openkylin
/
bluez
mirror of https://gitee.com/openkylin/bluez.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

input: hog: Attempt to set security level if not bonded 

This attempts to set the security if the device is not bonded, the
kernel will block any communication on the ATT socket while bumping
the security and if that fails the device will be disconnected which
is better than having the device dangling around without being able to
communicate with it until it is properly bonded.

Gbp-Pq: Name CVE-2020-0556-3.patch
This commit is contained in:
Luiz Augusto von Dentz 2020-03-10 09:59:07 -07:00 committed by openKylinBot
parent ff7878b99a
commit 8972cd9c6b
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
profiles/input/hog.c
View File

@ -49,6 +49,8 @@
#include "src/shared/util.h"
#include "src/shared/uhid.h"
#include "src/shared/queue.h"
#include "src/shared/att.h"
#include "src/shared/gatt-client.h"
#include "src/plugin.h"
#include "suspend.h"
@ -187,8 +189,15 @@ static int hog_accept(struct btd_service *service)
}
/* HOGP 1.0 Section 6.1 requires bonding */
if (!device_is_bonded(device, btd_device_get_bdaddr_type(device)))
return -ECONNREFUSED;
if (!device_is_bonded(device, btd_device_get_bdaddr_type(device))) {
struct bt_gatt_client *client;
client = btd_device_get_gatt_client(device);
if (!bt_gatt_client_set_security(client,
BT_ATT_SECURITY_MEDIUM)) {
return -ECONNREFUSED;
}
}
/* TODO: Replace GAttrib with bt_gatt_client */
bt_hog_attach(dev->hog, attrib);