All of lore.kernel.org
 help / color / mirror / Atom feed
From: Sonny Sasaka <sonnysasaka@chromium.org>
To: Bastien Nocera <hadess@hadess.net>
Cc: BlueZ <linux-bluetooth@vger.kernel.org>,
	Miao-chen Chou <mcchou@chromium.org>
Subject: Re: [PATCH BlueZ v2 7/7] battery: Implement Battery Provider API
Date: Fri, 20 Nov 2020 11:41:30 -0800	[thread overview]
Message-ID: <CAO271mkgnruxgdGsFC+wt5b-ZbxCTyJDU9q7niyNqEdg+DL0iA@mail.gmail.com> (raw)
In-Reply-To: <8b0420db9d7a9ee73c323fb311ee4faadacead1f.camel@hadess.net>

Hi Bastien,

On Fri, Nov 20, 2020 at 2:33 AM Bastien Nocera <hadess@hadess.net> wrote:
>
> On Thu, 2020-11-19 at 12:20 -0800, Sonny Sasaka wrote:
> > Hi Bastien,
> >
> > On Thu, Nov 19, 2020 at 2:44 AM Bastien Nocera <hadess@hadess.net>
> > wrote:
> > >
> > > On Tue, 2020-11-17 at 14:16 -0800, Sonny Sasaka wrote:
> > > > Hi Bastien,
> > > >
> > > > Thank you for the feedback. Please find my answers below.
> > > >
> > > > On Tue, Nov 17, 2020 at 2:51 AM Bastien Nocera
> > > > <hadess@hadess.net>
> > > > wrote:
> > > > >
> > > > > Hey Sonny,
> > > > >
> > > > > On Tue, 2020-11-10 at 17:17 -0800, Sonny Sasaka wrote:
> > > > > > This patch implements the BatteryProvider1 and
> > > > > > BatteryProviderManager1
> > > > > > API. This is a means for external clients to feed battery
> > > > > > information
> > > > > > to
> > > > > > BlueZ if they handle some profile and can decode battery
> > > > > > reporting.
> > > > > >
> > > > > > The battery information is then exposed externally via the
> > > > > > existing
> > > > > > Battery1 interface. UI components can consume this API to
> > > > > > display
> > > > > > Bluetooth peripherals' battery via a unified BlueZ API.
> > > > >
> > > > > Was this patch reviewed for potential security problems? From
> > > > > the
> > > > > top
> > > > > of my head, the possible problems would be:
> > > > > - I don't see any filters on which user could register battery
> > > > > providers, so on a multi user system, you could have a user
> > > > > logged
> > > > > in
> > > > > via SSH squatting all the battery providers, while the user "at
> > > > > the
> > > > > console" can't have their own providers. Also, what happens if
> > > > > the
> > > > > user
> > > > > at the console changes (fast user switching)?
> > > > > - It looks like battery providers don't check for paired,
> > > > > trusted
> > > > > or
> > > > > even connected devices, so I would be able to create nearly
> > > > > unbound
> > > > > number of battery providers depending on how big the cache for
> > > > > "seen"
> > > > > devices is.
> > > > For security, the API can be access-limited at D-Bus level using
> > > > D-
> > > > Bus
> > > > configuration files. For example, we can let only trusted UNIX
> > > > users
> > > > as the callers for this API. This D-Bus config file would be
> > > > distribution-specific. In Chrome OS, for example, only the
> > > > "audio"
> > > > and
> > > > "power" users are allowed to call this API. This way we can make
> > > > sure
> > > > that the callers do not abuse the API for denial-of-service kind
> > > > of
> > > > attack.
> > >
> > > That wouldn't solve it, the point is to avoid one user causing
> > > problems
> > > for another logged in user. If both users are in the audio group,
> > > which
> > > they'd likely be to be able to use the computer, they'd be able to
> > > cause problems to each other.
> >
> > If I understand your case correctly, both users being in "audio"
> > group
> > still won't allow them both to become battery providers because the
> > D-Bus policy only allows "audio" user and not "audio" group.
>
> OK, I guess that means that this is a separate daemon running as a
> different user, not, say, PulseAudio running in the user's session
> feeding information. Is that right?
Yes, that's right.

>
> Either way, I guess we'll need to test this out once the feature is
> merged.
It will first be tested in Chrome OS with CRAS as the battery provider
from HFP (I am working on it too). I guess PulseAudio can then follow
along so Linux desktops can get headphones batteries in the UI. Then,
as Luiz suggested, batteries from HID will be parsed directly from
within bluetoothd (a TODO, not blocking the progress of the API).

>
> Apart from the concern about having to duplicate the exported
> properties, the rest looks good. I've made some additional comments
> about the architecture in the design document you shared, but those
> should not have any impact on the implementation.

Thanks for the review. I will update the patches based on your and
Luiz's feedback.
>
> Good job :)
>

  reply	other threads:[~2020-11-20 19:42 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-11-11  1:17 [PATCH BlueZ v2 1/7] battery: Add the internal Battery API Sonny Sasaka
2020-11-11  1:17 ` [PATCH BlueZ v2 2/7] profiles/battery: Refactor to use battery library Sonny Sasaka
2020-11-11  1:17 ` [PATCH BlueZ v2 3/7] battery: Add Source property to Battery API Sonny Sasaka
2020-11-11  1:17 ` [PATCH BlueZ v2 4/7] doc: Add Battery Provider API doc Sonny Sasaka
2020-11-17  0:16   ` Luiz Augusto von Dentz
2020-11-17 22:37     ` Sonny Sasaka
2020-11-17 23:01       ` Luiz Augusto von Dentz
2020-11-17 23:16         ` Sonny Sasaka
2020-11-17 23:33           ` Luiz Augusto von Dentz
2020-11-17 23:55             ` Sonny Sasaka
2020-11-20 21:00               ` Sonny Sasaka
2020-11-11  1:17 ` [PATCH BlueZ v2 5/7] test: Add test app for Battery Provider API Sonny Sasaka
2020-11-11  1:17 ` [PATCH BlueZ v2 6/7] adapter: Add a public function to find a device by path Sonny Sasaka
2020-11-11  1:17 ` [PATCH BlueZ v2 7/7] battery: Implement Battery Provider API Sonny Sasaka
2020-11-17 10:51   ` Bastien Nocera
2020-11-17 18:01     ` Bastien Nocera
2020-11-17 22:22       ` Sonny Sasaka
2020-11-17 22:26         ` Sonny Sasaka
2020-11-19 10:53         ` Bastien Nocera
2020-11-19 20:25           ` Sonny Sasaka
2020-11-17 22:16     ` Sonny Sasaka
2020-11-17 22:26       ` Luiz Augusto von Dentz
2020-11-19 20:15         ` Sonny Sasaka
2020-11-19 23:56           ` Luiz Augusto von Dentz
2020-11-20 20:33             ` Sonny Sasaka
2020-11-19 10:44       ` Bastien Nocera
2020-11-19 20:20         ` Sonny Sasaka
2020-11-20 10:33           ` Bastien Nocera
2020-11-20 19:41             ` Sonny Sasaka [this message]
2020-11-11  1:28 ` [BlueZ,v2,1/7] battery: Add the internal Battery API bluez.test.bot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAO271mkgnruxgdGsFC+wt5b-ZbxCTyJDU9q7niyNqEdg+DL0iA@mail.gmail.com \
    --to=sonnysasaka@chromium.org \
    --cc=hadess@hadess.net \
    --cc=linux-bluetooth@vger.kernel.org \
    --cc=mcchou@chromium.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.