From: Marcel Holtmann <marcel@holtmann.org>
To: Gustavo Padovan <gustavo@padovan.org>
Cc: linux-bluetooth@vger.kernel.org
Subject: Re: [PATCH 2/2] Bluetooth: report the right security level in getsockopt
Date: Sun, 06 May 2012 09:13:53 -0700 [thread overview]
Message-ID: <1336320833.5970.84.camel@aeonflux> (raw)
In-Reply-To: <1336096794-16993-2-git-send-email-gustavo@padovan.org>
Hi Gustavo,
> During a security level elevation we need to keep track of the current
> security level of a connection until the new one is not confirmed.
>
> Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
> ---
> include/net/bluetooth/l2cap.h | 1 +
> net/bluetooth/l2cap_sock.c | 6 +++++-
> 2 files changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/include/net/bluetooth/l2cap.h b/include/net/bluetooth/l2cap.h
> index 92c0423..ff34be7 100644
> --- a/include/net/bluetooth/l2cap.h
> +++ b/include/net/bluetooth/l2cap.h
> @@ -446,6 +446,7 @@ struct l2cap_chan {
> __le16 sport;
>
> __u8 sec_level;
> + __u8 current_sl;
this name is not good. Call it active_sec_level or cur_sec_level.
>
> __u8 ident;
>
> diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c
> index 7e3386f..8f59fa6 100644
> --- a/net/bluetooth/l2cap_sock.c
> +++ b/net/bluetooth/l2cap_sock.c
> @@ -379,7 +379,10 @@ static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, ch
> }
>
> memset(&sec, 0, sizeof(sec));
> - sec.level = chan->sec_level;
> + if (bt_sk(sk)->suspended)
> + sec.level = chan->current_sl;
> + else
> + sec.level = chan->sec_level;
I think getsockopt should just return the actual current active security
level.
And why are we not accessing this via chan->conn->hcon->sec_level and
its pending_sec_level variables.
>
> if (sk->sk_state == BT_CONNECTED)
> sec.key_size = chan->conn->hcon->enc_key_size;
> @@ -577,6 +580,7 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, ch
> break;
> }
>
> + chan->current_sl = chan->sec_level;
> chan->sec_level = sec.level;
>
> if (!chan->conn)
Regards
Marcel
next prev parent reply other threads:[~2012-05-06 16:13 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-05-04 1:59 [PATCH 1/2] Bluetooth: notify userspace of security level change Gustavo Padovan
2012-05-04 1:59 ` [PATCH 2/2] Bluetooth: report the right security level in getsockopt Gustavo Padovan
2012-05-06 16:13 ` Marcel Holtmann [this message]
2012-05-06 16:07 ` [PATCH 1/2] Bluetooth: notify userspace of security level change Marcel Holtmann
2012-05-07 5:13 ` Gustavo Padovan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1336320833.5970.84.camel@aeonflux \
--to=marcel@holtmann.org \
--cc=gustavo@padovan.org \
--cc=linux-bluetooth@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.