commit e7d0813602a7a8c67ebd957e7575b3050179f621
author Garret Kelly <gdk@chromium.org> Fri Dec 14 04:44:11 2012
committer Garret Kelly <gdk@chromium.org> Wed Jan 23 17:32:03 2013
tree b9bc9b0b7a16498f6c3ed97218ad1c764bdca2bb
parent 4f9de2c491cea37aa83a7459f514ce0805b22154

Add mechanism to grant USB exceptions.

This mechanism allows VID/PID pairs to be registered that will always
appear to have succeeded in having permission granted to them. The
permission broker will take no action in finding the underlying device.
Instead, it is assumed that other system mechanisms will grant access
(udev rules, etc.)

BUG=chromium-os:33830
TEST=manual

Change-Id: I3324e772a8e3122962e6b9fba3d2e27d3e877d9e

permission_broker.cc

diff --git a/permission_broker.cc b/permission_broker.cc
index c9bf2e3..35a3c9e 100644
--- a/permission_broker.cc
+++ b/permission_broker.cc
@@ -83,6 +83,11 @@
   g_main_loop_run(loop);
 }
 
+void PermissionBroker::AddUsbException(const uint16_t vendor_id,
+                                       const uint16_t product_id) {
+  usb_exceptions_.insert(std::make_pair(vendor_id, product_id));
+}
+
 void PermissionBroker::AddRule(Rule *rule) {
   CHECK(rule) << "Cannot add NULL as a rule.";
   rules_.push_back(rule);
@@ -254,14 +259,18 @@
     return reply;
   }
 
-  vector<string> paths;
-  if (ExpandUsbIdentifiersToPaths(vendor_id, product_id, &paths)) {
+  if (ContainsKey(usb_exceptions_, std::make_pair(vendor_id, product_id))) {
     success = true;
-    for (unsigned int i = 0; i < paths.size(); ++i)
-      success &= ProcessPath(paths[i]);
   } else {
-    LOG(INFO) << "Could not expand (" << vendor_id << ", " << product_id
-              << ") to a list of device nodes.";
+    vector<string> paths;
+    if (ExpandUsbIdentifiersToPaths(vendor_id, product_id, &paths)) {
+      success = true;
+      for (unsigned int i = 0; i < paths.size(); ++i)
+        success &= ProcessPath(paths[i]);
+    } else {
+      LOG(INFO) << "Could not expand (" << vendor_id << ", " << product_id
+                << ") to a list of device nodes.";
+    }
   }
 
   dbus_message_append_args(reply,

permission_broker.h

diff --git a/permission_broker.h b/permission_broker.h
index f84b653..f469631 100644
--- a/permission_broker.h
+++ b/permission_broker.h
@@ -9,7 +9,9 @@
 #include <grp.h>
 #include <libudev.h>
 
+#include <set>
 #include <string>
+#include <utility>
 #include <vector>
 
 #include "base/basictypes.h"
@@ -30,6 +32,11 @@
   // interface. Never returns.
   void Run();
 
+  // Adds an exception to the rule processor that forces devices identified by
+  // |vendor_id| and |product_id| to be ignored by the broker, but to claim that
+  // they were successfully opened when requested.
+  void AddUsbException(const uint16_t vendor_id, const uint16_t product_id);
+
   // Adds |rule| to the end of the existing rule chain. Takes ownership of
   // |rule|.
   void AddRule(Rule *rule);
@@ -76,6 +83,7 @@
   struct udev *udev_;
   gid_t access_group_;
   std::vector<Rule *> rules_;
+  std::set<std::pair<uint16_t, uint16_t> > usb_exceptions_;
 
   DISALLOW_COPY_AND_ASSIGN(PermissionBroker);
 };