Hi Ravi, On Thu, Jun 29, 2017 at 3:28 PM, Ravi Minnikanti <ravi.minnikanti@xxxxxxxxx> wrote: > Hello, > > I have a GATT service implemented with "encrypt-write" characteristic flags > on a dual-mode chipset. It works well over a LE connection with AES-CCM > encryption. > But, my GATT characteristics are accessible over BR/EDR connection which > uses a Link key encryption. It shouldn't make any difference in terms of security, or you are really referring to 'secure-write' that is the one that would require the so called LE secure connections. > Can someone please help me to know, Is there any way I can make my GATT only > accessible over a LE connection ? Im not sure having the GATT database behaving differently for the bearers is a good idea, to start with this makes things like cross pairing not very reliable since depending on what bearer the connection comes in we would have to emit service changed cleaning or restoring the range, those ranges may have CCC subscriptions which afaik are not bearer specific. Perhaps a better idea would be to disable GATT over BR/EDR? For that we could arrange a config option. > I understand that this cannot be done from bluez and should be done at > kernel. > > Thanks, > > Ravi > > -- > To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" > in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- Luiz Augusto von Dentz -- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
