-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdeny_unsafe_hidraw_device_rule.cc
75 lines (60 loc) · 2.07 KB
/
deny_unsafe_hidraw_device_rule.cc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
// Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "permission_broker/deny_unsafe_hidraw_device_rule.h"
#include <libudev.h>
#include <vector>
namespace permission_broker {
namespace {
bool IsKeyboardUsage(const HidUsage& usage) {
if (usage.page == HidUsage::PAGE_KEYBOARD)
return true;
if (usage.page == HidUsage::PAGE_GENERIC_DESKTOP) {
return usage.usage == HidUsage::GENERIC_DESKTOP_USAGE_KEYBOARD ||
usage.usage == HidUsage::GENERIC_DESKTOP_USAGE_KEYPAD;
}
return false;
}
bool IsPointerUsage(const HidUsage& usage) {
if (usage.page == HidUsage::PAGE_GENERIC_DESKTOP) {
return usage.usage == HidUsage::GENERIC_DESKTOP_USAGE_POINTER ||
usage.usage == HidUsage::GENERIC_DESKTOP_USAGE_MOUSE;
}
return false;
}
bool IsSystemControlUsage(const HidUsage& usage) {
if (usage.page != HidUsage::PAGE_GENERIC_DESKTOP)
return false;
if (usage.usage >= HidUsage::GENERIC_DESKTOP_USAGE_SYSTEM_CONTROL &&
usage.usage <= HidUsage::GENERIC_DESKTOP_USAGE_SYSTEM_WARM_RESTART) {
return true;
}
if (usage.usage >= HidUsage::GENERIC_DESKTOP_USAGE_SYSTEM_DOCK &&
usage.usage <= HidUsage::GENERIC_DESKTOP_USAGE_SYSTEM_DISPLAY_SWAP) {
return true;
}
return false;
}
} // namespace
DenyUnsafeHidrawDeviceRule::DenyUnsafeHidrawDeviceRule()
: HidrawSubsystemUdevRule("DenyUnsafeHidrawDeviceRule") {}
Rule::Result DenyUnsafeHidrawDeviceRule::ProcessHidrawDevice(
struct udev_device* device) {
std::vector<HidUsage> usages;
if (!GetHidToplevelUsages(device, &usages)) {
return IGNORE;
}
for (std::vector<HidUsage>::const_iterator iter = usages.begin();
iter != usages.end(); ++iter) {
if (IsUnsafeUsage(*iter)) {
return DENY;
}
}
return IGNORE;
}
// static
bool DenyUnsafeHidrawDeviceRule::IsUnsafeUsage(const HidUsage& usage) {
return IsKeyboardUsage(usage) || IsPointerUsage(usage) ||
IsSystemControlUsage(usage);
}
} // namespace permission_broker