From: Luiz Augusto von Dentz <luiz.dentz@gmail.com>
To: Kai Ruhnau <kai.ruhnau@target-sg.com>
Cc: "linux-bluetooth@vger.kernel.org" <linux-bluetooth@vger.kernel.org>
Subject: Re: Characteristic ReadValue / WriteValue never finish
Date: Wed, 29 Apr 2020 11:59:51 -0700 [thread overview]
Message-ID: <CABBYNZ+7_N27=2_t1ZjVtmTvoqAv_PB67A+Or_hp_XrS4tqnNw@mail.gmail.com> (raw)
In-Reply-To: <AM0PR02MB3841479A0B2378DF0B0109AAC5AC0@AM0PR02MB3841.eurprd02.prod.outlook.com>
Hi Kai,
On Tue, Apr 28, 2020 at 5:59 AM Kai Ruhnau <kai.ruhnau@target-sg.com> wrote:
>
> Hi,
>
> I'm running Linux 5.4.32 and Bluez 5.54 on my embedded platform and use from my
> application the DBus interface to set up the local GATT database and work with
> remote services.
>
> In one scenario, I have an agent registered and call as peripheral the
> ReadValue method of a central's encrypted characteristic before pairing has
> been done. This results in my agent implementation receiving a
> RequestConfirmation call for pairing. I complete that agent's method call with
> an org.bluez.Error.Rejected error and unregister my agent. The initial
> ReadValue method call, though, is never completed - my application neither
> receives a DBus method return or an error for that method call.
>
> Instead, using btmon, I can see that internally, the read request is
> continuously retried every ~1.2 seconds. Each time, there is an Insufficient
> Authentication error, a Pairing Request, an immediate Authentication Failed,
> and a Pairing Failed response.
>
> I would have expected that after rejecting the first pairing request, the
> ReadValue method call is completed with for example a
> org.bluez.Error.NotAuthorized error, and not an uninterruptible loop.
>
> These are the bluetoothd debug messages while in the loop:
> bluetoothd[2370]: ../bluez-5.54/src/device.c:gatt_debug() Read By Type - start: 0x0001 end: 0x0005
> bluetoothd[2370]: ../bluez-5.54/src/gatt-database.c:gap_device_name_read_cb() GAP Device Name read request
> bluetoothd[2370]: ../bluez-5.54/src/adapter.c:bonding_attempt_complete() hci0 bdaddr 5A:2A:C3:75:E8:BB type 2 status 0x5
> bluetoothd[2370]: ../bluez-5.54/src/device.c:device_bonding_complete() bonding (nil) status 0x05
> bluetoothd[2370]: ../bluez-5.54/src/device.c:device_bonding_failed() status 5
> bluetoothd[2370]: ../bluez-5.54/src/adapter.c:resume_discovery()
> [pause, then repeat]
>
>
> Here's an excerpt from the btmon log starting at the reject and showing the loop
>
> @ MGMT Command: User Confirmation... (0x001d) plen 7 {0x0001} [hci0] 44.045329
> LE Address: 4E:FE:AC:7A:F8:93 (Resolvable)
> < ACL Data TX: Handle 1025 flags 0x00 dlen 6 #322 [hci0] 44.045373
> SMP: Pairing Failed (0x05) len 1
> Reason: Numeric comparison failed (0x0c)
> @ MGMT Event: Authentication Failed (0x0011) plen 8 {0x0002} [hci0] 44.045400
> LE Address: 4E:FE:AC:7A:F8:93 (Resolvable)
> Status: Authentication Failed (0x05)
> @ MGMT Event: Authentication Failed (0x0011) plen 8 {0x0001} [hci0] 44.045400
> LE Address: 4E:FE:AC:7A:F8:93 (Resolvable)
> Status: Authentication Failed (0x05)
> @ MGMT Event: Command Complete (0x0001) plen 10 {0x0001} [hci0] 44.045426
> User Confirmation Negative Reply (0x001d) plen 7
> Status: Success (0x00)
> LE Address: 4E:FE:AC:7A:F8:93 (Resolvable)
> @ MGMT Command: Remove Advertising (0x003f) plen 1 {0x0001} [hci0] 44.052011
> Instance: 2
> @ MGMT Event: Advertising Removed (0x0024) plen 1 {0x0002} [hci0] 44.052029
> Instance: 2
> @ MGMT Event: Command Complete (0x0001) plen 4 {0x0001} [hci0] 44.052041
> Remove Advertising (0x003f) plen 1
> Status: Success (0x00)
> Instance: 2
> > HCI Event: Number of Completed Packets (0x13) plen 5 #323 [hci0] 44.190618
> Num handles: 1
> Handle: 1025
> Count: 1
> > ACL Data RX: Handle 1025 flags 0x02 dlen 11 #324 [hci0] 45.082137
> ATT: Read By Type Request (0x08) len 6
> Handle range: 0x0001-0x0005
> Attribute type: Device Name (0x2a00)
> < ACL Data TX: Handle 1025 flags 0x00 dlen 14 #325 [hci0] 45.084191
> ATT: Read By Type Response (0x09) len 9
> Attribute data length: 8
> Attribute data list: 1 entry
> Handle: 0x0003
> Value: 663930307378
> < ACL Data TX: Handle 1025 flags 0x00 dlen 7 #326 [hci0] 45.086693
> ATT: Read Request (0x0a) len 2
> Handle: 0x003b
> > ACL Data RX: Handle 1025 flags 0x02 dlen 9 #327 [hci0] 45.141328
> ATT: Error Response (0x01) len 4
> Read Request (0x0a)
> Handle: 0x003b
> Error: Insufficient Authentication (0x05)
> > HCI Event: Number of Completed Packets (0x13) plen 5 #328 [hci0] 45.141350
> Num handles: 1
> Handle: 1025
> Count: 2
> < ACL Data TX: Handle 1025 flags 0x00 dlen 6 #329 [hci0] 45.142787
> SMP: Security Request (0x0b) len 1
> Authentication requirement: Bonding, MITM, SC, No Keypresses, CT2 (0x2d)
> > ACL Data RX: Handle 1025 flags 0x02 dlen 11 #330 [hci0] 45.201290
> SMP: Pairing Request (0x01) len 6
> IO capability: KeyboardDisplay (0x04)
> OOB data: Authentication data not present (0x00)
> Authentication requirement: Bonding, MITM, SC, No Keypresses, CT2 (0x2d)
> Max encryption key size: 16
> Initiator key distribution: EncKey IdKey LinkKey (0x0b)
> Responder key distribution: EncKey IdKey LinkKey (0x0b)
> @ MGMT Event: Authentication Failed (0x0011) plen 8 {0x0002} [hci0] 45.201455
> LE Address: 4E:FE:AC:7A:F8:93 (Resolvable)
> Status: Authentication Failed (0x05)
> @ MGMT Event: Authentication Failed (0x0011) plen 8 {0x0001} [hci0] 45.201455
> LE Address: 4E:FE:AC:7A:F8:93 (Resolvable)
> Status: Authentication Failed (0x05)
> < ACL Data TX: Handle 1025 flags 0x00 dlen 6 #331 [hci0] 45.201551
> SMP: Pairing Failed (0x05) len 1
> Reason: Pairing not supported (0x05)
> > HCI Event: Number of Completed Packets (0x13) plen 5 #332 [hci0] 45.261239
> Num handles: 1
> Handle: 1025
> Count: 2
> [pause, then goto 45.082137]
Interresting, I think originally the kernel would disconnect if the
pairing fails but perhaps that is no longer the case so we keep
retrying, will have a look what can be done regarding this.
--
Luiz Augusto von Dentz
next prev parent reply other threads:[~2020-04-29 19:00 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-28 12:54 Characteristic ReadValue / WriteValue never finish Kai Ruhnau
2020-04-29 18:59 ` Luiz Augusto von Dentz [this message]
2020-05-12 15:52 ` Kai Ruhnau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CABBYNZ+7_N27=2_t1ZjVtmTvoqAv_PB67A+Or_hp_XrS4tqnNw@mail.gmail.com' \
--to=luiz.dentz@gmail.com \
--cc=kai.ruhnau@target-sg.com \
--cc=linux-bluetooth@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).