Re: [PATCH BlueZ 2/2] gatt: Don't require prepare write authorization for trusted devices

linux-bluetooth.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Luiz Augusto von Dentz <luiz.dentz@gmail.com>
To: "Grzegorz Kołodziejczyk" <grzegorz.kolodziejczyk@codecoup.pl>
Cc: "linux-bluetooth@vger.kernel.org" <linux-bluetooth@vger.kernel.org>
Subject: Re: [PATCH BlueZ 2/2] gatt: Don't require prepare write authorization for trusted devices
Date: Tue, 29 May 2018 13:14:01 +0300	[thread overview]
Message-ID: <CABBYNZ+xKYR2xEznvPoRBteb9nbDTGLvyxEG77NZ1-odbFjyCQ@mail.gmail.com> (raw)
In-Reply-To: <CALevQMbEjYWTWqmKtVHpDmuGbLTahuq7X_WL4+Pi+ozQNxPueQ@mail.gmail.com>

Hi Grzegorz,

On Tue, May 29, 2018 at 1:05 PM, Grzegorz Ko=C5=82odziejczyk
<grzegorz.kolodziejczyk@codecoup.pl> wrote:
> Hi Luiz,
>
>
> wt., 29 maj 2018 o 11:39 Luiz Augusto von Dentz <luiz.dentz@gmail.com>
> napisa=C5=82(a):
>
>> Hi Grzegorz,
>
>> On Tue, May 29, 2018 at 11:32 AM, Grzegorz Kolodziejczyk
>> <grzegorz.kolodziejczyk@codecoup.pl> wrote:
>> > This patch adds possibility to ommit prepare write authorization
>> > request from trusted devices.
>> > ---
>> >  src/gatt-database.c | 6 ++++--
>> >  1 file changed, 4 insertions(+), 2 deletions(-)
>> >
>> > diff --git a/src/gatt-database.c b/src/gatt-database.c
>> > index 22c78e840..99c8ea231 100644
>> > --- a/src/gatt-database.c
>> > +++ b/src/gatt-database.c
>> > @@ -2569,7 +2569,8 @@ static void desc_write_cb(struct
> gatt_db_attribute *attrib,
>> >         }
>> >
>> >         if (opcode =3D=3D BT_ATT_OP_PREP_WRITE_REQ) {
>> > -               if (!desc->prep_authorized &&
> desc->req_prep_authorization)
>> > +               if (!device_is_trusted(device) &&
> !desc->prep_authorized &&
>> > +
> desc->req_prep_authorization)
>> >                         send_write(device, attrib, desc->proxy,
>> >                                         desc->pending_writes, id,
> value, len,
>> >                                         offset,
> bt_att_get_link_type(att),
>> > @@ -2672,7 +2673,8 @@ static void chrc_write_cb(struct
> gatt_db_attribute *attrib,
>> >                 queue =3D NULL;
>> >
>> >         if (opcode =3D=3D BT_ATT_OP_PREP_WRITE_REQ) {
>> > -               if (!chrc->prep_authorized &&
> chrc->req_prep_authorization)
>> > +               if (!device_is_trusted(device) &&
> !chrc->prep_authorized &&
>> > +
> chrc->req_prep_authorization)
>> >                         send_write(device, attrib, chrc->proxy, queue,
>> >                                         id, value, len, offset,
>> >                                         bt_att_get_link_type(att),
> true, true);
>> > --
>> > 2.13.6
>
>> I guess I can ignore the first patch and just apply this one, or do
>> you still have any use for checking the trusted flag on the client
>> side?
>
> Yes, I have use for checking the trusted flag on client side.
>
> For example:
> - Read/write,
> - Long read, long write,
> - Execute write

Right, so those are to prevent the client to show any prompt, got it now.

> In all those cases user will be bothered with authorization request if
> trusted won't be checked.
>
> This patch 2/2 reduce redundant authorization request for prepare writes
> only since we know that device is trusted on daemon side. In other cases
> operation is authorized on client side, so I think there is no other plac=
e
> where we can check if device is trusted.
>
>> --
>> Luiz Augusto von Dentz
>
> Regards,
> Grzegorz



--=20
Luiz Augusto von Dentz

next prev parent reply	other threads:[~2018-05-29 10:14 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-05-29  8:32 [PATCH BlueZ 1/2] client: Don't require authorization for trusted devices Grzegorz Kolodziejczyk
2018-05-29  8:32 ` [PATCH BlueZ 2/2] gatt: Don't require prepare write " Grzegorz Kolodziejczyk
2018-05-29  9:39   ` Luiz Augusto von Dentz
2018-05-29 10:05     ` Grzegorz Kołodziejczyk
2018-05-29 10:14       ` Luiz Augusto von Dentz [this message]
2018-05-29 11:39 ` [PATCH BlueZ 1/2] client: Don't require " Luiz Augusto von Dentz

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CABBYNZ+xKYR2xEznvPoRBteb9nbDTGLvyxEG77NZ1-odbFjyCQ@mail.gmail.com \
    --to=luiz.dentz@gmail.com \
    --cc=grzegorz.kolodziejczyk@codecoup.pl \
    --cc=linux-bluetooth@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).