* [PATCH 1/4] android/gatt: Change check permissions order
@ 2014-06-12 9:08 Marcin Kraglak
2014-06-12 9:08 ` [PATCH 2/4] android/gatt: Fix incorrect entry check Marcin Kraglak
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Marcin Kraglak @ 2014-06-12 9:08 UTC (permalink / raw)
To: linux-bluetooth
Firstly we should check if characteristic needs MITM permissions,
and next check for ENCRYPTION permissions. Now remote device can
increase security to MITM immediatelly (i.e. from sec LOW to HIGH).
---
android/gatt.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/android/gatt.c b/android/gatt.c
index 558b203..cfcfd9b 100644
--- a/android/gatt.c
+++ b/android/gatt.c
@@ -4063,14 +4063,14 @@ static uint8_t check_device_permissions(struct gatt_device *device,
if (!(permissions & GATT_PERM_READ))
return ATT_ECODE_READ_NOT_PERM;
- if ((permissions & GATT_PERM_READ_ENCRYPTED) &&
- sec_level < BT_SECURITY_MEDIUM)
- return ATT_ECODE_INSUFF_ENC;
-
if ((permissions & GATT_PERM_READ_MITM) &&
sec_level < BT_SECURITY_HIGH)
return ATT_ECODE_AUTHENTICATION;
+ if ((permissions & GATT_PERM_READ_ENCRYPTED) &&
+ sec_level < BT_SECURITY_MEDIUM)
+ return ATT_ECODE_INSUFF_ENC;
+
if (permissions & GATT_PERM_READ_AUTHORIZATION)
return ATT_ECODE_AUTHORIZATION;
break;
@@ -4081,14 +4081,14 @@ static uint8_t check_device_permissions(struct gatt_device *device,
if (!(permissions & GATT_PERM_WRITE))
return ATT_ECODE_WRITE_NOT_PERM;
- if ((permissions & GATT_PERM_WRITE_ENCRYPTED) &&
- sec_level < BT_SECURITY_MEDIUM)
- return ATT_ECODE_INSUFF_ENC;
-
if ((permissions & GATT_PERM_WRITE_MITM) &&
sec_level < BT_SECURITY_HIGH)
return ATT_ECODE_AUTHENTICATION;
+ if ((permissions & GATT_PERM_WRITE_ENCRYPTED) &&
+ sec_level < BT_SECURITY_MEDIUM)
+ return ATT_ECODE_INSUFF_ENC;
+
if (permissions & GATT_PERM_WRITE_AUTHORIZATION)
return ATT_ECODE_AUTHORIZATION;
break;
--
1.9.3
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 2/4] android/gatt: Fix incorrect entry check
2014-06-12 9:08 [PATCH 1/4] android/gatt: Change check permissions order Marcin Kraglak
@ 2014-06-12 9:08 ` Marcin Kraglak
2014-06-12 9:08 ` [PATCH 3/4] android/gatt: Set state of pending responses Marcin Kraglak
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Marcin Kraglak @ 2014-06-12 9:08 UTC (permalink / raw)
To: linux-bluetooth
---
android/gatt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/android/gatt.c b/android/gatt.c
index cfcfd9b..7ae0f55 100644
--- a/android/gatt.c
+++ b/android/gatt.c
@@ -4131,7 +4131,7 @@ static void fill_gatt_response_by_handle(uint16_t handle, uint16_t offset,
entry = queue_find(dev->pending_requests, match_dev_request_by_handle,
UINT_TO_PTR(handle));
- if (entry) {
+ if (!entry) {
DBG("No pending response found! Bogus android response?");
return;
}
--
1.9.3
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 3/4] android/gatt: Set state of pending responses
2014-06-12 9:08 [PATCH 1/4] android/gatt: Change check permissions order Marcin Kraglak
2014-06-12 9:08 ` [PATCH 2/4] android/gatt: Fix incorrect entry check Marcin Kraglak
@ 2014-06-12 9:08 ` Marcin Kraglak
2014-06-12 9:08 ` [PATCH 4/4] android/pts: Update GAP pts test results Marcin Kraglak
2014-06-12 11:39 ` [PATCH 1/4] android/gatt: Change check permissions order Szymon Janc
3 siblings, 0 replies; 5+ messages in thread
From: Marcin Kraglak @ 2014-06-12 9:08 UTC (permalink / raw)
To: linux-bluetooth
Set state to PENDING before read. If state was not set to PENDING,
response was sent immediatelly even if there was no response from upper
layer.
---
android/gatt.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/android/gatt.c b/android/gatt.c
index 7ae0f55..4c2488f 100644
--- a/android/gatt.c
+++ b/android/gatt.c
@@ -4167,6 +4167,8 @@ static void read_requested_attributes(void *data, void *user_data)
if (error)
goto done;
+ resp_data->state = REQUEST_PENDING;
+
if (!gatt_db_read(gatt_db, resp_data->handle,
resp_data->offset,
process_data->opcode,
--
1.9.3
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 4/4] android/pts: Update GAP pts test results
2014-06-12 9:08 [PATCH 1/4] android/gatt: Change check permissions order Marcin Kraglak
2014-06-12 9:08 ` [PATCH 2/4] android/gatt: Fix incorrect entry check Marcin Kraglak
2014-06-12 9:08 ` [PATCH 3/4] android/gatt: Set state of pending responses Marcin Kraglak
@ 2014-06-12 9:08 ` Marcin Kraglak
2014-06-12 11:39 ` [PATCH 1/4] android/gatt: Change check permissions order Szymon Janc
3 siblings, 0 replies; 5+ messages in thread
From: Marcin Kraglak @ 2014-06-12 9:08 UTC (permalink / raw)
To: linux-bluetooth
For these tests kernel version is defined as 3.17.
---
android/pts-gap.txt | 83 +++++++++++++++++++++++++++++++++++++++++++++++------
1 file changed, 75 insertions(+), 8 deletions(-)
diff --git a/android/pts-gap.txt b/android/pts-gap.txt
index 2b335a1..cd70326 100644
--- a/android/pts-gap.txt
+++ b/android/pts-gap.txt
@@ -3,6 +3,7 @@ PTS test results for GAP
PTS version: 5.1
Tested: 28-May-2014
Android version: 4.4.2
+Kernel version: 3.17
Results:
PASS test passed
@@ -159,20 +160,86 @@ TC_BOND_BON_BV_04_C PASS haltest: gattc_register_client
gattc connect <client_id> <address>
bluetooth remove_bond <address>
gattc connect <client_id> <address>
-TC_SEC_AUT_BV_11_C INC Link security level elevation - not implemented
-TC_SEC_AUT_BV_12_C INC Link security level elevation - not implemented
-TC_SEC_AUT_BV_13_C INC Link security level elevation - not implemented
-TC_SEC_AUT_BV_14_C INC Link security level elevation - not implemented
+TC_SEC_AUT_BV_11_C PASS haltest:gattc register_client
+ gatts register_server
+ gatts add_service 2 <uuid> 3
+ gatts add_characteristic 2 1b <uuid> 10 68
+ gatts start_service 2 1b 1
+ gattc listen
+ PTS asks for handle with Insufficient auth
+ bluetooth ssp_reply <addr> <passkey>
+ gatts send_response
+TC_SEC_AUT_BV_12_C PASS haltest: gatts register_server
+ gatts add_service 2 <uuid> 3
+ gatts add_characteristic 2 <service_handle>
+ <uuid> 10 68
+ gatts start_service 2 <service_handle> 1
+ gatts connect <server_if> <addr>
+ PTS asks for handle with Insufficient auth
+ bluetooth ssp_reply <addr> <passkey>
+ gatts send_response
+TC_SEC_AUT_BV_13_C PASS haltest: gatts register_server
+ gatts add_service 2 <uuid> 3
+ gatts add_characteristic 2 <service_handle>
+ <uuid> 10 68
+ gatts start_service 2 <service_handle> 1
+ gatts connect <server_if> <addr>
+ PTS asks for handle with Insufficient auth
+ bluetooth ssp_reply <addr> <passkey>
+ gatts send_response
+TC_SEC_AUT_BV_14_C PASS haltest:gattc register_client
+ gatts register_server
+ gatts add_service 2 <uuid> 3
+ gatts add_characteristic 2 1b <uuid> 10 68
+ gatts start_service 2 1b 1
+ gattc listen
+ PTS asks for handle with Insufficient auth
+ bluetooth ssp_reply <addr> <passkey>
+ gatts send_response
TC_SEC_AUT_BV_15_C N/A
-TC_SEC_AUT_BV_16_C INC Link security level elevation - not implemented
+TC_SEC_AUT_BV_16_C PASS haltest: gatts register_server
+ gatts add_service 2 <uuid> 3
+ gatts add_characteristic 2 <service_handle>
+ <uuid> 10 34
+ gatts start_service 2 <service_handle> 1
+ gatts connect <server_if> <addr>
+ gatts disconnect <server_if> <addr>
+ gatts connect <server_if> <addr>
+ PTS asks for handle with Insufficient encrypt
+ bluetooth ssp_reply <addr> <passkey>
+ gatts send_response
TC_SEC_AUT_BV_17_C PASS
-TC_SEC_AUT_BV_18_C INC Link security level elevation - not implemented
+TC_SEC_AUT_BV_18_C PASS haltest: gattc register_client
+ gattc listen
+ gattc search_service
+ gattc get_characteristic
+ gattc read_characteristic
+ bluetooth create_bond
+ gattc read_characteristic
TC_SEC_AUT_BV_19_C PASS
TC_SEC_AUT_BV_20_C INC Link security level elevation - not implemented
TC_SEC_AUT_BV_21_C INC Link security level elevation - not implemented
TC_SEC_AUT_BV_22_C INC Link security level elevation - not implemented
-TC_SEC_AUT_BV_23_C INC Link security level elevation - not implemented
-TC_SEC_AUT_BV_24_C INC Link security level elevation - not implemented
+TC_SEC_AUT_BV_23_C PASS haltest: gatts register_server
+ gatts add_service 2 <uuid> 3
+ gatts add_characteristic 2 <service_handle>
+ <uuid> 10 34
+ gatts start_service 2 <service_handle> 1
+ gattc register_client
+ gattc listen
+ bluetooth ssp_reply
+ gatts send_response
+TC_SEC_AUT_BV_24_C PASS haltest: gatts register_server
+ gatts add_service 2 <uuid> 3
+ gatts add_characteristic 2 <service_handle>
+ <uuid> 10 34
+ gatts start_service 2 <service_handle> 1
+ gatts connect <PTS addr>
+ bluetooth ssp_reply
+ gatts disconnect
+ gatts connect
+ PTS asks for handle with insufficient encryption
+ gatts send_response
TC_SEC_CSIGN_BV_01_C PASS haltest:
gattc connect
bluetooth create_bond
--
1.9.3
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH 1/4] android/gatt: Change check permissions order
2014-06-12 9:08 [PATCH 1/4] android/gatt: Change check permissions order Marcin Kraglak
` (2 preceding siblings ...)
2014-06-12 9:08 ` [PATCH 4/4] android/pts: Update GAP pts test results Marcin Kraglak
@ 2014-06-12 11:39 ` Szymon Janc
3 siblings, 0 replies; 5+ messages in thread
From: Szymon Janc @ 2014-06-12 11:39 UTC (permalink / raw)
To: Marcin Kraglak; +Cc: linux-bluetooth
Hi Marcin,
On Thursday 12 of June 2014 11:08:23 Marcin Kraglak wrote:
> Firstly we should check if characteristic needs MITM permissions,
> and next check for ENCRYPTION permissions. Now remote device can
> increase security to MITM immediatelly (i.e. from sec LOW to HIGH).
> ---
> android/gatt.c | 16 ++++++++--------
> 1 file changed, 8 insertions(+), 8 deletions(-)
>
> diff --git a/android/gatt.c b/android/gatt.c
> index 558b203..cfcfd9b 100644
> --- a/android/gatt.c
> +++ b/android/gatt.c
> @@ -4063,14 +4063,14 @@ static uint8_t check_device_permissions(struct gatt_device *device,
> if (!(permissions & GATT_PERM_READ))
> return ATT_ECODE_READ_NOT_PERM;
>
> - if ((permissions & GATT_PERM_READ_ENCRYPTED) &&
> - sec_level < BT_SECURITY_MEDIUM)
> - return ATT_ECODE_INSUFF_ENC;
> -
> if ((permissions & GATT_PERM_READ_MITM) &&
> sec_level < BT_SECURITY_HIGH)
> return ATT_ECODE_AUTHENTICATION;
>
> + if ((permissions & GATT_PERM_READ_ENCRYPTED) &&
> + sec_level < BT_SECURITY_MEDIUM)
> + return ATT_ECODE_INSUFF_ENC;
> +
> if (permissions & GATT_PERM_READ_AUTHORIZATION)
> return ATT_ECODE_AUTHORIZATION;
> break;
> @@ -4081,14 +4081,14 @@ static uint8_t check_device_permissions(struct gatt_device *device,
> if (!(permissions & GATT_PERM_WRITE))
> return ATT_ECODE_WRITE_NOT_PERM;
>
> - if ((permissions & GATT_PERM_WRITE_ENCRYPTED) &&
> - sec_level < BT_SECURITY_MEDIUM)
> - return ATT_ECODE_INSUFF_ENC;
> -
> if ((permissions & GATT_PERM_WRITE_MITM) &&
> sec_level < BT_SECURITY_HIGH)
> return ATT_ECODE_AUTHENTICATION;
>
> + if ((permissions & GATT_PERM_WRITE_ENCRYPTED) &&
> + sec_level < BT_SECURITY_MEDIUM)
> + return ATT_ECODE_INSUFF_ENC;
> +
> if (permissions & GATT_PERM_WRITE_AUTHORIZATION)
> return ATT_ECODE_AUTHORIZATION;
> break;
>
All patches applied. Thanks.
--
Best regards,
Szymon Janc
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2014-06-12 11:39 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-06-12 9:08 [PATCH 1/4] android/gatt: Change check permissions order Marcin Kraglak
2014-06-12 9:08 ` [PATCH 2/4] android/gatt: Fix incorrect entry check Marcin Kraglak
2014-06-12 9:08 ` [PATCH 3/4] android/gatt: Set state of pending responses Marcin Kraglak
2014-06-12 9:08 ` [PATCH 4/4] android/pts: Update GAP pts test results Marcin Kraglak
2014-06-12 11:39 ` [PATCH 1/4] android/gatt: Change check permissions order Szymon Janc
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.