Bluetooth: GATT: Add missing LESC_MASK for encrypt check

The LE Secure connection (LESC) mask also require encryption, and some users have been using e.g. BT_GATT_PERM_READ_LESC without BT_GATT_PERM_READ_ENCRYPT, and then the encryption check in bt_gatt_check_perm was never properly applied. Signed-off-by: Emil Gydesen <[email protected]>
zephyrproject-rtos · Feb 19, 2024 · 3e37bc9 · 3e37bc9
1 parent a6e9f12
commit 3e37bc9
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/subsys/bluetooth/host/gatt.c b/subsys/bluetooth/host/gatt.c
@@ -3113,7 +3113,8 @@ uint8_t bt_gatt_check_perm(struct bt_conn *conn, const struct bt_gatt_attr *attr
 	 * the error code “Insufficient Encryption”.
 	 */
 
-	if (mask & (BT_GATT_PERM_ENCRYPT_MASK | BT_GATT_PERM_AUTHEN_MASK)) {
+	if (mask &
+	    (BT_GATT_PERM_ENCRYPT_MASK | BT_GATT_PERM_AUTHEN_MASK | BT_GATT_PERM_LESC_MASK)) {
 #if defined(CONFIG_BT_SMP)
 		if (!conn->encrypt) {
 			if (bt_conn_ltk_present(conn)) {