From: Howard Chung <howardchung@google.com>
To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com
Cc: Yun-Hao Chung <howardchung@chromium.org>,
Miao-chen Chou <mcchou@chromium.org>
Subject: [Bluez PATCH v8 11/13] plugins/admin: persist policy settings
Date: Tue, 3 Aug 2021 16:22:35 +0800 [thread overview]
Message-ID: <20210803161319.Bluez.v8.11.Ib26c0abdbd417673a8b5788c175c06110726a68c@changeid> (raw)
In-Reply-To: <20210803082237.723766-1-howardchung@google.com>
From: Yun-Hao Chung <howardchung@chromium.org>
This adds code to store the ServiceAllowlist to file
/var/lib/bluetooth/{MAC_ADDR}/admin_policy
The stored settings will be loaded upon admin_policy initialized.
Reviewed-by: Miao-chen Chou <mcchou@chromium.org>
---
The following test steps were performed:
1. Set ServiceAllowlist to ["1124","180A","180F","1812", "1801"]
2. restart bluetoothd
3. Verify ServiceAllowlist is ["1124","180A","180F","1812","1801"] in
UUID-128 form
4. Set ServiceAllowlist to []
5. restart bluetoothd
6. Verify ServiceAllowlist is []
Changes in v8:
- Move store_policy_settings earlier to avoid forward declaration.
plugins/admin.c | 167 +++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 165 insertions(+), 2 deletions(-)
diff --git a/plugins/admin.c b/plugins/admin.c
index 7936f8c11475..428a5528cc88 100644
--- a/plugins/admin.c
+++ b/plugins/admin.c
@@ -14,6 +14,9 @@
#include <dbus/dbus.h>
#include <gdbus/gdbus.h>
+#include <sys/file.h>
+#include <sys/stat.h>
+#include <errno.h>
#include "lib/bluetooth.h"
#include "lib/uuid.h"
@@ -24,11 +27,13 @@
#include "src/error.h"
#include "src/log.h"
#include "src/plugin.h"
+#include "src/textfile.h"
#include "src/shared/queue.h"
#define ADMIN_POLICY_SET_INTERFACE "org.bluez.AdminPolicySet1"
#define ADMIN_POLICY_STATUS_INTERFACE "org.bluez.AdminPolicyStatus1"
+#define ADMIN_POLICY_STORAGE STORAGEDIR "/admin_policy_settings"
#define DBUS_BLUEZ_SERVICE "org.bluez"
#define BTD_DEVICE_INTERFACE "org.bluez.Device1"
@@ -161,6 +166,161 @@ static void update_device_affected(void *data, void *user_data)
ADMIN_POLICY_STATUS_INTERFACE, "AffectedByPolicy");
}
+static void free_uuid_strings(char **uuid_strs, gsize num)
+{
+ gsize i;
+
+ for (i = 0; i < num; i++)
+ g_free(uuid_strs[i]);
+ g_free(uuid_strs);
+}
+
+static char **new_uuid_strings(struct queue *allowlist, gsize *num)
+{
+ const struct queue_entry *entry = NULL;
+ bt_uuid_t *uuid = NULL;
+ char **uuid_strs = NULL;
+ gsize i = 0, allowlist_num;
+
+ /* Set num to a non-zero number so that whoever call this could know if
+ * this function success or not
+ */
+ *num = 1;
+
+ allowlist_num = queue_length(allowlist);
+ uuid_strs = g_try_malloc_n(allowlist_num, sizeof(char *));
+ if (!uuid_strs)
+ return NULL;
+
+ for (entry = queue_get_entries(allowlist); entry != NULL;
+ entry = entry->next) {
+ uuid = entry->data;
+ uuid_strs[i] = g_try_malloc0(MAX_LEN_UUID_STR * sizeof(char));
+
+ if (!uuid_strs[i])
+ goto failed;
+
+ bt_uuid_to_string(uuid, uuid_strs[i], MAX_LEN_UUID_STR);
+ i++;
+ }
+
+ *num = allowlist_num;
+ return uuid_strs;
+
+failed:
+ free_uuid_strings(uuid_strs, i);
+
+ return NULL;
+}
+
+static void store_policy_settings(struct btd_admin_policy *admin_policy)
+{
+ GKeyFile *key_file = NULL;
+ char *filename = ADMIN_POLICY_STORAGE;
+ char *key_file_data = NULL;
+ char **uuid_strs = NULL;
+ gsize length, num_uuids;
+
+ key_file = g_key_file_new();
+
+ uuid_strs = new_uuid_strings(admin_policy->service_allowlist,
+ &num_uuids);
+
+ if (!uuid_strs && num_uuids) {
+ btd_error(admin_policy->adapter_id,
+ "Failed to allocate uuid strings");
+ goto failed;
+ }
+
+ g_key_file_set_string_list(key_file, "General", "ServiceAllowlist",
+ (const gchar * const *)uuid_strs,
+ num_uuids);
+
+ if (create_file(ADMIN_POLICY_STORAGE, 0600) < 0) {
+ btd_error(admin_policy->adapter_id, "create %s failed, %s",
+ filename, strerror(errno));
+ goto failed;
+ }
+
+ key_file_data = g_key_file_to_data(key_file, &length, NULL);
+ g_file_set_contents(ADMIN_POLICY_STORAGE, key_file_data, length, NULL);
+
+ g_free(key_file_data);
+ free_uuid_strings(uuid_strs, num_uuids);
+
+failed:
+ g_key_file_free(key_file);
+}
+
+static void key_file_load_service_allowlist(GKeyFile *key_file,
+ struct btd_admin_policy *admin_policy)
+{
+ GError *gerr = NULL;
+ struct queue *uuid_list = NULL;
+ gchar **uuids = NULL;
+ gsize num, i;
+
+ uuids = g_key_file_get_string_list(key_file, "General",
+ "ServiceAllowlist", &num, &gerr);
+
+ if (gerr) {
+ btd_error(admin_policy->adapter_id,
+ "Failed to load ServiceAllowlist");
+ g_error_free(gerr);
+ return;
+ }
+
+ uuid_list = queue_new();
+ for (i = 0; i < num; i++) {
+ bt_uuid_t *uuid = g_try_malloc(sizeof(*uuid));
+
+ if (!uuid)
+ goto failed;
+
+ if (bt_string_to_uuid(uuid, *uuids)) {
+
+ btd_error(admin_policy->adapter_id,
+ "Failed to convert '%s' to uuid struct",
+ *uuids);
+
+ g_free(uuid);
+ goto failed;
+ }
+
+ queue_push_tail(uuid_list, uuid);
+ uuids++;
+ }
+
+ if (!service_allowlist_set(admin_policy, uuid_list))
+ goto failed;
+
+ return;
+failed:
+ free_service_allowlist(uuid_list);
+}
+
+static void load_policy_settings(struct btd_admin_policy *admin_policy)
+{
+ GKeyFile *key_file;
+ char *filename = ADMIN_POLICY_STORAGE;
+ struct stat st;
+
+ if (stat(filename, &st) < 0) {
+ btd_error(admin_policy->adapter_id,
+ "Failed to get file %s information",
+ filename);
+ return;
+ }
+
+ key_file = g_key_file_new();
+
+ g_key_file_load_from_file(key_file, filename, 0, NULL);
+
+ key_file_load_service_allowlist(key_file, admin_policy);
+
+ g_key_file_free(key_file);
+}
+
static DBusMessage *set_service_allowlist(DBusConnection *conn,
DBusMessage *msg, void *user_data)
{
@@ -179,7 +339,9 @@ static DBusMessage *set_service_allowlist(DBusConnection *conn,
return btd_error_invalid_args(msg);
}
- if (!service_allowlist_set(admin_policy, uuid_list)) {
+ if (service_allowlist_set(admin_policy, uuid_list)) {
+ store_policy_settings(admin_policy);
+ } else {
free_service_allowlist(uuid_list);
return btd_error_failed(msg, "service_allowlist_set failed");
}
@@ -200,7 +362,7 @@ static const GDBusMethodTable admin_policy_adapter_methods[] = {
{ }
};
-void append_service_uuid(void *data, void *user_data)
+static void append_service_uuid(void *data, void *user_data)
{
bt_uuid_t *uuid = data;
DBusMessageIter *entry = user_data;
@@ -305,6 +467,7 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter)
if (!policy_data)
return -ENOMEM;
+ load_policy_settings(policy_data);
adapter_path = adapter_get_path(adapter);
if (!g_dbus_register_interface(dbus_conn, adapter_path,
--
2.32.0.554.ge1b32706d8-goog
next prev parent reply other threads:[~2021-08-03 8:23 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-03 8:22 [Bluez PATCH v8 00/13] Admin policy series Howard Chung
2021-08-03 8:22 ` [Bluez PATCH v8 01/13] core: add is_allowed property in btd_service Howard Chung
2021-08-03 8:42 ` Admin policy series bluez.test.bot
2021-08-03 8:22 ` [Bluez PATCH v8 02/13] core: add device callbacks to adapter driver Howard Chung
2021-08-03 8:22 ` [Bluez PATCH v8 03/13] core: add adapter and device allowed_uuid functions Howard Chung
2021-08-03 8:22 ` [Bluez PATCH v8 04/13] core: block not allowed UUID connect in auth Howard Chung
2021-08-03 8:22 ` [Bluez PATCH v8 05/13] plugins: new plugin Howard Chung
2021-08-03 8:22 ` [Bluez PATCH v8 06/13] plugins/admin: add admin_policy adapter driver Howard Chung
2021-08-03 8:22 ` [Bluez PATCH v8 07/13] plugins/admin: add ServiceAllowList method Howard Chung
2021-08-03 8:22 ` [Bluez PATCH v8 08/13] plugins/admin: add ServiceAllowList property Howard Chung
2021-08-03 8:22 ` [Bluez PATCH v8 09/13] plugins/admin: add device callbacks Howard Chung
2021-08-03 8:22 ` [Bluez PATCH v8 10/13] plugins/admin: add AffectedByPolicy property Howard Chung
2021-08-03 8:22 ` Howard Chung [this message]
2021-08-03 8:22 ` [Bluez PATCH v8 12/13] doc: add description of admin policy Howard Chung
2021-08-03 8:22 ` [Bluez PATCH v8 13/13] doc: add admin policy file storage description Howard Chung
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210803161319.Bluez.v8.11.Ib26c0abdbd417673a8b5788c175c06110726a68c@changeid \
--to=howardchung@google.com \
--cc=howardchung@chromium.org \
--cc=linux-bluetooth@vger.kernel.org \
--cc=luiz.dentz@gmail.com \
--cc=mcchou@chromium.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).