From patchwork Mon Aug 2 06:12:38 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12413351 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.2 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1D93BC432BE for ; Mon, 2 Aug 2021 06:13:02 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 02035610A7 for ; Mon, 2 Aug 2021 06:13:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231828AbhHBGNK (ORCPT ); Mon, 2 Aug 2021 02:13:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40298 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229792AbhHBGNJ (ORCPT ); Mon, 2 Aug 2021 02:13:09 -0400 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1BAF9C0613D5 for ; Sun, 1 Aug 2021 23:13:00 -0700 (PDT) Received: by mail-pj1-x1049.google.com with SMTP id lx12-20020a17090b4b0cb0290176d6de7ddbso15326826pjb.9 for ; Sun, 01 Aug 2021 23:13:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=MwKyfsGeyXVNrsYPJAEH0SWM5alYOreGZmOHvTcA5Ug=; b=uGn25qArrz9LcTTbcRcl+rkp7Cl1JYtooE8z1sQOQYg8KGhXWvsWTUX4LzPw0iOiw4 KXYInAJ502hB8S75E+hYsMFELTZmfNQa/AvM7ocP4+xrI9UHxmqDNA85nANA9j3HUlm2 IpFgmhKwcG4wVT782igN1osN+l7ga5nigLILIhcUpqMfE1XeIWntdSApHfLpGPGqSDCT G3We1+s9DBuI2EwCo4ui5CW75dpaJkagZzRED3cs/LqMwRAacDJbBTJUaWrGGPf6aukG j+N8i/TiGBYRSNeXy869pbxxgA0stMhZJ/xpknid703czTGQ9xb2Geow3yQztfqQOV82 ZY6w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=MwKyfsGeyXVNrsYPJAEH0SWM5alYOreGZmOHvTcA5Ug=; b=Xq6mmV0dbXlL12gy7qUbRoPGs+cqDHowE0s9aO6d1UTPekG7uKgUFFMUzqR/pcVWhA BfI6CAWUk11iDC6Yn4A4f4PFkHO8NhcA/RCOFM3IjLQ9jHCEr/mjmHbBrXes8zbbJTw5 vvLj1ehT23A1OXy/8J6fKSmeOcc+8ev15Eb2NmtmAodIPPIDBOUuvKavVTdL1FVISpwN WuFoYYjfALpEkooPestlUSSIHeSbyEDnLNyq/8nB+SmHgnmNZrF0yo86qdukjy67uRj7 ZWmWTi0Im9LV2n65dEeBCQoQOwb8vwu2VXeQZBPvuqnGjJYhEfPQVl7bK+/1KIKkpz2+ 4Fiw== X-Gm-Message-State: AOAM532fWODcYidCII7iAAw6vdXh401FuewBWfaHL/JP9kfRGPk4jM4E nHvTpyx2FjXdEzK8l8nkNFBKf988eFBzDQErOHjN8bJmP3klQQs+KsvDcizwt3GpZ80bhEH+3mA 7NcY7NPMv6I4hSf0E3rYjJ4fLobEkz+LUnYk8HgiToQFbwjX27HY1zws0plr4+urjaoRctx4lIA +4WRfW9SJpYLM= X-Google-Smtp-Source: ABdhPJxaJBV1ifw6RAHMg8IygILeSGYM2WHhoTAqZyyouMkXMudYHK3w+IIsm0gImBNmTgxifpA4G6KeeYbyIJEZBg== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:9f82:5515:89:f2cb]) (user=howardchung job=sendgmr) by 2002:aa7:9e0d:0:b029:3a9:e8dc:2085 with SMTP id y13-20020aa79e0d0000b02903a9e8dc2085mr15438016pfq.73.1627884779301; Sun, 01 Aug 2021 23:12:59 -0700 (PDT) Date: Mon, 2 Aug 2021 14:12:38 +0800 In-Reply-To: <20210802061250.170975-1-howardchung@google.com> Message-Id: <20210802141140.Bluez.v7.1.Ic71b1ed97538a06d02425ba502690bdab1c5d836@changeid> Mime-Version: 1.0 References: <20210802061250.170975-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v7 01/13] core: add is_allowed property in btd_service From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds is_allowed property in btd_service. When is_allowed is set to false, calling btd_service_connect and service_accept will fail and the existing service connection gets disconnected. Reviewed-by: Miao-chen Chou --- Changes in v7: - Fix compiler errors in profiles/hdp.c Changes in v6: - include instead of in plugins/admin.c Changes in v5: - Fix compiler errors in plugins/admin.c Changes in v4: - Update commit message (admin_policy -> admin) - remove old plugins/admin_policy.c Changes in v3: - Rename plugins/admin_policy.c -> plugins/admin.c - Use device_added callback in btd_adapter_driver instead of listen for dbus - Add authorization method in profiles/health/mcap.c and block incoming connections in adapter authorization function. Changes in v2: - Move bt_uuid_hash and bt_uuid_equal functions to adapter.c. - Modify the criteria to say a device is `Affected` from any-of-uuid to any-of-auto-connect-profile. - Remove the code to remove/reprobe disallowed/allowed profiles, instead, check if the service is allowed in bt_io_accept connect_cb. - Fix a typo in emit_property_change in plugin/admin_policy.c:set_service_allowlist - Instead of using device_state_cb, utilize D-BUS client to watch device added/removed. - Add a document in doc/ src/service.c | 39 +++++++++++++++++++++++++++++++++++++++ src/service.h | 2 ++ 2 files changed, 41 insertions(+) diff --git a/src/service.c b/src/service.c index 21a52762e637..929d6c136b6d 100644 --- a/src/service.c +++ b/src/service.c @@ -41,6 +41,7 @@ struct btd_service { void *user_data; btd_service_state_t state; int err; + bool is_allowed; }; struct service_state_callback { @@ -133,6 +134,7 @@ struct btd_service *service_create(struct btd_device *device, service->device = device; /* Weak ref */ service->profile = profile; service->state = BTD_SERVICE_STATE_UNAVAILABLE; + service->is_allowed = true; return service; } @@ -186,6 +188,18 @@ int service_accept(struct btd_service *service) if (!service->profile->accept) return -ENOSYS; + if (!service->is_allowed) { + info("service %s is not allowed", + service->profile->remote_uuid); + return -ECONNABORTED; + } + + if (!service->is_allowed) { + info("service %s is not allowed", + service->profile->remote_uuid); + return -ECONNABORTED; + } + err = service->profile->accept(service); if (!err) goto done; @@ -245,6 +259,12 @@ int btd_service_connect(struct btd_service *service) return -EBUSY; } + if (!service->is_allowed) { + info("service %s is not allowed", + service->profile->remote_uuid); + return -ECONNABORTED; + } + err = profile->connect(service); if (err == 0) { change_state(service, BTD_SERVICE_STATE_CONNECTING, 0); @@ -361,6 +381,25 @@ bool btd_service_remove_state_cb(unsigned int id) return false; } +void btd_service_set_allowed(struct btd_service *service, bool allowed) +{ + if (allowed == service->is_allowed) + return; + + service->is_allowed = allowed; + + if (!allowed && (service->state == BTD_SERVICE_STATE_CONNECTING || + service->state == BTD_SERVICE_STATE_CONNECTED)) { + btd_service_disconnect(service); + return; + } +} + +bool btd_service_is_allowed(struct btd_service *service) +{ + return service->is_allowed; +} + void btd_service_connecting_complete(struct btd_service *service, int err) { if (service->state != BTD_SERVICE_STATE_DISCONNECTED && diff --git a/src/service.h b/src/service.h index 88530cc17d53..5a2a02447b24 100644 --- a/src/service.h +++ b/src/service.h @@ -51,6 +51,8 @@ int btd_service_get_error(const struct btd_service *service); unsigned int btd_service_add_state_cb(btd_service_state_cb cb, void *user_data); bool btd_service_remove_state_cb(unsigned int id); +void btd_service_set_allowed(struct btd_service *service, bool allowed); +bool btd_service_is_allowed(struct btd_service *service); /* Functions used by profile implementation */ void btd_service_connecting_complete(struct btd_service *service, int err); From patchwork Mon Aug 2 06:12:39 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12413353 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.2 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id F1C16C4338F for ; Mon, 2 Aug 2021 06:13:05 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D3DA860EE8 for ; Mon, 2 Aug 2021 06:13:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231649AbhHBGNN (ORCPT ); Mon, 2 Aug 2021 02:13:13 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40322 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229792AbhHBGNN (ORCPT ); Mon, 2 Aug 2021 02:13:13 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3359CC06175F for ; Sun, 1 Aug 2021 23:13:04 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id a188-20020a25cac50000b029055d47682463so18261123ybg.5 for ; Sun, 01 Aug 2021 23:13:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=lcgnPP5ww4lJRDXdTTx6Q4PYdYcLCGwV1/+vXOgA96w=; b=gtZDJpzwTnoplfjReeTX5BsL+wc0jWhhwhjagQzKwqKv/IIjxdiNMuRfCEfWcwIfCO iGBUESM3q4VcaDEVvnu6q1KQzaEtNdCkzARr9oWXW4rvoll4MvlHaXynnF+OJeSfGuIZ p8cgWJHuoSWltBPVepF0qZMY2TInF3L+S+wBggnN5MeQ/5WKu0zBbQwl1MIHtWyUMXia iZeYxwSE/BVz6di7SIDV+DSlWN4rb1kjdVIY1WIS33HI9aeVGp1qVMr1JscQHxJ11fsG cakrsAZccukZROe0rmavmVWxDz74Mx4DbZn1wcEXvg7JfY8PQcJY8HbFk3dj96Y13fXh NB7g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=lcgnPP5ww4lJRDXdTTx6Q4PYdYcLCGwV1/+vXOgA96w=; b=f2jPgI9jHY2ztiSlau1X8z3uNRRFxP+erNH7yIG+t9qQia+hrgjcWONNUP3ahUYwxI KTqUjP9XoqVGWSwWajj1WmfwxypsNkeYhQvzJMU2xX8X5506HWmWyCKid+2GWNR3uXxb etbExcuxpEbN0xI54zMIgv4a6rUytUnSpEJKuEflwSFWfDPwU6Q/t7seSODAP25DYhX+ bsf97GGTvg7vh/CvjEJD6AmrmeY8/rJBucE4ILov/CwYHgOPBrWdTiQF9LFYZCn9HRWG I8ZU8fs+6/mY3+5C8vyGevu4bw20fGTCx0uySesAA4MNZIIA6Q+IAf0TWhiiuZNXg8mA J0Ew== X-Gm-Message-State: AOAM5330qu2VrhNzC/klK5rB5SdsUBkKs7Ho7KheEbEj0Cr/8ZdJ5EwW qO2ryRFODGLBhJUOd2FDtBxzzoxZr+/ORtAXxiTW7WJl/N48bgubGqQA8jhAJQAQT1YWIW23/LY F61P3dj3CcdL+GBlLxRlTjN4fcLt7cRYpH4CAk/GNWwRHcmb3O3ftkoUA0VCS+Lr+malssyqgfk Nr5Z5eTiLlg64= X-Google-Smtp-Source: ABdhPJwHqjCs22SaPl9GSAXQTU05adSRxLSTOULw2uWzSlJnSnxWqf6TgAA/cSArgYqDWMp789A+4CK6L1qF2JspWA== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:9f82:5515:89:f2cb]) (user=howardchung job=sendgmr) by 2002:a25:f503:: with SMTP id a3mr17912999ybe.501.1627884783304; Sun, 01 Aug 2021 23:13:03 -0700 (PDT) Date: Mon, 2 Aug 2021 14:12:39 +0800 In-Reply-To: <20210802061250.170975-1-howardchung@google.com> Message-Id: <20210802141140.Bluez.v7.2.Ibc0b5f02cb249f9aca9efe45e2dadc5e50b7d89e@changeid> Mime-Version: 1.0 References: <20210802061250.170975-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v7 02/13] core: add adapter and device allowed_uuid functions From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This implements functions in src/adapter.c and src/device.c for plugins setting a list of allowed services. Reviewed-by: Miao-chen Chou --- (no changes since v1) src/adapter.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++ src/adapter.h | 8 +++++ src/device.c | 64 +++++++++++++++++++++++++++++++++++- src/device.h | 2 ++ 4 files changed, 163 insertions(+), 1 deletion(-) diff --git a/src/adapter.c b/src/adapter.c index 663b778e4a5d..c7fe27d19a5d 100644 --- a/src/adapter.c +++ b/src/adapter.c @@ -260,6 +260,8 @@ struct btd_adapter { struct btd_battery_provider_manager *battery_provider_manager; + GHashTable *allowed_uuid_set; /* Set of allowed service UUIDs */ + gboolean initialized; GSList *pin_callbacks; @@ -3489,6 +3491,93 @@ static DBusMessage *connect_device(DBusConnection *conn, return NULL; } +static void update_device_allowed_services(void *data, void *user_data) +{ + struct btd_device *device = data; + + btd_device_update_allowed_services(device); +} + +static void add_uuid_to_uuid_set(void *data, void *user_data) +{ + bt_uuid_t *uuid = data; + GHashTable *uuid_set = user_data; + + if (!uuid) { + error("Found NULL in UUID allowed list"); + return; + } + + g_hash_table_add(uuid_set, uuid); +} + +static guint bt_uuid_hash(gconstpointer key) +{ + const bt_uuid_t *uuid = key; + bt_uuid_t uuid_128; + uint64_t *val; + + if (!uuid) + return 0; + + bt_uuid_to_uuid128(uuid, &uuid_128); + val = (uint64_t *)&uuid_128.value.u128; + + return g_int64_hash(val) ^ g_int64_hash(val+1); +} + +static gboolean bt_uuid_equal(gconstpointer v1, gconstpointer v2) +{ + const bt_uuid_t *uuid1 = v1; + const bt_uuid_t *uuid2 = v2; + + if (!uuid1 || !uuid2) + return !uuid1 && !uuid2; + + return bt_uuid_cmp(uuid1, uuid2) == 0; +} + +bool btd_adapter_set_allowed_uuids(struct btd_adapter *adapter, + struct queue *uuids) +{ + if (!adapter) + return false; + + if (adapter->allowed_uuid_set) + g_hash_table_destroy(adapter->allowed_uuid_set); + + adapter->allowed_uuid_set = g_hash_table_new(bt_uuid_hash, + bt_uuid_equal); + if (!adapter->allowed_uuid_set) { + btd_error(adapter->dev_id, + "Failed to allocate allowed_uuid_set"); + return false; + } + + queue_foreach(uuids, add_uuid_to_uuid_set, adapter->allowed_uuid_set); + g_slist_foreach(adapter->devices, update_device_allowed_services, NULL); + + return true; +} + +bool btd_adapter_is_uuid_allowed(struct btd_adapter *adapter, + const char *uuid_str) +{ + bt_uuid_t uuid; + + if (!adapter || !adapter->allowed_uuid_set) + return true; + + if (bt_string_to_uuid(&uuid, uuid_str)) { + btd_error(adapter->dev_id, + "Failed to parse UUID string '%s'", uuid_str); + return false; + } + + return !g_hash_table_size(adapter->allowed_uuid_set) || + g_hash_table_contains(adapter->allowed_uuid_set, &uuid); +} + static const GDBusMethodTable adapter_methods[] = { { GDBUS_ASYNC_METHOD("StartDiscovery", NULL, NULL, start_discovery) }, { GDBUS_METHOD("SetDiscoveryFilter", @@ -5404,6 +5493,7 @@ static void adapter_free(gpointer user_data) g_free(adapter->stored_alias); g_free(adapter->current_alias); free(adapter->modalias); + g_hash_table_destroy(adapter->allowed_uuid_set); g_free(adapter); } diff --git a/src/adapter.h b/src/adapter.h index 60b5e3bcca34..7cac51451249 100644 --- a/src/adapter.h +++ b/src/adapter.h @@ -25,6 +25,7 @@ struct btd_adapter; struct btd_device; +struct queue; struct btd_adapter *btd_adapter_get_default(void); bool btd_adapter_is_default(struct btd_adapter *adapter); @@ -97,6 +98,8 @@ void adapter_service_remove(struct btd_adapter *adapter, uint32_t handle); struct agent *adapter_get_agent(struct btd_adapter *adapter); +bool btd_adapter_uuid_is_allowed(struct btd_adapter *adapter, const char *uuid); + struct btd_adapter *btd_adapter_ref(struct btd_adapter *adapter); void btd_adapter_unref(struct btd_adapter *adapter); @@ -240,3 +243,8 @@ enum kernel_features { }; bool btd_has_kernel_features(uint32_t feature); + +bool btd_adapter_set_allowed_uuids(struct btd_adapter *adapter, + struct queue *uuids); +bool btd_adapter_is_uuid_allowed(struct btd_adapter *adapter, + const char *uuid_str); diff --git a/src/device.c b/src/device.c index b29aa195d19b..c4a4497da01f 100644 --- a/src/device.c +++ b/src/device.c @@ -1929,6 +1929,56 @@ static int service_prio_cmp(gconstpointer a, gconstpointer b) return p2->priority - p1->priority; } +bool btd_device_all_services_allowed(struct btd_device *dev) +{ + GSList *l; + struct btd_adapter *adapter = dev->adapter; + struct btd_service *service; + struct btd_profile *profile; + + for (l = dev->services; l != NULL; l = g_slist_next(l)) { + service = l->data; + profile = btd_service_get_profile(service); + + if (!profile || !profile->auto_connect) + continue; + + if (!btd_adapter_is_uuid_allowed(adapter, profile->remote_uuid)) + return false; + } + + return true; +} + +void btd_device_update_allowed_services(struct btd_device *dev) +{ + struct btd_adapter *adapter = dev->adapter; + struct btd_service *service; + struct btd_profile *profile; + GSList *l; + bool is_allowed; + char addr[18]; + + /* If service discovery is ongoing, let the service discovery complete + * callback call this function. + */ + if (dev->browse) { + ba2str(&dev->bdaddr, addr); + DBG("service discovery of %s is ongoing. Skip updating allowed " + "services", addr); + return; + } + + for (l = dev->services; l != NULL; l = g_slist_next(l)) { + service = l->data; + profile = btd_service_get_profile(service); + + is_allowed = btd_adapter_is_uuid_allowed(adapter, + profile->remote_uuid); + btd_service_set_allowed(service, is_allowed); + } +} + static GSList *create_pending_list(struct btd_device *dev, const char *uuid) { struct btd_service *service; @@ -1937,9 +1987,14 @@ static GSList *create_pending_list(struct btd_device *dev, const char *uuid) if (uuid) { service = find_connectable_service(dev, uuid); - if (service) + + if (!service) + return dev->pending; + + if (btd_service_is_allowed(service)) return g_slist_prepend(dev->pending, service); + info("service %s is blocked", uuid); return dev->pending; } @@ -1950,6 +2005,11 @@ static GSList *create_pending_list(struct btd_device *dev, const char *uuid) if (!p->auto_connect) continue; + if (!btd_service_is_allowed(service)) { + info("service %s is blocked", p->remote_uuid); + continue; + } + if (g_slist_find(dev->pending, service)) continue; @@ -2633,6 +2693,8 @@ static void device_svc_resolved(struct btd_device *dev, uint8_t browse_type, dev->svc_callbacks); g_free(cb); } + + btd_device_update_allowed_services(dev); } static struct bonding_req *bonding_request_new(DBusMessage *msg, diff --git a/src/device.h b/src/device.h index 4ae9abe0dbb4..5f615cb4b6b2 100644 --- a/src/device.h +++ b/src/device.h @@ -175,5 +175,7 @@ uint32_t btd_device_get_current_flags(struct btd_device *dev); void btd_device_flags_changed(struct btd_device *dev, uint32_t supported_flags, uint32_t current_flags); +bool btd_device_all_services_allowed(struct btd_device *dev); +void btd_device_update_allowed_services(struct btd_device *dev); void btd_device_init(void); void btd_device_cleanup(void); From patchwork Mon Aug 2 06:12:40 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12413355 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-21.2 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5BAA0C4338F for ; Mon, 2 Aug 2021 06:13:10 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 394C660EE8 for ; Mon, 2 Aug 2021 06:13:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232093AbhHBGNS (ORCPT ); Mon, 2 Aug 2021 02:13:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40344 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229792AbhHBGNQ (ORCPT ); Mon, 2 Aug 2021 02:13:16 -0400 Received: from mail-qk1-x749.google.com (mail-qk1-x749.google.com [IPv6:2607:f8b0:4864:20::749]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D34BDC06175F for ; Sun, 1 Aug 2021 23:13:07 -0700 (PDT) Received: by mail-qk1-x749.google.com with SMTP id x12-20020a05620a14acb02903b8f9d28c19so12177399qkj.23 for ; Sun, 01 Aug 2021 23:13:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=F7VJqV3BeiJu665vbWvjgil8eUCIQvMKzwljw5TIy8g=; b=uGc82zsXPPEEKkj+VR67JZA6I3HM8MGm5bjV+ebmcIMTypGWrLqZdXWB6u97RqFki2 7+X1UFWriyRMZaQLbdZdQ161HyvrqcjM5T01n1xj6USfuSYceyaJR7FrxewzcyE3RZSt IzIHvXqAAq30QAzE6z0ERFKwuQlLf5F6DZ3KocMfhyZ0OGQODa+i8LhtHg0zZGEc1lfg ecBj3I+yNgpTi4E9vLabMLcvKaVxoFnjEmncZRL4I18zu9DH9+MQEaYilSZmBXqT7MQq hUe4V4NndavjwRSg7JTnU4sa0Y+S+B/1L83c7eh1FHENZbr4CP+1jxlNEWB1R7uO4U3x gfUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=F7VJqV3BeiJu665vbWvjgil8eUCIQvMKzwljw5TIy8g=; b=dmu5UBPLJK6a8gAeOdqcom1KO639YlFjw6UZLJcOnXvRo/l+JWlLIuBRDwnGtnitI1 X60ty4oO0ca+c20/qa+z96IhXRPG7GotdOqRbXhnWkF8/u8YaFVKN8AfarftWDeJjJIX SX5vKxJDqWYH15QmXbTBehJfK0Cv7y9XIWFc43wr8glL9J8uSqtqO+cOVZ8jBbDbL4os 9TaX9H3SnYbmrt9+YQJCPPBZk/b4NhD8Sw8A2y6yqs+uF8xf6ozFzXkvXYZP/f+weSyd KrFDiIPVkspE7shm5+n/6bLHo+oq8c/bWqjZoPImdr83rSAk9QQ6JTTQF1Rpe/FGVIQ6 QgEg== X-Gm-Message-State: AOAM530s72W83c9EyqY9/STF3p68462SjTG9rPqpeUnU7fyFW8b95pRp Xx/ilMzA1VZbTi3oaT1vJGLaPPTZ/5jEAoGhopPe10Boa+tfWSf5TM1UzUut0FKpUW7hS/qC6Hs yY8713Z2QTcl2rpNhrhSQv9EXrfOz399frVne+MtcWy7TfZCx0uEWpVsxcDFb9RDw7g/r1XdXK4 eCL0s8rsiU+tg= X-Google-Smtp-Source: ABdhPJz6jgYvnSoDg7/F7pKd553uERJ6+YKwWF8iW+wV545uanLlpN43rTq3VisCzWxRvfXO5o5f0xZOqp7OKMJXpQ== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:9f82:5515:89:f2cb]) (user=howardchung job=sendgmr) by 2002:a05:6214:dce:: with SMTP id 14mr9060709qvt.34.1627884786950; Sun, 01 Aug 2021 23:13:06 -0700 (PDT) Date: Mon, 2 Aug 2021 14:12:40 +0800 In-Reply-To: <20210802061250.170975-1-howardchung@google.com> Message-Id: <20210802141140.Bluez.v7.3.If0cf6e1feb9e9cc8106793bcaea60202852d7095@changeid> Mime-Version: 1.0 References: <20210802061250.170975-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v7 03/13] mcap: add adapter authorization From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung Currently mcap is the only profile that doesn't request adatper authorization. This patch adds a argument when creating the mcap instance to set authorize method. The reason why we don't use btd_request_authorization directly like all other profiles is because tools/mcaptest includes the profile/health/mcap.h. If we add dependency to adapter.h in mcap.h, it will make mcaptest depend on adapter and be not able to build independently. --- (no changes since v1) android/health.c | 2 +- profiles/health/hdp.c | 1 + profiles/health/mcap.c | 38 ++++++++++++++++++++++++++++++++++++-- profiles/health/mcap.h | 9 +++++++++ tools/mcaptest.c | 2 +- 5 files changed, 48 insertions(+), 4 deletions(-) diff --git a/android/health.c b/android/health.c index 9a29964b1be2..de50db98e988 100644 --- a/android/health.c +++ b/android/health.c @@ -2008,7 +2008,7 @@ bool bt_health_register(struct ipc *ipc, const bdaddr_t *addr, uint8_t mode) mcl_connected, mcl_reconnected, mcl_disconnected, mcl_uncached, NULL, /* CSP is not used right now */ - NULL, &err); + NULL, NULL, &err); if (!mcap) { error("health: MCAP instance creation failed %s", err->message); g_error_free(err); diff --git a/profiles/health/hdp.c b/profiles/health/hdp.c index 6bc41946fef3..efa8955efaea 100644 --- a/profiles/health/hdp.c +++ b/profiles/health/hdp.c @@ -1347,6 +1347,7 @@ static gboolean update_adapter(struct hdp_adapter *hdp_adapter) mcl_connected, mcl_reconnected, mcl_disconnected, mcl_uncached, NULL, /* CSP is not used by now */ + btd_request_authorization, hdp_adapter, &err); if (hdp_adapter->mi == NULL) { error("Error creating the MCAP instance: %s", err->message); diff --git a/profiles/health/mcap.c b/profiles/health/mcap.c index be13af37a0b8..a7eaba51693a 100644 --- a/profiles/health/mcap.c +++ b/profiles/health/mcap.c @@ -14,6 +14,7 @@ #endif #define _GNU_SOURCE +#include #include #include #include @@ -23,6 +24,7 @@ #include #include "lib/bluetooth.h" +#include "lib/uuid.h" #include "bluetooth/l2cap.h" #include "btio/btio.h" #include "src/log.h" @@ -1980,7 +1982,6 @@ static void set_mcl_conf(GIOChannel *chan, struct mcap_mcl *mcl) mcl->state = MCL_CONNECTED; mcl->role = MCL_ACCEPTOR; mcl->req = MCL_AVAILABLE; - mcl->cc = g_io_channel_ref(chan); mcl->ctrl |= MCAP_CTRL_STD_OP; mcap_sync_init(mcl); @@ -2005,19 +2006,38 @@ static void set_mcl_conf(GIOChannel *chan, struct mcap_mcl *mcl) mcl->mi->mcl_connected_cb(mcl, mcl->mi->user_data); } +static void auth_callback(DBusError *derr, void *user_data) +{ + struct mcap_mcl *mcl = user_data; + + if (derr) { + error("Access denied: %s", derr->message); + goto reject; + } + + set_mcl_conf(mcl->cc, mcl); + return; + +reject: + g_io_channel_shutdown(mcl->cc, TRUE, NULL); + g_io_channel_unref(mcl->cc); +} + static void connect_mcl_event_cb(GIOChannel *chan, GError *gerr, gpointer user_data) { struct mcap_instance *mi = user_data; struct mcap_mcl *mcl; - bdaddr_t dst; + bdaddr_t src, dst; char address[18], srcstr[18]; GError *err = NULL; + guint ret; if (gerr) return; bt_io_get(chan, &err, + BT_IO_OPT_SOURCE_BDADDR, &src, BT_IO_OPT_DEST_BDADDR, &dst, BT_IO_OPT_DEST, address, BT_IO_OPT_INVALID); @@ -2044,6 +2064,18 @@ static void connect_mcl_event_cb(GIOChannel *chan, GError *gerr, mcl->next_mdl = (rand() % MCAP_MDLID_FINAL) + 1; } + mcl->cc = g_io_channel_ref(chan); + if (mi->authorize_cb) { + ret = mi->authorize_cb(&src, &dst, HDP_UUID, auth_callback, + mcl); + if (ret != 0) + return; + + error("HDP: authorization for device %s failed", address); + g_io_channel_unref(mcl->cc); + goto drop; + } + set_mcl_conf(chan, mcl); return; @@ -2060,6 +2092,7 @@ struct mcap_instance *mcap_create_instance(const bdaddr_t *src, mcap_mcl_event_cb mcl_disconnected, mcap_mcl_event_cb mcl_uncached, mcap_info_ind_event_cb mcl_sync_info_ind, + mcap_authorize_cb authorize_cb, gpointer user_data, GError **gerr) { @@ -2089,6 +2122,7 @@ struct mcap_instance *mcap_create_instance(const bdaddr_t *src, mi->mcl_disconnected_cb = mcl_disconnected; mi->mcl_uncached_cb = mcl_uncached; mi->mcl_sync_infoind_cb = mcl_sync_info_ind; + mi->authorize_cb = authorize_cb; mi->user_data = user_data; mi->csp_enabled = FALSE; diff --git a/profiles/health/mcap.h b/profiles/health/mcap.h index 5a94c8b63bea..48b7d7846c57 100644 --- a/profiles/health/mcap.h +++ b/profiles/health/mcap.h @@ -9,6 +9,8 @@ * */ +#include + #define MCAP_VERSION 0x0100 /* current version 01.00 */ /* bytes to get MCAP Supported Procedures */ @@ -249,6 +251,11 @@ typedef void (* mcap_sync_set_cb) (struct mcap_mcl *mcl, GError *err, gpointer data); +typedef void mcap_auth_cb(DBusError *derr, void *user_data); +typedef guint (* mcap_authorize_cb) (const bdaddr_t *src, const bdaddr_t *dst, + const char *uuid, mcap_auth_cb cb, + void *user_data); + struct mcap_mdl_cb { mcap_mdl_event_cb mdl_connected; /* Remote device has created a MDL */ mcap_mdl_event_cb mdl_closed; /* Remote device has closed a MDL */ @@ -271,6 +278,7 @@ struct mcap_instance { mcap_mcl_event_cb mcl_disconnected_cb; /* MCL disconnected */ mcap_mcl_event_cb mcl_uncached_cb; /* MCL has been removed from MCAP cache */ mcap_info_ind_event_cb mcl_sync_infoind_cb; /* (CSP Master) Received info indication */ + mcap_authorize_cb authorize_cb; /* Method to request authorization */ gpointer user_data; /* Data to be provided in callbacks */ int ref; /* Reference counter */ @@ -404,6 +412,7 @@ struct mcap_instance *mcap_create_instance(const bdaddr_t *src, mcap_mcl_event_cb mcl_disconnected, mcap_mcl_event_cb mcl_uncached, mcap_info_ind_event_cb mcl_sync_info_ind, + mcap_authorize_cb authorize_cb, gpointer user_data, GError **gerr); void mcap_release_instance(struct mcap_instance *mi); diff --git a/tools/mcaptest.c b/tools/mcaptest.c index dcef0b908ac8..63ee22149a40 100644 --- a/tools/mcaptest.c +++ b/tools/mcaptest.c @@ -434,7 +434,7 @@ int main(int argc, char *argv[]) mcl_connected, mcl_reconnected, mcl_disconnected, mcl_uncached, NULL, /* CSP is not used right now */ - NULL, &err); + NULL, NULL, &err); if (!mcap) { printf("MCAP instance creation failed %s\n", err->message); From patchwork Mon Aug 2 06:12:41 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12413357 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-21.2 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2C41CC4338F for ; Mon, 2 Aug 2021 06:13:13 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 19BBF610A2 for ; Mon, 2 Aug 2021 06:13:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232127AbhHBGNV (ORCPT ); Mon, 2 Aug 2021 02:13:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40360 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232069AbhHBGNU (ORCPT ); Mon, 2 Aug 2021 02:13:20 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A30B6C06175F for ; Sun, 1 Aug 2021 23:13:11 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id v71-20020a252f4a0000b029055b51419c7dso17971281ybv.23 for ; Sun, 01 Aug 2021 23:13:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=L6lNNaSX6qQORZqT2VoBUMM9LUS7LaDIzlSN+vZ3p6I=; b=ddkLMzzNl3oi3sd5UJx1c7+EXItedK9/+8CUUNGsnphjIWU7+Nhitaxv+FfulDUD3X qFOem8iviLclDogPvc5Tk1UKO4COECPtcj1yri2IDOoUSbgVjMcGYhdN4bCBZ9sfM/g1 d6hPLw77jqxDYAVRVgn8MRn9fuetwIoMZ5G4jWht5IsSA164qQUn4hwvQejyQfpSyy7s 3Om5Wy8JfrUPAQ4GEZqrRpNtqs79+RFPMQBpDHvKj6r1vYel68zoRFPEf7oUF4jwjtii zcVV3u6w3FoimzUn9HkBM18bKQBZMZNw/oOCgM5L+9JVfgJJMeg7Vn5/GAkYcJ6xvr49 ztaA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=L6lNNaSX6qQORZqT2VoBUMM9LUS7LaDIzlSN+vZ3p6I=; b=hwMNKlwk20aAAQwTl74JY5/b526IfzOi3BOgEeHNV82Z3nfXvsqvWhZ1s0N9EuHNZN f0mpi1V74uyBon/kks8/0eWNU0DUnvIfXkXTuOT2DYyR8yXpvuQ1NqvfXKHs6ZgvRpG3 zSALWY8nwInYN6gJS3sOs/OKNQ6w2MXArXauMYKjaCXSMtngrehfEb93RagdM0MO3wzP voIYEuRTLrrAT5XuY3/8zXuWoaxPhwtratL2/RQryE+I6wC0hh5x9yOppcg3zxKWABo3 1nahumzWq/kxjypHianUUh6Lyo0kTCe4duxcHSnT/UIN3EJ+P9q9dVeyTu3rEGVF1z+a InRQ== X-Gm-Message-State: AOAM5326R6nubrY6X1/PzYNRIWBJpav4STFkYOv22VO+N0M9JEm+gVKJ zEaj6Qsn4ugWyXM03N6HUCg68mwm7/crK6QGLM1Az6MTV5hRJmMZccwYiaTD30SoigIITmpkM2b 3aO7oYf/akTIJNk56SgifpDXshtppwdgd1658Vb8wqZVLqbP1cd6opX4GBNIYk78NMsDQf9ImKV 6AfSs5RcpTWZM= X-Google-Smtp-Source: ABdhPJzEi2reB2QkvRgXPspCDMxn06vRFSQNnLuHJbCRdmzu1xM34ZD7AntW2N9QgHsdrGYLBOWUxDXBd6OFTj6f1g== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:9f82:5515:89:f2cb]) (user=howardchung job=sendgmr) by 2002:a25:af81:: with SMTP id g1mr18498936ybh.172.1627884790844; Sun, 01 Aug 2021 23:13:10 -0700 (PDT) Date: Mon, 2 Aug 2021 14:12:41 +0800 In-Reply-To: <20210802061250.170975-1-howardchung@google.com> Message-Id: <20210802141140.Bluez.v7.4.Ia4dc489979e4bf7ffa3421199b1b9fd8d7f00bbc@changeid> Mime-Version: 1.0 References: <20210802061250.170975-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v7 04/13] core: block not allowed UUID connect in auth From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This ensures any incoming profile connection will be blocked if its UUID is not allowed by the following assumption: 1. Each system profile asks adapter authorization when seeing a incoming connection. 2. Each external profile checks if its UUID is allowed by adapter when seeing a incoming connection. --- The following test steps were performed after enabling admin plugin: 1. Set ServiceAllowList to ["1234"]. 2. Turn on a paired classic keyboard. Verify it can not be connected. 3. Set ServiceAllowList to ["1800","1801","180A","180F","1812"] 4. Turn off and turn on the keyboard. Verift it can be connected. (no changes since v1) src/adapter.c | 5 +++++ src/profile.c | 11 +++++++++++ 2 files changed, 16 insertions(+) diff --git a/src/adapter.c b/src/adapter.c index c7fe27d19a5d..6c8096147bdd 100644 --- a/src/adapter.c +++ b/src/adapter.c @@ -7118,6 +7118,11 @@ static gboolean process_auth_queue(gpointer user_data) if (auth->svc_id > 0) return FALSE; + if (!btd_adapter_is_uuid_allowed(adapter, auth->uuid)) { + auth->cb(&err, auth->user_data); + goto next; + } + if (device_is_trusted(device) == TRUE) { auth->cb(NULL, auth->user_data); goto next; diff --git a/src/profile.c b/src/profile.c index 60d17b6ae657..e1bebf1ee19c 100644 --- a/src/profile.c +++ b/src/profile.c @@ -1249,6 +1249,11 @@ static void ext_confirm(GIOChannel *io, gpointer user_data) DBG("incoming connect from %s", addr); + if (!btd_adapter_is_uuid_allowed(adapter_find(&src), uuid)) { + info("UUID %s is not allowed. Igoring the connection", uuid); + return; + } + conn = create_conn(server, io, &src, &dst); if (conn == NULL) return; @@ -1272,6 +1277,7 @@ static void ext_direct_connect(GIOChannel *io, GError *err, gpointer user_data) struct ext_profile *ext = server->ext; GError *gerr = NULL; struct ext_io *conn; + const char *uuid = ext->service ? ext->service : ext->uuid; bdaddr_t src, dst; bt_io_get(io, &gerr, @@ -1285,6 +1291,11 @@ static void ext_direct_connect(GIOChannel *io, GError *err, gpointer user_data) return; } + if (!btd_adapter_is_uuid_allowed(adapter_find(&src), uuid)) { + info("UUID %s is not allowed. Igoring the connection", uuid); + return; + } + conn = create_conn(server, io, &src, &dst); if (conn == NULL) return; From patchwork Mon Aug 2 06:12:42 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12413359 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-21.2 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9B258C4338F for ; Mon, 2 Aug 2021 06:13:16 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7F32F60EE8 for ; Mon, 2 Aug 2021 06:13:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232124AbhHBGNY (ORCPT ); Mon, 2 Aug 2021 02:13:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40380 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229792AbhHBGNY (ORCPT ); Mon, 2 Aug 2021 02:13:24 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 621C4C06175F for ; Sun, 1 Aug 2021 23:13:15 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id f3-20020a25cf030000b029055a2303fc2dso18019095ybg.11 for ; Sun, 01 Aug 2021 23:13:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=Q/e+0IQlyiwFsKtb7qCWpUP84WxAop8SbAryiByocQw=; b=Z0jGA02axnceegZ9cVMyiSZ9Kq/xbrdzPnRzVlTEMz+qKxoKx082Q7xJyUtCJFHkXp r+iBY23cJqiz/Xhr55SUUf2QkuQxX0fQ0Ad34/oBihJlY3h6Q3hZQtQJx3JWp58bb/Cf 5Mtn+pucaYAl7SBNPG0XZoq+hpRObKHuIq6jlwnKfD+ywgbbnLrN3UOcHQ4ap6487Svv 4tU8f0x2O//wt5Ri2ENe9FXW7wVXhE/TGAVXB82zRhWaVP6tpI2GYR1rRdODPqzZDRNs u3py85Os/k785I5oqi7d2HgAg1Adp9DLDQi5ifp8pdRtwV+wdZ2um1nP8sUUcYfDH801 OneA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=Q/e+0IQlyiwFsKtb7qCWpUP84WxAop8SbAryiByocQw=; b=LsiO6/eLdQ9C5lOtGxt/10ZqYK/z2ICKhpCjt+D7gDNU24up43Uy36ncT3kwhQTVj8 pjewr5mYTAB1UynQfTac+pJE/u31ytDJmJsnlYhCEIZ/k3PNauFnv5BM368PvO7H9YGP kMAT+rP8b+/N/tR0QPrW9R53y2h+zApyltmA8c9c0Pus54nuLXZTs9/Odh/+WoYsrHse 1qUXMfAvUwuLYJaq1Zip8VsNnDXskJVq5KN+NtXxuP2bvNeS9WaSAhpaumn/vj7Jw86G jaV1JlAhvT/wIuUC3UxZhGtZX7geGa2xnpSvm8TJz73sOTvuT6ytqSo5VZY5UsItC5/C 0NkA== X-Gm-Message-State: AOAM533lDpveuQtYUH1KhTzGMpyTSj+G51wCI0fTXuewL3PxCkUPH5/O 87hfAeD7YlKaAUww40pVeVwj9YyFxEfMxmhmUME/VKV4v34IkqjR3bvrBBghLKe/ecwtf9PlIXG 1SfriswfxZBYkwdaB+jnAE+iQ91qWhrq7lOuJyqVS/XrkfiD5C0QEELntOkR8KDrP0JzUf9OgMt WYihWSxaGWr/A= X-Google-Smtp-Source: ABdhPJwlDavUZHLz48+ev/LYl337p08Ds9aHdDOUDf5YeWYHUVZx4E4v1ie5iu0+AIhihC5Sg7o9oXC9K1+w3oaJZQ== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:9f82:5515:89:f2cb]) (user=howardchung job=sendgmr) by 2002:a25:dc10:: with SMTP id y16mr19741522ybe.115.1627884794494; Sun, 01 Aug 2021 23:13:14 -0700 (PDT) Date: Mon, 2 Aug 2021 14:12:42 +0800 In-Reply-To: <20210802061250.170975-1-howardchung@google.com> Message-Id: <20210802141140.Bluez.v7.5.Iee308dd18bfdfd3dae9e343e78b3942ee462314f@changeid> Mime-Version: 1.0 References: <20210802061250.170975-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v7 05/13] core: add device_added and device_removed to adapter driver From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds device_added and device_removed to btd_adapter_driver so that a driver can get notification when device is added or removed. --- (no changes since v1) src/adapter.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++----- src/adapter.h | 4 ++++ 2 files changed, 58 insertions(+), 5 deletions(-) diff --git a/src/adapter.c b/src/adapter.c index 6c8096147bdd..5c556b569ca7 100644 --- a/src/adapter.c +++ b/src/adapter.c @@ -1218,6 +1218,9 @@ void adapter_service_remove(struct btd_adapter *adapter, uint32_t handle) remove_record_from_server(rec->handle); } +static void adapter_add_device(struct btd_adapter *adapter, + struct btd_device *device); + static struct btd_device *adapter_create_device(struct btd_adapter *adapter, const bdaddr_t *bdaddr, uint8_t bdaddr_type) @@ -1228,8 +1231,7 @@ static struct btd_device *adapter_create_device(struct btd_adapter *adapter, if (!device) return NULL; - adapter->devices = g_slist_append(adapter->devices, device); - + adapter_add_device(adapter, device); return device; } @@ -1256,6 +1258,9 @@ static void service_auth_cancel(struct service_auth *auth) g_free(auth); } +static void adapter_remove_device(struct btd_adapter *adapter, + struct btd_device *device); + void btd_adapter_remove_device(struct btd_adapter *adapter, struct btd_device *dev) { @@ -1263,7 +1268,7 @@ void btd_adapter_remove_device(struct btd_adapter *adapter, adapter->connect_list = g_slist_remove(adapter->connect_list, dev); - adapter->devices = g_slist_remove(adapter->devices, dev); + adapter_remove_device(adapter, dev); btd_adv_monitor_device_remove(adapter->adv_monitor_manager, dev); adapter->discovery_found = g_slist_remove(adapter->discovery_found, @@ -4665,7 +4670,7 @@ static void load_devices(struct btd_adapter *adapter) goto free; btd_device_set_temporary(device, false); - adapter->devices = g_slist_append(adapter->devices, device); + adapter_add_device(adapter, device); /* TODO: register services from pre-loaded list of primaries */ @@ -4827,6 +4832,48 @@ void adapter_remove_profile(struct btd_adapter *adapter, gpointer p) profile->adapter_remove(profile, adapter); } +static void device_added_drivers(struct btd_adapter *adapter, + struct btd_device *device) +{ + struct btd_adapter_driver *driver; + GSList *l; + + for (l = adapter_drivers; l; l = l->next) { + driver = l->data; + + if (driver->device_added) + driver->device_added(adapter, device); + } +} + +static void device_removed_drivers(struct btd_adapter *adapter, + struct btd_device *device) +{ + struct btd_adapter_driver *driver; + GSList *l; + + for (l = adapter_drivers; l; l = l->next) { + driver = l->data; + + if (driver->device_removed) + driver->device_removed(adapter, device); + } +} + +static void adapter_add_device(struct btd_adapter *adapter, + struct btd_device *device) +{ + adapter->devices = g_slist_append(adapter->devices, device); + device_added_drivers(adapter, device); +} + +static void adapter_remove_device(struct btd_adapter *adapter, + struct btd_device *device) +{ + adapter->devices = g_slist_remove(adapter->devices, device); + device_removed_drivers(adapter, device); +} + static void adapter_add_connection(struct btd_adapter *adapter, struct btd_device *device, uint8_t bdaddr_type) @@ -6445,8 +6492,10 @@ static void adapter_remove(struct btd_adapter *adapter) g_slist_free(adapter->connect_list); adapter->connect_list = NULL; - for (l = adapter->devices; l; l = l->next) + for (l = adapter->devices; l; l = l->next) { + device_removed_drivers(adapter, l->data); device_remove(l->data, FALSE); + } g_slist_free(adapter->devices); adapter->devices = NULL; diff --git a/src/adapter.h b/src/adapter.h index 7cac51451249..a2567330ddc9 100644 --- a/src/adapter.h +++ b/src/adapter.h @@ -111,6 +111,10 @@ struct btd_adapter_driver { int (*probe) (struct btd_adapter *adapter); void (*remove) (struct btd_adapter *adapter); void (*resume) (struct btd_adapter *adapter); + void (*device_added) (struct btd_adapter *adapter, + struct btd_device *device); + void (*device_removed) (struct btd_adapter *adapter, + struct btd_device *device); }; typedef void (*service_auth_cb) (DBusError *derr, void *user_data); From patchwork Mon Aug 2 06:12:43 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12413361 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.2 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E0DDEC4338F for ; Mon, 2 Aug 2021 06:13:20 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C8EBB60EE8 for ; Mon, 2 Aug 2021 06:13:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232187AbhHBGN2 (ORCPT ); Mon, 2 Aug 2021 02:13:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40404 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230432AbhHBGN2 (ORCPT ); Mon, 2 Aug 2021 02:13:28 -0400 Received: from mail-qv1-xf49.google.com (mail-qv1-xf49.google.com [IPv6:2607:f8b0:4864:20::f49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4C22AC06175F for ; Sun, 1 Aug 2021 23:13:19 -0700 (PDT) Received: by mail-qv1-xf49.google.com with SMTP id cb3-20020ad456230000b02903319321d1e3so12069399qvb.14 for ; Sun, 01 Aug 2021 23:13:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=mDdEFCjpHD/uWglCa7g2e7wWzLT0QoSSZnVpKWZCPo4=; b=XGEurvnpC1zYSYBDjsaBZXd5uB3U4MDptNyQM2hsogJwbyb2FdeQuGI7SOjBJhVkVf Kuf4JowVcdDE+2ghAo0b9fFvHDJflEGwG6oeLQO9QH5clGZyG3vF7X9cTdpZIX94SLYw lK1TEVdfDatPJ924fnhYXEw8TVOYj3v0Fzh0B/vIxapsDKlIAImeO7T8agICC9iZnCND EepWgm9adkFS+ZFGdPjqjobozWzrjZEik+/ypM8YPCp/XjT9YFaI4jD05L2D5uoohzPh ya+Ypex1e6GzZPl0U61IliD/vNuf0US2f0xTO6eEBtasHczYr9SOyv5Cc0iridwNSf6W mTFg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=mDdEFCjpHD/uWglCa7g2e7wWzLT0QoSSZnVpKWZCPo4=; b=mDu/lyD2EucEcTr2q4MQRwL6kdTWTsacQjHmPeG0TRKIKu+5wCMS8lAWE3Jvc4qyxI PZZJJGZLubWJZ2cEi+eU/WZ33YvY2Efel5bShVRao8OgFqmljAa2CL9eDXZSg1hKRA+J X0CxsahFWmyB/77d5W6858a8uju99pmeybDorlEDYxY0bPv56VEwy6suMNjJdwiGbOrW ilMxdzXvsPrg28JVP1m355Ho+ZNykMdwraGSA0yMeqw4v8ioXO8AYPFdj3eRjce4TUK7 Vr0JI3UDiRbej2vWFrsOnUA685aBlzOKiO5jaoFdgI9RaV35loNF55JmT35XJ576BHac lIeQ== X-Gm-Message-State: AOAM5325+BRJIkqNYUDrmrpmaYO0CVMO8nFOvEXOJRppsLLH45eld5PT OYa3ZwCE89D3OOmsAWwQ+SBkCvuhs2XmfHLKTE4tJOq9cybsJMWfkiAScb6uddcklq6oMN54w8e mNu8yUmfyPWKPXccfuX9gCs87r3CURGj35wWz8LyrNbXk0hKPZwHi0/VU/BteC62LlLMQVP5CAI aJ6LbsCUnYXoo= X-Google-Smtp-Source: ABdhPJwhFi9qsIPkjfVf+BN0cL1dXTuKJya9QGZ6sgL8Z+jfGB49G+9MvtvYI2PMveME9nmRW3JpEoRzqHXB2o/HYQ== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:9f82:5515:89:f2cb]) (user=howardchung job=sendgmr) by 2002:ad4:5aa1:: with SMTP id u1mr1382055qvg.2.1627884798237; Sun, 01 Aug 2021 23:13:18 -0700 (PDT) Date: Mon, 2 Aug 2021 14:12:43 +0800 In-Reply-To: <20210802061250.170975-1-howardchung@google.com> Message-Id: <20210802141140.Bluez.v7.6.Id0842634d98a21fbdfa5cc72c76a462a98bf6f40@changeid> Mime-Version: 1.0 References: <20210802061250.170975-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v7 06/13] plugins: new plugin From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds an initial code for a new plugin admin. Reviewed-by: Miao-chen Chou --- (no changes since v1) Makefile.plugins | 5 +++++ bootstrap-configure | 1 + configure.ac | 4 ++++ plugins/admin.c | 30 ++++++++++++++++++++++++++++++ 4 files changed, 40 insertions(+) create mode 100644 plugins/admin.c diff --git a/Makefile.plugins b/Makefile.plugins index 4e6a72b0bdf6..69fb01001cc6 100644 --- a/Makefile.plugins +++ b/Makefile.plugins @@ -11,6 +11,11 @@ builtin_sources += plugins/autopair.c builtin_modules += policy builtin_sources += plugins/policy.c +if ADMIN +builtin_modules += admin +builtin_sources += plugins/admin.c +endif + if NFC builtin_modules += neard builtin_sources += plugins/neard.c diff --git a/bootstrap-configure b/bootstrap-configure index 0efd83abc2c4..a34be832068e 100755 --- a/bootstrap-configure +++ b/bootstrap-configure @@ -30,4 +30,5 @@ fi --enable-pie \ --enable-cups \ --enable-library \ + --enable-admin \ --disable-datafiles $* diff --git a/configure.ac b/configure.ac index a5afaea6cfcd..0744860b89fb 100644 --- a/configure.ac +++ b/configure.ac @@ -364,6 +364,10 @@ AC_ARG_ENABLE(logger, AC_HELP_STRING([--enable-logger], [enable HCI logger service]), [enable_logger=${enableval}]) AM_CONDITIONAL(LOGGER, test "${enable_logger}" = "yes") +AC_ARG_ENABLE(admin, AC_HELP_STRING([--enable-admin], + [enable admin policy plugin]), [enable_admin=${enableval}]) +AM_CONDITIONAL(ADMIN, test "${enable_admin}" = "yes") + if (test "${prefix}" = "NONE"); then dnl no prefix and no localstatedir, so default to /var if (test "$localstatedir" = '${prefix}/var'); then diff --git a/plugins/admin.c b/plugins/admin.c new file mode 100644 index 000000000000..42866bcf7be2 --- /dev/null +++ b/plugins/admin.c @@ -0,0 +1,30 @@ +// SPDX-License-Identifier: LGPL-2.1-or-later +/* + * + * BlueZ - Bluetooth protocol stack for Linux + * + * Copyright (C) 2021 Google LLC + * + * + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include "src/log.h" +#include "src/plugin.h" + +static int admin_init(void) +{ + DBG(""); +} + +static void admin_exit(void) +{ + DBG(""); +} + +BLUETOOTH_PLUGIN_DEFINE(admin, VERSION, + BLUETOOTH_PLUGIN_PRIORITY_DEFAULT, + admin_init, admin_exit) From patchwork Mon Aug 2 06:12:44 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12413363 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.2 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4E052C4338F for ; Mon, 2 Aug 2021 06:13:29 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 33A5C61050 for ; Mon, 2 Aug 2021 06:13:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232215AbhHBGNh (ORCPT ); Mon, 2 Aug 2021 02:13:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40422 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229792AbhHBGNb (ORCPT ); Mon, 2 Aug 2021 02:13:31 -0400 Received: from mail-qv1-xf4a.google.com (mail-qv1-xf4a.google.com [IPv6:2607:f8b0:4864:20::f4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 668A6C06175F for ; Sun, 1 Aug 2021 23:13:22 -0700 (PDT) Received: by mail-qv1-xf4a.google.com with SMTP id t18-20020a0cd4120000b02902fbda5d4988so12010400qvh.11 for ; Sun, 01 Aug 2021 23:13:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=ov+ljL+WLImh2UNgqiJukm2dfT5futa1Kc0R7vlTCyc=; b=sMjxVkFWkc+6QIO7dQqZ/AHWstJgjwoIptNZ2p+ax46uMv+ZXE+h2zlsJxOnmo61UX CXd7/wjm9ly4CVKoINDosLiWmlYKx7WJqSlKO7tMUj9dH3kJysnr8RCegWLEKikpyRNH yhe1OahejHrUZGu5jzOJaQT3rgk3pDv2CUmjXwJitf+qZoHpYwlgrdGlw7z3brFYYvmq 78s+4UXEqavMaGUyD8tdRaigmc9ZVIg0crL2qR5h62ATvlZpfck10oxC2cS72kXC2lT0 F/CdwfkwcvqWqPSoWh5hBv0IPp+KHC+Tmv8P5xbarpyvQMOo9ZNpqFqflmA+RGaVCypd rZhw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=ov+ljL+WLImh2UNgqiJukm2dfT5futa1Kc0R7vlTCyc=; b=JwTnPCJbIJoeSW+/8lh64+rA+LWbUFXxicgeg7e4/b9RWsYywk4Su75NzcS657ikT2 4ysVHnCXEsU6hkps0h0IBRCIHo5Bl1hK8jBaS7R75YK3DKHHxE9lie83nLsKr92aSyLP 0m9G/2t89iUrw5ZDq6Kh5sJGwBkpql9tvXiV9KJbmvScdKrSQBmf0IwCBP6vgTaBcGDS /G0GYpqNTQUbQqoQyKsiP4vvT1WAohLGa6l53FJVrEtSvKlbZ+8xYx77G04SqBbtZKk+ GwNUvd2LhDOiDiwRnQC8pChNm+w4zRKPQ1AB7Ig6xl9aJ2DL3Ex5Wz/z6TrRZ6UWFBKO /dgA== X-Gm-Message-State: AOAM531TAYz+0fvpsLZ4LmkuL7v3DSGbFv6YLwBFwQEqaxh9/2AOf1kd LEoADK1wQLcn8gFsQlWiEuzbX3ioQXhTWaC4l8E77Ln6PZwueojWLsnTg8FqKb/G7Q9X05iBdZB jUlvJF0JHkwppsSthmMSX9lL+PY8V9GLtivZlmmjqfps29itBD0UQKZfh8+SIKE+CSWmzC7z3FU MVaHWlQIrSxyQ= X-Google-Smtp-Source: ABdhPJwXkAQAYWfkTnJ1OpWpT8Pczpo1zpLmaM3Der3I0ByFzIxbUsM18oXBvuZdvRRoz1iR3KhvcfmGtEEc/vP13w== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:9f82:5515:89:f2cb]) (user=howardchung job=sendgmr) by 2002:a05:6214:a48:: with SMTP id ee8mr850968qvb.4.1627884801495; Sun, 01 Aug 2021 23:13:21 -0700 (PDT) Date: Mon, 2 Aug 2021 14:12:44 +0800 In-Reply-To: <20210802061250.170975-1-howardchung@google.com> Message-Id: <20210802141140.Bluez.v7.7.I29607be7ac91b0a494ab51713ba14f583eb858ed@changeid> Mime-Version: 1.0 References: <20210802061250.170975-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v7 07/13] plugins/admin: add admin_policy adapter driver From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds code to register admin_policy driver to adapter when admin plugin is enabled. The following test steps were performed: 1. restart bluetoothd 2. check if "Admin Policy is enabled" in system log Reviewed-by: Miao-chen Chou --- (no changes since v1) plugins/admin.c | 67 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) diff --git a/plugins/admin.c b/plugins/admin.c index 42866bcf7be2..923e08cb836b 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -12,17 +12,84 @@ #include #endif +#include "lib/bluetooth.h" + +#include "src/adapter.h" +#include "src/error.h" #include "src/log.h" #include "src/plugin.h" +#include "src/shared/queue.h" + +/* |policy_data| has the same life cycle as btd_adapter */ +static struct btd_admin_policy { + struct btd_adapter *adapter; + uint16_t adapter_id; +} *policy_data = NULL; + +static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter) +{ + struct btd_admin_policy *admin_policy = NULL; + + admin_policy = g_try_malloc(sizeof(*admin_policy)); + if (!admin_policy) { + btd_error(btd_adapter_get_index(adapter), + "Failed to allocate memory for admin_policy"); + return NULL; + } + + admin_policy->adapter = adapter; + admin_policy->adapter_id = btd_adapter_get_index(adapter); + + return admin_policy; +} + +static void admin_policy_free(void *data) +{ + struct btd_admin_policy *admin_policy = data; + + g_free(admin_policy); +} + +static int admin_policy_adapter_probe(struct btd_adapter *adapter) +{ + if (policy_data) { + btd_warn(policy_data->adapter_id, + "Policy data already exists"); + admin_policy_free(policy_data); + policy_data = NULL; + } + + policy_data = admin_policy_new(adapter); + if (!policy_data) + return -ENOMEM; + + btd_info(policy_data->adapter_id, "Admin Policy has been enabled"); + + return 0; +} + +static struct btd_adapter_driver admin_policy_driver = { + .name = "admin_policy", + .probe = admin_policy_adapter_probe, + .resume = NULL, +}; + static int admin_init(void) { DBG(""); + + return btd_register_adapter_driver(&admin_policy_driver); } static void admin_exit(void) { DBG(""); + + btd_unregister_adapter_driver(&admin_policy_driver); + + if (policy_data) + admin_policy_free(policy_data); } BLUETOOTH_PLUGIN_DEFINE(admin, VERSION, From patchwork Mon Aug 2 06:12:45 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12413367 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.2 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0961AC4320A for ; Mon, 2 Aug 2021 06:13:30 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id DD6DE610A0 for ; Mon, 2 Aug 2021 06:13:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232173AbhHBGNh (ORCPT ); Mon, 2 Aug 2021 02:13:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40442 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232196AbhHBGNg (ORCPT ); Mon, 2 Aug 2021 02:13:36 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0711DC061798 for ; Sun, 1 Aug 2021 23:13:26 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id e145-20020a2550970000b029056eb288352cso17961954ybb.2 for ; Sun, 01 Aug 2021 23:13:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=+YRk0e87Fy4+hULeH4RsY+6kkkKU8k2ny1F7i1QOpA0=; b=llisAY/mntsDopfyRsyueXlFskrowCyeOGCO/gXmWjqZBLVywR6xO8ZX8oerPwGpUt 9v7MybphQiuAilrPHXvDA2qI2snG7mwTVr7R8pL/JEDc8vErS6BcDs05ZSYUsY+fWpKj 1dQmkCkW3jccm01cVqCR5lMretHO9U0o0G/Y12Ic7c9gMa7xY/C81QmBqoAJNoHUgfWY dRsdzUZ3oau4Z9brFzo5IKjwqBxOnXpRXo8YBx2C2Y/cpHIYyDgpYXC1B/AKvQ0f5uOj KFAhQVsB08KhIksqLCTKfDt5+UNDxKrlXn6TIRIDBQUzAlRonWOExynEtaDTkRzYlAn5 XKrQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=+YRk0e87Fy4+hULeH4RsY+6kkkKU8k2ny1F7i1QOpA0=; b=YCKlSnu3rAo+LD3hlVgqk0AImJCo3WNC0+3s04I7oYFRsZic2X4AL2d+vaPfUeykc3 TKF6oq5fNXhEjW2yr45IoCLwg0PKTj0CO2lf3BFCQj5bt/jgfkahcQv/wGZzeVfehQfu o3OQtq6QQUxbwVGrt7SCmT5w09rwKVrz8pqRhRFAEvVks79GIeuZMVbHeY1tGIgsZ8Fn JGTehGftIynMjukuhBCliPXoNl0VnrLQ12IJu7CLUhy8K294EyAl4npTiJ+ZkRegiGIg f8lkjTrZDHkrxrP9c8jvqfdDvfG0iv+YkV1V86biI4/TgUb7c4W6L9F7tzmQpoIaN67K dmCw== X-Gm-Message-State: AOAM532mqvC73DvRAM6q96fS8JyHwGctq/ojjR1DUCExDWftsSRXwTWE DZGg/F0ElmccHqDnOdlTXmg3aQk54TjTRsbDDfvbbhRuaDPeKqe/TC22M6yr51sZngsX4q56xUs ZH4+ghA1/0M38Rr8QMTK1j2/ZL6flnwi4RQ+vz4oUmCUlvjSQb2QEGguI9w+HrC4STyflwlogh8 mXfzzWo+IrMwU= X-Google-Smtp-Source: ABdhPJyKwlbnAO/BxXUc6yezItmXJaRDKsqXqIlnh2F4Czi6PaN73jDJTmXfYin9xw7MXei6WX0VKUc74xrkoBT0AQ== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:9f82:5515:89:f2cb]) (user=howardchung job=sendgmr) by 2002:a25:5cc:: with SMTP id 195mr18864936ybf.304.1627884805167; Sun, 01 Aug 2021 23:13:25 -0700 (PDT) Date: Mon, 2 Aug 2021 14:12:45 +0800 In-Reply-To: <20210802061250.170975-1-howardchung@google.com> Message-Id: <20210802141140.Bluez.v7.8.Ifbb69dd6e371da3a914049a94615064479b9024b@changeid> Mime-Version: 1.0 References: <20210802061250.170975-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v7 08/13] plugins/admin: add ServiceAllowList method From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds code to register interface org.bluez.AdminPolicySet1. The interface will provide methods to limit users to operate certain functions of bluez, such as allow/disallow user to taggle adapter power, or only allow users to connect services in the specified list, etc. This patch also implements ServiceAllowlist in org.bluez.AdminPolicySet1. Reviewed-by: Miao-chen Chou --- The following test steps were performed: 1. Set ServiceAllowList to ["1108","110A","110B","110C","110D","110E", "110F","1112","111E","111F","1203"] ( users are only allowed to connect headset ) 2. Turn on paired WF1000XM3, and listen music on Youtube. 3. Turn on paired K830 (LE device), press any key on keyboard. 4. Turn on paired Samsung Bluetooth Keyboard EE-BT550 (BREDR device), press any key on keyboard. 5. Set ServiceAllowList to ["1124","180A","180F","1812"] ( users are only allowed to connect HID devices ) 6. Turn on paired WF1000XM3, and listen music on Youtube. 7. Turn on paired K830 (LE device), press any key on keyboard. 8. Turn on paired Samsung Bluetooth Keyboard EE-BT550 (BREDR device), press any key on keyboard. 9. Set ServiceAllowList to [] ( users are only allowed to connect any device. ) 10. Turn on paired WF1000XM3, and listen music on Youtube. 11. Turn on paired K830 (LE device), press any key on keyboard. 12. Turn on paired Samsung Bluetooth Keyboard EE-BT550 (BREDR device), press any key on keyboard. Expected results: Step 2,7,8,9,10,11 should success, and step 3,4,6 should fail. (no changes since v1) plugins/admin.c | 127 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 126 insertions(+), 1 deletion(-) diff --git a/plugins/admin.c b/plugins/admin.c index 923e08cb836b..1fe2904d93d9 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -12,19 +12,29 @@ #include #endif +#include +#include + #include "lib/bluetooth.h" +#include "lib/uuid.h" #include "src/adapter.h" +#include "src/dbus-common.h" #include "src/error.h" #include "src/log.h" #include "src/plugin.h" #include "src/shared/queue.h" +#define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1" + +static DBusConnection *dbus_conn; + /* |policy_data| has the same life cycle as btd_adapter */ static struct btd_admin_policy { struct btd_adapter *adapter; uint16_t adapter_id; + struct queue *service_allowlist; } *policy_data = NULL; static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter) @@ -40,19 +50,120 @@ static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter) admin_policy->adapter = adapter; admin_policy->adapter_id = btd_adapter_get_index(adapter); + admin_policy->service_allowlist = NULL; return admin_policy; } +static void free_service_allowlist(struct queue *q) +{ + queue_destroy(q, g_free); +} + static void admin_policy_free(void *data) { struct btd_admin_policy *admin_policy = data; + free_service_allowlist(admin_policy->service_allowlist); g_free(admin_policy); } +static struct queue *parse_allow_service_list(struct btd_adapter *adapter, + DBusMessage *msg) +{ + DBusMessageIter iter, arr_iter; + struct queue *uuid_list = NULL; + + dbus_message_iter_init(msg, &iter); + if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_ARRAY) + return NULL; + + uuid_list = queue_new(); + dbus_message_iter_recurse(&iter, &arr_iter); + do { + const int type = dbus_message_iter_get_arg_type(&arr_iter); + char *uuid_param; + bt_uuid_t *uuid; + + if (type == DBUS_TYPE_INVALID) + break; + + if (type != DBUS_TYPE_STRING) + goto failed; + + dbus_message_iter_get_basic(&arr_iter, &uuid_param); + + uuid = g_try_malloc(sizeof(*uuid)); + if (!uuid) + goto failed; + + if (bt_string_to_uuid(uuid, uuid_param)) { + g_free(uuid); + goto failed; + } + + queue_push_head(uuid_list, uuid); + + dbus_message_iter_next(&arr_iter); + } while (true); + + return uuid_list; + +failed: + queue_destroy(uuid_list, g_free); + return NULL; +} + +static bool service_allowlist_set(struct btd_admin_policy *admin_policy, + struct queue *uuid_list) +{ + struct btd_adapter *adapter = admin_policy->adapter; + + if (!btd_adapter_set_allowed_uuids(adapter, uuid_list)) + return false; + + free_service_allowlist(admin_policy->service_allowlist); + admin_policy->service_allowlist = uuid_list; + + return true; +} + +static DBusMessage *set_service_allowlist(DBusConnection *conn, + DBusMessage *msg, void *user_data) +{ + struct btd_admin_policy *admin_policy = user_data; + struct btd_adapter *adapter = admin_policy->adapter; + struct queue *uuid_list = NULL; + const char *sender = dbus_message_get_sender(msg); + + DBG("sender %s", sender); + + /* Parse parameters */ + uuid_list = parse_allow_service_list(adapter, msg); + if (!uuid_list) { + btd_error(admin_policy->adapter_id, + "Failed on parsing allowed service list"); + return btd_error_invalid_args(msg); + } + + if (!service_allowlist_set(admin_policy, uuid_list)) { + free_service_allowlist(uuid_list); + return btd_error_failed(msg, "service_allowlist_set failed"); + } + + return dbus_message_new_method_return(msg); +} + +static const GDBusMethodTable admin_policy_adapter_methods[] = { + { GDBUS_METHOD("SetServiceAllowList", GDBUS_ARGS({ "UUIDs", "as" }), + NULL, set_service_allowlist) }, + { } +}; + static int admin_policy_adapter_probe(struct btd_adapter *adapter) { + const char *adapter_path; + if (policy_data) { btd_warn(policy_data->adapter_id, "Policy data already exists"); @@ -64,8 +175,20 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter) if (!policy_data) return -ENOMEM; - btd_info(policy_data->adapter_id, "Admin Policy has been enabled"); + adapter_path = adapter_get_path(adapter); + if (!g_dbus_register_interface(dbus_conn, adapter_path, + ADMIN_POLICY_SET_INTERFACE, + admin_policy_adapter_methods, NULL, + NULL, policy_data, admin_policy_free)) { + btd_error(policy_data->adapter_id, + "Admin Policy Set interface init failed on path %s", + adapter_path); + return -EINVAL; + } + + btd_info(policy_data->adapter_id, + "Admin Policy Set interface registered"); return 0; } @@ -79,6 +202,8 @@ static int admin_init(void) { DBG(""); + dbus_conn = btd_get_dbus_connection(); + return btd_register_adapter_driver(&admin_policy_driver); } From patchwork Mon Aug 2 06:12:46 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12413365 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.2 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B9AB8C4338F for ; Mon, 2 Aug 2021 06:13:31 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 9E883610A7 for ; Mon, 2 Aug 2021 06:13:31 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232196AbhHBGNj (ORCPT ); Mon, 2 Aug 2021 02:13:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40456 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232182AbhHBGNj (ORCPT ); Mon, 2 Aug 2021 02:13:39 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 873B9C06175F for ; Sun, 1 Aug 2021 23:13:29 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id j21-20020a25d2150000b029057ac4b4e78fso17959799ybg.4 for ; Sun, 01 Aug 2021 23:13:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=AODxBjZj+nI2kbzDyMsrX+mfmhxGjROcT4no+1E+pG8=; b=XZTYlyWRfgeBM/P7p+UR9bvyD80okXPD0kPclGFWBV3JvtaRWTpUAAj5l5EsAeUnYd bAn1Mxi2Wco/ZuVRcoKf8EhGXUwxw2jCWlUfgmjKxgHj+h1smwtSC2JCX8IsUdaaYRjK 0RHRwlbTsVc7TRP4jMIsB7IW/H1MRwJjFNCGgF6o+J8DLN/qAetQk+j5nkQOy3C7jlFQ ZGew/XtiT9IIVregYuNT0Wb7URrRP2umcrJlSwn5gbnoNssfuSUpIuqtxt+nD6f1Ukc1 GdFh7rI1DBhkGazImFkfBb4pv7Zc7FcM7+VF7z0HMFpDzaDxjM9GU5ZUgrfVb8yksA6/ c/xg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=AODxBjZj+nI2kbzDyMsrX+mfmhxGjROcT4no+1E+pG8=; b=J+PgPEml1Vtimo+kkOv/gN1iXaR7rlyZl12yl3FcwtaG71cEly9U1bxjCX3dpTIjrg tRNCauinExpDL91jLl3HSuhHSVPFxGlY7S4KHMhgkI3UdFFYwKSJMu7xvq32YqDkcptl csBZicHAyKos9IGIN4n7IBqhZc9awf05xbLjv4H6cI4sFoNmH83RuV4Zt3q9djOYZamG 8SLSLFoeXRmZ6zSD69n8Kr7GjtTgMDjXkSSlEGMP4Hqv601KmrZcccpFugd5+Dc0xD43 My5O5PuDK/ZoLVqe7hUlw1uNA7hr9TGySOnq6A+H6SkTzY1Vi8cFKN06JSYbnbP10Z9l RIGw== X-Gm-Message-State: AOAM5310/MWGya68gScnKVOvK/WyfwbXm624pU4+Avx7hlqR307r1vOT oIA4ZeDid4fKJsEfMzK5XG/VDrXd2jELElQAuiAYFmwElLwTHzreA3QKd9RwR+4TjAjqMXVz67e LDypDPtL3c7IyNo3o5EyGOI6g8RwP5Bt4+Uon/3AGdD3Au9lNLQ/Jj4TmCwlcX9QgtS1XAVGaJ0 C2AwpSei3JBOg= X-Google-Smtp-Source: ABdhPJzUAIrtJII8ia9OsAGRrt+yooAci47uut+fAXZHMcZsPT/f2RbSn49UkDoNYjb0QzkHkjSd5rCTa5fNIjoKSg== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:9f82:5515:89:f2cb]) (user=howardchung job=sendgmr) by 2002:a25:2a8e:: with SMTP id q136mr19843192ybq.337.1627884808759; Sun, 01 Aug 2021 23:13:28 -0700 (PDT) Date: Mon, 2 Aug 2021 14:12:46 +0800 In-Reply-To: <20210802061250.170975-1-howardchung@google.com> Message-Id: <20210802141140.Bluez.v7.9.I00fd6c348e4c93501de6de0eae0d23436fd3895b@changeid> Mime-Version: 1.0 References: <20210802061250.170975-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v7 09/13] plugins/admin: add ServiceAllowList property From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds code to register interface org.bluez.AdminPolicyStatus. The interface will provide read-only properties to indicate the current settings of admin policies. We separate this from AdminPolicySet so that normal clients can check current policy settings while only a few clients can change policies. This patch also adds readonly property ServiceAllowlist to AdminPolicyStatus1, which indicates the current setting of service allowlist. Reviewed-by: Miao-chen Chou --- The following test steps were performed: 1. Set ServiceAllowList to ["1124","180A","180F","1812"] 2. Verify ServiceAllowList is ["1124","180A","180F","1812"] in UUID-128 form 3. Set ServiceAllowList to [] 4. Verify ServiceAllowList is [] (no changes since v1) plugins/admin.c | 58 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) diff --git a/plugins/admin.c b/plugins/admin.c index 1fe2904d93d9..d89a77c8a123 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -27,6 +27,7 @@ #include "src/shared/queue.h" #define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1" +#define ADMIN_POLICY_STATUS_INTERFACE "org.bluez.AdminPolicyStatus1" static DBusConnection *dbus_conn; @@ -151,6 +152,11 @@ static DBusMessage *set_service_allowlist(DBusConnection *conn, return btd_error_failed(msg, "service_allowlist_set failed"); } + g_dbus_emit_property_changed(dbus_conn, + adapter_get_path(policy_data->adapter), + ADMIN_POLICY_STATUS_INTERFACE, + "ServiceAllowList"); + return dbus_message_new_method_return(msg); } @@ -160,6 +166,43 @@ static const GDBusMethodTable admin_policy_adapter_methods[] = { { } }; +void append_service_uuid(void *data, void *user_data) +{ + bt_uuid_t *uuid = data; + DBusMessageIter *entry = user_data; + char uuid_str[MAX_LEN_UUID_STR]; + const char *uuid_str_ptr = uuid_str; + + if (!uuid) { + error("Unexpected NULL uuid data in service_allowlist"); + return; + } + + bt_uuid_to_string(uuid, uuid_str, MAX_LEN_UUID_STR); + dbus_message_iter_append_basic(entry, DBUS_TYPE_STRING, &uuid_str_ptr); +} + +static gboolean property_get_service_allowlist( + const GDBusPropertyTable *property, + DBusMessageIter *iter, void *user_data) +{ + struct btd_admin_policy *admin_policy = user_data; + DBusMessageIter entry; + + dbus_message_iter_open_container(iter, DBUS_TYPE_ARRAY, + DBUS_TYPE_STRING_AS_STRING, &entry); + queue_foreach(admin_policy->service_allowlist, append_service_uuid, + &entry); + dbus_message_iter_close_container(iter, &entry); + + return TRUE; +} + +static const GDBusPropertyTable admin_policy_adapter_properties[] = { + { "ServiceAllowList", "as", property_get_service_allowlist }, + { } +}; + static int admin_policy_adapter_probe(struct btd_adapter *adapter) { const char *adapter_path; @@ -189,6 +232,21 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter) btd_info(policy_data->adapter_id, "Admin Policy Set interface registered"); + + if (!g_dbus_register_interface(dbus_conn, adapter_path, + ADMIN_POLICY_STATUS_INTERFACE, + NULL, NULL, + admin_policy_adapter_properties, + policy_data, admin_policy_free)) { + btd_error(policy_data->adapter_id, + "Admin Policy Status interface init failed on path %s", + adapter_path); + return -EINVAL; + } + + btd_info(policy_data->adapter_id, + "Admin Policy Status interface registered"); + return 0; } From patchwork Mon Aug 2 06:12:47 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12413369 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-23.4 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, UNWANTED_LANGUAGE_BODY,URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 70577C4338F for ; Mon, 2 Aug 2021 06:13:34 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5DCE560EE8 for ; Mon, 2 Aug 2021 06:13:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232211AbhHBGNm (ORCPT ); Mon, 2 Aug 2021 02:13:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40476 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232182AbhHBGNl (ORCPT ); Mon, 2 Aug 2021 02:13:41 -0400 Received: from mail-qv1-xf49.google.com (mail-qv1-xf49.google.com [IPv6:2607:f8b0:4864:20::f49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 11028C06175F for ; Sun, 1 Aug 2021 23:13:33 -0700 (PDT) Received: by mail-qv1-xf49.google.com with SMTP id j13-20020a0cf30d0000b029032dd803a7edso12084375qvl.2 for ; Sun, 01 Aug 2021 23:13:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=8kh0kYIyDfN7IZp2L3gpiT2YN98Q7N2b0Om3iMdzQt4=; b=RuGt/MNm67bF6vxiHRD8a1UYSrzjeC6CPvaVyiWf7cT5u5z6CqEThIxYgFzfuBScMV uRClN1sIT6qy45YZIWkg/C0l45dNhUCqBu6m87XtdhlPgwtKfikiKFl3ZDg59dG+jyKb oFya43kcXiibfS1ec8sjuO2DksXML/8yXfM7YROIWEGJkRukhZt2opAmhFC86NzC5yDF +WxKgg9aEphIxF2BP9kyfitHwnpSen8l+qlf7ABovH4kh6vH3vuXf2Zqw5weerkAM139 c4v5iNEnnF4j+d+0tmi4zXjaQnM7z7xqGWHeuaLMEJfW1V/WUTjdIfFqKvIcTUyv+YHW GwpA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=8kh0kYIyDfN7IZp2L3gpiT2YN98Q7N2b0Om3iMdzQt4=; b=OlEVWKtD5LAX0iL2qgTNkvtRewyZegOG2nt8LvDwAXbx8P3sRpCzk0sYOs63nw7dfh tKx94JEaOnynIrYiSpGXxvglxCZaPKI2f7C/COiV2sqyBU+jHJ3EUyDq1csK5+itqZoq TdrFaWhc1b+ITSktkykk57hanqQSmLzaSngPEa2A88J+qnk5utX2C8AjdCGUm7/ZtbxS xyibk2RJjQ5qN3AUPqbQjjzIT9CMQRICHylr9q6+jHntmJC2F4jeMadrZgG8oxijfsRt DKl9u3Yy54fNcU3UFURKrTniU0vupXtBLpDMQCp/yyjqLnyC5tSmnKv8oLy7EoX/hrj5 v9Nw== X-Gm-Message-State: AOAM531Ryn7A61Gw3MGaHgPLqubnujyCQutc1pRrrrybjkHJQi8Cia9j a0l45TFQk5HuSH6BHX4Ij5lFRzddHeOENvvpDZ4gPll9pNjuFFo4JCpqDxLljD2xBVPjaEmigAm qn9w5lJ5BgVzA3PsFl3V7DKjf2zovo4o31FfGV8l8dVceGFFOTqCF5ySisoG+4VBlCObPWsul5U CMAlUT1ng6qR8= X-Google-Smtp-Source: ABdhPJxGkp8e93DniHMpgeI1GMadMAGo1FRr7xCoPDsxoL5rq0OmhlYT7w7rYpp6B9K4N0HRbkmi2d23J9g1aN/kEA== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:9f82:5515:89:f2cb]) (user=howardchung job=sendgmr) by 2002:a05:6214:184e:: with SMTP id d14mr14916917qvy.13.1627884812212; Sun, 01 Aug 2021 23:13:32 -0700 (PDT) Date: Mon, 2 Aug 2021 14:12:47 +0800 In-Reply-To: <20210802061250.170975-1-howardchung@google.com> Message-Id: <20210802141140.Bluez.v7.10.I517e5199ac8019b770c7ee8c92a294ec1c752748@changeid> Mime-Version: 1.0 References: <20210802061250.170975-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v7 10/13] plugins/admin: add device callbacks From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds callbacks for device added and device removed. It is necessary for implementation of "AffectedByPolicy" property since it needs to register an interface for each device object and unregister it once the device gets removed. Reviewed-by: Miao-chen Chou --- The following test steps were performed: 1. start discovery using UI 2. verify device_data were added by checking system log 3. stop discovery 4. verify device_data were removed after a few seconds by checking system log (no changes since v1) plugins/admin.c | 78 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+) diff --git a/plugins/admin.c b/plugins/admin.c index d89a77c8a123..37dae77ac448 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -20,6 +20,7 @@ #include "src/adapter.h" #include "src/dbus-common.h" +#include "src/device.h" #include "src/error.h" #include "src/log.h" #include "src/plugin.h" @@ -29,7 +30,11 @@ #define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1" #define ADMIN_POLICY_STATUS_INTERFACE "org.bluez.AdminPolicyStatus1" +#define DBUS_BLUEZ_SERVICE "org.bluez" +#define BTD_DEVICE_INTERFACE "org.bluez.Device1" + static DBusConnection *dbus_conn; +static struct queue *devices; /* List of struct device_data objects */ /* |policy_data| has the same life cycle as btd_adapter */ static struct btd_admin_policy { @@ -38,6 +43,11 @@ static struct btd_admin_policy { struct queue *service_allowlist; } *policy_data = NULL; +struct device_data { + struct btd_device *device; + char *path; +}; + static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter) { struct btd_admin_policy *admin_policy = NULL; @@ -203,6 +213,37 @@ static const GDBusPropertyTable admin_policy_adapter_properties[] = { { } }; +static bool device_data_match(const void *a, const void *b) +{ + const struct device_data *data = a; + const struct btd_device *dev = b; + + if (!data) { + error("Unexpected NULL device_data"); + return false; + } + + return data->device == dev; +} + +static void free_device_data(void *data) +{ + struct device_data *device_data = data; + + g_free(device_data->path); + g_free(device_data); +} + +static void remove_device_data(void *data) +{ + struct device_data *device_data = data; + + DBG("device_data for %s removing", device_data->path); + + queue_remove(devices, device_data); + free_device_data(device_data); +} + static int admin_policy_adapter_probe(struct btd_adapter *adapter) { const char *adapter_path; @@ -250,10 +291,45 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter) return 0; } +static void admin_policy_device_added(struct btd_adapter *adapter, + struct btd_device *device) +{ + struct device_data *data; + + if (queue_find(devices, device_data_match, device)) + return; + + data = g_new0(struct device_data, 1); + if (!data) { + btd_error(btd_adapter_get_index(adapter), + "Failed to allocate memory for device_data"); + return; + } + + data->device = device; + data->path = g_strdup(device_get_path(device)); + queue_push_tail(devices, data); + + DBG("device_data for %s added", data->path); +} + +static void admin_policy_device_removed(struct btd_adapter *adapter, + struct btd_device *device) +{ + struct device_data *data; + + data = queue_find(devices, device_data_match, device); + + if (data) + remove_device_data(data); +} + static struct btd_adapter_driver admin_policy_driver = { .name = "admin_policy", .probe = admin_policy_adapter_probe, .resume = NULL, + .device_added = admin_policy_device_added, + .device_removed = admin_policy_device_removed }; static int admin_init(void) @@ -261,6 +337,7 @@ static int admin_init(void) DBG(""); dbus_conn = btd_get_dbus_connection(); + devices = queue_new(); return btd_register_adapter_driver(&admin_policy_driver); } @@ -270,6 +347,7 @@ static void admin_exit(void) DBG(""); btd_unregister_adapter_driver(&admin_policy_driver); + queue_destroy(devices, free_device_data); if (policy_data) admin_policy_free(policy_data); From patchwork Mon Aug 2 06:12:48 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12413371 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-23.4 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, UNWANTED_LANGUAGE_BODY,URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0E82DC4338F for ; Mon, 2 Aug 2021 06:13:38 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id E82B0610A0 for ; Mon, 2 Aug 2021 06:13:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232221AbhHBGNq (ORCPT ); Mon, 2 Aug 2021 02:13:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40496 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232220AbhHBGNp (ORCPT ); Mon, 2 Aug 2021 02:13:45 -0400 Received: from mail-pj1-x104a.google.com (mail-pj1-x104a.google.com [IPv6:2607:f8b0:4864:20::104a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D6407C06175F for ; Sun, 1 Aug 2021 23:13:36 -0700 (PDT) Received: by mail-pj1-x104a.google.com with SMTP id q72-20020a17090a1b4eb0290177884285a6so8347072pjq.2 for ; Sun, 01 Aug 2021 23:13:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=gqdjgkdvhVGOQ8cQC92B+9Kplw3M+NU1zcw9w0/LQHU=; b=QXja4aG2zTw72q1Qjeia/mSJoruYhXkg2gmin9qu4ksYwLEOxX43vvvOBq8zh0ACV1 7BEqmDfyJQs+QNF/g8OMNbgy5wr0LfrBAlk0e1XkkKKQ5qM1nu/DXHxP/8xNzz2Dnydy TPncXTMJA4Tb8ohyPSCJqCVNXT0pOqHhGRKm/tgDa34sEqBC2B1LsVNi+SXlWrzd3flT WTuHBCV0wqAvZEsAwH/DBZbqN2S7TVayxLLezBuVV1bhY9OO8vLrDyQZ6BLsx/g+/NMv lT5BYLAnhfQZ0TD3HQw7GFTIZqpi2t+gGK+DFPgjtONkREqPHd9zssRWJL7ttPAhky4a ykJg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=gqdjgkdvhVGOQ8cQC92B+9Kplw3M+NU1zcw9w0/LQHU=; b=GG3+ja/gDVgdiCwEF8Eiga9h4dGsWZCC9STKosg2WyUeeMia5c5gyMB5+sqbfRxUSs urcRTCkEIp64KVZ4FO/El+hQg87KWY55aXmwZmCHkbd15URS6/K/Fpi+9Uz4FZ5eDOP9 ZvTHYYBRFrWQc/nHlwJo057W6HOlb94UVcTESIzELK9CTiYCraf1b1IQVnKP2A60AJDx TnwkzNa1Ikla4GtWFg7y3FNDBMEuOYAg14CdxDcgLwaPhG+HGwF0JZJJJSBujoUucHdG U7M1JkYpWfgK8uHYHzxGbHY/F53Z2O3vLY43f/CelIZCPPoUvDIIrneRlSo53toBiI85 cVBw== X-Gm-Message-State: AOAM531qIIb5nsZOPM1POQp9lALziD31OK+Qjf8Dbxd0HCNXyLOsQC9Z OHhiPGYtT/0cEpS/6zyhYSzr6khZ5pACkurmFtTbd/oaHfoQLHvklG/vLEmEIPOIX16x+J3ih43 r9W2kUcyabB6U99i3D9wIxzi0ciRzltcHydPm/91e6S5vRx7BPiB/8JA84ZlrifjR6BZNd3hEpU K8oSpi7Ss9VBE= X-Google-Smtp-Source: ABdhPJzQqCm+F+gmTzQ0Vux7wySsraxnbqAo0pTucgubJOhRw7W0sDZwHWQZXhiNxuwsb1RhP/YVEBFDX5tMnH4XDw== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:9f82:5515:89:f2cb]) (user=howardchung job=sendgmr) by 2002:a17:90a:f293:: with SMTP id fs19mr334395pjb.0.1627884815962; Sun, 01 Aug 2021 23:13:35 -0700 (PDT) Date: Mon, 2 Aug 2021 14:12:48 +0800 In-Reply-To: <20210802061250.170975-1-howardchung@google.com> Message-Id: <20210802141140.Bluez.v7.11.I570c860f59c8ed66ddb31aa54584ee08080aa10c@changeid> Mime-Version: 1.0 References: <20210802061250.170975-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v7 11/13] plugins/admin: add AffectedByPolicy property From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds property to indicate if a device has any service that is being blocked by admin policy. Reviewed-by: Miao-chen Chou --- The following test steps were performed: 1. Set ServiceAllowList to [] 2. Verify AffectedByPolicy of K830 is False 3. Set ServiceAllowList to ["1800"] 4. Verify AffectedByPolicy of K830 is False 5. Set ServiceAllowList to ["1800","1801","180A","180F","1812"] 6. Verify AffectedByPolicy of K830 is True (no changes since v1) plugins/admin.c | 73 +++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 71 insertions(+), 2 deletions(-) diff --git a/plugins/admin.c b/plugins/admin.c index 37dae77ac448..653195a0e20b 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -46,6 +46,7 @@ static struct btd_admin_policy { struct device_data { struct btd_device *device; char *path; + bool affected; }; static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter) @@ -139,6 +140,27 @@ static bool service_allowlist_set(struct btd_admin_policy *admin_policy, return true; } +static void update_device_affected(void *data, void *user_data) +{ + struct device_data *dev_data = data; + bool affected; + + if (!dev_data) { + error("Unexpected NULL device_data when updating device"); + return; + } + + affected = !btd_device_all_services_allowed(dev_data->device); + + if (affected == dev_data->affected) + return; + + dev_data->affected = affected; + + g_dbus_emit_property_changed(dbus_conn, dev_data->path, + ADMIN_POLICY_STATUS_INTERFACE, "AffectedByPolicy"); +} + static DBusMessage *set_service_allowlist(DBusConnection *conn, DBusMessage *msg, void *user_data) { @@ -167,6 +189,8 @@ static DBusMessage *set_service_allowlist(DBusConnection *conn, ADMIN_POLICY_STATUS_INTERFACE, "ServiceAllowList"); + queue_foreach(devices, update_device_affected, NULL); + return dbus_message_new_method_return(msg); } @@ -226,6 +250,28 @@ static bool device_data_match(const void *a, const void *b) return data->device == dev; } +static gboolean property_get_affected_by_policy( + const GDBusPropertyTable *property, + DBusMessageIter *iter, void *user_data) +{ + struct device_data *data = user_data; + + if (!data) { + error("Unexpected error: device_data is NULL"); + return FALSE; + } + + dbus_message_iter_append_basic(iter, DBUS_TYPE_BOOLEAN, + &data->affected); + + return TRUE; +} + +static const GDBusPropertyTable admin_policy_device_properties[] = { + { "AffectedByPolicy", "b", property_get_affected_by_policy }, + { } +}; + static void free_device_data(void *data) { struct device_data *device_data = data; @@ -308,11 +354,33 @@ static void admin_policy_device_added(struct btd_adapter *adapter, data->device = device; data->path = g_strdup(device_get_path(device)); + data->affected = !btd_device_all_services_allowed(data->device); + + if (!g_dbus_register_interface(dbus_conn, data->path, + ADMIN_POLICY_STATUS_INTERFACE, + NULL, NULL, + admin_policy_device_properties, + data, remove_device_data)) { + btd_error(btd_adapter_get_index(adapter), + "Admin Policy Status interface init failed on path %s", + device_get_path(device)); + free_device_data(data); + return; + } + queue_push_tail(devices, data); DBG("device_data for %s added", data->path); } +static void unregister_device_data(void *data, void *user_data) +{ + struct device_data *dev_data = data; + + g_dbus_unregister_interface(dbus_conn, dev_data->path, + ADMIN_POLICY_STATUS_INTERFACE); +} + static void admin_policy_device_removed(struct btd_adapter *adapter, struct btd_device *device) { @@ -321,7 +389,7 @@ static void admin_policy_device_removed(struct btd_adapter *adapter, data = queue_find(devices, device_data_match, device); if (data) - remove_device_data(data); + unregister_device_data(data, NULL); } static struct btd_adapter_driver admin_policy_driver = { @@ -347,7 +415,8 @@ static void admin_exit(void) DBG(""); btd_unregister_adapter_driver(&admin_policy_driver); - queue_destroy(devices, free_device_data); + queue_foreach(devices, unregister_device_data, NULL); + queue_destroy(devices, g_free); if (policy_data) admin_policy_free(policy_data); From patchwork Mon Aug 2 06:12:49 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12413373 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-23.4 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, UNWANTED_LANGUAGE_BODY,URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0EF22C4338F for ; Mon, 2 Aug 2021 06:13:42 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id E9A7D610A0 for ; Mon, 2 Aug 2021 06:13:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232226AbhHBGNu (ORCPT ); Mon, 2 Aug 2021 02:13:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40520 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232182AbhHBGNt (ORCPT ); Mon, 2 Aug 2021 02:13:49 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B684AC06175F for ; Sun, 1 Aug 2021 23:13:40 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id d69-20020a25e6480000b02904f4a117bd74so18015302ybh.17 for ; Sun, 01 Aug 2021 23:13:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=jBkhQ2uYe84K1xkjEXWDQaa9uaP7sg8rDmJHv7TS0ug=; b=G8AvJGKOySuPgUlZSegvMdNf75c7Rnt8YHugCS0wv6B0EkkEvHbR29eDgcw13Qc+B3 QdxGYlB+Eb/JBgqNzM0hIDZ5MMK5oqCb+2qIabPm6Sm0CxyaWIJ102+tX5kuxhgqHPl+ 598ml8EQhw+PHFhPt4Uxc+qhY0tPQqIA3Lt9PgE0Dl2JaBdxp/u92IdhQ12TfUe9x8+y Ap0PLWsPbtfY2A6GLPDR4D7uEQyRrYrWtFnYh8nj1q2zHWTu4X+ZGAVn+VEu7E6jsflk Ot8I0nLtqVMGJ+SXK0rVxytDzY2QfhQzNcEWtd+5v4o6c+UdFOm+Tg+apM1EAMmEtygF QRyg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=jBkhQ2uYe84K1xkjEXWDQaa9uaP7sg8rDmJHv7TS0ug=; b=V3cG/YS+M99KyMfwF/GEZoeIncl9ZS7+b3P95hx5e70PKVSldaf7zkAkuDjB2rRN0a 3OLaNh5IOZqNpu4kjnZi96Z74485fo8Z5uV3xo2Gn0qdAr3U/ZptGuf/7jvGWeSs9BN0 WfnkHMB9UGtr3lMAW0TIP+ty6gzsRomTGTUy5RGF1YZrmmdHSA+TXj5+p9rSf4s0MrdZ Hl4o/7qiB1446ZzePsWWIDKVPpLYNk+WgF5sAQZERBucFXrK5hMMghtQcEIOG6UXe4sI rSBEI7UWN9mYEMnu6oCeO0kSh4imiuMkp8bUPkhjUWZqUUYZH3DjpRQ+zOaV1aKkP7+x 2k0g== X-Gm-Message-State: AOAM531jTqfAe4t9mNFL3D5f8pujvHkan+J+qbst5dqDmyimuI+Ul1/D JgJo8KSwPZ+X2LHUe5O9ErGzbFxxoVhOgKaVmLRDZnIiCKJ0HzlZ2IvgeiXWcd0O9iB1eDmWpnt ZmTdUpemYbZLwT992oIkLU3qb7MuHizIdx/AksMce0KgvV6ChDKKz0SsYRjLL3yDMPrZ2cBVi8H ax1ivcxkqsG34= X-Google-Smtp-Source: ABdhPJygrjmz66YzwHGVq13lfIfzhSPWRjk3PoO4CnVq3EhOzohfxXFy/gNVKD6PrACgrjtMUgASvd4JKcFdkHjXHQ== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:9f82:5515:89:f2cb]) (user=howardchung job=sendgmr) by 2002:a05:6902:1106:: with SMTP id o6mr17828543ybu.263.1627884819927; Sun, 01 Aug 2021 23:13:39 -0700 (PDT) Date: Mon, 2 Aug 2021 14:12:49 +0800 In-Reply-To: <20210802061250.170975-1-howardchung@google.com> Message-Id: <20210802141140.Bluez.v7.12.Ib26c0abdbd417673a8b5788c175c06110726a68c@changeid> Mime-Version: 1.0 References: <20210802061250.170975-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v7 12/13] plugins/admin: persist policy settings From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds code to store the ServiceAllowlist to file /var/lib/bluetooth/{MAC_ADDR}/admin_policy The stored settings will be loaded upon admin_policy initialized. Reviewed-by: Miao-chen Chou --- The following test steps were performed: 1. Set ServiceAllowlist to ["1124","180A","180F","1812", "1801"] 2. restart bluetoothd 3. Verify ServiceAllowlist is ["1124","180A","180F","1812","1801"] in UUID-128 form 4. Set ServiceAllowlist to [] 5. restart bluetoothd 6. Verify ServiceAllowlist is [] (no changes since v1) plugins/admin.c | 169 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 167 insertions(+), 2 deletions(-) diff --git a/plugins/admin.c b/plugins/admin.c index 653195a0e20b..8e6549ea8020 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -14,6 +14,9 @@ #include #include +#include +#include +#include #include "lib/bluetooth.h" #include "lib/uuid.h" @@ -24,11 +27,13 @@ #include "src/error.h" #include "src/log.h" #include "src/plugin.h" +#include "src/textfile.h" #include "src/shared/queue.h" #define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1" #define ADMIN_POLICY_STATUS_INTERFACE "org.bluez.AdminPolicyStatus1" +#define ADMIN_POLICY_STORAGE STORAGEDIR "/admin_policy_settings" #define DBUS_BLUEZ_SERVICE "org.bluez" #define BTD_DEVICE_INTERFACE "org.bluez.Device1" @@ -161,6 +166,8 @@ static void update_device_affected(void *data, void *user_data) ADMIN_POLICY_STATUS_INTERFACE, "AffectedByPolicy"); } +static void store_policy_settings(struct btd_admin_policy *admin_policy); + static DBusMessage *set_service_allowlist(DBusConnection *conn, DBusMessage *msg, void *user_data) { @@ -179,7 +186,9 @@ static DBusMessage *set_service_allowlist(DBusConnection *conn, return btd_error_invalid_args(msg); } - if (!service_allowlist_set(admin_policy, uuid_list)) { + if (service_allowlist_set(admin_policy, uuid_list)) { + store_policy_settings(admin_policy); + } else { free_service_allowlist(uuid_list); return btd_error_failed(msg, "service_allowlist_set failed"); } @@ -200,7 +209,7 @@ static const GDBusMethodTable admin_policy_adapter_methods[] = { { } }; -void append_service_uuid(void *data, void *user_data) +static void append_service_uuid(void *data, void *user_data) { bt_uuid_t *uuid = data; DBusMessageIter *entry = user_data; @@ -237,6 +246,161 @@ static const GDBusPropertyTable admin_policy_adapter_properties[] = { { } }; +static void free_uuid_strings(char **uuid_strs, gsize num) +{ + gsize i; + + for (i = 0; i < num; i++) + g_free(uuid_strs[i]); + g_free(uuid_strs); +} + +static char **new_uuid_strings(struct queue *allowlist, gsize *num) +{ + const struct queue_entry *entry = NULL; + bt_uuid_t *uuid = NULL; + char **uuid_strs = NULL; + gsize i = 0, allowlist_num; + + /* Set num to a non-zero number so that whoever call this could know if + * this function success or not + */ + *num = 1; + + allowlist_num = queue_length(allowlist); + uuid_strs = g_try_malloc_n(allowlist_num, sizeof(char *)); + if (!uuid_strs) + return NULL; + + for (entry = queue_get_entries(allowlist); entry != NULL; + entry = entry->next) { + uuid = entry->data; + uuid_strs[i] = g_try_malloc0(MAX_LEN_UUID_STR * sizeof(char)); + + if (!uuid_strs[i]) + goto failed; + + bt_uuid_to_string(uuid, uuid_strs[i], MAX_LEN_UUID_STR); + i++; + } + + *num = allowlist_num; + return uuid_strs; + +failed: + free_uuid_strings(uuid_strs, i); + + return NULL; +} + +static void store_policy_settings(struct btd_admin_policy *admin_policy) +{ + GKeyFile *key_file = NULL; + char *filename = ADMIN_POLICY_STORAGE; + char *key_file_data = NULL; + char **uuid_strs = NULL; + gsize length, num_uuids; + + key_file = g_key_file_new(); + + uuid_strs = new_uuid_strings(admin_policy->service_allowlist, + &num_uuids); + + if (!uuid_strs && num_uuids) { + btd_error(admin_policy->adapter_id, + "Failed to allocate uuid strings"); + goto failed; + } + + g_key_file_set_string_list(key_file, "General", "ServiceAllowlist", + (const gchar * const *)uuid_strs, + num_uuids); + + if (create_file(ADMIN_POLICY_STORAGE, 0600) < 0) { + btd_error(admin_policy->adapter_id, "create %s failed, %s", + filename, strerror(errno)); + goto failed; + } + + key_file_data = g_key_file_to_data(key_file, &length, NULL); + g_file_set_contents(ADMIN_POLICY_STORAGE, key_file_data, length, NULL); + + g_free(key_file_data); + free_uuid_strings(uuid_strs, num_uuids); + +failed: + g_key_file_free(key_file); +} + +static void key_file_load_service_allowlist(GKeyFile *key_file, + struct btd_admin_policy *admin_policy) +{ + GError *gerr = NULL; + struct queue *uuid_list = NULL; + gchar **uuids = NULL; + gsize num, i; + + uuids = g_key_file_get_string_list(key_file, "General", + "ServiceAllowlist", &num, &gerr); + + if (gerr) { + btd_error(admin_policy->adapter_id, + "Failed to load ServiceAllowlist"); + g_error_free(gerr); + return; + } + + uuid_list = queue_new(); + for (i = 0; i < num; i++) { + bt_uuid_t *uuid = g_try_malloc(sizeof(*uuid)); + + if (!uuid) + goto failed; + + if (bt_string_to_uuid(uuid, *uuids)) { + + btd_error(admin_policy->adapter_id, + "Failed to convert '%s' to uuid struct", + *uuids); + + g_free(uuid); + goto failed; + } + + queue_push_tail(uuid_list, uuid); + uuids++; + } + + if (!service_allowlist_set(admin_policy, uuid_list)) + goto failed; + + return; +failed: + free_service_allowlist(uuid_list); +} + +static void load_policy_settings(struct btd_admin_policy *admin_policy) +{ + GKeyFile *key_file; + char *filename = ADMIN_POLICY_STORAGE; + struct stat st; + + if (stat(filename, &st) < 0) { + btd_error(admin_policy->adapter_id, + "Failed to get file %s information", + filename); + return; + } + + key_file = g_key_file_new(); + + g_key_file_load_from_file(key_file, filename, 0, NULL); + + key_file_load_service_allowlist(key_file, admin_policy); + + g_key_file_free(key_file); +} + static bool device_data_match(const void *a, const void *b) { const struct device_data *data = a; @@ -305,6 +469,7 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter) if (!policy_data) return -ENOMEM; + load_policy_settings(policy_data); adapter_path = adapter_get_path(adapter); if (!g_dbus_register_interface(dbus_conn, adapter_path, From patchwork Mon Aug 2 06:12:50 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Howard Chung X-Patchwork-Id: 12413375 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.2 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B1611C4338F for ; Mon, 2 Aug 2021 06:13:46 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 8ED6B61050 for ; Mon, 2 Aug 2021 06:13:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232249AbhHBGNy (ORCPT ); Mon, 2 Aug 2021 02:13:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40540 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232218AbhHBGNy (ORCPT ); Mon, 2 Aug 2021 02:13:54 -0400 Received: from mail-qv1-xf49.google.com (mail-qv1-xf49.google.com [IPv6:2607:f8b0:4864:20::f49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 01C77C06175F for ; Sun, 1 Aug 2021 23:13:45 -0700 (PDT) Received: by mail-qv1-xf49.google.com with SMTP id t18-20020a0cd4120000b02902fbda5d4988so12010853qvh.11 for ; Sun, 01 Aug 2021 23:13:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=GUGK6mf2HhVtnM87+R/s6TG00Oczs2xSvSnRMURkPe8=; b=pG/tlstIBit6nIvdFvyJu4CGbJRJ2ohw6WaOOJ6yuaE7j50WdXudzSsWTOhHZ7Hoh1 jPav/bpCOGl+6cEh1k8XaCjCshXSlPZlH0kBr8QKhWEBhDpxlemJKJOjLarnI0/fALLI OdQDP6IYf7nrqXHFsHMnFJHED9ythjLvgGyhrf6biyGN/c2vdDCyBL3j9TUBrJ2vM3/m fqCWa2ARRROv3HYUbspJlvsTgG1vYiyi1EqKW6yiEaw5+nntu+DF05ajfXIdRbYYOIo+ WlJb/4hSHNjAYFWQCyt7j7iSKbE63QtfJAKkqwcmg4FBEOsYoFh/MWWQhdMqBeVZJlBx KAvA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=GUGK6mf2HhVtnM87+R/s6TG00Oczs2xSvSnRMURkPe8=; b=EGZTuxRTUjdjqF8/dcadVKOUPij7BP2iQ9AAVjLdS/vyAsElVo/cho+E/dEfuO7oVL CTShxVbajTEY6oRuMrCXaCYKohn/mx9yDa9KjeypFYT2o0C5c1uYMhthlpDR3zl4VC32 oUonMfi8NForoTYRwbkNEe23smkWFjFyycLJBl9pJPcAA31v58svb/QAY+7r4pF35tdT 0mfpbFpnc8t2aACAJAxFWg8jZXbIrelSmURMXboTIsAPKS9M4zpK3n0djvmanbzViTSq LPJcX8hG9ybHmDM1ybCRcVnEFFoA82fdU1V/WDir6IejcJBbVkYAG1mU+XtHRkp1ML/G qiLw== X-Gm-Message-State: AOAM532yznZEP1kyvreAM8y2fOXMiKIS0HoVKHJP5w3CrzrX+ujNNJAI KMC5Z2CZN53e+OnXHn/hSN2nGZsxJ874GGLcG3qP70wzFFouBI6j3Fu1J7XsBnAqcg8+EH3gLDn BuwOjGlbdfi6mMS6B0kN5GFS1sTtn35gyIMEJ+EvmSv0qDO71UtQgP22jqRQD+PHVyqN5Th290/ Fs4Zr8RdsJO5k= X-Google-Smtp-Source: ABdhPJwo9T3m5xse78Ds24Jl/89n8gQK1jY1fpLBRiRe0ct3f5kTUAd7eP9PdnnGNN6g2+fuGdpBcdDGNH3Nnc3mBw== X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:9f82:5515:89:f2cb]) (user=howardchung job=sendgmr) by 2002:a05:6214:14e6:: with SMTP id k6mr12325591qvw.53.1627884823801; Sun, 01 Aug 2021 23:13:43 -0700 (PDT) Date: Mon, 2 Aug 2021 14:12:50 +0800 In-Reply-To: <20210802061250.170975-1-howardchung@google.com> Message-Id: <20210802141140.Bluez.v7.13.I433ab6a7ac1d4f8f8dea496ac14bdbf3597015d3@changeid> Mime-Version: 1.0 References: <20210802061250.170975-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v7 13/13] doc: add description of admin policy From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds admin-policy-api.txt. Reviewed-by: Miao-chen Chou --- (no changes since v1) doc/admin-policy-api.txt | 65 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 doc/admin-policy-api.txt diff --git a/doc/admin-policy-api.txt b/doc/admin-policy-api.txt new file mode 100644 index 000000000000..3f116901dbd7 --- /dev/null +++ b/doc/admin-policy-api.txt @@ -0,0 +1,65 @@ +BlueZ D-Bus Admin Policy API description +*********************************** + +This API provides methods to control the behavior of bluez as an administrator. + +Interface AdminPolicySet1 provides methods to set policies. Once the policy is +set successfully, it will affect all clients and stay persistently even after +restarting Bluetooth Daemon. The only way to clear it is to overwrite the +policy with the same method. + +Interface AdminPolicyStatus1 provides readonly properties to indicate the +current values of admin policy. + + +Admin Policy Set hierarchy +================= + +Service org.bluez +Interface org.bluez.AdminPolicySet1 +Object path [variable prefix]/{hci0,hci1,...} + +Methods void SetServiceAllowList(array{string} UUIDs) + + This method sets the service allowlist by specifying + service UUIDs. + + When SetServiceAllowList is called, bluez will block + incoming and outgoing connections to the service not in + UUIDs for all of the clients. + + Any subsequent calls to this method will supersede any + previously set allowlist values. Calling this method + with an empty array will allow any service UUIDs to be + used. + + The default value is an empty array. + + Possible errors: org.bluez.Error.InvalidArguments + org.bluez.Error.Failed + + +Admin Policy Status hierarchy +================= + +Service org.bluez +Interface org.bluez.AdminPolicyStatus1 +Object path [variable prefix]/{hci0,hci1,...} + +Properties array{string} ServiceAllowList [readonly] + + Current value of service allow list. + + + +Admin Policy Status hierarchy +================= + +Service org.bluez +Interface org.bluez.AdminPolicyStatus1 +Object path [variable prefix]/{hci0,hci1,...}/dev_XX_XX_XX_XX_XX_XX + +Properties bool IsAffectedByPolicy [readonly] + + Indicate if there is any auto-connect profile in this + device is not allowed by admin policy.