Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 30a7872b authored by Himanshu Rawat's avatar Himanshu Rawat
Browse files

Fix device handling in restricted mode 

Security policy regarding guest mode:
1. Guest user is not allowed to remove devices added by the regular users.
>> Worked fine
2. Guest users are allowed to remove only the devices added in guest mode.
>> Did not work
3. Also the devices added in guest mode are autonomously removed on exiting the guest mode.
>> Did not work for LE-only devices.

Bug: 288069181
Change-Id: Ia9bd8219961ff110d053cdd9a810dc6c55b674f6
Test: atest BluetoothInstrumentationTests
Test: Pair/unpair devices in guest mode
parent 81450933

system/btif/src/bluetooth.cc

+4 −1
Original line number Diff line number Diff line
@@ -647,8 +647,11 @@ static int cancel_bond(const RawAddress* bd_addr) { 
}



static int remove_bond(const RawAddress* bd_addr) {

  if (is_restricted_mode() && !btif_storage_is_restricted_device(bd_addr))

  if (is_restricted_mode() && !btif_storage_is_restricted_device(bd_addr)) {

    LOG_INFO("%s cannot be removed in restricted mode",

             ADDRESS_TO_LOGGABLE_CSTR(*bd_addr));

    return BT_STATUS_SUCCESS;

  }



  if (!interface_ready()) return BT_STATUS_NOT_READY;

system/btif/src/btif_storage.cc

+20 −6
Original line number Diff line number Diff line
@@ -95,6 +95,8 @@ using bluetooth::Uuid; 
#define BTIF_STORAGE_PATH_PRODUCT_ID "ProductId"

#define BTIF_STORAGE_PATH_VERSION "ProductVersion"



#define BTIF_STORAGE_KEY_RESTRICTED "Restricted"



/* This is a local property to add a device found */

#define BT_PROPERTY_REMOTE_DEVICE_TIMESTAMP 0xFF
@@ -131,6 +133,15 @@ static bool btif_has_ble_keys(const std::string& bdstr); 
 *  Static functions

 ******************************************************************************/



static void btif_storage_set_mode(RawAddress* remote_bd_addr) {

  std::string bdstr = remote_bd_addr->ToString();

  if (GetInterfaceToProfiles()->config->isRestrictedMode()) {

    LOG_INFO("%s will be removed exiting restricted mode",

             ADDRESS_TO_LOGGABLE_CSTR(*remote_bd_addr));

    btif_config_set_int(bdstr, BTIF_STORAGE_KEY_RESTRICTED, 1);

  }

}



static int prop2cfg(const RawAddress* remote_bd_addr, bt_property_t* prop) {

  std::string bdstr;

  if (remote_bd_addr) {
@@ -838,12 +849,9 @@ bt_status_t btif_storage_add_bonded_device(RawAddress* remote_bd_addr, 
  ret &=

      btif_config_set_bin(bdstr, "LinkKey", link_key.data(), link_key.size());



  if (GetInterfaceToProfiles()->config->isRestrictedMode()) {

    BTIF_TRACE_WARNING("%s: '%s' pairing will be removed if unrestricted",

                       __func__, ADDRESS_TO_LOGGABLE_CSTR(*remote_bd_addr));

    btif_config_set_int(bdstr, "Restricted", 1);

  if (ret) {

    btif_storage_set_mode(remote_bd_addr);

  }



  return ret ? BT_STATUS_SUCCESS : BT_STATUS_FAIL;

}
@@ -1201,6 +1209,10 @@ bt_status_t btif_storage_add_ble_bonding_key(RawAddress* remote_bd_addr, 
  }

  int ret =

      btif_config_set_bin(remote_bd_addr->ToString(), name, key, key_length);



  if (ret) {

    btif_storage_set_mode(remote_bd_addr);

  }

  return ret ? BT_STATUS_SUCCESS : BT_STATUS_FAIL;

}
@@ -1519,7 +1531,9 @@ uint8_t btif_storage_get_sr_supp_feat(const RawAddress& bd_addr) { 
 *

 ******************************************************************************/

bool btif_storage_is_restricted_device(const RawAddress* remote_bd_addr) {

  return btif_config_exist(remote_bd_addr->ToString(), "Restricted");

  int val;

  return btif_config_get_int(remote_bd_addr->ToString(),

                             BTIF_STORAGE_KEY_RESTRICTED, &val);

}



int btif_storage_get_num_bonded_devices(void) {