Hi Jiayang, On Mon, Nov 18, 2024 at 10:23 PM Jiayang Mao <quic_jiaymao@xxxxxxxxxxx> wrote: > > Hi Luiz, > > On 2024/11/18 23:13, Luiz Augusto von Dentz wrote: > > Hi Jiayang, > > > > On Mon, Nov 18, 2024 at 4:49 AM Jiayang Mao <quic_jiaymao@xxxxxxxxxxx> wrote: > >> > >> bt_gatt_client_set_security could fail if the security level is > >> already BT_ATT_SECURITY_MEDIUM. So, get and check the security > >> level before setting it. > > > > Seems a bit strange that this is not handled by the kernel, can you > > elaborate on the conditions to trigger it? > > > > In the kernel, the failure happens when smp_sufficient_security() in > 'net/bluetooth/smp.c' returns true. In some cases, when security level > is already MEDIUM but long term key is not ready, setting security level > will fail. Checking security level before setting it can prevent this > failure. Hmm, is this about encryption change happening before the LTK is distributed? Ive seen that sometimes remote devices also have this problem e.g. GATT read return encryption required error but the link is already encrypted. Btw, I assume the problem is in this following code: https://github.com/torvalds/linux/blob/master/net/bluetooth/l2cap_sock.c#L931 That would fail with 1 because smp_sufficient_security would return true but we assume that to be an error, well it is an error but I guess it should have been -EALREADY that way one does not need to check the error again: diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c index 18e89e764f3b..ada0915c7421 100644 --- a/net/bluetooth/l2cap_sock.c +++ b/net/bluetooth/l2cap_sock.c @@ -919,6 +919,11 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, break; } + if (chan->sec_level == sec.level) { + err = -EALREADY; + break; + } + chan->sec_level = sec.level; if (!chan->conn) Anyway I think it is safer to do that on userspace first so it acts properly with older kernels. > >> Signed-off-by: Jiayang Mao <quic_jiaymao@xxxxxxxxxxx> > >> --- > >> profiles/input/hog.c | 6 ++++-- > >> 1 file changed, 4 insertions(+), 2 deletions(-) > >> > >> diff --git a/profiles/input/hog.c b/profiles/input/hog.c > >> index 017e320f0..011cc0a88 100644 > >> --- a/profiles/input/hog.c > >> +++ b/profiles/input/hog.c > >> @@ -191,8 +191,10 @@ static int hog_accept(struct btd_service *service) > >> return -ECONNREFUSED; > >> > >> client = btd_device_get_gatt_client(device); > >> - if (!bt_gatt_client_set_security(client, > >> - BT_ATT_SECURITY_MEDIUM)) > >> + if (BT_ATT_SECURITY_MEDIUM != > >> + bt_gatt_client_get_security(client) && > >> + !bt_gatt_client_set_security(client, > >> + BT_ATT_SECURITY_MEDIUM)) > >> return -ECONNREFUSED; > > > > > > Definitely not the right way to fix this since there might be other > > places that do attempt to set the security, so Id got with something > > like the following: > > > > diff --git a/src/shared/att.c b/src/shared/att.c > > index 4a406f4b91a4..dabbdb4315eb 100644 > > --- a/src/shared/att.c > > +++ b/src/shared/att.c > > @@ -727,6 +727,9 @@ static bool bt_att_chan_set_security(struct > > bt_att_chan *chan, int level) > > { > > struct bt_security sec; > > > > + if (level == bt_att_chan_get_security(chan)) > > + return true; > > + > > if (chan->type == BT_ATT_LOCAL) { > > chan->sec_level = level; > > return true; > > > >> } > >> > >> -- > >> 2.25.1 > >> > >> > > > > > -- Luiz Augusto von Dentz