Skip to content

host/l2cap: send command reject in L2CAP disc req for invalid CID#1001

Merged
KKopyscinski merged 2 commits intoapache:masterfrom
KKopyscinski:l2cap_disconn_inval_cids
Sep 21, 2021
Merged

host/l2cap: send command reject in L2CAP disc req for invalid CID#1001
KKopyscinski merged 2 commits intoapache:masterfrom
KKopyscinski:l2cap_disconn_inval_cids

Conversation

@KKopyscinski
Copy link
Copy Markdown
Contributor

@KKopyscinski KKopyscinski commented Jul 19, 2021

If ble_hs_conn_chan_find_by_scid fails to find channel, it means
that destination CID in L2CAP Disconnection Request is invalid.
Send L2CAP_COMMAND_REJECT_RSP with BLE_L2CAP_SIG_ERR_INVALID_CID
reason.

This is affecting L2CAP/LE/CFC/BV-23-C

rymanluk
rymanluk requested changes Jul 21, 2021
View reviewed changes
Comment thread nimble/host/src/ble_l2cap_sig.c
if (!chan || (le16toh(req->scid) != chan->dcid)) {
os_mbuf_free_chain(txom);
ble_hs_unlock();
ble_l2cap_sig_reject_invalid_cid_tx(conn_handle, hdr->identifier, req->dcid, req->scid);
Copy link
Copy Markdown
Contributor

@rymanluk rymanluk Jul 21, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

actually we are doing here wrong.

as per Bluetooth specification "If the DCID is not recognized by the
receiver of this message, an L2CAP_COMMAND_REJECT_RSP
packet with ‘invalid CID’ result code shall be sent in response. If the
receiver finds a DCID match but the SCID fails to find the same match, the
request should be silently discarded"

That means - if (!chan) { we should send REJECT}
if ((le16toh(req->scid) != chan->dcid)) -> we should silently discard a message

Copy link
Copy Markdown
Contributor Author

@KKopyscinski KKopyscinski Jul 21, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I pushed the change but I checked it out again and turns out that this requires another one PTS issue ticket: TS says that lower tester should send invalid DCID, but PTS sends invalid SCID and valid DCID and expects disconnection. Of course what we got here is OK, it just allowed test to pass when it was wrong (before the push)

@KKopyscinski
host/l2cap: send command reject in L2CAP disc req for invalid CID
bc16aef 
If ble_hs_conn_chan_find_by_scid fails to find channel, it means
that destination CID in L2CAP Disconnection Request is invalid.
Send L2CAP_COMMAND_REJECT_RSP with BLE_L2CAP_SIG_ERR_INVALID_CID
reason.

This is affecting L2CAP/LE/CFC/BV-23-C
@KKopyscinski KKopyscinski force-pushed the l2cap_disconn_inval_cids branch from f5b1628 to bc16aef Compare July 21, 2021 09:58
rymanluk
rymanluk requested changes Jul 22, 2021
View reviewed changes
Copy link
Copy Markdown
Contributor

@rymanluk rymanluk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we have unit test for that?

rymanluk
rymanluk approved these changes Jul 23, 2021
View reviewed changes
Copy link
Copy Markdown
Contributor

@rymanluk rymanluk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good to me. Having unit test for that would also be good.

@KKopyscinski
Copy link
Copy Markdown
Contributor Author

KKopyscinski commented Aug 2, 2021

Added requested unit test

@KKopyscinski KKopyscinski merged commit e0b15da into apache:master Sep 21, 2021
@KKopyscinski KKopyscinski deleted the l2cap_disconn_inval_cids branch February 13, 2024 07:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rymanluk rymanluk rymanluk approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@KKopyscinski @rymanluk