[PATCH v2 1/2] input: hog: Attempt to set security level if not bonded

[PATCH v2 1/2] input: hog: Attempt to set security level if not bonded

[Luiz Augusto von Dentz]

From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>

This attempts to set the security if the device is not bonded, the
kernel will block any communication on the ATT socket while bumping
the security and if that fails the device will be disconnected which
is better than having the device dangling around without being able to
communicate with it until it is properly bonded.
---
 profiles/input/hog.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/profiles/input/hog.c b/profiles/input/hog.c
index dfac68921..f0226ebbd 100644
--- a/profiles/input/hog.c
+++ b/profiles/input/hog.c
@@ -49,6 +49,8 @@
 #include "src/shared/util.h"
 #include "src/shared/uhid.h"
 #include "src/shared/queue.h"
+#include "src/shared/att.h"
+#include "src/shared/gatt-client.h"
 #include "src/plugin.h"
 
 #include "suspend.h"
@@ -187,8 +189,15 @@ static int hog_accept(struct btd_service *service)
 	}
 
 	/* HOGP 1.0 Section 6.1 requires bonding */
-	if (!device_is_bonded(device, btd_device_get_bdaddr_type(device)))
-		return -ECONNREFUSED;
+	if (!device_is_bonded(device, btd_device_get_bdaddr_type(device))) {
+		struct bt_gatt_client *client;
+
+		client = btd_device_get_gatt_client(device);
+		if (!bt_gatt_client_set_security(client,
+						BT_ATT_SECURITY_MEDIUM)) {
+			return -ECONNREFUSED;
+		}
+	}
 
 	/* TODO: Replace GAttrib with bt_gatt_client */
 	bt_hog_attach(dev->hog, attrib);
-- 
2.21.1

[PATCH v2 2/2] input: Add LEAudioSecurity setting to input.conf

[Luiz Augusto von Dentz]

From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>

LEAudioSecurity can be used to enable/disable automatic upgrades of
security for LE devices, by default it is enabled so existing devices
that did not require security and were not bonded will automatically
upgrade the security.

Note: Platforms disabling this setting would require users to manually
bond the device which may require changes to the user interface to
always force bonding for input devices ad APIs such as Device.Connect
directly will no longer work which maybe perceived as a regression.
---
 profiles/input/device.h   |  1 +
 profiles/input/hog.c      | 13 +++++++++++--
 profiles/input/input.conf |  5 +++++
 profiles/input/manager.c  | 11 ++++++++++-
 4 files changed, 27 insertions(+), 3 deletions(-)

diff --git a/profiles/input/device.h b/profiles/input/device.h
index 3044db673..5a077f92a 100644
--- a/profiles/input/device.h
+++ b/profiles/input/device.h
@@ -30,6 +30,7 @@ struct input_conn;
 void input_set_idle_timeout(int timeout);
 void input_enable_userspace_hid(bool state);
 void input_set_classic_bonded_only(bool state);
+void input_set_auto_sec(bool state);
 
 int input_device_register(struct btd_service *service);
 void input_device_unregister(struct btd_service *service);
diff --git a/profiles/input/hog.c b/profiles/input/hog.c
index f0226ebbd..327a1d1c3 100644
--- a/profiles/input/hog.c
+++ b/profiles/input/hog.c
@@ -53,6 +53,7 @@
 #include "src/shared/gatt-client.h"
 #include "src/plugin.h"
 
+#include "device.h"
 #include "suspend.h"
 #include "attrib/att.h"
 #include "attrib/gattrib.h"
@@ -67,8 +68,14 @@ struct hog_device {
 };
 
 static gboolean suspend_supported = FALSE;
+static bool auto_sec = true;
 static struct queue *devices = NULL;
 
+void input_set_auto_sec(bool state)
+{
+	auto_sec = state;
+}
+
 static void hog_device_accept(struct hog_device *dev, struct gatt_db *db)
 {
 	char name[248];
@@ -192,11 +199,13 @@ static int hog_accept(struct btd_service *service)
 	if (!device_is_bonded(device, btd_device_get_bdaddr_type(device))) {
 		struct bt_gatt_client *client;
 
+		if (!auto_sec)
+			return -ECONNREFUSED;
+
 		client = btd_device_get_gatt_client(device);
 		if (!bt_gatt_client_set_security(client,
-						BT_ATT_SECURITY_MEDIUM)) {
+						BT_ATT_SECURITY_MEDIUM))
 			return -ECONNREFUSED;
-		}
 	}
 
 	/* TODO: Replace GAttrib with bt_gatt_client */
diff --git a/profiles/input/input.conf b/profiles/input/input.conf
index 166aff4a4..4c70bc561 100644
--- a/profiles/input/input.conf
+++ b/profiles/input/input.conf
@@ -19,3 +19,8 @@
 # pairing/encryption.
 # Defaults to false to maximize device compatibility.
 #ClassicBondedOnly=true
+
+# LE upgrade security
+# Enables upgrades of security automatically if required.
+# Defaults to true to maximize device compatibility.
+#LEAutoSecurity=true
diff --git a/profiles/input/manager.c b/profiles/input/manager.c
index 5cd27b839..bf4acb4ed 100644
--- a/profiles/input/manager.c
+++ b/profiles/input/manager.c
@@ -96,7 +96,7 @@ static int input_init(void)
 	config = load_config_file(CONFIGDIR "/input.conf");
 	if (config) {
 		int idle_timeout;
-		gboolean uhid_enabled, classic_bonded_only;
+		gboolean uhid_enabled, classic_bonded_only, auto_sec;
 
 		idle_timeout = g_key_file_get_integer(config, "General",
 							"IdleTimeout", &err);
@@ -125,6 +125,15 @@ static int input_init(void)
 		} else
 			g_clear_error(&err);
 
+		auto_sec = g_key_file_get_boolean(config, "General",
+						"LEAutoSecurity", &err);
+		if (!err) {
+			DBG("input.conf: LEAutoSecurity=%s",
+					auto_sec ? "true" : "false");
+			input_set_auto_sec(auto_sec);
+		} else
+			g_clear_error(&err);
+
 	}
 
 	btd_profile_register(&input_profile);
-- 
2.21.1

Re: [PATCH v2 2/2] input: Add LEAudioSecurity setting to input.conf

[Luiz Augusto von Dentz]

Hi Alain,

On Wed, Mar 11, 2020 at 11:59 AM Luiz Augusto von Dentz
<luiz.dentz@gmail.com> wrote:
>
> From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
>
> LEAudioSecurity can be used to enable/disable automatic upgrades of
> security for LE devices, by default it is enabled so existing devices
> that did not require security and were not bonded will automatically
> upgrade the security.
>
> Note: Platforms disabling this setting would require users to manually
> bond the device which may require changes to the user interface to
> always force bonding for input devices ad APIs such as Device.Connect
> directly will no longer work which maybe perceived as a regression.

Does this attends your requirements?

> ---
>  profiles/input/device.h   |  1 +
>  profiles/input/hog.c      | 13 +++++++++++--
>  profiles/input/input.conf |  5 +++++
>  profiles/input/manager.c  | 11 ++++++++++-
>  4 files changed, 27 insertions(+), 3 deletions(-)
>
> diff --git a/profiles/input/device.h b/profiles/input/device.h
> index 3044db673..5a077f92a 100644
> --- a/profiles/input/device.h
> +++ b/profiles/input/device.h
> @@ -30,6 +30,7 @@ struct input_conn;
>  void input_set_idle_timeout(int timeout);
>  void input_enable_userspace_hid(bool state);
>  void input_set_classic_bonded_only(bool state);
> +void input_set_auto_sec(bool state);
>
>  int input_device_register(struct btd_service *service);
>  void input_device_unregister(struct btd_service *service);
> diff --git a/profiles/input/hog.c b/profiles/input/hog.c
> index f0226ebbd..327a1d1c3 100644
> --- a/profiles/input/hog.c
> +++ b/profiles/input/hog.c
> @@ -53,6 +53,7 @@
>  #include "src/shared/gatt-client.h"
>  #include "src/plugin.h"
>
> +#include "device.h"
>  #include "suspend.h"
>  #include "attrib/att.h"
>  #include "attrib/gattrib.h"
> @@ -67,8 +68,14 @@ struct hog_device {
>  };
>
>  static gboolean suspend_supported = FALSE;
> +static bool auto_sec = true;
>  static struct queue *devices = NULL;
>
> +void input_set_auto_sec(bool state)
> +{
> +       auto_sec = state;
> +}
> +
>  static void hog_device_accept(struct hog_device *dev, struct gatt_db *db)
>  {
>         char name[248];
> @@ -192,11 +199,13 @@ static int hog_accept(struct btd_service *service)
>         if (!device_is_bonded(device, btd_device_get_bdaddr_type(device))) {
>                 struct bt_gatt_client *client;
>
> +               if (!auto_sec)
> +                       return -ECONNREFUSED;
> +
>                 client = btd_device_get_gatt_client(device);
>                 if (!bt_gatt_client_set_security(client,
> -                                               BT_ATT_SECURITY_MEDIUM)) {
> +                                               BT_ATT_SECURITY_MEDIUM))
>                         return -ECONNREFUSED;
> -               }
>         }
>
>         /* TODO: Replace GAttrib with bt_gatt_client */
> diff --git a/profiles/input/input.conf b/profiles/input/input.conf
> index 166aff4a4..4c70bc561 100644
> --- a/profiles/input/input.conf
> +++ b/profiles/input/input.conf
> @@ -19,3 +19,8 @@
>  # pairing/encryption.
>  # Defaults to false to maximize device compatibility.
>  #ClassicBondedOnly=true
> +
> +# LE upgrade security
> +# Enables upgrades of security automatically if required.
> +# Defaults to true to maximize device compatibility.
> +#LEAutoSecurity=true
> diff --git a/profiles/input/manager.c b/profiles/input/manager.c
> index 5cd27b839..bf4acb4ed 100644
> --- a/profiles/input/manager.c
> +++ b/profiles/input/manager.c
> @@ -96,7 +96,7 @@ static int input_init(void)
>         config = load_config_file(CONFIGDIR "/input.conf");
>         if (config) {
>                 int idle_timeout;
> -               gboolean uhid_enabled, classic_bonded_only;
> +               gboolean uhid_enabled, classic_bonded_only, auto_sec;
>
>                 idle_timeout = g_key_file_get_integer(config, "General",
>                                                         "IdleTimeout", &err);
> @@ -125,6 +125,15 @@ static int input_init(void)
>                 } else
>                         g_clear_error(&err);
>
> +               auto_sec = g_key_file_get_boolean(config, "General",
> +                                               "LEAutoSecurity", &err);
> +               if (!err) {
> +                       DBG("input.conf: LEAutoSecurity=%s",
> +                                       auto_sec ? "true" : "false");
> +                       input_set_auto_sec(auto_sec);
> +               } else
> +                       g_clear_error(&err);
> +
>         }
>
>         btd_profile_register(&input_profile);
> --
> 2.21.1
>


-- 
Luiz Augusto von Dentz

Re: [PATCH v2 2/2] input: Add LEAudioSecurity setting to input.conf

[Marcel Holtmann]

Hi Luiz,

> LEAudioSecurity can be used to enable/disable automatic upgrades of
> security for LE devices, by default it is enabled so existing devices
> that did not require security and were not bonded will automatically
> upgrade the security.

LEAudioSecurity?

Regards

Marcel

Re: [PATCH v2 2/2] input: Add LEAudioSecurity setting to input.conf

[Luiz Augusto von Dentz]

Hi Marcel,

On Thu, Mar 12, 2020 at 12:24 AM Marcel Holtmann <marcel@holtmann.org> wrote:
>
> Hi Luiz,
>
> > LEAudioSecurity can be used to enable/disable automatic upgrades of
> > security for LE devices, by default it is enabled so existing devices
> > that did not require security and were not bonded will automatically
> > upgrade the security.
>
> LEAudioSecurity?

Derr, will fix it, luckly it is just in the commit message the option
is actually LEAutoSecurity.

-- 
Luiz Augusto von Dentz

[PATCH v2 1/2] input: hog: Attempt to set security level if not bonded

[Luiz Augusto von Dentz]

From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>

This attempts to set the security if the device is not bonded, the
kernel will block any communication on the ATT socket while bumping
the security and if that fails the device will be disconnected which
is better than having the device dangling around without being able to
communicate with it until it is properly bonded.
---
 profiles/input/hog.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/profiles/input/hog.c b/profiles/input/hog.c
index dfac68921..f0226ebbd 100644
--- a/profiles/input/hog.c
+++ b/profiles/input/hog.c
@@ -49,6 +49,8 @@
 #include "src/shared/util.h"
 #include "src/shared/uhid.h"
 #include "src/shared/queue.h"
+#include "src/shared/att.h"
+#include "src/shared/gatt-client.h"
 #include "src/plugin.h"
 
 #include "suspend.h"
@@ -187,8 +189,15 @@ static int hog_accept(struct btd_service *service)
 	}
 
 	/* HOGP 1.0 Section 6.1 requires bonding */
-	if (!device_is_bonded(device, btd_device_get_bdaddr_type(device)))
-		return -ECONNREFUSED;
+	if (!device_is_bonded(device, btd_device_get_bdaddr_type(device))) {
+		struct bt_gatt_client *client;
+
+		client = btd_device_get_gatt_client(device);
+		if (!bt_gatt_client_set_security(client,
+						BT_ATT_SECURITY_MEDIUM)) {
+			return -ECONNREFUSED;
+		}
+	}
 
 	/* TODO: Replace GAttrib with bt_gatt_client */
 	bt_hog_attach(dev->hog, attrib);
-- 
2.21.1