| Message ID | 20250326193133.2718934-4-luiz.dentz@gmail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | ac1f8dd88a46da193b9226724a3ac60a0876598a |
| Headers | show |
| Series | [BlueZ,v2,1/5] device: Attempt to elevate security on Pair while connected | expand |
| Context | Check | Description |
|---|---|---|
| tedd_an/pre-ci_am | success | Success |
diff --git a/src/shared/att.c b/src/shared/att.c index dabbdb4315eb..8657cb6423fb 100644 --- a/src/shared/att.c +++ b/src/shared/att.c @@ -727,7 +727,11 @@ static bool bt_att_chan_set_security(struct bt_att_chan *chan, int level) { struct bt_security sec; - if (level == bt_att_chan_get_security(chan)) + /* Check if security level has already been set, if the security level + * is higher it shall satisfy the request since we never want to + * downgrade security. + */ + if (level <= bt_att_chan_get_security(chan)) return true; if (chan->type == BT_ATT_LOCAL) {
From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> Requesting a lower security level than existing one shall result in no operation since higher security satisfy a lower one and it is never a good practice to allow downgrading security to begin with. --- src/shared/att.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)