From: Luiz Augusto von Dentz <luiz.von.dentz@xxxxxxxxx>
Requesting a lower security level than existing one shall result in no
operation since higher security satisfy a lower one and it is never a
good practice to allow downgrading security to begin with.
---
src/shared/att.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/shared/att.c b/src/shared/att.c
index dabbdb4315eb..8657cb6423fb 100644
--- a/src/shared/att.c
+++ b/src/shared/att.c
@@ -727,7 +727,11 @@ static bool bt_att_chan_set_security(struct bt_att_chan *chan, int level)
{
struct bt_security sec;
- if (level == bt_att_chan_get_security(chan))
+ /* Check if security level has already been set, if the security level
+ * is higher it shall satisfy the request since we never want to
+ * downgrade security.
+ */
+ if (level <= bt_att_chan_get_security(chan))
return true;
if (chan->type == BT_ATT_LOCAL) {
--
2.48.1
