From patchwork Thu Jul 29 03:12:47 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12407531 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 68337C4338F for ; Thu, 29 Jul 2021 03:13:34 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 4B9BB60F23 for ; Thu, 29 Jul 2021 03:13:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233542AbhG2DNe (ORCPT ); Wed, 28 Jul 2021 23:13:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43364 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233297AbhG2DNd (ORCPT ); Wed, 28 Jul 2021 23:13:33 -0400 Received: from mail-qk1-x749.google.com (mail-qk1-x749.google.com [IPv6:2607:f8b0:4864:20::749]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 65C4AC061757 for ; Wed, 28 Jul 2021 20:13:29 -0700 (PDT) Received: by mail-qk1-x749.google.com with SMTP id b4-20020a3799040000b02903b899a4309cso2936099qke.14 for ; Wed, 28 Jul 2021 20:13:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=tX8Do79SScMCWREDbAJxEEnKh7sMJKvr0rNJ/ZT7ZKI=; b=Sk6dyu6Z1PhMgMIvHviXqigpWaUQn62zwSxxYTJ9SZcc7UUzXVi2Awwm45u4SfVkvx pvlkVSikspIvGRuD0URJ4sV1uNEjtyCznSFRMSj9+aHj+ruOUCGdKuv9HUF1gtgL+PPP dyuHbu2v1bscJqKZRQ1oyD2GvmgFb6ShCOXSI8YkbP168emi4ztYVDmkmgN1tTxS2DWH PefGslX0Kh3kjnWil5PfoJ4EqP5sM0qUxoJrSU1M5eqo0iqZtTGVZoK2j1KKLUK5Nb2g 1w2aPkb29/ptc1FbXxYtGk5CUCPUDf3jOHQTWbGba6iBCoTVYO2W5awtL5Gt67g156Jb k+Fg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=tX8Do79SScMCWREDbAJxEEnKh7sMJKvr0rNJ/ZT7ZKI=; b=fWCZ7N58ruioiM9t1hvvOj/CDVlqHdSlKPUdci3dE9hUxGeLQBz32a7HT33cAvLw0T AVZSOVSb9FQcV6Wcyk88p9J/qYMglybrRynDKzfGfkHycFN6ajQpPaTKw9MXHH5bJ2Y9 KV5WkJYAvIr86Sg2a2XOH/k05z4WFsrefPS0+OEd33ArBRDO6uW1U2ptRAgWJTNwLrUy mxQMG7+rhs7FJtCT7/Po9F8Ez+zoB78ZOJBSCv7cOBd5iBS/l6XsskJsyC1zgNmtoLwc YaL6JjKMeVsjQCsfz5JaBcTmihSRm9leHkxvV/PLro0wx/QNWky6XoHGM8Mdh7nVg+36 K3WA== X-Gm-Message-State: AOAM5315Z38mxS//UrFVOOSIYyAXzkrZSsATYydwPsIAxeaWAeeJRF+9 oSWP+amS1YHiUNe5IWNJKokaaqTPGyl6moyZty6+OOngc8w+ukAu4JYW5zn+79VgB1QwA2+lxo0 77YFnUrXhbKOPlWR3S+jrlZCxgquyuRY4GEoiO/z8Waj4Wx60cSv3livK/CW9NQYWkgJcED6fO3 y10g+TxLp7lCY= X-Google-Smtp-Source: ABdhPJzT9psZFfMio3M/afqfriGWDqBTPzBUu1mQCJvLuwsHPoKdy/yQYz2N3mCG+3Z4/qHZFfbculZOicv86YNOpQ== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a05:6214:e83:: with SMTP id hf3mr3271930qvb.19.1627528408461; Wed, 28 Jul 2021 20:13:28 -0700 (PDT) Date: Thu, 29 Jul 2021 11:12:47 +0800 In-Reply-To: <20210729031258.3391756-1-howardchung@google.com> Message-Id: <20210729110956.Bluez.v4.1.Ic71b1ed97538a06d02425ba502690bdab1c5d836@changeid> Mime-Version: 1.0 References: <20210729031258.3391756-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v4 01/13] core: add is_allowed property in btd_service From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds is_allowed property in btd_service. When is_allowed is set to false, calling btd_service_connect and service_accept will fail and the existing service connection gets disconnected. Reviewed-by: Miao-chen Chou --- Changes in v4: - Update commit message (admin_policy -> admin) - remove old plugins/admin_policy.c Changes in v3: - Rename plugins/admin_policy.c -> plugins/admin.c - Use device_added callback in btd_adapter_driver instead of listen for dbus - Add authorization method in profiles/health/mcap.c and block incoming connections in adapter authorization function. Changes in v2: - Move bt_uuid_hash and bt_uuid_equal functions to adapter.c. - Modify the criteria to say a device is `Affected` from any-of-uuid to any-of-auto-connect-profile. - Remove the code to remove/reprobe disallowed/allowed profiles, instead, check if the service is allowed in bt_io_accept connect_cb. - Fix a typo in emit_property_change in plugin/admin_policy.c:set_service_allowlist - Instead of using device_state_cb, utilize D-BUS client to watch device added/removed. - Add a document in doc/ src/service.c | 39 +++++++++++++++++++++++++++++++++++++++ src/service.h | 2 ++ 2 files changed, 41 insertions(+) diff --git a/src/service.c b/src/service.c index 21a52762e637..929d6c136b6d 100644 --- a/src/service.c +++ b/src/service.c @@ -41,6 +41,7 @@ struct btd_service { void *user_data; btd_service_state_t state; int err; + bool is_allowed; }; struct service_state_callback { @@ -133,6 +134,7 @@ struct btd_service *service_create(struct btd_device *device, service->device = device; /* Weak ref */ service->profile = profile; service->state = BTD_SERVICE_STATE_UNAVAILABLE; + service->is_allowed = true; return service; } @@ -186,6 +188,18 @@ int service_accept(struct btd_service *service) if (!service->profile->accept) return -ENOSYS; + if (!service->is_allowed) { + info("service %s is not allowed", + service->profile->remote_uuid); + return -ECONNABORTED; + } + + if (!service->is_allowed) { + info("service %s is not allowed", + service->profile->remote_uuid); + return -ECONNABORTED; + } + err = service->profile->accept(service); if (!err) goto done; @@ -245,6 +259,12 @@ int btd_service_connect(struct btd_service *service) return -EBUSY; } + if (!service->is_allowed) { + info("service %s is not allowed", + service->profile->remote_uuid); + return -ECONNABORTED; + } + err = profile->connect(service); if (err == 0) { change_state(service, BTD_SERVICE_STATE_CONNECTING, 0); @@ -361,6 +381,25 @@ bool btd_service_remove_state_cb(unsigned int id) return false; } +void btd_service_set_allowed(struct btd_service *service, bool allowed) +{ + if (allowed == service->is_allowed) + return; + + service->is_allowed = allowed; + + if (!allowed && (service->state == BTD_SERVICE_STATE_CONNECTING || + service->state == BTD_SERVICE_STATE_CONNECTED)) { + btd_service_disconnect(service); + return; + } +} + +bool btd_service_is_allowed(struct btd_service *service) +{ + return service->is_allowed; +} + void btd_service_connecting_complete(struct btd_service *service, int err) { if (service->state != BTD_SERVICE_STATE_DISCONNECTED && diff --git a/src/service.h b/src/service.h index 88530cc17d53..5a2a02447b24 100644 --- a/src/service.h +++ b/src/service.h @@ -51,6 +51,8 @@ int btd_service_get_error(const struct btd_service *service); unsigned int btd_service_add_state_cb(btd_service_state_cb cb, void *user_data); bool btd_service_remove_state_cb(unsigned int id); +void btd_service_set_allowed(struct btd_service *service, bool allowed); +bool btd_service_is_allowed(struct btd_service *service); /* Functions used by profile implementation */ void btd_service_connecting_complete(struct btd_service *service, int err); From patchwork Thu Jul 29 03:12:48 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12407533 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 754DBC4338F for ; Thu, 29 Jul 2021 03:13:38 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 58F8E60F9B for ; Thu, 29 Jul 2021 03:13:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233540AbhG2DNi (ORCPT ); Wed, 28 Jul 2021 23:13:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43376 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233297AbhG2DNh (ORCPT ); Wed, 28 Jul 2021 23:13:37 -0400 Received: from mail-qv1-xf49.google.com (mail-qv1-xf49.google.com [IPv6:2607:f8b0:4864:20::f49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3299EC061757 for ; Wed, 28 Jul 2021 20:13:34 -0700 (PDT) Received: by mail-qv1-xf49.google.com with SMTP id y10-20020a0cd98a0000b029032ca50bbea1so3173877qvj.12 for ; Wed, 28 Jul 2021 20:13:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=lcgnPP5ww4lJRDXdTTx6Q4PYdYcLCGwV1/+vXOgA96w=; b=M78FQAuBuj3b4SFVEbr7PXZzKv7imQRH+npTNtPQZFEt8LTQXKrpyg9gPo6uWnofPD s2z2Z7ZZrTK83Zb0XwnhsPzxmo7p38lIeT4miy3a31sWukBX1pss7x3eXugUiLHJZHT3 AXALV+vr9JStnQ2y3D0kyaUuXD63OXq6nF83T+iCg4U9tXqzkjWHvS3PuonURtaUXHxo y5nMZFTT5CbwiMEWoo599bvv6QIXiczh4299BRBYOrhvxz+BwQN4kdN53p+zijAOewL0 IrdlVYb8v5vQcyTXbqTycN2q6ikkk9U3uwEzLIyf1ra+Rw5dg8eyLqSO0++PP05uMEWL +N8Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=lcgnPP5ww4lJRDXdTTx6Q4PYdYcLCGwV1/+vXOgA96w=; b=BEz0Jw+CFfuWfueHhG2exF+7Opm+3z6gC0mn3SZjEBt099N1nXcZixDrV+Hs9LezyI wqGZpA4E9+ybe84CggS2SgToKyP71YborZb6Iyhc9Yhg+4j7PEUyrgPULHFNuLV1y2At ue2TxcXiFjBYQphOCYCSfkOZr1A81pybTRGvIbOLkgvq1PjXMyn2Ycf58OCkwxDcTrNo Are4+t5BggZRPogWnBONUAfyqzjAUkJ/Mrobh6naFD0sqmaFMsCKQKPQw+iqpyhnvXyM 4tCfLFCoucj5w4qeNJ/XC0rCH6ABTxXwIp1GY9LXFtB19TmAThSoZM6ViufLm6RUNT6c lxyQ== X-Gm-Message-State: AOAM532Yf6T98WnIzsv8weTAfmqcUJk3mTfAQXWHx9xKNChErEcgmgnf zTO2t7NPKv+VctXM2sfa4VsVsTixFoqGwgQrVHS0MD4HyVXgYrPRJPLFLuN/LakaPRWT2KQkljB GrEm8QrI7rb/Al533+7WAbHF0iVp2dpgwy9tuIu6ZjxiBgTIn9HYpz3tthCe3Ym0LyClJvPQBEr cVOLbIB76fEdY= X-Google-Smtp-Source: ABdhPJx2EYQc8ql1ca5AR3rVowctsF/JHZvapHaNODLdhfpiI+i4b2T78fXaelGe6BMAOaJQqL6SpIZ+l45twh+psA== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a05:6214:1021:: with SMTP id k1mr3372795qvr.4.1627528413227; Wed, 28 Jul 2021 20:13:33 -0700 (PDT) Date: Thu, 29 Jul 2021 11:12:48 +0800 In-Reply-To: <20210729031258.3391756-1-howardchung@google.com> Message-Id: <20210729110956.Bluez.v4.2.Ibc0b5f02cb249f9aca9efe45e2dadc5e50b7d89e@changeid> Mime-Version: 1.0 References: <20210729031258.3391756-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v4 02/13] core: add adapter and device allowed_uuid functions From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This implements functions in src/adapter.c and src/device.c for plugins setting a list of allowed services. Reviewed-by: Miao-chen Chou --- (no changes since v1) src/adapter.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++ src/adapter.h | 8 +++++ src/device.c | 64 +++++++++++++++++++++++++++++++++++- src/device.h | 2 ++ 4 files changed, 163 insertions(+), 1 deletion(-) diff --git a/src/adapter.c b/src/adapter.c index 663b778e4a5d..c7fe27d19a5d 100644 --- a/src/adapter.c +++ b/src/adapter.c @@ -260,6 +260,8 @@ struct btd_adapter { struct btd_battery_provider_manager *battery_provider_manager; + GHashTable *allowed_uuid_set; /* Set of allowed service UUIDs */ + gboolean initialized; GSList *pin_callbacks; @@ -3489,6 +3491,93 @@ static DBusMessage *connect_device(DBusConnection *conn, return NULL; } +static void update_device_allowed_services(void *data, void *user_data) +{ + struct btd_device *device = data; + + btd_device_update_allowed_services(device); +} + +static void add_uuid_to_uuid_set(void *data, void *user_data) +{ + bt_uuid_t *uuid = data; + GHashTable *uuid_set = user_data; + + if (!uuid) { + error("Found NULL in UUID allowed list"); + return; + } + + g_hash_table_add(uuid_set, uuid); +} + +static guint bt_uuid_hash(gconstpointer key) +{ + const bt_uuid_t *uuid = key; + bt_uuid_t uuid_128; + uint64_t *val; + + if (!uuid) + return 0; + + bt_uuid_to_uuid128(uuid, &uuid_128); + val = (uint64_t *)&uuid_128.value.u128; + + return g_int64_hash(val) ^ g_int64_hash(val+1); +} + +static gboolean bt_uuid_equal(gconstpointer v1, gconstpointer v2) +{ + const bt_uuid_t *uuid1 = v1; + const bt_uuid_t *uuid2 = v2; + + if (!uuid1 || !uuid2) + return !uuid1 && !uuid2; + + return bt_uuid_cmp(uuid1, uuid2) == 0; +} + +bool btd_adapter_set_allowed_uuids(struct btd_adapter *adapter, + struct queue *uuids) +{ + if (!adapter) + return false; + + if (adapter->allowed_uuid_set) + g_hash_table_destroy(adapter->allowed_uuid_set); + + adapter->allowed_uuid_set = g_hash_table_new(bt_uuid_hash, + bt_uuid_equal); + if (!adapter->allowed_uuid_set) { + btd_error(adapter->dev_id, + "Failed to allocate allowed_uuid_set"); + return false; + } + + queue_foreach(uuids, add_uuid_to_uuid_set, adapter->allowed_uuid_set); + g_slist_foreach(adapter->devices, update_device_allowed_services, NULL); + + return true; +} + +bool btd_adapter_is_uuid_allowed(struct btd_adapter *adapter, + const char *uuid_str) +{ + bt_uuid_t uuid; + + if (!adapter || !adapter->allowed_uuid_set) + return true; + + if (bt_string_to_uuid(&uuid, uuid_str)) { + btd_error(adapter->dev_id, + "Failed to parse UUID string '%s'", uuid_str); + return false; + } + + return !g_hash_table_size(adapter->allowed_uuid_set) || + g_hash_table_contains(adapter->allowed_uuid_set, &uuid); +} + static const GDBusMethodTable adapter_methods[] = { { GDBUS_ASYNC_METHOD("StartDiscovery", NULL, NULL, start_discovery) }, { GDBUS_METHOD("SetDiscoveryFilter", @@ -5404,6 +5493,7 @@ static void adapter_free(gpointer user_data) g_free(adapter->stored_alias); g_free(adapter->current_alias); free(adapter->modalias); + g_hash_table_destroy(adapter->allowed_uuid_set); g_free(adapter); } diff --git a/src/adapter.h b/src/adapter.h index 60b5e3bcca34..7cac51451249 100644 --- a/src/adapter.h +++ b/src/adapter.h @@ -25,6 +25,7 @@ struct btd_adapter; struct btd_device; +struct queue; struct btd_adapter *btd_adapter_get_default(void); bool btd_adapter_is_default(struct btd_adapter *adapter); @@ -97,6 +98,8 @@ void adapter_service_remove(struct btd_adapter *adapter, uint32_t handle); struct agent *adapter_get_agent(struct btd_adapter *adapter); +bool btd_adapter_uuid_is_allowed(struct btd_adapter *adapter, const char *uuid); + struct btd_adapter *btd_adapter_ref(struct btd_adapter *adapter); void btd_adapter_unref(struct btd_adapter *adapter); @@ -240,3 +243,8 @@ enum kernel_features { }; bool btd_has_kernel_features(uint32_t feature); + +bool btd_adapter_set_allowed_uuids(struct btd_adapter *adapter, + struct queue *uuids); +bool btd_adapter_is_uuid_allowed(struct btd_adapter *adapter, + const char *uuid_str); diff --git a/src/device.c b/src/device.c index b29aa195d19b..c4a4497da01f 100644 --- a/src/device.c +++ b/src/device.c @@ -1929,6 +1929,56 @@ static int service_prio_cmp(gconstpointer a, gconstpointer b) return p2->priority - p1->priority; } +bool btd_device_all_services_allowed(struct btd_device *dev) +{ + GSList *l; + struct btd_adapter *adapter = dev->adapter; + struct btd_service *service; + struct btd_profile *profile; + + for (l = dev->services; l != NULL; l = g_slist_next(l)) { + service = l->data; + profile = btd_service_get_profile(service); + + if (!profile || !profile->auto_connect) + continue; + + if (!btd_adapter_is_uuid_allowed(adapter, profile->remote_uuid)) + return false; + } + + return true; +} + +void btd_device_update_allowed_services(struct btd_device *dev) +{ + struct btd_adapter *adapter = dev->adapter; + struct btd_service *service; + struct btd_profile *profile; + GSList *l; + bool is_allowed; + char addr[18]; + + /* If service discovery is ongoing, let the service discovery complete + * callback call this function. + */ + if (dev->browse) { + ba2str(&dev->bdaddr, addr); + DBG("service discovery of %s is ongoing. Skip updating allowed " + "services", addr); + return; + } + + for (l = dev->services; l != NULL; l = g_slist_next(l)) { + service = l->data; + profile = btd_service_get_profile(service); + + is_allowed = btd_adapter_is_uuid_allowed(adapter, + profile->remote_uuid); + btd_service_set_allowed(service, is_allowed); + } +} + static GSList *create_pending_list(struct btd_device *dev, const char *uuid) { struct btd_service *service; @@ -1937,9 +1987,14 @@ static GSList *create_pending_list(struct btd_device *dev, const char *uuid) if (uuid) { service = find_connectable_service(dev, uuid); - if (service) + + if (!service) + return dev->pending; + + if (btd_service_is_allowed(service)) return g_slist_prepend(dev->pending, service); + info("service %s is blocked", uuid); return dev->pending; } @@ -1950,6 +2005,11 @@ static GSList *create_pending_list(struct btd_device *dev, const char *uuid) if (!p->auto_connect) continue; + if (!btd_service_is_allowed(service)) { + info("service %s is blocked", p->remote_uuid); + continue; + } + if (g_slist_find(dev->pending, service)) continue; @@ -2633,6 +2693,8 @@ static void device_svc_resolved(struct btd_device *dev, uint8_t browse_type, dev->svc_callbacks); g_free(cb); } + + btd_device_update_allowed_services(dev); } static struct bonding_req *bonding_request_new(DBusMessage *msg, diff --git a/src/device.h b/src/device.h index 4ae9abe0dbb4..5f615cb4b6b2 100644 --- a/src/device.h +++ b/src/device.h @@ -175,5 +175,7 @@ uint32_t btd_device_get_current_flags(struct btd_device *dev); void btd_device_flags_changed(struct btd_device *dev, uint32_t supported_flags, uint32_t current_flags); +bool btd_device_all_services_allowed(struct btd_device *dev); +void btd_device_update_allowed_services(struct btd_device *dev); void btd_device_init(void); void btd_device_cleanup(void); From patchwork Thu Jul 29 03:12:49 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12407535 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-21.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 26A98C4338F for ; Thu, 29 Jul 2021 03:13:52 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 0182D6101C for ; Thu, 29 Jul 2021 03:13:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233590AbhG2DNv (ORCPT ); Wed, 28 Jul 2021 23:13:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43406 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233572AbhG2DNn (ORCPT ); Wed, 28 Jul 2021 23:13:43 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1B7D8C0613C1 for ; Wed, 28 Jul 2021 20:13:39 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id r1-20020a0569021541b029054df41d5cceso5338624ybu.18 for ; Wed, 28 Jul 2021 20:13:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=+fcd5Qv9ghfGsN7+gveRQgNoa21U6k7qkJYCm6II4Sk=; b=SwwKZceXju+uI5pFnaEdkq9zE7k0290LB+Wc27MyVRa4lYI3jRU94FIiJF9PW6WQvf dwV5q2vzu8GvsTXHUZl0IK4/pP4X3pwwlDomUBb+O1gPfRqmZQDVfMUDY1asx2/SzUxg s8qKuxpzvofGfWUTu3bGD+EBvPaEJ2A+K6/WhgJP0Vp9DoYFH5Wk9a3whxT9N27/DNcR tSPhQvHT9qACO7Iv+tikm4B49S1CkeR3zxTzdGHV1ZeFhb/rl6i8e6Yh+DR7JMhW43oe pk0ofrJf4IL11PzOQ3Hqe+1TgFRYBczdf7oMOHxSLDwQNj9+LCRtlUHofJs1mtVu5mT+ uS2w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=+fcd5Qv9ghfGsN7+gveRQgNoa21U6k7qkJYCm6II4Sk=; b=d3Drt1tpWdCXqJhpAhsGbcMNJExaUCYr9i0Q/CQHWN1avqTnmqYQ4SrkL4GslKxrqC 795OGmpQmv6rDspRv1MidhS2GX94nu9BUEjkRDXz0WGljMv/BZTh/zD75UrkjzRIqloL tRL+1Snlo0DvRjNuKhjQtZl6PQhbht9FN07uJYp0ldBWhcAI0BEulG5+C+3WdKDvImKH Mds8QWJAovUp42r86oUEVwS6F75C2nW+C8fqc3kAjohPk0pGPs+xZYyfar6HkLi4brgv Czbhs2DqMLJNT+uPK2IR+0DPzo/cX/76ybks4kN6Vjk5MGJWDTQpv+2hWFDKKs1CVgS7 VaGg== X-Gm-Message-State: AOAM533ffcZiduJ/ae8Zn2Ux2hbVIhCBotfJRmaT70C3G5vuqDYt6uMJ 9AnXdweCJ4IdN1czF1yZLqoCKAo2S9Y/bRQolx8wMAQjlBlnaaDf3xtkWVxmBsGLX5KED9Zb8Dg 7s7aUYgtF5kII01SXwV7SoJcRi8dYY/6DFfpct9JXS7KFTAHW+ybODeFy+OQG1gJxzVBq/ZSqZY LiF/1PmiUZiTw= X-Google-Smtp-Source: ABdhPJx9KLpS9npOeVNE9JEWkXQGra1TEvGdbkY3w1FWdJhQ8FKvuYNKzfXAeu4XeD+syF814xFrSZ9lYltv6aEIwA== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a25:9d0f:: with SMTP id i15mr3827914ybp.311.1627528418255; Wed, 28 Jul 2021 20:13:38 -0700 (PDT) Date: Thu, 29 Jul 2021 11:12:49 +0800 In-Reply-To: <20210729031258.3391756-1-howardchung@google.com> Message-Id: <20210729110956.Bluez.v4.3.If0cf6e1feb9e9cc8106793bcaea60202852d7095@changeid> Mime-Version: 1.0 References: <20210729031258.3391756-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v4 03/13] mcap: add adapter authorization From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung Currently mcap is the only profile that doesn't request adatper authorization. This patch adds a argument when creating the mcap instance to set authorize method. The reason why we don't use btd_request_authorization directly like all other profiles is because tools/mcaptest includes the profile/health/mcap.h. If we add dependency to adapter.h in mcap.h, it will make mcaptest depend on adapter and be not able to build independently. --- (no changes since v1) android/health.c | 2 +- profiles/health/hdp.c | 1 + profiles/health/mcap.c | 39 +++++++++++++++++++++++++++++++++++++-- profiles/health/mcap.h | 7 +++++++ tools/mcaptest.c | 2 +- 5 files changed, 47 insertions(+), 4 deletions(-) diff --git a/android/health.c b/android/health.c index 9a29964b1be2..de50db98e988 100644 --- a/android/health.c +++ b/android/health.c @@ -2008,7 +2008,7 @@ bool bt_health_register(struct ipc *ipc, const bdaddr_t *addr, uint8_t mode) mcl_connected, mcl_reconnected, mcl_disconnected, mcl_uncached, NULL, /* CSP is not used right now */ - NULL, &err); + NULL, NULL, &err); if (!mcap) { error("health: MCAP instance creation failed %s", err->message); g_error_free(err); diff --git a/profiles/health/hdp.c b/profiles/health/hdp.c index 6bc41946fef3..efa8955efaea 100644 --- a/profiles/health/hdp.c +++ b/profiles/health/hdp.c @@ -1347,6 +1347,7 @@ static gboolean update_adapter(struct hdp_adapter *hdp_adapter) mcl_connected, mcl_reconnected, mcl_disconnected, mcl_uncached, NULL, /* CSP is not used by now */ + btd_request_authorization, hdp_adapter, &err); if (hdp_adapter->mi == NULL) { error("Error creating the MCAP instance: %s", err->message); diff --git a/profiles/health/mcap.c b/profiles/health/mcap.c index be13af37a0b8..d4cb69f77f5b 100644 --- a/profiles/health/mcap.c +++ b/profiles/health/mcap.c @@ -14,6 +14,7 @@ #endif #define _GNU_SOURCE +#include #include #include #include @@ -23,6 +24,7 @@ #include #include "lib/bluetooth.h" +#include "lib/uuid.h" #include "bluetooth/l2cap.h" #include "btio/btio.h" #include "src/log.h" @@ -1980,7 +1982,6 @@ static void set_mcl_conf(GIOChannel *chan, struct mcap_mcl *mcl) mcl->state = MCL_CONNECTED; mcl->role = MCL_ACCEPTOR; mcl->req = MCL_AVAILABLE; - mcl->cc = g_io_channel_ref(chan); mcl->ctrl |= MCAP_CTRL_STD_OP; mcap_sync_init(mcl); @@ -2005,19 +2006,39 @@ static void set_mcl_conf(GIOChannel *chan, struct mcap_mcl *mcl) mcl->mi->mcl_connected_cb(mcl, mcl->mi->user_data); } +static void auth_callback(void *err, void *user_data) +{ + struct mcap_mcl *mcl = user_data; + DBusError *derr = err; + + if (derr) { + error("Access denied: %s", derr->message); + goto reject; + } + + set_mcl_conf(mcl->cc, mcl); + return; + +reject: + g_io_channel_shutdown(mcl->cc, TRUE, NULL); + g_io_channel_unref(mcl->cc); +} + static void connect_mcl_event_cb(GIOChannel *chan, GError *gerr, gpointer user_data) { struct mcap_instance *mi = user_data; struct mcap_mcl *mcl; - bdaddr_t dst; + bdaddr_t src, dst; char address[18], srcstr[18]; GError *err = NULL; + guint ret; if (gerr) return; bt_io_get(chan, &err, + BT_IO_OPT_SOURCE_BDADDR, &src, BT_IO_OPT_DEST_BDADDR, &dst, BT_IO_OPT_DEST, address, BT_IO_OPT_INVALID); @@ -2044,6 +2065,18 @@ static void connect_mcl_event_cb(GIOChannel *chan, GError *gerr, mcl->next_mdl = (rand() % MCAP_MDLID_FINAL) + 1; } + mcl->cc = g_io_channel_ref(chan); + if (mi->authorize_cb) { + ret = mi->authorize_cb(&src, &dst, HDP_UUID, auth_callback, + mcl); + if (ret != 0) + return; + + error("HDP: authorization for device %s failed", address); + g_io_channel_unref(mcl->cc); + goto drop; + } + set_mcl_conf(chan, mcl); return; @@ -2060,6 +2093,7 @@ struct mcap_instance *mcap_create_instance(const bdaddr_t *src, mcap_mcl_event_cb mcl_disconnected, mcap_mcl_event_cb mcl_uncached, mcap_info_ind_event_cb mcl_sync_info_ind, + mcap_authorize_cb authorize_cb, gpointer user_data, GError **gerr) { @@ -2089,6 +2123,7 @@ struct mcap_instance *mcap_create_instance(const bdaddr_t *src, mi->mcl_disconnected_cb = mcl_disconnected; mi->mcl_uncached_cb = mcl_uncached; mi->mcl_sync_infoind_cb = mcl_sync_info_ind; + mi->authorize_cb = authorize_cb; mi->user_data = user_data; mi->csp_enabled = FALSE; diff --git a/profiles/health/mcap.h b/profiles/health/mcap.h index 5a94c8b63bea..aa69b0d32c0d 100644 --- a/profiles/health/mcap.h +++ b/profiles/health/mcap.h @@ -249,6 +249,11 @@ typedef void (* mcap_sync_set_cb) (struct mcap_mcl *mcl, GError *err, gpointer data); +typedef void mcap_auth_cb(void *err, void *user_data); +typedef guint (* mcap_authorize_cb) (const bdaddr_t *src, const bdaddr_t *dst, + const char *uuid, mcap_auth_cb cb, + void *user_data); + struct mcap_mdl_cb { mcap_mdl_event_cb mdl_connected; /* Remote device has created a MDL */ mcap_mdl_event_cb mdl_closed; /* Remote device has closed a MDL */ @@ -271,6 +276,7 @@ struct mcap_instance { mcap_mcl_event_cb mcl_disconnected_cb; /* MCL disconnected */ mcap_mcl_event_cb mcl_uncached_cb; /* MCL has been removed from MCAP cache */ mcap_info_ind_event_cb mcl_sync_infoind_cb; /* (CSP Master) Received info indication */ + mcap_authorize_cb authorize_cb; /* Method to request authorization */ gpointer user_data; /* Data to be provided in callbacks */ int ref; /* Reference counter */ @@ -404,6 +410,7 @@ struct mcap_instance *mcap_create_instance(const bdaddr_t *src, mcap_mcl_event_cb mcl_disconnected, mcap_mcl_event_cb mcl_uncached, mcap_info_ind_event_cb mcl_sync_info_ind, + mcap_authorize_cb authorize_cb, gpointer user_data, GError **gerr); void mcap_release_instance(struct mcap_instance *mi); diff --git a/tools/mcaptest.c b/tools/mcaptest.c index dcef0b908ac8..63ee22149a40 100644 --- a/tools/mcaptest.c +++ b/tools/mcaptest.c @@ -434,7 +434,7 @@ int main(int argc, char *argv[]) mcl_connected, mcl_reconnected, mcl_disconnected, mcl_uncached, NULL, /* CSP is not used right now */ - NULL, &err); + NULL, NULL, &err); if (!mcap) { printf("MCAP instance creation failed %s\n", err->message); From patchwork Thu Jul 29 03:12:50 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12407537 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-21.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 31EEEC432BE for ; Thu, 29 Jul 2021 03:13:53 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1703C60F59 for ; Thu, 29 Jul 2021 03:13:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233571AbhG2DNy (ORCPT ); Wed, 28 Jul 2021 23:13:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43430 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233586AbhG2DNt (ORCPT ); Wed, 28 Jul 2021 23:13:49 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 24D02C0613C1 for ; Wed, 28 Jul 2021 20:13:45 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id g11-20020a25ae4b0000b02905792fb55b0bso5361914ybe.9 for ; Wed, 28 Jul 2021 20:13:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=G5IamTG342V1nmPJafUnZ8zf6U37HSJ+F3rr7RIrFY8=; b=TZ3q/cgA8wCUkrUtapDLp0xgmERoagirdoL3gCKQ/dbfYK1xEzzKy1SpW5gemKkyPe nPKL2y8JfUIbfJep4QXwAzjZuO3MWbQRios0Ww9EQaTf34xwtuX1llahDNwp8+tWF8e7 rQnOde9lOGBmNY7vP6ig2llNoxr5ujbICAVf22ggXIm1k6XT9BBDfuH3TOzwysmRFkZV QwUk242GFb1OIYwQOJ4hWPO3FzP53Cp7aSCSUij78Ifin2TXiPHOwT7mNI6bxmKWbIZl zo6AdPTWPrHBLLkzVl9oWqBGUX/FwPg0FRZTlmjTwUiOD6E7rMl861Z6PalX719i2a+P d4QA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=G5IamTG342V1nmPJafUnZ8zf6U37HSJ+F3rr7RIrFY8=; b=rXbvJV/y9h8hpAYM6HwwH2qX4xdbuHmUQQOIc5eapsK2xq/0GF9oUG10Auqh49aAuV o11toHa37o+ebJSoicydbbT0q3L3TkJWcLN9Lo3unKwlZLXYS0vkf2Fvjw/EKulfa/Oq +0fS/mFeIoDir1Vdrw51oX52pSZDHOJzHAQQcW3ycVBnyNi7SScjllcfwz17//NPgq7x lzFXpdB9AfMXRQ4dAbTXnpN7t2Q2jRSoJXjVuXxjMYnyqZ0+5SLv0P98rylp7XhyqrQl ulh2frXoYj9vZ4Dhbddo3cBSzh5ms1rs83Bdv4d1/pJcbb1aeQcGSfL7oQoKDYiwCCUD Z7Ew== X-Gm-Message-State: AOAM532Gw9lXYvz2e3zVFIrQpD1vdMvmkyG3selGnJrHplYJH74ge9AD SHJOUQgFzYYnsPzK3FNczXXizTKj6Z+QivlPazgHeU1h/EVIdx6qGYZDE5FeJbvqzz/YROo3nNb sGRdpUYrFpXIJAX8tvzomSW+PSAuZKnB5ci6saOkvVG5RpEA/e4ukoPFWj1M0CMVQ7te9tyTJid +YU4UHZ/wGJmE= X-Google-Smtp-Source: ABdhPJxio2ALnxr7WRDhCQGpIm7d10tj6VjOqlXzxXBaAvFx7Be6mjJuwWiVhYlM2HaGWFmF0X42plhKcPgptYSnYA== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a25:28a:: with SMTP id 132mr4147120ybc.458.1627528424277; Wed, 28 Jul 2021 20:13:44 -0700 (PDT) Date: Thu, 29 Jul 2021 11:12:50 +0800 In-Reply-To: <20210729031258.3391756-1-howardchung@google.com> Message-Id: <20210729110956.Bluez.v4.4.Ia4dc489979e4bf7ffa3421199b1b9fd8d7f00bbc@changeid> Mime-Version: 1.0 References: <20210729031258.3391756-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v4 04/13] core: block not allowed UUID connect in auth From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This ensures any incoming profile connection will be blocked if its UUID is not allowed by the following assumption: 1. Each system profile asks adapter authorization when seeing a incoming connection. 2. Each external profile checks if its UUID is allowed by adapter when seeing a incoming connection. --- The following test steps were performed after enabling admin plugin: 1. Set ServiceAllowList to ["1234"]. 2. Turn on a paired classic keyboard. Verify it can not be connected. 3. Set ServiceAllowList to ["1800","1801","180A","180F","1812"] 4. Turn off and turn on the keyboard. Verift it can be connected. (no changes since v1) src/adapter.c | 5 +++++ src/profile.c | 12 ++++++++++++ 2 files changed, 17 insertions(+) diff --git a/src/adapter.c b/src/adapter.c index c7fe27d19a5d..6c8096147bdd 100644 --- a/src/adapter.c +++ b/src/adapter.c @@ -7118,6 +7118,11 @@ static gboolean process_auth_queue(gpointer user_data) if (auth->svc_id > 0) return FALSE; + if (!btd_adapter_is_uuid_allowed(adapter, auth->uuid)) { + auth->cb(&err, auth->user_data); + goto next; + } + if (device_is_trusted(device) == TRUE) { auth->cb(NULL, auth->user_data); goto next; diff --git a/src/profile.c b/src/profile.c index 60d17b6ae657..58500c74746d 100644 --- a/src/profile.c +++ b/src/profile.c @@ -1249,6 +1249,11 @@ static void ext_confirm(GIOChannel *io, gpointer user_data) DBG("incoming connect from %s", addr); + if (btd_adapter_is_uuid_allowed(adapter_find(&src), uuid)) { + info("UUID %s is not allowed. Igoring the connection", uuid); + return; + } + conn = create_conn(server, io, &src, &dst); if (conn == NULL) return; @@ -1272,6 +1277,7 @@ static void ext_direct_connect(GIOChannel *io, GError *err, gpointer user_data) struct ext_profile *ext = server->ext; GError *gerr = NULL; struct ext_io *conn; + const char *uuid = ext->service ? ext->service : ext->uuid; bdaddr_t src, dst; bt_io_get(io, &gerr, @@ -1285,6 +1291,12 @@ static void ext_direct_connect(GIOChannel *io, GError *err, gpointer user_data) return; } + if (btd_adapter_is_uuid_allowed(adapter_find(&src), ext->uuid)) { + info("UUID %s is not allowed. Igoring the connection", + ext->uuid); + return; + } + conn = create_conn(server, io, &src, &dst); if (conn == NULL) return; From patchwork Thu Jul 29 03:12:51 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12407539 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-21.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6527AC4338F for ; Thu, 29 Jul 2021 03:13:55 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 4A3B060F59 for ; Thu, 29 Jul 2021 03:13:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233582AbhG2DNz (ORCPT ); Wed, 28 Jul 2021 23:13:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43456 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233297AbhG2DNy (ORCPT ); Wed, 28 Jul 2021 23:13:54 -0400 Received: from mail-qt1-x84a.google.com (mail-qt1-x84a.google.com [IPv6:2607:f8b0:4864:20::84a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 19377C0613D5 for ; Wed, 28 Jul 2021 20:13:50 -0700 (PDT) Received: by mail-qt1-x84a.google.com with SMTP id t35-20020a05622a1823b02902647b518455so2114949qtc.3 for ; Wed, 28 Jul 2021 20:13:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=Q/e+0IQlyiwFsKtb7qCWpUP84WxAop8SbAryiByocQw=; b=vu5z/nxxFbriAu1c3zuZWwleNuCQxiQ2DrbJ19TxYpYQtosGk/iQl4ik7zNN07G6hf ShjCj7lmIHllgxQ+a8gQZyV9CsYI+ibN8uMUZRRfJF45+IoX82pfc9CPhgIahVUt7L1k wzMV0PFjeX+/EeFJZTyj80NSOFRMlkR2euaqPcLz7VCynzAf9noKTfrmpnwa3hn8KckG KzI0OMozfeJ1uKsklX8Cuz1pqAATamCxiMrqFG3p2SJHde9LSlIWti6itxHKxSp+y8SI kD8E1IEOfXNwN0ThG0zYDjNe4GKH8EsD0kZq4b89lMQ0uftM7eefpNU2nMT9EeaATsOJ 9JBg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=Q/e+0IQlyiwFsKtb7qCWpUP84WxAop8SbAryiByocQw=; b=JbxFxV+ytL3BqYLsOsLKGsLxnmhwJp49OCn67d4wSTJhypQbE+Rq5ze5Y/vFK6Omgq A8/yUw7h8uJmjLTaYHk6aLzE32Ki6u6my4cgroT22E/J5W9/PjfzDVKNXXlE7SXJpoH2 HyGAGKabjGsZEM3Z/KpAUsWcOgtw8dyiB7svMZ+/xOdnBuYxIBLEjL38rcKHe15ynh++ efnmOqKuiyoo3WBxLD3eJ4/41WDA547cv5/Y/OiMlGHUYqB4AKgLv0/LWNibZojq32Ni dKBPMGZ6xBp0mTdN8VqCgZVUpbdWH/Sw1H3TCW/TL1NKfPNo9liAY5YdHPBAH7SCjHVT cP7A== X-Gm-Message-State: AOAM532z+r/7ygbRIVJaK1/N6vT3zHO6XlBbjU2HvStzwWnMgrMXx39L +mpNW9/qoh4H5R1r5bw3NUd/8kdiVWlrUdX8s7iJ+ckFqugQe1jQT2a/DN/RxH9eNsYd22Jz88d QtCL0g/zkjHqqYxHCSaVnAkMtjk0F5bK5Mnny1izbzftKGnhYPdh8m7MMN1hu8dvKTu+0R2ufnn +bfuZK6/7bTew= X-Google-Smtp-Source: ABdhPJxik0uicRqPv5YB5ozNbFc/KO++IQM37u1GQm058XUSTkdLQWQQcUnnSO1ub9vzr7H1kS/1hcGFgz4zEFqoXw== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a05:6214:a0d:: with SMTP id dw13mr3309708qvb.41.1627528429131; Wed, 28 Jul 2021 20:13:49 -0700 (PDT) Date: Thu, 29 Jul 2021 11:12:51 +0800 In-Reply-To: <20210729031258.3391756-1-howardchung@google.com> Message-Id: <20210729110956.Bluez.v4.5.Iee308dd18bfdfd3dae9e343e78b3942ee462314f@changeid> Mime-Version: 1.0 References: <20210729031258.3391756-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v4 05/13] core: add device_added and device_removed to adapter driver From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds device_added and device_removed to btd_adapter_driver so that a driver can get notification when device is added or removed. --- (no changes since v1) src/adapter.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++----- src/adapter.h | 4 ++++ 2 files changed, 58 insertions(+), 5 deletions(-) diff --git a/src/adapter.c b/src/adapter.c index 6c8096147bdd..5c556b569ca7 100644 --- a/src/adapter.c +++ b/src/adapter.c @@ -1218,6 +1218,9 @@ void adapter_service_remove(struct btd_adapter *adapter, uint32_t handle) remove_record_from_server(rec->handle); } +static void adapter_add_device(struct btd_adapter *adapter, + struct btd_device *device); + static struct btd_device *adapter_create_device(struct btd_adapter *adapter, const bdaddr_t *bdaddr, uint8_t bdaddr_type) @@ -1228,8 +1231,7 @@ static struct btd_device *adapter_create_device(struct btd_adapter *adapter, if (!device) return NULL; - adapter->devices = g_slist_append(adapter->devices, device); - + adapter_add_device(adapter, device); return device; } @@ -1256,6 +1258,9 @@ static void service_auth_cancel(struct service_auth *auth) g_free(auth); } +static void adapter_remove_device(struct btd_adapter *adapter, + struct btd_device *device); + void btd_adapter_remove_device(struct btd_adapter *adapter, struct btd_device *dev) { @@ -1263,7 +1268,7 @@ void btd_adapter_remove_device(struct btd_adapter *adapter, adapter->connect_list = g_slist_remove(adapter->connect_list, dev); - adapter->devices = g_slist_remove(adapter->devices, dev); + adapter_remove_device(adapter, dev); btd_adv_monitor_device_remove(adapter->adv_monitor_manager, dev); adapter->discovery_found = g_slist_remove(adapter->discovery_found, @@ -4665,7 +4670,7 @@ static void load_devices(struct btd_adapter *adapter) goto free; btd_device_set_temporary(device, false); - adapter->devices = g_slist_append(adapter->devices, device); + adapter_add_device(adapter, device); /* TODO: register services from pre-loaded list of primaries */ @@ -4827,6 +4832,48 @@ void adapter_remove_profile(struct btd_adapter *adapter, gpointer p) profile->adapter_remove(profile, adapter); } +static void device_added_drivers(struct btd_adapter *adapter, + struct btd_device *device) +{ + struct btd_adapter_driver *driver; + GSList *l; + + for (l = adapter_drivers; l; l = l->next) { + driver = l->data; + + if (driver->device_added) + driver->device_added(adapter, device); + } +} + +static void device_removed_drivers(struct btd_adapter *adapter, + struct btd_device *device) +{ + struct btd_adapter_driver *driver; + GSList *l; + + for (l = adapter_drivers; l; l = l->next) { + driver = l->data; + + if (driver->device_removed) + driver->device_removed(adapter, device); + } +} + +static void adapter_add_device(struct btd_adapter *adapter, + struct btd_device *device) +{ + adapter->devices = g_slist_append(adapter->devices, device); + device_added_drivers(adapter, device); +} + +static void adapter_remove_device(struct btd_adapter *adapter, + struct btd_device *device) +{ + adapter->devices = g_slist_remove(adapter->devices, device); + device_removed_drivers(adapter, device); +} + static void adapter_add_connection(struct btd_adapter *adapter, struct btd_device *device, uint8_t bdaddr_type) @@ -6445,8 +6492,10 @@ static void adapter_remove(struct btd_adapter *adapter) g_slist_free(adapter->connect_list); adapter->connect_list = NULL; - for (l = adapter->devices; l; l = l->next) + for (l = adapter->devices; l; l = l->next) { + device_removed_drivers(adapter, l->data); device_remove(l->data, FALSE); + } g_slist_free(adapter->devices); adapter->devices = NULL; diff --git a/src/adapter.h b/src/adapter.h index 7cac51451249..a2567330ddc9 100644 --- a/src/adapter.h +++ b/src/adapter.h @@ -111,6 +111,10 @@ struct btd_adapter_driver { int (*probe) (struct btd_adapter *adapter); void (*remove) (struct btd_adapter *adapter); void (*resume) (struct btd_adapter *adapter); + void (*device_added) (struct btd_adapter *adapter, + struct btd_device *device); + void (*device_removed) (struct btd_adapter *adapter, + struct btd_device *device); }; typedef void (*service_auth_cb) (DBusError *derr, void *user_data); From patchwork Thu Jul 29 03:12:52 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12407541 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 925D4C4338F for ; Thu, 29 Jul 2021 03:13:59 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7382C6103A for ; Thu, 29 Jul 2021 03:13:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233588AbhG2DOA (ORCPT ); Wed, 28 Jul 2021 23:14:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43472 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233586AbhG2DN6 (ORCPT ); Wed, 28 Jul 2021 23:13:58 -0400 Received: from mail-qk1-x749.google.com (mail-qk1-x749.google.com [IPv6:2607:f8b0:4864:20::749]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0AB89C061757 for ; Wed, 28 Jul 2021 20:13:55 -0700 (PDT) Received: by mail-qk1-x749.google.com with SMTP id bm25-20020a05620a1999b02903a9c3f8b89fso2974217qkb.2 for ; Wed, 28 Jul 2021 20:13:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=mDdEFCjpHD/uWglCa7g2e7wWzLT0QoSSZnVpKWZCPo4=; b=p3tQ7nkxRsVAbhaTRV58Q03fkBS7gDnHQt2bj1gWi/QUu4qiROjBCr36TIu+sqvE3J 98YQF59jiCZTNcg8BUAzDud3sjcOcU4ivObhFEX/pJsaxZbMrw2e9wWv4a8CNeq05n0z 4+w/oR+UHW04e6FZQtEjJR684kxAmneSboLFGh/8NdiC831AGcdHbXenXNPFFaHa2ZEf EGXhYQMznFduTCeHNb07mcoDAIKAgiARbtgJ2u9gU+5OMxfcwOZ1JJzndbH2XyhYYy0T GEdIdmzM1+FkPVuE4pME+Cffo7UZX/0/r3Fd4+ldhdfIL5bMxJ9PLbspK6cJ6j/W1Faa Nh5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=mDdEFCjpHD/uWglCa7g2e7wWzLT0QoSSZnVpKWZCPo4=; b=Khp/uxd0c42PeLPGQs1OcqFd8/HGbvmdkzT6Sr5HKrq34OSGGxjTdGrMrlU4GPobmF L5D5n/GtmxBEsoZ9aovBhwc9eMRmkqioeahm723wrgQyNXqfjbzRO8gx4Xju6/l/dO43 CzvPZzPQLDYFrCA+h8NHiXnAiT063JQiUsiJ/r3gaJiRzBqZ6SKuiuwIKGRftq/u+J75 eDgoxCOPXDxOkMCtK2gdi3375fASo3LNIWQm0oEO+7jg6IKwRkdJCmOnqbowSgHuB7+C Jlr0XEhEf4jL7zDxAmkZ6nBGbr6UcKVmxUjDYVjYPji+AwZ+99SCYW94xUSBJF8QLU8/ NQ+A== X-Gm-Message-State: AOAM533NbLr6Tj8kUW/MblvGpU118FOVqbGNIVuWg5C1c57zpT05aj0F k9V4PtEgxqzN2AEe/N39GNgNmyWse2MWjylMhDREbl5Xc2lORG61A8/GZkJ8nOE4LK2cQX0Ar3B 5bNJ6Yqtnc/k/ZzKEagFC04Dn4vwHwOw1LnNct7j/8UCKYkVQHTPE0iezt772e47O4nTTOTlXdA yfsRaAGuEzQ+s= X-Google-Smtp-Source: ABdhPJxgneRj7yuW/oKPOiKCOGre/k9lYaXBMfnCzTvd+KP2rkG3C0z8Ak3++D0qiLZx6TqNq7Xs/h1NLKgy9TLryQ== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a05:6214:104b:: with SMTP id l11mr3396829qvr.40.1627528434162; Wed, 28 Jul 2021 20:13:54 -0700 (PDT) Date: Thu, 29 Jul 2021 11:12:52 +0800 In-Reply-To: <20210729031258.3391756-1-howardchung@google.com> Message-Id: <20210729110956.Bluez.v4.6.Id0842634d98a21fbdfa5cc72c76a462a98bf6f40@changeid> Mime-Version: 1.0 References: <20210729031258.3391756-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v4 06/13] plugins: new plugin From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds an initial code for a new plugin admin. Reviewed-by: Miao-chen Chou --- (no changes since v1) Makefile.plugins | 5 +++++ bootstrap-configure | 1 + configure.ac | 4 ++++ plugins/admin.c | 30 ++++++++++++++++++++++++++++++ 4 files changed, 40 insertions(+) create mode 100644 plugins/admin.c diff --git a/Makefile.plugins b/Makefile.plugins index 4e6a72b0bdf6..69fb01001cc6 100644 --- a/Makefile.plugins +++ b/Makefile.plugins @@ -11,6 +11,11 @@ builtin_sources += plugins/autopair.c builtin_modules += policy builtin_sources += plugins/policy.c +if ADMIN +builtin_modules += admin +builtin_sources += plugins/admin.c +endif + if NFC builtin_modules += neard builtin_sources += plugins/neard.c diff --git a/bootstrap-configure b/bootstrap-configure index 0efd83abc2c4..a34be832068e 100755 --- a/bootstrap-configure +++ b/bootstrap-configure @@ -30,4 +30,5 @@ fi --enable-pie \ --enable-cups \ --enable-library \ + --enable-admin \ --disable-datafiles $* diff --git a/configure.ac b/configure.ac index a5afaea6cfcd..0744860b89fb 100644 --- a/configure.ac +++ b/configure.ac @@ -364,6 +364,10 @@ AC_ARG_ENABLE(logger, AC_HELP_STRING([--enable-logger], [enable HCI logger service]), [enable_logger=${enableval}]) AM_CONDITIONAL(LOGGER, test "${enable_logger}" = "yes") +AC_ARG_ENABLE(admin, AC_HELP_STRING([--enable-admin], + [enable admin policy plugin]), [enable_admin=${enableval}]) +AM_CONDITIONAL(ADMIN, test "${enable_admin}" = "yes") + if (test "${prefix}" = "NONE"); then dnl no prefix and no localstatedir, so default to /var if (test "$localstatedir" = '${prefix}/var'); then diff --git a/plugins/admin.c b/plugins/admin.c new file mode 100644 index 000000000000..42866bcf7be2 --- /dev/null +++ b/plugins/admin.c @@ -0,0 +1,30 @@ +// SPDX-License-Identifier: LGPL-2.1-or-later +/* + * + * BlueZ - Bluetooth protocol stack for Linux + * + * Copyright (C) 2021 Google LLC + * + * + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include "src/log.h" +#include "src/plugin.h" + +static int admin_init(void) +{ + DBG(""); +} + +static void admin_exit(void) +{ + DBG(""); +} + +BLUETOOTH_PLUGIN_DEFINE(admin, VERSION, + BLUETOOTH_PLUGIN_PRIORITY_DEFAULT, + admin_init, admin_exit) From patchwork Thu Jul 29 03:12:53 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12407543 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6782CC4338F for ; Thu, 29 Jul 2021 03:14:03 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 4A26D60F59 for ; Thu, 29 Jul 2021 03:14:03 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233587AbhG2DOE (ORCPT ); Wed, 28 Jul 2021 23:14:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43492 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233589AbhG2DOD (ORCPT ); Wed, 28 Jul 2021 23:14:03 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BFD86C061757 for ; Wed, 28 Jul 2021 20:13:59 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id q3-20020a25bfc30000b02905592911c932so4674135ybm.15 for ; Wed, 28 Jul 2021 20:13:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=ov+ljL+WLImh2UNgqiJukm2dfT5futa1Kc0R7vlTCyc=; b=R06IcO215rneUEO8XsDGraLoVMuN2n+a8npHZxA8XZ7zHHVuMT20KRInyJrHlsZHXB qjwciwGruZD2DcK7y1ibOizrovJjRAdhbx+upFpRoWJrkeCF8637wictpPnYV6kHgfxi zub0p8uGAx9umtU8cS8yl2taQwmD0Mhc2YJ8ROyqzZuL8U8mnW51Yy7DMBCuwtOdKYep RDjcmZbuC7AldhwXYsiyNYA/V7BeKO/1ADdhFXbM+FpDsHlyZ+eXjvYACTyvyynTi5/e QQEeabbFW0bns61+FLziG0DnSDgabAf7/KyCyOJz30KvtkSsPb8kIgwwYBSUFOYheMB9 Z7Hw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=ov+ljL+WLImh2UNgqiJukm2dfT5futa1Kc0R7vlTCyc=; b=apHTva6hteSnzR1/I+nHqSnIQ1GzaV5CHOOsrrswy9YQfCzUFkAbWsGIWV4Fl826CA 2nwzLb8qT9GbItfy7t1CI8MS4AZXjVYjz5kiMVjh8KJqM/0Xy6C6nihYkzeyIAO0pCOs MzwfIQ5XV+IdP3E+G6zZiAA/Q4yIvLE3teUSrx+FTJ05We+FN0CYDKdBiH+RM8WmgwBb ZztB+H6U097wtc/DBfVuWKMbKY4lcpcr81DXwOpvPhhJlm/s58zV9C0feNwlh339W7ry qKlPj3giiPkPDpuizVBlCSt22lJJ51RvpK4ZXkbYXRbxbjbiDabE41w5q7uwZ5F4Bz0c sfwg== X-Gm-Message-State: AOAM531J6jlxjRocKdsty4VK4bRnskDU8IhivR9if1hXHsG2bF1/evGS ivzF1Q5Meyx1Twx6ahSdy/u1BZShOAgG0TiJBAeg26ZUswhsKPI3I1jFxm3GY/PbGhcxqziCekP sp+tkJ6+luMHHERjAN/+JQ3nKK5foCGLnfOPPl/lo7D9h664TWhan/Ayr7dkLuwCf/K+7H1Z3Rx KAP+u/0HevXS8= X-Google-Smtp-Source: ABdhPJx1/fi5TTNEVKp59Yv20a0rpFhzDITWL4p8F6b6G2pnRluJK5ZlfoIJsMNC2IAvCht19WfeCTPtvIFkpmhyXA== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a25:2ac4:: with SMTP id q187mr4032869ybq.74.1627528438938; Wed, 28 Jul 2021 20:13:58 -0700 (PDT) Date: Thu, 29 Jul 2021 11:12:53 +0800 In-Reply-To: <20210729031258.3391756-1-howardchung@google.com> Message-Id: <20210729110956.Bluez.v4.7.I29607be7ac91b0a494ab51713ba14f583eb858ed@changeid> Mime-Version: 1.0 References: <20210729031258.3391756-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v4 07/13] plugins/admin: add admin_policy adapter driver From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds code to register admin_policy driver to adapter when admin plugin is enabled. The following test steps were performed: 1. restart bluetoothd 2. check if "Admin Policy is enabled" in system log Reviewed-by: Miao-chen Chou --- (no changes since v1) plugins/admin.c | 67 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) diff --git a/plugins/admin.c b/plugins/admin.c index 42866bcf7be2..923e08cb836b 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -12,17 +12,84 @@ #include #endif +#include "lib/bluetooth.h" + +#include "src/adapter.h" +#include "src/error.h" #include "src/log.h" #include "src/plugin.h" +#include "src/shared/queue.h" + +/* |policy_data| has the same life cycle as btd_adapter */ +static struct btd_admin_policy { + struct btd_adapter *adapter; + uint16_t adapter_id; +} *policy_data = NULL; + +static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter) +{ + struct btd_admin_policy *admin_policy = NULL; + + admin_policy = g_try_malloc(sizeof(*admin_policy)); + if (!admin_policy) { + btd_error(btd_adapter_get_index(adapter), + "Failed to allocate memory for admin_policy"); + return NULL; + } + + admin_policy->adapter = adapter; + admin_policy->adapter_id = btd_adapter_get_index(adapter); + + return admin_policy; +} + +static void admin_policy_free(void *data) +{ + struct btd_admin_policy *admin_policy = data; + + g_free(admin_policy); +} + +static int admin_policy_adapter_probe(struct btd_adapter *adapter) +{ + if (policy_data) { + btd_warn(policy_data->adapter_id, + "Policy data already exists"); + admin_policy_free(policy_data); + policy_data = NULL; + } + + policy_data = admin_policy_new(adapter); + if (!policy_data) + return -ENOMEM; + + btd_info(policy_data->adapter_id, "Admin Policy has been enabled"); + + return 0; +} + +static struct btd_adapter_driver admin_policy_driver = { + .name = "admin_policy", + .probe = admin_policy_adapter_probe, + .resume = NULL, +}; + static int admin_init(void) { DBG(""); + + return btd_register_adapter_driver(&admin_policy_driver); } static void admin_exit(void) { DBG(""); + + btd_unregister_adapter_driver(&admin_policy_driver); + + if (policy_data) + admin_policy_free(policy_data); } BLUETOOTH_PLUGIN_DEFINE(admin, VERSION, From patchwork Thu Jul 29 03:12:54 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12407545 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 00CA9C4338F for ; Thu, 29 Jul 2021 03:14:18 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id DB54A60F9B for ; Thu, 29 Jul 2021 03:14:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233617AbhG2DOL (ORCPT ); Wed, 28 Jul 2021 23:14:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43520 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233589AbhG2DOI (ORCPT ); Wed, 28 Jul 2021 23:14:08 -0400 Received: from mail-qk1-x749.google.com (mail-qk1-x749.google.com [IPv6:2607:f8b0:4864:20::749]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8DD5BC0613D3 for ; Wed, 28 Jul 2021 20:14:04 -0700 (PDT) Received: by mail-qk1-x749.google.com with SMTP id i15-20020a05620a150fb02903b960837cbfso2950974qkk.10 for ; Wed, 28 Jul 2021 20:14:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=+YRk0e87Fy4+hULeH4RsY+6kkkKU8k2ny1F7i1QOpA0=; b=tLxKdJf0tjUhWWgt3N6fENT/hejXzQqFydIN1m7a4c+yf5oSierNPITOTb4Qn7NtWh ENMKrluOyU1NJy3NkL4QKxd3alb/wacvBK6BTo/+Gh0XSnzsFk1mbEBoV8t5etsYwz8e WKK3x9aodCCTBRNTjX0VdGN0nXoPfg0n+tjZKMFdv1YbZ78qov8PmDgLeL9DZFdMksON qzuAfLPLKLnZLMojWvEYARrsNaCBKavp1rDPJMHi9rVE59RRHHxWKUr73KfLDuoVx85U vL7yRBnLPxMDfHUYRkbFpWsajpuCvyqOai+MSMGlJz4mNeFXIpDdsQwt/Z5IpXOUTI5Z FW3g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=+YRk0e87Fy4+hULeH4RsY+6kkkKU8k2ny1F7i1QOpA0=; b=Z053Wckjx7x706z9e62bf/oRCENbkfUFCwzNLD25P+4sQSRBynD+BP45sIs3LAvBRA ow+LY3SIFNIR4UI2zYe7IWxkOmjnWW+CX7lfY0GCUGWgeTmzvjbJhAwq1B1/5tYP+Mzw FqgLWlE2gBbDhuOFyUyI2jM9Y6JQkYOsD/p3vlU+nVh07ZtUFYThtKYMAEOU35FltW7Y O1psYjxqzSJOav4hlSQFyrQGh0ZsSm/lICLuZyaggRFdaGa9G9ox4noGHeoFsKqP3rjQ OpUQQrNYgNxrz9Se+suomZqIiL523w8fHX/+MJ3lUVVe6TuKXMGQvr01dRVZjb4hQdn8 ZBmA== X-Gm-Message-State: AOAM5324lIp6xliNWMmBD/EuHQinLCKLGlx8OdjQCjxtE14rL7Tez4jk z/o7P0uin2wghxEgT5wy7OTK3hQlvtEY6WVWlEsOw6kbok0PE/WBcmNOJiRxjHAijPTWq99Hty3 wOtQDgS+Exs5113OIHcsHOwkCNZnLlNJyOde3BN9S/DAJhZfpscSbM1OV3QuR/thM7BsiC4Odbb kONL6mtyQXtNQ= X-Google-Smtp-Source: ABdhPJzX8FnNDyZCfySjuZbapiAsWFD+DE308GisCkf5kOFSOyUiKWp6zS7lTNXfv12bGFX4qzlBx4NK9rLsYy1H5g== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a05:6214:902:: with SMTP id dj2mr2857595qvb.23.1627528443619; Wed, 28 Jul 2021 20:14:03 -0700 (PDT) Date: Thu, 29 Jul 2021 11:12:54 +0800 In-Reply-To: <20210729031258.3391756-1-howardchung@google.com> Message-Id: <20210729110956.Bluez.v4.8.Ifbb69dd6e371da3a914049a94615064479b9024b@changeid> Mime-Version: 1.0 References: <20210729031258.3391756-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v4 08/13] plugins/admin: add ServiceAllowList method From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds code to register interface org.bluez.AdminPolicySet1. The interface will provide methods to limit users to operate certain functions of bluez, such as allow/disallow user to taggle adapter power, or only allow users to connect services in the specified list, etc. This patch also implements ServiceAllowlist in org.bluez.AdminPolicySet1. Reviewed-by: Miao-chen Chou --- The following test steps were performed: 1. Set ServiceAllowList to ["1108","110A","110B","110C","110D","110E", "110F","1112","111E","111F","1203"] ( users are only allowed to connect headset ) 2. Turn on paired WF1000XM3, and listen music on Youtube. 3. Turn on paired K830 (LE device), press any key on keyboard. 4. Turn on paired Samsung Bluetooth Keyboard EE-BT550 (BREDR device), press any key on keyboard. 5. Set ServiceAllowList to ["1124","180A","180F","1812"] ( users are only allowed to connect HID devices ) 6. Turn on paired WF1000XM3, and listen music on Youtube. 7. Turn on paired K830 (LE device), press any key on keyboard. 8. Turn on paired Samsung Bluetooth Keyboard EE-BT550 (BREDR device), press any key on keyboard. 9. Set ServiceAllowList to [] ( users are only allowed to connect any device. ) 10. Turn on paired WF1000XM3, and listen music on Youtube. 11. Turn on paired K830 (LE device), press any key on keyboard. 12. Turn on paired Samsung Bluetooth Keyboard EE-BT550 (BREDR device), press any key on keyboard. Expected results: Step 2,7,8,9,10,11 should success, and step 3,4,6 should fail. (no changes since v1) plugins/admin.c | 127 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 126 insertions(+), 1 deletion(-) diff --git a/plugins/admin.c b/plugins/admin.c index 923e08cb836b..1fe2904d93d9 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -12,19 +12,29 @@ #include #endif +#include +#include + #include "lib/bluetooth.h" +#include "lib/uuid.h" #include "src/adapter.h" +#include "src/dbus-common.h" #include "src/error.h" #include "src/log.h" #include "src/plugin.h" #include "src/shared/queue.h" +#define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1" + +static DBusConnection *dbus_conn; + /* |policy_data| has the same life cycle as btd_adapter */ static struct btd_admin_policy { struct btd_adapter *adapter; uint16_t adapter_id; + struct queue *service_allowlist; } *policy_data = NULL; static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter) @@ -40,19 +50,120 @@ static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter) admin_policy->adapter = adapter; admin_policy->adapter_id = btd_adapter_get_index(adapter); + admin_policy->service_allowlist = NULL; return admin_policy; } +static void free_service_allowlist(struct queue *q) +{ + queue_destroy(q, g_free); +} + static void admin_policy_free(void *data) { struct btd_admin_policy *admin_policy = data; + free_service_allowlist(admin_policy->service_allowlist); g_free(admin_policy); } +static struct queue *parse_allow_service_list(struct btd_adapter *adapter, + DBusMessage *msg) +{ + DBusMessageIter iter, arr_iter; + struct queue *uuid_list = NULL; + + dbus_message_iter_init(msg, &iter); + if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_ARRAY) + return NULL; + + uuid_list = queue_new(); + dbus_message_iter_recurse(&iter, &arr_iter); + do { + const int type = dbus_message_iter_get_arg_type(&arr_iter); + char *uuid_param; + bt_uuid_t *uuid; + + if (type == DBUS_TYPE_INVALID) + break; + + if (type != DBUS_TYPE_STRING) + goto failed; + + dbus_message_iter_get_basic(&arr_iter, &uuid_param); + + uuid = g_try_malloc(sizeof(*uuid)); + if (!uuid) + goto failed; + + if (bt_string_to_uuid(uuid, uuid_param)) { + g_free(uuid); + goto failed; + } + + queue_push_head(uuid_list, uuid); + + dbus_message_iter_next(&arr_iter); + } while (true); + + return uuid_list; + +failed: + queue_destroy(uuid_list, g_free); + return NULL; +} + +static bool service_allowlist_set(struct btd_admin_policy *admin_policy, + struct queue *uuid_list) +{ + struct btd_adapter *adapter = admin_policy->adapter; + + if (!btd_adapter_set_allowed_uuids(adapter, uuid_list)) + return false; + + free_service_allowlist(admin_policy->service_allowlist); + admin_policy->service_allowlist = uuid_list; + + return true; +} + +static DBusMessage *set_service_allowlist(DBusConnection *conn, + DBusMessage *msg, void *user_data) +{ + struct btd_admin_policy *admin_policy = user_data; + struct btd_adapter *adapter = admin_policy->adapter; + struct queue *uuid_list = NULL; + const char *sender = dbus_message_get_sender(msg); + + DBG("sender %s", sender); + + /* Parse parameters */ + uuid_list = parse_allow_service_list(adapter, msg); + if (!uuid_list) { + btd_error(admin_policy->adapter_id, + "Failed on parsing allowed service list"); + return btd_error_invalid_args(msg); + } + + if (!service_allowlist_set(admin_policy, uuid_list)) { + free_service_allowlist(uuid_list); + return btd_error_failed(msg, "service_allowlist_set failed"); + } + + return dbus_message_new_method_return(msg); +} + +static const GDBusMethodTable admin_policy_adapter_methods[] = { + { GDBUS_METHOD("SetServiceAllowList", GDBUS_ARGS({ "UUIDs", "as" }), + NULL, set_service_allowlist) }, + { } +}; + static int admin_policy_adapter_probe(struct btd_adapter *adapter) { + const char *adapter_path; + if (policy_data) { btd_warn(policy_data->adapter_id, "Policy data already exists"); @@ -64,8 +175,20 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter) if (!policy_data) return -ENOMEM; - btd_info(policy_data->adapter_id, "Admin Policy has been enabled"); + adapter_path = adapter_get_path(adapter); + if (!g_dbus_register_interface(dbus_conn, adapter_path, + ADMIN_POLICY_SET_INTERFACE, + admin_policy_adapter_methods, NULL, + NULL, policy_data, admin_policy_free)) { + btd_error(policy_data->adapter_id, + "Admin Policy Set interface init failed on path %s", + adapter_path); + return -EINVAL; + } + + btd_info(policy_data->adapter_id, + "Admin Policy Set interface registered"); return 0; } @@ -79,6 +202,8 @@ static int admin_init(void) { DBG(""); + dbus_conn = btd_get_dbus_connection(); + return btd_register_adapter_driver(&admin_policy_driver); } From patchwork Thu Jul 29 03:12:55 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12407549 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7ECEEC4338F for ; Thu, 29 Jul 2021 03:14:20 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 6738A60F9B for ; Thu, 29 Jul 2021 03:14:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233666AbhG2DOV (ORCPT ); Wed, 28 Jul 2021 23:14:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43572 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233700AbhG2DOU (ORCPT ); Wed, 28 Jul 2021 23:14:20 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8CB63C0613C1 for ; Wed, 28 Jul 2021 20:14:09 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id w200-20020a25c7d10000b02905585436b530so5333793ybe.21 for ; Wed, 28 Jul 2021 20:14:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=AODxBjZj+nI2kbzDyMsrX+mfmhxGjROcT4no+1E+pG8=; b=ffBL5nvZOhLj/KuvfMD8g4zqW4VwqpgSCZQdrn3g1p+d/DOnBewLZrX+aPhz3RAb+i xu4RirCyyOKXdXSvBZ9X6dJ8DFvCNp0dYJSVuSuBurDw7rKHFeB5CRwpfc/b+/juLrrP EJpZVOwvBjOz/S1I8ps5c9kPKy2+BRpxD6Tnhd22+7QHEfCOxKWgcYMsbUCwnj6j5wFM EOEDmaDBx5bSkwelvjxpJgPaX89EIqoFqz63OQgxp3TAmfA/PneBDtfu9Z/CTvETVw+O /bkkAB3d99C42vncos2bPLoSTi0NLgd5OHX6ol1CrMqNAcIDegJ0ku14D/iYLmKB6axR y7xA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=AODxBjZj+nI2kbzDyMsrX+mfmhxGjROcT4no+1E+pG8=; b=CfJ4bI+MoHUDxBnqmqlEQ8HvxRxi6iVFb3hdhltxcTwVtZr3cmdAne9txZssvliWSi 6I7pGDHWUXYvBB92PUL4lqUN+Y5M6aIgdHrcDkscpI+LlafnWwxZUoCcew41NiMra1tL 7Xn74/mIG4SSpDNvAEeIBd9c3sittdLOf/khgL4QrwhmRqqFUE9uDOsr0zyYrdqjzL5w jbri1yabeS2Ch6dCN+EqQjXfXol12ql4HaP9TUFgUYSFQyyEnJT1DRGKnkylVR8aWFdd DgistI8EtN6848djJknDRJY0tqqbvrWYHtXWfPdxbcxHtkMjhTtJoWDYfWJcBU1Oixfu zGWg== X-Gm-Message-State: AOAM532HVgL+35v9MY0PJPPM2etXOVM3tEwpJqJ6MTdvSvzY8KXUhY/w J/2A925YMvID8QRIr9PszoV2cBSp+N2lU7TSDKKN//UGgfjyDQUItS4EyPOLoZb+lVLd5e6JUpr uvyS19jpSEcWQEUVOVVS0kwFNxm1p+J+Hi5rl2IoQaZ2KXrvBIGZMp/ayIEeNC5nNudZH1RlhJT sq35P0jv7OZpk= X-Google-Smtp-Source: ABdhPJwVJsepH53YGoeWf+0r+r/uaEq5WJdAOwCn7zXe6vmpgeueIcWbh6wDZJ8x0Rznu81pcT9GXRljCQSLQkWKbg== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a25:18a:: with SMTP id 132mr3936476ybb.123.1627528448737; Wed, 28 Jul 2021 20:14:08 -0700 (PDT) Date: Thu, 29 Jul 2021 11:12:55 +0800 In-Reply-To: <20210729031258.3391756-1-howardchung@google.com> Message-Id: <20210729110956.Bluez.v4.9.I00fd6c348e4c93501de6de0eae0d23436fd3895b@changeid> Mime-Version: 1.0 References: <20210729031258.3391756-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v4 09/13] plugins/admin: add ServiceAllowList property From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds code to register interface org.bluez.AdminPolicyStatus. The interface will provide read-only properties to indicate the current settings of admin policies. We separate this from AdminPolicySet so that normal clients can check current policy settings while only a few clients can change policies. This patch also adds readonly property ServiceAllowlist to AdminPolicyStatus1, which indicates the current setting of service allowlist. Reviewed-by: Miao-chen Chou --- The following test steps were performed: 1. Set ServiceAllowList to ["1124","180A","180F","1812"] 2. Verify ServiceAllowList is ["1124","180A","180F","1812"] in UUID-128 form 3. Set ServiceAllowList to [] 4. Verify ServiceAllowList is [] (no changes since v1) plugins/admin.c | 58 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) diff --git a/plugins/admin.c b/plugins/admin.c index 1fe2904d93d9..d89a77c8a123 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -27,6 +27,7 @@ #include "src/shared/queue.h" #define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1" +#define ADMIN_POLICY_STATUS_INTERFACE "org.bluez.AdminPolicyStatus1" static DBusConnection *dbus_conn; @@ -151,6 +152,11 @@ static DBusMessage *set_service_allowlist(DBusConnection *conn, return btd_error_failed(msg, "service_allowlist_set failed"); } + g_dbus_emit_property_changed(dbus_conn, + adapter_get_path(policy_data->adapter), + ADMIN_POLICY_STATUS_INTERFACE, + "ServiceAllowList"); + return dbus_message_new_method_return(msg); } @@ -160,6 +166,43 @@ static const GDBusMethodTable admin_policy_adapter_methods[] = { { } }; +void append_service_uuid(void *data, void *user_data) +{ + bt_uuid_t *uuid = data; + DBusMessageIter *entry = user_data; + char uuid_str[MAX_LEN_UUID_STR]; + const char *uuid_str_ptr = uuid_str; + + if (!uuid) { + error("Unexpected NULL uuid data in service_allowlist"); + return; + } + + bt_uuid_to_string(uuid, uuid_str, MAX_LEN_UUID_STR); + dbus_message_iter_append_basic(entry, DBUS_TYPE_STRING, &uuid_str_ptr); +} + +static gboolean property_get_service_allowlist( + const GDBusPropertyTable *property, + DBusMessageIter *iter, void *user_data) +{ + struct btd_admin_policy *admin_policy = user_data; + DBusMessageIter entry; + + dbus_message_iter_open_container(iter, DBUS_TYPE_ARRAY, + DBUS_TYPE_STRING_AS_STRING, &entry); + queue_foreach(admin_policy->service_allowlist, append_service_uuid, + &entry); + dbus_message_iter_close_container(iter, &entry); + + return TRUE; +} + +static const GDBusPropertyTable admin_policy_adapter_properties[] = { + { "ServiceAllowList", "as", property_get_service_allowlist }, + { } +}; + static int admin_policy_adapter_probe(struct btd_adapter *adapter) { const char *adapter_path; @@ -189,6 +232,21 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter) btd_info(policy_data->adapter_id, "Admin Policy Set interface registered"); + + if (!g_dbus_register_interface(dbus_conn, adapter_path, + ADMIN_POLICY_STATUS_INTERFACE, + NULL, NULL, + admin_policy_adapter_properties, + policy_data, admin_policy_free)) { + btd_error(policy_data->adapter_id, + "Admin Policy Status interface init failed on path %s", + adapter_path); + return -EINVAL; + } + + btd_info(policy_data->adapter_id, + "Admin Policy Status interface registered"); + return 0; } From patchwork Thu Jul 29 03:12:56 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12407547 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-23.5 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, UNWANTED_LANGUAGE_BODY,URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C73AFC43214 for ; Thu, 29 Jul 2021 03:14:19 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id AB05B60F23 for ; Thu, 29 Jul 2021 03:14:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233627AbhG2DOU (ORCPT ); Wed, 28 Jul 2021 23:14:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43584 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233589AbhG2DOU (ORCPT ); Wed, 28 Jul 2021 23:14:20 -0400 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 88720C061799 for ; Wed, 28 Jul 2021 20:14:15 -0700 (PDT) Received: by mail-pj1-x1049.google.com with SMTP id r23-20020a17090aa097b0290176fc47a8b7so8822778pjp.6 for ; Wed, 28 Jul 2021 20:14:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=8kh0kYIyDfN7IZp2L3gpiT2YN98Q7N2b0Om3iMdzQt4=; b=g3R8A9C5/7kH3cLTaAYHzyOrRoXKut+3WANNbiF3Bl2d/Rm5WTdrFvd7KmpevxOs3M p86KC7xAdzabDoCrmWvkstt4Lhlscr35ZZgsKK10CFMsBbe5Gqtm+5O9gZymH1HULaKF d9xkrDcv3xJcFf7rUaqFvMPcWs3/88p1uGQOaSxDQBs18E6eqIMKytEXJK/S2aLzOzxb uZrj/IgJaI27Cp5o3/WhM5wTtNwRjkiIUdmOxGw39QsaI3qHkKWZrgMRf2Orec7xqBZt 0JIoivWS8HNCmbsrRYsqNOzipSR0EQnf95LS1FQrILd7ZxoASjNYVH9zWytn+ZE674FI e4Ug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=8kh0kYIyDfN7IZp2L3gpiT2YN98Q7N2b0Om3iMdzQt4=; b=Nr4u7NHfS9qKrMyOuNWNbycy+LnboYvA2HNAqsc7Za7FbUDUh5m+uomyDmyBeyR2GL gvV5hhvEoZID/S7cTJvgS20AaFj+lG+sW/29HoPnZo/F1oh3Wf0gN+2dsiSe/p2OAbDT /aYkFnq8X3Vne+oT9cQQWK/GG5araNHWC4qwZsCt6J5YbI+CpHfp8Sj0f8lNjcyGgpL1 wjdpudcrmbkawyOn61vjT9WViY98TmRBqMh0g9bijwcyOp3jrLM3stUV2XSuM535FHn9 hM3wuLHnkTIuxZUxfyZTF7vnlDQgnZSpHefBySyV33BhBnMwqEnNaAN22nDVZuTpXN4s D6ew== X-Gm-Message-State: AOAM530LJXVNmmG46gy0ZKnUnojGXcpj7mc0+898Gq0GvLCmTl/cy6y0 KbbTP1Tls6u3r/WewrqrO6AsDl4wBQ2q6QBSbv1QkE+jQIA1B8sa52E42O9+xHSPMs1XxD9iGO/ M9e+aro0QIE+th05AfedNxgbP5nzg3+jcdrxMWEEqGjejBdEanoVw7tnPe51NyZl7TaCzyF9sbv vTs3P1lGbqpUo= X-Google-Smtp-Source: ABdhPJyOti3KUeprVWWeuRyBygvbrFwQZzc8YeDEyJU+F8Mf71drQeq59mljTgSUbGLoLeI3e+o9NaWHFqbnZcy2XQ== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:aa7:90cd:0:b029:333:baa9:87b7 with SMTP id k13-20020aa790cd0000b0290333baa987b7mr2907329pfk.23.1627528454586; Wed, 28 Jul 2021 20:14:14 -0700 (PDT) Date: Thu, 29 Jul 2021 11:12:56 +0800 In-Reply-To: <20210729031258.3391756-1-howardchung@google.com> Message-Id: <20210729110956.Bluez.v4.10.I517e5199ac8019b770c7ee8c92a294ec1c752748@changeid> Mime-Version: 1.0 References: <20210729031258.3391756-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v4 10/13] plugins/admin: add device callbacks From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds callbacks for device added and device removed. It is necessary for implementation of "AffectedByPolicy" property since it needs to register an interface for each device object and unregister it once the device gets removed. Reviewed-by: Miao-chen Chou --- The following test steps were performed: 1. start discovery using UI 2. verify device_data were added by checking system log 3. stop discovery 4. verify device_data were removed after a few seconds by checking system log (no changes since v1) plugins/admin.c | 78 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+) diff --git a/plugins/admin.c b/plugins/admin.c index d89a77c8a123..37dae77ac448 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -20,6 +20,7 @@ #include "src/adapter.h" #include "src/dbus-common.h" +#include "src/device.h" #include "src/error.h" #include "src/log.h" #include "src/plugin.h" @@ -29,7 +30,11 @@ #define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1" #define ADMIN_POLICY_STATUS_INTERFACE "org.bluez.AdminPolicyStatus1" +#define DBUS_BLUEZ_SERVICE "org.bluez" +#define BTD_DEVICE_INTERFACE "org.bluez.Device1" + static DBusConnection *dbus_conn; +static struct queue *devices; /* List of struct device_data objects */ /* |policy_data| has the same life cycle as btd_adapter */ static struct btd_admin_policy { @@ -38,6 +43,11 @@ static struct btd_admin_policy { struct queue *service_allowlist; } *policy_data = NULL; +struct device_data { + struct btd_device *device; + char *path; +}; + static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter) { struct btd_admin_policy *admin_policy = NULL; @@ -203,6 +213,37 @@ static const GDBusPropertyTable admin_policy_adapter_properties[] = { { } }; +static bool device_data_match(const void *a, const void *b) +{ + const struct device_data *data = a; + const struct btd_device *dev = b; + + if (!data) { + error("Unexpected NULL device_data"); + return false; + } + + return data->device == dev; +} + +static void free_device_data(void *data) +{ + struct device_data *device_data = data; + + g_free(device_data->path); + g_free(device_data); +} + +static void remove_device_data(void *data) +{ + struct device_data *device_data = data; + + DBG("device_data for %s removing", device_data->path); + + queue_remove(devices, device_data); + free_device_data(device_data); +} + static int admin_policy_adapter_probe(struct btd_adapter *adapter) { const char *adapter_path; @@ -250,10 +291,45 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter) return 0; } +static void admin_policy_device_added(struct btd_adapter *adapter, + struct btd_device *device) +{ + struct device_data *data; + + if (queue_find(devices, device_data_match, device)) + return; + + data = g_new0(struct device_data, 1); + if (!data) { + btd_error(btd_adapter_get_index(adapter), + "Failed to allocate memory for device_data"); + return; + } + + data->device = device; + data->path = g_strdup(device_get_path(device)); + queue_push_tail(devices, data); + + DBG("device_data for %s added", data->path); +} + +static void admin_policy_device_removed(struct btd_adapter *adapter, + struct btd_device *device) +{ + struct device_data *data; + + data = queue_find(devices, device_data_match, device); + + if (data) + remove_device_data(data); +} + static struct btd_adapter_driver admin_policy_driver = { .name = "admin_policy", .probe = admin_policy_adapter_probe, .resume = NULL, + .device_added = admin_policy_device_added, + .device_removed = admin_policy_device_removed }; static int admin_init(void) @@ -261,6 +337,7 @@ static int admin_init(void) DBG(""); dbus_conn = btd_get_dbus_connection(); + devices = queue_new(); return btd_register_adapter_driver(&admin_policy_driver); } @@ -270,6 +347,7 @@ static void admin_exit(void) DBG(""); btd_unregister_adapter_driver(&admin_policy_driver); + queue_destroy(devices, free_device_data); if (policy_data) admin_policy_free(policy_data); From patchwork Thu Jul 29 03:12:57 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12407551 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-23.5 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, UNWANTED_LANGUAGE_BODY,URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 916DBC4338F for ; Thu, 29 Jul 2021 03:14:30 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 75AD560F59 for ; Thu, 29 Jul 2021 03:14:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233705AbhG2DOa (ORCPT ); Wed, 28 Jul 2021 23:14:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43602 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233658AbhG2DOY (ORCPT ); Wed, 28 Jul 2021 23:14:24 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2CE44C061765 for ; Wed, 28 Jul 2021 20:14:21 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id v71-20020a252f4a0000b029055b51419c7dso5313476ybv.23 for ; Wed, 28 Jul 2021 20:14:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=vUFqiGTTzobujkg+ZjOO5W+WdGYy2L9ThiyHBO9sSN4=; b=NKb/dPRKDzuqEz0xScMAbWVYMZkyXaX5vXrcShOuGi3oRwc8zWOGQp+H3v62cyUDSf AX8LUoWQsURN+zRczz6/mh9MIqq/MTbu3yMnnyzNfP5VysIU33ZQpOlmrOZ8ioB7sPnQ Lynb7qSbe7OLYryvB/P5uCqSKzcMZ8mnXD9upJ+sPeBe+Dju/x07osOtKPfvJikmkaA0 CegTnf1J0mclW8f7ZUl0XkPTZQv1Fa+2sUVuzf5yUMXE7xfeuvyF+bnPz6NDv8bG+kqk rqUoRUZIzrN+TvG90uoQ3ssxlF7K26pKX3LrFskShZv4/hZlNuBiTL20WOWx2Y8HyX/4 PYMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=vUFqiGTTzobujkg+ZjOO5W+WdGYy2L9ThiyHBO9sSN4=; b=Ajzkal777hJPh1X/F6fGoOVtC2QUiLQhJSj0sfzBa3oE3J+B+ZVtpIb1+jcphFL/uG d05lR1sKy1N+Iy93CsESbYHXt3Y0wtJr4Z6/gs7Fg3FAenKLDWX6G5e9dUozxntliZTM gprQcbsPUhkq17XAlw5haEe+pL1jPjZ9RDIfLjc1xXm262A8cfiGvTxZ4QUryJXfwtZH pWzjy6LlWpBkyCcqMjDLFAVRYv0TmrGRA8WgM6QESqVNlHQJjnQcAXTNE3oEuPeTIK01 O90FG6c2umtxVt8H0DW/47Z0whl0s867z22afAFwzL2Yr6rkRHJGQbra3j/LrKFsh2cc eoEg== X-Gm-Message-State: AOAM53343q/ga6OKkE5Pb+7YoVrmmcVhLKAfFW07cC7UsY/myNQ86d1l kVmZOUt1SjrGgkxY8PdE7HD9mc0gXsWOWIrhlMEj+5BxeaI40xdu4zzjKR2yYPp35XEK5b586Z2 phxIItyCn1jy1idUl59pYwbb3QfkPV5di2gsDBTwlIpYvAp+ZbQmcsD9hT5tAy3JS/D7tpN3gfc fMhldUsJ3o+ug= X-Google-Smtp-Source: ABdhPJwDRkYeLmGytqUGTJ8+O0yg0l2leVcxqI0BmccpzJDJ4tP1lYituR53LX+QFUpo6eUfd1o4SlzTH9Pv+v/siw== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a05:6902:1106:: with SMTP id o6mr3614110ybu.263.1627528460323; Wed, 28 Jul 2021 20:14:20 -0700 (PDT) Date: Thu, 29 Jul 2021 11:12:57 +0800 In-Reply-To: <20210729031258.3391756-1-howardchung@google.com> Message-Id: <20210729110956.Bluez.v4.11.I570c860f59c8ed66ddb31aa54584ee08080aa10c@changeid> Mime-Version: 1.0 References: <20210729031258.3391756-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v4 11/13] plugins/admin: add AffectedByPolicy property From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds property to indicate if a device has any service that is being blocked by admin policy. Reviewed-by: Miao-chen Chou --- The following test steps were performed: 1. Set ServiceAllowList to [] 2. Verify AffectedByPolicy of K830 is False 3. Set ServiceAllowList to ["1800"] 4. Verify AffectedByPolicy of K830 is False 5. Set ServiceAllowList to ["1800","1801","180A","180F","1812"] 6. Verify AffectedByPolicy of K830 is True (no changes since v1) plugins/admin.c | 74 +++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 72 insertions(+), 2 deletions(-) diff --git a/plugins/admin.c b/plugins/admin.c index 37dae77ac448..2ad60f2fde2a 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -46,6 +46,7 @@ static struct btd_admin_policy { struct device_data { struct btd_device *device; char *path; + bool affected; }; static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter) @@ -139,6 +140,27 @@ static bool service_allowlist_set(struct btd_admin_policy *admin_policy, return true; } +static void update_device_affected(void *data, void *user_data) +{ + struct device_data *dev_data = data; + bool affected; + + if (!dev_data) { + error("Unexpected NULL device_data when updating device"); + return; + } + + affected = !btd_device_all_services_allowed(dev_data->device); + + if (affected == dev_data->affected) + return; + + dev_data->affected = affected; + + g_dbus_emit_property_changed(dbus_conn, dev_data->path, + ADMIN_POLICY_STATUS_INTERFACE, "AffectedByPolicy"); +} + static DBusMessage *set_service_allowlist(DBusConnection *conn, DBusMessage *msg, void *user_data) { @@ -167,6 +189,8 @@ static DBusMessage *set_service_allowlist(DBusConnection *conn, ADMIN_POLICY_STATUS_INTERFACE, "ServiceAllowList"); + queue_foreach(devices, update_device_affected, NULL); + return dbus_message_new_method_return(msg); } @@ -226,6 +250,29 @@ static bool device_data_match(const void *a, const void *b) return data->device == dev; } +static gboolean property_get_affected_by_policy( + const GDBusPropertyTable *property, + DBusMessageIter *iter, void *user_data) +{ + struct device_data *data = user_data; + dbus_bool_t affected; + + if (!data) { + error("Unexpected error: device_data is NULL"); + return FALSE; + } + + dbus_message_iter_append_basic(iter, DBUS_TYPE_BOOLEAN, + &data->affected); + + return TRUE; +} + +static const GDBusPropertyTable admin_policy_device_properties[] = { + { "AffectedByPolicy", "b", property_get_affected_by_policy }, + { } +}; + static void free_device_data(void *data) { struct device_data *device_data = data; @@ -308,11 +355,33 @@ static void admin_policy_device_added(struct btd_adapter *adapter, data->device = device; data->path = g_strdup(device_get_path(device)); + data->affected = !btd_device_all_services_allowed(data->device); + + if (!g_dbus_register_interface(dbus_conn, data->path, + ADMIN_POLICY_STATUS_INTERFACE, + NULL, NULL, + admin_policy_device_properties, + data, remove_device_data)) { + btd_error(btd_adapter_get_index(adapter), + "Admin Policy Status interface init failed on path %s", + device_get_path(device)); + free_device_data(data); + return; + } + queue_push_tail(devices, data); DBG("device_data for %s added", data->path); } +static void unregister_device_data(void *data, void *user_data) +{ + struct device_data *dev_data = data; + + g_dbus_unregister_interface(dbus_conn, dev_data->path, + ADMIN_POLICY_STATUS_INTERFACE); +} + static void admin_policy_device_removed(struct btd_adapter *adapter, struct btd_device *device) { @@ -321,7 +390,7 @@ static void admin_policy_device_removed(struct btd_adapter *adapter, data = queue_find(devices, device_data_match, device); if (data) - remove_device_data(data); + unregister_device_data(data, NULL); } static struct btd_adapter_driver admin_policy_driver = { @@ -347,7 +416,8 @@ static void admin_exit(void) DBG(""); btd_unregister_adapter_driver(&admin_policy_driver); - queue_destroy(devices, free_device_data); + queue_foreach(devices, unregister_device_data, NULL); + queue_destroy(devices, g_free); if (policy_data) admin_policy_free(policy_data); From patchwork Thu Jul 29 03:12:58 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12407553 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-23.5 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, UNWANTED_LANGUAGE_BODY,URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6CD90C432BE for ; Thu, 29 Jul 2021 03:14:32 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5074360F59 for ; Thu, 29 Jul 2021 03:14:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233540AbhG2DOd (ORCPT ); Wed, 28 Jul 2021 23:14:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43652 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233485AbhG2DOd (ORCPT ); Wed, 28 Jul 2021 23:14:33 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 19430C061796 for ; Wed, 28 Jul 2021 20:14:26 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id n192-20020a25dac90000b029054c59edf217so5406144ybf.3 for ; Wed, 28 Jul 2021 20:14:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=mBLjXrHQ5lgtfl1BcZdX0e297aDH/2LQGuJ4FxguBp8=; b=FUZlMpmIPfoo2foHztG4S6kApHDvI/HfOj4fGr+oXwUy68xzIufYimEkQD2KaPDm3Q 2m0eHUhCovFiSuf/IotfbH6zhj0dxK9muuGTzzN0sXh2XOKJekHFfzjUGe4LXu83+hqB ZcsyfdPQtJPtEPCVycn9L7d2lBFh7oCDI0cQpj2AIgA5H9Yzqi+2GMbG+TdigLrQfQ/5 UIVd+SPYS56uh/SeLWCVqeKA4iZQgphvLXGP6c6ZT741OLFyJbL13uXEBUto4Asf0OCj U87yABQxm1ckU66aa843LuYKMM13IZeTnNBshN8VPQKxsZXjoTM4SvhZAsRAr6S+ilQ/ SZoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=mBLjXrHQ5lgtfl1BcZdX0e297aDH/2LQGuJ4FxguBp8=; b=tQuTo8vgGdPQX6ZjaIP/lZ/Rc1iWf2w5532jT56WwTz7Daq/+/CTeThK7dgyC/Pu86 OeZBUNHLtGiVLmsMUvwrYV0RbJhlBQYJORs6jPnbx9dfP9yEktxBqARHJXdmHUCVSAzM tvqLEl6ouRkZVGPY+X0y0fD2mAwi4OCNw/THETGO2IKkpi3wKdI7qxTLnnOrzvjlrPXF iPpRqf2Cl/TUPMRqsuxnQaB50lT9iLzGsqb3S8OSlqGjMwjums3UMUJ/dpMhvgmfZGgs Da5T8wF2XpVox9qFKSmRGbtBueCAJ86jDz7GrmocPJtifyNvTwCEa7RgXEJFlyTgTS0N BX8g== X-Gm-Message-State: AOAM530ldV4ePNeCUxwLfY2DV3fZJaNsCbDbIRdkaIHGEycVdfjT1bv2 0LsJrKUN1YFRNkTc/jN/vfg0xSO4CZ6ri9lS9rJFG8c0n8M4iQI08jWPeoXS5runNM4aMETg8Qz r0nZNKoyL9jRGUtNLjmufMnOJxAH+O3hcYc0K2R503TLM4ASsJz7u3gFdKzawMiUS+UEJgSdMLP nsrlThyBaPo5E= X-Google-Smtp-Source: ABdhPJySyNcgDYFuxgfzC4S4vR4OilCgBuT/F1AJUJ+WmZM2+GYNj6NWmYk0I1SMR9sDGAks8O17H1qSh3h1iHWujA== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a25:c9c7:: with SMTP id z190mr3886604ybf.21.1627528466079; Wed, 28 Jul 2021 20:14:26 -0700 (PDT) Date: Thu, 29 Jul 2021 11:12:58 +0800 In-Reply-To: <20210729031258.3391756-1-howardchung@google.com> Message-Id: <20210729110956.Bluez.v4.12.Ib26c0abdbd417673a8b5788c175c06110726a68c@changeid> Mime-Version: 1.0 References: <20210729031258.3391756-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v4 12/13] plugins/admin: persist policy settings From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds code to store the ServiceAllowlist to file /var/lib/bluetooth/{MAC_ADDR}/admin_policy The stored settings will be loaded upon admin_policy initialized. Reviewed-by: Miao-chen Chou --- The following test steps were performed: 1. Set ServiceAllowlist to ["1124","180A","180F","1812", "1801"] 2. restart bluetoothd 3. Verify ServiceAllowlist is ["1124","180A","180F","1812","1801"] in UUID-128 form 4. Set ServiceAllowlist to [] 5. restart bluetoothd 6. Verify ServiceAllowlist is [] (no changes since v1) plugins/admin.c | 163 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 162 insertions(+), 1 deletion(-) diff --git a/plugins/admin.c b/plugins/admin.c index 2ad60f2fde2a..82a8ae928ba0 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -14,6 +14,8 @@ #include #include +#include +#include #include "lib/bluetooth.h" #include "lib/uuid.h" @@ -24,11 +26,13 @@ #include "src/error.h" #include "src/log.h" #include "src/plugin.h" +#include "src/textfile.h" #include "src/shared/queue.h" #define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1" #define ADMIN_POLICY_STATUS_INTERFACE "org.bluez.AdminPolicyStatus1" +#define ADMIN_POLICY_STORAGE STORAGEDIR "/admin_policy_settings" #define DBUS_BLUEZ_SERVICE "org.bluez" #define BTD_DEVICE_INTERFACE "org.bluez.Device1" @@ -161,6 +165,8 @@ static void update_device_affected(void *data, void *user_data) ADMIN_POLICY_STATUS_INTERFACE, "AffectedByPolicy"); } +static void store_policy_settings(struct btd_admin_policy *admin_policy); + static DBusMessage *set_service_allowlist(DBusConnection *conn, DBusMessage *msg, void *user_data) { @@ -179,7 +185,9 @@ static DBusMessage *set_service_allowlist(DBusConnection *conn, return btd_error_invalid_args(msg); } - if (!service_allowlist_set(admin_policy, uuid_list)) { + if (service_allowlist_set(admin_policy, uuid_list)) { + store_policy_settings(admin_policy); + } else { free_service_allowlist(uuid_list); return btd_error_failed(msg, "service_allowlist_set failed"); } @@ -237,6 +245,158 @@ static const GDBusPropertyTable admin_policy_adapter_properties[] = { { } }; +static void free_uuid_strings(char **uuid_strs, int num) +{ + gsize i; + + for (i = 0; i < num; i++) + g_free(uuid_strs[i]); + g_free(uuid_strs); +} + +static char **new_uuid_strings(struct queue *allowlist, gsize *num) +{ + const struct queue_entry *entry = NULL; + bt_uuid_t *uuid = NULL; + char **uuid_strs = NULL; + gsize i = 0, allowlist_num; + + allowlist_num = queue_length(allowlist); + uuid_strs = g_try_malloc_n(allowlist_num, sizeof(char *)); + if (!uuid_strs) + return NULL; + + for (entry = queue_get_entries(allowlist); entry != NULL; + entry = entry->next) { + uuid = entry->data; + uuid_strs[i] = g_try_malloc0(MAX_LEN_UUID_STR * sizeof(char)); + + if (!uuid_strs[i]) + goto failed; + + bt_uuid_to_string(uuid, uuid_strs[i], MAX_LEN_UUID_STR); + i++; + } + + *num = allowlist_num; + return uuid_strs; + +failed: + free_uuid_strings(uuid_strs, i); + + return NULL; +} + +static void store_policy_settings(struct btd_admin_policy *admin_policy) +{ + GKeyFile *key_file = NULL; + char *filename = ADMIN_POLICY_STORAGE; + char *key_file_data = NULL; + char **uuid_strs = NULL; + gsize length, num_uuids; + + key_file = g_key_file_new(); + + if (num_uuids) { + uuid_strs = new_uuid_strings(admin_policy->service_allowlist, + &num_uuids); + } + + if (!uuid_strs && num_uuids) { + btd_error(admin_policy->adapter_id, + "Failed to allocate uuid strings"); + goto failed; + } + + g_key_file_set_string_list(key_file, "General", "ServiceAllowlist", + (const gchar * const *)uuid_strs, + num_uuids); + + if (create_file(ADMIN_POLICY_STORAGE, 0600) < 0) { + btd_error(admin_policy->adapter_id, "create %s failed, %s", + filename, strerror(errno)); + goto failed; + } + + key_file_data = g_key_file_to_data(key_file, &length, NULL); + g_file_set_contents(ADMIN_POLICY_STORAGE, key_file_data, length, NULL); + + g_free(key_file_data); + free_uuid_strings(uuid_strs, num_uuids); + +failed: + g_key_file_free(key_file); +} + +static void key_file_load_service_allowlist(GKeyFile *key_file, + struct btd_admin_policy *admin_policy) +{ + GError *gerr = NULL; + struct queue *uuid_list = NULL; + gchar **uuids = NULL; + gsize num, i; + + uuids = g_key_file_get_string_list(key_file, "General", + "ServiceAllowlist", &num, &gerr); + + if (gerr) { + btd_error(admin_policy->adapter_id, + "Failed to load ServiceAllowlist"); + g_error_free(gerr); + return; + } + + uuid_list = queue_new(); + for (i = 0; i < num; i++) { + bt_uuid_t *uuid = g_try_malloc(sizeof(*uuid)); + + if (!uuid) + goto failed; + + if (bt_string_to_uuid(uuid, *uuids)) { + + btd_error(admin_policy->adapter_id, + "Failed to convert '%s' to uuid struct", + *uuids); + + g_free(uuid); + goto failed; + } + + queue_push_tail(uuid_list, uuid); + uuids++; + } + + if (!service_allowlist_set(admin_policy, uuid_list)) + goto failed; + + return; +failed: + free_service_allowlist(uuid_list); +} + +static void load_policy_settings(struct btd_admin_policy *admin_policy) +{ + GKeyFile *key_file; + char *filename = ADMIN_POLICY_STORAGE; + struct stat st; + + if (stat(filename, &st) < 0) { + btd_error(admin_policy->adapter_id, + "Failed to get file %s information", + filename); + return; + } + + key_file = g_key_file_new(); + + g_key_file_load_from_file(key_file, filename, 0, NULL); + + key_file_load_service_allowlist(key_file, admin_policy); + + g_key_file_free(key_file); +} + static bool device_data_match(const void *a, const void *b) { const struct device_data *data = a; @@ -306,6 +466,7 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter) if (!policy_data) return -ENOMEM; + load_policy_settings(policy_data); adapter_path = adapter_get_path(adapter); if (!g_dbus_register_interface(dbus_conn, adapter_path, From patchwork Thu Jul 29 03:12:59 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12407555 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 149DDC4338F for ; Thu, 29 Jul 2021 03:14:36 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id EE2CE60F9B for ; Thu, 29 Jul 2021 03:14:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233658AbhG2DOh (ORCPT ); Wed, 28 Jul 2021 23:14:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43668 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233485AbhG2DOg (ORCPT ); Wed, 28 Jul 2021 23:14:36 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D6919C061757 for ; Wed, 28 Jul 2021 20:14:32 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id p71-20020a25424a0000b029056092741626so5311370yba.19 for ; Wed, 28 Jul 2021 20:14:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=GUGK6mf2HhVtnM87+R/s6TG00Oczs2xSvSnRMURkPe8=; b=X3UG3iU6RtNApsoMwy5ufHfLvu+I9+sEw0wPZ3XLM9lViqCdHBcY+uB6Iq5KBjuIbf lSKbXR6YM9af6YtL9Z3tul+CB3+sT/QQGUyL5MIZtL053sseRic3lxcJTuKGGvC4KKBs shKQuFELfT71BxP2pVGhPcn4hKlmD8WSWht7IpA7dUZX+mTEXWGvnsCe49yltTBKu6Zc mYzHqQkXVewa63VMZfDR5weqI2N5AzwbgkLPer7vKU2vEddhF8RpvMOvrIBL/nxHcSPp t5t3qsvjL8Ha2DJXwDGgCtB9PLmdr3j4lVNq9T4O024YZlKOyhWRM0qICquxsXvB2jax Pp1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=GUGK6mf2HhVtnM87+R/s6TG00Oczs2xSvSnRMURkPe8=; b=Cgt61HVWftjErcsMFfx/PYtM8Fncj33WAlFF2/faeyiWGabLPg7ImXvjxWLydFGmS4 bRFHwNRzb4vN6NSdrqymVJDpuhMD0hm49rFVGivg7qGCfGonaqPaaV0W+G+idFIeoADj /3W6CDSiSxSwwKh/9eQFZ9rE6uMBXhuhksfI74nkwXbBImHtfQL6zSRm0IcXLO/pRqD2 t02Lx3eUHGvxKSm7JyubgvzumFUvajIFxLIrFjJvu2wEr4VzvhFBRczyqn6Zyj+WbRUH FgRePEliCLKj5U1f276Gba0wmlwHWpQWSx+0Yjc3KGP0mNODgUR+SYIUGYgCB3JslmTA SsfA== X-Gm-Message-State: AOAM530v2qzX/SwGyddtOKAcdhaR6Maaa7gxi5lY/im4PicPZB/VnRzw i7gFfVa+hRVj4w57GXXYHXO72bBrpQYIrlkgE34s57wNCsIREq0dXSLfrSTjXvvJzBFfPR/E1i/ 8SNE/LvvWdyNyZRLsseC83X5kCMPUro7rjaLDXwbYmKi81DAbjXjULHu5oD02C6hmik90jurExC ExIWnNE4yZoZk= X-Google-Smtp-Source: ABdhPJzh1PoOtE2jIskWttRFQt1q95Wb3blDeFrs/6an9iIW3ZuAYRimc14xS2Egk1MqJBlekfCS7Z4VXI7hLwzMjA== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a25:b787:: with SMTP id n7mr3849777ybh.468.1627528472023; Wed, 28 Jul 2021 20:14:32 -0700 (PDT) Date: Thu, 29 Jul 2021 11:12:59 +0800 In-Reply-To: <20210729031258.3391756-1-howardchung@google.com> Message-Id: <20210729110956.Bluez.v4.13.I433ab6a7ac1d4f8f8dea496ac14bdbf3597015d3@changeid> Mime-Version: 1.0 References: <20210729031258.3391756-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v4 13/13] doc: add description of admin policy From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds admin-policy-api.txt. Reviewed-by: Miao-chen Chou --- (no changes since v1) doc/admin-policy-api.txt | 65 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 doc/admin-policy-api.txt diff --git a/doc/admin-policy-api.txt b/doc/admin-policy-api.txt new file mode 100644 index 000000000000..3f116901dbd7 --- /dev/null +++ b/doc/admin-policy-api.txt @@ -0,0 +1,65 @@ +BlueZ D-Bus Admin Policy API description +*********************************** + +This API provides methods to control the behavior of bluez as an administrator. + +Interface AdminPolicySet1 provides methods to set policies. Once the policy is +set successfully, it will affect all clients and stay persistently even after +restarting Bluetooth Daemon. The only way to clear it is to overwrite the +policy with the same method. + +Interface AdminPolicyStatus1 provides readonly properties to indicate the +current values of admin policy. + + +Admin Policy Set hierarchy +================= + +Service org.bluez +Interface org.bluez.AdminPolicySet1 +Object path [variable prefix]/{hci0,hci1,...} + +Methods void SetServiceAllowList(array{string} UUIDs) + + This method sets the service allowlist by specifying + service UUIDs. + + When SetServiceAllowList is called, bluez will block + incoming and outgoing connections to the service not in + UUIDs for all of the clients. + + Any subsequent calls to this method will supersede any + previously set allowlist values. Calling this method + with an empty array will allow any service UUIDs to be + used. + + The default value is an empty array. + + Possible errors: org.bluez.Error.InvalidArguments + org.bluez.Error.Failed + + +Admin Policy Status hierarchy +================= + +Service org.bluez +Interface org.bluez.AdminPolicyStatus1 +Object path [variable prefix]/{hci0,hci1,...} + +Properties array{string} ServiceAllowList [readonly] + + Current value of service allow list. + + + +Admin Policy Status hierarchy +================= + +Service org.bluez +Interface org.bluez.AdminPolicyStatus1 +Object path [variable prefix]/{hci0,hci1,...}/dev_XX_XX_XX_XX_XX_XX + +Properties bool IsAffectedByPolicy [readonly] + + Indicate if there is any auto-connect profile in this + device is not allowed by admin policy.