HIDD: Use l2cap to enforce security (7695bae2) · Commits · e / os / android_packages_modules_Bluetooth

system/stack/hid/hidd_api.cc

+4 −18

Original line number	Diff line number	Diff line
		@@ -129,39 +129,25 @@ tHID_STATUS HID_DevSetSecurityLevel(uint8_t sec_lvl) {
		HIDD_TRACE_API("%s", __func__);

		if (!BTM_SetSecurityLevel(FALSE, "", BTM_SEC_SERVICE_HIDD_SEC_CTRL, sec_lvl,
		HID_PSM_CONTROL, BTM_SEC_PROTO_HID, HIDD_SEC_CHN)) {
		HID_PSM_CONTROL, 0, 0)) {
		HIDD_TRACE_ERROR("Security Registration 1 failed");
		return (HID_ERR_NO_RESOURCES);
		}

		if (!BTM_SetSecurityLevel(TRUE, "", BTM_SEC_SERVICE_HIDD_SEC_CTRL, sec_lvl,
		HID_PSM_CONTROL, BTM_SEC_PROTO_HID, HIDD_SEC_CHN)) {
		HID_PSM_CONTROL, 0, 0)) {
		HIDD_TRACE_ERROR("Security Registration 2 failed");
		return (HID_ERR_NO_RESOURCES);
		}

		if (!BTM_SetSecurityLevel(FALSE, "", BTM_SEC_SERVICE_HIDD_NOSEC_CTRL,
		BTM_SEC_NONE, HID_PSM_CONTROL, BTM_SEC_PROTO_HID,
		HIDD_NOSEC_CHN)) {
		HIDD_TRACE_ERROR("Security Registration 3 failed");
		return (HID_ERR_NO_RESOURCES);
		}

		if (!BTM_SetSecurityLevel(TRUE, "", BTM_SEC_SERVICE_HIDD_NOSEC_CTRL,
		BTM_SEC_NONE, HID_PSM_CONTROL, BTM_SEC_PROTO_HID,
		HIDD_NOSEC_CHN)) {
		HIDD_TRACE_ERROR("Security Registration 4 failed");
		return (HID_ERR_NO_RESOURCES);
		}

		if (!BTM_SetSecurityLevel(TRUE, "", BTM_SEC_SERVICE_HIDD_INTR, BTM_SEC_NONE,
		HID_PSM_INTERRUPT, BTM_SEC_PROTO_HID, 0)) {
		HID_PSM_INTERRUPT, 0, 0)) {
		HIDD_TRACE_ERROR("Security Registration 5 failed");
		return (HID_ERR_NO_RESOURCES);
		}

		if (!BTM_SetSecurityLevel(FALSE, "", BTM_SEC_SERVICE_HIDD_INTR, BTM_SEC_NONE,
		HID_PSM_INTERRUPT, BTM_SEC_PROTO_HID, 0)) {
		HID_PSM_INTERRUPT, 0, 0)) {
		HIDD_TRACE_ERROR("Security Registration 6 failed");
		return (HID_ERR_NO_RESOURCES);
		}

system/stack/hid/hidd_conn.cc

+6 −9

Original line number	Diff line number	Diff line
		@@ -242,13 +242,9 @@ static void hidd_l2cif_connect_ind(const RawAddress& bd_addr, uint16_t cid,
		p_hcon->disc_reason = HID_L2CAP_CONN_FAIL;

		p_hcon->conn_state = HID_CONN_STATE_SECURITY;
		if (btm_sec_mx_access_request(p_dev->addr, HID_PSM_CONTROL, FALSE,
		BTM_SEC_PROTO_HID, HIDD_NOSEC_CHN,
		&hidd_sec_check_complete,
		p_dev) == BTM_CMD_STARTED) {
		L2CA_ConnectRsp(bd_addr, id, cid, L2CAP_CONN_PENDING, L2CAP_CONN_OK);
		}

		// Assume security check ok
		hidd_sec_check_complete(nullptr, BT_TRANSPORT_BR_EDR, p_dev, BTM_SUCCESS);
		return;
		}

		@@ -310,9 +306,10 @@ static void hidd_l2cif_connect_cfm(uint16_t cid, uint16_t result) {
		p_hcon->disc_reason =
		HID_L2CAP_CONN_FAIL; /* in case disconnected before sec completed */

		btm_sec_mx_access_request(p_dev->addr, HID_PSM_CONTROL, TRUE,
		BTM_SEC_PROTO_HID, HIDD_SEC_CHN,
		&hidd_sec_check_complete_orig, p_dev);
		// Assume security check ok
		hidd_sec_check_complete_orig(nullptr, BT_TRANSPORT_BR_EDR, p_dev,
		BTM_SUCCESS);

		} else {
		p_hcon->conn_state = HID_CONN_STATE_CONFIG;
		L2CA_ConfigReq(cid, &hd_cb.l2cap_intr_cfg);