Received: by 2002:a05:6a10:c7c6:0:0:0:0 with SMTP id h6csp2254670pxy; Tue, 3 Aug 2021 01:27:11 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwg9qve9EPAEW76qdXVmiRnRx98DLD0BV5UObV6dWrfmfRRdvqRmK7j0XkqjXKaEUIsJ48r X-Received: by 2002:a17:906:24d3:: with SMTP id f19mr19717977ejb.391.1627979230979; Tue, 03 Aug 2021 01:27:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1627979230; cv=none; d=google.com; s=arc-20160816; b=LMeqT+o8fAHUzjKOS5Z43Zbrz2hb8HErq7RYMrl/bzFORH8VAKAnC+CGfHEad5FBpK lSR2XRKF+3c3bBJjDV84azz2H1XvLOWYGoMf6SyO1SLdxT8lD72Naz02ea3PN20D4Ufg iIP6lcekkMv74neUf2PQQGx6M65NuZIx1cihq9ET1SooDuLr6nv22Lj2U5gdKVUN5yYE Dw7J7uelikqTK4qBYd7EDdlX6QL+eLnmR+sxN/KW6fNZHZKyBdWl7pwKpBaSp68eWnKB U0FeHWqlgNEp4XwWBNf7o+smxu1aZ9OzpXJMiQhqUGoOFmXSwwOrHe1xuxMyL0tHlaMY +qYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:dkim-signature; bh=SVjSi8TFE4kqjWJxa47zcGVLjNTWKkBBm1I1HBi8OUM=; b=JdjXnA+d8uCS4ENPbQpZKLCYIpRRqZZm7akWrtuVZUZQ3P8IW+inkvIRYeuOpbSYDD ydPFC5UCGSwSykQZyCJo3A8Ksa04gW834BtmIyeoaZWogaipZpcS93LGqq5bq2mbfhJN Znymqdl1OHje5mZ0j4wuwIh/EtQzwYTwrUdRhxI6g1OuJbZCv960RkQKJxHqybzfwhLm HghqaRwGMtUQQxZvyYMqQmAkxTvo9TJTXeFuhYoLSXeH8AEhYW04xU3J6VFle+SCH/d1 NBZXlmaYJr71DQythhKgyInVwia4WwWces0oTo9nNY7JbNesZrzpYeIsZ1lLIdF/ifk6 Lo+g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b="sHnvJ/6E"; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id eb22si14671708ejc.746.2021.08.03.01.26.47; Tue, 03 Aug 2021 01:27:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b="sHnvJ/6E"; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234626AbhHCIX4 (ORCPT + 99 others); Tue, 3 Aug 2021 04:23:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52080 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234617AbhHCIXz (ORCPT ); Tue, 3 Aug 2021 04:23:55 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 41BE2C06175F for ; Tue, 3 Aug 2021 01:23:44 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id w200-20020a25c7d10000b02905585436b530so22067003ybe.21 for ; Tue, 03 Aug 2021 01:23:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=SVjSi8TFE4kqjWJxa47zcGVLjNTWKkBBm1I1HBi8OUM=; b=sHnvJ/6EHWJzwo5618wB2bFVbdgV6DegFWAOORBSkepDWLg/MTE+s3NHFWuaCBuEmw eT8HST3GlPjAVLGn8lw1Cef0TT7Lr0oFPfFFD8SNcUYLX9NG1Z3JVsjnSIXweyM32K8C eFzvvKYKzkC/VXfYCxG6cHwxDuf/e/XT/mFLp2KLRzM146mI++Rw5b0fwyarv5gcl2RX It8FS0OAq1trtk3bQUP2KrkDsDq1Meyyq8r6agR5A4j9G7+FaoSFTWjem88biIs7bh/f jyHZfCFsAUgMM/yEdqiyC76YjowoFdeK0wPfYWLEmPOfKNnYvDDapBUffh64YEAuKYAu 6Dcg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=SVjSi8TFE4kqjWJxa47zcGVLjNTWKkBBm1I1HBi8OUM=; b=eteBlwUHUZ3ErfprUsJB4azLT1+bSQTJMDkTcKIL8C3wX2nD0Miey99D8IvJw0awY5 1YkgIyBw4AU8Cu2PvxZVsLVRjehEe5kuqJLqRkuElYQKsx6MvziAuJ1UgYC3Hw3P3U6/ K3kbugssIvHg/W/9QRET8YVLjsIli1QAeLPRm90PEfBxPSK+WUEqUesabRd4h4VdHu+C I8JDW71cO9r6pLes0OwMv91Bxo2+yIGqpNiGhea7SBs8wWoYxm0+WVdnwBxQEXn9Kwl0 R9TngrzMTrf9xsvo69s8JV6/ftbqgRDnysl+7ix7TFmi8dV74Zr9I49fcszFlgXbVLI1 HLhw== X-Gm-Message-State: AOAM532ip0B7Y8UrU4nSD0I1XQpA8CD/7Nx37LPC4yULlKuJCn+3KJ7W 1yXjY/ZqqiZ4hsbVUi8Yst2E8kC2jCyK68PaM49xmifYRa298TGo0VHbnc24xgwSZjzCQU8nIuY jpq3HL0zsN4IzwZizlnpxLmKAQKRNEvWsim+uvCpf4hYy93GKzS6X36ImEeIIk/+oz8ulILvuC3 aJ3s/+f299pWI= X-Received: from howardchung-p920.tpe.corp.google.com ([2401:fa00:1:10:ef55:8161:c77b:7a8d]) (user=howardchung job=sendgmr) by 2002:a25:abb3:: with SMTP id v48mr23615583ybi.482.1627979023421; Tue, 03 Aug 2021 01:23:43 -0700 (PDT) Date: Tue, 3 Aug 2021 16:22:35 +0800 In-Reply-To: <20210803082237.723766-1-howardchung@google.com> Message-Id: <20210803161319.Bluez.v8.11.Ib26c0abdbd417673a8b5788c175c06110726a68c@changeid> Mime-Version: 1.0 References: <20210803082237.723766-1-howardchung@google.com> X-Mailer: git-send-email 2.32.0.554.ge1b32706d8-goog Subject: [Bluez PATCH v8 11/13] plugins/admin: persist policy settings From: Howard Chung To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com Cc: Yun-Hao Chung , Miao-chen Chou Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Yun-Hao Chung This adds code to store the ServiceAllowlist to file /var/lib/bluetooth/{MAC_ADDR}/admin_policy The stored settings will be loaded upon admin_policy initialized. Reviewed-by: Miao-chen Chou --- The following test steps were performed: 1. Set ServiceAllowlist to ["1124","180A","180F","1812", "1801"] 2. restart bluetoothd 3. Verify ServiceAllowlist is ["1124","180A","180F","1812","1801"] in UUID-128 form 4. Set ServiceAllowlist to [] 5. restart bluetoothd 6. Verify ServiceAllowlist is [] Changes in v8: - Move store_policy_settings earlier to avoid forward declaration. plugins/admin.c | 167 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 165 insertions(+), 2 deletions(-) diff --git a/plugins/admin.c b/plugins/admin.c index 7936f8c11475..428a5528cc88 100644 --- a/plugins/admin.c +++ b/plugins/admin.c @@ -14,6 +14,9 @@ #include #include +#include +#include +#include #include "lib/bluetooth.h" #include "lib/uuid.h" @@ -24,11 +27,13 @@ #include "src/error.h" #include "src/log.h" #include "src/plugin.h" +#include "src/textfile.h" #include "src/shared/queue.h" #define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1" #define ADMIN_POLICY_STATUS_INTERFACE "org.bluez.AdminPolicyStatus1" +#define ADMIN_POLICY_STORAGE STORAGEDIR "/admin_policy_settings" #define DBUS_BLUEZ_SERVICE "org.bluez" #define BTD_DEVICE_INTERFACE "org.bluez.Device1" @@ -161,6 +166,161 @@ static void update_device_affected(void *data, void *user_data) ADMIN_POLICY_STATUS_INTERFACE, "AffectedByPolicy"); } +static void free_uuid_strings(char **uuid_strs, gsize num) +{ + gsize i; + + for (i = 0; i < num; i++) + g_free(uuid_strs[i]); + g_free(uuid_strs); +} + +static char **new_uuid_strings(struct queue *allowlist, gsize *num) +{ + const struct queue_entry *entry = NULL; + bt_uuid_t *uuid = NULL; + char **uuid_strs = NULL; + gsize i = 0, allowlist_num; + + /* Set num to a non-zero number so that whoever call this could know if + * this function success or not + */ + *num = 1; + + allowlist_num = queue_length(allowlist); + uuid_strs = g_try_malloc_n(allowlist_num, sizeof(char *)); + if (!uuid_strs) + return NULL; + + for (entry = queue_get_entries(allowlist); entry != NULL; + entry = entry->next) { + uuid = entry->data; + uuid_strs[i] = g_try_malloc0(MAX_LEN_UUID_STR * sizeof(char)); + + if (!uuid_strs[i]) + goto failed; + + bt_uuid_to_string(uuid, uuid_strs[i], MAX_LEN_UUID_STR); + i++; + } + + *num = allowlist_num; + return uuid_strs; + +failed: + free_uuid_strings(uuid_strs, i); + + return NULL; +} + +static void store_policy_settings(struct btd_admin_policy *admin_policy) +{ + GKeyFile *key_file = NULL; + char *filename = ADMIN_POLICY_STORAGE; + char *key_file_data = NULL; + char **uuid_strs = NULL; + gsize length, num_uuids; + + key_file = g_key_file_new(); + + uuid_strs = new_uuid_strings(admin_policy->service_allowlist, + &num_uuids); + + if (!uuid_strs && num_uuids) { + btd_error(admin_policy->adapter_id, + "Failed to allocate uuid strings"); + goto failed; + } + + g_key_file_set_string_list(key_file, "General", "ServiceAllowlist", + (const gchar * const *)uuid_strs, + num_uuids); + + if (create_file(ADMIN_POLICY_STORAGE, 0600) < 0) { + btd_error(admin_policy->adapter_id, "create %s failed, %s", + filename, strerror(errno)); + goto failed; + } + + key_file_data = g_key_file_to_data(key_file, &length, NULL); + g_file_set_contents(ADMIN_POLICY_STORAGE, key_file_data, length, NULL); + + g_free(key_file_data); + free_uuid_strings(uuid_strs, num_uuids); + +failed: + g_key_file_free(key_file); +} + +static void key_file_load_service_allowlist(GKeyFile *key_file, + struct btd_admin_policy *admin_policy) +{ + GError *gerr = NULL; + struct queue *uuid_list = NULL; + gchar **uuids = NULL; + gsize num, i; + + uuids = g_key_file_get_string_list(key_file, "General", + "ServiceAllowlist", &num, &gerr); + + if (gerr) { + btd_error(admin_policy->adapter_id, + "Failed to load ServiceAllowlist"); + g_error_free(gerr); + return; + } + + uuid_list = queue_new(); + for (i = 0; i < num; i++) { + bt_uuid_t *uuid = g_try_malloc(sizeof(*uuid)); + + if (!uuid) + goto failed; + + if (bt_string_to_uuid(uuid, *uuids)) { + + btd_error(admin_policy->adapter_id, + "Failed to convert '%s' to uuid struct", + *uuids); + + g_free(uuid); + goto failed; + } + + queue_push_tail(uuid_list, uuid); + uuids++; + } + + if (!service_allowlist_set(admin_policy, uuid_list)) + goto failed; + + return; +failed: + free_service_allowlist(uuid_list); +} + +static void load_policy_settings(struct btd_admin_policy *admin_policy) +{ + GKeyFile *key_file; + char *filename = ADMIN_POLICY_STORAGE; + struct stat st; + + if (stat(filename, &st) < 0) { + btd_error(admin_policy->adapter_id, + "Failed to get file %s information", + filename); + return; + } + + key_file = g_key_file_new(); + + g_key_file_load_from_file(key_file, filename, 0, NULL); + + key_file_load_service_allowlist(key_file, admin_policy); + + g_key_file_free(key_file); +} + static DBusMessage *set_service_allowlist(DBusConnection *conn, DBusMessage *msg, void *user_data) { @@ -179,7 +339,9 @@ static DBusMessage *set_service_allowlist(DBusConnection *conn, return btd_error_invalid_args(msg); } - if (!service_allowlist_set(admin_policy, uuid_list)) { + if (service_allowlist_set(admin_policy, uuid_list)) { + store_policy_settings(admin_policy); + } else { free_service_allowlist(uuid_list); return btd_error_failed(msg, "service_allowlist_set failed"); } @@ -200,7 +362,7 @@ static const GDBusMethodTable admin_policy_adapter_methods[] = { { } }; -void append_service_uuid(void *data, void *user_data) +static void append_service_uuid(void *data, void *user_data) { bt_uuid_t *uuid = data; DBusMessageIter *entry = user_data; @@ -305,6 +467,7 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter) if (!policy_data) return -ENOMEM; + load_policy_settings(policy_data); adapter_path = adapter_get_path(adapter); if (!g_dbus_register_interface(dbus_conn, adapter_path, -- 2.32.0.554.ge1b32706d8-goog