permission_broker/deny_claimed_usb_device_rule.h - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef PERMISSION_BROKER_DENY_CLAIMED_USB_DEVICE_RULE_H_
 #define PERMISSION_BROKER_DENY_CLAIMED_USB_DEVICE_RULE_H_

 #include <base/macros.h>
 #include <vector>

 #include "permission_broker/usb_subsystem_udev_rule.h"
 #include "policy/device_policy.h"
 #include "policy/libpolicy.h"

 struct udev;

 namespace permission_broker {

 // DenyClaimedUsbDeviceRule encapsulates the policy that any USB device that is
 // claimed by a driver is |DENY|'d, while all other requests are |IGNORE|'d. It
 // does this by walking the udev device tree (the entire tree, not just the USB
 // subsystem) and attempts, for each device entry, to find a parent device
 // within the USB subsystem whose device node property is the same as the |path|
 // parameter. If such a matching device exists, the path is rejected as it has
 // been demonstrated to be claimed by another udev entry.
 // Android devices with USB debugging enabled may have an unclaimed interface
 // for ADB but other claimed interfaces for e.g. mass storage. In this case,
 // we can allow access even if there are claimed interfaces, though we'll detach
 // first.
 class DenyClaimedUsbDeviceRule : public UsbSubsystemUdevRule {
  public:
   DenyClaimedUsbDeviceRule();
   ~DenyClaimedUsbDeviceRule() override;

   Result ProcessUsbDevice(udev_device* device) override;

  protected:
   std::vector<policy::DevicePolicy::UsbDeviceId> usb_whitelist_;

  private:
   bool policy_loaded_;

   // Loads the device settings policy and returns success.
   virtual bool LoadPolicy();

   // Returns whether a USB device is whitelisted inside the device settings
   // to be detached from its kernel driver.
   bool IsDeviceDetachable(udev_device* device);

   // Returns whether a USB interface represents the Android Debug Bridge.
   // If so, then its parent node is an Android device with USB debugging
   // enabled and we can detach its other interfaces to use it.
   bool IsInterfaceAdb(udev_device* device);

   DISALLOW_COPY_AND_ASSIGN(DenyClaimedUsbDeviceRule);
 };

 }  // namespace permission_broker

 #endif  // PERMISSION_BROKER_DENY_CLAIMED_USB_DEVICE_RULE_H_
	// Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef PERMISSION_BROKER_DENY_CLAIMED_USB_DEVICE_RULE_H_
	#define PERMISSION_BROKER_DENY_CLAIMED_USB_DEVICE_RULE_H_

	#include <base/macros.h>
	#include <vector>

	#include "permission_broker/usb_subsystem_udev_rule.h"
	#include "policy/device_policy.h"
	#include "policy/libpolicy.h"

	struct udev;

	namespace permission_broker {

	// DenyClaimedUsbDeviceRule encapsulates the policy that any USB device that is
	// claimed by a driver is \|DENY\|'d, while all other requests are \|IGNORE\|'d. It
	// does this by walking the udev device tree (the entire tree, not just the USB
	// subsystem) and attempts, for each device entry, to find a parent device
	// within the USB subsystem whose device node property is the same as the \|path\|
	// parameter. If such a matching device exists, the path is rejected as it has
	// been demonstrated to be claimed by another udev entry.
	// Android devices with USB debugging enabled may have an unclaimed interface
	// for ADB but other claimed interfaces for e.g. mass storage. In this case,
	// we can allow access even if there are claimed interfaces, though we'll detach
	// first.
	class DenyClaimedUsbDeviceRule : public UsbSubsystemUdevRule {
	public:
	DenyClaimedUsbDeviceRule();
	~DenyClaimedUsbDeviceRule() override;

	Result ProcessUsbDevice(udev_device* device) override;

	protected:
	std::vector<policy::DevicePolicy::UsbDeviceId> usb_whitelist_;

	private:
	bool policy_loaded_;

	// Loads the device settings policy and returns success.
	virtual bool LoadPolicy();

	// Returns whether a USB device is whitelisted inside the device settings
	// to be detached from its kernel driver.
	bool IsDeviceDetachable(udev_device* device);

	// Returns whether a USB interface represents the Android Debug Bridge.
	// If so, then its parent node is an Android device with USB debugging
	// enabled and we can detach its other interfaces to use it.
	bool IsInterfaceAdb(udev_device* device);

	DISALLOW_COPY_AND_ASSIGN(DenyClaimedUsbDeviceRule);
	};

	} // namespace permission_broker

	#endif // PERMISSION_BROKER_DENY_CLAIMED_USB_DEVICE_RULE_H_