Hi Howard, On Tue, Aug 3, 2021 at 4:43 AM Howard Chung <howardchung@xxxxxxxxxx> wrote: > > From: Yun-Hao Chung <howardchung@xxxxxxxxxxxx> > > > Hi manintainers, > > This series is to > 1. Implement a few methods in core so that a plugin can have control of > allowing / disallowing certain service connections. > 2. Implement the AdminPolicy plugin. The plugin provides interfaces > AdminPolicySet and AdminPolicyStatus. For each policy, users should > set the value thorugh AdminPolicySet and query the current setting > through AdminPolicyStatus. We separeted these two interfaces so that > developers can assign different groups of users to these interfaces. > Currently the only policy is ServiceAllowList, which make bluez only > allow a list of service by specified their UUIDs, but the plugin is > also expected to provide more controls over other bluez behaviors. > Since the second part is a plugin, it might not be necessary to land in > upstream tree. > > Thanks. > > Changes in v9: > - Fix gitlint error in patch 'core: add device callbacks to adapter > driver' > > Changes in v8: > - Remove changes in profiles/health/ > > Changes in v7: > - Fix compiler errors in profiles/hdp.c > > Changes in v6: > - include <errno.h> instead of <error.h> in plugins/admin.c > > Changes in v5: > - Fix compiler errors in plugins/admin.c > > Changes in v4: > - Update commit message (admin_policy -> admin) > - remove old plugins/admin_policy.c > > Changes in v3: > - Rename plugins/admin_policy.c -> plugins/admin.c > - Use device_added callback in btd_adapter_driver instead of listen for > dbus > - Add authorization method in profiles/health/mcap.c and block incoming > connections in adapter authorization function. > > Changes in v2: > - Move bt_uuid_hash and bt_uuid_equal functions to adapter.c. > - Modify the criteria to say a device is `Affected` from any-of-uuid > to any-of-auto-connect-profile. > - Remove the code to remove/reprobe disallowed/allowed profiles, > instead, check if the service is allowed in bt_io_accept connect_cb. > - Fix a typo in emit_property_change in > plugin/admin_policy.c:set_service_allowlist > - Instead of using device_state_cb, utilize D-BUS client to watch device > added/removed. > - Add a document in doc/ > > Yun-Hao Chung (13): > core: add is_allowed property in btd_service > core: add device callbacks to adapter driver > core: add adapter and device allowed_uuid functions > core: block not allowed UUID connect in auth > plugins: new plugin > plugins/admin: add admin_policy adapter driver > plugins/admin: add ServiceAllowList method > plugins/admin: add ServiceAllowList property > plugins/admin: add device callbacks > plugins/admin: add AffectedByPolicy property > plugins/admin: persist policy settings > doc: add description of admin policy > doc: add admin policy file storage description > > Makefile.plugins | 5 + > bootstrap-configure | 1 + > configure.ac | 4 + > doc/admin-policy-api.txt | 65 +++++ > doc/settings-storage.txt | 20 ++ > plugins/admin.c | 590 +++++++++++++++++++++++++++++++++++++++ > src/adapter.c | 169 ++++++++++- > src/adapter.h | 22 +- > src/device.c | 65 ++++- > src/device.h | 2 + > src/profile.c | 11 + > src/service.c | 33 +++ > src/service.h | 2 + > 13 files changed, 980 insertions(+), 9 deletions(-) > create mode 100644 doc/admin-policy-api.txt > create mode 100644 plugins/admin.c > > -- > 2.32.0.554.ge1b32706d8-goog Applied, thanks. -- Luiz Augusto von Dentz
