linux-bluetooth.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Luiz Augusto von Dentz <luiz.dentz@gmail.com>
To: Howard Chung <howardchung@google.com>
Cc: "linux-bluetooth@vger.kernel.org"
	<linux-bluetooth@vger.kernel.org>,
	Yun-Hao Chung <howardchung@chromium.org>,
	Miao-chen Chou <mcchou@chromium.org>
Subject: Re: [Bluez PATCH v7 12/13] plugins/admin: persist policy settings
Date: Mon, 2 Aug 2021 11:51:45 -0700	[thread overview]
Message-ID: <CABBYNZ+8193HOT3YZFigdAjRPQNpkbAFDsdE35zBdKZYEaARhg@mail.gmail.com> (raw)
In-Reply-To: <20210802141140.Bluez.v7.12.Ib26c0abdbd417673a8b5788c175c06110726a68c@changeid>

Hi Howard,

On Sun, Aug 1, 2021 at 11:13 PM Howard Chung <howardchung@google.com> wrote:
>
> From: Yun-Hao Chung <howardchung@chromium.org>
>
> This adds code to store the ServiceAllowlist to file
> /var/lib/bluetooth/{MAC_ADDR}/admin_policy
> The stored settings will be loaded upon admin_policy initialized.
>
> Reviewed-by: Miao-chen Chou <mcchou@chromium.org>
> ---
> The following test steps were performed:
> 1. Set ServiceAllowlist to ["1124","180A","180F","1812", "1801"]
> 2. restart bluetoothd
> 3. Verify ServiceAllowlist is ["1124","180A","180F","1812","1801"] in
>    UUID-128 form
> 4. Set ServiceAllowlist to []
> 5. restart bluetoothd
> 6. Verify ServiceAllowlist is []

Please have the format documented in doc/settings-storage.txt

> (no changes since v1)
>
>  plugins/admin.c | 169 +++++++++++++++++++++++++++++++++++++++++++++++-
>  1 file changed, 167 insertions(+), 2 deletions(-)
>
> diff --git a/plugins/admin.c b/plugins/admin.c
> index 653195a0e20b..8e6549ea8020 100644
> --- a/plugins/admin.c
> +++ b/plugins/admin.c
> @@ -14,6 +14,9 @@
>
>  #include <dbus/dbus.h>
>  #include <gdbus/gdbus.h>
> +#include <sys/file.h>
> +#include <sys/stat.h>
> +#include <errno.h>
>
>  #include "lib/bluetooth.h"
>  #include "lib/uuid.h"
> @@ -24,11 +27,13 @@
>  #include "src/error.h"
>  #include "src/log.h"
>  #include "src/plugin.h"
> +#include "src/textfile.h"
>
>  #include "src/shared/queue.h"
>
>  #define ADMIN_POLICY_SET_INTERFACE     "org.bluez.AdminPolicySet1"
>  #define ADMIN_POLICY_STATUS_INTERFACE  "org.bluez.AdminPolicyStatus1"
> +#define ADMIN_POLICY_STORAGE           STORAGEDIR "/admin_policy_settings"
>
>  #define DBUS_BLUEZ_SERVICE             "org.bluez"
>  #define BTD_DEVICE_INTERFACE           "org.bluez.Device1"
> @@ -161,6 +166,8 @@ static void update_device_affected(void *data, void *user_data)
>                         ADMIN_POLICY_STATUS_INTERFACE, "AffectedByPolicy");
>  }
>
> +static void store_policy_settings(struct btd_admin_policy *admin_policy);

Usually we recommend avoiding forward declaration if possible.

>  static DBusMessage *set_service_allowlist(DBusConnection *conn,
>                                         DBusMessage *msg, void *user_data)
>  {
> @@ -179,7 +186,9 @@ static DBusMessage *set_service_allowlist(DBusConnection *conn,
>                 return btd_error_invalid_args(msg);
>         }
>
> -       if (!service_allowlist_set(admin_policy, uuid_list)) {
> +       if (service_allowlist_set(admin_policy, uuid_list)) {
> +               store_policy_settings(admin_policy);
> +       } else {
>                 free_service_allowlist(uuid_list);
>                 return btd_error_failed(msg, "service_allowlist_set failed");
>         }
> @@ -200,7 +209,7 @@ static const GDBusMethodTable admin_policy_adapter_methods[] = {
>         { }
>  };
>
> -void append_service_uuid(void *data, void *user_data)
> +static void append_service_uuid(void *data, void *user_data)
>  {
>         bt_uuid_t *uuid = data;
>         DBusMessageIter *entry = user_data;
> @@ -237,6 +246,161 @@ static const GDBusPropertyTable admin_policy_adapter_properties[] = {
>         { }
>  };
>
> +static void free_uuid_strings(char **uuid_strs, gsize num)
> +{
> +       gsize i;
> +
> +       for (i = 0; i < num; i++)
> +               g_free(uuid_strs[i]);
> +       g_free(uuid_strs);
> +}
> +
> +static char **new_uuid_strings(struct queue *allowlist, gsize *num)
> +{
> +       const struct queue_entry *entry = NULL;
> +       bt_uuid_t *uuid = NULL;
> +       char **uuid_strs = NULL;
> +       gsize i = 0, allowlist_num;
> +
> +       /* Set num to a non-zero number so that whoever call this could know if
> +        * this function success or not
> +        */
> +       *num = 1;
> +
> +       allowlist_num = queue_length(allowlist);
> +       uuid_strs = g_try_malloc_n(allowlist_num, sizeof(char *));
> +       if (!uuid_strs)
> +               return NULL;
> +
> +       for (entry = queue_get_entries(allowlist); entry != NULL;
> +                                                       entry = entry->next) {
> +               uuid = entry->data;
> +               uuid_strs[i] = g_try_malloc0(MAX_LEN_UUID_STR * sizeof(char));
> +
> +               if (!uuid_strs[i])
> +                       goto failed;
> +
> +               bt_uuid_to_string(uuid, uuid_strs[i], MAX_LEN_UUID_STR);
> +               i++;
> +       }
> +
> +       *num = allowlist_num;
> +       return uuid_strs;
> +
> +failed:
> +       free_uuid_strings(uuid_strs, i);
> +
> +       return NULL;
> +}
> +
> +static void store_policy_settings(struct btd_admin_policy *admin_policy)
> +{
> +       GKeyFile *key_file = NULL;
> +       char *filename = ADMIN_POLICY_STORAGE;
> +       char *key_file_data = NULL;
> +       char **uuid_strs = NULL;
> +       gsize length, num_uuids;
> +
> +       key_file = g_key_file_new();
> +
> +       uuid_strs = new_uuid_strings(admin_policy->service_allowlist,
> +                                                               &num_uuids);
> +
> +       if (!uuid_strs && num_uuids) {
> +               btd_error(admin_policy->adapter_id,
> +                                       "Failed to allocate uuid strings");
> +               goto failed;
> +       }
> +
> +       g_key_file_set_string_list(key_file, "General", "ServiceAllowlist",
> +                                       (const gchar * const *)uuid_strs,
> +                                       num_uuids);
> +
> +       if (create_file(ADMIN_POLICY_STORAGE, 0600) < 0) {
> +               btd_error(admin_policy->adapter_id, "create %s failed, %s",
> +                                               filename, strerror(errno));
> +               goto failed;
> +       }
> +
> +       key_file_data = g_key_file_to_data(key_file, &length, NULL);
> +       g_file_set_contents(ADMIN_POLICY_STORAGE, key_file_data, length, NULL);
> +
> +       g_free(key_file_data);
> +       free_uuid_strings(uuid_strs, num_uuids);
> +
> +failed:
> +       g_key_file_free(key_file);
> +}
> +
> +static void key_file_load_service_allowlist(GKeyFile *key_file,
> +                                       struct btd_admin_policy *admin_policy)
> +{
> +       GError *gerr = NULL;
> +       struct queue *uuid_list = NULL;
> +       gchar **uuids = NULL;
> +       gsize num, i;
> +
> +       uuids = g_key_file_get_string_list(key_file, "General",
> +                                       "ServiceAllowlist", &num, &gerr);
> +
> +       if (gerr) {
> +               btd_error(admin_policy->adapter_id,
> +                                       "Failed to load ServiceAllowlist");
> +               g_error_free(gerr);
> +               return;
> +       }
> +
> +       uuid_list = queue_new();
> +       for (i = 0; i < num; i++) {
> +               bt_uuid_t *uuid = g_try_malloc(sizeof(*uuid));
> +
> +               if (!uuid)
> +                       goto failed;
> +
> +               if (bt_string_to_uuid(uuid, *uuids)) {
> +
> +                       btd_error(admin_policy->adapter_id,
> +                                       "Failed to convert '%s' to uuid struct",
> +                                       *uuids);
> +
> +                       g_free(uuid);
> +                       goto failed;
> +               }
> +
> +               queue_push_tail(uuid_list, uuid);
> +               uuids++;
> +       }
> +
> +       if (!service_allowlist_set(admin_policy, uuid_list))
> +               goto failed;
> +
> +       return;
> +failed:
> +       free_service_allowlist(uuid_list);
> +}
> +
> +static void load_policy_settings(struct btd_admin_policy *admin_policy)
> +{
> +       GKeyFile *key_file;
> +       char *filename = ADMIN_POLICY_STORAGE;
> +       struct stat st;
> +
> +       if (stat(filename, &st) < 0) {
> +               btd_error(admin_policy->adapter_id,
> +                               "Failed to get file %s information",
> +                               filename);
> +               return;
> +       }
> +
> +       key_file = g_key_file_new();
> +
> +       g_key_file_load_from_file(key_file, filename, 0, NULL);
> +
> +       key_file_load_service_allowlist(key_file, admin_policy);
> +
> +       g_key_file_free(key_file);
> +}
> +
>  static bool device_data_match(const void *a, const void *b)
>  {
>         const struct device_data *data = a;
> @@ -305,6 +469,7 @@ static int admin_policy_adapter_probe(struct btd_adapter *adapter)
>         if (!policy_data)
>                 return -ENOMEM;
>
> +       load_policy_settings(policy_data);
>         adapter_path = adapter_get_path(adapter);
>
>         if (!g_dbus_register_interface(dbus_conn, adapter_path,
> --
> 2.32.0.554.ge1b32706d8-goog
>


-- 
Luiz Augusto von Dentz

  reply	other threads:[~2021-08-02 18:51 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-08-02  6:12 [Bluez PATCH v7 00/13] Admin policy series Howard Chung
2021-08-02  6:12 ` [Bluez PATCH v7 01/13] core: add is_allowed property in btd_service Howard Chung
2021-08-02  6:50   ` Admin policy series bluez.test.bot
2021-08-02  6:12 ` [Bluez PATCH v7 02/13] core: add adapter and device allowed_uuid functions Howard Chung
2021-08-02  6:12 ` [Bluez PATCH v7 03/13] mcap: add adapter authorization Howard Chung
2021-08-02 18:49   ` Luiz Augusto von Dentz
2021-08-02  6:12 ` [Bluez PATCH v7 04/13] core: block not allowed UUID connect in auth Howard Chung
2021-08-02  6:12 ` [Bluez PATCH v7 05/13] core: add device_added and device_removed to adapter driver Howard Chung
2021-08-02  6:12 ` [Bluez PATCH v7 06/13] plugins: new plugin Howard Chung
2021-08-02  6:12 ` [Bluez PATCH v7 07/13] plugins/admin: add admin_policy adapter driver Howard Chung
2021-08-02  6:12 ` [Bluez PATCH v7 08/13] plugins/admin: add ServiceAllowList method Howard Chung
2021-08-02  6:12 ` [Bluez PATCH v7 09/13] plugins/admin: add ServiceAllowList property Howard Chung
2021-08-02  6:12 ` [Bluez PATCH v7 10/13] plugins/admin: add device callbacks Howard Chung
2021-08-02  6:12 ` [Bluez PATCH v7 11/13] plugins/admin: add AffectedByPolicy property Howard Chung
2021-08-02  6:12 ` [Bluez PATCH v7 12/13] plugins/admin: persist policy settings Howard Chung
2021-08-02 18:51   ` Luiz Augusto von Dentz [this message]
2021-08-02  6:12 ` [Bluez PATCH v7 13/13] doc: add description of admin policy Howard Chung

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CABBYNZ+8193HOT3YZFigdAjRPQNpkbAFDsdE35zBdKZYEaARhg@mail.gmail.com \
    --to=luiz.dentz@gmail.com \
    --cc=howardchung@chromium.org \
    --cc=howardchung@google.com \
    --cc=linux-bluetooth@vger.kernel.org \
    --cc=mcchou@chromium.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).