From 5b232bf1d754dc6d04b23c09da8fffcbf76708d5 Mon Sep 17 00:00:00 2001 From: Szymon Janc Date: Tue, 15 Oct 2024 10:54:15 +0200 Subject: [PATCH] Bluetooth: GATT: Allow to tune writable device appearance permissions This allows to select if device appearance requires encryption or authentication or none. This makes it similar to what is implemented for device name characteristic. Signed-off-by: Szymon Janc --- subsys/bluetooth/host/Kconfig | 4 ---- subsys/bluetooth/host/Kconfig.gatt | 28 ++++++++++++++++++++++++++++ subsys/bluetooth/host/gatt.c | 8 +++++++- 3 files changed, 35 insertions(+), 5 deletions(-) diff --git a/subsys/bluetooth/host/Kconfig b/subsys/bluetooth/host/Kconfig index 3124b35b3df..7f39fa5d9bb 100644 --- a/subsys/bluetooth/host/Kconfig +++ b/subsys/bluetooth/host/Kconfig @@ -871,10 +871,6 @@ config BT_DEVICE_APPEARANCE_DYNAMIC Enables use of bt_set_appearance. If CONFIG_BT_SETTINGS is set, the appearance is persistently stored. -config BT_DEVICE_APPEARANCE_GATT_WRITABLE - bool "Allow authenticated peers to set GAP Appearance" - depends on BT_DEVICE_APPEARANCE_DYNAMIC - config BT_DEVICE_APPEARANCE int "Bluetooth device appearance" range 0 $(UINT16_MAX) diff --git a/subsys/bluetooth/host/Kconfig.gatt b/subsys/bluetooth/host/Kconfig.gatt index 56a3f95b5ed..c9c9247dc91 100644 --- a/subsys/bluetooth/host/Kconfig.gatt +++ b/subsys/bluetooth/host/Kconfig.gatt @@ -287,6 +287,34 @@ config DEVICE_NAME_GATT_WRITABLE_AUTHEN endchoice #BT_DEVICE_NAME_GATT_WRITABLE_SECURITY endif #BT_DEVICE_NAME_GATT_WRITABLE +config BT_DEVICE_APPEARANCE_GATT_WRITABLE + bool "Allow to write GAP Appearance by remote GATT clients" + depends on BT_DEVICE_APPEARANCE_DYNAMIC + default y + help + Enabling this option allows remote GATT clients to write to device + appearance GAP characteristic. + +if BT_DEVICE_APPEARANCE_GATT_WRITABLE +choice BT_DEVICE_APPEARANCE_GATT_WRITABLE + prompt "Security requirements" + default DEVICE_APPEARANCE_GATT_WRITABLE_AUTHEN + help + Select security requirementsf for writing device name by remote GATT + clients. + +config BT_DEVICE_APPEARANCE_GATT_WRITABLE_NONE + bool "No requirements" + +config BT_DEVICE_APPEARANCE_GATT_WRITABLE_ENCRYPT + bool "Encryption required" + +config DEVICE_APPEARANCE_GATT_WRITABLE_AUTHEN + bool "Encryption and authentication required" + +endchoice #BT_DEVICE_APPEARANCE_GATT_WRITABLE +endif #BT_DEVICE_APPEARANCE_GATT_WRITABLE + config BT_GATT_AUTHORIZATION_CUSTOM bool "Custom authorization of GATT operations" help diff --git a/subsys/bluetooth/host/gatt.c b/subsys/bluetooth/host/gatt.c index 29d01300bec..023216073e0 100644 --- a/subsys/bluetooth/host/gatt.c +++ b/subsys/bluetooth/host/gatt.c @@ -174,9 +174,15 @@ static ssize_t write_appearance(struct bt_conn *conn, const struct bt_gatt_attr } #endif /* CONFIG_BT_DEVICE_APPEARANCE_GATT_WRITABLE */ -#if CONFIG_BT_DEVICE_APPEARANCE_GATT_WRITABLE +#if defined(CONFIG_BT_DEVICE_APPEARANCE_GATT_WRITABLE) #define GAP_APPEARANCE_PROPS (BT_GATT_CHRC_READ | BT_GATT_CHRC_WRITE) +#if defined(CONFIG_DEVICE_APPEARANCE_GATT_WRITABLE_AUTHEN) #define GAP_APPEARANCE_PERMS (BT_GATT_PERM_READ | BT_GATT_PERM_WRITE_AUTHEN) +#elif defined(CONFIG_BT_DEVICE_APPEARANCE_GATT_WRITABLE_ENCRYPT) + #define GAP_APPEARANCE_PERMS (BT_GATT_PERM_READ | BT_GATT_PERM_WRITE_ENCRYPT) +#else + #define GAP_APPEARANCE_PERMS (BT_GATT_PERM_READ | BT_GATT_PERM_WRITE) +#endif #define GAP_APPEARANCE_WRITE_HANDLER write_appearance #else #define GAP_APPEARANCE_PROPS BT_GATT_CHRC_READ