Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 71fe7cff authored by Treehugger Robot's avatar Treehugger Robot Committed by Gerrit Code Review
Browse files

Merge changes I42c7ccd3,I4982180d 

* changes:
  GD Security: Improve link encryption storage
  GD L2cap: Pass some security callback to Security Module
parents fc1cf8d1 239605c6

system/gd/l2cap/classic/internal/link.cc

+5 −18
Original line number Diff line number Diff line
@@ -74,8 +74,10 @@ void Link::Disconnect() { 
}



void Link::Encrypt() {

  if (encryption_enabled_ == hci::EncryptionEnabled::OFF) {

    acl_connection_->SetConnectionEncryption(hci::Enable::ENABLED);

  }

}



void Link::Authenticate() {

  if (!IsAuthenticated() && !has_requested_authentication_) {
@@ -294,32 +296,17 @@ void Link::OnRemoteExtendedFeatureReceived(bool ertm_supported, bool fcs_support 
  send_pending_configuration_requests();

}



void Link::AddChannelPendingingAuthentication(PendingAuthenticateDynamicChannelConnection pending_channel) {

  pending_channel_list_.push_back(std::move(pending_channel));

}



void Link::OnConnectionPacketTypeChanged(uint16_t packet_type) {

  LOG_DEBUG("UNIMPLEMENTED %s packet_type:%x", __func__, packet_type);

}



void Link::OnAuthenticationComplete() {

  Encrypt();

  link_manager_->OnAuthenticationComplete(GetDevice().GetAddress());

}



void Link::OnEncryptionChange(hci::EncryptionEnabled enabled) {

  encryption_enabled_ = enabled;

  if (encryption_enabled_ == hci::EncryptionEnabled::OFF) {

    LOG_DEBUG("Encryption has changed to disabled");

    return;

  }

  LOG_DEBUG("Encryption has changed to enabled .. restarting channels:%zd", pending_channel_list_.size());



  for (auto& channel : pending_channel_list_) {

    local_cid_to_pending_dynamic_channel_connection_map_[channel.cid_] =

        std::move(channel.pending_dynamic_channel_connection_);

    signalling_manager_.SendConnectionRequest(channel.psm_, channel.cid_);

  }

  pending_channel_list_.clear();

  link_manager_->OnEncryptionChange(GetDevice().GetAddress(), enabled);

}



void Link::OnChangeConnectionLinkKeyComplete() {

system/gd/l2cap/classic/internal/link.h

+0 −3
Original line number Diff line number Diff line
@@ -148,8 +148,6 @@ class Link : public l2cap::internal::ILink, public hci::acl_manager::ConnectionM 


  void SendLeCredit(Cid local_cid, uint16_t credit) override {}



  void AddChannelPendingingAuthentication(PendingAuthenticateDynamicChannelConnection pending_channel);



  // ConnectionManagementCallbacks

  void OnConnectionPacketTypeChanged(uint16_t packet_type) override;

  void OnAuthenticationComplete() override;
@@ -199,7 +197,6 @@ class Link : public l2cap::internal::ILink, public hci::acl_manager::ConnectionM 
  bool remote_supports_ertm_ = false;

  bool remote_supports_fcs_ = false;

  hci::EncryptionEnabled encryption_enabled_ = hci::EncryptionEnabled::OFF;

  std::list<Link::PendingAuthenticateDynamicChannelConnection> pending_channel_list_;

  std::list<Psm> pending_dynamic_psm_list_;

  std::list<Link::PendingDynamicChannelConnection> pending_dynamic_channel_callback_list_;

  std::list<uint16_t> pending_outgoing_configuration_request_list_;

system/gd/l2cap/classic/internal/link_manager.cc

+29 −10
Original line number Diff line number Diff line
@@ -95,14 +95,6 @@ void LinkManager::ConnectDynamicChannelServices( 
    }

    return;

  }

  if (dynamic_channel_service_manager_->GetService(psm)->GetSecurityPolicy() !=

          SecurityPolicy::_SDP_ONLY_NO_SECURITY_WHATSOEVER_PLAINTEXT_TRANSPORT_OK &&

      !link->IsAuthenticated()) {

    link->AddChannelPendingingAuthentication(

        {psm, link->ReserveDynamicChannel(), std::move(pending_dynamic_channel_connection)});

    link->Authenticate();

    return;

  }

  link->SendConnectionRequest(psm, link->ReserveDynamicChannel(), std::move(pending_dynamic_channel_connection));

}
@@ -159,9 +151,16 @@ void LinkManager::handle_link_security_ensure_authenticated(hci::Address remote) 
    LOG_WARN("Remote is disconnected");

    return;

  }

  if (!link->IsAuthenticated()) {

  link->Authenticate();

}



void LinkManager::handle_link_security_ensure_encrypted(hci::Address remote) {

  auto link = GetLink(remote);

  if (link == nullptr) {

    LOG_WARN("Remote is disconnected");

    return;

  }

  link->Encrypt();

}



/**
@@ -193,6 +192,10 @@ class LinkSecurityInterfaceImpl : public LinkSecurityInterface { 
    handler_->CallOn(link_manager_, &LinkManager::handle_link_security_ensure_authenticated, remote_);

  }



  void EnsureEncrypted() override {

    handler_->CallOn(link_manager_, &LinkManager::handle_link_security_ensure_encrypted, remote_);

  }



  os::Handler* handler_;

  LinkManager* link_manager_;

  hci::Address remote_;
@@ -275,6 +278,22 @@ void LinkManager::OnDisconnect(hci::Address device, hci::ErrorCode status) { 
  links_.erase(device);

}



void LinkManager::OnAuthenticationComplete(hci::Address device) {

  if (link_security_interface_listener_handler_ != nullptr) {

    link_security_interface_listener_handler_->CallOn(

        link_security_interface_listener_, &LinkSecurityInterfaceListener::OnAuthenticationComplete, device);

  }

}

void LinkManager::OnEncryptionChange(hci::Address device, hci::EncryptionEnabled enabled) {

  if (link_security_interface_listener_handler_ != nullptr) {

    link_security_interface_listener_handler_->CallOn(

        link_security_interface_listener_,

        &LinkSecurityInterfaceListener::OnEncryptionChange,

        device,

        enabled == hci::EncryptionEnabled::ON);

  }

}



}  // namespace internal

}  // namespace classic

}  // namespace l2cap

system/gd/l2cap/classic/internal/link_manager.h

+3 −0
Original line number Diff line number Diff line
@@ -65,6 +65,8 @@ class LinkManager : public hci::acl_manager::ConnectionCallbacks { 
  void OnConnectSuccess(std::unique_ptr<hci::acl_manager::ClassicAclConnection> acl_connection) override;

  void OnConnectFail(hci::Address device, hci::ErrorCode reason) override;

  virtual void OnDisconnect(hci::Address device, hci::ErrorCode status);

  void OnAuthenticationComplete(hci::Address device);

  void OnEncryptionChange(hci::Address device, hci::EncryptionEnabled enabled);



  // FixedChannelManager methods
@@ -89,6 +91,7 @@ class LinkManager : public hci::acl_manager::ConnectionCallbacks { 
  void handle_link_security_release(hci::Address remote);

  void handle_link_security_disconnect(hci::Address remote);

  void handle_link_security_ensure_authenticated(hci::Address remote);

  void handle_link_security_ensure_encrypted(hci::Address remote);



  // Dependencies

  os::Handler* l2cap_handler_;

system/gd/l2cap/classic/link_security_interface.h

+17 −0
Original line number Diff line number Diff line
@@ -19,6 +19,7 @@ 
#include <memory>



#include "hci/address.h"

#include "hci/hci_packets.h"



namespace bluetooth {

namespace l2cap {
@@ -73,6 +74,11 @@ class LinkSecurityInterface { 
   * Initiate pairing to HCI layer.

   */

  virtual void EnsureAuthenticated() = 0;



  /**

   * Start encryption on an authenticated link (not necessarily MITM link key).

   */

  virtual void EnsureEncrypted() = 0;

};



class LinkSecurityInterfaceListener {
@@ -91,6 +97,17 @@ class LinkSecurityInterfaceListener { 
   * @param remote

   */

  virtual void OnLinkDisconnected(hci::Address remote) {}



  /**

   * Invoked when AuthenticationComplete event is received for a given link

   */

  virtual void OnAuthenticationComplete(hci::Address remote) {}



  /**

   * Invoked when EncryptionChange event is received for a given link

   * @param encrypted

   */

  virtual void OnEncryptionChange(hci::Address remote, bool encrypted) {}

};



}  // namespace classic