From: "Grzegorz Kołodziejczyk" <grzegorz.kolodziejczyk@codecoup.pl>
To: Luiz Augusto von Dentz <luiz.dentz@gmail.com>
Cc: linux-bluetooth@vger.kernel.org
Subject: Re: [PATCH BlueZ 2/2] gatt: Don't require prepare write authorization for trusted devices
Date: Tue, 29 May 2018 12:05:43 +0200 [thread overview]
Message-ID: <CALevQMbEjYWTWqmKtVHpDmuGbLTahuq7X_WL4+Pi+ozQNxPueQ@mail.gmail.com> (raw)
In-Reply-To: <CABBYNZK4Aq24R9=K89Fu8oeX3aN1FV4sFj2vvnre4t4a+jQdEA@mail.gmail.com>
Hi Luiz,
wt., 29 maj 2018 o 11:39 Luiz Augusto von Dentz <luiz.dentz@gmail.com>
napisa=C5=82(a):
> Hi Grzegorz,
> On Tue, May 29, 2018 at 11:32 AM, Grzegorz Kolodziejczyk
> <grzegorz.kolodziejczyk@codecoup.pl> wrote:
> > This patch adds possibility to ommit prepare write authorization
> > request from trusted devices.
> > ---
> > src/gatt-database.c | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/src/gatt-database.c b/src/gatt-database.c
> > index 22c78e840..99c8ea231 100644
> > --- a/src/gatt-database.c
> > +++ b/src/gatt-database.c
> > @@ -2569,7 +2569,8 @@ static void desc_write_cb(struct
gatt_db_attribute *attrib,
> > }
> >
> > if (opcode =3D=3D BT_ATT_OP_PREP_WRITE_REQ) {
> > - if (!desc->prep_authorized &&
desc->req_prep_authorization)
> > + if (!device_is_trusted(device) &&
!desc->prep_authorized &&
> > +
desc->req_prep_authorization)
> > send_write(device, attrib, desc->proxy,
> > desc->pending_writes, id,
value, len,
> > offset,
bt_att_get_link_type(att),
> > @@ -2672,7 +2673,8 @@ static void chrc_write_cb(struct
gatt_db_attribute *attrib,
> > queue =3D NULL;
> >
> > if (opcode =3D=3D BT_ATT_OP_PREP_WRITE_REQ) {
> > - if (!chrc->prep_authorized &&
chrc->req_prep_authorization)
> > + if (!device_is_trusted(device) &&
!chrc->prep_authorized &&
> > +
chrc->req_prep_authorization)
> > send_write(device, attrib, chrc->proxy, queue,
> > id, value, len, offset,
> > bt_att_get_link_type(att),
true, true);
> > --
> > 2.13.6
> I guess I can ignore the first patch and just apply this one, or do
> you still have any use for checking the trusted flag on the client
> side?
Yes, I have use for checking the trusted flag on client side.
For example:
- Read/write,
- Long read, long write,
- Execute write
In all those cases user will be bothered with authorization request if
trusted won't be checked.
This patch 2/2 reduce redundant authorization request for prepare writes
only since we know that device is trusted on daemon side. In other cases
operation is authorized on client side, so I think there is no other place
where we can check if device is trusted.
> --
> Luiz Augusto von Dentz
Regards,
Grzegorz
next prev parent reply other threads:[~2018-05-29 10:05 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-29 8:32 [PATCH BlueZ 1/2] client: Don't require authorization for trusted devices Grzegorz Kolodziejczyk
2018-05-29 8:32 ` [PATCH BlueZ 2/2] gatt: Don't require prepare write " Grzegorz Kolodziejczyk
2018-05-29 9:39 ` Luiz Augusto von Dentz
2018-05-29 10:05 ` Grzegorz Kołodziejczyk [this message]
2018-05-29 10:14 ` Luiz Augusto von Dentz
2018-05-29 11:39 ` [PATCH BlueZ 1/2] client: Don't require " Luiz Augusto von Dentz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CALevQMbEjYWTWqmKtVHpDmuGbLTahuq7X_WL4+Pi+ozQNxPueQ@mail.gmail.com \
--to=grzegorz.kolodziejczyk@codecoup.pl \
--cc=linux-bluetooth@vger.kernel.org \
--cc=luiz.dentz@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).