Bluetooth: Filter list of supported commands/events for untrusted users

When the user of the management interface is not trusted, then it only has access to a limited set of commands and events. When providing the list of supported commands and events take the trusted vs untrusted status of the user into account and return different lists. This way the untrusted user knows exactly which commands it can execute and which events it can receive. So no guesswork needed. Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
author: Marcel Holtmann <marcel@holtmann.org> 2015-03-24 20:31:03 -0400
committer: Johan Hedberg <johan.hedberg@intel.com> 2015-03-24 21:37:42 -0400
commit: 99c679acce5d07aa1be63d8afe94df27f0aecb50 (patch)
tree: 619dc9cc51e255e340cfeae729a1fa3422352018 /net/bluetooth
parent: 912098a6308e37208b8dcc46c57c66d0778a854b (diff)
1 files changed, 46 insertions, 7 deletions
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index eda52397a648..38b03bd14723 100644
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -141,6 +141,27 @@ static const u16 mgmt_events[] = {
        MGMT_EV_ADVERTISING_REMOVED,
 };
+static const u16 mgmt_untrusted_commands[] = {
+        MGMT_OP_READ_INDEX_LIST,
+        MGMT_OP_READ_INFO,
+        MGMT_OP_READ_UNCONF_INDEX_LIST,
+        MGMT_OP_READ_CONFIG_INFO,
+        MGMT_OP_READ_EXT_INDEX_LIST,
+};
+static const u16 mgmt_untrusted_events[] = {
+        MGMT_EV_INDEX_ADDED,
+        MGMT_EV_INDEX_REMOVED,
+        MGMT_EV_NEW_SETTINGS,
+        MGMT_EV_CLASS_OF_DEV_CHANGED,
+        MGMT_EV_LOCAL_NAME_CHANGED,
+        MGMT_EV_UNCONF_INDEX_ADDED,
+        MGMT_EV_UNCONF_INDEX_REMOVED,
+        MGMT_EV_NEW_CONFIG_OPTIONS,
+        MGMT_EV_EXT_INDEX_ADDED,
+        MGMT_EV_EXT_INDEX_REMOVED,
+};
 #define CACHE_TIMEOUT   msecs_to_jiffies(2 * 1000)
 #define ZERO_KEY "\x00\x00\x00\x00\x00\x00\x00\x00" \
@@ -265,14 +286,20 @@ static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data,
                         u16 data_len)
 {
        struct mgmt_rp_read_commands *rp;
-        const u16 num_commands = ARRAY_SIZE(mgmt_commands);
+        u16 num_commands, num_events;
-        const u16 num_events = ARRAY_SIZE(mgmt_events);
-        __le16 *opcode;
        size_t rp_size;
        int i, err;
        BT_DBG("sock %p", sk);
+        if (hci_sock_test_flag(sk, HCI_SOCK_TRUSTED)) {
+                num_commands = ARRAY_SIZE(mgmt_commands);
+                num_events = ARRAY_SIZE(mgmt_events);
+        } else {
+                num_commands = ARRAY_SIZE(mgmt_untrusted_commands);
+                num_events = ARRAY_SIZE(mgmt_untrusted_events);
+        }
        rp_size = sizeof(*rp) + ((num_commands + num_events) * sizeof(u16));
        rp = kmalloc(rp_size, GFP_KERNEL);
@@ -282,11 +309,23 @@ static int read_commands(struct sock *sk, struct hci_dev *hdev, void *data,
        rp->num_commands = cpu_to_le16(num_commands);
        rp->num_events = cpu_to_le16(num_events);
-        for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)
+        if (hci_sock_test_flag(sk, HCI_SOCK_TRUSTED)) {
-                put_unaligned_le16(mgmt_commands[i], opcode);
+                __le16 *opcode = rp->opcodes;
+                for (i = 0; i < num_commands; i++, opcode++)
+                        put_unaligned_le16(mgmt_commands[i], opcode);
+                for (i = 0; i < num_events; i++, opcode++)
+                        put_unaligned_le16(mgmt_events[i], opcode);
+        } else {
+                __le16 *opcode = rp->opcodes;
+                for (i = 0; i < num_commands; i++, opcode++)
+                        put_unaligned_le16(mgmt_untrusted_commands[i], opcode);
-        for (i = 0; i < num_events; i++, opcode++)
+                for (i = 0; i < num_events; i++, opcode++)
-                put_unaligned_le16(mgmt_events[i], opcode);
+                        put_unaligned_le16(mgmt_untrusted_events[i], opcode);
+        }
        err = mgmt_cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0,
                                rp, rp_size);
author	Marcel Holtmann <marcel@holtmann.org>	2015-03-24 20:31:03 -0400
committer	Johan Hedberg <johan.hedberg@intel.com>	2015-03-24 21:37:42 -0400
commit	99c679acce5d07aa1be63d8afe94df27f0aecb50 (patch)
tree	619dc9cc51e255e340cfeae729a1fa3422352018 /net/bluetooth
parent	912098a6308e37208b8dcc46c57c66d0778a854b (diff)

diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c index eda52397a648..38b03bd14723 100644 --- a/net/bluetooth/mgmt.c +++ b/net/bluetooth/mgmt.c
@@ -141,6 +141,27 @@ static const u16 mgmt_events[] = {
141	MGMT_EV_ADVERTISING_REMOVED,	141	MGMT_EV_ADVERTISING_REMOVED,
142	};	142	};
143		143
		144	static const u16 mgmt_untrusted_commands[] = {
		145	MGMT_OP_READ_INDEX_LIST,
		146	MGMT_OP_READ_INFO,
		147	MGMT_OP_READ_UNCONF_INDEX_LIST,
		148	MGMT_OP_READ_CONFIG_INFO,
		149	MGMT_OP_READ_EXT_INDEX_LIST,
		150	};
		151
		152	static const u16 mgmt_untrusted_events[] = {
		153	MGMT_EV_INDEX_ADDED,
		154	MGMT_EV_INDEX_REMOVED,
		155	MGMT_EV_NEW_SETTINGS,
		156	MGMT_EV_CLASS_OF_DEV_CHANGED,
		157	MGMT_EV_LOCAL_NAME_CHANGED,
		158	MGMT_EV_UNCONF_INDEX_ADDED,
		159	MGMT_EV_UNCONF_INDEX_REMOVED,
		160	MGMT_EV_NEW_CONFIG_OPTIONS,
		161	MGMT_EV_EXT_INDEX_ADDED,
		162	MGMT_EV_EXT_INDEX_REMOVED,
		163	};
		164
144	#define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000)	165	#define CACHE_TIMEOUT msecs_to_jiffies(2 * 1000)
145		166
146	#define ZERO_KEY "\x00\x00\x00\x00\x00\x00\x00\x00" \	167	#define ZERO_KEY "\x00\x00\x00\x00\x00\x00\x00\x00" \
@@ -265,14 +286,20 @@ static int read_commands(struct sock sk, struct hci_dev hdev, void *data,
265	u16 data_len)	286	u16 data_len)
266	{	287	{
267	struct mgmt_rp_read_commands *rp;	288	struct mgmt_rp_read_commands *rp;
268	const u16 num_commands = ARRAY_SIZE(mgmt_commands);	289	u16 num_commands, num_events;
269	const u16 num_events = ARRAY_SIZE(mgmt_events);
270	__le16 *opcode;
271	size_t rp_size;	290	size_t rp_size;
272	int i, err;	291	int i, err;
273		292
274	BT_DBG("sock %p", sk);	293	BT_DBG("sock %p", sk);
275		294
		295	if (hci_sock_test_flag(sk, HCI_SOCK_TRUSTED)) {
		296	num_commands = ARRAY_SIZE(mgmt_commands);
		297	num_events = ARRAY_SIZE(mgmt_events);
		298	} else {
		299	num_commands = ARRAY_SIZE(mgmt_untrusted_commands);
		300	num_events = ARRAY_SIZE(mgmt_untrusted_events);
		301	}
		302
276	rp_size = sizeof(rp) + ((num_commands + num_events) sizeof(u16));	303	rp_size = sizeof(rp) + ((num_commands + num_events) sizeof(u16));
277		304
278	rp = kmalloc(rp_size, GFP_KERNEL);	305	rp = kmalloc(rp_size, GFP_KERNEL);
@@ -282,11 +309,23 @@ static int read_commands(struct sock sk, struct hci_dev hdev, void *data,
282	rp->num_commands = cpu_to_le16(num_commands);	309	rp->num_commands = cpu_to_le16(num_commands);
283	rp->num_events = cpu_to_le16(num_events);	310	rp->num_events = cpu_to_le16(num_events);
284		311
285	for (i = 0, opcode = rp->opcodes; i < num_commands; i++, opcode++)	312	if (hci_sock_test_flag(sk, HCI_SOCK_TRUSTED)) {
286	put_unaligned_le16(mgmt_commands[i], opcode);	313	__le16 *opcode = rp->opcodes;
		314
		315	for (i = 0; i < num_commands; i++, opcode++)
		316	put_unaligned_le16(mgmt_commands[i], opcode);
		317
		318	for (i = 0; i < num_events; i++, opcode++)
		319	put_unaligned_le16(mgmt_events[i], opcode);
		320	} else {
		321	__le16 *opcode = rp->opcodes;
		322
		323	for (i = 0; i < num_commands; i++, opcode++)
		324	put_unaligned_le16(mgmt_untrusted_commands[i], opcode);
287		325
288	for (i = 0; i < num_events; i++, opcode++)	326	for (i = 0; i < num_events; i++, opcode++)
289	put_unaligned_le16(mgmt_events[i], opcode);	327	put_unaligned_le16(mgmt_untrusted_events[i], opcode);
		328	}
290		329
291	err = mgmt_cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0,	330	err = mgmt_cmd_complete(sk, MGMT_INDEX_NONE, MGMT_OP_READ_COMMANDS, 0,
292	rp, rp_size);	331	rp, rp_size);