diff options
| author | Kevin Chyn <kchyn@google.com> | 2020-06-29 18:11:00 -0700 |
|---|---|---|
| committer | Kevin Chyn <kchyn@google.com> | 2020-07-01 14:10:53 -0700 |
| commit | dbe67876999e73a3b42b8b0642091a44d1cfd1a8 (patch) | |
| tree | 1a7be814f415f9b630887f178ac75fcc5e5c0eff /core/java/android/hardware | |
| parent | 11e1f825ad0e0dccedbf330b745a93d08a6e57ac (diff) | |
20/n: Update infrastructure to support upcoming scheduler
1) Templates ClientMonitor<T>, so that redundant code can be removed
2) Moves ClientMonitor and subclass's HAL reference and FinishCallback
to be initialized in ClientMonitor#start. This allows the logic
to be centralied in the upcoming scheduler (e.g. HAL availability
check, having the scheduler use an internal FinishCallback, etc)
3) Moved HAL null-checking to a centralized location. As such, also
added abstract ClientMonitor#unableToStart method, which is invoked
when the ClientMonitor can't/shouldn't be started. Each subclass
handles this case individually based on its own API lifecycle
4) Added BiometricAuthenticator interface to query current lockout mode.
Looks like BiometricService was relying on receiving onError(lockout)
being sent before onReadyForAuthentication. However, to clean up the
FingerprintService/FaceService code and move client lifecycle into
ClientMonitor, we shouldn't rely on this ordering.
Note that this change also makes BiometricServiceBase templated solely
for the purpose of getting a reference to the biometric HAL. This is
a little ugly. This is temporary and will only exist during the middle
of the refactor. By the end of the refactor, BiometricServiceBase will
be gone/deleted, and we should end up with a Scheduler<T> :)
Bug: 157790417
Test: Enroll, authenticate, resetLockout, set/getFeature in settings,
internal cleanup (modifying fingerprint/face utils), for
fingerprint and face, and for multi-user/profile
Test: Lockout user, then request authenticate again. Notice no vibration,
no UI, and correct error result
Test: Lockout user, then request auth with biometric|credential.
Credential UI is shown immediately.
Test: Lockout user, then check canAuthenticate. Returns success, since
the hardware is OK, just the user was rejected too many times.
Note that this is functionally the same as before, since the
sensor would have been considered eligible.
Test: atest com.android.server.biometrics
Change-Id: I420002d2b54a4ab530d0698fcc612ee7c770d5ff
Diffstat (limited to 'core/java/android/hardware')
3 files changed, 9 insertions, 0 deletions
diff --git a/core/java/android/hardware/biometrics/IBiometricAuthenticator.aidl b/core/java/android/hardware/biometrics/IBiometricAuthenticator.aidl index 4a46972cd200..8eb22dabbf3c 100644 --- a/core/java/android/hardware/biometrics/IBiometricAuthenticator.aidl +++ b/core/java/android/hardware/biometrics/IBiometricAuthenticator.aidl @@ -50,6 +50,9 @@ interface IBiometricAuthenticator { // Determine if a user has at least one enrolled face boolean hasEnrolledTemplates(int userId, String opPackageName); + // Return the LockoutTracker status for the specified user + int getLockoutModeForUser(int userId); + // Reset the lockout when user authenticates with strong auth (e.g. PIN, pattern or password) void resetLockout(int userId, in byte [] hardwareAuthToken); diff --git a/core/java/android/hardware/face/IFaceService.aidl b/core/java/android/hardware/face/IFaceService.aidl index 0cf233790a8d..1be553ee6b99 100644 --- a/core/java/android/hardware/face/IFaceService.aidl +++ b/core/java/android/hardware/face/IFaceService.aidl @@ -80,6 +80,9 @@ interface IFaceService { // Determine if a user has at least one enrolled face boolean hasEnrolledFaces(int userId, String opPackageName); + // Return the LockoutTracker status for the specified user + int getLockoutModeForUser(int userId); + // Gets the authenticator ID for face long getAuthenticatorId(int callingUserId); diff --git a/core/java/android/hardware/fingerprint/IFingerprintService.aidl b/core/java/android/hardware/fingerprint/IFingerprintService.aidl index b72881ace9df..7111b86daba5 100644 --- a/core/java/android/hardware/fingerprint/IFingerprintService.aidl +++ b/core/java/android/hardware/fingerprint/IFingerprintService.aidl @@ -84,6 +84,9 @@ interface IFingerprintService { // Determine if a user has at least one enrolled fingerprint boolean hasEnrolledFingerprints(int userId, String opPackageName); + // Return the LockoutTracker status for the specified user + int getLockoutModeForUser(int userId); + // Gets the authenticator ID for fingerprint long getAuthenticatorId(int callingUserId); |