From: Tyszkowski Jakub <jakub.tyszkowski@tieto.com>
To: Luiz Augusto von Dentz <luiz.dentz@gmail.com>
Cc: "linux-bluetooth@vger.kernel.org" <linux-bluetooth@vger.kernel.org>
Subject: Re: [PATCH 2/2] android/hid: Force encryption for keyboards
Date: Fri, 22 Aug 2014 10:25:49 +0200 [thread overview]
Message-ID: <53F6FE8D.3000300@tieto.com> (raw)
In-Reply-To: <CABBYNZKw-ropQpjGuq0Ko7rTmXJBuTzHOi9Fu0R20EH3GJ58Ng@mail.gmail.com>
Hi Luiz,
On 08/21/2014 01:58 PM, Luiz Augusto von Dentz wrote:
> Hi Jakub,
>
> On Thu, Aug 21, 2014 at 1:04 PM, Jakub Tyszkowski
> <jakub.tyszkowski@tieto.com> wrote:
>> Encryption is mandatory for keyboards.
>> ---
>> android/hidhost.c | 27 ++++++++++++++++++++++++---
>> 1 file changed, 24 insertions(+), 3 deletions(-)
>>
>> diff --git a/android/hidhost.c b/android/hidhost.c
>> index 07985d8..d57b24b 100644
>> --- a/android/hidhost.c
>> +++ b/android/hidhost.c
>> @@ -579,6 +579,7 @@ static void control_connect_cb(GIOChannel *chan, GError *conn_err,
>> {
>> struct hid_device *dev = user_data;
>> GError *err = NULL;
>> + int sec_level;
>>
>> DBG("");
>>
>> @@ -589,12 +590,15 @@ static void control_connect_cb(GIOChannel *chan, GError *conn_err,
>> goto failed;
>> }
>>
>> + /* Encryption is mandatory for keyboards */
>> + sec_level = (dev->subclass & 0x40) ? BT_IO_SEC_MEDIUM : BT_IO_SEC_LOW;
>> +
>> /* Connect to the HID interrupt channel */
>> dev->intr_io = bt_io_connect(interrupt_connect_cb, dev, NULL, &err,
>> BT_IO_OPT_SOURCE_BDADDR, &adapter_addr,
>> BT_IO_OPT_DEST_BDADDR, &dev->dst,
>> BT_IO_OPT_PSM, L2CAP_PSM_HIDP_INTR,
>> - BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_LOW,
>> + BT_IO_OPT_SEC_LEVEL, sec_level,
>> BT_IO_OPT_INVALID);
>> if (!dev->intr_io) {
>> error("hidhost: Failed to connect interrupt channel (%s)",
>> @@ -618,6 +622,7 @@ static void hid_sdp_search_cb(sdp_list_t *recs, int err, gpointer data)
>> struct hid_device *dev = data;
>> sdp_list_t *list;
>> GError *gerr = NULL;
>> + int sec_level = BT_IO_SEC_LOW;
>>
>> DBG("");
>>
>> @@ -640,9 +645,14 @@ static void hid_sdp_search_cb(sdp_list_t *recs, int err, gpointer data)
>> dev->country = data->val.uint8;
>>
>> data = sdp_data_get(rec, SDP_ATTR_HID_DEVICE_SUBCLASS);
>> - if (data)
>> + if (data) {
>> dev->subclass = data->val.uint8;
>>
>> + /* Encryption is mandatory for keyboards */
>> + if (dev->subclass & 0x40)
>> + sec_level = BT_IO_SEC_MEDIUM;
>> + }
>
> I prefer to store this info in the device struct e..g dev->sec_level
Seams reasonable. I'll be sending v2.
>
>> data = sdp_data_get(rec, SDP_ATTR_HID_BOOT_DEVICE);
>> if (data)
>> dev->boot_dev = data->val.uint8;
>> @@ -673,6 +683,17 @@ static void hid_sdp_search_cb(sdp_list_t *recs, int err, gpointer data)
>> }
>>
>> if (dev->ctrl_io) {
>> + /* Encryption is mandatory for keyboards */
>> + if ((dev->subclass & 0x40) && !bt_io_set(dev->ctrl_io, &gerr,
>> + BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_MEDIUM,
>> + BT_IO_OPT_INVALID)) {
>> + error("hidhost: Cannot rise security level: %s",
>> + gerr->message);
>> + g_error_free(gerr);
>> +
>> + goto fail;
>> + }
>> +
>> if (uhid_create(dev) < 0)
>> goto fail;
>> return;
>> @@ -682,7 +703,7 @@ static void hid_sdp_search_cb(sdp_list_t *recs, int err, gpointer data)
>> BT_IO_OPT_SOURCE_BDADDR, &adapter_addr,
>> BT_IO_OPT_DEST_BDADDR, &dev->dst,
>> BT_IO_OPT_PSM, L2CAP_PSM_HIDP_CTRL,
>> - BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_LOW,
>> + BT_IO_OPT_SEC_LEVEL, sec_level,
>> BT_IO_OPT_INVALID);
>> if (gerr) {
>> error("hidhost: Failed to connect control channel (%s)",
>> --
>> 1.9.1
>>
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
>> the body of a message to majordomo@vger.kernel.org
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>
>
Regards,
Jakub
prev parent reply other threads:[~2014-08-22 8:25 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-21 10:04 [PATCH 1/2] android/hid: Reject connections from unknown devices Jakub Tyszkowski
2014-08-21 10:04 ` [PATCH 2/2] android/hid: Force encryption for keyboards Jakub Tyszkowski
2014-08-21 11:58 ` Luiz Augusto von Dentz
2014-08-22 8:25 ` Tyszkowski Jakub [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53F6FE8D.3000300@tieto.com \
--to=jakub.tyszkowski@tieto.com \
--cc=linux-bluetooth@vger.kernel.org \
--cc=luiz.dentz@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.