From: Yun-Hao Chung <[email protected]>
This series is to
1. Implement a few methods in core so that a plugin can have control of
allowing / disallowing certain service connections.
2. Implement the AdminPolicy plugin. The plugin provides interfaces
AdminPolicySet and AdminPolicyStatus. For each policy, users should
set the value thorugh AdminPolicySet and query the current setting
through AdminPolicyStatus. We separeted these two interfaces so that
developers can assign different groups of users to these interfaces.
Currently the only policy is ServiceAllowList, which make bluez only
allow a list of service by specified their UUIDs, but the plugin is
also expected to provide more controls over other bluez behaviors.
Since the second part is a plugin, it might not be necessary to land in
upstream tree.
Thanks.
Changes in v2:
- Move bt_uuid_hash and bt_uuid_equal functions to adapter.c.
- Modify the criteria to say a device is `Affected` from any-of-uuid
to any-of-auto-connect-profile.
- Remove the code to remove/reprobe disallowed/allowed profiles,
instead, check if the service is allowed in bt_io_accept connect_cb.
- Fix a typo in emit_property_change in
plugin/admin_policy.c:set_service_allowlist
- Instead of using device_state_cb, utilize D-BUS client to watch device
added/removed.
- Add a document in doc/
Yun-Hao Chung (11):
core: add is_allowed property in btd_service
core: add adapter and device allowed_uuid functions
profiles: ignore incoming connection of not allowed service
plugins: new plugin
plugins/admin_policy: add admin_policy adapter driver
plugins/admin_policy: add ServiceAllowList method
plugins/admin_policy: add ServiceAllowList property
plugins/admin_policy: listen for device add and remove
plugins/admin_policy: add AffectedByPolicy property
plugins/admin_policy: persist policy settings
doc: add description of admin policy
Makefile.plugins | 5 +
Makefile.tools | 1 +
bootstrap-configure | 1 +
configure.ac | 4 +
doc/admin-policy-api.txt | 65 ++++
plugins/admin_policy.c | 653 +++++++++++++++++++++++++++++++++++++++
profiles/audio/a2dp.c | 6 +
profiles/audio/avctp.c | 7 +
profiles/health/mcap.c | 10 +-
profiles/input/server.c | 10 +
src/adapter.c | 90 ++++++
src/adapter.h | 8 +
src/device.c | 64 +++-
src/device.h | 2 +
src/profile.c | 12 +
src/service.c | 33 ++
src/service.h | 2 +
17 files changed, 971 insertions(+), 2 deletions(-)
create mode 100644 doc/admin-policy-api.txt
create mode 100644 plugins/admin_policy.c
--
2.32.0.402.g57bb445576-goog
From: Yun-Hao Chung <[email protected]>
This implements functions in src/adapter.c and src/device.c for
plugins setting a list of allowed services.
Reviewed-by: Miao-chen Chou <[email protected]>
---
(no changes since v1)
src/adapter.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++
src/adapter.h | 8 +++++
src/device.c | 64 +++++++++++++++++++++++++++++++++++-
src/device.h | 2 ++
4 files changed, 163 insertions(+), 1 deletion(-)
diff --git a/src/adapter.c b/src/adapter.c
index 84bc5a1b09eb..93abaabb0526 100644
--- a/src/adapter.c
+++ b/src/adapter.c
@@ -260,6 +260,8 @@ struct btd_adapter {
struct btd_battery_provider_manager *battery_provider_manager;
+ GHashTable *allowed_uuid_set; /* Set of allowed service UUIDs */
+
gboolean initialized;
GSList *pin_callbacks;
@@ -3480,6 +3482,93 @@ static DBusMessage *connect_device(DBusConnection *conn,
return NULL;
}
+static void update_device_allowed_services(void *data, void *user_data)
+{
+ struct btd_device *device = data;
+
+ btd_device_update_allowed_services(device);
+}
+
+static void add_uuid_to_uuid_set(void *data, void *user_data)
+{
+ bt_uuid_t *uuid = data;
+ GHashTable *uuid_set = user_data;
+
+ if (!uuid) {
+ error("Found NULL in UUID allowed list");
+ return;
+ }
+
+ g_hash_table_add(uuid_set, uuid);
+}
+
+static guint bt_uuid_hash(gconstpointer key)
+{
+ const bt_uuid_t *uuid = key;
+ bt_uuid_t uuid_128;
+ uint64_t *val;
+
+ if (!uuid)
+ return 0;
+
+ bt_uuid_to_uuid128(uuid, &uuid_128);
+ val = (uint64_t *)&uuid_128.value.u128;
+
+ return g_int64_hash(val) ^ g_int64_hash(val+1);
+}
+
+static gboolean bt_uuid_equal(gconstpointer v1, gconstpointer v2)
+{
+ const bt_uuid_t *uuid1 = v1;
+ const bt_uuid_t *uuid2 = v2;
+
+ if (!uuid1 || !uuid2)
+ return !uuid1 && !uuid2;
+
+ return bt_uuid_cmp(uuid1, uuid2) == 0;
+}
+
+bool btd_adapter_set_allowed_uuids(struct btd_adapter *adapter,
+ struct queue *uuids)
+{
+ if (!adapter)
+ return false;
+
+ if (adapter->allowed_uuid_set)
+ g_hash_table_destroy(adapter->allowed_uuid_set);
+
+ adapter->allowed_uuid_set = g_hash_table_new(bt_uuid_hash,
+ bt_uuid_equal);
+ if (!adapter->allowed_uuid_set) {
+ btd_error(adapter->dev_id,
+ "Failed to allocate allowed_uuid_set");
+ return false;
+ }
+
+ queue_foreach(uuids, add_uuid_to_uuid_set, adapter->allowed_uuid_set);
+ g_slist_foreach(adapter->devices, update_device_allowed_services, NULL);
+
+ return true;
+}
+
+bool btd_adapter_is_uuid_allowed(struct btd_adapter *adapter,
+ const char *uuid_str)
+{
+ bt_uuid_t uuid;
+
+ if (!adapter || !adapter->allowed_uuid_set)
+ return true;
+
+ if (bt_string_to_uuid(&uuid, uuid_str)) {
+ btd_error(adapter->dev_id,
+ "Failed to parse UUID string '%s'", uuid_str);
+ return false;
+ }
+
+ return !g_hash_table_size(adapter->allowed_uuid_set) ||
+ g_hash_table_contains(adapter->allowed_uuid_set, &uuid);
+}
+
static const GDBusMethodTable adapter_methods[] = {
{ GDBUS_ASYNC_METHOD("StartDiscovery", NULL, NULL, start_discovery) },
{ GDBUS_METHOD("SetDiscoveryFilter",
@@ -5395,6 +5484,7 @@ static void adapter_free(gpointer user_data)
g_free(adapter->stored_alias);
g_free(adapter->current_alias);
free(adapter->modalias);
+ g_hash_table_destroy(adapter->allowed_uuid_set);
g_free(adapter);
}
diff --git a/src/adapter.h b/src/adapter.h
index 60b5e3bcca34..7cac51451249 100644
--- a/src/adapter.h
+++ b/src/adapter.h
@@ -25,6 +25,7 @@
struct btd_adapter;
struct btd_device;
+struct queue;
struct btd_adapter *btd_adapter_get_default(void);
bool btd_adapter_is_default(struct btd_adapter *adapter);
@@ -97,6 +98,8 @@ void adapter_service_remove(struct btd_adapter *adapter, uint32_t handle);
struct agent *adapter_get_agent(struct btd_adapter *adapter);
+bool btd_adapter_uuid_is_allowed(struct btd_adapter *adapter, const char *uuid);
+
struct btd_adapter *btd_adapter_ref(struct btd_adapter *adapter);
void btd_adapter_unref(struct btd_adapter *adapter);
@@ -240,3 +243,8 @@ enum kernel_features {
};
bool btd_has_kernel_features(uint32_t feature);
+
+bool btd_adapter_set_allowed_uuids(struct btd_adapter *adapter,
+ struct queue *uuids);
+bool btd_adapter_is_uuid_allowed(struct btd_adapter *adapter,
+ const char *uuid_str);
diff --git a/src/device.c b/src/device.c
index faf07ba22270..31ee47cfd8d5 100644
--- a/src/device.c
+++ b/src/device.c
@@ -1929,6 +1929,56 @@ static int service_prio_cmp(gconstpointer a, gconstpointer b)
return p2->priority - p1->priority;
}
+bool btd_device_all_services_allowed(struct btd_device *dev)
+{
+ GSList *l;
+ struct btd_adapter *adapter = dev->adapter;
+ struct btd_service *service;
+ struct btd_profile *profile;
+
+ for (l = dev->services; l != NULL; l = g_slist_next(l)) {
+ service = l->data;
+ profile = btd_service_get_profile(service);
+
+ if (!profile || !profile->auto_connect)
+ continue;
+
+ if (!btd_adapter_is_uuid_allowed(adapter, profile->remote_uuid))
+ return false;
+ }
+
+ return true;
+}
+
+void btd_device_update_allowed_services(struct btd_device *dev)
+{
+ struct btd_adapter *adapter = dev->adapter;
+ struct btd_service *service;
+ struct btd_profile *profile;
+ GSList *l;
+ bool is_allowed;
+ char addr[18];
+
+ /* If service discovery is ongoing, let the service discovery complete
+ * callback call this function.
+ */
+ if (dev->browse) {
+ ba2str(&dev->bdaddr, addr);
+ DBG("service discovery of %s is ongoing. Skip updating allowed "
+ "services", addr);
+ return;
+ }
+
+ for (l = dev->services; l != NULL; l = g_slist_next(l)) {
+ service = l->data;
+ profile = btd_service_get_profile(service);
+
+ is_allowed = btd_adapter_is_uuid_allowed(adapter,
+ profile->remote_uuid);
+ btd_service_set_allowed(service, is_allowed);
+ }
+}
+
static GSList *create_pending_list(struct btd_device *dev, const char *uuid)
{
struct btd_service *service;
@@ -1937,9 +1987,14 @@ static GSList *create_pending_list(struct btd_device *dev, const char *uuid)
if (uuid) {
service = find_connectable_service(dev, uuid);
- if (service)
+
+ if (!service)
+ return dev->pending;
+
+ if (btd_service_is_allowed(service))
return g_slist_prepend(dev->pending, service);
+ info("service %s is blocked", uuid);
return dev->pending;
}
@@ -1950,6 +2005,11 @@ static GSList *create_pending_list(struct btd_device *dev, const char *uuid)
if (!p->auto_connect)
continue;
+ if (!btd_service_is_allowed(service)) {
+ info("service %s is blocked", p->remote_uuid);
+ continue;
+ }
+
if (g_slist_find(dev->pending, service))
continue;
@@ -2633,6 +2693,8 @@ static void device_svc_resolved(struct btd_device *dev, uint8_t browse_type,
dev->svc_callbacks);
g_free(cb);
}
+
+ btd_device_update_allowed_services(dev);
}
static struct bonding_req *bonding_request_new(DBusMessage *msg,
diff --git a/src/device.h b/src/device.h
index 4ae9abe0dbb4..5f615cb4b6b2 100644
--- a/src/device.h
+++ b/src/device.h
@@ -175,5 +175,7 @@ uint32_t btd_device_get_current_flags(struct btd_device *dev);
void btd_device_flags_changed(struct btd_device *dev, uint32_t supported_flags,
uint32_t current_flags);
+bool btd_device_all_services_allowed(struct btd_device *dev);
+void btd_device_update_allowed_services(struct btd_device *dev);
void btd_device_init(void);
void btd_device_cleanup(void);
--
2.32.0.402.g57bb445576-goog
From: Yun-Hao Chung <[email protected]>
Bluez listens for incoming connections for each profile. This patch
ignores them if the service is not allowed by adapter.
Reviewed-by: Miao-chen Chou <[email protected]>
---
Hi maintainers,
In previous work of service_api, it blocks incoming connections by
adding a check in profile authorization callback. This doesn't work for
every profile, since some profile (e.g. health) doesn't need
authorization. This change adds check to each profile. I understand it's
not a very clean solution. Please let me know if you have other
thoughts. Thanks.
The following test steps were performed after enabling admin_policy
plugin:
1. Set ServiceAllowList to ["1234"].
2. Turn on a paired classic keyboard. Verify it can not be connected.
3. Set ServiceAllowList to
["1800","1801","180A","180F","1812"]
4. Turn off and turn on the keyboard. Verift it can be connected.
(no changes since v1)
Makefile.tools | 1 +
profiles/audio/a2dp.c | 6 ++++++
profiles/audio/avctp.c | 7 +++++++
profiles/health/mcap.c | 10 +++++++++-
profiles/input/server.c | 10 ++++++++++
src/profile.c | 12 ++++++++++++
6 files changed, 45 insertions(+), 1 deletion(-)
diff --git a/Makefile.tools b/Makefile.tools
index c836b5984934..55684824fb91 100644
--- a/Makefile.tools
+++ b/Makefile.tools
@@ -235,6 +235,7 @@ tools_btiotest_LDADD = lib/libbluetooth-internal.la $(GLIB_LIBS)
tools_mcaptest_SOURCES = tools/mcaptest.c \
btio/btio.h btio/btio.c \
src/log.c src/log.h \
+ src/adapter.c src/adapter.h \
profiles/health/mcap.h profiles/health/mcap.c
tools_mcaptest_LDADD = lib/libbluetooth-internal.la $(GLIB_LIBS) \
src/libshared-mainloop.la -lrt
diff --git a/profiles/audio/a2dp.c b/profiles/audio/a2dp.c
index 86bc02994f75..73cf210475bd 100644
--- a/profiles/audio/a2dp.c
+++ b/profiles/audio/a2dp.c
@@ -2386,6 +2386,12 @@ static void confirm_cb(GIOChannel *io, gpointer data)
return;
}
+ if (!btd_adapter_is_uuid_allowed(adapter_find(&src),
+ ADVANCED_AUDIO_UUID)) {
+ info("A2DP is not allowed. Ignoring the incoming connection");
+ return;
+ }
+
chan = channel_new(server, device, io);
if (!chan)
goto drop;
diff --git a/profiles/audio/avctp.c b/profiles/audio/avctp.c
index 50de3361818f..044c10d213ac 100644
--- a/profiles/audio/avctp.c
+++ b/profiles/audio/avctp.c
@@ -1587,6 +1587,13 @@ static void avctp_confirm_cb(GIOChannel *chan, gpointer data)
DBG("AVCTP: incoming connect from %s", address);
+ if (!btd_adapter_is_uuid_allowed(adapter_find(&src),
+ AVRCP_REMOTE_UUID)) {
+ info("AVRCP REMOTE is not allowed. "
+ "Ignoring the incoming connection");
+ return;
+ }
+
device = btd_adapter_find_device(adapter_find(&src), &dst,
BDADDR_BREDR);
if (!device)
diff --git a/profiles/health/mcap.c b/profiles/health/mcap.c
index be13af37a0b8..1799d73e6648 100644
--- a/profiles/health/mcap.c
+++ b/profiles/health/mcap.c
@@ -23,8 +23,10 @@
#include <glib.h>
#include "lib/bluetooth.h"
+#include "lib/uuid.h"
#include "bluetooth/l2cap.h"
#include "btio/btio.h"
+#include "src/adapter.h"
#include "src/log.h"
#include "src/shared/timeout.h"
@@ -2010,7 +2012,7 @@ static void connect_mcl_event_cb(GIOChannel *chan, GError *gerr,
{
struct mcap_instance *mi = user_data;
struct mcap_mcl *mcl;
- bdaddr_t dst;
+ bdaddr_t src, dst;
char address[18], srcstr[18];
GError *err = NULL;
@@ -2018,6 +2020,7 @@ static void connect_mcl_event_cb(GIOChannel *chan, GError *gerr,
return;
bt_io_get(chan, &err,
+ BT_IO_OPT_SOURCE_BDADDR, &src,
BT_IO_OPT_DEST_BDADDR, &dst,
BT_IO_OPT_DEST, address,
BT_IO_OPT_INVALID);
@@ -2027,6 +2030,11 @@ static void connect_mcl_event_cb(GIOChannel *chan, GError *gerr,
goto drop;
}
+ if (!btd_adapter_is_uuid_allowed(adapter_find(&src), HDP_UUID)) {
+ info("HID is not allowed. Ignoring the incoming connection");
+ return;
+ }
+
ba2str(&mi->src, srcstr);
mcl = find_mcl(mi->mcls, &dst);
if (mcl) {
diff --git a/profiles/input/server.c b/profiles/input/server.c
index 79cf08a66b38..94d06a383578 100644
--- a/profiles/input/server.c
+++ b/profiles/input/server.c
@@ -156,6 +156,11 @@ static void connect_event_cb(GIOChannel *chan, GError *err, gpointer data)
ba2str(&dst, address);
DBG("Incoming connection from %s on PSM %d", address, psm);
+ if (!btd_adapter_is_uuid_allowed(adapter_find(&src), HID_UUID)) {
+ info("HID is not allowed. Ignoring the incoming connection");
+ return;
+ }
+
ret = input_device_set_channel(&src, &dst, psm, chan);
if (ret == 0)
return;
@@ -234,6 +239,11 @@ static void confirm_event_cb(GIOChannel *chan, gpointer user_data)
return;
}
+ if (!btd_adapter_is_uuid_allowed(adapter_find(&src), HID_UUID)) {
+ info("HID is not allowed. Ignoring the incoming connection");
+ return;
+ }
+
ba2str(&dst, addr);
if (server->confirm) {
diff --git a/src/profile.c b/src/profile.c
index 60d17b6ae657..58500c74746d 100644
--- a/src/profile.c
+++ b/src/profile.c
@@ -1249,6 +1249,11 @@ static void ext_confirm(GIOChannel *io, gpointer user_data)
DBG("incoming connect from %s", addr);
+ if (btd_adapter_is_uuid_allowed(adapter_find(&src), uuid)) {
+ info("UUID %s is not allowed. Igoring the connection", uuid);
+ return;
+ }
+
conn = create_conn(server, io, &src, &dst);
if (conn == NULL)
return;
@@ -1272,6 +1277,7 @@ static void ext_direct_connect(GIOChannel *io, GError *err, gpointer user_data)
struct ext_profile *ext = server->ext;
GError *gerr = NULL;
struct ext_io *conn;
+ const char *uuid = ext->service ? ext->service : ext->uuid;
bdaddr_t src, dst;
bt_io_get(io, &gerr,
@@ -1285,6 +1291,12 @@ static void ext_direct_connect(GIOChannel *io, GError *err, gpointer user_data)
return;
}
+ if (btd_adapter_is_uuid_allowed(adapter_find(&src), ext->uuid)) {
+ info("UUID %s is not allowed. Igoring the connection",
+ ext->uuid);
+ return;
+ }
+
conn = create_conn(server, io, &src, &dst);
if (conn == NULL)
return;
--
2.32.0.402.g57bb445576-goog
From: Yun-Hao Chung <[email protected]>
This adds an initial code for a new plugin admin_policy.
Reviewed-by: Miao-chen Chou <[email protected]>
---
(no changes since v1)
Makefile.plugins | 5 +++++
bootstrap-configure | 1 +
configure.ac | 4 ++++
plugins/admin_policy.c | 30 ++++++++++++++++++++++++++++++
4 files changed, 40 insertions(+)
create mode 100644 plugins/admin_policy.c
diff --git a/Makefile.plugins b/Makefile.plugins
index 4e6a72b0bdf6..b6be0e0d559d 100644
--- a/Makefile.plugins
+++ b/Makefile.plugins
@@ -11,6 +11,11 @@ builtin_sources += plugins/autopair.c
builtin_modules += policy
builtin_sources += plugins/policy.c
+if ADMIN_POLICY
+builtin_modules += admin_policy
+builtin_sources += plugins/admin_policy.c
+endif
+
if NFC
builtin_modules += neard
builtin_sources += plugins/neard.c
diff --git a/bootstrap-configure b/bootstrap-configure
index 0efd83abc2c4..89c0747b0256 100755
--- a/bootstrap-configure
+++ b/bootstrap-configure
@@ -30,4 +30,5 @@ fi
--enable-pie \
--enable-cups \
--enable-library \
+ --enable-admin_policy \
--disable-datafiles $*
diff --git a/configure.ac b/configure.ac
index be32782a641d..53ed8911f95c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -364,6 +364,10 @@ AC_ARG_ENABLE(logger, AC_HELP_STRING([--enable-logger],
[enable HCI logger service]), [enable_logger=${enableval}])
AM_CONDITIONAL(LOGGER, test "${enable_logger}" = "yes")
+AC_ARG_ENABLE(admin_policy, AC_HELP_STRING([--enable-admin_policy],
+ [enable admin policy plugin]), [enable_admin_policy=${enableval}])
+AM_CONDITIONAL(ADMIN_POLICY, test "${enable_admin_policy}" = "yes")
+
if (test "${prefix}" = "NONE"); then
dnl no prefix and no localstatedir, so default to /var
if (test "$localstatedir" = '${prefix}/var'); then
diff --git a/plugins/admin_policy.c b/plugins/admin_policy.c
new file mode 100644
index 000000000000..dd8d8973636f
--- /dev/null
+++ b/plugins/admin_policy.c
@@ -0,0 +1,30 @@
+// SPDX-License-Identifier: LGPL-2.1-or-later
+/*
+ *
+ * BlueZ - Bluetooth protocol stack for Linux
+ *
+ * Copyright (C) 2021 Google LLC
+ *
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include "src/log.h"
+#include "src/plugin.h"
+
+static int admin_policy_init(void)
+{
+ DBG("");
+}
+
+static void admin_policy_exit(void)
+{
+ DBG("");
+}
+
+BLUETOOTH_PLUGIN_DEFINE(admin_policy, VERSION,
+ BLUETOOTH_PLUGIN_PRIORITY_DEFAULT,
+ admin_policy_init, admin_policy_exit)
--
2.32.0.402.g57bb445576-goog
From: Yun-Hao Chung <[email protected]>
This adds property to indicate if a device has any service that is being
blocked by admin policy.
Reviewed-by: Miao-chen Chou <[email protected]>
---
The following test steps were performed:
1. Set ServiceAllowList to []
2. Verify AffectedByPolicy of K830 is False
3. Set ServiceAllowList to
["1800"]
4. Verify AffectedByPolicy of K830 is False
5. Set ServiceAllowList to ["1800","1801","180A","180F","1812"]
6. Verify AffectedByPolicy of K830 is True
(no changes since v1)
plugins/admin_policy.c | 74 ++++++++++++++++++++++++++++++++++++++++--
1 file changed, 72 insertions(+), 2 deletions(-)
diff --git a/plugins/admin_policy.c b/plugins/admin_policy.c
index 73d695ef976b..3ce72b56b529 100644
--- a/plugins/admin_policy.c
+++ b/plugins/admin_policy.c
@@ -47,6 +47,7 @@ static struct btd_admin_policy {
struct device_data {
struct btd_device *device;
char *path;
+ bool affected;
};
static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter)
@@ -140,6 +141,27 @@ static bool service_allowlist_set(struct btd_admin_policy *admin_policy,
return true;
}
+static void update_device_affected(void *data, void *user_data)
+{
+ struct device_data *dev_data = data;
+ bool affected;
+
+ if (!dev_data) {
+ error("Unexpected NULL device_data when updating device");
+ return;
+ }
+
+ affected = !btd_device_all_services_allowed(dev_data->device);
+
+ if (affected == dev_data->affected)
+ return;
+
+ dev_data->affected = affected;
+
+ g_dbus_emit_property_changed(dbus_conn, dev_data->path,
+ ADMIN_POLICY_STATUS_INTERFACE, "AffectedByPolicy");
+}
+
static DBusMessage *set_service_allowlist(DBusConnection *conn,
DBusMessage *msg, void *user_data)
{
@@ -168,6 +190,8 @@ static DBusMessage *set_service_allowlist(DBusConnection *conn,
ADMIN_POLICY_STATUS_INTERFACE,
"ServiceAllowList");
+ queue_foreach(devices, update_device_affected, NULL);
+
return dbus_message_new_method_return(msg);
}
@@ -240,6 +264,29 @@ static bool device_data_match_by_path(const void *a, const void *b)
return strcmp(data->path, b) == 0;
}
+static gboolean property_get_affected_by_policy(
+ const GDBusPropertyTable *property,
+ DBusMessageIter *iter, void *user_data)
+{
+ struct device_data *data = user_data;
+ dbus_bool_t affected;
+
+ if (!data) {
+ error("Unexpected error: device_data is NULL");
+ return FALSE;
+ }
+
+ dbus_message_iter_append_basic(iter, DBUS_TYPE_BOOLEAN,
+ &data->affected);
+
+ return TRUE;
+}
+
+static const GDBusPropertyTable admin_policy_device_properties[] = {
+ { "AffectedByPolicy", "b", property_get_affected_by_policy },
+ { }
+};
+
static void free_device_data(void *data)
{
struct device_data *device_data = data;
@@ -275,11 +322,33 @@ static void add_device_data(struct btd_device *device)
data->device = device;
data->path = g_strdup(device_get_path(device));
+ data->affected = !btd_device_all_services_allowed(data->device);
+
+ if (!g_dbus_register_interface(dbus_conn, data->path,
+ ADMIN_POLICY_STATUS_INTERFACE,
+ NULL, NULL,
+ admin_policy_device_properties,
+ data, remove_device_data)) {
+ btd_error(btd_adapter_get_index(adapter),
+ "Admin Policy Status interface init failed on path %s",
+ device_get_path(device));
+ free_device_data(data);
+ return;
+ }
+
queue_push_tail(devices, data);
DBG("device_data for %s added", data->path);
}
+static void unregister_device_data(void *data, void *user_data)
+{
+ struct device_data *dev_data = data;
+
+ g_dbus_unregister_interface(dbus_conn, dev_data->path,
+ ADMIN_POLICY_STATUS_INTERFACE);
+}
+
static struct btd_device *find_device_by_proxy(GDBusProxy *proxy)
{
const char *path = g_dbus_proxy_get_path(proxy);
@@ -323,7 +392,7 @@ static void object_removed_cb(GDBusProxy *proxy, void *user_data)
data = queue_find(devices, device_data_match_by_path, path);
if (data)
- remove_device_data(data);
+ unregister_device_data(data, NULL);
}
static int admin_policy_adapter_probe(struct btd_adapter *adapter)
@@ -402,7 +471,8 @@ static void admin_policy_exit(void)
DBG("");
btd_unregister_adapter_driver(&admin_policy_driver);
- queue_destroy(devices, free_device_data);
+ queue_foreach(devices, unregister_device_data, NULL);
+ queue_destroy(devices, g_free);
if (policy_data)
admin_policy_free(policy_data);
--
2.32.0.402.g57bb445576-goog
From: Yun-Hao Chung <[email protected]>
This adds code to register interface org.bluez.AdminPolicySet1.
The interface will provide methods to limit users to operate certain
functions of bluez, such as allow/disallow user to taggle adapter power,
or only allow users to connect services in the specified list, etc.
This patch also implements ServiceAllowlist in
org.bluez.AdminPolicySet1.
Reviewed-by: Miao-chen Chou <[email protected]>
---
The following test steps were performed:
1. Set ServiceAllowList to
["1108","110A","110B","110C","110D","110E",
"110F","1112","111E","111F","1203"]
( users are only allowed to connect headset )
2. Turn on paired WF1000XM3, and listen music on Youtube.
3. Turn on paired K830 (LE device), press any key on keyboard.
4. Turn on paired Samsung Bluetooth Keyboard EE-BT550 (BREDR device),
press any key on keyboard.
5. Set ServiceAllowList to
["1124","180A","180F","1812"]
( users are only allowed to connect HID devices )
6. Turn on paired WF1000XM3, and listen music on Youtube.
7. Turn on paired K830 (LE device), press any key on keyboard.
8. Turn on paired Samsung Bluetooth Keyboard EE-BT550 (BREDR device),
press any key on keyboard.
9. Set ServiceAllowList to []
( users are only allowed to connect any device. )
10. Turn on paired WF1000XM3, and listen music on Youtube.
11. Turn on paired K830 (LE device), press any key on keyboard.
12. Turn on paired Samsung Bluetooth Keyboard EE-BT550 (BREDR device),
press any key on keyboard.
Expected results:
Step 2,7,8,9,10,11 should success, and step 3,4,6 should fail.
(no changes since v1)
plugins/admin_policy.c | 123 ++++++++++++++++++++++++++++++++++++++++-
1 file changed, 122 insertions(+), 1 deletion(-)
diff --git a/plugins/admin_policy.c b/plugins/admin_policy.c
index 2ece871564e6..242b8d5dacb0 100644
--- a/plugins/admin_policy.c
+++ b/plugins/admin_policy.c
@@ -12,19 +12,29 @@
#include <config.h>
#endif
+#include <dbus/dbus.h>
+#include <gdbus/gdbus.h>
+
#include "lib/bluetooth.h"
+#include "lib/uuid.h"
#include "src/adapter.h"
+#include "src/dbus-common.h"
#include "src/error.h"
#include "src/log.h"
#include "src/plugin.h"
#include "src/shared/queue.h"
+#define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1"
+
+static DBusConnection *dbus_conn;
+
/* |policy_data| has the same life cycle as btd_adapter */
static struct btd_admin_policy {
struct btd_adapter *adapter;
uint16_t adapter_id;
+ struct queue *service_allowlist;
} *policy_data = NULL;
static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter)
@@ -40,17 +50,116 @@ static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter)
admin_policy->adapter = adapter;
admin_policy->adapter_id = btd_adapter_get_index(adapter);
+ admin_policy->service_allowlist = NULL;
return admin_policy;
}
+static void free_service_allowlist(struct queue *q)
+{
+ queue_destroy(q, g_free);
+}
+
static void admin_policy_free(void *data)
{
struct btd_admin_policy *admin_policy = data;
+ free_service_allowlist(admin_policy->service_allowlist);
g_free(admin_policy);
}
+static struct queue *parse_allow_service_list(struct btd_adapter *adapter,
+ DBusMessage *msg)
+{
+ DBusMessageIter iter, arr_iter;
+ struct queue *uuid_list = NULL;
+
+ dbus_message_iter_init(msg, &iter);
+ if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_ARRAY)
+ return NULL;
+
+ uuid_list = queue_new();
+ dbus_message_iter_recurse(&iter, &arr_iter);
+ do {
+ const int type = dbus_message_iter_get_arg_type(&arr_iter);
+ char *uuid_param;
+ bt_uuid_t *uuid;
+
+ if (type == DBUS_TYPE_INVALID)
+ break;
+
+ if (type != DBUS_TYPE_STRING)
+ goto failed;
+
+ dbus_message_iter_get_basic(&arr_iter, &uuid_param);
+
+ uuid = g_try_malloc(sizeof(*uuid));
+ if (!uuid)
+ goto failed;
+
+ if (bt_string_to_uuid(uuid, uuid_param)) {
+ g_free(uuid);
+ goto failed;
+ }
+
+ queue_push_head(uuid_list, uuid);
+
+ dbus_message_iter_next(&arr_iter);
+ } while (true);
+
+ return uuid_list;
+
+failed:
+ queue_destroy(uuid_list, g_free);
+ return NULL;
+}
+
+static bool service_allowlist_set(struct btd_admin_policy *admin_policy,
+ struct queue *uuid_list)
+{
+ struct btd_adapter *adapter = admin_policy->adapter;
+
+ if (!btd_adapter_set_allowed_uuids(adapter, uuid_list))
+ return false;
+
+ free_service_allowlist(admin_policy->service_allowlist);
+ admin_policy->service_allowlist = uuid_list;
+
+ return true;
+}
+
+static DBusMessage *set_service_allowlist(DBusConnection *conn,
+ DBusMessage *msg, void *user_data)
+{
+ struct btd_admin_policy *admin_policy = user_data;
+ struct btd_adapter *adapter = admin_policy->adapter;
+ struct queue *uuid_list = NULL;
+ const char *sender = dbus_message_get_sender(msg);
+
+ DBG("sender %s", sender);
+
+ /* Parse parameters */
+ uuid_list = parse_allow_service_list(adapter, msg);
+ if (!uuid_list) {
+ btd_error(admin_policy->adapter_id,
+ "Failed on parsing allowed service list");
+ return btd_error_invalid_args(msg);
+ }
+
+ if (!service_allowlist_set(admin_policy, uuid_list)) {
+ free_service_allowlist(uuid_list);
+ return btd_error_failed(msg, "service_allowlist_set failed");
+ }
+
+ return dbus_message_new_method_return(msg);
+}
+
+static const GDBusMethodTable admin_policy_adapter_methods[] = {
+ { GDBUS_METHOD("SetServiceAllowList", GDBUS_ARGS({ "UUIDs", "as" }),
+ NULL, set_service_allowlist) },
+ { }
+};
+
static int admin_policy_adapter_probe(struct btd_adapter *adapter)
{
if (policy_data) {
@@ -64,8 +173,18 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter)
if (!policy_data)
return -ENOMEM;
- btd_info(policy_data->adapter_id, "Admin Policy has been enabled");
+ if (!g_dbus_register_interface(dbus_conn, adapter_get_path(adapter),
+ ADMIN_POLICY_SET_INTERFACE,
+ admin_policy_adapter_methods, NULL,
+ NULL, policy_data, admin_policy_free)) {
+ btd_error(policy_data->adapter_id,
+ "Admin Policy Set interface init failed on path %s",
+ adapter_get_path(adapter));
+ return -EINVAL;
+ }
+ btd_info(policy_data->adapter_id,
+ "Admin Policy Set interface registered");
return 0;
}
@@ -79,6 +198,8 @@ static int admin_policy_init(void)
{
DBG("");
+ dbus_conn = btd_get_dbus_connection();
+
return btd_register_adapter_driver(&admin_policy_driver);
}
--
2.32.0.402.g57bb445576-goog
From: Yun-Hao Chung <[email protected]>
This adds an D-BUS client to listen for DeviceAdd and DeviceRemove. It
is necessary for implementation of "AffectedByPolicy" property since it
needs to register an interface for each device object and unregister it
once the device gets removed.
Reviewed-by: Miao-chen Chou <[email protected]>
---
The following test steps were performed:
1. start discovery using UI
2. verify device_data were added by checking system log
3. stop discovery
4. verify device_data were removed after a few seconds by checking
system log
(no changes since v1)
plugins/admin_policy.c | 154 +++++++++++++++++++++++++++++++++++++++--
1 file changed, 150 insertions(+), 4 deletions(-)
diff --git a/plugins/admin_policy.c b/plugins/admin_policy.c
index 270d42366cd6..73d695ef976b 100644
--- a/plugins/admin_policy.c
+++ b/plugins/admin_policy.c
@@ -20,6 +20,7 @@
#include "src/adapter.h"
#include "src/dbus-common.h"
+#include "src/device.h"
#include "src/error.h"
#include "src/log.h"
#include "src/plugin.h"
@@ -29,7 +30,12 @@
#define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1"
#define ADMIN_POLICY_STATUS_INTERFACE "org.bluez.AdminPolicyStatus1"
+#define DBUS_BLUEZ_SERVICE "org.bluez"
+#define BTD_DEVICE_INTERFACE "org.bluez.Device1"
+
static DBusConnection *dbus_conn;
+static GDBusClient *dbus_client;
+static struct queue *devices; /* List of struct device_data objects */
/* |policy_data| has the same life cycle as btd_adapter */
static struct btd_admin_policy {
@@ -38,6 +44,11 @@ static struct btd_admin_policy {
struct queue *service_allowlist;
} *policy_data = NULL;
+struct device_data {
+ struct btd_device *device;
+ char *path;
+};
+
static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter)
{
struct btd_admin_policy *admin_policy = NULL;
@@ -203,8 +214,122 @@ static const GDBusPropertyTable admin_policy_adapter_properties[] = {
{ }
};
+static bool device_data_match(const void *a, const void *b)
+{
+ const struct device_data *data = a;
+ const struct btd_device *dev = b;
+
+ if (!data) {
+ error("Unexpected NULL device_data");
+ return false;
+ }
+
+ return data->device == dev;
+}
+
+static bool device_data_match_by_path(const void *a, const void *b)
+{
+ const struct device_data *data = a;
+ const char *path = b;
+
+ if (!data) {
+ error("Unexpected NULL device_data");
+ return false;
+ }
+
+ return strcmp(data->path, b) == 0;
+}
+
+static void free_device_data(void *data)
+{
+ struct device_data *device_data = data;
+
+ g_free(device_data->path);
+ g_free(device_data);
+}
+
+static void remove_device_data(void *data)
+{
+ struct device_data *device_data = data;
+
+ DBG("device_data for %s removing", device_data->path);
+
+ queue_remove(devices, device_data);
+ free_device_data(device_data);
+}
+
+static void add_device_data(struct btd_device *device)
+{
+ struct btd_adapter *adapter = device_get_adapter(device);
+ struct device_data *data;
+
+ if (queue_find(devices, device_data_match, device))
+ return;
+
+ data = g_new0(struct device_data, 1);
+ if (!data) {
+ btd_error(btd_adapter_get_index(adapter),
+ "Failed to allocate memory for device_data");
+ return;
+ }
+
+ data->device = device;
+ data->path = g_strdup(device_get_path(device));
+ queue_push_tail(devices, data);
+
+ DBG("device_data for %s added", data->path);
+}
+
+static struct btd_device *find_device_by_proxy(GDBusProxy *proxy)
+{
+ const char *path = g_dbus_proxy_get_path(proxy);
+ const char *iface = g_dbus_proxy_get_interface(proxy);
+ struct btd_device *device;
+
+ if (strcmp(iface, BTD_DEVICE_INTERFACE) != 0)
+ return NULL;
+
+ device = btd_adapter_find_device_by_path(policy_data->adapter, path);
+
+ if (!device) {
+ btd_warn(adapter_get_path(policy_data->adapter),
+ "Device path %s is not found", path);
+ }
+
+ return device;
+}
+
+static void object_added_cb(GDBusProxy *proxy, void *user_data)
+{
+ struct btd_device *device;
+
+ device = find_device_by_proxy(proxy);
+
+ if (!device)
+ return;
+
+ add_device_data(device);
+}
+
+static void object_removed_cb(GDBusProxy *proxy, void *user_data)
+{
+ const char *path = g_dbus_proxy_get_path(proxy);
+ const char *iface = g_dbus_proxy_get_interface(proxy);
+ struct device_data *data;
+
+ if (strcmp(iface, BTD_DEVICE_INTERFACE) != 0)
+ return;
+
+ data = queue_find(devices, device_data_match_by_path, path);
+
+ if (data)
+ remove_device_data(data);
+}
+
static int admin_policy_adapter_probe(struct btd_adapter *adapter)
{
+ const char *adapter_path;
+
if (policy_data) {
btd_warn(policy_data->adapter_id,
"Policy data already exists");
@@ -216,33 +341,43 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter)
if (!policy_data)
return -ENOMEM;
- if (!g_dbus_register_interface(dbus_conn, adapter_get_path(adapter),
+ adapter_path = adapter_get_path(adapter);
+
+ if (!g_dbus_register_interface(dbus_conn, adapter_path,
ADMIN_POLICY_SET_INTERFACE,
admin_policy_adapter_methods, NULL,
NULL, policy_data, admin_policy_free)) {
btd_error(policy_data->adapter_id,
"Admin Policy Set interface init failed on path %s",
- adapter_get_path(adapter));
+ adapter_path);
return -EINVAL;
}
btd_info(policy_data->adapter_id,
"Admin Policy Set interface registered");
- if (!g_dbus_register_interface(dbus_conn, adapter_get_path(adapter),
+ if (!g_dbus_register_interface(dbus_conn, adapter_path,
ADMIN_POLICY_STATUS_INTERFACE,
NULL, NULL,
admin_policy_adapter_properties,
policy_data, admin_policy_free)) {
btd_error(policy_data->adapter_id,
"Admin Policy Status interface init failed on path %s",
- adapter_get_path(adapter));
+ adapter_path);
return -EINVAL;
}
btd_info(policy_data->adapter_id,
"Admin Policy Status interface registered");
+ dbus_client = g_dbus_client_new(dbus_conn, DBUS_BLUEZ_SERVICE,
+ adapter_path);
+
+ g_dbus_client_set_proxy_handlers(dbus_client, object_added_cb,
+ object_removed_cb, NULL, NULL);
+
+ g_dbus_client_set_ready_watch(dbus_client, NULL, NULL);
+
return 0;
}
@@ -257,6 +392,7 @@ static int admin_policy_init(void)
DBG("");
dbus_conn = btd_get_dbus_connection();
+ devices = queue_new();
return btd_register_adapter_driver(&admin_policy_driver);
}
@@ -266,9 +402,19 @@ static void admin_policy_exit(void)
DBG("");
btd_unregister_adapter_driver(&admin_policy_driver);
+ queue_destroy(devices, free_device_data);
if (policy_data)
admin_policy_free(policy_data);
+
+ if (dbus_client) {
+ g_dbus_client_set_disconnect_watch(dbus_client, NULL, NULL);
+ g_dbus_client_set_proxy_handlers(dbus_client, NULL, NULL, NULL,
+ NULL);
+ g_dbus_client_set_ready_watch(dbus_client, NULL, NULL);
+ g_dbus_client_unref(dbus_client);
+ dbus_client = NULL;
+ }
}
BLUETOOTH_PLUGIN_DEFINE(admin_policy, VERSION,
--
2.32.0.402.g57bb445576-goog
From: Yun-Hao Chung <[email protected]>
This adds code to register interface org.bluez.AdminPolicyStatus.
The interface will provide read-only properties to indicate the current
settings of admin policies. We separate this from AdminPolicySet so that
normal clients can check current policy settings while only a few
clients can change policies.
This patch also adds readonly property ServiceAllowlist to
AdminPolicyStatus1, which indicates the current setting of service
allowlist.
Reviewed-by: Miao-chen Chou <[email protected]>
---
The following test steps were performed:
1. Set ServiceAllowList to ["1124","180A","180F","1812"]
2. Verify ServiceAllowList is ["1124","180A","180F","1812"] in UUID-128
form
3. Set ServiceAllowList to []
4. Verify ServiceAllowList is []
(no changes since v1)
plugins/admin_policy.c | 58 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 58 insertions(+)
diff --git a/plugins/admin_policy.c b/plugins/admin_policy.c
index 242b8d5dacb0..270d42366cd6 100644
--- a/plugins/admin_policy.c
+++ b/plugins/admin_policy.c
@@ -27,6 +27,7 @@
#include "src/shared/queue.h"
#define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1"
+#define ADMIN_POLICY_STATUS_INTERFACE "org.bluez.AdminPolicyStatus1"
static DBusConnection *dbus_conn;
@@ -151,6 +152,11 @@ static DBusMessage *set_service_allowlist(DBusConnection *conn,
return btd_error_failed(msg, "service_allowlist_set failed");
}
+ g_dbus_emit_property_changed(dbus_conn,
+ adapter_get_path(policy_data->adapter),
+ ADMIN_POLICY_STATUS_INTERFACE,
+ "ServiceAllowList");
+
return dbus_message_new_method_return(msg);
}
@@ -160,6 +166,43 @@ static const GDBusMethodTable admin_policy_adapter_methods[] = {
{ }
};
+void append_service_uuid(void *data, void *user_data)
+{
+ bt_uuid_t *uuid = data;
+ DBusMessageIter *entry = user_data;
+ char uuid_str[MAX_LEN_UUID_STR];
+ const char *uuid_str_ptr = uuid_str;
+
+ if (!uuid) {
+ error("Unexpected NULL uuid data in service_allowlist");
+ return;
+ }
+
+ bt_uuid_to_string(uuid, uuid_str, MAX_LEN_UUID_STR);
+ dbus_message_iter_append_basic(entry, DBUS_TYPE_STRING, &uuid_str_ptr);
+}
+
+static gboolean property_get_service_allowlist(
+ const GDBusPropertyTable *property,
+ DBusMessageIter *iter, void *user_data)
+{
+ struct btd_admin_policy *admin_policy = user_data;
+ DBusMessageIter entry;
+
+ dbus_message_iter_open_container(iter, DBUS_TYPE_ARRAY,
+ DBUS_TYPE_STRING_AS_STRING, &entry);
+ queue_foreach(admin_policy->service_allowlist, append_service_uuid,
+ &entry);
+ dbus_message_iter_close_container(iter, &entry);
+
+ return TRUE;
+}
+
+static const GDBusPropertyTable admin_policy_adapter_properties[] = {
+ { "ServiceAllowList", "as", property_get_service_allowlist },
+ { }
+};
+
static int admin_policy_adapter_probe(struct btd_adapter *adapter)
{
if (policy_data) {
@@ -185,6 +228,21 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter)
btd_info(policy_data->adapter_id,
"Admin Policy Set interface registered");
+
+ if (!g_dbus_register_interface(dbus_conn, adapter_get_path(adapter),
+ ADMIN_POLICY_STATUS_INTERFACE,
+ NULL, NULL,
+ admin_policy_adapter_properties,
+ policy_data, admin_policy_free)) {
+ btd_error(policy_data->adapter_id,
+ "Admin Policy Status interface init failed on path %s",
+ adapter_get_path(adapter));
+ return -EINVAL;
+ }
+
+ btd_info(policy_data->adapter_id,
+ "Admin Policy Status interface registered");
+
return 0;
}
--
2.32.0.402.g57bb445576-goog
From: Yun-Hao Chung <[email protected]>
This adds code to store the ServiceAllowlist to file
/var/lib/bluetooth/{MAC_ADDR}/admin_policy
The stored settings will be loaded upon admin_policy initialized.
Reviewed-by: Miao-chen Chou <[email protected]>
---
The following test steps were performed:
1. Set ServiceAllowlist to ["1124","180A","180F","1812", "1801"]
2. restart bluetoothd
3. Verify ServiceAllowlist is ["1124","180A","180F","1812","1801"] in
UUID-128 form
4. Set ServiceAllowlist to []
5. restart bluetoothd
6. Verify ServiceAllowlist is []
(no changes since v1)
plugins/admin_policy.c | 163 ++++++++++++++++++++++++++++++++++++++++-
1 file changed, 162 insertions(+), 1 deletion(-)
diff --git a/plugins/admin_policy.c b/plugins/admin_policy.c
index 3ce72b56b529..3a55d97b3b4d 100644
--- a/plugins/admin_policy.c
+++ b/plugins/admin_policy.c
@@ -14,6 +14,8 @@
#include <dbus/dbus.h>
#include <gdbus/gdbus.h>
+#include <sys/file.h>
+#include <sys/stat.h>
#include "lib/bluetooth.h"
#include "lib/uuid.h"
@@ -24,11 +26,13 @@
#include "src/error.h"
#include "src/log.h"
#include "src/plugin.h"
+#include "src/textfile.h"
#include "src/shared/queue.h"
#define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1"
#define ADMIN_POLICY_STATUS_INTERFACE "org.bluez.AdminPolicyStatus1"
+#define ADMIN_POLICY_STORAGE STORAGEDIR "/admin_policy_settings"
#define DBUS_BLUEZ_SERVICE "org.bluez"
#define BTD_DEVICE_INTERFACE "org.bluez.Device1"
@@ -162,6 +166,8 @@ static void update_device_affected(void *data, void *user_data)
ADMIN_POLICY_STATUS_INTERFACE, "AffectedByPolicy");
}
+static void store_policy_settings(struct btd_admin_policy *admin_policy);
+
static DBusMessage *set_service_allowlist(DBusConnection *conn,
DBusMessage *msg, void *user_data)
{
@@ -180,7 +186,9 @@ static DBusMessage *set_service_allowlist(DBusConnection *conn,
return btd_error_invalid_args(msg);
}
- if (!service_allowlist_set(admin_policy, uuid_list)) {
+ if (service_allowlist_set(admin_policy, uuid_list)) {
+ store_policy_settings(admin_policy);
+ } else {
free_service_allowlist(uuid_list);
return btd_error_failed(msg, "service_allowlist_set failed");
}
@@ -238,6 +246,158 @@ static const GDBusPropertyTable admin_policy_adapter_properties[] = {
{ }
};
+static void free_uuid_strings(char **uuid_strs, int num)
+{
+ gsize i;
+
+ for (i = 0; i < num; i++)
+ g_free(uuid_strs[i]);
+ g_free(uuid_strs);
+}
+
+static char **new_uuid_strings(struct queue *allowlist, gsize *num)
+{
+ const struct queue_entry *entry = NULL;
+ bt_uuid_t *uuid = NULL;
+ char **uuid_strs = NULL;
+ gsize i = 0, allowlist_num;
+
+ allowlist_num = queue_length(allowlist);
+ uuid_strs = g_try_malloc_n(allowlist_num, sizeof(char *));
+ if (!uuid_strs)
+ return NULL;
+
+ for (entry = queue_get_entries(allowlist); entry != NULL;
+ entry = entry->next) {
+ uuid = entry->data;
+ uuid_strs[i] = g_try_malloc0(MAX_LEN_UUID_STR * sizeof(char));
+
+ if (!uuid_strs[i])
+ goto failed;
+
+ bt_uuid_to_string(uuid, uuid_strs[i], MAX_LEN_UUID_STR);
+ i++;
+ }
+
+ *num = allowlist_num;
+ return uuid_strs;
+
+failed:
+ free_uuid_strings(uuid_strs, i);
+
+ return NULL;
+}
+
+static void store_policy_settings(struct btd_admin_policy *admin_policy)
+{
+ GKeyFile *key_file = NULL;
+ char *filename = ADMIN_POLICY_STORAGE;
+ char *key_file_data = NULL;
+ char **uuid_strs = NULL;
+ gsize length, num_uuids;
+
+ key_file = g_key_file_new();
+
+ if (num_uuids) {
+ uuid_strs = new_uuid_strings(admin_policy->service_allowlist,
+ &num_uuids);
+ }
+
+ if (!uuid_strs && num_uuids) {
+ btd_error(admin_policy->adapter_id,
+ "Failed to allocate uuid strings");
+ goto failed;
+ }
+
+ g_key_file_set_string_list(key_file, "General", "ServiceAllowlist",
+ (const gchar * const *)uuid_strs,
+ num_uuids);
+
+ if (create_file(ADMIN_POLICY_STORAGE, 0600) < 0) {
+ btd_error(admin_policy->adapter_id, "create %s failed, %s",
+ filename, strerror(errno));
+ goto failed;
+ }
+
+ key_file_data = g_key_file_to_data(key_file, &length, NULL);
+ g_file_set_contents(ADMIN_POLICY_STORAGE, key_file_data, length, NULL);
+
+ g_free(key_file_data);
+ free_uuid_strings(uuid_strs, num_uuids);
+
+failed:
+ g_key_file_free(key_file);
+}
+
+static void key_file_load_service_allowlist(GKeyFile *key_file,
+ struct btd_admin_policy *admin_policy)
+{
+ GError *gerr = NULL;
+ struct queue *uuid_list = NULL;
+ gchar **uuids = NULL;
+ gsize num, i;
+
+ uuids = g_key_file_get_string_list(key_file, "General",
+ "ServiceAllowlist", &num, &gerr);
+
+ if (gerr) {
+ btd_error(admin_policy->adapter_id,
+ "Failed to load ServiceAllowlist");
+ g_error_free(gerr);
+ return;
+ }
+
+ uuid_list = queue_new();
+ for (i = 0; i < num; i++) {
+ bt_uuid_t *uuid = g_try_malloc(sizeof(*uuid));
+
+ if (!uuid)
+ goto failed;
+
+ if (bt_string_to_uuid(uuid, *uuids)) {
+
+ btd_error(admin_policy->adapter_id,
+ "Failed to convert '%s' to uuid struct",
+ *uuids);
+
+ g_free(uuid);
+ goto failed;
+ }
+
+ queue_push_tail(uuid_list, uuid);
+ uuids++;
+ }
+
+ if (!service_allowlist_set(admin_policy, uuid_list))
+ goto failed;
+
+ return;
+failed:
+ free_service_allowlist(uuid_list);
+}
+
+static void load_policy_settings(struct btd_admin_policy *admin_policy)
+{
+ GKeyFile *key_file;
+ char *filename = ADMIN_POLICY_STORAGE;
+ struct stat st;
+
+ if (stat(filename, &st) < 0) {
+ btd_error(admin_policy->adapter_id,
+ "Failed to get file %s information",
+ filename);
+ return;
+ }
+
+ key_file = g_key_file_new();
+
+ g_key_file_load_from_file(key_file, filename, 0, NULL);
+
+ key_file_load_service_allowlist(key_file, admin_policy);
+
+ g_key_file_free(key_file);
+}
+
static bool device_data_match(const void *a, const void *b)
{
const struct device_data *data = a;
@@ -410,6 +570,7 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter)
if (!policy_data)
return -ENOMEM;
+ load_policy_settings(policy_data);
adapter_path = adapter_get_path(adapter);
if (!g_dbus_register_interface(dbus_conn, adapter_path,
--
2.32.0.402.g57bb445576-goog
From: Yun-Hao Chung <[email protected]>
This adds code to register admin_policy driver to adapter when
admin_policy plugin is enabled.
The following test steps were performed:
1. restart bluetoothd
2. check if "Admin Policy is enabled" in system log
Reviewed-by: Miao-chen Chou <[email protected]>
---
(no changes since v1)
plugins/admin_policy.c | 67 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 67 insertions(+)
diff --git a/plugins/admin_policy.c b/plugins/admin_policy.c
index dd8d8973636f..2ece871564e6 100644
--- a/plugins/admin_policy.c
+++ b/plugins/admin_policy.c
@@ -12,17 +12,84 @@
#include <config.h>
#endif
+#include "lib/bluetooth.h"
+
+#include "src/adapter.h"
+#include "src/error.h"
#include "src/log.h"
#include "src/plugin.h"
+#include "src/shared/queue.h"
+
+/* |policy_data| has the same life cycle as btd_adapter */
+static struct btd_admin_policy {
+ struct btd_adapter *adapter;
+ uint16_t adapter_id;
+} *policy_data = NULL;
+
+static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter)
+{
+ struct btd_admin_policy *admin_policy = NULL;
+
+ admin_policy = g_try_malloc(sizeof(*admin_policy));
+ if (!admin_policy) {
+ btd_error(btd_adapter_get_index(adapter),
+ "Failed to allocate memory for admin_policy");
+ return NULL;
+ }
+
+ admin_policy->adapter = adapter;
+ admin_policy->adapter_id = btd_adapter_get_index(adapter);
+
+ return admin_policy;
+}
+
+static void admin_policy_free(void *data)
+{
+ struct btd_admin_policy *admin_policy = data;
+
+ g_free(admin_policy);
+}
+
+static int admin_policy_adapter_probe(struct btd_adapter *adapter)
+{
+ if (policy_data) {
+ btd_warn(policy_data->adapter_id,
+ "Policy data already exists");
+ admin_policy_free(policy_data);
+ policy_data = NULL;
+ }
+
+ policy_data = admin_policy_new(adapter);
+ if (!policy_data)
+ return -ENOMEM;
+
+ btd_info(policy_data->adapter_id, "Admin Policy has been enabled");
+
+ return 0;
+}
+
+static struct btd_adapter_driver admin_policy_driver = {
+ .name = "admin_policy",
+ .probe = admin_policy_adapter_probe,
+ .resume = NULL,
+};
+
static int admin_policy_init(void)
{
DBG("");
+
+ return btd_register_adapter_driver(&admin_policy_driver);
}
static void admin_policy_exit(void)
{
DBG("");
+
+ btd_unregister_adapter_driver(&admin_policy_driver);
+
+ if (policy_data)
+ admin_policy_free(policy_data);
}
BLUETOOTH_PLUGIN_DEFINE(admin_policy, VERSION,
--
2.32.0.402.g57bb445576-goog
From: Yun-Hao Chung <[email protected]>
This adds admin-pocliy-api.txt.
Reviewed-by: Miao-chen Chou <[email protected]>
---
(no changes since v1)
doc/admin-policy-api.txt | 65 ++++++++++++++++++++++++++++++++++++++++
1 file changed, 65 insertions(+)
create mode 100644 doc/admin-policy-api.txt
diff --git a/doc/admin-policy-api.txt b/doc/admin-policy-api.txt
new file mode 100644
index 000000000000..3f116901dbd7
--- /dev/null
+++ b/doc/admin-policy-api.txt
@@ -0,0 +1,65 @@
+BlueZ D-Bus Admin Policy API description
+***********************************
+
+This API provides methods to control the behavior of bluez as an administrator.
+
+Interface AdminPolicySet1 provides methods to set policies. Once the policy is
+set successfully, it will affect all clients and stay persistently even after
+restarting Bluetooth Daemon. The only way to clear it is to overwrite the
+policy with the same method.
+
+Interface AdminPolicyStatus1 provides readonly properties to indicate the
+current values of admin policy.
+
+
+Admin Policy Set hierarchy
+=================
+
+Service org.bluez
+Interface org.bluez.AdminPolicySet1
+Object path [variable prefix]/{hci0,hci1,...}
+
+Methods void SetServiceAllowList(array{string} UUIDs)
+
+ This method sets the service allowlist by specifying
+ service UUIDs.
+
+ When SetServiceAllowList is called, bluez will block
+ incoming and outgoing connections to the service not in
+ UUIDs for all of the clients.
+
+ Any subsequent calls to this method will supersede any
+ previously set allowlist values. Calling this method
+ with an empty array will allow any service UUIDs to be
+ used.
+
+ The default value is an empty array.
+
+ Possible errors: org.bluez.Error.InvalidArguments
+ org.bluez.Error.Failed
+
+
+Admin Policy Status hierarchy
+=================
+
+Service org.bluez
+Interface org.bluez.AdminPolicyStatus1
+Object path [variable prefix]/{hci0,hci1,...}
+
+Properties array{string} ServiceAllowList [readonly]
+
+ Current value of service allow list.
+
+
+
+Admin Policy Status hierarchy
+=================
+
+Service org.bluez
+Interface org.bluez.AdminPolicyStatus1
+Object path [variable prefix]/{hci0,hci1,...}/dev_XX_XX_XX_XX_XX_XX
+
+Properties bool IsAffectedByPolicy [readonly]
+
+ Indicate if there is any auto-connect profile in this
+ device is not allowed by admin policy.
--
2.32.0.402.g57bb445576-goog
Hi Howard,
On Thu, Jul 22, 2021 at 12:23 AM Howard Chung <[email protected]> wrote:
>
> From: Yun-Hao Chung <[email protected]>
>
> This adds an initial code for a new plugin admin_policy.
>
> Reviewed-by: Miao-chen Chou <[email protected]>
> ---
>
> (no changes since v1)
>
> Makefile.plugins | 5 +++++
> bootstrap-configure | 1 +
> configure.ac | 4 ++++
> plugins/admin_policy.c | 30 ++++++++++++++++++++++++++++++
> 4 files changed, 40 insertions(+)
> create mode 100644 plugins/admin_policy.c
>
> diff --git a/Makefile.plugins b/Makefile.plugins
> index 4e6a72b0bdf6..b6be0e0d559d 100644
> --- a/Makefile.plugins
> +++ b/Makefile.plugins
> @@ -11,6 +11,11 @@ builtin_sources += plugins/autopair.c
> builtin_modules += policy
> builtin_sources += plugins/policy.c
>
> +if ADMIN_POLICY
> +builtin_modules += admin_policy
> +builtin_sources += plugins/admin_policy.c
> +endif
> +
> if NFC
> builtin_modules += neard
> builtin_sources += plugins/neard.c
> diff --git a/bootstrap-configure b/bootstrap-configure
> index 0efd83abc2c4..89c0747b0256 100755
> --- a/bootstrap-configure
> +++ b/bootstrap-configure
> @@ -30,4 +30,5 @@ fi
> --enable-pie \
> --enable-cups \
> --enable-library \
> + --enable-admin_policy \
Let have this as --enable-admin-plugin
> --disable-datafiles $*
> diff --git a/configure.ac b/configure.ac
> index be32782a641d..53ed8911f95c 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -364,6 +364,10 @@ AC_ARG_ENABLE(logger, AC_HELP_STRING([--enable-logger],
> [enable HCI logger service]), [enable_logger=${enableval}])
> AM_CONDITIONAL(LOGGER, test "${enable_logger}" = "yes")
>
> +AC_ARG_ENABLE(admin_policy, AC_HELP_STRING([--enable-admin_policy],
> + [enable admin policy plugin]), [enable_admin_policy=${enableval}])
> +AM_CONDITIONAL(ADMIN_POLICY, test "${enable_admin_policy}" = "yes")
> +
> if (test "${prefix}" = "NONE"); then
> dnl no prefix and no localstatedir, so default to /var
> if (test "$localstatedir" = '${prefix}/var'); then
> diff --git a/plugins/admin_policy.c b/plugins/admin_policy.c
> new file mode 100644
> index 000000000000..dd8d8973636f
> --- /dev/null
> +++ b/plugins/admin_policy.c
> @@ -0,0 +1,30 @@
> +// SPDX-License-Identifier: LGPL-2.1-or-later
> +/*
> + *
> + * BlueZ - Bluetooth protocol stack for Linux
> + *
> + * Copyright (C) 2021 Google LLC
> + *
> + *
> + */
> +
> +#ifdef HAVE_CONFIG_H
> +#include <config.h>
> +#endif
> +
> +#include "src/log.h"
> +#include "src/plugin.h"
> +
> +static int admin_policy_init(void)
> +{
> + DBG("");
> +}
> +
> +static void admin_policy_exit(void)
> +{
> + DBG("");
> +}
> +
> +BLUETOOTH_PLUGIN_DEFINE(admin_policy, VERSION,
> + BLUETOOTH_PLUGIN_PRIORITY_DEFAULT,
> + admin_policy_init, admin_policy_exit)
Let's have it as just admin, since you can have multiple drivers
registered by the same plugin you just have to name the driver as
admin-policy that way it is simpler to extend if we found other uses
for the plugin.
> --
> 2.32.0.402.g57bb445576-goog
>
--
Luiz Augusto von Dentz
Hi Howard,
On Thu, Jul 22, 2021 at 12:23 AM Howard Chung <[email protected]> wrote:
>
> From: Yun-Hao Chung <[email protected]>
>
> This adds an D-BUS client to listen for DeviceAdd and DeviceRemove. It
> is necessary for implementation of "AffectedByPolicy" property since it
> needs to register an interface for each device object and unregister it
> once the device gets removed.
>
> Reviewed-by: Miao-chen Chou <[email protected]>
> ---
> The following test steps were performed:
> 1. start discovery using UI
> 2. verify device_data were added by checking system log
> 3. stop discovery
> 4. verify device_data were removed after a few seconds by checking
> system log
>
> (no changes since v1)
>
> plugins/admin_policy.c | 154 +++++++++++++++++++++++++++++++++++++++--
> 1 file changed, 150 insertions(+), 4 deletions(-)
>
> diff --git a/plugins/admin_policy.c b/plugins/admin_policy.c
> index 270d42366cd6..73d695ef976b 100644
> --- a/plugins/admin_policy.c
> +++ b/plugins/admin_policy.c
> @@ -20,6 +20,7 @@
>
> #include "src/adapter.h"
> #include "src/dbus-common.h"
> +#include "src/device.h"
> #include "src/error.h"
> #include "src/log.h"
> #include "src/plugin.h"
> @@ -29,7 +30,12 @@
> #define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1"
> #define ADMIN_POLICY_STATUS_INTERFACE "org.bluez.AdminPolicyStatus1"
>
> +#define DBUS_BLUEZ_SERVICE "org.bluez"
> +#define BTD_DEVICE_INTERFACE "org.bluez.Device1"
> +
> static DBusConnection *dbus_conn;
> +static GDBusClient *dbus_client;
> +static struct queue *devices; /* List of struct device_data objects */
>
> /* |policy_data| has the same life cycle as btd_adapter */
> static struct btd_admin_policy {
> @@ -38,6 +44,11 @@ static struct btd_admin_policy {
> struct queue *service_allowlist;
> } *policy_data = NULL;
>
> +struct device_data {
> + struct btd_device *device;
> + char *path;
> +};
> +
> static struct btd_admin_policy *admin_policy_new(struct btd_adapter *adapter)
> {
> struct btd_admin_policy *admin_policy = NULL;
> @@ -203,8 +214,122 @@ static const GDBusPropertyTable admin_policy_adapter_properties[] = {
> { }
> };
>
> +static bool device_data_match(const void *a, const void *b)
> +{
> + const struct device_data *data = a;
> + const struct btd_device *dev = b;
> +
> + if (!data) {
> + error("Unexpected NULL device_data");
> + return false;
> + }
> +
> + return data->device == dev;
> +}
> +
> +static bool device_data_match_by_path(const void *a, const void *b)
> +{
> + const struct device_data *data = a;
> + const char *path = b;
> +
> + if (!data) {
> + error("Unexpected NULL device_data");
> + return false;
> + }
> +
> + return strcmp(data->path, b) == 0;
> +}
> +
> +static void free_device_data(void *data)
> +{
> + struct device_data *device_data = data;
> +
> + g_free(device_data->path);
> + g_free(device_data);
> +}
> +
> +static void remove_device_data(void *data)
> +{
> + struct device_data *device_data = data;
> +
> + DBG("device_data for %s removing", device_data->path);
> +
> + queue_remove(devices, device_data);
> + free_device_data(device_data);
> +}
> +
> +static void add_device_data(struct btd_device *device)
> +{
> + struct btd_adapter *adapter = device_get_adapter(device);
> + struct device_data *data;
> +
> + if (queue_find(devices, device_data_match, device))
> + return;
> +
> + data = g_new0(struct device_data, 1);
> + if (!data) {
> + btd_error(btd_adapter_get_index(adapter),
> + "Failed to allocate memory for device_data");
> + return;
> + }
> +
> + data->device = device;
> + data->path = g_strdup(device_get_path(device));
> + queue_push_tail(devices, data);
> +
> + DBG("device_data for %s added", data->path);
> +}
> +
> +static struct btd_device *find_device_by_proxy(GDBusProxy *proxy)
> +{
> + const char *path = g_dbus_proxy_get_path(proxy);
> + const char *iface = g_dbus_proxy_get_interface(proxy);
> + struct btd_device *device;
> +
> + if (strcmp(iface, BTD_DEVICE_INTERFACE) != 0)
> + return NULL;
> +
> + device = btd_adapter_find_device_by_path(policy_data->adapter, path);
> +
> + if (!device) {
> + btd_warn(adapter_get_path(policy_data->adapter),
> + "Device path %s is not found", path);
> + }
> +
> + return device;
> +}
> +
> +static void object_added_cb(GDBusProxy *proxy, void *user_data)
> +{
> + struct btd_device *device;
> +
> + device = find_device_by_proxy(proxy);
> +
> + if (!device)
> + return;
> +
> + add_device_data(device);
> +}
> +
> +static void object_removed_cb(GDBusProxy *proxy, void *user_data)
> +{
> + const char *path = g_dbus_proxy_get_path(proxy);
> + const char *iface = g_dbus_proxy_get_interface(proxy);
> + struct device_data *data;
> +
> + if (strcmp(iface, BTD_DEVICE_INTERFACE) != 0)
> + return;
> +
> + data = queue_find(devices, device_data_match_by_path, path);
> +
> + if (data)
> + remove_device_data(data);
> +}
> +
> static int admin_policy_adapter_probe(struct btd_adapter *adapter)
> {
> + const char *adapter_path;
> +
> if (policy_data) {
> btd_warn(policy_data->adapter_id,
> "Policy data already exists");
> @@ -216,33 +341,43 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter)
> if (!policy_data)
> return -ENOMEM;
>
> - if (!g_dbus_register_interface(dbus_conn, adapter_get_path(adapter),
> + adapter_path = adapter_get_path(adapter);
> +
> + if (!g_dbus_register_interface(dbus_conn, adapter_path,
> ADMIN_POLICY_SET_INTERFACE,
> admin_policy_adapter_methods, NULL,
> NULL, policy_data, admin_policy_free)) {
> btd_error(policy_data->adapter_id,
> "Admin Policy Set interface init failed on path %s",
> - adapter_get_path(adapter));
> + adapter_path);
> return -EINVAL;
> }
>
> btd_info(policy_data->adapter_id,
> "Admin Policy Set interface registered");
>
> - if (!g_dbus_register_interface(dbus_conn, adapter_get_path(adapter),
> + if (!g_dbus_register_interface(dbus_conn, adapter_path,
> ADMIN_POLICY_STATUS_INTERFACE,
> NULL, NULL,
> admin_policy_adapter_properties,
> policy_data, admin_policy_free)) {
> btd_error(policy_data->adapter_id,
> "Admin Policy Status interface init failed on path %s",
> - adapter_get_path(adapter));
> + adapter_path);
> return -EINVAL;
> }
>
> btd_info(policy_data->adapter_id,
> "Admin Policy Status interface registered");
>
> + dbus_client = g_dbus_client_new(dbus_conn, DBUS_BLUEZ_SERVICE,
> + adapter_path);
> +
> + g_dbus_client_set_proxy_handlers(dbus_client, object_added_cb,
> + object_removed_cb, NULL, NULL);
> +
> + g_dbus_client_set_ready_watch(dbus_client, NULL, NULL);
I hope it wasn't one of my comments that led you to do this, because
it is really a bad idea to listen to our own signals like that since
it comes from the same process it just adds a round trip to the D-Bus
daemon for no reason. Perhaps we could extend the btd_adapter_driver
to have device_added/device_remove callbacks so whenever a new device
is added or removed the driver will get notified.
> +
> return 0;
> }
>
> @@ -257,6 +392,7 @@ static int admin_policy_init(void)
> DBG("");
>
> dbus_conn = btd_get_dbus_connection();
> + devices = queue_new();
>
> return btd_register_adapter_driver(&admin_policy_driver);
> }
> @@ -266,9 +402,19 @@ static void admin_policy_exit(void)
> DBG("");
>
> btd_unregister_adapter_driver(&admin_policy_driver);
> + queue_destroy(devices, free_device_data);
>
> if (policy_data)
> admin_policy_free(policy_data);
> +
> + if (dbus_client) {
> + g_dbus_client_set_disconnect_watch(dbus_client, NULL, NULL);
> + g_dbus_client_set_proxy_handlers(dbus_client, NULL, NULL, NULL,
> + NULL);
> + g_dbus_client_set_ready_watch(dbus_client, NULL, NULL);
> + g_dbus_client_unref(dbus_client);
> + dbus_client = NULL;
> + }
> }
>
> BLUETOOTH_PLUGIN_DEFINE(admin_policy, VERSION,
> --
> 2.32.0.402.g57bb445576-goog
>
--
Luiz Augusto von Dentz
Hi Bluez,
I'd like to discuss this patch. In this patch, I add
btd_adapter_is_uuid_allowed to the connected callback of bt_io_listen
in each profile. However, it introduces a dependency of src/adapter to
profiles/health/mcap, which is used in tools/mcaptests, therefore
making mcaptest unable to be built.
I wonder should we modify mcaptest in this case? I also notice that it
is the only profile that does not call btd_request_authorization in
bt_io connect_callback.
Thanks.
On Thu, Jul 22, 2021 at 3:23 PM Howard Chung <[email protected]> wrote:
>
> From: Yun-Hao Chung <[email protected]>
>
> Bluez listens for incoming connections for each profile. This patch
> ignores them if the service is not allowed by adapter.
>
> Reviewed-by: Miao-chen Chou <[email protected]>
> ---
> Hi maintainers,
>
> In previous work of service_api, it blocks incoming connections by
> adding a check in profile authorization callback. This doesn't work for
> every profile, since some profile (e.g. health) doesn't need
> authorization. This change adds check to each profile. I understand it's
> not a very clean solution. Please let me know if you have other
> thoughts. Thanks.
>
> The following test steps were performed after enabling admin_policy
> plugin:
> 1. Set ServiceAllowList to ["1234"].
> 2. Turn on a paired classic keyboard. Verify it can not be connected.
> 3. Set ServiceAllowList to
> ["1800","1801","180A","180F","1812"]
> 4. Turn off and turn on the keyboard. Verift it can be connected.
>
> (no changes since v1)
>
> Makefile.tools | 1 +
> profiles/audio/a2dp.c | 6 ++++++
> profiles/audio/avctp.c | 7 +++++++
> profiles/health/mcap.c | 10 +++++++++-
> profiles/input/server.c | 10 ++++++++++
> src/profile.c | 12 ++++++++++++
> 6 files changed, 45 insertions(+), 1 deletion(-)
>
> diff --git a/Makefile.tools b/Makefile.tools
> index c836b5984934..55684824fb91 100644
> --- a/Makefile.tools
> +++ b/Makefile.tools
> @@ -235,6 +235,7 @@ tools_btiotest_LDADD = lib/libbluetooth-internal.la $(GLIB_LIBS)
> tools_mcaptest_SOURCES = tools/mcaptest.c \
> btio/btio.h btio/btio.c \
> src/log.c src/log.h \
> + src/adapter.c src/adapter.h \
> profiles/health/mcap.h profiles/health/mcap.c
> tools_mcaptest_LDADD = lib/libbluetooth-internal.la $(GLIB_LIBS) \
> src/libshared-mainloop.la -lrt
> diff --git a/profiles/audio/a2dp.c b/profiles/audio/a2dp.c
> index 86bc02994f75..73cf210475bd 100644
> --- a/profiles/audio/a2dp.c
> +++ b/profiles/audio/a2dp.c
> @@ -2386,6 +2386,12 @@ static void confirm_cb(GIOChannel *io, gpointer data)
> return;
> }
>
> + if (!btd_adapter_is_uuid_allowed(adapter_find(&src),
> + ADVANCED_AUDIO_UUID)) {
> + info("A2DP is not allowed. Ignoring the incoming connection");
> + return;
> + }
> +
> chan = channel_new(server, device, io);
> if (!chan)
> goto drop;
> diff --git a/profiles/audio/avctp.c b/profiles/audio/avctp.c
> index 50de3361818f..044c10d213ac 100644
> --- a/profiles/audio/avctp.c
> +++ b/profiles/audio/avctp.c
> @@ -1587,6 +1587,13 @@ static void avctp_confirm_cb(GIOChannel *chan, gpointer data)
>
> DBG("AVCTP: incoming connect from %s", address);
>
> + if (!btd_adapter_is_uuid_allowed(adapter_find(&src),
> + AVRCP_REMOTE_UUID)) {
> + info("AVRCP REMOTE is not allowed. "
> + "Ignoring the incoming connection");
> + return;
> + }
> +
> device = btd_adapter_find_device(adapter_find(&src), &dst,
> BDADDR_BREDR);
> if (!device)
> diff --git a/profiles/health/mcap.c b/profiles/health/mcap.c
> index be13af37a0b8..1799d73e6648 100644
> --- a/profiles/health/mcap.c
> +++ b/profiles/health/mcap.c
> @@ -23,8 +23,10 @@
> #include <glib.h>
>
> #include "lib/bluetooth.h"
> +#include "lib/uuid.h"
> #include "bluetooth/l2cap.h"
> #include "btio/btio.h"
> +#include "src/adapter.h"
> #include "src/log.h"
> #include "src/shared/timeout.h"
>
> @@ -2010,7 +2012,7 @@ static void connect_mcl_event_cb(GIOChannel *chan, GError *gerr,
> {
> struct mcap_instance *mi = user_data;
> struct mcap_mcl *mcl;
> - bdaddr_t dst;
> + bdaddr_t src, dst;
> char address[18], srcstr[18];
> GError *err = NULL;
>
> @@ -2018,6 +2020,7 @@ static void connect_mcl_event_cb(GIOChannel *chan, GError *gerr,
> return;
>
> bt_io_get(chan, &err,
> + BT_IO_OPT_SOURCE_BDADDR, &src,
> BT_IO_OPT_DEST_BDADDR, &dst,
> BT_IO_OPT_DEST, address,
> BT_IO_OPT_INVALID);
> @@ -2027,6 +2030,11 @@ static void connect_mcl_event_cb(GIOChannel *chan, GError *gerr,
> goto drop;
> }
>
> + if (!btd_adapter_is_uuid_allowed(adapter_find(&src), HDP_UUID)) {
> + info("HID is not allowed. Ignoring the incoming connection");
> + return;
> + }
> +
> ba2str(&mi->src, srcstr);
> mcl = find_mcl(mi->mcls, &dst);
> if (mcl) {
> diff --git a/profiles/input/server.c b/profiles/input/server.c
> index 79cf08a66b38..94d06a383578 100644
> --- a/profiles/input/server.c
> +++ b/profiles/input/server.c
> @@ -156,6 +156,11 @@ static void connect_event_cb(GIOChannel *chan, GError *err, gpointer data)
> ba2str(&dst, address);
> DBG("Incoming connection from %s on PSM %d", address, psm);
>
> + if (!btd_adapter_is_uuid_allowed(adapter_find(&src), HID_UUID)) {
> + info("HID is not allowed. Ignoring the incoming connection");
> + return;
> + }
> +
> ret = input_device_set_channel(&src, &dst, psm, chan);
> if (ret == 0)
> return;
> @@ -234,6 +239,11 @@ static void confirm_event_cb(GIOChannel *chan, gpointer user_data)
> return;
> }
>
> + if (!btd_adapter_is_uuid_allowed(adapter_find(&src), HID_UUID)) {
> + info("HID is not allowed. Ignoring the incoming connection");
> + return;
> + }
> +
> ba2str(&dst, addr);
>
> if (server->confirm) {
> diff --git a/src/profile.c b/src/profile.c
> index 60d17b6ae657..58500c74746d 100644
> --- a/src/profile.c
> +++ b/src/profile.c
> @@ -1249,6 +1249,11 @@ static void ext_confirm(GIOChannel *io, gpointer user_data)
>
> DBG("incoming connect from %s", addr);
>
> + if (btd_adapter_is_uuid_allowed(adapter_find(&src), uuid)) {
> + info("UUID %s is not allowed. Igoring the connection", uuid);
> + return;
> + }
> +
> conn = create_conn(server, io, &src, &dst);
> if (conn == NULL)
> return;
> @@ -1272,6 +1277,7 @@ static void ext_direct_connect(GIOChannel *io, GError *err, gpointer user_data)
> struct ext_profile *ext = server->ext;
> GError *gerr = NULL;
> struct ext_io *conn;
> + const char *uuid = ext->service ? ext->service : ext->uuid;
> bdaddr_t src, dst;
>
> bt_io_get(io, &gerr,
> @@ -1285,6 +1291,12 @@ static void ext_direct_connect(GIOChannel *io, GError *err, gpointer user_data)
> return;
> }
>
> + if (btd_adapter_is_uuid_allowed(adapter_find(&src), ext->uuid)) {
> + info("UUID %s is not allowed. Igoring the connection",
> + ext->uuid);
> + return;
> + }
> +
> conn = create_conn(server, io, &src, &dst);
> if (conn == NULL)
> return;
> --
> 2.32.0.402.g57bb445576-goog
>