog.w(TAG, "No matching provider for onFingerDown, sensorId: " + sensorId);
934                 return;
935             }
936             provider.onPointerDown(requestId, sensorId, pc);
937         }
938         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
939         @Override
940 
941         public void onPointerUp(long requestId, int sensorId, PointerContext pc) {
942             super.onPointerUp_enforcePermission();
943             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
944             if (provider == null) {
945                 Slog.w(TAG, "No matching provider for onFingerUp, sensorId: " + sensorId);
946                 return;
947             }
948             provider.onPointerUp(requestId, sensorId, pc);
949         }
950 
951         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
952         @Override
953         public void onUdfpsUiEvent(@FingerprintManager.UdfpsUiEvent int event, long requestId,
954                 int sensorId) {
955             super.onUdfpsUiEvent_enforcePermission();
956 
957             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
958             if (provider == null) {
959                 Slog.w(TAG, "No matching provider for onUdfpsUiEvent, sensorId: " + sensorId);
960                 return;
961             }
962             provider.onUdfpsUiEvent(event, requestId, sensorId);
963         }
964 
965         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
966         @Override
967         public void setIgnoreDisplayTouches(long requestId, int sensorId, boolean ignoreTouches) {
968             super.setIgnoreDisplayTouches_enforcePermission();
969 
970             final ServiceProvider provider = mRegistry.getProviderForSensor(sensorId);
971             if (provider == null) {
972                 Slog.w(TAG,
973                         "No matching provider for setIgnoreDisplayTouches, sensorId: " + sensorId);
974                 return;
975             }
976             provider.setIgnoreDisplayTouches(requestId, sensorId, ignoreTouches);
977         }
978 
979         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
980         @Override
981         public void setUdfpsOverlayController(@NonNull IUdfpsOverlayController controller) {
982             super.setUdfpsOverlayController_enforcePermission();
983 
984             for (ServiceProvider provider : mRegistry.getProviders()) {
985                 provider.setUdfpsOverlayController(controller);
986             }
987         }
988 
989         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
990         @Override
991         public void onPowerPressed() {
992             super.onPowerPressed_enforcePermission();
993 
994             for (ServiceProvider provider : mRegistry.getProviders()) {
995                 provider.onPowerPressed();
996             }
997         }
998 
999         @android.annotation.EnforcePermission(android.Manifest.permission.USE_BIOMETRIC_INTERNAL)
1000         @Override
1001         public void scheduleWatchdog() {
1002             super.scheduleWatchdog_enforcePermission();
1003 
1004             final Pair<Integer, ServiceProvider> provider = mRegistry.getSingleProvider();
1005             if (provider == null) {
1006                 Slog.w(TAG, "Null provider for scheduling watchdog");
1007                 return;
1008             }
1009 
1010             provider.second.scheduleWatchdog(provider.first);
1011         }
1012     };
1013 
FingerprintService(Context context)1014     public FingerprintService(Context context) {
1015         this(context, BiometricContext.getInstance(context),
1016                 () -> IBiometricService.Stub.asInterface(
1017                         ServiceManager.getService(Context.BIOMETRIC_SERVICE)),
1018                 () -> ServiceManager.getDeclaredInstances(IFingerprint.DESCRIPTOR),
1019                 null /* fingerprintProvider */,
1020                 null /* fingerprintProviderFunction */);
1021     }
1022 
1023     @VisibleForTesting
FingerprintService(Context context, BiometricContext biometricContext, Supplier<IBiometricService> biometricServiceSupplier, Supplier<String[]> aidlInstanceNameSupplier, Function<String, FingerprintProvider> fingerprintProvider, FingerprintProviderFunction fingerprintProviderFunction)1024     FingerprintService(Context context,
1025             BiometricContext biometricContext,
1026             Supplier<IBiometricService> biometricServiceSupplier,
1027             Supplier<String[]> aidlInstanceNameSupplier,
1028             Function<String, FingerprintProvider> fingerprintProvider,
1029             FingerprintProviderFunction fingerprintProviderFunction) {
1030         super(context);
1031         mBiometricContext = biometricContext;
1032         mAidlInstanceNameSupplier = aidlInstanceNameSupplier;
1033         mAppOps = context.getSystemService(AppOpsManager.class);
1034         mGestureAvailabilityDispatcher = new GestureAvailabilityDispatcher();
1035         mLockoutResetDispatcher = new LockoutResetDispatcher(context);
1036         mLockPatternUtils = new LockPatternUtils(context);
1037         mBiometricStateCallback = new BiometricStateCallback<>(UserManager.get(context));
1038         mAuthenticationStateListeners = new AuthenticationStateListeners();
1039         mFingerprintProvider = fingerprintProvider != null ? fingerprintProvider :
1040                 (name) -> {
1041                     final String fqName = IFingerprint.DESCRIPTOR + "/" + name;
1042                     final IFingerprint fp = IFingerprint.Stub.asInterface(
1043                             Binder.allowBlocking(ServiceManager.waitForDeclaredService(fqName)));
1044                     if (fp != null) {
1045                         try {
1046                             return new FingerprintProvider(getContext(),
1047                                     mBiometricStateCallback, mAuthenticationStateListeners,
1048                                     fp.getSensorProps(), name, mLockoutResetDispatcher,
1049                                     mGestureAvailabilityDispatcher, mBiometricContext,
1050                                     true /* resetLockoutRequiresHardwareAuthToken */);
1051                         } catch (RemoteException e) {
1052                             Slog.e(TAG, "Remote exception in getSensorProps: " + fqName);
1053                         }
1054                     } else {
1055                         Slog.e(TAG, "Unable to get declared service: " + fqName);
1056                     }
1057 
1058                     return null;
1059                 };
1060         mFingerprintProviderFunction = fingerprintProviderFunction != null
1061                 ? fingerprintProviderFunction :
1062                         (filteredSensorProps, resetLockoutRequiresHardwareAuthToken) ->
1063                                 new FingerprintProvider(getContext(), mBiometricStateCallback,
1064                                         mAuthenticationStateListeners, filteredSensorProps.second,
1065                                         filteredSensorProps.first, mLockoutResetDispatcher,
1066                                         mGestureAvailabilityDispatcher, mBiometricContext,
1067                                         resetLockoutRequiresHardwareAuthToken);
1068 
1069         mHandler = new Handler(Looper.getMainLooper());
1070         mRegistry = new FingerprintServiceRegistry(mServiceWrapper, biometricServiceSupplier);
1071         mRegistry.addAllRegisteredCallback(new IFingerprintAuthenticatorsRegisteredCallback.Stub() {
1072             @Override
1073             public void onAllAuthenticatorsRegistered(
1074                     List<FingerprintSensorPropertiesInternal> sensors) {
1075                 mBiometricStateCallback.start(mRegistry.getProviders());
1076             }
1077         });
1078     }
1079 
1080     @NonNull
getProviders(@onNull FingerprintSensorConfigurations fingerprintSensorConfigurations)1081     private List<ServiceProvider> getProviders(@NonNull FingerprintSensorConfigurations
1082             fingerprintSensorConfigurations) {
1083         final List<ServiceProvider> providers = new ArrayList<>();
1084         final Pair<String, SensorProps[]> filteredSensorProps = filterAvailableHalInstances(
1085                 fingerprintSensorConfigurations);
1086         providers.add(mFingerprintProviderFunction.getFingerprintProvider(filteredSensorProps,
1087                 fingerprintSensorConfigurations.getResetLockoutRequiresHardwareAuthToken()));
1088 
1089         return providers;
1090     }
1091 
1092     @NonNull
filterAvailableHalInstances( FingerprintSensorConfigurations fingerprintSensorConfigurations)1093     private Pair<String, SensorProps[]> filterAvailableHalInstances(
1094             FingerprintSensorConfigurations fingerprintSensorConfigurations) {
1095         final String finalSensorInstance = fingerprintSensorConfigurations.getSensorInstance();
1096         if (fingerprintSensorConfigurations.isSingleSensorConfigurationPresent()) {
1097             return new Pair<>(finalSensorInstance,
1098                     fingerprintSensorConfigurations.getSensorPropForInstance(finalSensorInstance));
1099         }
1100         final String virtualInstance = "virtual";
1101         final boolean isVirtualHalPresent =
1102                 fingerprintSensorConfigurations.doesInstanceExist(virtualInstance);
1103         if (Utils.isFingerprintVirtualEnabled(getContext())) {
1104             if (isVirtualHalPresent) {
1105                 return new Pair<>(virtualInstance,
1106                         fingerprintSensorConfigurations.getSensorPropForInstance(virtualInstance));
1107             } else {
1108                 Slog.e(TAG, "Could not find virtual interface while it is enabled");
1109                 return new Pair<>(finalSensorInstance,
1110                         fingerprintSensorConfigurations.getSensorPropForInstance(
1111                                 finalSensorInstance));
1112             }
1113         } else {
1114             if (isVirtualHalPresent) {
1115                 final String notAVirtualInstance = fingerprintSensorConfigurations
1116                         .getSensorNameNotForInstance(virtualInstance);
1117                 if (notAVirtualInstance != null) {
1118                     return new Pair<>(notAVirtualInstance, fingerprintSensorConfigurations
1119                             .getSensorPropForInstance(notAVirtualInstance));
1120                 }
1121             }
1122         }
1123         return new Pair<>(finalSensorInstance, fingerprintSensorConfigurations
1124                 .getSensorPropForInstance(finalSensorInstance));
1125     }
1126 
1127     @Override
onStart()1128     public void onStart() {
1129         publishBinderService(Context.FINGERPRINT_SERVICE, mServiceWrapper);
1130     }
1131 
1132     @NonNull
getEnrolledFingerprintsDeprecated(int userId, String opPackageName)1133     private List<Fingerprint> getEnrolledFingerprintsDeprecated(int userId, String opPackageName) {
1134         final Pair<Integer, ServiceProvider> provider = mRegistry.getSingleProvider();
1135         if (provider == null) {
1136             Slog.w(TAG, "Null provider for getEnrolledFingerprintsDeprecated, caller: "
1137                     + opPackageName);
1138             return Collections.emptyList();
1139         }
1140 
1141         return provider.second.getEnrolledFingerprints(provider.first, userId);
1142     }
1143 
1144     /** Checks for public API invocations to ensure that permissions, etc are granted/correct. */
1145     @SuppressWarnings("BooleanMethodIsAlwaysInverted")
canUseFingerprint( String opPackageName, String attributionTag, boolean requireForeground, int uid, int pid, int userId)1146     private boolean canUseFingerprint(
1147             String opPackageName,
1148             String attributionTag,
1149             boolean requireForeground,
1150             int uid,
1151             int pid,
1152             int userId) {
1153         if (getContext().checkCallingPermission(USE_FINGERPRINT)
1154                 != PackageManager.PERMISSION_GRANTED) {
1155             Utils.checkPermission(getContext(), USE_BIOMETRIC);
1156         }
1157 
1158         if (Binder.getCallingUid() == Process.SYSTEM_UID) {
1159             return true; // System process (BiometricService, etc) is always allowed
1160         }
1161         if (Utils.isKeyguard(getContext(), opPackageName)) {
1162             return true;
1163         }
1164         if (!Utils.isCurrentUserOrProfile(getContext(), userId)) {
1165             Slog.w(TAG, "Rejecting " + opPackageName + "; not a current user or profile");
1166             return false;
1167         }
1168         if (!checkAppOps(uid, opPackageName, attributionTag)) {
1169             Slog.w(TAG, "Rejecting " + opPackageName + "; permission denied");
1170             return false;
1171         }
1172         if (requireForeground && !Utils.isForeground(uid, pid)) {
1173             Slog.w(TAG, "Rejecting " + opPackageName + "; not in foreground");
1174             return false;
1175         }
1176         return true;
1177     }
1178 
checkAppOps(int uid, String opPackageName, String attributionTag)1179     private boolean checkAppOps(int uid, String opPackageName, String attributionTag) {
1180         boolean appOpsOk = false;
1181         if (mAppOps.noteOp(AppOpsManager.OP_USE_BIOMETRIC, uid, opPackageName, attributionTag, null)
1182                 == AppOpsManager.MODE_ALLOWED) {
1183             appOpsOk = true;
1184         } else if (mAppOps.noteOp(
1185                         AppOpsManager.OP_USE_FINGERPRINT, uid, opPackageName, attributionTag, null)
1186                 == AppOpsManager.MODE_ALLOWED) {
1187             appOpsOk = true;
1188         }
1189         return appOpsOk;
1190     }
1191 
syncEnrollmentsNow()1192     void syncEnrollmentsNow() {
1193         Utils.checkPermissionOrShell(getContext(), MANAGE_FINGERPRINT);
1194         if (Utils.isFingerprintVirtualEnabled(getContext())) {
1195             Slog.i(TAG, "Sync virtual enrollments");
1196             final int userId = ActivityManager.getCurrentUser();
1197             final CountDownLatch latch = new CountDownLatch(mRegistry.getProviders().size());
1198             for (ServiceProvider provider : mRegistry.getProviders()) {
1199                 for (FingerprintSensorPropertiesInternal props : provider.getSensorProperties()) {
1200                     provider.scheduleInternalCleanup(props.sensorId, userId,
1201                             new ClientMonitorCallback() {
1202                                 @Override
1203                                 public void onClientFinished(
1204                                         @NonNull BaseClientMonitor clientMonitor,
1205                                         boolean success) {
1206                                     latch.countDown();
1207                                     if (!success) {
1208                                         Slog.e(TAG, "Sync virtual enrollments failed");
1209                                     }
1210                                 }
1211                             }, true /* favorHalEnrollments */);
1212                 }
1213             }
1214             try {
1215                 latch.await(3, TimeUnit.SECONDS);
1216             } catch (Exception e) {
1217                 Slog.e(TAG, "Failed to wait for sync finishing", e);
1218             }
1219         }
1220     }
1221 
simulateVhalFingerDown()1222     void simulateVhalFingerDown() {
1223         if (Utils.isFingerprintVirtualEnabled(getContext())) {
1224             Slog.i(TAG, "Simulate virtual HAL finger down event");
1225             final Pair<Integer, ServiceProvider> provider = mRegistry.getSingleProvider();
1226             if (provider != null) {
1227                 provider.second.simulateVhalFingerDown(UserHandle.getCallingUserId(),
1228                         provider.first);
1229             }
1230         }
1231     }
1232 
1233     /**
1234      * This should only be called from FingerprintShellCommand
1235      */
sendFingerprintReEnrollNotification()1236     void sendFingerprintReEnrollNotification() {
1237         Utils.checkPermissionOrShell(getContext(), MANAGE_FINGERPRINT);
1238         if (Build.IS_DEBUGGABLE) {
1239             final long identity = Binder.clearCallingIdentity();
1240             try {
1241                 final Pair<Integer, ServiceProvider> provider = mRegistry.getSingleProvider();
1242                 if (provider != null) {
1243                     FingerprintProvider fingerprintProvider = (FingerprintProvider) provider.second;
1244                     fingerprintProvider.sendFingerprintReEnrollNotification();
1245                 } else {
1246                     Slog.w(TAG, "Null provider for notification");
1247                 }
1248             } finally {
1249                 Binder.restoreCallingIdentity(identity);
1250             }
1251         }
1252     }
1253 }
1254