Hi Brian When looking at this with actually having the patch at hand and not answering from memory I realize that the reason why I thought that hog.c would not be affected was that there were no accept function in the Jessie version. Now when looking at your proposed patch I can see that connected is probably a similar thing. From that I think your patch would work quite well.
But I'm not an bluetooth expert so please judge without too much thinking on what I think. What I can say is that it looks reasonable. Best regards // Ola On Tue, 12 May 2020 at 00:01, Brian May <[email protected]> wrote: > > Brian May <[email protected]> writes: > > > Looking at commit > > https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=7d9718cfcc11eaa9d8059e721301cdc00ef8c82e, > > it looks like maybe we should be patching the attio_connected_cb() > > function instead. But this function doesn't appear to have any way to > > return an error indicating it failed, which seems to be required by the > > patch. It might be sufficient just to ignore the error and return > > without immediately if device is not bonded. Not sure how much I can > > trust this however. > > > > My gut feeling to fix this we should backport version 5.43-2+deb9u2 from > > stretch to Jessie. Yes, this might break stuff, but I suspect just the > > very basic idea of this security fix - rejecting unbonded connections - > > could break stuff also. > > Thinking this through some more, I struggle to get bluetooth working > correctly on the latest Debian, let alone testing an older release. I am > not sure if this is due to hardware or software issues. Not to mention > the fact I don't have a lot of bluetooth HID devices to test. I am sure > I had a bluetooth keyboard somewhere... > > Is anybody here in a better position then I am to test this? If not, > this might be another reason to backport the Stretch version... > > Regardless, I suspect something like the following patch might be a good > starting point. Although I am not entirely convinced you can reject a > connection from the attio_connected_cb function like this... > > === cut ==== > diff --git a/profiles/input/hog.c b/profiles/input/hog.c > index b9aba657a..971fda822 100644 > --- a/profiles/input/hog.c > +++ b/profiles/input/hog.c > @@ -654,6 +654,11 @@ static void attio_connected_cb(GAttrib *attrib, gpointer > user_data) > > DBG("HoG connected"); > > + /* HOGP 1.0 Section 6.1 requires bonding */ > + if (!device_is_bonded(hogdev, btd_device_get_bdaddr_type(hogdev))) > + DBG("HoG not bonded"); > + return; > + > hogdev->attrib = g_attrib_ref(attrib); > > if (hogdev->reports == NULL) { > === cut ==== > -- > Brian May <[email protected]> > -- --- Inguza Technology AB --- MSc in Information Technology ---- | [email protected] [email protected] | | http://inguza.com/ Mobile: +46 (0)70-332 1551 | ---------------------------------------------------------------
