[PATCH BlueZ] hog: Fix starting encryption on some BLE remotes

Linux bluetooth development
 help / color / mirror / Atom feed

* [PATCH BlueZ] hog: Fix starting encryption on some BLE remotes
@ 2026-06-08  9:11 Simon Mikuda
  2026-06-08 12:00 ` [BlueZ] " bluez.test.bot
  2026-06-08 14:23 ` [PATCH BlueZ] " Luiz Augusto von Dentz
  0 siblings, 2 replies; 6+ messages in thread
From: Simon Mikuda @ 2026-06-08  9:11 UTC (permalink / raw)
  To: linux-bluetooth; +Cc: Simon Mikuda

When BLE remote doesn't reply with Insufficient Authentication Error
encryption is not started.

Good remote:
< ACL Data TX: Handle 64 flags 0x00 dlen 7
      ATT: Read Request (0x0a) len 2
        Handle: 0x0021 Type: HID Information (0x2a4a)
> ACL Data RX: Handle 64 flags 0x02 dlen 9
      ATT: Error Response (0x01) len 4
        Read Request (0x0a)
        Handle: 0x0000
        Error: Insufficient Authentication (0x05)
< HCI Command: LE Start Encryption (0x08|0x0019) plen 28
        Handle: 64 Address: xx:xx:xx:xx:xx:xx (OUI xx-xx-xx)
        Random number: ...
        Encrypted diversifier: ...
        Long term key: ...

Bad remote:
< ACL Data TX: Handle 64 flags 0x00 dlen 7
      ATT: Read Request (0x0a) len 2
        Handle: 0x001e Type: HID Information (0x2a4a)
> ACL Data RX: Handle 64 flags 0x02 dlen 9
      ATT: Read Response (0x0b) len 4
---
 profiles/input/hog.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/profiles/input/hog.c b/profiles/input/hog.c
index f50a0f217..845087c9d 100644
--- a/profiles/input/hog.c
+++ b/profiles/input/hog.c
@@ -189,6 +189,9 @@ static int hog_accept(struct btd_service *service)
 		if (!bt_gatt_client_set_security(client,
 						BT_ATT_SECURITY_MEDIUM))
 			return -ECONNREFUSED;
+	} else if (auto_sec) {
+		bt_gatt_client_set_security(btd_device_get_gatt_client(device),
+				BT_ATT_SECURITY_MEDIUM);
 	}
 
 	/* TODO: Replace GAttrib with bt_gatt_client */
-- 
2.43.0


^ permalink raw reply related	[flat|nested] 6+ messages in thread

* RE: [BlueZ] hog: Fix starting encryption on some BLE remotes
  2026-06-08  9:11 [PATCH BlueZ] hog: Fix starting encryption on some BLE remotes Simon Mikuda
@ 2026-06-08 12:00 ` bluez.test.bot
  2026-06-08 14:23 ` [PATCH BlueZ] " Luiz Augusto von Dentz
  1 sibling, 0 replies; 6+ messages in thread
From: bluez.test.bot @ 2026-06-08 12:00 UTC (permalink / raw)
  To: linux-bluetooth, simon.mikuda

[-- Attachment #1: Type: text/plain, Size: 987 bytes --]

This is automated email and please do not reply to this email!

Dear submitter,

Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=1107612

---Test result---

Test Summary:
CheckPatch                    PASS      0.27 seconds
GitLint                       PASS      0.20 seconds
BuildEll                      PASS      12.59 seconds
BluezMake                     PASS      379.88 seconds
MakeCheck                     PASS      0.57 seconds
MakeDistcheck                 PASS      147.74 seconds
CheckValgrind                 PASS      116.75 seconds
CheckSmatch                   PASS      184.84 seconds
bluezmakeextell               PASS      95.68 seconds
IncrementalBuild              PASS      402.48 seconds
ScanBuild                     PASS      507.29 seconds



https://github.com/bluez/bluez/pull/2184

---
Regards,
Linux Bluetooth


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH BlueZ] hog: Fix starting encryption on some BLE remotes
  2026-06-08  9:11 [PATCH BlueZ] hog: Fix starting encryption on some BLE remotes Simon Mikuda
  2026-06-08 12:00 ` [BlueZ] " bluez.test.bot
@ 2026-06-08 14:23 ` Luiz Augusto von Dentz
  2026-06-09 16:25   ` Simon Mikuda
  1 sibling, 1 reply; 6+ messages in thread
From: Luiz Augusto von Dentz @ 2026-06-08 14:23 UTC (permalink / raw)
  To: Simon Mikuda; +Cc: linux-bluetooth

Hi Simon,

On Mon, Jun 8, 2026 at 5:20 AM Simon Mikuda
<simon.mikuda@streamunlimited.com> wrote:
>
> When BLE remote doesn't reply with Insufficient Authentication Error
> encryption is not started.
>
> Good remote:
> < ACL Data TX: Handle 64 flags 0x00 dlen 7
>       ATT: Read Request (0x0a) len 2
>         Handle: 0x0021 Type: HID Information (0x2a4a)
> > ACL Data RX: Handle 64 flags 0x02 dlen 9
>       ATT: Error Response (0x01) len 4
>         Read Request (0x0a)
>         Handle: 0x0000
>         Error: Insufficient Authentication (0x05)
> < HCI Command: LE Start Encryption (0x08|0x0019) plen 28
>         Handle: 64 Address: xx:xx:xx:xx:xx:xx (OUI xx-xx-xx)
>         Random number: ...
>         Encrypted diversifier: ...
>         Long term key: ...
>
> Bad remote:
> < ACL Data TX: Handle 64 flags 0x00 dlen 7
>       ATT: Read Request (0x0a) len 2
>         Handle: 0x001e Type: HID Information (0x2a4a)
> > ACL Data RX: Handle 64 flags 0x02 dlen 9
>       ATT: Read Response (0x0b) len 4
> ---
>  profiles/input/hog.c | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/profiles/input/hog.c b/profiles/input/hog.c
> index f50a0f217..845087c9d 100644
> --- a/profiles/input/hog.c
> +++ b/profiles/input/hog.c
> @@ -189,6 +189,9 @@ static int hog_accept(struct btd_service *service)
>                 if (!bt_gatt_client_set_security(client,
>                                                 BT_ATT_SECURITY_MEDIUM))
>                         return -ECONNREFUSED;
> +       } else if (auto_sec) {
> +               bt_gatt_client_set_security(btd_device_get_gatt_client(device),
> +                               BT_ATT_SECURITY_MEDIUM);

So this forces encryption even without bonding; why?

>         }
>
>         /* TODO: Replace GAttrib with bt_gatt_client */
> --
> 2.43.0
>
>


-- 
Luiz Augusto von Dentz

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH BlueZ] hog: Fix starting encryption on some BLE remotes
  2026-06-08 14:23 ` [PATCH BlueZ] " Luiz Augusto von Dentz
@ 2026-06-09 16:25   ` Simon Mikuda
  2026-06-09 16:35     ` Luiz Augusto von Dentz
  0 siblings, 1 reply; 6+ messages in thread
From: Simon Mikuda @ 2026-06-09 16:25 UTC (permalink / raw)
  To: Luiz Augusto von Dentz; +Cc: linux-bluetooth

Hi Luiz.
I don't think it forces encryption without bonding.
The diff is:
          if (!device_is_bonded(device, 
btd_device_get_bdaddr_type(device))) {
     ........
+        } else if (auto_sec) {
+  bt_gatt_client_set_security(btd_device_get_gatt_client(device),
+                                BT_ATT_SECURITY_MEDIUM);
          }

so it means device IS bonded and auto_sec is enabled


On 6/8/26 16:23, Luiz Augusto von Dentz wrote:
> Hi Simon,
>
> On Mon, Jun 8, 2026 at 5:20 AM Simon Mikuda
> <simon.mikuda@streamunlimited.com> wrote:
>> When BLE remote doesn't reply with Insufficient Authentication Error
>> encryption is not started.
>>
>> Good remote:
>> < ACL Data TX: Handle 64 flags 0x00 dlen 7
>>        ATT: Read Request (0x0a) len 2
>>          Handle: 0x0021 Type: HID Information (0x2a4a)
>>> ACL Data RX: Handle 64 flags 0x02 dlen 9
>>        ATT: Error Response (0x01) len 4
>>          Read Request (0x0a)
>>          Handle: 0x0000
>>          Error: Insufficient Authentication (0x05)
>> < HCI Command: LE Start Encryption (0x08|0x0019) plen 28
>>          Handle: 64 Address: xx:xx:xx:xx:xx:xx (OUI xx-xx-xx)
>>          Random number: ...
>>          Encrypted diversifier: ...
>>          Long term key: ...
>>
>> Bad remote:
>> < ACL Data TX: Handle 64 flags 0x00 dlen 7
>>        ATT: Read Request (0x0a) len 2
>>          Handle: 0x001e Type: HID Information (0x2a4a)
>>> ACL Data RX: Handle 64 flags 0x02 dlen 9
>>        ATT: Read Response (0x0b) len 4
>> ---
>>   profiles/input/hog.c | 3 +++
>>   1 file changed, 3 insertions(+)
>>
>> diff --git a/profiles/input/hog.c b/profiles/input/hog.c
>> index f50a0f217..845087c9d 100644
>> --- a/profiles/input/hog.c
>> +++ b/profiles/input/hog.c
>> @@ -189,6 +189,9 @@ static int hog_accept(struct btd_service *service)
>>                  if (!bt_gatt_client_set_security(client,
>>                                                  BT_ATT_SECURITY_MEDIUM))
>>                          return -ECONNREFUSED;
>> +       } else if (auto_sec) {
>> +               bt_gatt_client_set_security(btd_device_get_gatt_client(device),
>> +                               BT_ATT_SECURITY_MEDIUM);
> So this forces encryption even without bonding; why?
>
>>          }
>>
>>          /* TODO: Replace GAttrib with bt_gatt_client */
>> --
>> 2.43.0
>>
>>
>

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH BlueZ] hog: Fix starting encryption on some BLE remotes
  2026-06-09 16:25   ` Simon Mikuda
@ 2026-06-09 16:35     ` Luiz Augusto von Dentz
  2026-06-09 16:46       ` Simon Mikuda
  0 siblings, 1 reply; 6+ messages in thread
From: Luiz Augusto von Dentz @ 2026-06-09 16:35 UTC (permalink / raw)
  To: Simon Mikuda; +Cc: linux-bluetooth

Hi Simon,

On Tue, Jun 9, 2026 at 12:25 PM Simon Mikuda
<simon.mikuda@streamunlimited.com> wrote:
>
> Hi Luiz.
> I don't think it forces encryption without bonding.
> The diff is:
>           if (!device_is_bonded(device,
> btd_device_get_bdaddr_type(device))) {
>      ........
> +        } else if (auto_sec) {
> +  bt_gatt_client_set_security(btd_device_get_gatt_client(device),
> +                                BT_ATT_SECURITY_MEDIUM);
>           }
>
> so it means device IS bonded and auto_sec is enabled

Hmm, but in that case doesn't the following code trigger first:

https://github.com/bluez/bluez/blob/master/src/device.c#L6469

So either there is a bug or the code you are adding is just a NOP
because the security has already been set to BT_ATT_SECURITY_MEDIUM.

>
> On 6/8/26 16:23, Luiz Augusto von Dentz wrote:
> > Hi Simon,
> >
> > On Mon, Jun 8, 2026 at 5:20 AM Simon Mikuda
> > <simon.mikuda@streamunlimited.com> wrote:
> >> When BLE remote doesn't reply with Insufficient Authentication Error
> >> encryption is not started.
> >>
> >> Good remote:
> >> < ACL Data TX: Handle 64 flags 0x00 dlen 7
> >>        ATT: Read Request (0x0a) len 2
> >>          Handle: 0x0021 Type: HID Information (0x2a4a)
> >>> ACL Data RX: Handle 64 flags 0x02 dlen 9
> >>        ATT: Error Response (0x01) len 4
> >>          Read Request (0x0a)
> >>          Handle: 0x0000
> >>          Error: Insufficient Authentication (0x05)
> >> < HCI Command: LE Start Encryption (0x08|0x0019) plen 28
> >>          Handle: 64 Address: xx:xx:xx:xx:xx:xx (OUI xx-xx-xx)
> >>          Random number: ...
> >>          Encrypted diversifier: ...
> >>          Long term key: ...
> >>
> >> Bad remote:
> >> < ACL Data TX: Handle 64 flags 0x00 dlen 7
> >>        ATT: Read Request (0x0a) len 2
> >>          Handle: 0x001e Type: HID Information (0x2a4a)
> >>> ACL Data RX: Handle 64 flags 0x02 dlen 9
> >>        ATT: Read Response (0x0b) len 4
> >> ---
> >>   profiles/input/hog.c | 3 +++
> >>   1 file changed, 3 insertions(+)
> >>
> >> diff --git a/profiles/input/hog.c b/profiles/input/hog.c
> >> index f50a0f217..845087c9d 100644
> >> --- a/profiles/input/hog.c
> >> +++ b/profiles/input/hog.c
> >> @@ -189,6 +189,9 @@ static int hog_accept(struct btd_service *service)
> >>                  if (!bt_gatt_client_set_security(client,
> >>                                                  BT_ATT_SECURITY_MEDIUM))
> >>                          return -ECONNREFUSED;
> >> +       } else if (auto_sec) {
> >> +               bt_gatt_client_set_security(btd_device_get_gatt_client(device),
> >> +                               BT_ATT_SECURITY_MEDIUM);
> > So this forces encryption even without bonding; why?
> >
> >>          }
> >>
> >>          /* TODO: Replace GAttrib with bt_gatt_client */
> >> --
> >> 2.43.0
> >>
> >>
> >



-- 
Luiz Augusto von Dentz

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH BlueZ] hog: Fix starting encryption on some BLE remotes
  2026-06-09 16:35     ` Luiz Augusto von Dentz
@ 2026-06-09 16:46       ` Simon Mikuda
  0 siblings, 0 replies; 6+ messages in thread
From: Simon Mikuda @ 2026-06-09 16:46 UTC (permalink / raw)
  To: Luiz Augusto von Dentz; +Cc: linux-bluetooth

Ahh. We have this modified in our codebase - we have a change that you 
will not increase security yourself you leave it to remote device (in 
case user has removed LTK on remote device and you still have one, you 
will not trigger authentication error).

So you're right, if this is in place it would have increase the 
security. We will squash those commits together internally.

Thanks!

On 6/9/26 18:35, Luiz Augusto von Dentz wrote:
> Hi Simon,
>
> On Tue, Jun 9, 2026 at 12:25 PM Simon Mikuda
> <simon.mikuda@streamunlimited.com> wrote:
>> Hi Luiz.
>> I don't think it forces encryption without bonding.
>> The diff is:
>>            if (!device_is_bonded(device,
>> btd_device_get_bdaddr_type(device))) {
>>       ........
>> +        } else if (auto_sec) {
>> +  bt_gatt_client_set_security(btd_device_get_gatt_client(device),
>> +                                BT_ATT_SECURITY_MEDIUM);
>>            }
>>
>> so it means device IS bonded and auto_sec is enabled
> Hmm, but in that case doesn't the following code trigger first:
>
> https://github.com/bluez/bluez/blob/master/src/device.c#L6469
>
> So either there is a bug or the code you are adding is just a NOP
> because the security has already been set to BT_ATT_SECURITY_MEDIUM.
>
>> On 6/8/26 16:23, Luiz Augusto von Dentz wrote:
>>> Hi Simon,
>>>
>>> On Mon, Jun 8, 2026 at 5:20 AM Simon Mikuda
>>> <simon.mikuda@streamunlimited.com> wrote:
>>>> When BLE remote doesn't reply with Insufficient Authentication Error
>>>> encryption is not started.
>>>>
>>>> Good remote:
>>>> < ACL Data TX: Handle 64 flags 0x00 dlen 7
>>>>         ATT: Read Request (0x0a) len 2
>>>>           Handle: 0x0021 Type: HID Information (0x2a4a)
>>>>> ACL Data RX: Handle 64 flags 0x02 dlen 9
>>>>         ATT: Error Response (0x01) len 4
>>>>           Read Request (0x0a)
>>>>           Handle: 0x0000
>>>>           Error: Insufficient Authentication (0x05)
>>>> < HCI Command: LE Start Encryption (0x08|0x0019) plen 28
>>>>           Handle: 64 Address: xx:xx:xx:xx:xx:xx (OUI xx-xx-xx)
>>>>           Random number: ...
>>>>           Encrypted diversifier: ...
>>>>           Long term key: ...
>>>>
>>>> Bad remote:
>>>> < ACL Data TX: Handle 64 flags 0x00 dlen 7
>>>>         ATT: Read Request (0x0a) len 2
>>>>           Handle: 0x001e Type: HID Information (0x2a4a)
>>>>> ACL Data RX: Handle 64 flags 0x02 dlen 9
>>>>         ATT: Read Response (0x0b) len 4
>>>> ---
>>>>    profiles/input/hog.c | 3 +++
>>>>    1 file changed, 3 insertions(+)
>>>>
>>>> diff --git a/profiles/input/hog.c b/profiles/input/hog.c
>>>> index f50a0f217..845087c9d 100644
>>>> --- a/profiles/input/hog.c
>>>> +++ b/profiles/input/hog.c
>>>> @@ -189,6 +189,9 @@ static int hog_accept(struct btd_service *service)
>>>>                   if (!bt_gatt_client_set_security(client,
>>>>                                                   BT_ATT_SECURITY_MEDIUM))
>>>>                           return -ECONNREFUSED;
>>>> +       } else if (auto_sec) {
>>>> +               bt_gatt_client_set_security(btd_device_get_gatt_client(device),
>>>> +                               BT_ATT_SECURITY_MEDIUM);
>>> So this forces encryption even without bonding; why?
>>>
>>>>           }
>>>>
>>>>           /* TODO: Replace GAttrib with bt_gatt_client */
>>>> --
>>>> 2.43.0
>>>>
>>>>
>
>

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2026-06-09 16:46 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-06-08  9:11 [PATCH BlueZ] hog: Fix starting encryption on some BLE remotes Simon Mikuda
2026-06-08 12:00 ` [BlueZ] " bluez.test.bot
2026-06-08 14:23 ` [PATCH BlueZ] " Luiz Augusto von Dentz
2026-06-09 16:25   ` Simon Mikuda
2026-06-09 16:35     ` Luiz Augusto von Dentz
2026-06-09 16:46       ` Simon Mikuda

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox