wayne-common: Support Alipay fingerprint payment

 * IFAA manager is based on OnePlusOSS, but adapted for Xiaomi's mlipay
   interface.Also hardcode model detection to pass Alipay check.
 * vendor.xiaomi.hardware.mtdservice@1.0.so is not actually used, thus
   patchelf to drop it rather than shipping a blob.
 * Modify libmlipay.so to allow load firmware from vendor

Change-Id: Idf3d3a8d40245984767f4ef5f60f9fe584e69f21

17 files changed, 322 insertions, 1 deletions

diff --git a/biometrics/BiometricsFingerprint.cpp b/biometrics/BiometricsFingerprint.cpp
index ea3028f..6b74f70 100644
--- a/biometrics/BiometricsFingerprint.cpp
+++ b/biometrics/BiometricsFingerprint.cpp
@@ -214,16 +214,23 @@ IBiometricsFingerprint* BiometricsFingerprint::getInstance() {
     return sInstance;
 }
 
+void setFpVendorProp(const char *fp_vendor) {
+    property_set("persist.sys.fp.vendor", fp_vendor);
+}
+
 fingerprint_device_t* getDeviceForVendor(const char *class_name)
 {
     const hw_module_t *hw_module = nullptr;
     int err;
 
     if (!strcmp(class_name, "fpc")) {
+        setFpVendorProp("fpc");
         err = load("/system/vendor/lib64/hw/fingerprint.fpc.so", &hw_module);
     } else if (!strcmp(class_name, "gdx")) {
+        setFpVendorProp("goodix");
         err = load("/system/vendor/lib64/hw/fingerprint.goodix.so", &hw_module);
     } else {
+        setFpVendorProp("none");
         ALOGE("No fingerprint module class specified.");
         err = 1;
     }
diff --git a/extract-files.sh b/extract-files.sh
index ba51122..2450ee8 100755
--- a/extract-files.sh
+++ b/extract-files.sh
@@ -67,3 +67,9 @@ if [ -s "$MY_DIR"/../$DEVICE/proprietary-files.txt ]; then
 fi
 
 "$MY_DIR"/setup-makefiles.sh
+
+DEVICE_BLOB_ROOT="$LINEAGE_ROOT"/vendor/"$VENDOR"/"$DEVICE"/proprietary
+
+patchelf --remove-needed vendor.xiaomi.hardware.mtdservice@1.0.so "$DEVICE_BLOB_ROOT"/vendor/bin/mlipayd
+patchelf --remove-needed vendor.xiaomi.hardware.mtdservice@1.0.so "$DEVICE_BLOB_ROOT"/vendor/lib64/libmlipay.so
+sed -i "s|/system/etc/firmware|/vendor/firmware\x0\x0\x0\x0|g" "$DEVICE_BLOB_ROOT"/vendor/lib64/libmlipay.so
diff --git a/org.ifaa.android.manager/Android.mk b/org.ifaa.android.manager/Android.mk
new file mode 100644
index 0000000..8ffb676
--- /dev/null
+++ b/org.ifaa.android.manager/Android.mk
@@ -0,0 +1,28 @@
+#
+# Copyright (C) 2017-2019 The LineageOS Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+LOCAL_PATH := $(call my-dir)
+
+include $(CLEAR_VARS)
+
+LOCAL_SRC_FILES := \
+    $(call all-java-files-under, src)
+
+LOCAL_MODULE := org.ifaa.android.manager
+LOCAL_MODULE_TAGS := optional
+LOCAL_MODULE_CLASS := JAVA_LIBRARIES
+
+include $(BUILD_JAVA_LIBRARY)
diff --git a/org.ifaa.android.manager/src/org/ifaa/android/manager/IFAAManager.java b/org.ifaa.android.manager/src/org/ifaa/android/manager/IFAAManager.java
new file mode 100644
index 0000000..d7ffc5a
--- /dev/null
+++ b/org.ifaa.android.manager/src/org/ifaa/android/manager/IFAAManager.java
@@ -0,0 +1,58 @@
+package org.ifaa.android.manager;
+
+import android.content.Context;
+import android.os.Build.VERSION;
+import android.os.SystemProperties;
+
+public abstract class IFAAManager {
+    private static final int IFAA_VERSION_V2 = 2;
+    private static final int IFAA_VERSION_V3 = 3;
+    static int sIfaaVer;
+    static boolean sIsFod = SystemProperties.getBoolean("ro.hardware.fp.fod", false);
+
+    /**
+     * 返回手机系统上支持的校验方式，目前IFAF协议1.0版本指纹为0x01、虹膜为0x02
+     */
+    public abstract int getSupportBIOTypes(Context context);
+
+    /**
+     * 启动系统的指纹/虹膜管理应用界面，让用户进行指纹录入。指纹录入是在系统的指纹管理应用中实现的，
+     * 本函数的作用只是将指纹管理应用运行起来，直接进行页面跳转，方便用户录入。
+     * @param context
+     * @param authType 生物特征识别类型，指纹为1，虹膜为2
+     * @return 0，成功启动指纹管理应用；-1，启动指纹管理应用失败。
+     */
+    public abstract int startBIOManager(Context context, int authType);
+
+    /**
+     * 通过ifaateeclient的so文件实现REE到TA的通道
+     * @param context
+     * @param param 用于传输到IFAA TA的数据buffer
+     * @return IFAA TA返回给REE数据buffer
+     */
+    public native byte[] processCmd(Context context, byte[] param);
+
+    /**
+     * 获取设备型号，同一款机型型号需要保持一致
+     */
+    public abstract String getDeviceModel();
+
+    /**
+     * 获取IFAAManager接口定义版本，目前为1
+     */
+    public abstract int getVersion();
+
+    /**
+     * load so to communicate from REE to TEE
+     */
+    static {
+        sIfaaVer = 1;
+        if (sIsFod) {
+            sIfaaVer = 3;
+        } else if (VERSION.SDK_INT >= 24) {
+            sIfaaVer = 2;
+        } else {
+            System.loadLibrary("teeclientjni");//teeclientjni for TA test binary //ifaateeclient
+        }
+    }
+}
diff --git a/org.ifaa.android.manager/src/org/ifaa/android/manager/IFAAManagerFactory.java b/org.ifaa.android.manager/src/org/ifaa/android/manager/IFAAManagerFactory.java
new file mode 100644
index 0000000..0862444
--- /dev/null
+++ b/org.ifaa.android.manager/src/org/ifaa/android/manager/IFAAManagerFactory.java
@@ -0,0 +1,9 @@
+package org.ifaa.android.manager;
+
+import android.content.Context;
+
+public class IFAAManagerFactory {
+    public static IFAAManager getIFAAManager(Context context, int authType) {
+        return IFAAManagerImpl.getInstance();
+    }
+}
diff --git a/org.ifaa.android.manager/src/org/ifaa/android/manager/IFAAManagerImpl.java b/org.ifaa.android.manager/src/org/ifaa/android/manager/IFAAManagerImpl.java
new file mode 100644
index 0000000..a3d31bd
--- /dev/null
+++ b/org.ifaa.android.manager/src/org/ifaa/android/manager/IFAAManagerImpl.java
@@ -0,0 +1,155 @@
+package org.ifaa.android.manager;
+
+import android.content.Context;
+import android.content.Intent;
+import android.net.wifi.WifiEnterpriseConfig;
+import android.os.Build;
+import android.os.Build.VERSION;
+import android.os.HwBinder;
+import android.os.HwBlob;
+import android.os.HwParcel;
+import android.os.IHwBinder;
+import android.os.RemoteException;
+import android.os.SystemProperties;
+import android.util.Slog;
+import java.util.ArrayList;
+import java.util.Arrays;
+import org.json.JSONObject;
+
+public class IFAAManagerImpl extends IFAAManagerV3 {
+    private static final String TAG = "IfaaManagerImpl";
+
+    private static volatile IFAAManagerImpl INSTANCE = null;
+
+    private static final int IFAA_TYPE_FINGER = 0x01;
+    private static final int IFAA_TYPE_IRIS = 0x02;
+    private static final int IFAA_TYPE_SENSOR_FOD = 0x10;
+
+    private static final int ACTIVITY_START_SUCCESS = 0;
+    private static final int ACTIVITY_START_FAILED = -1;
+
+    private static final int CODE_PROCESS_CMD = 1;
+    private static final String INTERFACE_DESCRIPTOR = "vendor.xiaomi.hardware.mlipay@1.0::IMlipayService";
+    private static final String SERVICE_NAME = "vendor.xiaomi.hardware.mlipay@1.0::IMlipayService";
+
+    private static final String seperate = ",";
+    private String mDevModel = null;
+    private IHwBinder mService;
+
+    public static IFAAManagerV3 getInstance() {
+        if (INSTANCE == null) {
+            synchronized (IFAAManagerImpl.class) {
+                if (INSTANCE == null) {
+                    INSTANCE = new IFAAManagerImpl();
+                }
+            }
+        }
+        return INSTANCE;
+    }
+
+    private String initExtString() {
+        String str = "";
+        JSONObject location = new JSONObject();
+        JSONObject fullView = new JSONObject();
+        String str2 = SystemProperties.get("persist.sys.fp.fod.location.X_Y", "");
+        String str3 = SystemProperties.get("persist.sys.fp.fod.size.width_height", "");
+        try {
+            if (validateVal(str2) && validateVal(str3)) {
+                String[] split = str2.split(seperate);
+                String[] split2 = str3.split(seperate);
+                fullView.put("startX", Integer.parseInt(split[0]));
+                fullView.put("startY", Integer.parseInt(split[1]));
+                fullView.put("width", Integer.parseInt(split2[0]));
+                fullView.put("height", Integer.parseInt(split2[1]));
+                fullView.put("navConflict", true);
+                location.put("type", 0);
+                location.put("fullView", fullView);
+                return location.toString();
+            }
+            Slog.e(TAG, "initExtString invalidate, xy:" + str2 + " wh:" + str3);
+            return str;
+        } catch (Exception e) {
+            Slog.e(TAG, "Exception , xy:" + str2 + " wh:" + str3, e);
+            return str;
+        }
+    }
+
+    private boolean validateVal(String str) {
+        return !"".equalsIgnoreCase(str) && str.contains(",");
+    }
+
+    public String getDeviceModel() {
+        mDevModel = "xiaomi" + "-" + "wayne";
+        Slog.i(TAG, "getDeviceModel deviceModel:" + mDevModel);
+        return mDevModel;
+    }
+
+    public String getExtInfo(int authType, String keyExtInfo) {
+        Slog.i(TAG, "getExtInfo:" + authType + WifiEnterpriseConfig.CA_CERT_ALIAS_DELIMITER + keyExtInfo);
+        return initExtString();
+    }
+
+    public int getSupportBIOTypes(Context context) {
+        int ifaaType = SystemProperties.getInt("persist.sys.ifaa", 0);
+        String fpVendor = SystemProperties.get("persist.sys.fp.vendor", "");
+        int supportBIOTypes = "none".equalsIgnoreCase(fpVendor) ? ifaaType & IFAA_TYPE_IRIS :
+                ifaaType & (IFAA_TYPE_FINGER | IFAA_TYPE_IRIS);
+        if ((supportBIOTypes & IFAA_TYPE_FINGER) == IFAA_TYPE_FINGER && sIsFod) {
+            supportBIOTypes |= IFAA_TYPE_SENSOR_FOD;
+        }
+        return supportBIOTypes;
+    }
+
+    public int getVersion() {
+        Slog.i(TAG, "getVersion sdk:" + VERSION.SDK_INT + " ifaaVer:" + sIfaaVer);
+        return sIfaaVer;
+    }
+
+    public byte[] processCmdV2(Context context, byte[] data) {
+        Slog.i(TAG, "processCmdV2 sdk:" + VERSION.SDK_INT);
+        HwParcel hwParcel = new HwParcel();
+        try {
+            if (mService == null) {
+                mService = HwBinder.getService(SERVICE_NAME, "default");
+            }
+            if (mService != null) {
+                HwParcel hwParcel2 = new HwParcel();
+                hwParcel2.writeInterfaceToken(INTERFACE_DESCRIPTOR);
+                ArrayList arrayList = new ArrayList(Arrays.asList(HwBlob.wrapArray(data)));
+                hwParcel2.writeInt8Vector(arrayList);
+                hwParcel2.writeInt32(arrayList.size());
+                mService.transact(CODE_PROCESS_CMD, hwParcel2, hwParcel, 0);
+                hwParcel.verifySuccess();
+                hwParcel2.releaseTemporaryStorage();
+                ArrayList readInt8Vector = hwParcel.readInt8Vector();
+                int size = readInt8Vector.size();
+                byte[] result = new byte[size];
+                for (int i = 0; i < size; i++) {
+                    result[i] = ((Byte) readInt8Vector.get(i)).byteValue();
+                }
+                return result;
+            }
+        } catch (RemoteException e) {
+            Slog.e(TAG, "transact failed. " + e);
+        } finally {
+            hwParcel.release();
+        }
+        Slog.e(TAG, "processCmdV2, return null");
+        return null;
+    }
+
+    public void setExtInfo(int authType, String keyExtInfo, String valExtInfo) {
+    }
+
+    public int startBIOManager(Context context, int authType) {
+        int res = ACTIVITY_START_FAILED;
+        if (authType == IFAA_TYPE_FINGER) {
+            Intent intent = new Intent("android.settings.SECURITY_SETTINGS");
+            intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
+            context.startActivity(intent);
+            res = ACTIVITY_START_SUCCESS;
+        }
+        Slog.i(TAG, "startBIOManager authType:" + authType + " res:" + res);
+        return res;
+    }
+}
diff --git a/org.ifaa.android.manager/src/org/ifaa/android/manager/IFAAManagerV2.java b/org.ifaa.android.manager/src/org/ifaa/android/manager/IFAAManagerV2.java
new file mode 100644
index 0000000..2d7e3f5
--- /dev/null
+++ b/org.ifaa.android.manager/src/org/ifaa/android/manager/IFAAManagerV2.java
@@ -0,0 +1,7 @@
+package org.ifaa.android.manager;
+
+import android.content.Context;
+
+public abstract class IFAAManagerV2 extends IFAAManager {
+    public abstract byte[] processCmdV2(Context paramContext, byte[] paramArrayOfByte);
+}
diff --git a/org.ifaa.android.manager/src/org/ifaa/android/manager/IFAAManagerV3.java b/org.ifaa.android.manager/src/org/ifaa/android/manager/IFAAManagerV3.java
new file mode 100644
index 0000000..50e677d
--- /dev/null
+++ b/org.ifaa.android.manager/src/org/ifaa/android/manager/IFAAManagerV3.java
@@ -0,0 +1,12 @@
+package org.ifaa.android.manager;
+
+public abstract class IFAAManagerV3 extends IFAAManagerV2 {
+    public static final String KEY_FINGERPRINT_FULLVIEW = "org.ifaa.ext.key.CUSTOM_VIEW";
+    public static final String KEY_GET_SENSOR_LOCATION = "org.ifaa.ext.key.GET_SENSOR_LOCATION";
+    public static final String VALUE_FINGERPRINT_DISABLE = "disable";
+    public static final String VLAUE_FINGERPRINT_ENABLE = "enable";
+
+    public abstract String getExtInfo(int authType, String keyExtInfo);
+
+    public abstract void setExtInfo(int authType, String keyExtInfo, String valExtInfo);
+}
diff --git a/proprietary-files.txt b/proprietary-files.txt
index aff81dc..c681072 100644
--- a/proprietary-files.txt
+++ b/proprietary-files.txt
@@ -607,6 +607,12 @@ vendor/lib64/libvpphvx.so
 vendor/lib64/libvpptestutils.so
 vendor/lib64/vendor.qti.hardware.vpp@1.1_vendor.so
 
+# Mlipay - from wayne
+etc/init/vendor.xiaomi.hardware.mlipay@1.0-service.rc:vendor/etc/init/vendor.xiaomi.hardware.mlipay@1.0-service.rc
+lib64/vendor.xiaomi.hardware.mlipay@1.0.so:vendor/lib64/vendor.xiaomi.hardware.mlipay@1.0.so
+vendor/bin/mlipayd
+vendor/lib64/libmlipay.so
+
 # Perf - from wayne
 lib/libqti_performance.so
 lib/vendor.qti.hardware.perf@1.0.so
diff --git a/sepolicy/app.te b/sepolicy/app.te
new file mode 100644
index 0000000..3858674
--- /dev/null
+++ b/sepolicy/app.te
@@ -0,0 +1,4 @@
+allow { appdomain -isolated_app } hal_mlipay_hwservice:hwservice_manager find;
+binder_call({ appdomain -isolated_app }, hal_mlipay_default)
+get_prop({ appdomain -isolated_app }, ifaa_prop)
+get_prop({ appdomain -isolated_app }, hal_fingerprint_prop)
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 6959397..2d50c7b 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -20,5 +20,8 @@
 # Light HAL
 /(vendor|system/vendor)/bin/hw/android\.hardware\.light@2\.0-service\.xiaomi_wayne u:object_r:hal_light_default_exec:s0
 
+# Mlipay
+/(vendor|system/vendor)/bin/mlipayd             u:object_r:hal_mlipay_default_exec:s0
+
 # Shell Script
 /(vendor|system/vendor)/bin/init\.goodix\.sh    u:object_r:init_fingerprint_exec:s0
diff --git a/sepolicy/hal_mlipay_default.te b/sepolicy/hal_mlipay_default.te
new file mode 100644
index 0000000..eb48621
--- /dev/null
+++ b/sepolicy/hal_mlipay_default.te
@@ -0,0 +1,16 @@
+type hal_mlipay_default, domain;
+
+type hal_mlipay_default_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(hal_mlipay_default)
+
+hwbinder_use(hal_mlipay_default)
+get_prop(hal_mlipay_default, hwservicemanager_prop)
+add_hwservice(hal_mlipay_default, hal_mlipay_hwservice)
+
+allow hal_mlipay_default tee_device:chr_file rw_file_perms;
+allow hal_mlipay_default ion_device:chr_file r_file_perms;
+
+r_dir_file(hal_mlipay_default, firmware_file)
+set_prop(hal_mlipay_default, ifaa_prop);
+
+get_prop(hal_mlipay_default, hal_fingerprint_prop);
diff --git a/sepolicy/hwservice.te b/sepolicy/hwservice.te
index 8f19cf3..32adecb 100644
--- a/sepolicy/hwservice.te
+++ b/sepolicy/hwservice.te
@@ -1,2 +1,2 @@
-
 type goodixhw_service, hwservice_manager_type;
+type hal_mlipay_hwservice, hwservice_manager_type, untrusted_app_visible_hwservice;
diff --git a/sepolicy/hwservice_contexts b/sepolicy/hwservice_contexts
index 6fdbcd8..8ff7ae7 100644
--- a/sepolicy/hwservice_contexts
+++ b/sepolicy/hwservice_contexts
@@ -1 +1,2 @@
 vendor.goodix.hardware.fingerprint::IGoodixBiometricsFingerprint u:object_r:goodixhw_service:s0
+vendor.xiaomi.hardware.mlipay::IMlipayService                    u:object_r:hal_mlipay_hwservice:s0
diff --git a/sepolicy/property.te b/sepolicy/property.te
index 0d82962..20dd7a4 100644
--- a/sepolicy/property.te
+++ b/sepolicy/property.te
@@ -1 +1,3 @@
 type hal_fingerprint_prop, property_type;
+type ifaa_prop, property_type;
+
diff --git a/sepolicy/property_contexts b/sepolicy/property_contexts
index 6ac6236..57f8ba8 100644
--- a/sepolicy/property_contexts
+++ b/sepolicy/property_contexts
@@ -2,3 +2,4 @@ sys.fp.goodix	u:object_r:hal_fingerprint_prop:s0
 sys.fp.vendor   u:object_r:hal_fingerprint_prop:s0
 persist.sys.fp.info u:object_r:hal_fingerprint_prop:s0
 persist.sys.fp.vendor u:object_r:hal_fingerprint_prop:s0
+persist.sys.ifaa u:object_r:ifaa_prop:s0
diff --git a/wayne.mk b/wayne.mk
index 7835b3e..e59dcdb 100644
--- a/wayne.mk
+++ b/wayne.mk
@@ -134,6 +134,12 @@ PRODUCT_COPY_FILES += \
 PRODUCT_PACKAGES += \
     android.hardware.biometrics.fingerprint@2.1-service.xiaomi_wayne
 
+PRODUCT_PACKAGES += \
+    org.ifaa.android.manager
+
+PRODUCT_BOOT_JARS += \
+    org.ifaa.android.manager
+
 # Bluetooth
 PRODUCT_PACKAGES += \
     libbt-vendor