GD: Enforce link encryption in L2cap (2f46d2bc) · Commits · e / os / android_packages_modules_Bluetooth

system/gd/l2cap/classic/internal/link.cc

+11 −0

Original line number	Diff line number	Diff line
		@@ -307,6 +307,13 @@ void Link::OnAuthenticationComplete() {
		void Link::OnEncryptionChange(hci::EncryptionEnabled enabled) {
		encryption_enabled_ = enabled;
		link_manager_->OnEncryptionChange(GetDevice().GetAddress(), enabled);
		for (auto& listener : encryption_change_listener_) {
		signalling_manager_.on_security_result_for_outgoing(
		ClassicSignallingManager::SecurityEnforcementType::ENCRYPTION,
		listener.psm,
		listener.cid,
		enabled != hci::EncryptionEnabled::OFF);
		}
		}

		void Link::OnChangeConnectionLinkKeyComplete() {
		@@ -398,6 +405,10 @@ void Link::OnReadRemoteVersionInformationComplete(
		sub_version);
		}

		void Link::AddEncryptionChangeListener(EncryptionChangeListener listener) {
		encryption_change_listener_.push_back(listener);
		}

		} // namespace internal
		} // namespace classic
		} // namespace l2cap

+7 −0

Original line number	Diff line number	Diff line
		@@ -176,6 +176,12 @@ class Link : public l2cap::internal::ILink, public hci::acl_manager::ConnectionM
		void OnDisconnection(hci::ErrorCode reason) override;
		void OnReadRemoteVersionInformationComplete(uint8_t lmp_version, uint16_t manufacturer_name, uint16_t sub_version);

		struct EncryptionChangeListener {
		Cid cid;
		Psm psm;
		};
		void AddEncryptionChangeListener(EncryptionChangeListener);

		private:
		friend class DumpsysHelper;
		void connect_to_pending_dynamic_channels();
		@@ -203,6 +209,7 @@ class Link : public l2cap::internal::ILink, public hci::acl_manager::ConnectionM
		std::list<uint16_t> pending_outgoing_configuration_request_list_;
		bool used_by_security_module_ = false;
		bool has_requested_authentication_ = false;
		std::list<EncryptionChangeListener> encryption_change_listener_;
		DISALLOW_COPY_AND_ASSIGN(Link);
		};

+1 −1

Original line number	Diff line number	Diff line
		@@ -130,7 +130,7 @@ TEST_F(L2capClassicLinkTest, pending_channels_get_notified_on_acl_disconnect) {
		EXPECT_CALL(mock_classic_dynamic_channel_service_manager_, GetSecurityEnforcementInterface())
		.WillOnce(::testing::Return(&security_module_impl_));
		EXPECT_CALL(mock_classic_dynamic_channel_service_manager_, GetService(::testing::_))
		.WillOnce(::testing::Return(&service));
		.WillRepeatedly(::testing::Return(&service));

		link_->SendConnectionRequest(kPsm, kCid, std::move(pending_dynamic_channel_connection));
		link_->OnAclDisconnected(hci::ErrorCode::UNKNOWN_HCI_COMMAND);

+14 −2

Original line number	Diff line number	Diff line
		@@ -92,10 +92,16 @@ void ClassicSignallingManager::SendConnectionRequest(Psm psm, Cid local_cid) {
		dynamic_service_manager_->GetSecurityEnforcementInterface()->Enforce(
		link_->GetDevice(),
		dynamic_service_manager_->GetService(psm)->GetSecurityPolicy(),
		handler_->BindOnceOn(this, &ClassicSignallingManager::on_security_result_for_outgoing, psm, local_cid));
		handler_->BindOnceOn(
		this,
		&ClassicSignallingManager::on_security_result_for_outgoing,
		SecurityEnforcementType::LINK_KEY,
		psm,
		local_cid));
		}

		void ClassicSignallingManager::on_security_result_for_outgoing(Psm psm, Cid local_cid, bool result) {
		void ClassicSignallingManager::on_security_result_for_outgoing(
		SecurityEnforcementType type, Psm psm, Cid local_cid, bool result) {
		if (enqueue_buffer_.get() == nullptr) {
		LOG_ERROR("Got security result callback after deletion");
		return;
		@@ -110,6 +116,12 @@ void ClassicSignallingManager::on_security_result_for_outgoing(Psm psm, Cid loca
		link_->OnOutgoingConnectionRequestFail(local_cid, connection_result);
		return;
		}
		if (type == SecurityEnforcementType::LINK_KEY && !link_->IsAuthenticated() &&
		dynamic_service_manager_->GetService(psm)->GetSecurityPolicy() !=
		SecurityPolicy::_SDP_ONLY_NO_SECURITY_WHATSOEVER_PLAINTEXT_TRANSPORT_OK) {
		link_->Encrypt();
		return;
		}

		PendingCommand pending_command = {next_signal_id_, CommandCode::CONNECTION_REQUEST, psm, local_cid, {}, {}, {}};
		next_signal_id_++;

+6 −1

Original line number	Diff line number	Diff line
		@@ -99,6 +99,12 @@ class ClassicSignallingManager {

		void OnInformationResponse(SignalId signal_id, const InformationResponseView& response);

		enum class SecurityEnforcementType {
		LINK_KEY,
		ENCRYPTION,
		};
		void on_security_result_for_outgoing(SecurityEnforcementType type, Psm psm, Cid local_cid, bool result);

		private:
		void on_incoming_packet();
		void handle_one_command(ControlView control_view);
		@@ -112,7 +118,6 @@ class ClassicSignallingManager {

		void send_configuration_request(Cid remote_cid, std::vector<std::unique_ptr<ConfigurationOption>> config);
		void on_security_result_for_incoming(Psm psm, Cid remote_cid, SignalId signal_id, bool result);
		void on_security_result_for_outgoing(Psm psm, Cid local_cid, bool result);

		os::Handler* handler_;
		Link* link_;