Linux bluetooth development
 help / color / mirror / Atom feed
* [bluez/bluez] ef4bf7: plugins/admin: make AdminPolicy state per-adapter
@ 2026-07-02 11:07 fdanis-oss
  0 siblings, 0 replies; only message in thread
From: fdanis-oss @ 2026-07-02 11:07 UTC (permalink / raw)
  To: linux-bluetooth

  Branch: refs/heads/1120331
  Home:   https://github.com/bluez/bluez
  Commit: ef4bf764309bef21dc71fbd658c87e03107c5aac
      https://github.com/bluez/bluez/commit/ef4bf764309bef21dc71fbd658c87e03107c5aac
  Author: Frédéric Danis <frederic.danis@collabora.com>
  Date:   2026-07-02 (Thu, 02 Jul 2026)

  Changed paths:
    M plugins/admin.c

  Log Message:
  -----------
  plugins/admin: make AdminPolicy state per-adapter

Fix AdminPolicy D-Bus updates being emitted on the wrong adapter path
by removing the single global policy context and moving to per-adapter
policy objects.

Changes include:
- track policy contexts in a policy queue keyed by adapter pointer
- keep per-adapter device lists inside each policy context
- emit ServiceAllowList changes using the callback's adapter context
- scope device affected updates to the current adapter only
- clean up probe/remove lifecycle so adapters are registered and torn
  down independently
- remove remaining global policy_data/devices coupling

Assisted-by: GPT:GPT-5.3-Codex


  Commit: 683e390e26c8c21db486f076fad149019e111ed2
      https://github.com/bluez/bluez/commit/683e390e26c8c21db486f076fad149019e111ed2
  Author: Frédéric Danis <frederic.danis@collabora.com>
  Date:   2026-07-02 (Thu, 02 Jul 2026)

  Changed paths:
    M client/admin.c
    M client/admin.h
    M client/main.c

  Log Message:
  -----------
  client/bluetoothctl: make admin.allow controller-aware

Teach admin.allow to target the selected default controller when no
controller is provided, and to accept an explicit [ctrl] argument.

Replace single cached AdminPolicy proxies with per-controller proxy
lookup keyed by controller object path, so controller selection changes
are respected.

Export controller lookup/default helpers and shared controller
completion from main.c for reuse by admin.c.

Assisted-by: GPT:GPT-5.3-Codex


  Commit: 8ab7554018b328deb0c8fc00b520745772834e27
      https://github.com/bluez/bluez/commit/8ab7554018b328deb0c8fc00b520745772834e27
  Author: Frédéric Danis <frederic.danis@collabora.com>
  Date:   2026-07-02 (Thu, 02 Jul 2026)

  Changed paths:
    M doc/bluetoothctl-admin.rst
    M doc/org.bluez.AdminPolicySet.rst

  Log Message:
  -----------
  doc: document admin.allow optional controller argument

Update bluetoothctl usage to 'admin.allow [ctrl] [clear/uuid1 uuid2 ...]'
and add explicit controller examples.

Refresh AdminPolicySet examples to include the controller-qualified
admin.allow form.

Assisted-by: GPT:GPT-5.3-Codex


  Commit: be8945b213da9eb8b6646714773b364b87d430d0
      https://github.com/bluez/bluez/commit/be8945b213da9eb8b6646714773b364b87d430d0
  Author: Frédéric Danis <frederic.danis@collabora.com>
  Date:   2026-07-02 (Thu, 02 Jul 2026)

  Changed paths:
    M src/adapter.c
    M src/adapter.h

  Log Message:
  -----------
  src/adapter: enforce allowlist for local services

Apply admin allowlist to adapter/server service startup and
registration, and reapply policy dynamically when allowlist changes.

- Gate adapter profile probe by allowlist-derived UUID policy
- Reapply active adapter profiles on allowlist updates (stop
  disallowed, start newly allowed)
- Block SDP service registration when UUID is not allowed
- Reapply existing local SDP registrations at runtime by removing
  services that become disallowed

Assisted-by: GPT:GPT-5.3-Codex


  Commit: 49945eaf7460503e97844a7d726cd75468cc7956
      https://github.com/bluez/bluez/commit/49945eaf7460503e97844a7d726cd75468cc7956
  Author: Frédéric Danis <frederic.danis@collabora.com>
  Date:   2026-07-02 (Thu, 02 Jul 2026)

  Changed paths:
    M plugins/admin.c

  Log Message:
  -----------
  plugins/admin: reapply allowlist on policy updates

Invoke adapter allowlist reapply after SetServiceAllowList updates
so runtime state follows policy changes immediately.

Assisted-by: GPT:GPT-5.3-Codex


  Commit: 42edbdf1bf416a071502a3babc18defabde82b18
      https://github.com/bluez/bluez/commit/42edbdf1bf416a071502a3babc18defabde82b18
  Author: Frédéric Danis <frederic.danis@collabora.com>
  Date:   2026-07-02 (Thu, 02 Jul 2026)

  Changed paths:
    M doc/org.bluez.AdminPolicySet.rst
    M doc/org.bluez.AdminPolicyStatus.rst

  Log Message:
  -----------
  doc: describe admin allowlist runtime enforcement

Document that ServiceAllowList now also governs local adapter/server
startup and registration, and that allowlist updates are applied
immediately on initialized adapters.

Clarify ServiceAllowList status semantics for both remote profile
connection policy and local server policy.

Assisted-by: GPT:GPT-5.3-Codex


  Commit: f4465f5c88ec013a45fda7c08a1a6fce56288441
      https://github.com/bluez/bluez/commit/f4465f5c88ec013a45fda7c08a1a6fce56288441
  Author: Frédéric Danis <frederic.danis@collabora.com>
  Date:   2026-07-02 (Thu, 02 Jul 2026)

  Changed paths:
    M profiles/audio/media.c

  Log Message:
  -----------
  profiles/audio: fix UAF on external media service teardown

Keep media_app endpoint/player queues in sync with object lifetime to
avoid stale pointers during proxy removal.

When admin allowlist reapply removes audio services, endpoint/player
objects may be destroyed through non-proxy paths first.
Later proxy_removed_cb calls queue_remove_if() and matching by path
can dereference freed endpoint/player memory.

Fix by:
- adding media_app back-references in media_endpoint/local_player
- unlinking from app queues inside media_endpoint_remove or
  local_player_remove
- setting ownership when app-registering endpoint/player objects

This prevents heap-use-after-free in match_endpoint_by_path or
match_player_by_path during service disconnect.

Assisted-by: GPT:GPT-5.3-Codex


Compare: https://github.com/bluez/bluez/compare/ef4bf764309b%5E...f4465f5c88ec

To unsubscribe from these emails, change your notification settings at https://github.com/bluez/bluez/settings/notifications

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2026-07-02 11:07 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-07-02 11:07 [bluez/bluez] ef4bf7: plugins/admin: make AdminPolicy state per-adapter fdanis-oss

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox