From: Johan Hedberg <johan.hedberg@gmail.com>
To: Claudio Takahasi <claudio.takahasi@openbossa.org>
Cc: linux-bluetooth@vger.kernel.org
Subject: Re: [PATCH 1/2] Change security level on demand when reading characteristic value
Date: Fri, 31 Dec 2010 10:31:52 +0200 [thread overview]
Message-ID: <20101231083152.GA8328@jh-x301> (raw)
In-Reply-To: <1293744130-21124-1-git-send-email-claudio.takahasi@openbossa.org>
Hi Claudio,
On Thu, Dec 30, 2010, Claudio Takahasi wrote:
> If a characteristic requires a higher security level, change it on
> demand and re-send the GATT Charateristic Value Read. Request will not
> be sent until the SMP negotiation finishes. This change doesn't affect
> GATT over BR/EDR, since encryption is mandatory for BR/EDR.
> ---
> attrib/client.c | 11 +++++++++++
> attrib/gattrib.c | 8 ++++++++
> attrib/gattrib.h | 2 ++
> 3 files changed, 21 insertions(+), 0 deletions(-)
>
> diff --git a/attrib/client.c b/attrib/client.c
> index 10bbf7d..3297a0c 100644
> --- a/attrib/client.c
> +++ b/attrib/client.c
> @@ -744,6 +744,17 @@ static void update_char_value(guint8 status, const guint8 *pdu,
>
> if (status == 0)
> characteristic_set_value(chr, pdu + 1, len - 1);
> + else if (status == ATT_ECODE_INSUFF_ENC) {
> + GIOChannel *io = g_attrib_get_channel(gatt->attrib);
> +
> + if (bt_io_set(io, BT_IO_L2CAP, NULL,
> + BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_HIGH,
> + BT_IO_OPT_INVALID)) {
> + gatt_read_char(gatt->attrib, chr->handle,
> + update_char_value, current);
> + return;
> + }
> + }
The main problem with this is that it seems to be blocking. We can't
have that in a single threaded process like bluetoothd.
What I think the kernel should do when increasing the security level
with setsockopt is to mark the socket in a special state where neither
reads nor writes will succeed. Once the authentication is complete the
kernel would indicate POLLOUT on the socket, i.e. more or less the same
behavior as with non-blocking connects. If the authentication fails the
kernel would disconnect the socket.
We should also implement the same behavior for BR/EDR L2CAP sockets.
It'll particularly be useful for the HID implementation which right now
uses a raw HCI socket to request authentication and encryption when it
notices that the connected device is a keyboard (and not a mouse). The
whole thing could be abstracted by BtIO using something like
bt_io_set_security which would take a BtIOConnect callback pointer to
notify completion.
Johan
next prev parent reply other threads:[~2010-12-31 8:31 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-12-30 21:22 [PATCH 1/2] Change security level on demand when reading characteristic value Claudio Takahasi
2010-12-30 21:22 ` [PATCH 2/2] Change security level on demand when reading characteristic descriptor Claudio Takahasi
2010-12-31 8:31 ` Johan Hedberg [this message]
2010-12-31 16:10 ` [PATCH 1/2] Change security level on demand when reading characteristic value Claudio Takahasi
2011-01-05 12:10 ` Johan Hedberg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20101231083152.GA8328@jh-x301 \
--to=johan.hedberg@gmail.com \
--cc=claudio.takahasi@openbossa.org \
--cc=linux-bluetooth@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox