From a8e3a898a2bc004ca1fcd278b68f5da5c344afbb Mon Sep 17 00:00:00 2001
From: Mike Lockwood <lockwood@android.com>
Date: Tue, 1 Feb 2011 13:46:50 -0500
Subject: UsbService: Add support for blacklisting certain USB busses

This can be used to prevent applications from connecting to
sensitive internal USB devices (like the modem)

Change-Id: I6587f58018e3f8d8f78405d4004cce64db23b628
Signed-off-by: Mike Lockwood <lockwood@android.com>
---
 core/res/res/values/config.xml                   |  8 ++++++++
 services/java/com/android/server/UsbService.java | 23 +++++++++++++++++++++++
 2 files changed, 31 insertions(+)

diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml
index e0c26d4771d2..47ebedfdf9b8 100644
--- a/core/res/res/values/config.xml
+++ b/core/res/res/values/config.xml
@@ -284,6 +284,14 @@
     <!-- Indicate whether the device has USB host support. -->
     <bool name="config_hasUsbHostSupport">false</bool>
 
+    <!-- List of file paths for USB host busses to exclude from USB host support.
+         For example, if the first USB bus on the device is used to communicate
+         with the modem or some other restricted hardware, add "/dev/bus/usb/001/"
+         to this list.  If this is empty, no parts of the host USB bus will be excluded.
+    -->
+    <string-array name="config_usbHostBlacklist">
+    </string-array>
+
     <!-- Vibrator pattern for feedback about a long screen/key press -->
     <integer-array name="config_longPressVibePattern">
         <item>0</item>
diff --git a/services/java/com/android/server/UsbService.java b/services/java/com/android/server/UsbService.java
index 5c03fb2a76e4..45b0fcfe6821 100644
--- a/services/java/com/android/server/UsbService.java
+++ b/services/java/com/android/server/UsbService.java
@@ -83,6 +83,9 @@ class UsbService extends IUsbManager.Stub {
 
     private final HashMap<String,UsbDevice> mDevices = new HashMap<String,UsbDevice>();
 
+    // USB busses to exclude from USB host support
+    private final String[] mHostBlacklist;
+
     private boolean mSystemReady;
 
     private final Context mContext;
@@ -143,6 +146,9 @@ class UsbService extends IUsbManager.Stub {
 
     public UsbService(Context context) {
         mContext = context;
+        mHostBlacklist = context.getResources().getStringArray(
+                com.android.internal.R.array.config_usbHostBlacklist);
+
         init();  // set initial status
 
         if (mConfiguration >= 0) {
@@ -197,6 +203,16 @@ class UsbService extends IUsbManager.Stub {
         }
     }
 
+    private boolean isBlackListed(String deviceName) {
+        int count = mHostBlacklist.length;
+        for (int i = 0; i < count; i++) {
+            if (deviceName.startsWith(mHostBlacklist[i])) {
+                return true;
+            }
+        }
+        return false;
+    }
+
     // called from JNI in monitorUsbHostBus()
     private void usbDeviceAdded(String deviceName, int vendorID, int productID,
             int deviceClass, int deviceSubclass, int deviceProtocol,
@@ -212,6 +228,10 @@ class UsbService extends IUsbManager.Stub {
             return;
         }
 
+        if (isBlackListed(deviceName)) {
+            return;
+        }
+
         synchronized (mDevices) {
             if (mDevices.get(deviceName) != null) {
                 Log.w(TAG, "device already on mDevices list: " + deviceName);
@@ -328,6 +348,9 @@ class UsbService extends IUsbManager.Stub {
     }
 
     public ParcelFileDescriptor openDevice(String deviceName) {
+        if (isBlackListed(deviceName)) {
+            throw new SecurityException("USB device is on a restricted bus");
+        }
         mContext.enforceCallingOrSelfPermission(android.Manifest.permission.ACCESS_USB, null);
         return nativeOpenDevice(deviceName);
     }
-- 
cgit v1.2.3-59-g8ed1b