Received: by 2002:a25:31c3:0:0:0:0:0 with SMTP id x186csp493239ybx; Tue, 29 Oct 2019 23:28:23 -0700 (PDT) X-Google-Smtp-Source: APXvYqy6AfLbyor4+ECMfCHERRt3MrMohqCIqnTkmRMUSdu3MZmQCWvFnq+PeiOQqXQmv/enuXjx X-Received: by 2002:aa7:c5c5:: with SMTP id h5mr13264374eds.87.1572416903413; Tue, 29 Oct 2019 23:28:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1572416903; cv=none; d=google.com; s=arc-20160816; b=aErEWKs+/wlBJvnb6unhzIODHJ4QM1HLaqsGFnexSgVb8pxzN/wsC11SgirERmUdqk ek7fTPaY2d13JjnQEK4OjIEynUSZzqXv2G2LT4QzyKzZrypaE7/7O1l/TZ4L3f1JIHY8 NfBhtzJKrB0hHkWwM5xUx0GYTwLtU2NvGZryrFykrfL/DbzNLOgmfKhazIGxfQDJv9pS 9e6dCUfcK/rIU0yV9R6+O1N6oNNRbO1pNBkOnOxNKP9E1mh0fxO3vOPBfalnRJsRLR0s Gm2H3eMKjNYMK9PWxKShnHfPVG4Mmj27QXBfLAjylFNLI0I4NQSDGUdmCVQn45tgJoMR 8h/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=Re+mBHieK1TiaX5Avs/Nb7GzxwnrHZd6eqlGm+xar88=; b=C34OFy3z/o2Mzi5+yS5rXWeUmNsHJAfGgHAam7fNevHyXjR9jnF9RVjKYiF1PYEaT8 WeWMEzVt9dLiZRtLze9efzY5mr4gty8KMlPfIuaGDN2Zd+TCgmgaIzDyOMLTR0zhKeW7 UyWNYNHqRgFi1YHIr3LaZpFS2uGRLKZ/grwqV60llHy6Wxamff7HUcJlYn+GEz7v2VGX ImZJpn03Kg/dvhDdagIEA9sI46I9gCgCPpqQ5vkBueiBiY5HTpKlF53wI19AD0bIJvCg 37YEjv07SMDM4F5TYGkldiCU3d/JuTPY7ClbUjBnGb6MzUrIPdrm+9tnpFessg83e57w UZxw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f21si774230edf.277.2019.10.29.23.27.57; Tue, 29 Oct 2019 23:28:23 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727015AbfJ3G1v (ORCPT + 99 others); Wed, 30 Oct 2019 02:27:51 -0400 Received: from mga07.intel.com ([134.134.136.100]:56391 "EHLO mga07.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726108AbfJ3G1v (ORCPT ); Wed, 30 Oct 2019 02:27:51 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 29 Oct 2019 23:27:50 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.68,246,1569308400"; d="scan'208";a="283463591" Received: from ingas-nuc1.sea.intel.com ([10.255.229.102]) by orsmga001.jf.intel.com with ESMTP; 29 Oct 2019 23:27:50 -0700 From: Inga Stotland To: linux-bluetooth@vger.kernel.org Cc: brian.gix@intel.com, Inga Stotland Subject: [PATCH BlueZ] mesh: Add authorization checks for Manager iface methods Date: Tue, 29 Oct 2019 23:27:49 -0700 Message-Id: <20191030062749.14343-1-inga.stotland@intel.com> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org This adds a check for org.bluez.mesh.Manager1 interface calls to validate that a message sender, i.e. thatt the sender is the original owner of the node object generated on Attach() method call. If the check fails, org.bluez.mesh.Error.NotAuthorized is returned. --- mesh/manager.c | 60 +++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 57 insertions(+), 3 deletions(-) diff --git a/mesh/manager.c b/mesh/manager.c index 633597659..b39ea6ed7 100644 --- a/mesh/manager.c +++ b/mesh/manager.c @@ -287,6 +287,10 @@ static struct l_dbus_message *import_node_call(struct l_dbus *dbus, uint8_t num_ele; uint8_t *key; uint32_t n; + const char *sender = l_dbus_message_get_sender(msg); + + if (strcmp(sender, node_get_owner(node))) + return dbus_error(msg, MESH_ERROR_NOT_AUTHORIZED, NULL); if (!l_dbus_message_get_arguments(msg, "qyay", &primary, &num_ele, &iter_key)) @@ -311,6 +315,10 @@ static struct l_dbus_message *delete_node_call(struct l_dbus *dbus, struct mesh_net *net = node_get_net(node); uint16_t primary; uint8_t num_ele; + const char *sender = l_dbus_message_get_sender(msg); + + if (strcmp(sender, node_get_owner(node))) + return dbus_error(msg, MESH_ERROR_NOT_AUTHORIZED, NULL); if (!l_dbus_message_get_arguments(msg, "qy", &primary, &num_ele)) return dbus_error(msg, MESH_ERROR_INVALID_ARGS, NULL); @@ -368,6 +376,10 @@ static struct l_dbus_message *start_scan_call(struct l_dbus *dbus, uint16_t duration; struct mesh_io *io; struct mesh_net *net; + const char *sender = l_dbus_message_get_sender(msg); + + if (strcmp(sender, node_get_owner(node))) + return dbus_error(msg, MESH_ERROR_NOT_AUTHORIZED, NULL); if (!l_dbus_message_get_arguments(msg, "q", &duration)) return dbus_error(msg, MESH_ERROR_INVALID_ARGS, NULL); @@ -402,11 +414,17 @@ static struct l_dbus_message *cancel_scan_call(struct l_dbus *dbus, void *user_data) { struct mesh_node *node = user_data; + const char *sender = l_dbus_message_get_sender(msg); - if (scan_node != node) - return dbus_error(msg, MESH_ERROR_BUSY, NULL); + if (strcmp(sender, node_get_owner(node)) || !node_is_provisioner(node)) + return dbus_error(msg, MESH_ERROR_NOT_AUTHORIZED, NULL); - scan_cancel(NULL, node); + if (scan_node) { + if (scan_node != node) + return dbus_error(msg, MESH_ERROR_BUSY, NULL); + + scan_cancel(NULL, node); + } return l_dbus_message_new_method_return(msg); } @@ -446,6 +464,10 @@ static struct l_dbus_message *create_subnet_call(struct l_dbus *dbus, struct mesh_node *node = user_data; uint8_t key[16]; uint16_t net_idx; + const char *sender = l_dbus_message_get_sender(msg); + + if (strcmp(sender, node_get_owner(node))) + return dbus_error(msg, MESH_ERROR_NOT_AUTHORIZED, NULL); if (!l_dbus_message_get_arguments(msg, "q", &net_idx) || net_idx == PRIMARY_NET_IDX) @@ -464,6 +486,10 @@ static struct l_dbus_message *update_subnet_call(struct l_dbus *dbus, struct mesh_node *node = user_data; struct keyring_net_key key; uint16_t net_idx; + const char *sender = l_dbus_message_get_sender(msg); + + if (strcmp(sender, node_get_owner(node))) + return dbus_error(msg, MESH_ERROR_NOT_AUTHORIZED, NULL); if (!l_dbus_message_get_arguments(msg, "q", &net_idx) || net_idx > MAX_KEY_IDX) @@ -501,6 +527,10 @@ static struct l_dbus_message *delete_subnet_call(struct l_dbus *dbus, { struct mesh_node *node = user_data; uint16_t net_idx; + const char *sender = l_dbus_message_get_sender(msg); + + if (strcmp(sender, node_get_owner(node))) + return dbus_error(msg, MESH_ERROR_NOT_AUTHORIZED, NULL); if (!l_dbus_message_get_arguments(msg, "q", &net_idx) || net_idx > MAX_KEY_IDX) @@ -520,6 +550,10 @@ static struct l_dbus_message *import_subnet_call(struct l_dbus *dbus, uint16_t net_idx; uint8_t *key; uint32_t n; + const char *sender = l_dbus_message_get_sender(msg); + + if (strcmp(sender, node_get_owner(node))) + return dbus_error(msg, MESH_ERROR_NOT_AUTHORIZED, NULL); if (!l_dbus_message_get_arguments(msg, "qay", &net_idx, &iter_key)) return dbus_error(msg, MESH_ERROR_INVALID_ARGS, NULL); @@ -574,6 +608,10 @@ static struct l_dbus_message *create_appkey_call(struct l_dbus *dbus, struct mesh_node *node = user_data; uint16_t net_idx, app_idx; uint8_t key[16]; + const char *sender = l_dbus_message_get_sender(msg); + + if (strcmp(sender, node_get_owner(node))) + return dbus_error(msg, MESH_ERROR_NOT_AUTHORIZED, NULL); if (!l_dbus_message_get_arguments(msg, "qq", &net_idx, &app_idx)) return dbus_error(msg, MESH_ERROR_INVALID_ARGS, NULL); @@ -591,6 +629,10 @@ static struct l_dbus_message *update_appkey_call(struct l_dbus *dbus, struct keyring_net_key net_key; struct keyring_app_key app_key; uint16_t app_idx; + const char *sender = l_dbus_message_get_sender(msg); + + if (strcmp(sender, node_get_owner(node))) + return dbus_error(msg, MESH_ERROR_NOT_AUTHORIZED, NULL); if (!l_dbus_message_get_arguments(msg, "q", &app_idx) || app_idx > MAX_KEY_IDX) @@ -618,6 +660,10 @@ static struct l_dbus_message *delete_appkey_call(struct l_dbus *dbus, { struct mesh_node *node = user_data; uint16_t app_idx; + const char *sender = l_dbus_message_get_sender(msg); + + if (strcmp(sender, node_get_owner(node))) + return dbus_error(msg, MESH_ERROR_NOT_AUTHORIZED, NULL); if (!l_dbus_message_get_arguments(msg, "q", &app_idx)) return dbus_error(msg, MESH_ERROR_INVALID_ARGS, NULL); @@ -636,6 +682,10 @@ static struct l_dbus_message *import_appkey_call(struct l_dbus *dbus, uint16_t net_idx, app_idx; uint8_t *key; uint32_t n; + const char *sender = l_dbus_message_get_sender(msg); + + if (strcmp(sender, node_get_owner(node))) + return dbus_error(msg, MESH_ERROR_NOT_AUTHORIZED, NULL); if (!l_dbus_message_get_arguments(msg, "qqay", &net_idx, &app_idx, &iter_key)) @@ -657,6 +707,10 @@ static struct l_dbus_message *set_key_phase_call(struct l_dbus *dbus, struct keyring_net_key key; uint16_t net_idx; uint8_t phase; + const char *sender = l_dbus_message_get_sender(msg); + + if (strcmp(sender, node_get_owner(node))) + return dbus_error(msg, MESH_ERROR_NOT_AUTHORIZED, NULL); if (!l_dbus_message_get_arguments(msg, "qy", &net_idx, &phase) || phase == KEY_REFRESH_PHASE_ONE || -- 2.21.0