Blame - fingerprintd/IFingerprintDaemon.cpp - android_system_core

blob: 112097984b2b6ba65604fda5f421a95b90597f39 [file] [log] [blame]

Jim Miller	a34dc46	2015-05-07 18:52:53 -0700	[diff] [blame^]	1	/*
				2	* Copyright 2015, The Android Open Source Project
				3	*
				4	* Licensed under the Apache License, Version 2.0 (the "License");
				5	* you may not use this file except in compliance with the License.
				6	* You may obtain a copy of the License at
				7	*
				8	* http://www.apache.org/licenses/LICENSE-2.0
				9	*
				10	* Unless required by applicable law or agreed to in writing, software
				11	* distributed under the License is distributed on an "AS IS" BASIS,
				12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				13	* See the License for the specific language governing permissions and
				14	* limitations under the License.
				15	*/
				16
				17	#include <inttypes.h>
				18
				19	#include <android_runtime/AndroidRuntime.h>
				20	#include <binder/IPCThreadState.h>
				21	#include <binder/IServiceManager.h>
				22	#include <binder/PermissionCache.h>
				23	#include <utils/String16.h>
				24	#include <utils/Looper.h>
				25	#include <keystore/IKeystoreService.h>
				26	#include <keystore/keystore.h> // for error code
				27	#include <hardware/hardware.h>
				28	#include <hardware/fingerprint.h>
				29	#include <hardware/hw_auth_token.h>
				30	#include "IFingerprintDaemon.h"
				31	#include "IFingerprintDaemonCallback.h"
				32
				33	namespace android {
				34
				35	static const String16 USE_FINGERPRINT_PERMISSION("android.permission.USE_FINGERPRINT");
				36	static const String16 MANAGE_FINGERPRINT_PERMISSION("android.permission.MANAGE_FINGERPRINT");
				37	static const String16 HAL_FINGERPRINT_PERMISSION("android.permission.MANAGE_FINGERPRINT"); // TODO
				38	static const String16 DUMP_PERMISSION("android.permission.DUMP");
				39
				40	const android::String16
				41	IFingerprintDaemon::descriptor("android.hardware.fingerprint.IFingerprintDaemon");
				42
				43	const android::String16&
				44	IFingerprintDaemon::getInterfaceDescriptor() const {
				45	return IFingerprintDaemon::descriptor;
				46	}
				47
				48	status_t BnFingerprintDaemon::onTransact(uint32_t code, const Parcel& data, Parcel* reply,
				49	uint32_t flags) {
				50	switch(code) {
				51	case AUTHENTICATE: {
				52	CHECK_INTERFACE(IFingerprintDaemon, data, reply);
				53	if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
				54	return PERMISSION_DENIED;
				55	}
				56	const uint64_t sessionId = data.readInt64();
				57	const uint32_t groupId = data.readInt32();
				58	const int32_t ret = authenticate(sessionId, groupId);
				59	reply->writeNoException();
				60	reply->writeInt32(ret);
				61	return NO_ERROR;
				62	};
				63	case CANCEL_AUTHENTICATION: {
				64	CHECK_INTERFACE(IFingerprintDaemon, data, reply);
				65	if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
				66	return PERMISSION_DENIED;
				67	}
				68	const int32_t ret = stopAuthentication();
				69	reply->writeNoException();
				70	reply->writeInt32(ret);
				71	return NO_ERROR;
				72	}
				73	case ENROLL: {
				74	CHECK_INTERFACE(IFingerprintDaemon, data, reply);
				75	if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
				76	return PERMISSION_DENIED;
				77	}
				78	const ssize_t tokenSize = data.readInt32();
				79	const uint8_t* token = static_cast<const uint8_t *>(data.readInplace(tokenSize));
				80	const int32_t groupId = data.readInt32();
				81	const int32_t timeout = data.readInt32();
				82	const int32_t ret = enroll(token, tokenSize, groupId, timeout);
				83	reply->writeNoException();
				84	reply->writeInt32(ret);
				85	return NO_ERROR;
				86	}
				87	case CANCEL_ENROLLMENT: {
				88	CHECK_INTERFACE(IFingerprintDaemon, data, reply);
				89	if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
				90	return PERMISSION_DENIED;
				91	}
				92	const int32_t ret = stopEnrollment();
				93	reply->writeNoException();
				94	reply->writeInt32(ret);
				95	return NO_ERROR;
				96	}
				97	case PRE_ENROLL: {
				98	CHECK_INTERFACE(IFingerprintDaemon, data, reply);
				99	if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
				100	return PERMISSION_DENIED;
				101	}
				102	const uint64_t ret = preEnroll();
				103	reply->writeNoException();
				104	reply->writeInt64(ret);
				105	return NO_ERROR;
				106	}
				107	case REMOVE: {
				108	CHECK_INTERFACE(IFingerprintDaemon, data, reply);
				109	if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
				110	return PERMISSION_DENIED;
				111	}
				112	const int32_t fingerId = data.readInt32();
				113	const int32_t groupId = data.readInt32();
				114	const int32_t ret = remove(fingerId, groupId);
				115	reply->writeNoException();
				116	reply->writeInt32(ret);
				117	return NO_ERROR;
				118	}
				119	case GET_AUTHENTICATOR_ID: {
				120	CHECK_INTERFACE(IFingerprintDaemon, data, reply);
				121	if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
				122	return PERMISSION_DENIED;
				123	}
				124	const uint64_t ret = getAuthenticatorId();
				125	reply->writeNoException();
				126	reply->writeInt64(ret);
				127	return NO_ERROR;
				128	}
				129	case SET_ACTIVE_GROUP: {
				130	CHECK_INTERFACE(IFingerprintDaemon, data, reply);
				131	if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
				132	return PERMISSION_DENIED;
				133	}
				134	const int32_t group = data.readInt32();
				135	const ssize_t pathSize = data.readInt32();
				136	const uint8_t* path = static_cast<const uint8_t *>(data.readInplace(pathSize));
				137	const int32_t ret = setActiveGroup(group, path, pathSize);
				138	reply->writeNoException();
				139	reply->writeInt32(ret);
				140	return NO_ERROR;
				141	}
				142	case OPEN_HAL: {
				143	CHECK_INTERFACE(IFingerprintDaemon, data, reply);
				144	if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
				145	return PERMISSION_DENIED;
				146	}
				147	const int64_t ret = openHal();
				148	reply->writeNoException();
				149	reply->writeInt64(ret);
				150	return NO_ERROR;
				151	}
				152	case CLOSE_HAL: {
				153	CHECK_INTERFACE(IFingerprintDaemon, data, reply);
				154	if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
				155	return PERMISSION_DENIED;
				156	}
				157	const int32_t ret = closeHal();
				158	reply->writeNoException();
				159	reply->writeInt32(ret);
				160	return NO_ERROR;
				161	}
				162	case INIT: {
				163	CHECK_INTERFACE(IFingerprintDaemon, data, reply);
				164	if (!checkPermission(HAL_FINGERPRINT_PERMISSION)) {
				165	return PERMISSION_DENIED;
				166	}
				167	sp<IFingerprintDaemonCallback> callback =
				168	interface_cast<IFingerprintDaemonCallback>(data.readStrongBinder());
				169	init(callback);
				170	reply->writeNoException();
				171	return NO_ERROR;
				172	}
				173	default:
				174	return BBinder::onTransact(code, data, reply, flags);
				175	}
				176	};
				177
				178	bool BnFingerprintDaemon::checkPermission(const String16& permission) {
				179	const IPCThreadState* ipc = IPCThreadState::self();
				180	const int calling_pid = ipc->getCallingPid();
				181	const int calling_uid = ipc->getCallingUid();
				182	return PermissionCache::checkPermission(permission, calling_pid, calling_uid);
				183	}
				184
				185
				186	}; // namespace android