am 2cb62f86: am b8a3025b: am da70d245: Merge "Enforce BLUETOOTH_PRIVILEGED permission for HID-over-GATT" into lmp-mr1-dev
* commit '2cb62f8611ea63a0546fef97a86f664fe147dab2':
Enforce BLUETOOTH_PRIVILEGED permission for HID-over-GATT
diff --git a/src/com/android/bluetooth/gatt/GattService.java b/src/com/android/bluetooth/gatt/GattService.java
index 19e22d5..ecda622 100644
--- a/src/com/android/bluetooth/gatt/GattService.java
+++ b/src/com/android/bluetooth/gatt/GattService.java
@@ -78,6 +78,13 @@
private static final int ADVT_STATE_ONFOUND = 0;
private static final int ADVT_STATE_ONLOST = 1;
+ private static final UUID[] HID_UUIDS = {
+ UUID.fromString("00002A4A-0000-1000-8000-00805F9B34FB"),
+ UUID.fromString("00002A4B-0000-1000-8000-00805F9B34FB"),
+ UUID.fromString("00002A4C-0000-1000-8000-00805F9B34FB"),
+ UUID.fromString("00002A4D-0000-1000-8000-00805F9B34FB")
+ };
+
/**
* Search queue to serialize remote onbject inspection.
*/
@@ -807,6 +814,12 @@
if (VDBG) Log.d(TAG, "onNotify() - address=" + address
+ ", charUuid=" + charUuid + ", length=" + data.length);
+
+ if (isHidUuid(charUuid) &&
+ (0 != checkCallingOrSelfPermission(BLUETOOTH_PRIVILEGED))) {
+ return;
+ }
+
ClientMap.App app = mClientMap.getByConnId(connId);
if (app != null) {
app.callback.onNotify(address, srvcType,
@@ -1405,6 +1418,7 @@
int srvcInstanceId, UUID srvcUuid,
int charInstanceId, UUID charUuid, int authReq) {
enforceCallingOrSelfPermission(BLUETOOTH_PERM, "Need BLUETOOTH permission");
+ if (isHidUuid(charUuid)) enforcePrivilegedPermission();
if (VDBG) Log.d(TAG, "readCharacteristic() - address=" + address);
@@ -1424,6 +1438,7 @@
int charInstanceId, UUID charUuid, int writeType,
int authReq, byte[] value) {
enforceCallingOrSelfPermission(BLUETOOTH_PERM, "Need BLUETOOTH permission");
+ if (isHidUuid(charUuid)) enforcePrivilegedPermission();
if (VDBG) Log.d(TAG, "writeCharacteristic() - address=" + address);
@@ -1446,6 +1461,7 @@
int descrInstanceId, UUID descrUuid,
int authReq) {
enforceCallingOrSelfPermission(BLUETOOTH_PERM, "Need BLUETOOTH permission");
+ if (isHidUuid(charUuid)) enforcePrivilegedPermission();
if (VDBG) Log.d(TAG, "readDescriptor() - address=" + address);
@@ -1469,6 +1485,7 @@
int descrInstanceId, UUID descrUuid,
int writeType, int authReq, byte[] value) {
enforceCallingOrSelfPermission(BLUETOOTH_PERM, "Need BLUETOOTH permission");
+ if (isHidUuid(charUuid)) enforcePrivilegedPermission();
if (VDBG) Log.d(TAG, "writeDescriptor() - address=" + address);
@@ -1509,6 +1526,7 @@
int charInstanceId, UUID charUuid,
boolean enable) {
enforceCallingOrSelfPermission(BLUETOOTH_PERM, "Need BLUETOOTH permission");
+ if (isHidUuid(charUuid)) enforcePrivilegedPermission();
if (DBG) Log.d(TAG, "registerForNotification() - address=" + address + " enable: " + enable);
@@ -1982,6 +2000,13 @@
* Private functions
*************************************************************************/
+ private boolean isHidUuid(final UUID uuid) {
+ for (UUID hid_uuid : HID_UUIDS) {
+ if (hid_uuid.equals(uuid)) return true;
+ }
+ return false;
+ }
+
private int getDeviceType(BluetoothDevice device) {
int type = gattClientGetDeviceTypeNative(device.getAddress());
if (DBG) Log.d(TAG, "getDeviceType() - device=" + device