summaryrefslogtreecommitdiff
path: root/common/fpsensor/fpsensor_state.c
diff options
context:
space:
mode:
Diffstat (limited to 'common/fpsensor/fpsensor_state.c')
-rw-r--r--common/fpsensor/fpsensor_state.c313
1 files changed, 0 insertions, 313 deletions
diff --git a/common/fpsensor/fpsensor_state.c b/common/fpsensor/fpsensor_state.c
deleted file mode 100644
index db64110b56..0000000000
--- a/common/fpsensor/fpsensor_state.c
+++ /dev/null
@@ -1,313 +0,0 @@
-/* Copyright 2019 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- */
-
-#include "common.h"
-#include "cryptoc/util.h"
-#include "ec_commands.h"
-#include "fpsensor.h"
-#include "fpsensor_crypto.h"
-#include "fpsensor_private.h"
-#include "fpsensor_state.h"
-#include "host_command.h"
-#include "system.h"
-#include "task.h"
-#include "util.h"
-
-/* Last acquired frame (aligned as it is used by arbitrary binary libraries) */
-uint8_t fp_buffer[FP_SENSOR_IMAGE_SIZE] FP_FRAME_SECTION __aligned(4);
-/* Fingers templates for the current user */
-uint8_t fp_template[FP_MAX_FINGER_COUNT][FP_ALGORITHM_TEMPLATE_SIZE]
- FP_TEMPLATE_SECTION;
-/* Encryption/decryption buffer */
-/* TODO: On-the-fly encryption/decryption without a dedicated buffer */
-/*
- * Store the encryption metadata at the beginning of the buffer containing the
- * ciphered data.
- */
-uint8_t fp_enc_buffer[FP_ALGORITHM_ENCRYPTED_TEMPLATE_SIZE]
- FP_TEMPLATE_SECTION;
-/* Salt used in derivation of positive match secret. */
-uint8_t fp_positive_match_salt
- [FP_MAX_FINGER_COUNT][FP_POSITIVE_MATCH_SALT_BYTES];
-
-struct positive_match_secret_state positive_match_secret_state = {
- .template_matched = FP_NO_SUCH_TEMPLATE,
- .readable = false,
- .deadline.val = 0,
-};
-
-/* Index of the last enrolled but not retrieved template. */
-int8_t template_newly_enrolled = FP_NO_SUCH_TEMPLATE;
-/* Number of used templates */
-uint32_t templ_valid;
-/* Bitmap of the templates with local modifications */
-uint32_t templ_dirty;
-/* Current user ID */
-uint32_t user_id[FP_CONTEXT_USERID_WORDS];
-/* Part of the IKM used to derive encryption keys received from the TPM. */
-uint8_t tpm_seed[FP_CONTEXT_TPM_BYTES];
-/* Status of the FP encryption engine. */
-static uint32_t fp_encryption_status;
-
-uint32_t fp_events;
-
-uint32_t sensor_mode;
-
-void fp_task_simulate(void)
-{
- int timeout_us = -1;
-
- while (1)
- task_wait_event(timeout_us);
-}
-
-void fp_clear_finger_context(int idx)
-{
- always_memset(fp_template[idx], 0, sizeof(fp_template[0]));
- always_memset(fp_positive_match_salt[idx], 0,
- sizeof(fp_positive_match_salt[0]));
-}
-
-/**
- * @warning |fp_buffer| contains data used by the matching algorithm that must
- * be released by calling fp_sensor_deinit() first. Call
- * fp_reset_and_clear_context instead of calling this directly.
- */
-static void _fp_clear_context(void)
-{
- int idx;
-
- templ_valid = 0;
- templ_dirty = 0;
- always_memset(fp_buffer, 0, sizeof(fp_buffer));
- always_memset(fp_enc_buffer, 0, sizeof(fp_enc_buffer));
- always_memset(user_id, 0, sizeof(user_id));
- fp_disable_positive_match_secret(&positive_match_secret_state);
- for (idx = 0; idx < FP_MAX_FINGER_COUNT; idx++)
- fp_clear_finger_context(idx);
-}
-
-void fp_reset_and_clear_context(void)
-{
- if (fp_sensor_deinit() != EC_SUCCESS)
- CPRINTS("Failed to deinit sensor");
- _fp_clear_context();
- if (fp_sensor_init() != EC_SUCCESS)
- CPRINTS("Failed to init sensor");
-}
-
-int fp_get_next_event(uint8_t *out)
-{
- uint32_t event_out = atomic_clear(&fp_events);
-
- memcpy(out, &event_out, sizeof(event_out));
-
- return sizeof(event_out);
-}
-DECLARE_EVENT_SOURCE(EC_MKBP_EVENT_FINGERPRINT, fp_get_next_event);
-
-static enum ec_status fp_command_tpm_seed(struct host_cmd_handler_args *args)
-{
- const struct ec_params_fp_seed *params = args->params;
-
- if (params->struct_version != FP_TEMPLATE_FORMAT_VERSION) {
- CPRINTS("Invalid seed format %d", params->struct_version);
- return EC_RES_INVALID_PARAM;
- }
-
- if (fp_encryption_status & FP_ENC_STATUS_SEED_SET) {
- CPRINTS("Seed has already been set.");
- return EC_RES_ACCESS_DENIED;
- }
- memcpy(tpm_seed, params->seed, sizeof(tpm_seed));
- fp_encryption_status |= FP_ENC_STATUS_SEED_SET;
-
- return EC_RES_SUCCESS;
-}
-DECLARE_HOST_COMMAND(EC_CMD_FP_SEED, fp_command_tpm_seed, EC_VER_MASK(0));
-
-int fp_tpm_seed_is_set(void)
-{
- return fp_encryption_status & FP_ENC_STATUS_SEED_SET;
-}
-
-static enum ec_status
-fp_command_encryption_status(struct host_cmd_handler_args *args)
-{
- struct ec_response_fp_encryption_status *r = args->response;
-
- r->valid_flags = FP_ENC_STATUS_SEED_SET;
- r->status = fp_encryption_status;
- args->response_size = sizeof(*r);
-
- return EC_RES_SUCCESS;
-}
-DECLARE_HOST_COMMAND(EC_CMD_FP_ENC_STATUS, fp_command_encryption_status,
- EC_VER_MASK(0));
-
-static int validate_fp_mode(const uint32_t mode)
-{
- uint32_t capture_type = FP_CAPTURE_TYPE(mode);
- uint32_t algo_mode = mode & ~FP_MODE_CAPTURE_TYPE_MASK;
- uint32_t cur_mode = sensor_mode;
-
- if (capture_type >= FP_CAPTURE_TYPE_MAX)
- return EC_ERROR_INVAL;
-
- if (algo_mode & ~FP_VALID_MODES)
- return EC_ERROR_INVAL;
-
- if ((mode & FP_MODE_ENROLL_SESSION) &&
- templ_valid >= FP_MAX_FINGER_COUNT) {
- CPRINTS("Maximum number of fingers already enrolled: %d",
- FP_MAX_FINGER_COUNT);
- return EC_ERROR_INVAL;
- }
-
- /* Don't allow sensor reset if any other mode is
- * set (including FP_MODE_RESET_SENSOR itself).
- */
- if (mode & FP_MODE_RESET_SENSOR) {
- if (cur_mode & FP_VALID_MODES)
- return EC_ERROR_INVAL;
- }
-
- return EC_SUCCESS;
-}
-
-int fp_set_sensor_mode(uint32_t mode, uint32_t *mode_output)
-{
- int ret;
-
- if (mode_output == NULL)
- return EC_RES_INVALID_PARAM;
-
- ret = validate_fp_mode(mode);
- if (ret != EC_SUCCESS) {
- CPRINTS("Invalid FP mode 0x%x", mode);
- return EC_RES_INVALID_PARAM;
- }
-
- if (!(mode & FP_MODE_DONT_CHANGE)) {
- sensor_mode = mode;
- task_set_event(TASK_ID_FPSENSOR, TASK_EVENT_UPDATE_CONFIG);
- }
-
- *mode_output = sensor_mode;
- return EC_RES_SUCCESS;
-}
-
-static enum ec_status fp_command_mode(struct host_cmd_handler_args *args)
-{
- const struct ec_params_fp_mode *p = args->params;
- struct ec_response_fp_mode *r = args->response;
-
- int ret = fp_set_sensor_mode(p->mode, &r->mode);
-
- if (ret == EC_RES_SUCCESS)
- args->response_size = sizeof(*r);
-
- return ret;
-}
-DECLARE_HOST_COMMAND(EC_CMD_FP_MODE, fp_command_mode, EC_VER_MASK(0));
-
-static enum ec_status fp_command_context(struct host_cmd_handler_args *args)
-{
- const struct ec_params_fp_context_v1 *p = args->params;
- uint32_t mode_output;
-
- switch (p->action) {
- case FP_CONTEXT_ASYNC:
- if (sensor_mode & FP_MODE_RESET_SENSOR)
- return EC_RES_BUSY;
-
- /**
- * Trigger a call to fp_reset_and_clear_context() by
- * requesting a reset. Since that function triggers a call to
- * fp_sensor_open(), this must be asynchronous because
- * fp_sensor_open() can take ~175 ms. See http://b/137288498.
- */
- return fp_set_sensor_mode(FP_MODE_RESET_SENSOR, &mode_output);
-
- case FP_CONTEXT_GET_RESULT:
- if (sensor_mode & FP_MODE_RESET_SENSOR)
- return EC_RES_BUSY;
-
- memcpy(user_id, p->userid, sizeof(user_id));
- return EC_RES_SUCCESS;
- }
-
- return EC_RES_INVALID_PARAM;
-}
-DECLARE_HOST_COMMAND(EC_CMD_FP_CONTEXT, fp_command_context, EC_VER_MASK(1));
-
-int fp_enable_positive_match_secret(uint32_t fgr,
- struct positive_match_secret_state *state)
-{
- timestamp_t now;
-
- if (state->readable) {
- CPRINTS("Error: positive match secret already readable.");
- fp_disable_positive_match_secret(state);
- return EC_ERROR_UNKNOWN;
- }
-
- now = get_time();
- state->template_matched = fgr;
- state->readable = true;
- state->deadline.val = now.val + (5 * SECOND);
- return EC_SUCCESS;
-}
-
-void fp_disable_positive_match_secret(
- struct positive_match_secret_state *state)
-{
- state->template_matched = FP_NO_SUCH_TEMPLATE;
- state->readable = false;
- state->deadline.val = 0;
-}
-
-static enum ec_status fp_command_read_match_secret(
- struct host_cmd_handler_args *args)
-{
- const struct ec_params_fp_read_match_secret *params = args->params;
- struct ec_response_fp_read_match_secret *response = args->response;
- int8_t fgr = params->fgr;
- timestamp_t now = get_time();
- struct positive_match_secret_state state_copy
- = positive_match_secret_state;
-
- fp_disable_positive_match_secret(&positive_match_secret_state);
-
- if (fgr < 0 || fgr >= FP_MAX_FINGER_COUNT) {
- CPRINTS("Invalid finger number %d", fgr);
- return EC_RES_INVALID_PARAM;
- }
- if (timestamp_expired(state_copy.deadline, &now)) {
- CPRINTS("Reading positive match secret disallowed: "
- "deadline has passed.");
- return EC_RES_TIMEOUT;
- }
- if (fgr != state_copy.template_matched || !state_copy.readable) {
- CPRINTS("Positive match secret for finger %d is not meant to "
- "be read now.", fgr);
- return EC_RES_ACCESS_DENIED;
- }
-
- if (derive_positive_match_secret(response->positive_match_secret,
- fp_positive_match_salt[fgr])
- != EC_SUCCESS) {
- CPRINTS("Failed to derive positive match secret for finger %d",
- fgr);
- /* Keep the template and encryption salt. */
- return EC_RES_ERROR;
- }
- CPRINTS("Derived positive match secret for finger %d", fgr);
- args->response_size = sizeof(*response);
-
- return EC_RES_SUCCESS;
-}
-DECLARE_HOST_COMMAND(EC_CMD_FP_READ_MATCH_SECRET, fp_command_read_match_secret,
- EC_VER_MASK(0));
View Lorry Controller Status