Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 50ebc055 authored by Marcel Holtmann's avatar Marcel Holtmann Committed by Johan Hedberg
Browse files

Bluetooth: Introduce trusted flag for management control sockets 



Providing a global trusted flag for management control sockets provides
an easy way for identifying sockets and imposing restriction on it. For
now all management sockets are trusted since they require CAP_NET_ADMIN.

Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
Signed-off-by: default avatarJohan Hedberg <johan.hedberg@intel.com>
parent 96f1474a

include/net/bluetooth/hci.h

+1 −0
Original line number Diff line number Diff line
@@ -181,6 +181,7 @@ enum { 


/* HCI socket flags */

enum {

	HCI_SOCK_TRUSTED,

	HCI_MGMT_INDEX_EVENTS,

	HCI_MGMT_UNCONF_INDEX_EVENTS,

	HCI_MGMT_EXT_INDEX_EVENTS,

net/bluetooth/hci_sock.c

+11 −0
Original line number Diff line number Diff line
@@ -796,6 +796,11 @@ static int hci_sock_bind(struct socket *sock, struct sockaddr *addr, 
			goto done;

		}



		/* The monitor interface is restricted to CAP_NET_RAW

		 * capabilities and with that implicitly trusted.

		 */

		hci_sock_set_flag(sk, HCI_SOCK_TRUSTED);



		send_monitor_replay(sk);



		atomic_inc(&monitor_promisc);
@@ -817,6 +822,12 @@ static int hci_sock_bind(struct socket *sock, struct sockaddr *addr, 
			goto done;

		}



		/* Since the access to control channels is currently

		 * restricted to CAP_NET_ADMIN capabilities, every

		 * socket is implicitly trusted.

		 */

		hci_sock_set_flag(sk, HCI_SOCK_TRUSTED);



		/* At the moment the index and unconfigured index events

		 * are enabled unconditionally. Setting them on each

		 * socket when binding keeps this functionality. They