[RFC v2 1/6] android: Add sample init.bluetooth.rc file

[RFC v2 1/6] android: Add sample init.bluetooth.rc file

[Szymon Janc]

This file is intended to be included from device init.rc.
---
 android/Android.mk        | 16 +++++++++++++++-
 android/Makefile.am       |  1 +
 android/init.bluetooth.rc | 37 +++++++++++++++++++++++++++++++++++++
 3 files changed, 53 insertions(+), 1 deletion(-)
 create mode 100644 android/init.bluetooth.rc

diff --git a/android/Android.mk b/android/Android.mk
index 7e97ec8..afa3a51 100644
--- a/android/Android.mk
+++ b/android/Android.mk
@@ -109,7 +109,7 @@ LOCAL_MODULE := bluetooth.default
 LOCAL_MODULE_PATH := $(TARGET_OUT_SHARED_LIBRARIES)/hw
 LOCAL_MODULE_TAGS := optional
 LOCAL_MODULE_CLASS := SHARED_LIBRARIES
-LOCAL_REQUIRED_MODULES := bluetoothd bluetoothd-snoop
+LOCAL_REQUIRED_MODULES := bluetoothd bluetoothd-snoop init.bluetooth.rc
 
 include $(BUILD_SHARED_LIBRARY)
 
@@ -282,3 +282,17 @@ LOCAL_MODULE_TAGS := optional
 LOCAL_MODULE := bluetoothd-snoop
 
 include $(BUILD_EXECUTABLE)
+
+#
+# init.bluetooth.rc
+#
+
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := init.bluetooth.rc
+LOCAL_MODULE_CLASS := ETC
+LOCAL_SRC_FILES := $(LOCAL_MODULE)
+LOCAL_MODULE_TAGS := optional
+LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
+
+include $(BUILD_PREBUILT)
diff --git a/android/Makefile.am b/android/Makefile.am
index 8d2714d..5aa3995 100644
--- a/android/Makefile.am
+++ b/android/Makefile.am
@@ -136,6 +136,7 @@ android_audio_a2dp_default_la_LDFLAGS = $(AM_LDFLAGS) -module -avoid-version \
 endif
 
 EXTRA_DIST += android/Android.mk android/hal-ipc-api.txt android/README \
+		android/init.bluetooth.rc \
 		android/pics-gap.txt android/pics-hid.txt \
 		android/pics-pan.txt android/pics-did.txt \
 		android/pics-opp.txt android/pics-pbap.txt \
diff --git a/android/init.bluetooth.rc b/android/init.bluetooth.rc
new file mode 100644
index 0000000..9f9aa84
--- /dev/null
+++ b/android/init.bluetooth.rc
@@ -0,0 +1,37 @@
+# required permissions
+on boot
+    chown bluetooth bluetooth /data/misc/bluetooth
+    chown bluetooth bluetooth /dev/uhid
+
+# services
+on property:bluetooth.start=daemon
+    setprop bluetooth.start none
+    start bluetoothd
+
+on property:bluetooth.stop=daemon
+    setprop bluetooth.stop none
+    stop bluetoothd
+
+on property:bluetooth.start=snoop
+    setprop bluetooth.start none
+    start bluetoothd-snoop
+
+on property:bluetooth.stop=snoop
+    setprop bluetooth.stop none
+    stop bluetoothd-snoop
+
+service bluetoothd /system/bin/logwrapper /system/bin/bluetoothd
+    class main
+    # init does not yet support setting capabilities so run as root,
+    # bluetoothd drop uid to bluetooth with the right linux capabilities
+    group bluetooth
+    disabled
+    oneshot
+
+service bluetoothd-snoop /system/bin/logwrapper /system/bin/bluetoothd-snoop
+    class main
+    # init does not yet support setting capabilities so run as root,
+    # bluetoothd-snoop drops unneeded linux capabilities
+    group nobody
+    disabled
+    oneshot
-- 
1.8.3.2

[RFC v2 2/6] android/hal: Update property used for start/stop services

[Szymon Janc]

---
 android/hal-bluetooth.c | 13 +++++--------
 android/hal-ipc.c       |  5 ++---
 2 files changed, 7 insertions(+), 11 deletions(-)

diff --git a/android/hal-bluetooth.c b/android/hal-bluetooth.c
index be45836..4f0e7b7 100644
--- a/android/hal-bluetooth.c
+++ b/android/hal-bluetooth.c
@@ -28,8 +28,6 @@
 #include "hal-ipc.h"
 #include "hal-utils.h"
 
-#define SNOOP_SERVICE_NAME "bluetoothd-snoop"
-
 static const bt_callbacks_t *bt_hal_cbacks = NULL;
 
 #define enum_prop_to_hal(prop, hal_prop, type) do { \
@@ -820,15 +818,14 @@ static int le_test_mode(uint16_t opcode, uint8_t *buf, uint8_t len)
 
 static int config_hci_snoop_log(uint8_t enable)
 {
+	const char *property;
+
 	DBG("enable %u", enable);
 
-	if (enable && property_set("ctl.start", SNOOP_SERVICE_NAME) < 0) {
-		error("Failed to start service %s", SNOOP_SERVICE_NAME);
-		return BT_STATUS_FAIL;
-	}
+	property = enable ? "bluetooth.start" : "bluetooth.stop";
 
-	if (!enable && property_set("ctl.stop", SNOOP_SERVICE_NAME) < 0) {
-		error("Failed to stop service %s", SNOOP_SERVICE_NAME);
+	if (property_set(property, "snoop") < 0) {
+		error("Failed to set %s=snoop", property);
 		return BT_STATUS_FAIL;
 	}
 
diff --git a/android/hal-ipc.c b/android/hal-ipc.c
index 97f1bcd..99ba38e 100644
--- a/android/hal-ipc.c
+++ b/android/hal-ipc.c
@@ -34,7 +34,6 @@
 #include "hal-ipc.h"
 
 #define CONNECT_TIMEOUT (5 * 1000)
-#define SERVICE_NAME "bluetoothd"
 
 static int cmd_sk = -1;
 static int notif_sk = -1;
@@ -259,8 +258,8 @@ bool hal_ipc_init(void)
 	}
 
 	/* Start Android Bluetooth daemon service */
-	if (property_set("ctl.start", SERVICE_NAME) < 0) {
-		error("Failed to start service %s", SERVICE_NAME);
+	if (property_set("bluetooth.start", "daemon") < 0) {
+		error("Failed to set bluetooth.start=daemon");
 		close(sk);
 		return false;
 	}
-- 
1.8.3.2

[RFC v2 3/6] android/system-emulator: Update property used for start/stop services

[Szymon Janc]

---
 android/system-emulator.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/android/system-emulator.c b/android/system-emulator.c
index f1c6622..cfeab8b 100644
--- a/android/system-emulator.c
+++ b/android/system-emulator.c
@@ -139,17 +139,17 @@ static void system_socket_callback(int fd, uint32_t events, void *user_data)
 
 	printf("Received %s\n", buf);
 
-	if (!strcmp(buf, "ctl.start=bluetoothd")) {
+	if (!strcmp(buf, "bluetooth.start=daemon")) {
 		if (daemon_pid > 0)
 			return;
 
 		ctl_start();
-	} else if (!strcmp(buf, "ctl.start=bluetoothd-snoop")) {
+	} else if (!strcmp(buf, "bluetooth.start=snoop")) {
 		if (snoop_pid > 0)
 			return;
 
 		snoop_start();
-	} else if (!strcmp(buf, "ctl.stop=bluetoothd-snoop")) {
+	} else if (!strcmp(buf, "bluetooth.stop=snoop")) {
 		if (snoop_pid > 0)
 			snoop_stop();
 	}
-- 
1.8.3.2

[RFC v2 4/6] android: Update README with init.rc updates

[Szymon Janc]

---
 android/README | 32 +++++++-------------------------
 1 file changed, 7 insertions(+), 25 deletions(-)

diff --git a/android/README b/android/README
index 717ffa2..24ed703 100644
--- a/android/README
+++ b/android/README
@@ -36,31 +36,13 @@ Runtime requirements
 ====================
 
 BlueZ HAL library requires 'bluetoothd' and 'bluetoothd-snoop' services to be
-available on Android system. This can be done by defining following services in
-init.rc file of targeted board:
-
-service bluetoothd /system/bin/logwrapper /system/bin/bluetoothd
-  class main
-  group bluetooth net_admin
-  disabled
-  oneshot
-
-service bluetoothd-snoop /system/bin/bluetoothd-snoop
-  class main
-  group bluetooth net_admin
-  disabled
-  oneshot
-
-It is required that bluetooth user could start and stop bluetoothd and
-bluetoothd-snoop services by setting 'ctl.start' or 'ctl.stop' property. This
-can be achieved by whitelisting bluetooth user and bluetoothd and
-bluetoothd-snoop services in init source code.
-
-Required Android init system modifications can be found at
-https://code.google.com/p/aosp-bluez.platform-system-core/
-
-Some configuration changes like setting permissions, starting hciattach
-services etc. are device specific. For convenience examples are provided at:
+available on Android system. Some permissions settings are also required.
+
+This can be done by importing init.bluetooth.rc file in init.rc file of targeted
+board:
+import init.bluetooth.rc
+
+For convenience examples are provided at:
 https://code.google.com/p/aosp-bluez.device-lge-mako/    (Nexus 4)
 https://code.google.com/p/aosp-bluez.device-asus-flo/    (Nexus 7 2013)
 
-- 
1.8.3.2

[RFC v2 5/6] android: Change user to bluetooth when starting daemon

[Szymon Janc]

---
 android/main.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/android/main.c b/android/main.c
index 6324f31..8983a84 100644
--- a/android/main.c
+++ b/android/main.c
@@ -38,6 +38,7 @@
 #include <sys/signalfd.h>
 #if defined(ANDROID)
 #include <sys/capability.h>
+#include <linux/prctl.h>
 #endif
 
 #include <glib.h>
@@ -350,6 +351,18 @@ static bool set_capabilities(void)
 		CAP_TO_MASK(CAP_NET_BIND_SERVICE);
 	cap.inheritable = 0;
 
+	/* don't clear capabilities when dropping root */
+	if (prctl(PR_SET_KEEPCAPS, 1) < 0) {
+		error("%s: prctl(): %s", __func__,strerror(errno));
+		return false;
+	}
+
+	/* Android bluetooth user UID=1002 */
+	if (setuid(1002) < 0) {
+		error("%s: setuid(): %s", __func__, strerror(errno));
+		return false;
+	}
+
 	/* TODO: Move to cap_set_proc once bionic support it */
 	if (capset(&header, &cap) < 0) {
 		error("%s: capset(): %s", __func__, strerror(errno));
-- 
1.8.3.2

[RFC v2 6/6] android/snoop: Drop capabilities on startup

[Szymon Janc]

---
 android/bluetoothd-snoop.c | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/android/bluetoothd-snoop.c b/android/bluetoothd-snoop.c
index 9312c11..f69bc2c 100644
--- a/android/bluetoothd-snoop.c
+++ b/android/bluetoothd-snoop.c
@@ -29,6 +29,9 @@
 #include <ctype.h>
 #include <stdlib.h>
 #include <unistd.h>
+#if defined(ANDROID)
+#include <sys/capability.h>
+#endif
 
 #include "lib/bluetooth.h"
 #include "lib/hci.h"
@@ -188,11 +191,36 @@ static void close_monitor(void)
 	monitor_fd = -1;
 }
 
+static void set_capabilities(void)
+{
+#if defined(ANDROID)
+	struct __user_cap_header_struct header;
+	struct __user_cap_data_struct cap;
+
+	header.version = _LINUX_CAPABILITY_VERSION;
+	header.pid = 0;
+
+	/* CAP_NET_RAW: for snooping
+	 * CAP_DAC_READ_SEARCH: override path search permissions
+	 */
+	cap.effective = cap.permitted =
+		CAP_TO_MASK(CAP_NET_RAW) |
+		CAP_TO_MASK(CAP_DAC_READ_SEARCH) ;
+	cap.inheritable = 0;
+
+	/* TODO: Move to cap_set_proc once bionic support it */
+	if (capset(&header, &cap) < 0)
+		exit(EXIT_FAILURE);
+#endif
+}
+
 int main(int argc, char *argv[])
 {
 	const char *path;
 	sigset_t mask;
 
+	set_capabilities();
+
 	if (argc > 1)
 		path = argv[1];
 	else
-- 
1.8.3.2

Re: [RFC v2 1/6] android: Add sample init.bluetooth.rc file

[Szymon Janc]

Hi,

On Friday 17 January 2014 16:30:41 Szymon Janc wrote:
> This file is intended to be included from device init.rc.
> ---
>  android/Android.mk        | 16 +++++++++++++++-
>  android/Makefile.am       |  1 +
>  android/init.bluetooth.rc | 37 +++++++++++++++++++++++++++++++++++++
>  3 files changed, 53 insertions(+), 1 deletion(-)
>  create mode 100644 android/init.bluetooth.rc
> 
> diff --git a/android/Android.mk b/android/Android.mk
> index 7e97ec8..afa3a51 100644
> --- a/android/Android.mk
> +++ b/android/Android.mk
> @@ -109,7 +109,7 @@ LOCAL_MODULE := bluetooth.default
>  LOCAL_MODULE_PATH := $(TARGET_OUT_SHARED_LIBRARIES)/hw
>  LOCAL_MODULE_TAGS := optional
>  LOCAL_MODULE_CLASS := SHARED_LIBRARIES
> -LOCAL_REQUIRED_MODULES := bluetoothd bluetoothd-snoop
> +LOCAL_REQUIRED_MODULES := bluetoothd bluetoothd-snoop init.bluetooth.rc
> 
>  include $(BUILD_SHARED_LIBRARY)
> 
> @@ -282,3 +282,17 @@ LOCAL_MODULE_TAGS := optional
>  LOCAL_MODULE := bluetoothd-snoop
> 
>  include $(BUILD_EXECUTABLE)
> +
> +#
> +# init.bluetooth.rc
> +#
> +
> +include $(CLEAR_VARS)
> +
> +LOCAL_MODULE := init.bluetooth.rc
> +LOCAL_MODULE_CLASS := ETC
> +LOCAL_SRC_FILES := $(LOCAL_MODULE)
> +LOCAL_MODULE_TAGS := optional
> +LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
> +
> +include $(BUILD_PREBUILT)
> diff --git a/android/Makefile.am b/android/Makefile.am
> index 8d2714d..5aa3995 100644
> --- a/android/Makefile.am
> +++ b/android/Makefile.am
> @@ -136,6 +136,7 @@ android_audio_a2dp_default_la_LDFLAGS = $(AM_LDFLAGS)
> -module -avoid-version \ endif
> 
>  EXTRA_DIST += android/Android.mk android/hal-ipc-api.txt android/README \
> +		android/init.bluetooth.rc \
>  		android/pics-gap.txt android/pics-hid.txt \
>  		android/pics-pan.txt android/pics-did.txt \
>  		android/pics-opp.txt android/pics-pbap.txt \
> diff --git a/android/init.bluetooth.rc b/android/init.bluetooth.rc
> new file mode 100644
> index 0000000..9f9aa84
> --- /dev/null
> +++ b/android/init.bluetooth.rc
> @@ -0,0 +1,37 @@
> +# required permissions
> +on boot
> +    chown bluetooth bluetooth /data/misc/bluetooth
> +    chown bluetooth bluetooth /dev/uhid
> +
> +# services
> +on property:bluetooth.start=daemon
> +    setprop bluetooth.start none
> +    start bluetoothd
> +
> +on property:bluetooth.stop=daemon
> +    setprop bluetooth.stop none
> +    stop bluetoothd
> +
> +on property:bluetooth.start=snoop
> +    setprop bluetooth.start none
> +    start bluetoothd-snoop
> +
> +on property:bluetooth.stop=snoop
> +    setprop bluetooth.stop none
> +    stop bluetoothd-snoop
> +
> +service bluetoothd /system/bin/logwrapper /system/bin/bluetoothd
> +    class main
> +    # init does not yet support setting capabilities so run as root,
> +    # bluetoothd drop uid to bluetooth with the right linux capabilities
> +    group bluetooth
> +    disabled
> +    oneshot
> +
> +service bluetoothd-snoop /system/bin/logwrapper
> /system/bin/bluetoothd-snoop +    class main
> +    # init does not yet support setting capabilities so run as root,
> +    # bluetoothd-snoop drops unneeded linux capabilities
> +    group nobody
> +    disabled
> +    oneshot

This is now upstream.

-- 
Szymon K. Janc
szymon.janc@gmail.com