lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Fri, 13 Nov 2020 14:44:25 -0800
From:   Luiz Augusto von Dentz <luiz.dentz@...il.com>
To:     Marcel Holtmann <marcel@...tmann.org>
Cc:     Abhishek Pandit-Subedi <abhishekpandit@...omium.org>,
        CrosBT Upstreaming <chromeos-bluetooth-upstreaming@...omium.org>,
        linux-bluetooth <linux-bluetooth@...r.kernel.org>,
        Daniel Winkler <danielwinkler@...gle.com>,
        "David S. Miller" <davem@...emloft.net>,
        Johan Hedberg <johan.hedberg@...il.com>,
        "open list:NETWORKING [GENERAL]" <netdev@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Jakub Kicinski <kuba@...nel.org>
Subject: Re: [RESEND PATCH] bluetooth: Set ext scan response only when it exists

Hi Marcel, Abhishek,

On Sun, Sep 13, 2020 at 12:51 AM Marcel Holtmann <marcel@...tmann.org> wrote:
>
> Hi Abhishek,
>
> > Only set extended scan response only when it exists. Otherwise, clear
> > the scan response data.
> >
> > Per the core spec v5.2, Vol 4, Part E, 7.8.55
> >
> > If the advertising set is non-scannable and the Host uses this command
> > other than to discard existing data, the Controller shall return the
> > error code Invalid HCI Command Parameters (0x12).
> >
> > On WCN3991, the controller correctly responds with Invalid Parameters
> > when this is sent.  That error causes __hci_req_hci_power_on to fail
> > with -EINVAL and LE devices can't connect because background scanning
> > isn't configured.
> >
> > Here is an hci trace of where this issue occurs during power on:
> >
> > < HCI Command: LE Set Extended Advertising Parameters (0x08|0x0036) plen 25
> >        Handle: 0x00
> >        Properties: 0x0010
> >          Use legacy advertising PDUs: ADV_NONCONN_IND
> >        Min advertising interval: 181.250 msec (0x0122)
> >        Max advertising interval: 181.250 msec (0x0122)
> >        Channel map: 37, 38, 39 (0x07)
> >        Own address type: Random (0x01)
> >        Peer address type: Public (0x00)
> >        Peer address: 00:00:00:00:00:00 (OUI 00-00-00)
> >        Filter policy: Allow Scan Request from Any, Allow Connect...
> >        TX power: 127 dbm (0x7f)
> >        Primary PHY: LE 1M (0x01)
> >        Secondary max skip: 0x00
> >        Secondary PHY: LE 1M (0x01)
> >        SID: 0x00
> >        Scan request notifications: Disabled (0x00)
> >> HCI Event: Command Complete (0x0e) plen 5
> >      LE Set Extended Advertising Parameters (0x08|0x0036) ncmd 1
> >        Status: Success (0x00)
> >        TX power (selected): 9 dbm (0x09)
> > < HCI Command: LE Set Advertising Set Random Address (0x08|0x0035) plen 7
> >        Advertising handle: 0x00
> >        Advertising random address: 08:FD:55:ED:22:28 (OUI 08-FD-55)
> >> HCI Event: Command Complete (0x0e) plen 4
> >      LE Set Advertising Set Random Address (0x08|0x0035) ncmd
> >        Status: Success (0x00)
> > < HCI Command: LE Set Extended Scan Response Data (0x08|0x0038) plen 35
> >        Handle: 0x00
> >        Operation: Complete scan response data (0x03)
> >        Fragment preference: Minimize fragmentation (0x01)
> >        Data length: 0x0d
> >        Name (short): Chromebook
> >> HCI Event: Command Complete (0x0e) plen 4
> >      LE Set Extended Scan Response Data (0x08|0x0038) ncmd 1
> >        Status: Invalid HCI Command Parameters (0x12)
> >
> > Signed-off-by: Abhishek Pandit-Subedi <abhishekpandit@...omium.org>
> > Reviewed-by: Daniel Winkler <danielwinkler@...gle.com>
> > ---
> >
> > net/bluetooth/hci_request.c | 7 +++++--
> > 1 file changed, 5 insertions(+), 2 deletions(-)
>
> patch has been applied to bluetooth-next tree.

Look like this breaks the mgmt-tester:

Add Ext Advertising - Success (Complete name)        Timed out    2.648 seconds
Add Ext Advertising - Success (Shortened name)       Timed out    1.993 seconds
Add Ext Advertising - Success (Short name)           Timed out    2.004 seconds

These tests expect the Set Extended Scan Response Data to be send but
it is not and then it times out, the problem seems to be that
get_adv_instance_scan_rsp_len does check for things like include
local-name on instances other than 0, also we probably need to include
some logic to check if the instance is really scannable to begin with.

-- 
Luiz Augusto von Dentz

Powered by blists - more mailing lists