From patchwork Thu Jul 29 08:56:39 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12408135 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4A636C432BE for ; Thu, 29 Jul 2021 08:57:07 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 2F4F260F23 for ; Thu, 29 Jul 2021 08:57:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234996AbhG2I5I (ORCPT ); Thu, 29 Jul 2021 04:57:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37376 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234886AbhG2I5H (ORCPT ); Thu, 29 Jul 2021 04:57:07 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4E73BC061757 for ; Thu, 29 Jul 2021 01:57:04 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id c63-20020a25e5420000b0290580b26e708aso6077199ybh.12 for ; Thu, 29 Jul 2021 01:57:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=4I2iMbWQ21aFNoMQLxQWDUhc1iIIJegWRipWIi9tO9k=; b=Lb3vWrY0yGOlJegcgogBkMQ2S7wwRxTEVa05+wFMuBM4F9d+F8Up1RVK6bjdJLtaG4 niRpZUNucUt2key+18LFhLJyJe20Luv6Anvdrqbq1yZ6uBgMXafyUY7mHdI4VSJGm6Xb q3VQzt0KyZGEHwUU3ET8aMOtwInHjrjrwgJRO7/6Fv2IdMWcA469skZf5H7LKq7+h93f iPpwGtgvjTNNMar6yskDXA5qgYt44uoAiQzYpmnSiER9WyHHwxrGXaLphhmQ/ksolpQn 0NuvX1zK+mAAvFERcdu6piRDK5nDrB7+NGwSZ+sX/9E41bwfuRDhhW37Shy10pXOPCtC 08LQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=4I2iMbWQ21aFNoMQLxQWDUhc1iIIJegWRipWIi9tO9k=; b=C3LFJnfgAEqJ56vdNeEnkop69AOkbw6zy4yP31pu7nzo5zE3I1c7IgPtrPM+SFY54o cdse1m95LsVm3O2lifPfFPlFVYS0oEFriMRNhqYg8Zpjn4OAioNgjQnKGyR+4MckUFY1 6KLC28Z9/BK4+d9mtlrY7G1adf/iS7FARgiDwRDeiijnz8n9zCvWsxqT8a6Re7oF0P15 bimcjmZNl7lx+SOmmVh2rrhKK9/iJD28Q6OyzNc7QERqyGuqmzs3XWJJtG+xkH3ysWX7 IhakMWV/yju8WzAnrUjiMED94drpQmeJyi2zwnrRqyZLol/gphJ/c2eUzvr9NtpyqE8g 0eaw== X-Gm-Message-State: AOAM532owWnJF8l4M7I8hSrYDz9EzCDTFGxC1wooQgA5KA0AYo/eqtAQ /Cl0lO2b7E7ugoJhYp+hP6TE7roRVhckNjlixP3yya20ruY6X432M2vU/SdO0TcxaHj//7TsbCg xe09xuAKsptekVaWkQtcoOoRqsHoZEeSClgaglc2u669UdWaCCKiSfDQmLAi+FDgMJTzFR/HM+4 gxdxRuSwmHGcY= X-Google-Smtp-Source: ABdhPJwwgj4PJSj0k2me3KO6nFy9k2E8EYl2e0X+D/G/GtYzCiSlmCNzd7iHMB3BBD1qrGMDOQLnnQWiTZ/p8alnHA== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a25:d0d4:: with SMTP id h203mr5467424ybg.0.1627549023467; Thu, 29 Jul 2021 01:57:03 -0700 (PDT) Date: Thu, 29 Jul 2021 16:56:39 +0800 In-Reply-To: <20210729085651.3600926-1-howardchung@google.com> Message-Id: <20210729165211.Bluez.v5.1.Ic71b1ed97538a06d02425ba502690bdab1c5d836@changeid> Mime-Version: 1.0 References: <20210729085651.3600926-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v5 01/13] core: add is_allowed property in btd_service From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds is_allowed property in btd_service. When is_allowed is set to false, calling btd_service_connect and service_accept will fail and the existing service connection gets disconnected. Reviewed-by: Miao-chen Chou --- Changes in v5: - Fix compiler errors in plugins/admin.c Changes in v4: - Update commit message (admin_policy -> admin) - remove old plugins/admin_policy.c Changes in v3: - Rename plugins/admin_policy.c -> plugins/admin.c - Use device_added callback in btd_adapter_driver instead of listen for dbus - Add authorization method in profiles/health/mcap.c and block incoming connections in adapter authorization function. Changes in v2: - Move bt_uuid_hash and bt_uuid_equal functions to adapter.c. - Modify the criteria to say a device is `Affected` from any-of-uuid to any-of-auto-connect-profile. - Remove the code to remove/reprobe disallowed/allowed profiles, instead, check if the service is allowed in bt_io_accept connect_cb. - Fix a typo in emit_property_change in plugin/admin_policy.c:set_service_allowlist - Instead of using device_state_cb, utilize D-BUS client to watch device added/removed. - Add a document in doc/ src/service.c | 39 +++++++++++++++++++++++++++++++++++++++ src/service.h | 2 ++ 2 files changed, 41 insertions(+) diff --git a/src/service.c b/src/service.c index 21a52762e637..929d6c136b6d 100644 --- a/src/service.c +++ b/src/service.c @@ -41,6 +41,7 @@ struct btd_service { void *user_data; btd_service_state_t state; int err; + bool is_allowed; }; struct service_state_callback { @@ -133,6 +134,7 @@ struct btd_service *service_create(struct btd_device *device, service->device = device; /* Weak ref */ service->profile = profile; service->state = BTD_SERVICE_STATE_UNAVAILABLE; + service->is_allowed = true; return service; } @@ -186,6 +188,18 @@ int service_accept(struct btd_service *service) if (!service->profile->accept) return -ENOSYS; + if (!service->is_allowed) { + info("service %s is not allowed", + service->profile->remote_uuid); + return -ECONNABORTED; + } + + if (!service->is_allowed) { + info("service %s is not allowed", + service->profile->remote_uuid); + return -ECONNABORTED; + } + err = service->profile->accept(service); if (!err) goto done; @@ -245,6 +259,12 @@ int btd_service_connect(struct btd_service *service) return -EBUSY; } + if (!service->is_allowed) { + info("service %s is not allowed", + service->profile->remote_uuid); + return -ECONNABORTED; + } + err = profile->connect(service); if (err == 0) { change_state(service, BTD_SERVICE_STATE_CONNECTING, 0); @@ -361,6 +381,25 @@ bool btd_service_remove_state_cb(unsigned int id) return false; } +void btd_service_set_allowed(struct btd_service *service, bool allowed) +{ + if (allowed == service->is_allowed) + return; + + service->is_allowed = allowed; + + if (!allowed && (service->state == BTD_SERVICE_STATE_CONNECTING || + service->state == BTD_SERVICE_STATE_CONNECTED)) { + btd_service_disconnect(service); + return; + } +} + +bool btd_service_is_allowed(struct btd_service *service) +{ + return service->is_allowed; +} + void btd_service_connecting_complete(struct btd_service *service, int err) { if (service->state != BTD_SERVICE_STATE_DISCONNECTED && diff --git a/src/service.h b/src/service.h index 88530cc17d53..5a2a02447b24 100644 --- a/src/service.h +++ b/src/service.h @@ -51,6 +51,8 @@ int btd_service_get_error(const struct btd_service *service); unsigned int btd_service_add_state_cb(btd_service_state_cb cb, void *user_data); bool btd_service_remove_state_cb(unsigned int id); +void btd_service_set_allowed(struct btd_service *service, bool allowed); +bool btd_service_is_allowed(struct btd_service *service); /* Functions used by profile implementation */ void btd_service_connecting_complete(struct btd_service *service, int err); From patchwork Thu Jul 29 08:56:40 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12408137 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7CB5BC4338F for ; Thu, 29 Jul 2021 08:57:10 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5C0EA61074 for ; Thu, 29 Jul 2021 08:57:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235319AbhG2I5M (ORCPT ); Thu, 29 Jul 2021 04:57:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37396 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234886AbhG2I5L (ORCPT ); Thu, 29 Jul 2021 04:57:11 -0400 Received: from mail-qk1-x749.google.com (mail-qk1-x749.google.com [IPv6:2607:f8b0:4864:20::749]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CA933C061757 for ; Thu, 29 Jul 2021 01:57:08 -0700 (PDT) Received: by mail-qk1-x749.google.com with SMTP id x12-20020a05620a14acb02903b8f9d28c19so3356947qkj.23 for ; Thu, 29 Jul 2021 01:57:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=lcgnPP5ww4lJRDXdTTx6Q4PYdYcLCGwV1/+vXOgA96w=; b=ix3d58KqOhMm19KW3TZ4/Y4h9T70xgIRXAdJbtUORaLNoo10cAVYEZdEQtd9A3LXLz UoDVKbk8Eo/HlsepzHpXIX8QA7HyYeksYAI7Lt1gMuSeD9IA2nrUVrqWyHvShmIpMcuY rL78PBaaJ0Nlajc78XYR99QdgXy/IS6foWq6FlDRD2XTA51BgNH3oGmd2R/1OcqCdVPV 3kWV+C9pwSc79Bs+WDg0uFlCahsmn3/+BOpW+pvdneLB65JP7x7AGyQbeLXb00ji4NXe ZFJayEOXG7ZXO5BsnCSG/NTy/VaVoi2wOLLVpmG4kVEb+Mu9W/hv0FDcuranwlq8Q50f S3kg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=lcgnPP5ww4lJRDXdTTx6Q4PYdYcLCGwV1/+vXOgA96w=; b=CLYpUU84pWiYF9/D6J7l9yiYBBih5UqiR+qDN10WyKyrCopjTOM8ZY7+eIFrAr77MF YRpl/CXcEXwxX6em9c4kYn4O+E6YPN4Cnn0upYnBYWPu1heUeRJxhMghaklLc2V1Hl1E A7hD6Q5ecjIow5pvp6nQlFAXT/ETSMuGx4VWJgpPV2HD+Nuv7lYAQi7XopNHuvlCPPO3 ukTFF6WnZmGDfCrbU4OTTPPlCPKabQxjlbzpvrYXD9wr+WoUcG9L//a+tOz/cL8Tn2VO oaVte/LpP1WvLM6MBc2Fl50krNeqTii+NLqi+6upwFjljsAHFRG5vDKt6+mwdCn5q/RE nIfA== X-Gm-Message-State: AOAM5306zWMWbWwsGn6w7iGPkZ0Vp+vXQfzDNNXga769PjY5G0lmcd2O 0Va3yLZAOKq854Q2sSWovnFBMPXESTo3RC72N1GtXRWzBhcOwoj1q5FBdwLfRZR9z4+zApy8GRl +nAknLvD8ksCsrLr1lX/toa+hDkNCnhz13zTrGretrl4A3I+od+tRJV3vmGGr9s/itZX4iKNnZk oicGWyUP3ykmk= X-Google-Smtp-Source: ABdhPJyWydZvEbE9HAPCgxpMeGMHXq6SlXflwlw69xlKOr/qdDlazgebiSBtbw5otn/hBLOH9gR+MaIriZBGjiWwlg== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a0c:d644:: with SMTP id e4mr4177747qvj.45.1627549027948; Thu, 29 Jul 2021 01:57:07 -0700 (PDT) Date: Thu, 29 Jul 2021 16:56:40 +0800 In-Reply-To: <20210729085651.3600926-1-howardchung@google.com> Message-Id: <20210729165211.Bluez.v5.2.Ibc0b5f02cb249f9aca9efe45e2dadc5e50b7d89e@changeid> Mime-Version: 1.0 References: <20210729085651.3600926-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v5 02/13] core: add adapter and device allowed_uuid functions From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This implements functions in src/adapter.c and src/device.c for plugins setting a list of allowed services. Reviewed-by: Miao-chen Chou --- (no changes since v1) src/adapter.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++ src/adapter.h | 8 +++++ src/device.c | 64 +++++++++++++++++++++++++++++++++++- src/device.h | 2 ++ 4 files changed, 163 insertions(+), 1 deletion(-) diff --git a/src/adapter.c b/src/adapter.c index 663b778e4a5d..c7fe27d19a5d 100644 --- a/src/adapter.c +++ b/src/adapter.c @@ -260,6 +260,8 @@ struct btd_adapter { struct btd_battery_provider_manager *battery_provider_manager; + GHashTable *allowed_uuid_set; /* Set of allowed service UUIDs */ + gboolean initialized; GSList *pin_callbacks; @@ -3489,6 +3491,93 @@ static DBusMessage *connect_device(DBusConnection *conn, return NULL; } +static void update_device_allowed_services(void *data, void *user_data) +{ + struct btd_device *device = data; + + btd_device_update_allowed_services(device); +} + +static void add_uuid_to_uuid_set(void *data, void *user_data) +{ + bt_uuid_t *uuid = data; + GHashTable *uuid_set = user_data; + + if (!uuid) { + error("Found NULL in UUID allowed list"); + return; + } + + g_hash_table_add(uuid_set, uuid); +} + +static guint bt_uuid_hash(gconstpointer key) +{ + const bt_uuid_t *uuid = key; + bt_uuid_t uuid_128; + uint64_t *val; + + if (!uuid) + return 0; + + bt_uuid_to_uuid128(uuid, &uuid_128); + val = (uint64_t *)&uuid_128.value.u128; + + return g_int64_hash(val) ^ g_int64_hash(val+1); +} + +static gboolean bt_uuid_equal(gconstpointer v1, gconstpointer v2) +{ + const bt_uuid_t *uuid1 = v1; + const bt_uuid_t *uuid2 = v2; + + if (!uuid1 || !uuid2) + return !uuid1 && !uuid2; + + return bt_uuid_cmp(uuid1, uuid2) == 0; +} + +bool btd_adapter_set_allowed_uuids(struct btd_adapter *adapter, + struct queue *uuids) +{ + if (!adapter) + return false; + + if (adapter->allowed_uuid_set) + g_hash_table_destroy(adapter->allowed_uuid_set); + + adapter->allowed_uuid_set = g_hash_table_new(bt_uuid_hash, + bt_uuid_equal); + if (!adapter->allowed_uuid_set) { + btd_error(adapter->dev_id, + "Failed to allocate allowed_uuid_set"); + return false; + } + + queue_foreach(uuids, add_uuid_to_uuid_set, adapter->allowed_uuid_set); + g_slist_foreach(adapter->devices, update_device_allowed_services, NULL); + + return true; +} + +bool btd_adapter_is_uuid_allowed(struct btd_adapter *adapter, + const char *uuid_str) +{ + bt_uuid_t uuid; + + if (!adapter || !adapter->allowed_uuid_set) + return true; + + if (bt_string_to_uuid(&uuid, uuid_str)) { + btd_error(adapter->dev_id, + "Failed to parse UUID string '%s'", uuid_str); + return false; + } + + return !g_hash_table_size(adapter->allowed_uuid_set) || + g_hash_table_contains(adapter->allowed_uuid_set, &uuid); +} + static const GDBusMethodTable adapter_methods[] = { { GDBUS_ASYNC_METHOD("StartDiscovery", NULL, NULL, start_discovery) }, { GDBUS_METHOD("SetDiscoveryFilter", @@ -5404,6 +5493,7 @@ static void adapter_free(gpointer user_data) g_free(adapter->stored_alias); g_free(adapter->current_alias); free(adapter->modalias); + g_hash_table_destroy(adapter->allowed_uuid_set); g_free(adapter); } diff --git a/src/adapter.h b/src/adapter.h index 60b5e3bcca34..7cac51451249 100644 --- a/src/adapter.h +++ b/src/adapter.h @@ -25,6 +25,7 @@ struct btd_adapter; struct btd_device; +struct queue; struct btd_adapter *btd_adapter_get_default(void); bool btd_adapter_is_default(struct btd_adapter *adapter); @@ -97,6 +98,8 @@ void adapter_service_remove(struct btd_adapter *adapter, uint32_t handle); struct agent *adapter_get_agent(struct btd_adapter *adapter); +bool btd_adapter_uuid_is_allowed(struct btd_adapter *adapter, const char *uuid); + struct btd_adapter *btd_adapter_ref(struct btd_adapter *adapter); void btd_adapter_unref(struct btd_adapter *adapter); @@ -240,3 +243,8 @@ enum kernel_features { }; bool btd_has_kernel_features(uint32_t feature); + +bool btd_adapter_set_allowed_uuids(struct btd_adapter *adapter, + struct queue *uuids); +bool btd_adapter_is_uuid_allowed(struct btd_adapter *adapter, + const char *uuid_str); diff --git a/src/device.c b/src/device.c index b29aa195d19b..c4a4497da01f 100644 --- a/src/device.c +++ b/src/device.c @@ -1929,6 +1929,56 @@ static int service_prio_cmp(gconstpointer a, gconstpointer b) return p2->priority - p1->priority; } +bool btd_device_all_services_allowed(struct btd_device *dev) +{ + GSList *l; + struct btd_adapter *adapter = dev->adapter; + struct btd_service *service; + struct btd_profile *profile; + + for (l = dev->services; l != NULL; l = g_slist_next(l)) { + service = l->data; + profile = btd_service_get_profile(service); + + if (!profile || !profile->auto_connect) + continue; + + if (!btd_adapter_is_uuid_allowed(adapter, profile->remote_uuid)) + return false; + } + + return true; +} + +void btd_device_update_allowed_services(struct btd_device *dev) +{ + struct btd_adapter *adapter = dev->adapter; + struct btd_service *service; + struct btd_profile *profile; + GSList *l; + bool is_allowed; + char addr[18]; + + /* If service discovery is ongoing, let the service discovery complete + * callback call this function. + */ + if (dev->browse) { + ba2str(&dev->bdaddr, addr); + DBG("service discovery of %s is ongoing. Skip updating allowed " + "services", addr); + return; + } + + for (l = dev->services; l != NULL; l = g_slist_next(l)) { + service = l->data; + profile = btd_service_get_profile(service); + + is_allowed = btd_adapter_is_uuid_allowed(adapter, + profile->remote_uuid); + btd_service_set_allowed(service, is_allowed); + } +} + static GSList *create_pending_list(struct btd_device *dev, const char *uuid) { struct btd_service *service; @@ -1937,9 +1987,14 @@ static GSList *create_pending_list(struct btd_device *dev, const char *uuid) if (uuid) { service = find_connectable_service(dev, uuid); - if (service) + + if (!service) + return dev->pending; + + if (btd_service_is_allowed(service)) return g_slist_prepend(dev->pending, service); + info("service %s is blocked", uuid); return dev->pending; } @@ -1950,6 +2005,11 @@ static GSList *create_pending_list(struct btd_device *dev, const char *uuid) if (!p->auto_connect) continue; + if (!btd_service_is_allowed(service)) { + info("service %s is blocked", p->remote_uuid); + continue; + } + if (g_slist_find(dev->pending, service)) continue; @@ -2633,6 +2693,8 @@ static void device_svc_resolved(struct btd_device *dev, uint8_t browse_type, dev->svc_callbacks); g_free(cb); } + + btd_device_update_allowed_services(dev); } static struct bonding_req *bonding_request_new(DBusMessage *msg, diff --git a/src/device.h b/src/device.h index 4ae9abe0dbb4..5f615cb4b6b2 100644 --- a/src/device.h +++ b/src/device.h @@ -175,5 +175,7 @@ uint32_t btd_device_get_current_flags(struct btd_device *dev); void btd_device_flags_changed(struct btd_device *dev, uint32_t supported_flags, uint32_t current_flags); +bool btd_device_all_services_allowed(struct btd_device *dev); +void btd_device_update_allowed_services(struct btd_device *dev); void btd_device_init(void); void btd_device_cleanup(void); From patchwork Thu Jul 29 08:56:41 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12408139 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-21.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 20F19C4338F for ; Thu, 29 Jul 2021 08:57:15 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 084406103B for ; Thu, 29 Jul 2021 08:57:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235162AbhG2I5Q (ORCPT ); Thu, 29 Jul 2021 04:57:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37428 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235209AbhG2I5Q (ORCPT ); Thu, 29 Jul 2021 04:57:16 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9B4E7C061757 for ; Thu, 29 Jul 2021 01:57:13 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id f3-20020a25cf030000b029055a2303fc2dso6088386ybg.11 for ; Thu, 29 Jul 2021 01:57:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=+fcd5Qv9ghfGsN7+gveRQgNoa21U6k7qkJYCm6II4Sk=; b=TH9bprDMGuINZnRLR/vxImm7aRP8zqMDcIcFeFFNi6J9Ao2W9q4qBEP4NIUR5PU5hc qIEgWdPnzmbgJpOeGvery0IkhBYWBPz5ouZJDG8jg7QZ77ezl8uNclpgJthn0Kc+Ou0u 3X8l3SkuKrttzjsL2RcUaAEtfTc6J7tKH1MlhbrrZsAP+dWQMdlsigBHKexawVrCNOTZ krQHlXc22UKCU6Oi+ZGS43B/d6uuQhdNlp3UuxsSVc0br1shsbTWqNF2PH0w/0P+OGTt E7VMkcbT74aD0i+E0s5qt8u4NTneIfC/Ld3POQ3gfGY8KQv9aTjkU8mqWL5iW9aWb7xS tNJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=+fcd5Qv9ghfGsN7+gveRQgNoa21U6k7qkJYCm6II4Sk=; b=HHTPV8Zs5KMg4Fv2xj26vjCGNdo0epbXe/Pu+UUtw7DYzSvUAe+7nGM/c2oKA1/DxL TGESY17SMWcOJPI2J7swtQP+042moxN73nqOpoEqWSW2lfoDU5tuGNLW9IuIxFStDZA6 h0+YlsgKKRNlDOR8ClWD+fkYnTaWXUEoiHGvtNT2+WoQe6vRDvDOfgKavat5cXv/GQcy u5pMNgqwBe6JymDqNaSiw8yNRmNyF9MTJ15gWY9aN8CYKjD/mdZLBNbAGYP5R7w483WQ DVGb9JCXpZObJRw2Tf1hGWjXBE5oyujPG0h0i1Mggdw7ZRk//Mrbj8awVKiFRkoSx8VM AiHQ== X-Gm-Message-State: AOAM532grVJjfqoPEfwqVEsxA2gr65zdf9rqk592vPY60Q0oTAaluVnA kCKa8TCG9gl0mU6DPBGd/fSEvYHnVfZRa/C9LvaFipbZyI62HQO4SSLlZfOdT0QgfutuKtCMnpQ SuH1R8V8997JZl6gZtHzZFiFsIx4YahDtb9aMM/vuNrF6jrg9KLiWmZxsdBuF4kl8Z5roAgje4d wnOpJxzY+Lln8= X-Google-Smtp-Source: ABdhPJyErjVkPVRSZav4Mu7Xm5sNtkNp0UCXEA02BTnBcD8mu+jKo4NQOJW6j9p8DhMqO1r+IVrO4ZoD6wUZ4hN9Kg== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a25:a2c7:: with SMTP id c7mr5040262ybn.1.1627549032786; Thu, 29 Jul 2021 01:57:12 -0700 (PDT) Date: Thu, 29 Jul 2021 16:56:41 +0800 In-Reply-To: <20210729085651.3600926-1-howardchung@google.com> Message-Id: <20210729165211.Bluez.v5.3.If0cf6e1feb9e9cc8106793bcaea60202852d7095@changeid> Mime-Version: 1.0 References: <20210729085651.3600926-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v5 03/13] mcap: add adapter authorization From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung Currently mcap is the only profile that doesn't request adatper authorization. This patch adds a argument when creating the mcap instance to set authorize method. The reason why we don't use btd_request_authorization directly like all other profiles is because tools/mcaptest includes the profile/health/mcap.h. If we add dependency to adapter.h in mcap.h, it will make mcaptest depend on adapter and be not able to build independently. --- (no changes since v1) android/health.c | 2 +- profiles/health/hdp.c | 1 + profiles/health/mcap.c | 39 +++++++++++++++++++++++++++++++++++++-- profiles/health/mcap.h | 7 +++++++ tools/mcaptest.c | 2 +- 5 files changed, 47 insertions(+), 4 deletions(-) diff --git a/android/health.c b/android/health.c index 9a29964b1be2..de50db98e988 100644 --- a/android/health.c +++ b/android/health.c @@ -2008,7 +2008,7 @@ bool bt_health_register(struct ipc *ipc, const bdaddr_t *addr, uint8_t mode) mcl_connected, mcl_reconnected, mcl_disconnected, mcl_uncached, NULL, /* CSP is not used right now */ - NULL, &err); + NULL, NULL, &err); if (!mcap) { error("health: MCAP instance creation failed %s", err->message); g_error_free(err); diff --git a/profiles/health/hdp.c b/profiles/health/hdp.c index 6bc41946fef3..efa8955efaea 100644 --- a/profiles/health/hdp.c +++ b/profiles/health/hdp.c @@ -1347,6 +1347,7 @@ static gboolean update_adapter(struct hdp_adapter *hdp_adapter) mcl_connected, mcl_reconnected, mcl_disconnected, mcl_uncached, NULL, /* CSP is not used by now */ + btd_request_authorization, hdp_adapter, &err); if (hdp_adapter->mi == NULL) { error("Error creating the MCAP instance: %s", err->message); diff --git a/profiles/health/mcap.c b/profiles/health/mcap.c index be13af37a0b8..d4cb69f77f5b 100644 --- a/profiles/health/mcap.c +++ b/profiles/health/mcap.c @@ -14,6 +14,7 @@ #endif #define _GNU_SOURCE +#include #include #include #include @@ -23,6 +24,7 @@ #include #include "lib/bluetooth.h" +#include "lib/uuid.h" #include "bluetooth/l2cap.h" #include "btio/btio.h" #include "src/log.h" @@ -1980,7 +1982,6 @@ static void set_mcl_conf(GIOChannel *chan, struct mcap_mcl *mcl) mcl->state = MCL_CONNECTED; mcl->role = MCL_ACCEPTOR; mcl->req = MCL_AVAILABLE; - mcl->cc = g_io_channel_ref(chan); mcl->ctrl |= MCAP_CTRL_STD_OP; mcap_sync_init(mcl); @@ -2005,19 +2006,39 @@ static void set_mcl_conf(GIOChannel *chan, struct mcap_mcl *mcl) mcl->mi->mcl_connected_cb(mcl, mcl->mi->user_data); } +static void auth_callback(void *err, void *user_data) +{ + struct mcap_mcl *mcl = user_data; + DBusError *derr = err; + + if (derr) { + error("Access denied: %s", derr->message); + goto reject; + } + + set_mcl_conf(mcl->cc, mcl); + return; + +reject: + g_io_channel_shutdown(mcl->cc, TRUE, NULL); + g_io_channel_unref(mcl->cc); +} + static void connect_mcl_event_cb(GIOChannel *chan, GError *gerr, gpointer user_data) { struct mcap_instance *mi = user_data; struct mcap_mcl *mcl; - bdaddr_t dst; + bdaddr_t src, dst; char address[18], srcstr[18]; GError *err = NULL; + guint ret; if (gerr) return; bt_io_get(chan, &err, + BT_IO_OPT_SOURCE_BDADDR, &src, BT_IO_OPT_DEST_BDADDR, &dst, BT_IO_OPT_DEST, address, BT_IO_OPT_INVALID); @@ -2044,6 +2065,18 @@ static void connect_mcl_event_cb(GIOChannel *chan, GError *gerr, mcl->next_mdl = (rand() % MCAP_MDLID_FINAL) + 1; } + mcl->cc = g_io_channel_ref(chan); + if (mi->authorize_cb) { + ret = mi->authorize_cb(&src, &dst, HDP_UUID, auth_callback, + mcl); + if (ret != 0) + return; + + error("HDP: authorization for device %s failed", address); + g_io_channel_unref(mcl->cc); + goto drop; + } + set_mcl_conf(chan, mcl); return; @@ -2060,6 +2093,7 @@ struct mcap_instance *mcap_create_instance(const bdaddr_t *src, mcap_mcl_event_cb mcl_disconnected, mcap_mcl_event_cb mcl_uncached, mcap_info_ind_event_cb mcl_sync_info_ind, + mcap_authorize_cb authorize_cb, gpointer user_data, GError **gerr) { @@ -2089,6 +2123,7 @@ struct mcap_instance *mcap_create_instance(const bdaddr_t *src, mi->mcl_disconnected_cb = mcl_disconnected; mi->mcl_uncached_cb = mcl_uncached; mi->mcl_sync_infoind_cb = mcl_sync_info_ind; + mi->authorize_cb = authorize_cb; mi->user_data = user_data; mi->csp_enabled = FALSE; diff --git a/profiles/health/mcap.h b/profiles/health/mcap.h index 5a94c8b63bea..aa69b0d32c0d 100644 --- a/profiles/health/mcap.h +++ b/profiles/health/mcap.h @@ -249,6 +249,11 @@ typedef void (* mcap_sync_set_cb) (struct mcap_mcl *mcl, GError *err, gpointer data); +typedef void mcap_auth_cb(void *err, void *user_data); +typedef guint (* mcap_authorize_cb) (const bdaddr_t *src, const bdaddr_t *dst, + const char *uuid, mcap_auth_cb cb, + void *user_data); + struct mcap_mdl_cb { mcap_mdl_event_cb mdl_connected; /* Remote device has created a MDL */ mcap_mdl_event_cb mdl_closed; /* Remote device has closed a MDL */ @@ -271,6 +276,7 @@ struct mcap_instance { mcap_mcl_event_cb mcl_disconnected_cb; /* MCL disconnected */ mcap_mcl_event_cb mcl_uncached_cb; /* MCL has been removed from MCAP cache */ mcap_info_ind_event_cb mcl_sync_infoind_cb; /* (CSP Master) Received info indication */ + mcap_authorize_cb authorize_cb; /* Method to request authorization */ gpointer user_data; /* Data to be provided in callbacks */ int ref; /* Reference counter */ @@ -404,6 +410,7 @@ struct mcap_instance *mcap_create_instance(const bdaddr_t *src, mcap_mcl_event_cb mcl_disconnected, mcap_mcl_event_cb mcl_uncached, mcap_info_ind_event_cb mcl_sync_info_ind, + mcap_authorize_cb authorize_cb, gpointer user_data, GError **gerr); void mcap_release_instance(struct mcap_instance *mi); diff --git a/tools/mcaptest.c b/tools/mcaptest.c index dcef0b908ac8..63ee22149a40 100644 --- a/tools/mcaptest.c +++ b/tools/mcaptest.c @@ -434,7 +434,7 @@ int main(int argc, char *argv[]) mcl_connected, mcl_reconnected, mcl_disconnected, mcl_uncached, NULL, /* CSP is not used right now */ - NULL, &err); + NULL, NULL, &err); if (!mcap) { printf("MCAP instance creation failed %s\n", err->message); From patchwork Thu Jul 29 08:56:42 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12408141 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-21.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CE77AC4338F for ; Thu, 29 Jul 2021 08:57:20 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id B69F86103B for ; Thu, 29 Jul 2021 08:57:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235188AbhG2I5W (ORCPT ); Thu, 29 Jul 2021 04:57:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37456 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235244AbhG2I5V (ORCPT ); Thu, 29 Jul 2021 04:57:21 -0400 Received: from mail-qk1-x749.google.com (mail-qk1-x749.google.com [IPv6:2607:f8b0:4864:20::749]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 047A4C061757 for ; Thu, 29 Jul 2021 01:57:19 -0700 (PDT) Received: by mail-qk1-x749.google.com with SMTP id i15-20020a05620a150fb02903b960837cbfso3409415qkk.10 for ; Thu, 29 Jul 2021 01:57:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=L6lNNaSX6qQORZqT2VoBUMM9LUS7LaDIzlSN+vZ3p6I=; b=c73T+KCVvuO348nhl1ZSt2/M1lCRZ8yIF2Ercba12KugbybD+4G1jn4sfxf9hAMgeU Ws+zf0wo2VHbdoZdJm0XrVLKlEbsjLbQ3ZaTvlZEjjHYEKL5BzipGPYds0N6eO+j8cPg /L4KI7EL7PsfgxFRIRF3DFIpHCHl8An/yHx9YEGtHkfvnVLaB9mcwUwVULs2hAeVpQ3y I0rC0JkXsWcUICD54b9Q0jDOWoUmcm+HocJ5d5R0zBeXu3Om8kvQPiFH7a55pSpBl+Xo u51BxWvMSVmhEek6T0OKerWg/swkOHWfAyG5cZMV74RLF83qTfqDaTRIJ4VxPiTvZGV2 I6KA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=L6lNNaSX6qQORZqT2VoBUMM9LUS7LaDIzlSN+vZ3p6I=; b=Z/apjt+tSO6rkDsRsUy5NMsd5GlJ0T1XuPLvlzSzG/zfpiJHXOj6oJ9uv1Dv5zlwtY LDCNAoEWL9Kq5XBblJKqX0+A9t4XNEtgDX8ePTw3Nl51tSDIDNUiZ+yDgk/C/zrHPCGr 1TAk0pehvUKVQWvX4Pa+66MXEpQfmDwatCB+WE35xXKIRNfwvjyzz++hS0e3RN55cId4 C8CIOPOctArL8ZwLlZQfbYAgQYSGKw69HLzYJxA6DLuIvMi6HoFr08TwL7o7Jm3j3mAw g+80Bq0tDLNv2mqj97t3f8xarjG5k9MzAExAH9NPfOb/b7Bxy8BwFxGkixxLwuL5iuro aeDQ== X-Gm-Message-State: AOAM531aAI+6fjFJxgu3DTONMdJOJQM9o/SSIRzvjRR9eI/Lh1P/8VRh 8C/sseuga13DSHujB/GVYwZRXnoYRrxX11qbSOcLjXqU2ymgrM9EYWfAt9E1gDYNFxBBecJcywF /LZm0e9QTDXAJ2PjUyGxzNoLeckGNOCoqhHZik7fX9ihNfaagiEM/qqDhMw/SyjWAU6hVfPbW4v QJ9eqcQhOo0SA= X-Google-Smtp-Source: ABdhPJxugD664Mv+Sbmyn5dY+fChi5d4GBQQm8Wfg3/NPNyF583+PFKsCdVGXitmZ6clnLXtQ/7hZyPu9+7iONiqOg== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a05:6214:178d:: with SMTP id ct13mr3945724qvb.22.1627549038116; Thu, 29 Jul 2021 01:57:18 -0700 (PDT) Date: Thu, 29 Jul 2021 16:56:42 +0800 In-Reply-To: <20210729085651.3600926-1-howardchung@google.com> Message-Id: <20210729165211.Bluez.v5.4.Ia4dc489979e4bf7ffa3421199b1b9fd8d7f00bbc@changeid> Mime-Version: 1.0 References: <20210729085651.3600926-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v5 04/13] core: block not allowed UUID connect in auth From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This ensures any incoming profile connection will be blocked if its UUID is not allowed by the following assumption: 1. Each system profile asks adapter authorization when seeing a incoming connection. 2. Each external profile checks if its UUID is allowed by adapter when seeing a incoming connection. --- The following test steps were performed after enabling admin plugin: 1. Set ServiceAllowList to ["1234"]. 2. Turn on a paired classic keyboard. Verify it can not be connected. 3. Set ServiceAllowList to ["1800","1801","180A","180F","1812"] 4. Turn off and turn on the keyboard. Verift it can be connected. (no changes since v1) src/adapter.c | 5 +++++ src/profile.c | 11 +++++++++++ 2 files changed, 16 insertions(+) diff --git a/src/adapter.c b/src/adapter.c index c7fe27d19a5d..6c8096147bdd 100644 --- a/src/adapter.c +++ b/src/adapter.c @@ -7118,6 +7118,11 @@ static gboolean process_auth_queue(gpointer user_data) if (auth->svc_id > 0) return FALSE; + if (!btd_adapter_is_uuid_allowed(adapter, auth->uuid)) { + auth->cb(&err, auth->user_data); + goto next; + } + if (device_is_trusted(device) == TRUE) { auth->cb(NULL, auth->user_data); goto next; diff --git a/src/profile.c b/src/profile.c index 60d17b6ae657..e1bebf1ee19c 100644 --- a/src/profile.c +++ b/src/profile.c @@ -1249,6 +1249,11 @@ static void ext_confirm(GIOChannel *io, gpointer user_data) DBG("incoming connect from %s", addr); + if (!btd_adapter_is_uuid_allowed(adapter_find(&src), uuid)) { + info("UUID %s is not allowed. Igoring the connection", uuid); + return; + } + conn = create_conn(server, io, &src, &dst); if (conn == NULL) return; @@ -1272,6 +1277,7 @@ static void ext_direct_connect(GIOChannel *io, GError *err, gpointer user_data) struct ext_profile *ext = server->ext; GError *gerr = NULL; struct ext_io *conn; + const char *uuid = ext->service ? ext->service : ext->uuid; bdaddr_t src, dst; bt_io_get(io, &gerr, @@ -1285,6 +1291,11 @@ static void ext_direct_connect(GIOChannel *io, GError *err, gpointer user_data) return; } + if (!btd_adapter_is_uuid_allowed(adapter_find(&src), uuid)) { + info("UUID %s is not allowed. Igoring the connection", uuid); + return; + } + conn = create_conn(server, io, &src, &dst); if (conn == NULL) return; From patchwork Thu Jul 29 08:56:43 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12408143 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-21.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0456EC4338F for ; Thu, 29 Jul 2021 08:57:28 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id DDB2E60F23 for ; Thu, 29 Jul 2021 08:57:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235314AbhG2I52 (ORCPT ); Thu, 29 Jul 2021 04:57:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37474 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235209AbhG2I50 (ORCPT ); Thu, 29 Jul 2021 04:57:26 -0400 Received: from mail-qv1-xf49.google.com (mail-qv1-xf49.google.com [IPv6:2607:f8b0:4864:20::f49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0AC8DC061757 for ; Thu, 29 Jul 2021 01:57:23 -0700 (PDT) Received: by mail-qv1-xf49.google.com with SMTP id js9-20020a0562142aa9b0290310fecb5f78so3605300qvb.0 for ; Thu, 29 Jul 2021 01:57:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=Q/e+0IQlyiwFsKtb7qCWpUP84WxAop8SbAryiByocQw=; b=tCiWol/FeTuqWk0PM0Baxj+Mg3OhPcnPEGZRABDK0Zj8r9TOEjJMNElTUlhp6wP045 1NfCh2DAV8hdiTh6tUrmMHDILKkt1ESWu31EHkpEb3hOxFMQy7cQUCSGkkKOrm1NCcLI Lh7vpQtcOlLlUGCjIYIBcLvZ8yy5BOoBXG0uJVQdmy7F0DOLh0r+JYI5ngB1F9Fii51f Z1Hl4b4rM2PU03unUdlAzHEaJQ+mOb+ZivgLFte2r7lZl7RFnQZt8hkzIFURxTzDxoW/ z43Yy5Pt30ift6J2Qiniz5rheA/U4m2L6YO7sIg12Cp9uGsz0n6ZedXpslWbD59GZBez PR4Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=Q/e+0IQlyiwFsKtb7qCWpUP84WxAop8SbAryiByocQw=; b=TR3wU7SlOXZgh0rEMl+V0og7bx8i6Mebroq4e6KS8FzQ06KExAcfSgU4jVq1MlzcAg ukmR26LGnrDJhxC//9vD66UtQjRL4yQoG4JtDUz+sPhnn5wrj0EI6u7VKG+CszZU654V 0RMWX5x/y6MZChnCL6FPdUr6xak8krMsXH35T+DYUk0rJj16R4WWs0nYxsODCraD/oi3 SO4FTiMX7voNLaprM0c8rZhmgBZG4rzjCSL8x89+em9sUHn2Iw/VeIJ0BWvVjuX+D4tw oWYdJr8UxQX6Z+MJio6VYJzvoplgq9XsoM3EAeboY25ZJmDPtZuXOwNMJsZIo8aDiRh4 9aLQ== X-Gm-Message-State: AOAM533zE5E0J3+NHfNJ5gd/pKUZcJlrbuB81U9+5EXd547oftptaqwI ggbzXJ20NCAASrfFpvVlpp68oJJS4Go4HUqILp4miZw+Y0LZUd29zLHbeuy6TIPFuHqZ0hx2YRS MwK1I8WXDDVmTOR+cs11nF+7Ce3/u77TFFnTeoPPBJqQjNHmUcfLsCsToLxGR4cAK/6ITYS5mK1 ZYcil5Nsh8utQ= X-Google-Smtp-Source: ABdhPJxaPPc8Hajr473jSBf2MVlnaeG95Cwf/CF0gqwMLigmfpaABgc28qmkEx7DrY2xx4DcJdskn1ChGFlGNRHe/Q== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a0c:ef85:: with SMTP id w5mr4371572qvr.22.1627549042875; Thu, 29 Jul 2021 01:57:22 -0700 (PDT) Date: Thu, 29 Jul 2021 16:56:43 +0800 In-Reply-To: <20210729085651.3600926-1-howardchung@google.com> Message-Id: <20210729165211.Bluez.v5.5.Iee308dd18bfdfd3dae9e343e78b3942ee462314f@changeid> Mime-Version: 1.0 References: <20210729085651.3600926-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v5 05/13] core: add device_added and device_removed to adapter driver From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds device_added and device_removed to btd_adapter_driver so that a driver can get notification when device is added or removed. --- (no changes since v1) src/adapter.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++----- src/adapter.h | 4 ++++ 2 files changed, 58 insertions(+), 5 deletions(-) diff --git a/src/adapter.c b/src/adapter.c index 6c8096147bdd..5c556b569ca7 100644 --- a/src/adapter.c +++ b/src/adapter.c @@ -1218,6 +1218,9 @@ void adapter_service_remove(struct btd_adapter *adapter, uint32_t handle) remove_record_from_server(rec->handle); } +static void adapter_add_device(struct btd_adapter *adapter, + struct btd_device *device); + static struct btd_device *adapter_create_device(struct btd_adapter *adapter, const bdaddr_t *bdaddr, uint8_t bdaddr_type) @@ -1228,8 +1231,7 @@ static struct btd_device *adapter_create_device(struct btd_adapter *adapter, if (!device) return NULL; - adapter->devices = g_slist_append(adapter->devices, device); - + adapter_add_device(adapter, device); return device; } @@ -1256,6 +1258,9 @@ static void service_auth_cancel(struct service_auth *auth) g_free(auth); } +static void adapter_remove_device(struct btd_adapter *adapter, + struct btd_device *device); + void btd_adapter_remove_device(struct btd_adapter *adapter, struct btd_device *dev) { @@ -1263,7 +1268,7 @@ void btd_adapter_remove_device(struct btd_adapter *adapter, adapter->connect_list = g_slist_remove(adapter->connect_list, dev); - adapter->devices = g_slist_remove(adapter->devices, dev); + adapter_remove_device(adapter, dev); btd_adv_monitor_device_remove(adapter->adv_monitor_manager, dev); adapter->discovery_found = g_slist_remove(adapter->discovery_found, @@ -4665,7 +4670,7 @@ static void load_devices(struct btd_adapter *adapter) goto free; btd_device_set_temporary(device, false); - adapter->devices = g_slist_append(adapter->devices, device); + adapter_add_device(adapter, device); /* TODO: register services from pre-loaded list of primaries */ @@ -4827,6 +4832,48 @@ void adapter_remove_profile(struct btd_adapter *adapter, gpointer p) profile->adapter_remove(profile, adapter); } +static void device_added_drivers(struct btd_adapter *adapter, + struct btd_device *device) +{ + struct btd_adapter_driver *driver; + GSList *l; + + for (l = adapter_drivers; l; l = l->next) { + driver = l->data; + + if (driver->device_added) + driver->device_added(adapter, device); + } +} + +static void device_removed_drivers(struct btd_adapter *adapter, + struct btd_device *device) +{ + struct btd_adapter_driver *driver; + GSList *l; + + for (l = adapter_drivers; l; l = l->next) { + driver = l->data; + + if (driver->device_removed) + driver->device_removed(adapter, device); + } +} + +static void adapter_add_device(struct btd_adapter *adapter, + struct btd_device *device) +{ + adapter->devices = g_slist_append(adapter->devices, device); + device_added_drivers(adapter, device); +} + +static void adapter_remove_device(struct btd_adapter *adapter, + struct btd_device *device) +{ + adapter->devices = g_slist_remove(adapter->devices, device); + device_removed_drivers(adapter, device); +} + static void adapter_add_connection(struct btd_adapter *adapter, struct btd_device *device, uint8_t bdaddr_type) @@ -6445,8 +6492,10 @@ static void adapter_remove(struct btd_adapter *adapter) g_slist_free(adapter->connect_list); adapter->connect_list = NULL; - for (l = adapter->devices; l; l = l->next) + for (l = adapter->devices; l; l = l->next) { + device_removed_drivers(adapter, l->data); device_remove(l->data, FALSE); + } g_slist_free(adapter->devices); adapter->devices = NULL; diff --git a/src/adapter.h b/src/adapter.h index 7cac51451249..a2567330ddc9 100644 --- a/src/adapter.h +++ b/src/adapter.h @@ -111,6 +111,10 @@ struct btd_adapter_driver { int (*probe) (struct btd_adapter *adapter); void (*remove) (struct btd_adapter *adapter); void (*resume) (struct btd_adapter *adapter); + void (*device_added) (struct btd_adapter *adapter, + struct btd_device *device); + void (*device_removed) (struct btd_adapter *adapter, + struct btd_device *device); }; typedef void (*service_auth_cb) (DBusError *derr, void *user_data); From patchwork Thu Jul 29 08:56:44 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12408145 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 389F8C4338F for ; Thu, 29 Jul 2021 08:57:31 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1B41460F23 for ; Thu, 29 Jul 2021 08:57:31 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235297AbhG2I5d (ORCPT ); Thu, 29 Jul 2021 04:57:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37498 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235209AbhG2I5c (ORCPT ); Thu, 29 Jul 2021 04:57:32 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DB641C061757 for ; Thu, 29 Jul 2021 01:57:28 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id o5-20020a2581050000b029055ab4873f4cso6052054ybk.22 for ; Thu, 29 Jul 2021 01:57:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=mDdEFCjpHD/uWglCa7g2e7wWzLT0QoSSZnVpKWZCPo4=; b=BgMhzD3RjVUi9qqY9wsPDmqr2KGXDKN/FBLAYrHuQS1fTjxz0PldaXiAhvQs0Ah+7J ciY1EUMKNkExaIorB7T77Q0fMphBWeMxrrNY8GMWIrx4lRjKih0Ub9GNO6rFq4UvYv8N r+M/AKKtOE9qZxZkel4H7gdJcYVVRPRLfq32/B0SAfO4wyqzGAYb25tYpYZVPGJtsZmd cqwwmTo337R5IBOXvNgDfLnAhxOCkFdSMVtP5n8GlFYFlJQFiaJXpR0vfTgITgzHA3ce jocd9s7KijhqpmsbrTe2gWEIrwAmwwBTqnbZVe3Jc60/+e1zPcTz62kVOGvF+gr3VmYu p+8Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=mDdEFCjpHD/uWglCa7g2e7wWzLT0QoSSZnVpKWZCPo4=; b=NdOyEuOMvLYBuIYwMXa6zYWDcJbfQRwbM6XHWykeI7mCu2c8k6LN5FR0s0/mb1R3K6 l+Kowf3hdi2gyFJqOhIczBFooFLfQaaLLqN/DIGXKj17oZMd1gLidz1jJHHyDKhjptWA y/p+IqhUAfScSJ1WuqjFyRgaQz83BldGemheF8zN/rFGIemaijTcMsRG4ZXdO/x8DCZI qjH4dsmylIxkjR8v3GQmtRb3AOUv2vYGioe1kTmmgGh12FmU5WQ+AUa13lWFi7e8dO+t il31rI1I8XH04H7h88P0n81p7NNSx1wcrxqS5ab6yjSQqVTLq7QUttZYxDp0PEIwsbRd WAoA== X-Gm-Message-State: AOAM53362h6zF+nnxNxxhV02CjsKV73kKYHhzwrIW5I1ZxB0I1ovdjnu pvdGF2k3PPnsr95o5uGfnposfFmOBVAB8oZ52MX5aq0t9MwNz4IlzwfTL6sj2drdWGkI6mAX9BF 6oTVbWg0rdMslhiFkGFYweIyMLc824hM4/bqNsuQt1QkI4LQkw2t406KVsRDQMrzh0+m43cren3 S7XnJE86FGjrY= X-Google-Smtp-Source: ABdhPJz9D80rLYRqYLI0etwvWu3s/IomArSdR512DyygbipwaWmK0m1YxC3I/QRf/JEXWO1WqSsBNvw0OLhh8lFFHg== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a25:2008:: with SMTP id g8mr4995955ybg.502.1627549048046; Thu, 29 Jul 2021 01:57:28 -0700 (PDT) Date: Thu, 29 Jul 2021 16:56:44 +0800 In-Reply-To: <20210729085651.3600926-1-howardchung@google.com> Message-Id: <20210729165211.Bluez.v5.6.Id0842634d98a21fbdfa5cc72c76a462a98bf6f40@changeid> Mime-Version: 1.0 References: <20210729085651.3600926-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v5 06/13] plugins: new plugin From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds an initial code for a new plugin admin. Reviewed-by: Miao-chen Chou --- (no changes since v1) Makefile.plugins | 5 +++++ bootstrap-configure | 1 + configure.ac | 4 ++++ plugins/admin.c | 30 ++++++++++++++++++++++++++++++ 4 files changed, 40 insertions(+) create mode 100644 plugins/admin.c diff --git a/Makefile.plugins b/Makefile.plugins index 4e6a72b0bdf6..69fb01001cc6 100644 --- a/Makefile.plugins +++ b/Makefile.plugins @@ -11,6 +11,11 @@ builtin_sources += plugins/autopair.c builtin_modules += policy builtin_sources += plugins/policy.c +if ADMIN +builtin_modules += admin +builtin_sources += plugins/admin.c +endif + if NFC builtin_modules += neard builtin_sources += plugins/neard.c diff --git a/bootstrap-configure b/bootstrap-configure index 0efd83abc2c4..a34be832068e 100755 --- a/bootstrap-configure +++ b/bootstrap-configure @@ -30,4 +30,5 @@ fi --enable-pie \ --enable-cups \ --enable-library \ + --enable-admin \ --disable-datafiles $* diff --git a/configure.ac b/configure.ac index a5afaea6cfcd..0744860b89fb 100644 --- a/configure.ac +++ b/configure.ac @@ -364,6 +364,10 @@ AC_ARG_ENABLE(logger, AC_HELP_STRING([--enable-logger], [enable HCI logger service]), [enable_logger=${enableval}]) AM_CONDITIONAL(LOGGER, test "${enable_logger}" = "yes") +AC_ARG_ENABLE(admin, AC_HELP_STRING([--enable-admin], + [enable admin policy plugin]), [enable_admin=${enableval}]) +AM_CONDITIONAL(ADMIN, test "${enable_admin}" = "yes") + if (test "${prefix}" = "NONE"); then dnl no prefix and no localstatedir, so default to /var if (test "$localstatedir" = '${prefix}/var'); then diff --git a/plugins/admin.c b/plugins/admin.c new file mode 100644 index 000000000000..42866bcf7be2 --- /dev/null +++ b/plugins/admin.c @@ -0,0 +1,30 @@ +// SPDX-License-Identifier: LGPL-2.1-or-later +/* + * + * BlueZ - Bluetooth protocol stack for Linux + * + * Copyright (C) 2021 Google LLC + * + * + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include "src/log.h" +#include "src/plugin.h" + +static int admin_init(void) +{ + DBG(""); +} + +static void admin_exit(void) +{ + DBG(""); +} + +BLUETOOTH_PLUGIN_DEFINE(admin, VERSION, + BLUETOOTH_PLUGIN_PRIORITY_DEFAULT, + admin_init, admin_exit) From patchwork Thu Jul 29 08:56:45 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12408147 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id AD2FCC4338F for ; Thu, 29 Jul 2021 08:57:37 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 9843F61059 for ; Thu, 29 Jul 2021 08:57:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235197AbhG2I5j (ORCPT ); Thu, 29 Jul 2021 04:57:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37532 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235209AbhG2I5i (ORCPT ); Thu, 29 Jul 2021 04:57:38 -0400 Received: from mail-pl1-x649.google.com (mail-pl1-x649.google.com [IPv6:2607:f8b0:4864:20::649]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2AF37C061757 for ; Thu, 29 Jul 2021 01:57:35 -0700 (PDT) Received: by mail-pl1-x649.google.com with SMTP id s3-20020a1709029883b029012b41197000so4442959plp.16 for ; Thu, 29 Jul 2021 01:57:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=ov+ljL+WLImh2UNgqiJukm2dfT5futa1Kc0R7vlTCyc=; b=Ei2LzhhbFDGpL2UZ5sdXkZpMtAVao1jlskm46uHWPGQvPV6u6AqKhC5bX0pMl4K3vt 4dN0ajIw1v1GxVJpmZ19NDW0l5CRoqQQFKLoewCs2QhrnVZ/uETKMzESGJ/NKpsePWfM d8pNpbolegdVrRh0UnCixRyz2qQPskI7AeUOc5U9fR3RfJ4UZJyVZybYyFUkaH82IMP4 dsVy0QuuxaCOQVWLB6OuWZLco0XumSAtYTbcowVHEBKHu2+s0c2OZ9ld3t5ihZfAM/rE IvwrPFKNak8lZgZ1nWPcZLju1+b12OJDB+NHSFNBuocFf0v81ftOS8azVwQCG3q83fP/ tOSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=ov+ljL+WLImh2UNgqiJukm2dfT5futa1Kc0R7vlTCyc=; b=SJu2qfJcqynpKLt65sqH8eVawraMfarB7MHgDJyeYeyhEfC2Pb8Zy4eKhTyui+yCxX OfS0lENMp1Doxozn4BXeQvnrACGBWU+64sreFWl66660tPkWDCy7IKtKa/FhAPthi86H lQDiKsg+ZGc/QGX+NBGbdu5CdzYqZKqSyG6+txo8l5LfR7KNxCAJNMW9B5LJUxxH+9+Y ZtpyvOWKVagvfTX2DMsk370gXYfAmFINalmGq6m5jJIu+nLCVnA20levgLCu7QJidCxo DBYtD0iX22EZA4LYgkK1G2BEYOuunhJL6pmqhZLhoxheV30bql7tvvh3GyCBegPHD3EL K94A== X-Gm-Message-State: AOAM531rFcu54rH63mYUWAGfl65KjxuvndQPbcxNL1UwgTlWlpE0B/p3 Jh70fz7UDGTaD+BdWXW9gvv8FP8/dmMUkJJPeqSlNTOx+3oULCBo2BE4qzW1tdnXbkxyEjnTjAY kGAB87StwBQm6IIC7in4qMP+fnf8SjTGs9B7/6j+M7xoP6oJjoTVZQAID4fEA103Z7JjXCDf+AL AZxOHVghnQLHs= X-Google-Smtp-Source: ABdhPJxI+Hqour84IGwJRyecH+WGxtZoA8BPZ66cgO6Sg4vnSI21WipnrdqroQd+hYQJux/gaMitEZ2ry3p8XEd4OA== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:aa7:9541:0:b029:32c:cefa:123f with SMTP id w1-20020aa795410000b029032ccefa123fmr4057472pfq.24.1627549053947; Thu, 29 Jul 2021 01:57:33 -0700 (PDT) Date: Thu, 29 Jul 2021 16:56:45 +0800 In-Reply-To: <20210729085651.3600926-1-howardchung@google.com> Message-Id: <20210729165211.Bluez.v5.7.I29607be7ac91b0a494ab51713ba14f583eb858ed@changeid> Mime-Version: 1.0 References: <20210729085651.3600926-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v5 07/13] plugins/admin: add admin_policy adapter driver From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds code to register admin_policy driver to adapter when admin plugin is enabled. The following test steps were performed: 1. restart bluetoothd 2. check if "Admin Policy is enabled" in system log Reviewed-by: Miao-chen Chou --- (no changes since v1) plugins/admin.c | 67 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) diff --git a/plugins/admin.c b/plugins/admin.c index 42866bcf7be2..923e08cb836b 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -12,17 +12,84 @@ #include #endif +#include "lib/bluetooth.h" + +#include "src/adapter.h" +#include "src/error.h" #include "src/log.h" #include "src/plugin.h" +#include "src/shared/queue.h" + +/* |policy_data| has the same life cycle as btd_adapter */ +static struct btd_admin_policy { + struct btd_adapter *adapter; + uint16_t adapter_id; +} *policy_data = NULL; + +static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter) +{ + struct btd_admin_policy *admin_policy = NULL; + + admin_policy = g_try_malloc(sizeof(*admin_policy)); + if (!admin_policy) { + btd_error(btd_adapter_get_index(adapter), + "Failed to allocate memory for admin_policy"); + return NULL; + } + + admin_policy->adapter = adapter; + admin_policy->adapter_id = btd_adapter_get_index(adapter); + + return admin_policy; +} + +static void admin_policy_free(void *data) +{ + struct btd_admin_policy *admin_policy = data; + + g_free(admin_policy); +} + +static int admin_policy_adapter_probe(struct btd_adapter *adapter) +{ + if (policy_data) { + btd_warn(policy_data->adapter_id, + "Policy data already exists"); + admin_policy_free(policy_data); + policy_data = NULL; + } + + policy_data = admin_policy_new(adapter); + if (!policy_data) + return -ENOMEM; + + btd_info(policy_data->adapter_id, "Admin Policy has been enabled"); + + return 0; +} + +static struct btd_adapter_driver admin_policy_driver = { + .name = "admin_policy", + .probe = admin_policy_adapter_probe, + .resume = NULL, +}; + static int admin_init(void) { DBG(""); + + return btd_register_adapter_driver(&admin_policy_driver); } static void admin_exit(void) { DBG(""); + + btd_unregister_adapter_driver(&admin_policy_driver); + + if (policy_data) + admin_policy_free(policy_data); } BLUETOOTH_PLUGIN_DEFINE(admin, VERSION, From patchwork Thu Jul 29 08:56:46 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12408149 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 55B5BC4338F for ; Thu, 29 Jul 2021 08:57:44 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3BC9D60F23 for ; Thu, 29 Jul 2021 08:57:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235331AbhG2I5q (ORCPT ); Thu, 29 Jul 2021 04:57:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37554 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235209AbhG2I5o (ORCPT ); Thu, 29 Jul 2021 04:57:44 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 38475C061757 for ; Thu, 29 Jul 2021 01:57:41 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id e145-20020a2550970000b029056eb288352cso6110054ybb.2 for ; Thu, 29 Jul 2021 01:57:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=+YRk0e87Fy4+hULeH4RsY+6kkkKU8k2ny1F7i1QOpA0=; b=hA0zXmS4EE97Jh/MP+iQ5/04JQIYoKfS2r8fnyXW4l3Iqnzm46ja/wrLEzy8NQFxnY itqNTO/gR1/osSGa9T3fJHXlgszn4cuPHzzzEwkOGveD1t2fRo5hhnV4dbYbLVMS/O8T 10eLhPUmG87aZs7o/JORmvHWt8wMr3RJHRYNzLY0u8sEZ++/uo17Cdix6GjIC51QY3MV YaaOt25weuUgKFA7bcw5nsuueNLi/JTBf9EiPhLHKTVeCtW/9egZrIveAgCGjxB/GFBp YPxnqOQiwDjbf2X/aWzdfRitZoCIEt8pbIFTGEzESfktiC/NJHke6xjULpPMOW0KI93J Mc7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=+YRk0e87Fy4+hULeH4RsY+6kkkKU8k2ny1F7i1QOpA0=; b=PgVlACEMT3nilZ4/FZn+Fr+/NqV1l6//r9AdXOTJCdo6G0EWUy52asSfkY7+4na0VC 1xFCtdqt2U3CgODnvLBO5XOjVdgELgvkfEB3ZiXhAT2xqu3sd7tsl8iC10udFkzSavsS UqdulxwB1D3XF8CdrLRNOQERlcLnAFzQAHoolNyo+rJPaJNaeubJqCkuX3Ka5Ut4H2L3 uH8eeKfAqdMHto4sQJGimfZpYCeyD8Kfdrlv6nBYoowXQNbT1xW8BYgCe8vebJKz0aOm I8kNBjOLwnxqGCVDRbcyHp2BoXId15VTix1CD1mxjjn/nc2XA+hcIQr650qQAGqiTlaH vMTA== X-Gm-Message-State: AOAM532TaUZBDgjJV697KG6Mmrvu2bSTITgI9mm1sn3S4xwwXSufrxlX HPYBG/pyhwYHq+pHMICC02xS3jNrh3yxNsQn3G8VZUpEpULbYGyMSyjz8Zmu6B259V/9eJn8jm1 Y9Q9Y7ktq3/4ONl9yvV7DOXp7nAInnJZxb7h3t/pF1ymrvDTqC4iJ6qTNDmW33BeDjkHRxgvCQM nxFccaJdCFbMA= X-Google-Smtp-Source: ABdhPJy73UY5RvYch92NYMmUZOnqdoSwZbkY1SEHYeAm6D+L8oVJHEvRIVYsREvRwLi1qk5Lqvr2cK6pWNekLv1DcQ== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a25:cf0d:: with SMTP id f13mr2247367ybg.57.1627549060376; Thu, 29 Jul 2021 01:57:40 -0700 (PDT) Date: Thu, 29 Jul 2021 16:56:46 +0800 In-Reply-To: <20210729085651.3600926-1-howardchung@google.com> Message-Id: <20210729165211.Bluez.v5.8.Ifbb69dd6e371da3a914049a94615064479b9024b@changeid> Mime-Version: 1.0 References: <20210729085651.3600926-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v5 08/13] plugins/admin: add ServiceAllowList method From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds code to register interface org.bluez.AdminPolicySet1. The interface will provide methods to limit users to operate certain functions of bluez, such as allow/disallow user to taggle adapter power, or only allow users to connect services in the specified list, etc. This patch also implements ServiceAllowlist in org.bluez.AdminPolicySet1. Reviewed-by: Miao-chen Chou --- The following test steps were performed: 1. Set ServiceAllowList to ["1108","110A","110B","110C","110D","110E", "110F","1112","111E","111F","1203"] ( users are only allowed to connect headset ) 2. Turn on paired WF1000XM3, and listen music on Youtube. 3. Turn on paired K830 (LE device), press any key on keyboard. 4. Turn on paired Samsung Bluetooth Keyboard EE-BT550 (BREDR device), press any key on keyboard. 5. Set ServiceAllowList to ["1124","180A","180F","1812"] ( users are only allowed to connect HID devices ) 6. Turn on paired WF1000XM3, and listen music on Youtube. 7. Turn on paired K830 (LE device), press any key on keyboard. 8. Turn on paired Samsung Bluetooth Keyboard EE-BT550 (BREDR device), press any key on keyboard. 9. Set ServiceAllowList to [] ( users are only allowed to connect any device. ) 10. Turn on paired WF1000XM3, and listen music on Youtube. 11. Turn on paired K830 (LE device), press any key on keyboard. 12. Turn on paired Samsung Bluetooth Keyboard EE-BT550 (BREDR device), press any key on keyboard. Expected results: Step 2,7,8,9,10,11 should success, and step 3,4,6 should fail. (no changes since v1) plugins/admin.c | 127 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 126 insertions(+), 1 deletion(-) diff --git a/plugins/admin.c b/plugins/admin.c index 923e08cb836b..1fe2904d93d9 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -12,19 +12,29 @@ #include #endif +#include +#include + #include "lib/bluetooth.h" +#include "lib/uuid.h" #include "src/adapter.h" +#include "src/dbus-common.h" #include "src/error.h" #include "src/log.h" #include "src/plugin.h" #include "src/shared/queue.h" +#define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1" + +static DBusConnection *dbus_conn; + /* |policy_data| has the same life cycle as btd_adapter */ static struct btd_admin_policy { struct btd_adapter *adapter; uint16_t adapter_id; + struct queue *service_allowlist; } *policy_data = NULL; static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter) @@ -40,19 +50,120 @@ static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter) admin_policy->adapter = adapter; admin_policy->adapter_id = btd_adapter_get_index(adapter); + admin_policy->service_allowlist = NULL; return admin_policy; } +static void free_service_allowlist(struct queue *q) +{ + queue_destroy(q, g_free); +} + static void admin_policy_free(void *data) { struct btd_admin_policy *admin_policy = data; + free_service_allowlist(admin_policy->service_allowlist); g_free(admin_policy); } +static struct queue *parse_allow_service_list(struct btd_adapter *adapter, + DBusMessage *msg) +{ + DBusMessageIter iter, arr_iter; + struct queue *uuid_list = NULL; + + dbus_message_iter_init(msg, &iter); + if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_ARRAY) + return NULL; + + uuid_list = queue_new(); + dbus_message_iter_recurse(&iter, &arr_iter); + do { + const int type = dbus_message_iter_get_arg_type(&arr_iter); + char *uuid_param; + bt_uuid_t *uuid; + + if (type == DBUS_TYPE_INVALID) + break; + + if (type != DBUS_TYPE_STRING) + goto failed; + + dbus_message_iter_get_basic(&arr_iter, &uuid_param); + + uuid = g_try_malloc(sizeof(*uuid)); + if (!uuid) + goto failed; + + if (bt_string_to_uuid(uuid, uuid_param)) { + g_free(uuid); + goto failed; + } + + queue_push_head(uuid_list, uuid); + + dbus_message_iter_next(&arr_iter); + } while (true); + + return uuid_list; + +failed: + queue_destroy(uuid_list, g_free); + return NULL; +} + +static bool service_allowlist_set(struct btd_admin_policy *admin_policy, + struct queue *uuid_list) +{ + struct btd_adapter *adapter = admin_policy->adapter; + + if (!btd_adapter_set_allowed_uuids(adapter, uuid_list)) + return false; + + free_service_allowlist(admin_policy->service_allowlist); + admin_policy->service_allowlist = uuid_list; + + return true; +} + +static DBusMessage *set_service_allowlist(DBusConnection *conn, + DBusMessage *msg, void *user_data) +{ + struct btd_admin_policy *admin_policy = user_data; + struct btd_adapter *adapter = admin_policy->adapter; + struct queue *uuid_list = NULL; + const char *sender = dbus_message_get_sender(msg); + + DBG("sender %s", sender); + + /* Parse parameters */ + uuid_list = parse_allow_service_list(adapter, msg); + if (!uuid_list) { + btd_error(admin_policy->adapter_id, + "Failed on parsing allowed service list"); + return btd_error_invalid_args(msg); + } + + if (!service_allowlist_set(admin_policy, uuid_list)) { + free_service_allowlist(uuid_list); + return btd_error_failed(msg, "service_allowlist_set failed"); + } + + return dbus_message_new_method_return(msg); +} + +static const GDBusMethodTable admin_policy_adapter_methods[] = { + { GDBUS_METHOD("SetServiceAllowList", GDBUS_ARGS({ "UUIDs", "as" }), + NULL, set_service_allowlist) }, + { } +}; + static int admin_policy_adapter_probe(struct btd_adapter *adapter) { + const char *adapter_path; + if (policy_data) { btd_warn(policy_data->adapter_id, "Policy data already exists"); @@ -64,8 +175,20 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter) if (!policy_data) return -ENOMEM; - btd_info(policy_data->adapter_id, "Admin Policy has been enabled"); + adapter_path = adapter_get_path(adapter); + if (!g_dbus_register_interface(dbus_conn, adapter_path, + ADMIN_POLICY_SET_INTERFACE, + admin_policy_adapter_methods, NULL, + NULL, policy_data, admin_policy_free)) { + btd_error(policy_data->adapter_id, + "Admin Policy Set interface init failed on path %s", + adapter_path); + return -EINVAL; + } + + btd_info(policy_data->adapter_id, + "Admin Policy Set interface registered"); return 0; } @@ -79,6 +202,8 @@ static int admin_init(void) { DBG(""); + dbus_conn = btd_get_dbus_connection(); + return btd_register_adapter_driver(&admin_policy_driver); } From patchwork Thu Jul 29 08:56:47 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12408151 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id DB23DC4338F for ; Thu, 29 Jul 2021 08:57:47 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C182960EB2 for ; Thu, 29 Jul 2021 08:57:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235349AbhG2I5t (ORCPT ); Thu, 29 Jul 2021 04:57:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37578 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235209AbhG2I5t (ORCPT ); Thu, 29 Jul 2021 04:57:49 -0400 Received: from mail-qk1-x749.google.com (mail-qk1-x749.google.com [IPv6:2607:f8b0:4864:20::749]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4C072C061757 for ; Thu, 29 Jul 2021 01:57:46 -0700 (PDT) Received: by mail-qk1-x749.google.com with SMTP id t191-20020a37aac80000b02903b9402486c5so3402774qke.13 for ; Thu, 29 Jul 2021 01:57:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=AODxBjZj+nI2kbzDyMsrX+mfmhxGjROcT4no+1E+pG8=; b=te0BbBsfxa01qeN4BQE7NDp/P7yzwoFMMgvYv/n+IN417BBMHCLgp5xx04yUgnCyxw 3MgeNDzH5X9r0QnOp3KMEHfTS8UQdNbDMExK9P8ams5MV4FrbSJcAHCVBEZyKkqO+tmN yWRKMZyoBJoUMcVH7Gir1kHK+ljgdCHnUHfgu2d8PhVO1Ur0FtfO/PlplCd/YFSUq/MO jfCcdtDQ2rLu4laSuavnLm/sH85FaV2aVwRSu4VEX5QlWt6DvUw/7ZwocoE9mCQQHL0J 8cmKPVS48WcJssI4F94/nhCy33Pfkliv//2bfHrbkIIyaJboXkp5ugRDLlzRcWeSdVSy Xrrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=AODxBjZj+nI2kbzDyMsrX+mfmhxGjROcT4no+1E+pG8=; b=sATf/Lc3ctL8jt/HvJDhHpL1CXHyJnafrJvCWy0UvUH4v3Ydn7O84Rego4Qqb7NevW NifRqtl9GapfnwvD9hLOoSgvMyrK8z4j2hA6ufd8P56bvQNR9Qi4WjN04PXvpclRGIrW jAOAOIZns8ACagn/qNuc8Hzp+u3cnPlzLopexy0NBBFQSFftvbAMWnadY8nWXiD/VNUk QFDLQ8hNYVA/v+UzjIl3GzFh26Q203ci4sQ7P8uVgpkXPg2Qo9/+ELczLkETV+FyfIeC CTVY7dADhTRqAavL+uYqtVepK2hP7ZVPFvCi4+/9cF8h1tchILA8GMC7sqTrhyjbA7mt 8bDw== X-Gm-Message-State: AOAM533Elkyv+E2MrdhvzKJCqmEYCUCw2hXQJ6kqEbKen/qgPqpGxAHP uvosW0U+JjzAbE/rFv2IG/FHJhL6DBoN1dch3xDF2ZY1KaVBOvFwWPeCONwtbInNjn4b7tSkFnJ 3IP6Kv1Z//LgKbLinlXTKrMIC/JV/8vxOJQGsi2CY/wVWdIk7Yts6pCyTrH014N6tb9SpN2iiOx ldRksH5PItBl4= X-Google-Smtp-Source: ABdhPJxfFTQJd/agB/ez2yBMNc9sETQ/9Q09+V+6YOTXMEDUtb3e9LcqnINkRq/bJ9vmwIV9qNA1MXJD8Be8TiTe5g== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a0c:8386:: with SMTP id k6mr1474207qva.13.1627549065386; Thu, 29 Jul 2021 01:57:45 -0700 (PDT) Date: Thu, 29 Jul 2021 16:56:47 +0800 In-Reply-To: <20210729085651.3600926-1-howardchung@google.com> Message-Id: <20210729165211.Bluez.v5.9.I00fd6c348e4c93501de6de0eae0d23436fd3895b@changeid> Mime-Version: 1.0 References: <20210729085651.3600926-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v5 09/13] plugins/admin: add ServiceAllowList property From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds code to register interface org.bluez.AdminPolicyStatus. The interface will provide read-only properties to indicate the current settings of admin policies. We separate this from AdminPolicySet so that normal clients can check current policy settings while only a few clients can change policies. This patch also adds readonly property ServiceAllowlist to AdminPolicyStatus1, which indicates the current setting of service allowlist. Reviewed-by: Miao-chen Chou --- The following test steps were performed: 1. Set ServiceAllowList to ["1124","180A","180F","1812"] 2. Verify ServiceAllowList is ["1124","180A","180F","1812"] in UUID-128 form 3. Set ServiceAllowList to [] 4. Verify ServiceAllowList is [] (no changes since v1) plugins/admin.c | 58 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) diff --git a/plugins/admin.c b/plugins/admin.c index 1fe2904d93d9..d89a77c8a123 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -27,6 +27,7 @@ #include "src/shared/queue.h" #define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1" +#define ADMIN_POLICY_STATUS_INTERFACE "org.bluez.AdminPolicyStatus1" static DBusConnection *dbus_conn; @@ -151,6 +152,11 @@ static DBusMessage *set_service_allowlist(DBusConnection *conn, return btd_error_failed(msg, "service_allowlist_set failed"); } + g_dbus_emit_property_changed(dbus_conn, + adapter_get_path(policy_data->adapter), + ADMIN_POLICY_STATUS_INTERFACE, + "ServiceAllowList"); + return dbus_message_new_method_return(msg); } @@ -160,6 +166,43 @@ static const GDBusMethodTable admin_policy_adapter_methods[] = { { } }; +void append_service_uuid(void *data, void *user_data) +{ + bt_uuid_t *uuid = data; + DBusMessageIter *entry = user_data; + char uuid_str[MAX_LEN_UUID_STR]; + const char *uuid_str_ptr = uuid_str; + + if (!uuid) { + error("Unexpected NULL uuid data in service_allowlist"); + return; + } + + bt_uuid_to_string(uuid, uuid_str, MAX_LEN_UUID_STR); + dbus_message_iter_append_basic(entry, DBUS_TYPE_STRING, &uuid_str_ptr); +} + +static gboolean property_get_service_allowlist( + const GDBusPropertyTable *property, + DBusMessageIter *iter, void *user_data) +{ + struct btd_admin_policy *admin_policy = user_data; + DBusMessageIter entry; + + dbus_message_iter_open_container(iter, DBUS_TYPE_ARRAY, + DBUS_TYPE_STRING_AS_STRING, &entry); + queue_foreach(admin_policy->service_allowlist, append_service_uuid, + &entry); + dbus_message_iter_close_container(iter, &entry); + + return TRUE; +} + +static const GDBusPropertyTable admin_policy_adapter_properties[] = { + { "ServiceAllowList", "as", property_get_service_allowlist }, + { } +}; + static int admin_policy_adapter_probe(struct btd_adapter *adapter) { const char *adapter_path; @@ -189,6 +232,21 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter) btd_info(policy_data->adapter_id, "Admin Policy Set interface registered"); + + if (!g_dbus_register_interface(dbus_conn, adapter_path, + ADMIN_POLICY_STATUS_INTERFACE, + NULL, NULL, + admin_policy_adapter_properties, + policy_data, admin_policy_free)) { + btd_error(policy_data->adapter_id, + "Admin Policy Status interface init failed on path %s", + adapter_path); + return -EINVAL; + } + + btd_info(policy_data->adapter_id, + "Admin Policy Status interface registered"); + return 0; } From patchwork Thu Jul 29 08:56:48 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12408153 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-23.5 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, UNWANTED_LANGUAGE_BODY,URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CAEB0C4338F for ; Thu, 29 Jul 2021 08:57:54 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id AEFDE60EB2 for ; Thu, 29 Jul 2021 08:57:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235209AbhG2I54 (ORCPT ); Thu, 29 Jul 2021 04:57:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37606 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235347AbhG2I5z (ORCPT ); Thu, 29 Jul 2021 04:57:55 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5DE46C0613C1 for ; Thu, 29 Jul 2021 01:57:51 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id q3-20020a25bfc30000b02905592911c932so5387469ybm.15 for ; Thu, 29 Jul 2021 01:57:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=8kh0kYIyDfN7IZp2L3gpiT2YN98Q7N2b0Om3iMdzQt4=; b=MTcojRoY+wz3AkR+Nmp/vgn5lVkxdAlqfXc8eWrCF9fffF4OYHLdLzU7yi5I5JmGJ9 B+ORNHG0QAI4DOFPKA+/dEOK/SVFMK7Lwqz/jxb1Mqz4uuSFEoJlI652KA6PEsy9C1DX whhcZ3DF5rF+AYsF/yXNalbnNmpQkr8dvqn30twGHtF6BrLtqMWUoQcN+8JDA8G0eDNo B7HOZ91tO9ijiYepPDIXOY1afqfwKlGIPGU66PHdnGKvCoECYxfrspRH/c2PK/VuTwsu OckW6rWTM1KGbquUdUhcW5oaWmdpscZVp5o/SOn1OEYfaYvbe7XK02myKF9jEIqchXh0 yBMQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=8kh0kYIyDfN7IZp2L3gpiT2YN98Q7N2b0Om3iMdzQt4=; b=MCKzLqLXvTF6MdaXb6O3Ghhe+sbvwrkSkqtRHqui6xec6EToqkrPH7hi10aEghvq9+ a6P2oZ1vDEHOIqNDEWBfhNOwUyk47td3VlKmuXEJEf4nW4P95FwBF2vBrFz3q8L5mNDq S+pxV/3OsPgkgjDCsanrXNM7+i0NVS12gLClP3YbFRe7R2H8TdDxX2Y+dJ+1pmFpSqRz Qu85VBBwDVjvEFQHRq5dz6QKrir3yb6+LIpA0xzr1nF32bCbWv/ORFwTk1gXU161W6cV JDhg2mtnN9AGEeYYShk1KEF73L1WfJJduWWpBo3CER2YZnCGnSSl3XzkZbeKTKxst9Aw ya0w== X-Gm-Message-State: AOAM531wGOQsEebAPYna2Mz1X0P6ZH2ccMJ/KN6dnbsaREO/jn1lJ3dz cXPVTWGJyFi+1NjkE1E5lG4GRIxs1O3cdQKd8fIgn/wbaFlfGIyhCgkE4uJolSsOUkSdQgvWpb1 qKL/wE1VoWYlUHuR4fQHDcQahGCTd6FMkaApmrtGDSGa65tWHHy5Z3NPZwWYxAlXwSZoLe+4fo1 jcxboXxCDdNQE= X-Google-Smtp-Source: ABdhPJxc3wJGIVa6ZVzv7lrInY8ei6yST/DmYoVE3G/rYzSJRI57PXduiYYQMDiMAI7fxqAMP99XVYruPJU3aETNKw== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a25:1455:: with SMTP id 82mr5178945ybu.403.1627549070440; Thu, 29 Jul 2021 01:57:50 -0700 (PDT) Date: Thu, 29 Jul 2021 16:56:48 +0800 In-Reply-To: <20210729085651.3600926-1-howardchung@google.com> Message-Id: <20210729165211.Bluez.v5.10.I517e5199ac8019b770c7ee8c92a294ec1c752748@changeid> Mime-Version: 1.0 References: <20210729085651.3600926-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v5 10/13] plugins/admin: add device callbacks From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds callbacks for device added and device removed. It is necessary for implementation of "AffectedByPolicy" property since it needs to register an interface for each device object and unregister it once the device gets removed. Reviewed-by: Miao-chen Chou --- The following test steps were performed: 1. start discovery using UI 2. verify device_data were added by checking system log 3. stop discovery 4. verify device_data were removed after a few seconds by checking system log (no changes since v1) plugins/admin.c | 78 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+) diff --git a/plugins/admin.c b/plugins/admin.c index d89a77c8a123..37dae77ac448 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -20,6 +20,7 @@ #include "src/adapter.h" #include "src/dbus-common.h" +#include "src/device.h" #include "src/error.h" #include "src/log.h" #include "src/plugin.h" @@ -29,7 +30,11 @@ #define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1" #define ADMIN_POLICY_STATUS_INTERFACE "org.bluez.AdminPolicyStatus1" +#define DBUS_BLUEZ_SERVICE "org.bluez" +#define BTD_DEVICE_INTERFACE "org.bluez.Device1" + static DBusConnection *dbus_conn; +static struct queue *devices; /* List of struct device_data objects */ /* |policy_data| has the same life cycle as btd_adapter */ static struct btd_admin_policy { @@ -38,6 +43,11 @@ static struct btd_admin_policy { struct queue *service_allowlist; } *policy_data = NULL; +struct device_data { + struct btd_device *device; + char *path; +}; + static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter) { struct btd_admin_policy *admin_policy = NULL; @@ -203,6 +213,37 @@ static const GDBusPropertyTable admin_policy_adapter_properties[] = { { } }; +static bool device_data_match(const void *a, const void *b) +{ + const struct device_data *data = a; + const struct btd_device *dev = b; + + if (!data) { + error("Unexpected NULL device_data"); + return false; + } + + return data->device == dev; +} + +static void free_device_data(void *data) +{ + struct device_data *device_data = data; + + g_free(device_data->path); + g_free(device_data); +} + +static void remove_device_data(void *data) +{ + struct device_data *device_data = data; + + DBG("device_data for %s removing", device_data->path); + + queue_remove(devices, device_data); + free_device_data(device_data); +} + static int admin_policy_adapter_probe(struct btd_adapter *adapter) { const char *adapter_path; @@ -250,10 +291,45 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter) return 0; } +static void admin_policy_device_added(struct btd_adapter *adapter, + struct btd_device *device) +{ + struct device_data *data; + + if (queue_find(devices, device_data_match, device)) + return; + + data = g_new0(struct device_data, 1); + if (!data) { + btd_error(btd_adapter_get_index(adapter), + "Failed to allocate memory for device_data"); + return; + } + + data->device = device; + data->path = g_strdup(device_get_path(device)); + queue_push_tail(devices, data); + + DBG("device_data for %s added", data->path); +} + +static void admin_policy_device_removed(struct btd_adapter *adapter, + struct btd_device *device) +{ + struct device_data *data; + + data = queue_find(devices, device_data_match, device); + + if (data) + remove_device_data(data); +} + static struct btd_adapter_driver admin_policy_driver = { .name = "admin_policy", .probe = admin_policy_adapter_probe, .resume = NULL, + .device_added = admin_policy_device_added, + .device_removed = admin_policy_device_removed }; static int admin_init(void) @@ -261,6 +337,7 @@ static int admin_init(void) DBG(""); dbus_conn = btd_get_dbus_connection(); + devices = queue_new(); return btd_register_adapter_driver(&admin_policy_driver); } @@ -270,6 +347,7 @@ static void admin_exit(void) DBG(""); btd_unregister_adapter_driver(&admin_policy_driver); + queue_destroy(devices, free_device_data); if (policy_data) admin_policy_free(policy_data); From patchwork Thu Jul 29 08:56:49 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12408155 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-23.5 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, UNWANTED_LANGUAGE_BODY,URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 44EE9C4320A for ; Thu, 29 Jul 2021 08:57:59 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 2A36160EB2 for ; Thu, 29 Jul 2021 08:57:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235347AbhG2I57 (ORCPT ); Thu, 29 Jul 2021 04:57:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37624 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234986AbhG2I56 (ORCPT ); Thu, 29 Jul 2021 04:57:58 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EA3AFC061757 for ; Thu, 29 Jul 2021 01:57:55 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id o3-20020a2541030000b0290557cf3415f8so6204483yba.1 for ; Thu, 29 Jul 2021 01:57:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=gqdjgkdvhVGOQ8cQC92B+9Kplw3M+NU1zcw9w0/LQHU=; b=RWfhKqZOLJO2fU+Z7zybLDpYHtC8u0yQq0GG2eIVj7dTeNlS2sX/+33o7NTIG+5QJx O4FONA5hMtBXBquTYZwFpq5+kHddF2l7onUp1D6lU9MhIxy/XW1bHk1By5ZyqK5LPh/W 5zliv/h07r7lZ3yF0pAi0Q9N+3BmHa/65HYfFT7I87/x9Tcy8sR45VSZaYzGvG5H/yh6 UMgVr2IYUZGhy3ri8MtOYXQ9f1wbEa1g5LUg/Sn417KWgr+ryCKruDf1Hk9fWjwCNmXd WLGjEwycvLWF/4ssRpCwmQ5j+zPBulZzxCPdD2wr0vEkB8qmQd1WyikCMX4h8AotBCtZ 5KQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=gqdjgkdvhVGOQ8cQC92B+9Kplw3M+NU1zcw9w0/LQHU=; b=KCCsexju4BkTzU3oiWtUUjBNQp5KEtal8PyjsIOWMVCghwpqVCJei/mTIvt/XRLN/c 5Bt8vnuh26fWt/NL7nc+0aSGyg3StMd/20cdoBKrjdvBHGaaVYdb3+Ifn4LS3UPr5UDL 55JLxiK23+YC3fbBNHAsaJSZKq4lqbgwMP0T7ekf7Xn3sh1v7o/b3rewRoYHYvp/rGrA eKDFrfdpWnWCJ3f2trUYv5DewJLRVpbavCdZEL1Kc0Wf4eveSXTsUEtjuwelPxaIRqLX x/qQHHlkW/p+fxLkeJq7glLnTtcPG4obymSEdYWrgZ31Vhp5UOyfLAkriEg24H7AorgQ igvA== X-Gm-Message-State: AOAM532/4/qhS6SbxseetgoXpvFyPVQUz7M5wmLTOdD18WzhwqiJltim EXtiADSbbE4kqn4WbF5W1isI4u/rlO/MgbpyM6NbhZecZl88RcykOOZvkTSK0mKytFu5lBDVRGL SmqZ/byx9+eYc0Aeqf4IYCEtYmhp9OsK6fhD/VQbdCWXQBYVC6SE3K4YLOBAQW9gO/Hckvf9zN5 E3sbZ89VhEZ8Q= X-Google-Smtp-Source: ABdhPJw/tvuCiDtMz6BZN1VOfXqWyEA9CsX28gIyYCNUbigS2M5M0j3WJdwmVTZy9vJOzyID21Q1N6Vvt+7YlpJk0A== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a25:ac3:: with SMTP id 186mr5586031ybk.436.1627549075110; Thu, 29 Jul 2021 01:57:55 -0700 (PDT) Date: Thu, 29 Jul 2021 16:56:49 +0800 In-Reply-To: <20210729085651.3600926-1-howardchung@google.com> Message-Id: <20210729165211.Bluez.v5.11.I570c860f59c8ed66ddb31aa54584ee08080aa10c@changeid> Mime-Version: 1.0 References: <20210729085651.3600926-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v5 11/13] plugins/admin: add AffectedByPolicy property From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds property to indicate if a device has any service that is being blocked by admin policy. Reviewed-by: Miao-chen Chou --- The following test steps were performed: 1. Set ServiceAllowList to [] 2. Verify AffectedByPolicy of K830 is False 3. Set ServiceAllowList to ["1800"] 4. Verify AffectedByPolicy of K830 is False 5. Set ServiceAllowList to ["1800","1801","180A","180F","1812"] 6. Verify AffectedByPolicy of K830 is True (no changes since v1) plugins/admin.c | 73 +++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 71 insertions(+), 2 deletions(-) diff --git a/plugins/admin.c b/plugins/admin.c index 37dae77ac448..653195a0e20b 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -46,6 +46,7 @@ static struct btd_admin_policy { struct device_data { struct btd_device *device; char *path; + bool affected; }; static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter) @@ -139,6 +140,27 @@ static bool service_allowlist_set(struct btd_admin_policy *admin_policy, return true; } +static void update_device_affected(void *data, void *user_data) +{ + struct device_data *dev_data = data; + bool affected; + + if (!dev_data) { + error("Unexpected NULL device_data when updating device"); + return; + } + + affected = !btd_device_all_services_allowed(dev_data->device); + + if (affected == dev_data->affected) + return; + + dev_data->affected = affected; + + g_dbus_emit_property_changed(dbus_conn, dev_data->path, + ADMIN_POLICY_STATUS_INTERFACE, "AffectedByPolicy"); +} + static DBusMessage *set_service_allowlist(DBusConnection *conn, DBusMessage *msg, void *user_data) { @@ -167,6 +189,8 @@ static DBusMessage *set_service_allowlist(DBusConnection *conn, ADMIN_POLICY_STATUS_INTERFACE, "ServiceAllowList"); + queue_foreach(devices, update_device_affected, NULL); + return dbus_message_new_method_return(msg); } @@ -226,6 +250,28 @@ static bool device_data_match(const void *a, const void *b) return data->device == dev; } +static gboolean property_get_affected_by_policy( + const GDBusPropertyTable *property, + DBusMessageIter *iter, void *user_data) +{ + struct device_data *data = user_data; + + if (!data) { + error("Unexpected error: device_data is NULL"); + return FALSE; + } + + dbus_message_iter_append_basic(iter, DBUS_TYPE_BOOLEAN, + &data->affected); + + return TRUE; +} + +static const GDBusPropertyTable admin_policy_device_properties[] = { + { "AffectedByPolicy", "b", property_get_affected_by_policy }, + { } +}; + static void free_device_data(void *data) { struct device_data *device_data = data; @@ -308,11 +354,33 @@ static void admin_policy_device_added(struct btd_adapter *adapter, data->device = device; data->path = g_strdup(device_get_path(device)); + data->affected = !btd_device_all_services_allowed(data->device); + + if (!g_dbus_register_interface(dbus_conn, data->path, + ADMIN_POLICY_STATUS_INTERFACE, + NULL, NULL, + admin_policy_device_properties, + data, remove_device_data)) { + btd_error(btd_adapter_get_index(adapter), + "Admin Policy Status interface init failed on path %s", + device_get_path(device)); + free_device_data(data); + return; + } + queue_push_tail(devices, data); DBG("device_data for %s added", data->path); } +static void unregister_device_data(void *data, void *user_data) +{ + struct device_data *dev_data = data; + + g_dbus_unregister_interface(dbus_conn, dev_data->path, + ADMIN_POLICY_STATUS_INTERFACE); +} + static void admin_policy_device_removed(struct btd_adapter *adapter, struct btd_device *device) { @@ -321,7 +389,7 @@ static void admin_policy_device_removed(struct btd_adapter *adapter, data = queue_find(devices, device_data_match, device); if (data) - remove_device_data(data); + unregister_device_data(data, NULL); } static struct btd_adapter_driver admin_policy_driver = { @@ -347,7 +415,8 @@ static void admin_exit(void) DBG(""); btd_unregister_adapter_driver(&admin_policy_driver); - queue_destroy(devices, free_device_data); + queue_foreach(devices, unregister_device_data, NULL); + queue_destroy(devices, g_free); if (policy_data) admin_policy_free(policy_data); From patchwork Thu Jul 29 08:56:50 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12408159 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-23.5 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, UNWANTED_LANGUAGE_BODY,URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id AB90DC4338F for ; Thu, 29 Jul 2021 08:58:07 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 90F4660EB2 for ; Thu, 29 Jul 2021 08:58:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235319AbhG2I6I (ORCPT ); Thu, 29 Jul 2021 04:58:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37656 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235360AbhG2I6E (ORCPT ); Thu, 29 Jul 2021 04:58:04 -0400 Received: from mail-qk1-x74a.google.com (mail-qk1-x74a.google.com [IPv6:2607:f8b0:4864:20::74a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F1EF0C0613CF for ; Thu, 29 Jul 2021 01:58:00 -0700 (PDT) Received: by mail-qk1-x74a.google.com with SMTP id o2-20020a05620a1102b02903b9ade0af31so2970833qkk.1 for ; Thu, 29 Jul 2021 01:58:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=0QDopm0L/q3Z/j2R8nh2/NeLdgKE4fzsVpgzTIUa/ag=; b=H9Bit7SNGVDFu+9NIkB1YfMjLrVymnJbLyHnQB/E9R1zbJ9Gqzn/Jdi2IkWjSpCJFX hrE1qyAqnunzP0mJg8R/OcV6vpO/FTDJirsQ9RkbfopsgP9igSzlZv2NAfyAQUHHJIbG E4bBtmOR+fkC2zd6hMuUhWBkCNML/Ml522eVlGhrjW/kq8jh271ykohd9gEsp1cgn/vx FeqA0QfiN6hCL9lCr70y1HjQC8EvMHMwujTPrz7oNpioTii074de/hSo1WbJzsYSDJkF h1PJFXEmdpcK4ARzrhoImXRQyZoAIuEYRT3RDV3E88cGWTUpjCcn+86HjdwJQeWaX+Wy a20g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=0QDopm0L/q3Z/j2R8nh2/NeLdgKE4fzsVpgzTIUa/ag=; b=JOBLxjJmIhSP34d0bpYOzW2lEAUgmqd8Pm5MjLISaU3vh/qgqFS8/PnSwvKzc5hjYd Vh9i74i2w4krg5l6UlXDI2Mo3zCcAlvszvoBxZ70pqyhO5mV5mPoAhT7vYDm+9JYlfWe l5UxM+4ymV36p+9we99QdcdFFRJ9uTBoFMCuYxWvYZZcGIJmvWD8A3OqciPpsCc6VB7U PqpFU/Gz/72F8HXbUPtPYGrh1b1fvohoU0nEvBcV2VrLPbRY6ivYasmP/6Wbmna+pWcH Q0arnq1krPfEiBU3M5PL+cELRIytOYoNgnoiDn3iE+lU82vlekUuGnKmEEP/MPectNeQ NjtA== X-Gm-Message-State: AOAM531/azEqY7UZwL8cu51PokbHCFld3TTldDMz+pkxTrrIMvWmBwXy IwvmA0p+dhDKOquE//VSGswef71iVAN6dodLaJFRidiiFoQU/J7q6toR8xCaodBuYLdUdne8wAt kIfbqpyBGNcqlr7ofIKL5ACdCOhNtnhwrXDFGnCh5vtCaHqEOJ7SfmUyi5jOLIGE+d8Ej4vIfK3 LBT+se4qLGCUY= X-Google-Smtp-Source: ABdhPJyqNBrCvcbZU5/oUebU+co3TLap32QcxjcXixoAuzpfgNLZFosj/9VSV8BoZzd6Numd3Vv7eubgkdmawlIEUA== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a05:6214:3001:: with SMTP id ke1mr1762272qvb.52.1627549079985; Thu, 29 Jul 2021 01:57:59 -0700 (PDT) Date: Thu, 29 Jul 2021 16:56:50 +0800 In-Reply-To: <20210729085651.3600926-1-howardchung@google.com> Message-Id: <20210729165211.Bluez.v5.12.Ib26c0abdbd417673a8b5788c175c06110726a68c@changeid> Mime-Version: 1.0 References: <20210729085651.3600926-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v5 12/13] plugins/admin: persist policy settings From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds code to store the ServiceAllowlist to file /var/lib/bluetooth/{MAC_ADDR}/admin_policy The stored settings will be loaded upon admin_policy initialized. Reviewed-by: Miao-chen Chou --- The following test steps were performed: 1. Set ServiceAllowlist to ["1124","180A","180F","1812", "1801"] 2. restart bluetoothd 3. Verify ServiceAllowlist is ["1124","180A","180F","1812","1801"] in UUID-128 form 4. Set ServiceAllowlist to [] 5. restart bluetoothd 6. Verify ServiceAllowlist is [] (no changes since v1) plugins/admin.c | 169 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 167 insertions(+), 2 deletions(-) diff --git a/plugins/admin.c b/plugins/admin.c index 653195a0e20b..22500c3b7448 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -14,6 +14,9 @@ #include #include +#include +#include +#include #include "lib/bluetooth.h" #include "lib/uuid.h" @@ -24,11 +27,13 @@ #include "src/error.h" #include "src/log.h" #include "src/plugin.h" +#include "src/textfile.h" #include "src/shared/queue.h" #define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1" #define ADMIN_POLICY_STATUS_INTERFACE "org.bluez.AdminPolicyStatus1" +#define ADMIN_POLICY_STORAGE STORAGEDIR "/admin_policy_settings" #define DBUS_BLUEZ_SERVICE "org.bluez" #define BTD_DEVICE_INTERFACE "org.bluez.Device1" @@ -161,6 +166,8 @@ static void update_device_affected(void *data, void *user_data) ADMIN_POLICY_STATUS_INTERFACE, "AffectedByPolicy"); } +static void store_policy_settings(struct btd_admin_policy *admin_policy); + static DBusMessage *set_service_allowlist(DBusConnection *conn, DBusMessage *msg, void *user_data) { @@ -179,7 +186,9 @@ static DBusMessage *set_service_allowlist(DBusConnection *conn, return btd_error_invalid_args(msg); } - if (!service_allowlist_set(admin_policy, uuid_list)) { + if (service_allowlist_set(admin_policy, uuid_list)) { + store_policy_settings(admin_policy); + } else { free_service_allowlist(uuid_list); return btd_error_failed(msg, "service_allowlist_set failed"); } @@ -200,7 +209,7 @@ static const GDBusMethodTable admin_policy_adapter_methods[] = { { } }; -void append_service_uuid(void *data, void *user_data) +static void append_service_uuid(void *data, void *user_data) { bt_uuid_t *uuid = data; DBusMessageIter *entry = user_data; @@ -237,6 +246,161 @@ static const GDBusPropertyTable admin_policy_adapter_properties[] = { { } }; +static void free_uuid_strings(char **uuid_strs, gsize num) +{ + gsize i; + + for (i = 0; i < num; i++) + g_free(uuid_strs[i]); + g_free(uuid_strs); +} + +static char **new_uuid_strings(struct queue *allowlist, gsize *num) +{ + const struct queue_entry *entry = NULL; + bt_uuid_t *uuid = NULL; + char **uuid_strs = NULL; + gsize i = 0, allowlist_num; + + /* Set num to a non-zero number so that whoever call this could know if + * this function success or not + */ + *num = 1; + + allowlist_num = queue_length(allowlist); + uuid_strs = g_try_malloc_n(allowlist_num, sizeof(char *)); + if (!uuid_strs) + return NULL; + + for (entry = queue_get_entries(allowlist); entry != NULL; + entry = entry->next) { + uuid = entry->data; + uuid_strs[i] = g_try_malloc0(MAX_LEN_UUID_STR * sizeof(char)); + + if (!uuid_strs[i]) + goto failed; + + bt_uuid_to_string(uuid, uuid_strs[i], MAX_LEN_UUID_STR); + i++; + } + + *num = allowlist_num; + return uuid_strs; + +failed: + free_uuid_strings(uuid_strs, i); + + return NULL; +} + +static void store_policy_settings(struct btd_admin_policy *admin_policy) +{ + GKeyFile *key_file = NULL; + char *filename = ADMIN_POLICY_STORAGE; + char *key_file_data = NULL; + char **uuid_strs = NULL; + gsize length, num_uuids; + + key_file = g_key_file_new(); + + uuid_strs = new_uuid_strings(admin_policy->service_allowlist, + &num_uuids); + + if (!uuid_strs && num_uuids) { + btd_error(admin_policy->adapter_id, + "Failed to allocate uuid strings"); + goto failed; + } + + g_key_file_set_string_list(key_file, "General", "ServiceAllowlist", + (const gchar * const *)uuid_strs, + num_uuids); + + if (create_file(ADMIN_POLICY_STORAGE, 0600) < 0) { + btd_error(admin_policy->adapter_id, "create %s failed, %s", + filename, strerror(errno)); + goto failed; + } + + key_file_data = g_key_file_to_data(key_file, &length, NULL); + g_file_set_contents(ADMIN_POLICY_STORAGE, key_file_data, length, NULL); + + g_free(key_file_data); + free_uuid_strings(uuid_strs, num_uuids); + +failed: + g_key_file_free(key_file); +} + +static void key_file_load_service_allowlist(GKeyFile *key_file, + struct btd_admin_policy *admin_policy) +{ + GError *gerr = NULL; + struct queue *uuid_list = NULL; + gchar **uuids = NULL; + gsize num, i; + + uuids = g_key_file_get_string_list(key_file, "General", + "ServiceAllowlist", &num, &gerr); + + if (gerr) { + btd_error(admin_policy->adapter_id, + "Failed to load ServiceAllowlist"); + g_error_free(gerr); + return; + } + + uuid_list = queue_new(); + for (i = 0; i < num; i++) { + bt_uuid_t *uuid = g_try_malloc(sizeof(*uuid)); + + if (!uuid) + goto failed; + + if (bt_string_to_uuid(uuid, *uuids)) { + + btd_error(admin_policy->adapter_id, + "Failed to convert '%s' to uuid struct", + *uuids); + + g_free(uuid); + goto failed; + } + + queue_push_tail(uuid_list, uuid); + uuids++; + } + + if (!service_allowlist_set(admin_policy, uuid_list)) + goto failed; + + return; +failed: + free_service_allowlist(uuid_list); +} + +static void load_policy_settings(struct btd_admin_policy *admin_policy) +{ + GKeyFile *key_file; + char *filename = ADMIN_POLICY_STORAGE; + struct stat st; + + if (stat(filename, &st) < 0) { + btd_error(admin_policy->adapter_id, + "Failed to get file %s information", + filename); + return; + } + + key_file = g_key_file_new(); + + g_key_file_load_from_file(key_file, filename, 0, NULL); + + key_file_load_service_allowlist(key_file, admin_policy); + + g_key_file_free(key_file); +} + static bool device_data_match(const void *a, const void *b) { const struct device_data *data = a; @@ -305,6 +469,7 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter) if (!policy_data) return -ENOMEM; + load_policy_settings(policy_data); adapter_path = adapter_get_path(adapter); if (!g_dbus_register_interface(dbus_conn, adapter_path, From patchwork Thu Jul 29 08:56:51 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12408157 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 14D0EC4320A for ; Thu, 29 Jul 2021 08:58:08 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id EBF3E6103B for ; Thu, 29 Jul 2021 08:58:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235353AbhG2I6K (ORCPT ); Thu, 29 Jul 2021 04:58:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37676 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235188AbhG2I6I (ORCPT ); Thu, 29 Jul 2021 04:58:08 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A94B8C061757 for ; Thu, 29 Jul 2021 01:58:05 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id a188-20020a25cac50000b029055d47682463so6199555ybg.5 for ; Thu, 29 Jul 2021 01:58:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=GUGK6mf2HhVtnM87+R/s6TG00Oczs2xSvSnRMURkPe8=; b=Z3Ss+ye1KTbMpkDYhuFq071uOoDYnQ7eBKaeMyEhkPhJPJnuoi8g0GhfkOxxPJhRST btP3Ub5Q4kPG2UOYI7m7fh7SGot+DPKs8diIO8c8naogBkSng5YbNUvzLIobBkDgfNNn Ijrzr65Q37ud5xY81rWeRuqwZPcupYiIXOJBKc+zYMQ2KiQRt9g2oI0cct1AITpxPMKc ObQB1L6DHGjYvu/VhjpvSC4CLpMmxD0jv25adLMFmv82Q4HPXfcqCi8xfmRfEaOc5xml RKO3BrJ3Mfh3/tZoxL5IeW6V2A0diO8FA0zq3r7jf4hhRYljqIxfZhBYaJIvx31e7Cpg wVJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=GUGK6mf2HhVtnM87+R/s6TG00Oczs2xSvSnRMURkPe8=; b=D03wStnHhzCn6Q1wHmPO2iLRahJekEkbRonikVoOG6hyB66VLFTu3oiWFiTChIO+TH PTLYf5T7fdGtdYhvifaB05kL60pAReH4Hty3KY/BQN27vDKGW19LmNV4WfHeJtbl5Du1 9QN5RQ4qt0ELhl5KgUlpDJON+mtJbS1fzZht/0Vt/c5RyhhHPMfDOz+6acGYQIKT09EZ XAo1dptvWBRcUdkns4Gf/X3poGcfQI4nhR4sVlniBtY7Iwf4QAzKuyv4LA1n/AyntAgT BlQrGFMnxg+rFC4OPNWi97cI7Ji2T2TiDVz4SCIgSHIR4PHikUY7Dwv+DvfconrFPHTv vQTA== X-Gm-Message-State: AOAM530IZ+BTzHaCN1wYDPJS5I8N4UsNTXdHnO/5WkDAXp9HYnmF7lQc NVAQLhV1kvdoSOgmeuurMS4cn0Gkdx7YsjsRjot5DWVgwc7aYlPLtRkgkYMWEfURon2bJxgKWZ6 BvOjBSf//45UhuLfDIpvdO7c91zjakAHYANarKeqPsjDiQBYakpPrrXn0beSZThbScQTGusZ8MA uEDCBmGmpS99Q= X-Google-Smtp-Source: ABdhPJwAnu3D9IPkKHCfEUNA4F5opyxViLnEGLEXJU+yUVwjEBGxsB6fIb1FLlfMmxmICGsVxfv4ZYBkIqHD+P0UzQ== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ff72:1420:4502:fdaf]) (user=howardchung job=sendgmr) by 2002:a25:cc0c:: with SMTP id l12mr5400449ybf.152.1627549084820; Thu, 29 Jul 2021 01:58:04 -0700 (PDT) Date: Thu, 29 Jul 2021 16:56:51 +0800 In-Reply-To: <20210729085651.3600926-1-howardchung@google.com> Message-Id: <20210729165211.Bluez.v5.13.I433ab6a7ac1d4f8f8dea496ac14bdbf3597015d3@changeid> Mime-Version: 1.0 References: <20210729085651.3600926-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v5 13/13] doc: add description of admin policy From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds admin-policy-api.txt. Reviewed-by: Miao-chen Chou --- (no changes since v1) doc/admin-policy-api.txt | 65 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 doc/admin-policy-api.txt diff --git a/doc/admin-policy-api.txt b/doc/admin-policy-api.txt new file mode 100644 index 000000000000..3f116901dbd7 --- /dev/null +++ b/doc/admin-policy-api.txt @@ -0,0 +1,65 @@ +BlueZ D-Bus Admin Policy API description +*********************************** + +This API provides methods to control the behavior of bluez as an administrator. + +Interface AdminPolicySet1 provides methods to set policies. Once the policy is +set successfully, it will affect all clients and stay persistently even after +restarting Bluetooth Daemon. The only way to clear it is to overwrite the +policy with the same method. + +Interface AdminPolicyStatus1 provides readonly properties to indicate the +current values of admin policy. + + +Admin Policy Set hierarchy +================= + +Service org.bluez +Interface org.bluez.AdminPolicySet1 +Object path [variable prefix]/{hci0,hci1,...} + +Methods void SetServiceAllowList(array{string} UUIDs) + + This method sets the service allowlist by specifying + service UUIDs. + + When SetServiceAllowList is called, bluez will block + incoming and outgoing connections to the service not in + UUIDs for all of the clients. + + Any subsequent calls to this method will supersede any + previously set allowlist values. Calling this method + with an empty array will allow any service UUIDs to be + used. + + The default value is an empty array. + + Possible errors: org.bluez.Error.InvalidArguments + org.bluez.Error.Failed + + +Admin Policy Status hierarchy +================= + +Service org.bluez +Interface org.bluez.AdminPolicyStatus1 +Object path [variable prefix]/{hci0,hci1,...} + +Properties array{string} ServiceAllowList [readonly] + + Current value of service allow list. + + + +Admin Policy Status hierarchy +================= + +Service org.bluez +Interface org.bluez.AdminPolicyStatus1 +Object path [variable prefix]/{hci0,hci1,...}/dev_XX_XX_XX_XX_XX_XX + +Properties bool IsAffectedByPolicy [readonly] + + Indicate if there is any auto-connect profile in this + device is not allowed by admin policy.