Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp4506006ybi; Sat, 6 Jul 2019 06:35:17 -0700 (PDT) X-Google-Smtp-Source: APXvYqyEAxD2Pn/Yu9p4K+tFf2l57FA8pb4NkzernARlAUsnjK6fqnunuHGGS75M3WWlN6yTYGog X-Received: by 2002:a65:458d:: with SMTP id o13mr11016765pgq.34.1562420117330; Sat, 06 Jul 2019 06:35:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1562420117; cv=none; d=google.com; s=arc-20160816; b=vx+339cVbTnzB9o7Mz49ZHxhvkMSoh9XzVCxqzrLcU919bAvd7RlJizFCyBrs+/uzi LE1Rcb79jh1KoYXRmJrm59usl2nCS2otpC3AMYuxyDQKfZBUkssT25HhvelXwDymbLyz qLMiOUt5Ze7CwdIAeNiPnBXJfou3F//kzZ+tLdCdnCybShNvhel85DNF2XWpYgTOQQis 8vkKPuLtdzKKOG7/8bW5ykjEzwSjVPK1Ftq786+vAdd49eE80bxcqVW6aNg9k05Fl0pE tQVDrv7XePIIiqUUl0MSIPfAqvxZGEuxRb4nOLslxm5aF4yuKA6OQaQHLps6vP7ITOfw Qy+Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:references:message-id :content-transfer-encoding:cc:date:in-reply-to:from:subject :mime-version; bh=ZdmKm/WnBh2h8l1UrOVSx/V1hF5fjvSfdplMJ/ercIM=; b=ok1aXi/VBiGCCG0uvMysmN5tSPe/0pR6+DHhcgXNMt+GoV4RUELMlyBEXek70u5XVb rgV8J7IAtKBRgd7j/0EQx5tPTeuXo0XVK4aGvlBUnZxYneVrU/fqh5g4DWY0BksOgGd6 6fh4DIlit2L3FXdi7iV9nslzK7mlKIVHmJmuAu4ZViEu3X+V1oUpaIw7MuhNt2NJSXiv mw/WOpmgdVH90s89qJ9WCaZayIpntYmMrgaHt/NlNp/mK2/zcde9oNVHz2hkBCLC+ViF KpVM4ylGdCBLDI3wZBAzAM88rzbTW/rr0FhoOmW21/luvhhsL8du1gDcapT4nJGwU++J iiFQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x6si11588667pjn.10.2019.07.06.06.35.02; Sat, 06 Jul 2019 06:35:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726207AbfGFNeh (ORCPT + 99 others); Sat, 6 Jul 2019 09:34:37 -0400 Received: from coyote.holtmann.net ([212.227.132.17]:59537 "EHLO mail.holtmann.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726065AbfGFNeh (ORCPT ); Sat, 6 Jul 2019 09:34:37 -0400 Received: from [192.168.0.171] (188.146.228.97.nat.umts.dynamic.t-mobile.pl [188.146.228.97]) by mail.holtmann.org (Postfix) with ESMTPSA id 0CAE4CF12E; Sat, 6 Jul 2019 15:43:06 +0200 (CEST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\)) Subject: Re: [PATCH 1/1] bluetooth: validate BLE connection interval updates From: Marcel Holtmann In-Reply-To: Date: Sat, 6 Jul 2019 15:34:34 +0200 Cc: Johan Hedberg , linux-bluetooth@vger.kernel.org Content-Transfer-Encoding: 7bit Message-Id: <138296C5-49FA-475D-9618-FC8D241B8823@holtmann.org> References: To: csonsino X-Mailer: Apple Mail (2.3445.104.11) Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org Hi Carey, > Problem: The Linux bluetooth stack yields complete control over the BLE > connection interval to the remote device. > > The Linux bluetooth stack provides access to the BLE connection interval > min and max values through /sys/kernel/debug/bluetooth/hci0/ > conn_min_interval and /sys/kernel/debug/bluetooth/hci0/conn_max_interval. > These values are used for initial BLE connections, but the remote device > has the ability to request a connection parameter update. In the event > that the remote side requests to change the connection interval, the Linux > kernel currently only validates that the desired value is within the > acceptable range in the bluetooth specification (6 - 3200, corresponding to > 7.5ms - 4000ms). There is currently no validation that the desired value > requested by the remote device is within the min/max limits specified in > the conn_min_interval/conn_max_interval configurations. This essentially > leads to Linux yielding complete control over the connection interval to > the remote device. > > The proposed patch adds a verification step to the connection parameter > update mechanism, ensuring that the desired value is within the min/max > bounds of the current connection. If the desired value is outside of the > current connection min/max values, then the connection parameter update > request is rejected and the negative response is returned to the remote > device. Recall that the initial connection is established using the local > conn_min_interval/conn_max_interval values, so this allows the Linux > administrator to retain control over the BLE connection interval. > > The one downside that I see is that the current default Linux values for > conn_min_interval and conn_max_interval typically correspond to 30ms and > 50ms respectively. If this change were accepted, then it is feasible that > some devices would no longer be able to negotiate to their desired > connection interval values. This might be remedied by setting the default > Linux conn_min_interval and conn_max_interval values to the widest > supported range (6 - 3200 / 7.5ms - 4000ms). This could lead to the same > behavior as the current implementation, where the remote device could > request to change the connection interval value to any value that is > permitted by the bluetooth specification, and Linux would accept the > desired value. > > Signed-off-by: Carey Sonsino patch has been applied to bluetooth-next tree. Regards Marcel