Accepting request 787080 from Base:System

update to bluez-5.54 (forwarded request 787079 from seife)

OBS-URL: https://build.opensuse.org/request/show/787080
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/bluez?expand=0&rev=168

bluez-5.52.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:f7144ce2039202cfac18ccb52426efea11c98e4f6e1bb8041bcb994b8378560a
-size 1957504

bluez-5.54.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:68cdab9e63e8832b130d5979dc8c96fdb087b31278f342874d992af3e56656dc
+size 2003760

bluez-cups-libexec.patch

@@ -2,7 +2,7 @@ Index: b/Makefile.in
 ===================================================================
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -3439,7 +3439,7 @@ unit_tests = $(am__append_54) unit/test-
+@@ -3548,7 +3548,7 @@ unit_tests = $(am__append_54) unit/test-
  @DEPRECATED_TRUE@@READLINE_TRUE@attrib_gatttool_LDADD = lib/libbluetooth-internal.la \
  @DEPRECATED_TRUE@@READLINE_TRUE@			src/libshared-glib.la $(GLIB_LIBS) -lreadline
  
@@ -15,7 +15,7 @@ Index: b/Makefile.tools
 ===================================================================
 --- a/Makefile.tools
 +++ b/Makefile.tools
-@@ -441,7 +441,7 @@ endif
+@@ -463,7 +463,7 @@ endif
  endif
  
  if CUPS

bluez-disable-broken-tests.diff

@@ -2,7 +2,7 @@ Index: b/Makefile.am
 ===================================================================
 --- a/Makefile.am
 +++ b/Makefile.am
-@@ -481,7 +481,8 @@ unit_test_lib_SOURCES = unit/test-lib.c
+@@ -497,7 +497,8 @@ unit_test_lib_SOURCES = unit/test-lib.c
  unit_test_lib_LDADD = src/libshared-glib.la \
  				lib/libbluetooth-internal.la $(GLIB_LIBS)
  
@@ -12,7 +12,7 @@ Index: b/Makefile.am
  
  unit_test_gatt_SOURCES = unit/test-gatt.c
  unit_test_gatt_LDADD = src/libshared-glib.la \
-@@ -511,7 +512,8 @@ unit_test_gattrib_LDADD = lib/libbluetoo
+@@ -527,7 +528,8 @@ unit_test_gattrib_LDADD = lib/libbluetoo
  			$(GLIB_LIBS) $(DBUS_LIBS) -ldl -lrt
  
  if MIDI
@@ -22,7 +22,7 @@ Index: b/Makefile.am
  unit_test_midi_CPPFLAGS = $(AM_CPPFLAGS) $(ALSA_CFLAGS) -DMIDI_TEST
  unit_test_midi_SOURCES = unit/test-midi.c \
  			profiles/midi/libmidi.h \
-@@ -521,7 +523,7 @@ unit_test_midi_LDADD = src/libshared-gli
+@@ -537,7 +539,7 @@ unit_test_midi_LDADD = src/libshared-gli
  endif
  
  if MESH
@@ -30,4 +30,4 @@ Index: b/Makefile.am
 +#unit_tests += unit/test-mesh-crypto
  unit_test_mesh_crypto_CPPFLAGS = $(ell_cflags)
  unit_test_mesh_crypto_SOURCES = unit/test-mesh-crypto.c \
- 				mesh/crypto.h ell/internal ell/ell.h \
+ 				mesh/crypto.h ell/internal ell/ell.h

bluez.changes

@@ -1,3 +1,40 @@
+-------------------------------------------------------------------
+Fri Mar 20 17:04:10 UTC 2020 - Stefan Seyfried <seife+obs@b1-systems.com>
+
+- update to bluez-5.54:
+  * Fix issue with HOGP to accept data only from bonded devices.
+  * Fix issue with A2DP sessions being connected at the same time.
+  * Fix issue with class UUID matches before connecting profile.
+  * Add support for handling MTU auto-tuning option for AVDTP.
+  * Add support for new policy for Just-Works repairing.
+  * Add support for Enhanced ATT bearer (EATT).
+- bluez-5.53:
+  * Fix issue with handling unregistration for advertisment.
+  * Fix issue with A2DP and handling recovering process.
+  * Fix issue with udpating input device information.
+  * Add support for loading blocked keys.
+- remove obsolete upstreamed patches:
+  * HOGP-must-only-accept-data-from-bonded-devices.patch
+  * HID-accepts-bonded-device-connections-only.patch
+- refresh other patches
+
+-------------------------------------------------------------------
+Wed Mar 18 08:29:49 UTC 2020 - Al Cho <acho@suse.com>
+
+- Add
+  HOGP-must-only-accept-data-from-bonded-devices.patch
+  HOGP 1.0 Section 6.1 establishes that the HOGP must require
+  bonding.(bsc#1166751)(CVE-2020-0556)
+  HID-accepts-bonded-device-connections-only.patch
+  This change adds a configuration for platforms to choose a more
+  secure posture for the HID profile.(bsc#1166751)(CVE-2020-0556)
+  input-hog-Attempt-to-set-security-level-if-not-bonde.patch
+  Attempt to set security level if not bonded.
+  (bsc#1166751)(CVE-2020-0556)
+  input-Add-LEAutoSecurity-setting-to-input.conf.patch
+  Add LEAutoSecurity setting to input.conf.
+  (bsc#1166751)(CVE-2020-0556)
+
 -------------------------------------------------------------------
 Mon Feb 10 10:05:33 UTC 2020 - Ismail Dönmez <idonmez@suse.com>
 

bluez.spec

@@ -2,7 +2,7 @@
 # spec file for package bluez
 #
 # Copyright (c) 2020 SUSE LLC
-# Copyright (c) 2010-2019 B1 Systems GmbH, Vohburg, Germany
+# Copyright (c) 2010-2020 B1 Systems GmbH, Vohburg, Germany
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -29,7 +29,7 @@
 # contributions via pull requests are welcome!
 #
 Name:           bluez
-Version:        5.52
+Version:        5.54
 Release:        0
 Summary:        Bluetooth Stack for Linux
 License:        GPL-2.0-or-later
@@ -57,6 +57,9 @@ Patch10:        RPi-Move-the-43xx-firmware-into-lib-firmware.patch
 # fix some memory leak with malformed packet (reported upstream but not yet fixed)
 Patch101:       CVE-2016-9800-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch
 Patch102:       CVE-2016-9804-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch
+# PATCH-FIX-UPSTREAM: bsc#1166751 CVE-2020-0556
+Patch105:       input-hog-Attempt-to-set-security-level-if-not-bonde.patch
+Patch106:       input-Add-LEAutoSecurity-setting-to-input.conf.patch
 
 BuildRequires:  automake
 BuildRequires:  flex
@@ -188,6 +191,8 @@ to use the modern tools instead.
 %patch10 -p1
 %patch101 -p1
 %patch102 -p1
+%patch105 -p1
+%patch106 -p1
 mkdir dbus-apis
 cp -a doc/*.txt dbus-apis/
 # FIXME: Change the dbus service to be a real service, not systemd launched
@@ -349,6 +354,7 @@ make check V=0
 %{_bindir}/btmon
 %if %{with mesh}
 %{_bindir}/meshctl
+%{_bindir}/mesh-cfgclient
 %endif
 %{_bindir}/bccmd
 %{_prefix}/lib/udev/

input-Add-LEAutoSecurity-setting-to-input.conf.patch

@@ -0,0 +1,121 @@
+From f2778f5877d20696d68a452b26e4accb91bfb19e Mon Sep 17 00:00:00 2001
+From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
+Date: Wed, 11 Mar 2020 11:43:21 -0700
+Subject: [PATCH] input: Add LEAutoSecurity setting to input.conf
+
+LEAutoSecurity can be used to enable/disable automatic upgrades of
+security for LE devices, by default it is enabled so existing devices
+that did not require security and were not bonded will automatically
+upgrade the security.
+
+Note: Platforms disabling this setting would require users to manually
+bond the device which may require changes to the user interface to
+always force bonding for input devices as APIs such as Device.Connect
+will no longer work which maybe perceived as a regression.
+---
+ profiles/input/device.h   |  1 +
+ profiles/input/hog.c      | 13 +++++++++++--
+ profiles/input/input.conf |  5 +++++
+ profiles/input/manager.c  | 11 ++++++++++-
+ 4 files changed, 27 insertions(+), 3 deletions(-)
+
+diff --git a/profiles/input/device.h b/profiles/input/device.h
+index 3044db673..5a077f92a 100644
+--- a/profiles/input/device.h
++++ b/profiles/input/device.h
+@@ -30,6 +30,7 @@ struct input_conn;
+ void input_set_idle_timeout(int timeout);
+ void input_enable_userspace_hid(bool state);
+ void input_set_classic_bonded_only(bool state);
++void input_set_auto_sec(bool state);
+ 
+ int input_device_register(struct btd_service *service);
+ void input_device_unregister(struct btd_service *service);
+diff --git a/profiles/input/hog.c b/profiles/input/hog.c
+index f0226ebbd..327a1d1c3 100644
+--- a/profiles/input/hog.c
++++ b/profiles/input/hog.c
+@@ -53,6 +53,7 @@
+ #include "src/shared/gatt-client.h"
+ #include "src/plugin.h"
+ 
++#include "device.h"
+ #include "suspend.h"
+ #include "attrib/att.h"
+ #include "attrib/gattrib.h"
+@@ -67,8 +68,14 @@ struct hog_device {
+ };
+ 
+ static gboolean suspend_supported = FALSE;
++static bool auto_sec = true;
+ static struct queue *devices = NULL;
+ 
++void input_set_auto_sec(bool state)
++{
++	auto_sec = state;
++}
++
+ static void hog_device_accept(struct hog_device *dev, struct gatt_db *db)
+ {
+ 	char name[248];
+@@ -192,11 +199,13 @@ static int hog_accept(struct btd_service *service)
+ 	if (!device_is_bonded(device, btd_device_get_bdaddr_type(device))) {
+ 		struct bt_gatt_client *client;
+ 
++		if (!auto_sec)
++			return -ECONNREFUSED;
++
+ 		client = btd_device_get_gatt_client(device);
+ 		if (!bt_gatt_client_set_security(client,
+-						BT_ATT_SECURITY_MEDIUM)) {
++						BT_ATT_SECURITY_MEDIUM))
+ 			return -ECONNREFUSED;
+-		}
+ 	}
+ 
+ 	/* TODO: Replace GAttrib with bt_gatt_client */
+diff --git a/profiles/input/input.conf b/profiles/input/input.conf
+index 166aff4a4..4c70bc561 100644
+--- a/profiles/input/input.conf
++++ b/profiles/input/input.conf
+@@ -19,3 +19,8 @@
+ # pairing/encryption.
+ # Defaults to false to maximize device compatibility.
+ #ClassicBondedOnly=true
++
++# LE upgrade security
++# Enables upgrades of security automatically if required.
++# Defaults to true to maximize device compatibility.
++#LEAutoSecurity=true
+diff --git a/profiles/input/manager.c b/profiles/input/manager.c
+index 5cd27b839..bf4acb4ed 100644
+--- a/profiles/input/manager.c
++++ b/profiles/input/manager.c
+@@ -96,7 +96,7 @@ static int input_init(void)
+ 	config = load_config_file(CONFIGDIR "/input.conf");
+ 	if (config) {
+ 		int idle_timeout;
+-		gboolean uhid_enabled, classic_bonded_only;
++		gboolean uhid_enabled, classic_bonded_only, auto_sec;
+ 
+ 		idle_timeout = g_key_file_get_integer(config, "General",
+ 							"IdleTimeout", &err);
+@@ -125,6 +125,15 @@ static int input_init(void)
+ 		} else
+ 			g_clear_error(&err);
+ 
++		auto_sec = g_key_file_get_boolean(config, "General",
++						"LEAutoSecurity", &err);
++		if (!err) {
++			DBG("input.conf: LEAutoSecurity=%s",
++					auto_sec ? "true" : "false");
++			input_set_auto_sec(auto_sec);
++		} else
++			g_clear_error(&err);
++
+ 	}
+ 
+ 	btd_profile_register(&input_profile);
+-- 
+2.25.1
+

input-hog-Attempt-to-set-security-level-if-not-bonde.patch

@@ -0,0 +1,48 @@
+From 35d8d895cd0b724e58129374beb0bb4a2edf9519 Mon Sep 17 00:00:00 2001
+From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
+Date: Tue, 10 Mar 2020 09:59:07 -0700
+Subject: [PATCH] input: hog: Attempt to set security level if not bonded
+
+This attempts to set the security if the device is not bonded, the
+kernel will block any communication on the ATT socket while bumping
+the security and if that fails the device will be disconnected which
+is better than having the device dangling around without being able to
+communicate with it until it is properly bonded.
+---
+ profiles/input/hog.c | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/profiles/input/hog.c b/profiles/input/hog.c
+index dfac68921..f0226ebbd 100644
+--- a/profiles/input/hog.c
++++ b/profiles/input/hog.c
+@@ -49,6 +49,8 @@
+ #include "src/shared/util.h"
+ #include "src/shared/uhid.h"
+ #include "src/shared/queue.h"
++#include "src/shared/att.h"
++#include "src/shared/gatt-client.h"
+ #include "src/plugin.h"
+ 
+ #include "suspend.h"
+@@ -187,8 +189,15 @@ static int hog_accept(struct btd_service *service)
+ 	}
+ 
+ 	/* HOGP 1.0 Section 6.1 requires bonding */
+-	if (!device_is_bonded(device, btd_device_get_bdaddr_type(device)))
+-		return -ECONNREFUSED;
++	if (!device_is_bonded(device, btd_device_get_bdaddr_type(device))) {
++		struct bt_gatt_client *client;
++
++		client = btd_device_get_gatt_client(device);
++		if (!bt_gatt_client_set_security(client,
++						BT_ATT_SECURITY_MEDIUM)) {
++			return -ECONNREFUSED;
++		}
++	}
+ 
+ 	/* TODO: Replace GAttrib with bt_gatt_client */
+ 	bt_hog_attach(dev->hog, attrib);
+-- 
+2.25.1
+