提交 c91041dc 编写于 作者: M Marcel Holtmann 提交者: Johan Hedberg

Bluetooth: Add support for untrusted access to management commands

Some management commands are safe to be accessed from any user without
special permissions. First step for allowing access to any of these
commands from untrusted application is to mark them accordingly.
Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
Signed-off-by: NJohan Hedberg <johan.hedberg@intel.com>
上级 c85be545
...@@ -1291,7 +1291,8 @@ void hci_sock_dev_event(struct hci_dev *hdev, int event); ...@@ -1291,7 +1291,8 @@ void hci_sock_dev_event(struct hci_dev *hdev, int event);
#define HCI_MGMT_VAR_LEN (1 << 0) #define HCI_MGMT_VAR_LEN (1 << 0)
#define HCI_MGMT_NO_HDEV (1 << 1) #define HCI_MGMT_NO_HDEV (1 << 1)
#define HCI_MGMT_UNCONFIGURED (1 << 2) #define HCI_MGMT_UNTRUSTED (1 << 2)
#define HCI_MGMT_UNCONFIGURED (1 << 3)
struct hci_mgmt_handler { struct hci_mgmt_handler {
int (*func) (struct sock *sk, struct hci_dev *hdev, void *data, int (*func) (struct sock *sk, struct hci_dev *hdev, void *data,
......
...@@ -6251,12 +6251,16 @@ static int set_public_address(struct sock *sk, struct hci_dev *hdev, ...@@ -6251,12 +6251,16 @@ static int set_public_address(struct sock *sk, struct hci_dev *hdev,
static const struct hci_mgmt_handler mgmt_handlers[] = { static const struct hci_mgmt_handler mgmt_handlers[] = {
{ NULL }, /* 0x0000 (no command) */ { NULL }, /* 0x0000 (no command) */
{ read_version, MGMT_READ_VERSION_SIZE, { read_version, MGMT_READ_VERSION_SIZE,
HCI_MGMT_NO_HDEV }, HCI_MGMT_NO_HDEV |
HCI_MGMT_UNTRUSTED },
{ read_commands, MGMT_READ_COMMANDS_SIZE, { read_commands, MGMT_READ_COMMANDS_SIZE,
HCI_MGMT_NO_HDEV }, HCI_MGMT_NO_HDEV |
HCI_MGMT_UNTRUSTED },
{ read_index_list, MGMT_READ_INDEX_LIST_SIZE, { read_index_list, MGMT_READ_INDEX_LIST_SIZE,
HCI_MGMT_NO_HDEV }, HCI_MGMT_NO_HDEV |
{ read_controller_info, MGMT_READ_INFO_SIZE, 0 }, HCI_MGMT_UNTRUSTED },
{ read_controller_info, MGMT_READ_INFO_SIZE,
HCI_MGMT_UNTRUSTED },
{ set_powered, MGMT_SETTING_SIZE, 0 }, { set_powered, MGMT_SETTING_SIZE, 0 },
{ set_discoverable, MGMT_SET_DISCOVERABLE_SIZE, 0 }, { set_discoverable, MGMT_SET_DISCOVERABLE_SIZE, 0 },
{ set_connectable, MGMT_SETTING_SIZE, 0 }, { set_connectable, MGMT_SETTING_SIZE, 0 },
...@@ -6312,9 +6316,11 @@ static const struct hci_mgmt_handler mgmt_handlers[] = { ...@@ -6312,9 +6316,11 @@ static const struct hci_mgmt_handler mgmt_handlers[] = {
{ load_conn_param, MGMT_LOAD_CONN_PARAM_SIZE, { load_conn_param, MGMT_LOAD_CONN_PARAM_SIZE,
HCI_MGMT_VAR_LEN }, HCI_MGMT_VAR_LEN },
{ read_unconf_index_list, MGMT_READ_UNCONF_INDEX_LIST_SIZE, { read_unconf_index_list, MGMT_READ_UNCONF_INDEX_LIST_SIZE,
HCI_MGMT_NO_HDEV }, HCI_MGMT_NO_HDEV |
HCI_MGMT_UNTRUSTED },
{ read_config_info, MGMT_READ_CONFIG_INFO_SIZE, { read_config_info, MGMT_READ_CONFIG_INFO_SIZE,
HCI_MGMT_UNCONFIGURED }, HCI_MGMT_UNCONFIGURED |
HCI_MGMT_UNTRUSTED },
{ set_external_config, MGMT_SET_EXTERNAL_CONFIG_SIZE, { set_external_config, MGMT_SET_EXTERNAL_CONFIG_SIZE,
HCI_MGMT_UNCONFIGURED }, HCI_MGMT_UNCONFIGURED },
{ set_public_address, MGMT_SET_PUBLIC_ADDRESS_SIZE, { set_public_address, MGMT_SET_PUBLIC_ADDRESS_SIZE,
...@@ -6323,7 +6329,8 @@ static const struct hci_mgmt_handler mgmt_handlers[] = { ...@@ -6323,7 +6329,8 @@ static const struct hci_mgmt_handler mgmt_handlers[] = {
HCI_MGMT_VAR_LEN }, HCI_MGMT_VAR_LEN },
{ NULL }, { NULL },
{ read_ext_index_list, MGMT_READ_EXT_INDEX_LIST_SIZE, { read_ext_index_list, MGMT_READ_EXT_INDEX_LIST_SIZE,
HCI_MGMT_NO_HDEV }, HCI_MGMT_NO_HDEV |
HCI_MGMT_UNTRUSTED },
}; };
int mgmt_control(struct hci_mgmt_chan *chan, struct sock *sk, int mgmt_control(struct hci_mgmt_chan *chan, struct sock *sk,
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册