From 1741a07f4eece8cc2cc7aaed78142a144d07c2c3 Mon Sep 17 00:00:00 2001 From: Kevin Chyn Date: Thu, 17 Jan 2019 11:54:40 -0800 Subject: [PATCH] Update Biometric Atoms Framework will add logging in the next CL Bug: 120161047 Bug: 117060268 Bug: 121072756 Bug: 121071984 Test: Builds Change-Id: I673d8af8be78be11b5eac249c47847ebeca2cd2e --- cmds/statsd/src/atoms.proto | 134 ++++++++++++------ .../src/external/StatsPullerManager.cpp | 4 +- .../android/hardware/biometrics/enums.proto | 46 ++++++ .../fingerprint/FingerprintService.java | 23 --- .../server/stats/StatsCompanionService.java | 2 +- 5 files changed, 136 insertions(+), 73 deletions(-) create mode 100644 core/proto/android/hardware/biometrics/enums.proto diff --git a/cmds/statsd/src/atoms.proto b/cmds/statsd/src/atoms.proto index ac99817664de7..620c7a872e67d 100644 --- a/cmds/statsd/src/atoms.proto +++ b/cmds/statsd/src/atoms.proto @@ -28,6 +28,7 @@ import "frameworks/base/core/proto/android/bluetooth/enums.proto"; import "frameworks/base/core/proto/android/bluetooth/hci/enums.proto"; import "frameworks/base/core/proto/android/bluetooth/hfp/enums.proto"; import "frameworks/base/core/proto/android/debug/enums.proto"; +import "frameworks/base/core/proto/android/hardware/biometrics/enums.proto"; import "frameworks/base/core/proto/android/net/networkcapabilities.proto"; import "frameworks/base/core/proto/android/os/enums.proto"; import "frameworks/base/core/proto/android/server/connectivity/data_stall_event.proto"; @@ -146,9 +147,9 @@ message Atom { VibratorStateChanged vibrator_state_changed = 84; DeferredJobStatsReported deferred_job_stats_reported = 85; ThermalThrottlingStateChanged thermal_throttling = 86; - FingerprintAcquired fingerprint_acquired = 87; - FingerprintAuthenticated fingerprint_authenticated = 88; - FingerprintErrorOccurred fingerprint_error_occurred = 89; + BiometricAcquired biometric_acquired = 87; + BiometricAuthenticated biometric_authenticated = 88; + BiometricErrorOccurred biometric_error_occurred = 89; Notification notification = 90; BatteryHealthSnapshot battery_health_snapshot = 91; SlowIo slow_io = 92; @@ -210,6 +211,7 @@ message Atom { SpeechDspStatReported speech_dsp_stat_reported = 145; UsbContaminantReported usb_contaminant_reported = 146; WatchdogRollbackOccurred watchdog_rollback_occurred = 147; + BiometricHalDeathReported biometric_hal_death_reported = 148; } // Pulled events will start at field 10000. @@ -246,7 +248,7 @@ message Atom { CategorySize category_size = 10028; ProcStats proc_stats = 10029; BatteryVoltage battery_voltage = 10030; - NumFingerprints num_fingerprints = 10031; + NumBiometricsEnrolled num_fingerprints_enrolled = 10031; DiskIo disk_io = 10032; PowerProfile power_profile = 10033; ProcStatsPkgProc proc_stats_pkg_proc = 10034; @@ -263,6 +265,7 @@ message Atom { BatteryCycleCount battery_cycle_count = 10045; DebugElapsedClock debug_elapsed_clock = 10046; DebugFailingElapsedClock debug_failing_elapsed_clock = 10047; + NumBiometricsEnrolled num_faces_enrolled = 10048; } // DO NOT USE field numbers above 100,000 in AOSP. @@ -2373,58 +2376,95 @@ message GenericAtom { } /** - * Logs when a fingerprint acquire event occurs. + * Logs when a biometric acquire event occurs. * * Logged from: - * frameworks/base/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java + * frameworks/base/services/core/java/com/android/server/biometrics */ -message FingerprintAcquired { - // The associated user. Eg: 0 for owners, 10+ for others. - // Defined in android/os/UserHandle.java - optional int32 user = 1; - // If this acquire is for a crypto fingerprint. - // e.g. Secure purchases, unlock password storage. - optional bool is_crypto = 2; +message BiometricAcquired { + // Biometric modality that was acquired. + optional android.hardware.biometrics.ModalityEnum modality = 1; + // The associated user. Eg: 0 for owners, 10+ for others. Defined in android/os/UserHandle.java. + optional int32 user = 2; + // If this acquire is for a crypto operation. e.g. Secure purchases, unlock password storage. + optional bool is_crypto = 3; + // Action that the device is performing. Acquired messages are only expected for enroll and + // authenticate. Other actions may indicate an error. + optional android.hardware.biometrics.ActionEnum action = 4; + // The client that this acquisition was received for. + optional android.hardware.biometrics.ClientEnum client = 5; + // Acquired constants, e.g. ACQUIRED_GOOD. See constants defined by Manager. + optional int32 acquire_info = 6; + // Vendor-specific acquire info. Valid only if acquire_info == ACQUIRED_VENDOR. + optional int32 acquire_info_vendor = 7; } /** - * Logs when a fingerprint authentication event occurs. + * Logs when a biometric authentication event occurs. * * Logged from: - * frameworks/base/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java + * frameworks/base/services/core/java/com/android/server/biometrics */ -message FingerprintAuthenticated { - // The associated user. Eg: 0 for owners, 10+ for others. - // Defined in android/os/UserHandle.java - optional int32 user = 1; - // If this authentication is for a crypto fingerprint. - // e.g. Secure purchases, unlock password storage. - optional bool is_crypto = 2; - // Whether or not this authentication was successful. - optional bool is_authenticated = 3; -} +message BiometricAuthenticated { + // Biometric modality that was used. + optional android.hardware.biometrics.ModalityEnum modality = 1; + // The associated user. Eg: 0 for owners, 10+ for others. Defined in android/os/UserHandle.java + optional int32 user = 2; + // If this authentication is for a crypto operation. e.g. Secure purchases, unlock password + // storage. + optional bool is_crypto = 3; + // The client that this acquisition was received for. + optional android.hardware.biometrics.ClientEnum client = 4; -/** - * Logs when a fingerprint error occurs. - * - * Logged from: - * frameworks/base/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java - */ -message FingerprintErrorOccurred { - // The associated user. Eg: 0 for owners, 10+ for others. - // Defined in android/os/UserHandle.java - optional int32 user = 1; - // If this error is for a crypto fingerprint. - // e.g. Secure purchases, unlock password storage. - optional bool is_crypto = 2; - - enum Error { + enum State { UNKNOWN = 0; - LOCKOUT = 1; - PERMANENT_LOCKOUT = 2; + REJECTED = 1; + PENDING_CONFIRMATION = 2; + CONFIRMED = 3; } - // The type of error. - optional Error error = 3; + + // State of the current auth attempt. + optional State state = 5; + // Time it took to authenticate. For BiometricPrompt where setRequireConfirmation(false) is + // specified and supported by the biometric modality, this is from the first ACQUIRED_GOOD to + // AUTHENTICATED. for setRequireConfirmation(true), this is from PENDING_CONFIRMATION to + // CONFIRMED. + optional int32 latency = 6; +} + +/** + * Logs when a biometric error occurs. + * + * Logged from: + * frameworks/base/services/core/java/com/android/server/biometrics + */ +message BiometricErrorOccurred { + // Biometric modality that was used. + optional android.hardware.biometrics.ModalityEnum modality = 1; + // The associated user. Eg: 0 for owners, 10+ for others. Defined in android/os/UserHandle.java + optional int32 user = 2; + // If this error is for a crypto operation. e.g. Secure purchases, unlock password storage. + optional bool is_crypto = 3; + // Action that the device is performing. + optional android.hardware.biometrics.ActionEnum action = 4; + // The client that this acquisition was received for. + optional android.hardware.biometrics.ClientEnum client = 5; + // Error constants. See constants defined by Manager. Enums won't work since errors + // are unique to modality. + optional int32 error_info = 6; + // Vendor-specific error info. Valid only if acquire_info == ACQUIRED_VENDOR. These are defined + // by the vendor and not specified by the HIDL interface. + optional int32 error_info_vendor = 7; +} + +/** + * Logs when a biometric HAL has crashed. + * Logged from: + * frameworks/base/services/core/java/com/android/server/biometrics + */ +message BiometricHalDeathReported { + // Biometric modality. + optional android.hardware.biometrics.ModalityEnum modality = 1; } message Notification { @@ -3367,14 +3407,14 @@ message DiskIo { /** * Pulls the number of fingerprints for each user. * - * Pulled from StatsCompanionService, which queries FingerprintManager. + * Pulled from StatsCompanionService, which queries Manager. */ -message NumFingerprints { +message NumBiometricsEnrolled { // The associated user. Eg: 0 for owners, 10+ for others. // Defined in android/os/UserHandle.java optional int32 user = 1; // Number of fingerprints registered to that user. - optional int32 num_fingerprints = 2; + optional int32 num_enrolled = 2; } message AggStats { diff --git a/cmds/statsd/src/external/StatsPullerManager.cpp b/cmds/statsd/src/external/StatsPullerManager.cpp index 4585a09176ce7..ba7bcc437d74b 100644 --- a/cmds/statsd/src/external/StatsPullerManager.cpp +++ b/cmds/statsd/src/external/StatsPullerManager.cpp @@ -175,8 +175,8 @@ const std::map StatsPullerManager::kAllPullAtomInfo = { {android::util::CATEGORY_SIZE, {.puller = new StatsCompanionServicePuller(android::util::CATEGORY_SIZE)}}, // Number of fingerprints registered to each user. - {android::util::NUM_FINGERPRINTS, - {.puller = new StatsCompanionServicePuller(android::util::NUM_FINGERPRINTS)}}, + {android::util::NUM_FINGERPRINTS_ENROLLED, + {.puller = new StatsCompanionServicePuller(android::util::NUM_FINGERPRINTS_ENROLLED)}}, // ProcStats. {android::util::PROC_STATS, {.puller = new StatsCompanionServicePuller(android::util::PROC_STATS)}}, diff --git a/core/proto/android/hardware/biometrics/enums.proto b/core/proto/android/hardware/biometrics/enums.proto new file mode 100644 index 0000000000000..91f2acbbaf032 --- /dev/null +++ b/core/proto/android/hardware/biometrics/enums.proto @@ -0,0 +1,46 @@ +/* + * Copyright (C) 2019 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +syntax = "proto2"; + +package android.hardware.biometrics; + +option java_outer_classname = "BiometricsProtoEnums"; +option java_multiple_files = true; + +// Logging constants for Service and BiometricService + +enum ModalityEnum { + MODALITY_UNKNOWN = 0; + MODALITY_FINGERPRINT = 1; // 1 << 0 + MODALITY_IRIS = 2; // 1 << 1 + MODALITY_FACE = 4; // 1 << 2 +} + +enum ClientEnum { + CLIENT_UNKNOWN = 0; + CLIENT_KEYGUARD = 1; + CLIENT_BIOMETRIC_PROMPT = 2; + CLIENT_FINGERPRINT_MANAGER = 3; // Deprecated API before BiometricPrompt was introduced +} + +enum ActionEnum { + ACTION_UNKNOWN = 0; + ACTION_ENROLL = 1; + ACTION_AUTHENTICATE = 2; + ACTION_ENUMERATE = 3; + ACTION_REMOVE = 4; +} \ No newline at end of file diff --git a/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java b/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java index 3db6a74a1c6ce..fcf821f23ae95 100644 --- a/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java +++ b/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java @@ -48,14 +48,12 @@ import android.os.SELinux; import android.os.UserHandle; import android.os.UserManager; import android.util.Slog; -import android.util.StatsLog; import android.util.proto.ProtoOutputStream; import com.android.internal.annotations.GuardedBy; import com.android.internal.logging.MetricsLogger; import com.android.internal.util.DumpUtils; import com.android.server.SystemServerInitThreadPool; -import com.android.server.biometrics.AuthenticationClient; import com.android.server.biometrics.BiometricServiceBase; import com.android.server.biometrics.BiometricUtils; import com.android.server.biometrics.ClientMonitor; @@ -588,11 +586,6 @@ public class FingerprintService extends BiometricServiceBase { public void onAcquired(final long deviceId, final int acquiredInfo, final int vendorCode) { mHandler.post(() -> { FingerprintService.super.handleAcquired(deviceId, acquiredInfo, vendorCode); - if (getLockoutMode() == AuthenticationClient.LOCKOUT_NONE - && getCurrentClient() instanceof AuthenticationClient) { - // Ignore enrollment acquisitions or acquisitions when we are locked out. - StatsLog.write(StatsLog.FINGERPRINT_ACQUIRED, mCurrentUserId, mIsCrypto); - } }); } @@ -602,22 +595,6 @@ public class FingerprintService extends BiometricServiceBase { mHandler.post(() -> { Fingerprint fp = new Fingerprint("", groupId, fingerId, deviceId); FingerprintService.super.handleAuthenticated(fp, token); - // Send authentication to statsd. - final boolean authenticated = fingerId != 0; - StatsLog.write(StatsLog.FINGERPRINT_AUTHENTICATED, mCurrentUserId, mIsCrypto, - authenticated); - if (!authenticated) { - // If we failed to authenticate because of a lockout, inform statsd. - final int lockoutMode = getLockoutMode(); - if (lockoutMode == AuthenticationClient.LOCKOUT_TIMED) { - StatsLog.write(StatsLog.FINGERPRINT_ERROR_OCCURRED, mCurrentUserId, - mIsCrypto, StatsLog.FINGERPRINT_ERROR_OCCURRED__ERROR__LOCKOUT); - } else if (lockoutMode == AuthenticationClient.LOCKOUT_PERMANENT) { - StatsLog.write(StatsLog.FINGERPRINT_ERROR_OCCURRED, mCurrentUserId, - mIsCrypto, - StatsLog.FINGERPRINT_ERROR_OCCURRED__ERROR__PERMANENT_LOCKOUT); - } - } }); } diff --git a/services/core/java/com/android/server/stats/StatsCompanionService.java b/services/core/java/com/android/server/stats/StatsCompanionService.java index 9135d1db7676f..c6d2870a24c96 100644 --- a/services/core/java/com/android/server/stats/StatsCompanionService.java +++ b/services/core/java/com/android/server/stats/StatsCompanionService.java @@ -1897,7 +1897,7 @@ public class StatsCompanionService extends IStatsCompanionService.Stub { pullCategorySize(tagId, elapsedNanos, wallClockNanos, ret); break; } - case StatsLog.NUM_FINGERPRINTS: { + case StatsLog.NUM_FINGERPRINTS_ENROLLED: { pullNumFingerprints(tagId, elapsedNanos, wallClockNanos, ret); break; }