Bluetooth: Add support for trust verification of management commands

Check the required trust level of each management command with the trust
level of the management socket. If it does not match up, then return the
newly introduced permission denied error.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>

diff --git a/include/net/bluetooth/mgmt.h b/include/net/bluetooth/mgmt.h
index 2534bd4d22b2288550b786b167ca89459b5bd0c4..f3baad589db00d0828b285e80ad9381eb0832be6 100644 (file)
--- a/include/net/bluetooth/mgmt.h
+++ b/include/net/bluetooth/mgmt.h
@@ -44,6 +44,7 @@
 #define MGMT_STATUS_INVALID_INDEX      0x11
 #define MGMT_STATUS_RFKILLED           0x12
 #define MGMT_STATUS_ALREADY_PAIRED     0x13
+#define MGMT_STATUS_PERMISSION_DENIED  0x14
 
 struct mgmt_hdr {
        __le16  opcode;

diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index 2162f7bc89beb5a651af1414e1be567bc09e493c..920acf0625f6fe899b56044d3d37662d9d7f00e4 100644 (file)
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -6379,6 +6379,13 @@ int mgmt_control(struct hci_mgmt_chan *chan, struct sock *sk,
 
        handler = &chan->handlers[opcode];
 
+       if (!hci_sock_test_flag(sk, HCI_SOCK_TRUSTED) &&
+           !(handler->flags & HCI_MGMT_UNTRUSTED)) {
+               err = mgmt_cmd_status(sk, index, opcode,
+                                     MGMT_STATUS_PERMISSION_DENIED);
+               goto done;
+       }
+
        if (index != MGMT_INDEX_NONE) {
                hdev = hci_dev_get(index);
                if (!hdev) {