Update to 5.71

2023-12-16 14:24:56 +00:00 · 2023-12-16 14:24:56 +00:00 · fce1fd95be
commit fce1fd95be
parent a7f1a9cac9
4 changed files with 6 additions and 364 deletions
--- a/CVE-2023-45866.patch
+++ b/CVE-2023-45866.patch
@ -1,51 +0,0 @@
-From 25a471a83e02e1effb15d5a488b3f0085eaeb675 Mon Sep 17 00:00:00 2001
-From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
-Date: Tue, 10 Oct 2023 13:03:12 -0700
-Subject: input.conf: Change default of ClassicBondedOnly
-
-This changes the default of ClassicBondedOnly since defaulting to false
-is not inline with HID specification which mandates the of Security Mode
-4:
-
-BLUETOOTH SPECIFICATION Page 84 of 123
-Human Interface Device (HID) Profile:
-
-  5.4.3.4.2 Security Modes
-  Bluetooth HID Hosts shall use Security Mode 4 when interoperating with
-  Bluetooth HID devices that are compliant to the Bluetooth Core
-  Specification v2.1+EDR[6].
---
- profiles/input/device.c   | 2 +-
- profiles/input/input.conf | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-(limited to 'profiles/input')
-
-diff --git a/profiles/input/device.c b/profiles/input/device.c
-index 4a50ea9921..4310dd192e 100644
--- a/profiles/input/device.c
-+++ b/profiles/input/device.c
-@@ -81,7 +81,7 @@ struct input_device {
- 
- static int idle_timeout = 0;
- static bool uhid_enabled = false;
-static bool classic_bonded_only = false;
-+static bool classic_bonded_only = true;
- 
- void input_set_idle_timeout(int timeout)
- {
-diff --git a/profiles/input/input.conf b/profiles/input/input.conf
-index 4c70bc561f..d8645f3dd6 100644
--- a/profiles/input/input.conf
-+++ b/profiles/input/input.conf
-@@ -17,7 +17,7 @@
- # platforms may want to make sure that input connections only come from bonded
- # device connections. Several older mice have been known for not supporting
- # pairing/encryption.
-# Defaults to false to maximize device compatibility.
-+# Defaults to true for security.
- #ClassicBondedOnly=true
- 
- # LE upgrade security
-- 
-cgit 1.2.3-korg
--- a/bluez.spec
+++ b/bluez.spec
@ -5,8 +5,8 @@
 %endif

 Name:    bluez
-Version: 5.70
-Release: 5%{?dist}
+Version: 5.71
+Release: 1%{?dist}
 Summary: Bluetooth utilities
 License: GPLv2+
 URL:     http://www.bluez.org/
@ -19,9 +19,6 @@ Source1: bluez.gitignore
 #Patch1: 0001-obex-Use-GLib-helper-function-to-manipulate-paths.patch
 # https://lore.kernel.org/linux-bluetooth/20220901110719.176944-1-hadess@hadess.net/T/#m9c08d004cd5422783ee1d93154f42303bba9169f
 Patch2: power-state-adapter-property.patch
-# Upstream backport
-Patch3: rhbz2247548.patch
-Patch4: CVE-2023-45866.patch

 BuildRequires: dbus-devel >= 1.6
 BuildRequires: glib2-devel
@ -337,6 +334,9 @@ install emulator/btvirt ${RPM_BUILD_ROOT}/%{_libexecdir}/bluetooth/
 %{_userunitdir}/obex.service

 %changelog
+* Sat Dec 16 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 5.71-1
+- Update to 5.71
+
 * Thu Dec 07 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 5.70-5
 - Install default input.conf/network.conf

--- a/rhbz2247548.patch
+++ b/rhbz2247548.patch
@ -1,307 +0,0 @@
-From 3a9c637010f8dc1ba3e8382abe01065761d4f5bb Mon Sep 17 00:00:00 2001
-From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
-Date: Tue, 10 Oct 2023 12:38:29 -0700
-Subject: [PATCH] input: Fix .device_probe failing if SDP record is not found
-
-Due to changes introduced by 67a26abe53bf
-("profile: Add probe_on_discover flag") profiles may get probed when
-their profile UUID are discovered, rather than resolved, which means
-the SDP record may not be available.
-
-Fixes: https://github.com/bluez/bluez/issues/614
---
- profiles/input/device.c | 182 +++++++++++++++++++---------------------
- 1 file changed, 84 insertions(+), 98 deletions(-)
-
-diff --git a/profiles/input/device.c b/profiles/input/device.c
-index e2ac6ea603..4a50ea9921 100644
--- a/profiles/input/device.c
-+++ b/profiles/input/device.c
-@@ -60,7 +60,7 @@ struct input_device {
- 	char			*path;
- 	bdaddr_t		src;
- 	bdaddr_t		dst;
-	uint32_t		handle;
-+	const sdp_record_t	*rec;
- 	GIOChannel		*ctrl_io;
- 	GIOChannel		*intr_io;
- 	guint			ctrl_watch;
-@@ -754,7 +754,8 @@ static void epox_endian_quirk(unsigned char *data, int size)
- 	}
- }
- 
-static int create_hid_dev_name(sdp_record_t *rec, struct hidp_connadd_req *req)
-+static int create_hid_dev_name(const sdp_record_t *rec,
-+					struct hidp_connadd_req *req)
- {
- 	char sdesc[sizeof(req->name) / 2];
- 
-@@ -776,7 +777,7 @@ static int create_hid_dev_name(sdp_record_t *rec, struct hidp_connadd_req *req)
- 
- /* See HID profile specification v1.0, "7.11.6 HIDDescriptorList" for details
-  * on the attribute format. */
-static int extract_hid_desc_data(sdp_record_t *rec,
-+static int extract_hid_desc_data(const sdp_record_t *rec,
- 						struct hidp_connadd_req *req)
- {
- 	sdp_data_t *d;
-@@ -817,36 +818,40 @@ static int extract_hid_desc_data(sdp_record_t *rec,
- 	return -EINVAL;
- }
- 
-static int extract_hid_record(sdp_record_t *rec, struct hidp_connadd_req *req)
-+static int extract_hid_record(struct input_device *idev,
-+					struct hidp_connadd_req *req)
- {
- 	sdp_data_t *pdlist;
- 	uint8_t attr_val;
- 	int err;
- 
-	err = create_hid_dev_name(rec, req);
-+	if (!idev->rec)
-+		return -ENOENT;
-+
-+	err = create_hid_dev_name(idev->rec, req);
- 	if (err < 0)
- 		DBG("No valid Service Name or Service Description found");
- 
-	pdlist = sdp_data_get(rec, SDP_ATTR_HID_PARSER_VERSION);
-+	pdlist = sdp_data_get(idev->rec, SDP_ATTR_HID_PARSER_VERSION);
- 	req->parser = pdlist ? pdlist->val.uint16 : 0x0100;
- 
-	pdlist = sdp_data_get(rec, SDP_ATTR_HID_DEVICE_SUBCLASS);
-+	pdlist = sdp_data_get(idev->rec, SDP_ATTR_HID_DEVICE_SUBCLASS);
- 	req->subclass = pdlist ? pdlist->val.uint8 : 0;
- 
-	pdlist = sdp_data_get(rec, SDP_ATTR_HID_COUNTRY_CODE);
-+	pdlist = sdp_data_get(idev->rec, SDP_ATTR_HID_COUNTRY_CODE);
- 	req->country = pdlist ? pdlist->val.uint8 : 0;
- 
-	pdlist = sdp_data_get(rec, SDP_ATTR_HID_VIRTUAL_CABLE);
-+	pdlist = sdp_data_get(idev->rec, SDP_ATTR_HID_VIRTUAL_CABLE);
- 	attr_val = pdlist ? pdlist->val.uint8 : 0;
- 	if (attr_val)
- 		req->flags |= (1 << HIDP_VIRTUAL_CABLE_UNPLUG);
- 
-	pdlist = sdp_data_get(rec, SDP_ATTR_HID_BOOT_DEVICE);
-+	pdlist = sdp_data_get(idev->rec, SDP_ATTR_HID_BOOT_DEVICE);
- 	attr_val = pdlist ? pdlist->val.uint8 : 0;
- 	if (attr_val)
- 		req->flags |= (1 << HIDP_BOOT_PROTOCOL_MODE);
- 
-	err = extract_hid_desc_data(rec, req);
-+	err = extract_hid_desc_data(idev->rec, req);
- 	if (err < 0)
- 		return err;
- 
-@@ -1035,11 +1040,6 @@ static gboolean encrypt_notify(GIOChannel *io, GIOCondition condition,
- static int hidp_add_connection(struct input_device *idev)
- {
- 	struct hidp_connadd_req *req;
-	sdp_record_t *rec;
-	char src_addr[18], dst_addr[18];
-	char filename[PATH_MAX];
-	GKeyFile *key_file;
-	char handle[11], *str;
- 	GError *gerr = NULL;
- 	int err;
- 
-@@ -1049,33 +1049,7 @@ static int hidp_add_connection(struct input_device *idev)
- 	req->flags     = 0;
- 	req->idle_to   = idle_timeout;
- 
-	ba2str(&idev->src, src_addr);
-	ba2str(&idev->dst, dst_addr);
-
-	snprintf(filename, PATH_MAX, STORAGEDIR "/%s/cache/%s", src_addr,
-								dst_addr);
-	sprintf(handle, "0x%8.8X", idev->handle);
-
-	key_file = g_key_file_new();
-	if (!g_key_file_load_from_file(key_file, filename, 0, &gerr)) {
-		error("Unable to load key file from %s: (%s)", filename,
-								gerr->message);
-		g_clear_error(&gerr);
-	}
-	str = g_key_file_get_string(key_file, "ServiceRecords", handle, NULL);
-	g_key_file_free(key_file);
-
-	if (!str) {
-		error("Rejected connection from unknown device %s", dst_addr);
-		err = -EPERM;
-		goto cleanup;
-	}
-
-	rec = record_from_string(str);
-	g_free(str);
-
-	err = extract_hid_record(rec, req);
-	sdp_record_free(rec);
-+	err = extract_hid_record(idev, req);
- 	if (err < 0) {
- 		error("Could not parse HID SDP record: %s (%d)", strerror(-err),
- 									-err);
-@@ -1091,7 +1065,7 @@ static int hidp_add_connection(struct input_device *idev)
- 
- 	/* Make sure the device is bonded if required */
- 	if (classic_bonded_only && !input_device_bonded(idev)) {
-		error("Rejected connection from !bonded device %s", dst_addr);
-+		error("Rejected connection from !bonded device %s", idev->path);
- 		goto cleanup;
- 	}
- 
-@@ -1161,6 +1135,68 @@ static int connection_disconnect(struct input_device *idev, uint32_t flags)
- 		return ioctl_disconnect(idev, flags);
- }
- 
-+static bool is_device_sdp_disable(const sdp_record_t *rec)
-+{
-+	sdp_data_t *data;
-+
-+	data = sdp_data_get(rec, SDP_ATTR_HID_SDP_DISABLE);
-+
-+	return data && data->val.uint8;
-+}
-+
-+static enum reconnect_mode_t hid_reconnection_mode(bool reconnect_initiate,
-+						bool normally_connectable)
-+{
-+	if (!reconnect_initiate && !normally_connectable)
-+		return RECONNECT_NONE;
-+	else if (!reconnect_initiate && normally_connectable)
-+		return RECONNECT_HOST;
-+	else if (reconnect_initiate && !normally_connectable)
-+		return RECONNECT_DEVICE;
-+	else /* (reconnect_initiate && normally_connectable) */
-+		return RECONNECT_ANY;
-+}
-+
-+static void extract_hid_props(struct input_device *idev,
-+					const sdp_record_t *rec)
-+{
-+	/* Extract HID connectability */
-+	bool reconnect_initiate, normally_connectable;
-+	sdp_data_t *pdlist;
-+
-+	/* HIDNormallyConnectable is optional and assumed FALSE if not
-+	 * present.
-+	 */
-+	pdlist = sdp_data_get(rec, SDP_ATTR_HID_RECONNECT_INITIATE);
-+	reconnect_initiate = pdlist ? pdlist->val.uint8 : TRUE;
-+
-+	pdlist = sdp_data_get(rec, SDP_ATTR_HID_NORMALLY_CONNECTABLE);
-+	normally_connectable = pdlist ? pdlist->val.uint8 : FALSE;
-+
-+	/* Update local values */
-+	idev->reconnect_mode =
-+		hid_reconnection_mode(reconnect_initiate, normally_connectable);
-+}
-+
-+static void input_device_update_rec(struct input_device *idev)
-+{
-+	struct btd_profile *p = btd_service_get_profile(idev->service);
-+	const sdp_record_t *rec;
-+
-+	rec = btd_device_get_record(idev->device, p->remote_uuid);
-+	if (!rec || idev->rec == rec)
-+		return;
-+
-+	idev->rec = rec;
-+	idev->disable_sdp = is_device_sdp_disable(rec);
-+
-+	/* Initialize device properties */
-+	extract_hid_props(idev, rec);
-+
-+	if (idev->disable_sdp)
-+		device_set_refresh_discovery(idev->device, false);
-+}
-+
- static int input_device_connected(struct input_device *idev)
- {
- 	int err;
-@@ -1168,6 +1204,9 @@ static int input_device_connected(struct input_device *idev)
- 	if (idev->intr_io == NULL || idev->ctrl_io == NULL)
- 		return -ENOTCONN;
- 
-+	/* Attempt to update SDP record if it had changed */
-+	input_device_update_rec(idev);
-+
- 	err = hidp_add_connection(idev);
- 	if (err < 0)
- 		return err;
-@@ -1411,74 +1450,21 @@ int input_device_disconnect(struct btd_service *service)
- 	return 0;
- }
- 
-static bool is_device_sdp_disable(const sdp_record_t *rec)
-{
-	sdp_data_t *data;
-
-	data = sdp_data_get(rec, SDP_ATTR_HID_SDP_DISABLE);
-
-	return data && data->val.uint8;
-}
-
-static enum reconnect_mode_t hid_reconnection_mode(bool reconnect_initiate,
-						bool normally_connectable)
-{
-	if (!reconnect_initiate && !normally_connectable)
-		return RECONNECT_NONE;
-	else if (!reconnect_initiate && normally_connectable)
-		return RECONNECT_HOST;
-	else if (reconnect_initiate && !normally_connectable)
-		return RECONNECT_DEVICE;
-	else /* (reconnect_initiate && normally_connectable) */
-		return RECONNECT_ANY;
-}
-
-static void extract_hid_props(struct input_device *idev,
-					const sdp_record_t *rec)
-{
-	/* Extract HID connectability */
-	bool reconnect_initiate, normally_connectable;
-	sdp_data_t *pdlist;
-
-	/* HIDNormallyConnectable is optional and assumed FALSE
-	* if not present. */
-	pdlist = sdp_data_get(rec, SDP_ATTR_HID_RECONNECT_INITIATE);
-	reconnect_initiate = pdlist ? pdlist->val.uint8 : TRUE;
-
-	pdlist = sdp_data_get(rec, SDP_ATTR_HID_NORMALLY_CONNECTABLE);
-	normally_connectable = pdlist ? pdlist->val.uint8 : FALSE;
-
-	/* Update local values */
-	idev->reconnect_mode =
-		hid_reconnection_mode(reconnect_initiate, normally_connectable);
-}
-
- static struct input_device *input_device_new(struct btd_service *service)
- {
- 	struct btd_device *device = btd_service_get_device(service);
-	struct btd_profile *p = btd_service_get_profile(service);
- 	const char *path = device_get_path(device);
-	const sdp_record_t *rec = btd_device_get_record(device, p->remote_uuid);
- 	struct btd_adapter *adapter = device_get_adapter(device);
- 	struct input_device *idev;
- 
-	if (!rec)
-		return NULL;
-
- 	idev = g_new0(struct input_device, 1);
- 	bacpy(&idev->src, btd_adapter_get_address(adapter));
- 	bacpy(&idev->dst, device_get_address(device));
- 	idev->service = btd_service_ref(service);
- 	idev->device = btd_device_ref(device);
- 	idev->path = g_strdup(path);
-	idev->handle = rec->handle;
-	idev->disable_sdp = is_device_sdp_disable(rec);
-
-	/* Initialize device properties */
-	extract_hid_props(idev, rec);
- 
-	if (idev->disable_sdp)
-		device_set_refresh_discovery(device, false);
-+	input_device_update_rec(idev);
- 
- 	return idev;
- }
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (bluez-5.70.tar.xz) = 3a5f8caf7730dcdbbe0bb92154b41651a9d6619038447bf4c25e5e3e5316effcd7242a7a0456d731ce21d55b8daea5212a359acc5e5fc460499b9356b7d364cf
+SHA512 (bluez-5.71.tar.xz) = 648394bbe470405aa0e2d3914474e95c122f567deaaac20a5dd74bac29fa430dfb64cdb7bdb4fb7510e62fa73e96112a97197fc212b421bf480b8d1bb24cfb5d