Skip to content

Commit

Permalink
[nrf fromtree] mgmt: mcumgr: transport: bluetooth: add all gatt permi…
Browse files Browse the repository at this point in the history 
…ssion levels

Added new Kconfigs for defining permission level of GATT
characteristics that are part of the Bluetooth SMP service in the
MCUmgr subsys.

Removed the CONFIG_MCUMGR_TRANSPORT_BT_AUTHEN as the new Kconfig
options are mutually exclusive and need to be groupa as the Kconfig
choice option.

Signed-off-by: Kamil Piszczek <[email protected]>
(cherry picked from commit 8c0bc54)
  • Loading branch information
@kapi-no
kapi-no committed Sep 20, 2024
1 parent d8f110f commit 0ea8194
Show file tree
Hide file tree
Showing 5 changed files with 44 additions and 16 deletions.
1 change: 0 additions & 1 deletion samples/subsys/mgmt/mcumgr/smp_svr/overlay-bt.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ CONFIG_BT_CTLR_DATA_LENGTH_MAX=251

# Enable the Bluetooth mcumgr transport (unauthenticated).
CONFIG_MCUMGR_TRANSPORT_BT=y
CONFIG_MCUMGR_TRANSPORT_BT_AUTHEN=n
CONFIG_MCUMGR_TRANSPORT_BT_CONN_PARAM_CONTROL=y

# Enable the Shell mcumgr transport.
Expand Down
3 changes: 2 additions & 1 deletion scripts/utils/migrate_mcumgr_kconfigs.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,8 @@
"MCUMGR_BUF_SIZE" : "MCUMGR_TRANSPORT_NETBUF_SIZE",
"MCUMGR_BUF_USER_DATA_SIZE" : "MCUMGR_TRANSPORT_NETBUF_USER_DATA_SIZE",
"MCUMGR_SMP_BT" : "MCUMGR_TRANSPORT_BT",
"MCUMGR_SMP_BT_AUTHEN" : "MCUMGR_TRANSPORT_BT_AUTHEN",
"MCUMGR_SMP_BT_AUTHEN" : "MCUMGR_TRANSPORT_BT_PERM_RW_AUTHEN",
"MCUMGR_TRANSPORT_BT_AUTHEN" : "MCUMGR_TRANSPORT_BT_PERM_RW_AUTHEN",
"MCUMGR_SMP_BT_CONN_PARAM_CONTROL" : "MCUMGR_TRANSPORT_BT_CONN_PARAM_CONTROL",
"MCUMGR_SMP_BT_CONN_PARAM_CONTROL_MIN_INT" : "MCUMGR_TRANSPORT_BT_CONN_PARAM_CONTROL_MIN_INT",
"MCUMGR_SMP_BT_CONN_PARAM_CONTROL_MAX_INT" : "MCUMGR_TRANSPORT_BT_CONN_PARAM_CONTROL_MAX_INT",
Expand Down
24 changes: 18 additions & 6 deletions subsys/mgmt/mcumgr/transport/Kconfig.bluetooth
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,13 +24,25 @@ config MCUMGR_TRANSPORT_BT_REASSEMBLY
When enabled, the SMP BT transport will buffer and reassemble received
packet fragments before passing it for further processing.

config MCUMGR_TRANSPORT_BT_AUTHEN
bool "Authenticated requirement for Bluetooth mcumgr SMP transport"
depends on BT_SMP
default y
choice MCUMGR_TRANSPORT_BT_PERM
prompt "Permission used for the SMP service"
default MCUMGR_TRANSPORT_BT_PERM_RW_AUTHEN if BT_SMP
default MCUMGR_TRANSPORT_BT_PERM_RW
help
Enables encrypted and authenticated connection requirement to
Bluetooth SMP transport.
Permission settings for GATT characteristics of the SMP service.

config MCUMGR_TRANSPORT_BT_PERM_RW
bool "Read and write allowed"

config MCUMGR_TRANSPORT_BT_PERM_RW_ENCRYPT
bool "Require encryption for access"
depends on BT_SMP

config MCUMGR_TRANSPORT_BT_PERM_RW_AUTHEN
bool "Require encryption and authentication for access"
depends on BT_SMP

endchoice

config MCUMGR_TRANSPORT_BT_CONN_PARAM_CONTROL
bool "Request specific connection parameters for SMP packet exchange"
Expand Down
29 changes: 23 additions & 6 deletions subsys/mgmt/mcumgr/transport/src/smp_bt.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,27 @@ LOG_MODULE_DECLARE(mcumgr_smp, CONFIG_MCUMGR_TRANSPORT_LOG_LEVEL);
CONFIG_BT_PERIPHERAL_PREF_TIMEOUT), \
(NULL))

/* Permission levels for GATT characteristics of the SMP service. */
#ifndef CONFIG_MCUMGR_TRANSPORT_BT_PERM_RW_AUTHEN
#define CONFIG_MCUMGR_TRANSPORT_BT_PERM_RW_AUTHEN 0
#endif
#ifndef CONFIG_MCUMGR_TRANSPORT_BT_PERM_RW_ENCRYPT
#define CONFIG_MCUMGR_TRANSPORT_BT_PERM_RW_ENCRYPT 0
#endif
#ifndef CONFIG_MCUMGR_TRANSPORT_BT_PERM_RW
#define CONFIG_MCUMGR_TRANSPORT_BT_PERM_RW 0
#endif

#define SMP_GATT_PERM ( \
CONFIG_MCUMGR_TRANSPORT_BT_PERM_RW_AUTHEN ? \
(BT_GATT_PERM_READ_AUTHEN | BT_GATT_PERM_WRITE_AUTHEN) : \
CONFIG_MCUMGR_TRANSPORT_BT_PERM_RW_ENCRYPT ? \
(BT_GATT_PERM_READ_ENCRYPT | BT_GATT_PERM_WRITE_ENCRYPT) : \
(BT_GATT_PERM_READ | BT_GATT_PERM_WRITE)) \

#define SMP_GATT_PERM_WRITE_MASK \
(BT_GATT_PERM_WRITE | BT_GATT_PERM_WRITE_ENCRYPT | BT_GATT_PERM_WRITE_AUTHEN)

/* Minimum number of bytes that must be able to be sent with a notification to a target device
* before giving up
*/
Expand Down Expand Up @@ -358,14 +379,10 @@ static void smp_bt_ccc_changed(const struct bt_gatt_attr *attr, uint16_t value)
BT_GATT_CHARACTERISTIC(&smp_bt_chr_uuid.uuid, \
BT_GATT_CHRC_WRITE_WITHOUT_RESP | \
BT_GATT_CHRC_NOTIFY, \
COND_CODE_1(CONFIG_MCUMGR_TRANSPORT_BT_AUTHEN, \
(BT_GATT_PERM_WRITE_AUTHEN), \
(BT_GATT_PERM_WRITE)), \
SMP_GATT_PERM & SMP_GATT_PERM_WRITE_MASK, \
NULL, smp_bt_chr_write, NULL), \
BT_GATT_CCC(smp_bt_ccc_changed, \
COND_CODE_1(CONFIG_MCUMGR_TRANSPORT_BT_AUTHEN, \
(BT_GATT_PERM_READ_AUTHEN | BT_GATT_PERM_WRITE_AUTHEN), \
(BT_GATT_PERM_READ | BT_GATT_PERM_WRITE))),
SMP_GATT_PERM),


#ifdef CONFIG_MCUMGR_TRANSPORT_BT_DYNAMIC_SVC_REGISTRATION
Expand Down
3 changes: 1 addition & 2 deletions tests/subsys/mgmt/mcumgr/all_options/prj.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,9 @@ CONFIG_STREAM_FLASH=y
CONFIG_IMG_MANAGER=y
CONFIG_MCUMGR=y
CONFIG_MCUMGR_TRANSPORT_BT=y
CONFIG_MCUMGR_TRANSPORT_BT_AUTHEN=n
CONFIG_MCUMGR_TRANSPORT_BT_CONN_PARAM_CONTROL=y
CONFIG_MCUMGR_TRANSPORT_BT_REASSEMBLY=y
CONFIG_MCUMGR_TRANSPORT_BT_AUTHEN=y
CONFIG_MCUMGR_TRANSPORT_BT_PERM_RW_AUTHEN=y
CONFIG_MCUMGR_TRANSPORT_DUMMY=y
CONFIG_MCUMGR_TRANSPORT_DUMMY_RX_BUF_SIZE=512
CONFIG_MCUMGR_TRANSPORT_SHELL=y
Expand Down

0 comments on commit 0ea8194

Please sign in to comment.