doing bluetooth low energy on linux
play

Doing Bluetooth Low Energy on Linux Szymon Janc - PowerPoint PPT Presentation

Nov 17, 2022 •522 likes •800 views

Doing Bluetooth Low Energy on Linux Szymon Janc szymon.janc@codecoup.pl OpenIoT Summit Europe, Berlin, 2016 Agenda Introduction Bluetooth Low Energy technology recap Linux Bluetooth stack architecture Linux kernel

  1. Doing Bluetooth Low Energy on Linux Szymon Janc szymon.janc@codecoup.pl OpenIoT Summit Europe, Berlin, 2016

  2. Agenda ● Introduction ● Bluetooth Low Energy technology recap ● Linux Bluetooth stack architecture ○ Linux kernel ○ BlueZ 5 ● GAP (Scanning, Advertising, Pairing etc) ● GATT ● LE CoC and 6LoWPAN ● Custom solutions ● Tips ● Future work

  3. About me ● Embedded software engineer ● Works with embedded Linux and Android platforms since 2007 ● Focused on Local Connectivity (Bluetooth, NFC) ● Open Source contributor (BlueZ, Linux, Zephyr) ● In 2015 co-founded Codecoup ○ support in Bluetooth, Linux, Android, Open Source, embedded systems ○ Internet of Things projects ○ www.codecoup.pl

  4. Bluetooth Low Energy ● Introduced with Bluetooth 4.0 (2010) ● Short range wireless technology (10-100 meters) ● Operates at 2.4 GHz (IMS band) ● Designed for low power usage ● Profiles (applications) use GATT ● Further improvements in 4.1 and 4.2 specifications ○ Improved security (LE Secure Connections) ○ Connection Oriented Channels

  5. Linux Bluetooth Low Energy features ● Core Specification 4.2 ● Generic Access Profile (GAP) ○ central, peripheral, observer, broadcaster ○ privacy ● Security Manager ○ Legacy Pairing, Secure Connections, Cross-transport pairing ● Generic Attribute Profile (GATT) ● L2CAP Connection Oriented Channels ● 6LoWPAN ● HID over GATT (HoG) ● Multiple adapters support ● Others

  6. Linux Bluetooth LE Stack Architecture

  7. Linux Bluetooth LE Stack Architecture (kernel) ● Split between Linux kernel and userspace ● Kernel: ○ GAP ○ L2CAP ○ Security Manager ○ Hardware drivers ○ Provides socket based interfaces to user space ■ For data (L2CAP, HCI) ■ For control (MGMT, HCI) ○ https://git.kernel.org/cgit/linux/kernel/git/bluetooth/bluetooth-next.git/

  8. Linux Bluetooth LE Stack Architecture (user space) ● bluetoothd ○ Central daemon ○ D-Bus interfaces for UI and other subsystems ○ Reduces exposure to low level details ○ Handle persistent storage ○ Extendible with plugins (neard, legacy GATT plugins) ● Tools ○ bluetoothctl - command line agent ○ btmon - HCI tracer ○ Set of command line tools useful for testing, development and tracing

  9. Bluetooth Management interface ● Available since Linux 3.4 ● Replaces raw HCI sockets ● Allow userspace to control kernel operations ● Provides mostly Generic Access Profile functionality (adapter settings, discovery, pairing etc) ● Required by BlueZ 5 ● Specification available at doc/mgmt-api.txt in bluez.git ● http://www.bluez.org/the-management-interface/ ● btmgmt tool for command line

  10. BlueZ D-Bus API overview ● Use standard D-Bus ObjectManager and Properties interface ● Adapters and remote devices represented as objects ○ /org/bluez/hci0 ○ /org/bluez/hci0/dev_00_11_22_33_44_55 ● With versioned interfaces ○ org.bluez.Adapter1, org.bluez.Device1 etc ○ org.bluez.GattService1, org.bluez.GattCharacteristic1 etc ● Manager and Agent style interfaces for external components ○ org.bluez.AgentManager1, org.bluez.Agent1 ● As of BlueZ 5.42 GATT D-Bus interfaces are declared stable

  11. Basic operations (GAP) ● Adapter settings ● Device discovery ● Connection management ● Pairing ● org.bluez.Adapter1 - adapter control ● org.bluez.Device1 - device control ● org.bluez.Agent1 - UI pairing agent

  12. Scanning - devices discovery ● org.bluez.Adapter1 interface ● StartDiscovery() and StopDiscovery() methods control discovery sessions ● SetDiscoveryFilter(dict filter) for discovery session tuning ○ UUID based filtering ○ RSSI or Pathloss threshold ○ Transport (type of scan) ○ Multiple clients filters are internally merged ● Objects with org.bluez.Device1 interface represent remote devices ● While devices are being discovered new objects are created (or updated)

  13. Advertising ● Allows external applications to register Advertising Data ● Support for multiple advertising instances ● org.bluez.LEAdvertisement1 ○ Implemented by external application ○ Properties define advertising type and what to include ○ AD is constructed by stack (required data types are always included) ● org.bluez.LEAdvertisingManager1 on /org/bluez/hciX ○ RegisterAdvertisement() ○ UnregisterAdvertisement() ● Currently no support for configuring Scan Responses ● doc/advertising-api.txt

  14. Pairing ● bluetoothd relies on agents for user interaction ○ User can be a human where agent is UI ○ But it can also be any policy implementation ● org.bluez.AgentManager1 ○ RegisterAgent(object agent, string capability) - registers an agent handler with specified local capability ○ RequestDefaultAgent(object agent) - sets registered agent as default ● org.bluez.Agent1 ○ Implemented by application ○ Called by bluetoothd when user input is needed eg. to enter or confirm passkey ● Each application can register own agent ● Default agent used for incoming requests ● or for outgoing requests if application has no agent registered

  15. GATT ● Internal plugins (and their APIs) are deprecated ● Replaces profile specific APIs ● Stable since 5.42 ● Local and remote services share same D-Bus API ○ org.bluez.GattService1 ○ org.bluez.GattCharacteristic1 ○ org.bluez.GattDescriptor1 ● Remote hierarchy under device path ○ /org/bluez/hci0/dev_AA/serviceXX/charYYYY/descriptorZZZZ ● org.bluez.Device1.ServicesResolved=true indicates discovery has completed

  16. GATT (II) ● Register local profiles and services -> /com/example | - org.freedesktop.DBus.ObjectManager ○ org.bluez.GattManager1 | -> /com/example/service0 ■ RegisterApplication() | | - org.freedesktop.DBus.Properties ■ UnRegisterApplication() | | - org.bluez.GattService1 | | ● Local profile | -> /com/example/service0/char0 ○ org.bluez.GattProfile1 | | - org.freedesktop.DBus.Properties | | - org.bluez.GattCharacteristic1 ○ Bluetoothd will add matched devices to | | auto-connect list | -> /com/example/service0/char1 | | - org.freedesktop.DBus.Properties ● Local service | | - org.bluez.GattCharacteristic1 | | ○ Represented as objects hierarchy | -> /com/example/service0/char1/desc0 ■ Service is root node | - org.freedesktop.DBus.Properties | - org.bluez.GattDescriptor1 ■ Characteristic is child of service | ■ Descriptor is child of characteristic -> /com/example/service1 | - org.freedesktop.DBus.Properties ○ grouped under Object Manager | - org.bluez.GattService1 ○ Objects should not be removed | -> /com/example/service1/char0 - org.freedesktop.DBus.Properties - org.bluez.GattCharacteristic1

  17. HID over GATT (host) ● Supported by bluetoothd internally - ‘hog’ plugin ● Only host support ● ‘Claims’ HID service so it won’t be visible on D-Bus ● Requires uhid support in kernel ● “Just works” experience ○ Pair mouse/keyboard ○ Service is probed and connected ○ Input device is created ○ Device is added to whitelist for reconnection [15674.721290] input: BluetoothMouse3600 as /devices/virtual/misc/uhid/0005:045E:0916.0002/input/input18 [15674.721494] hid-generic 0005:045E:0916.0002: input,hidraw0: BLUETOOTH HID v1.00 Mouse [BluetoothMouse3600] on 5C:E0:C5:34:AE:1C

  18. Privacy ● Allows to use Resolvable Private Address (RPA) instead of Identity (public) address ● Address appears random for non-bonded devices ● Bonded devices can resolve RPA ● Prevents tracking ● Linux supports both local privacy and remote privacy ○ When device is paired its Identity Resolving Key (IRK) is stored and used for resolving RPAs ○ Providing IRK for local adapter allows kernel to generate and use RPAs ○ RPA is time rotated ● Bluetoothd handles remote device IRK storage and loading ○ After pairing Address property on org.bluez.Device1 is updated with resolved identity address ● No support for local privacy in bluetoothd yet ○ bluetoothd will create local random IRK (per adapter) and load it to kernel ○ Patch is available on linux-bluetooth mailing list

  19. LE Connection Oriented Channels ● Available since kernel 3.14 ● Easy to use, just like any L2CAP socket ● Set address type to LE and provide PSM number ○ Unfortunately obtaining address type from D-Bus is not possible struct sockaddr_l2 addr; sk = socket(PF_BLUETOOTH, type, BTPROTO_L2CAP); /* Bind to local address */ addr.l2_family = AF_BLUETOOTH; addr.l2_bdaddr = LOCAL_ADDR; addr.l2_bdaddr_type = BDADDR_LE_PUBLIC; bind(sk, (struct sockaddr *) &addr, sizeof(addr)); /* Connect to remote */ addr.l2_bdaddr = REMOTE_ADDR; addr.l2_psm = 0x80; connect(sk, (struct sockaddr *) &addr, sizeof(addr))

  20. 6LoWPAN over BT LE ● Available since kernel 3.16 ● No stable interface yet, need to use debugfs ● But simple to use ○ modprobe bluetooth_6lowpan ○ echo “1” > /sys/kernel/debug/bluetooth/6lowpan_enable ○ echo "connect 00:1B:DC:E0:36:BD 1" > /sys/kernel/debug/bluetooth/6lowpan_control ○ bt0 interface is created ○ ping6 -I bt0 fe80::21b:dcff:fee0:36bd

Recommend

Bluetooth on modern Linux Szymon Janc szymon.janc@codecoup.pl Embedded Linux Conference, San

Bluetooth on modern Linux Szymon Janc szymon.janc@codecoup.pl Embedded Linux Conference, San

Bluetooth on modern Linux Szymon Janc szymon.janc@codecoup.pl Embedded Linux Conference, San Diego, 2016 Agenda Introduction Bluetooth technology recap Linux Bluetooth stack architecture Linux kernel BlueZ 5

743 views • 28 slides
Using Bluetooth Low Energy for Location What is BLE? Bluetooth Low Energy Originally designed by

Using Bluetooth Low Energy for Location What is BLE? Bluetooth Low Energy Originally designed by

Using Bluetooth Low Energy for Location What is BLE? Bluetooth Low Energy Originally designed by Nokia as Wibree (2001) Bluetooth Smart Why has BLE been so Successful? Rapid adoption by vendors Apple Samsung Simple design Cheap in

422 views • 20 slides
Bluetooth Team 1 What is Bluetooth? Origins Ericsson, 1994 Harald Bluetooth

Bluetooth Team 1 What is Bluetooth? Origins Ericsson, 1994 Harald Bluetooth

Bluetooth Team 1 What is Bluetooth? Origins Ericsson, 1994 Harald Bluetooth Today Bluetooth Special Interests Group Compatible with a multitude of devices Widespread IEEE Standard Secure

230 views • 7 slides
BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy Jianliang Wu 1 , Yuhong Nan

BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy Jianliang Wu 1 , Yuhong Nan

BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy Jianliang Wu 1 , Yuhong Nan 1 , Vireshwar Kumar 1 , Dave (Jing) Tian 1 , Antonio Bianchi 1 , Mathias Payer 2 , Dongyan Xu 1 1 Purdue University 2 EPFL Motivation Bluetooth

626 views • 18 slides
Bluetooth: With Low Energy Comes Low Security Mike Ryan iSEC Partners USENIX Security / WOOT

Bluetooth: With Low Energy Comes Low Security Mike Ryan iSEC Partners USENIX Security / WOOT

Bluetooth: With Low Energy Comes Low Security Mike Ryan iSEC Partners USENIX Security / WOOT Aug 13, 2013 1 Mike Ryan Bluetooth Smart / Bluetooth LE USENIX WOOT, August 2013 Outline What is Bluetooth Low Energy? Protocol overview

570 views • 56 slides
A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy Daniele

A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy Daniele

WAC workshop 2020 A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy Daniele Antonioli Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy 1

949 views • 69 slides
Using Bluetooth to Determine Using Bluetooth to Determine Travel Times www.kmjinc.com 1 Agenda

Using Bluetooth to Determine Using Bluetooth to Determine Travel Times www.kmjinc.com 1 Agenda

ITE Mid-Colonial District Annual Meeting April 29, 2010 Using Bluetooth to Determine Using Bluetooth to Determine Travel Times www.kmjinc.com 1 Agenda Bluetooth and How It Works The BlueTOAD TM Device Evaluation Project

270 views • 22 slides
Beacons 1 Beacon is continuous Bluetooth Low Energy (BLE) transmitter device with unique

Beacons 1 Beacon is continuous Bluetooth Low Energy (BLE) transmitter device with unique

Beacons 1 Beacon is continuous Bluetooth Low Energy (BLE) transmitter device with unique identifier at a known place. 2 The beacons manufacturers BlueCats BlueSense Estimote Gelo Kontact Sonic Notify

972 views • 11 slides
On Practical Selective Jamming of Bluetooth Low Energy Advertising S. Brauer, A. Zubow, S. Zehl,

On Practical Selective Jamming of Bluetooth Low Energy Advertising S. Brauer, A. Zubow, S. Zehl,

On Practical Selective Jamming of Bluetooth Low Energy Advertising S. Brauer, A. Zubow, S. Zehl, M. Roshandel, S. M. Sohi Technical University Berlin & Deutsche Telekom Labs Germany Outline Motivation, Problem Statement, System

655 views • 23 slides
Indoor Positioning: A Comparison of WiFi and Bluetooth Low Energy for Region Monitoring Alexander

Indoor Positioning: A Comparison of WiFi and Bluetooth Low Energy for Region Monitoring Alexander

Indoor Positioning: A Comparison of WiFi and Bluetooth Low Energy for Region Monitoring Alexander Lindemann, Bettina Schnor , Jan Sohre, Petra Vogel Potsdam University Institute of Computer Science Operating Systems and Distributed Systems

430 views • 29 slides
Presented By: Paul Misticawi VP of Sales, TrafficCast What is Bluetooth How are

Presented By: Paul Misticawi VP of Sales, TrafficCast What is Bluetooth How are

Presented By: Paul Misticawi VP of Sales, TrafficCast What is Bluetooth How are traveltimes derived from Bluetooth devices Turning Raw Data into Information Applications Using Bluetooth TravelTimes Using

198 views • 16 slides
Linux, PCs and Energy Efficiency Implications for Linux Developers, OEMs, and IHVs Tom Bolioli,

Linux, PCs and Energy Efficiency Implications for Linux Developers, OEMs, and IHVs Tom Bolioli,

Linux, PCs and Energy Efficiency Implications for Linux Developers, OEMs, and IHVs Tom Bolioli, Terra Novum, LLC Agenda Agenda Demand for Energy- -Efficient Electronics Efficient Electronics Demand for Energy ENERGY STAR Program

593 views • 31 slides
IoTSSC Bluetooth Bluetooth Classic (Basic Rate BR/Enhanced Data Rate EDR) In 1990s

IoTSSC Bluetooth Bluetooth Classic (Basic Rate BR/Enhanced Data Rate EDR) In 1990s

IoTSSC Bluetooth Bluetooth Classic (Basic Rate BR/Enhanced Data Rate EDR) In 1990s Ericsson wanted to connect other devices to mobile phone without cables Established a consortium which accumulated over the years 20k members (!)

933 views • 46 slides
Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client and a server? What is Linux? Linux generally refers to a group of Unix-like free and open-source operating system distributions that use the Linux

562 views • 53 slides
Next Generation BlueZ & Bluetooth Smart Devices Johan Hedberg (Intel) Bluetooth Short

Next Generation BlueZ & Bluetooth Smart Devices Johan Hedberg (Intel) Bluetooth Short

Next Generation BlueZ & Bluetooth Smart Devices Johan Hedberg (Intel) Bluetooth Short Introduction Short range wireless technology operating at 2.4 GHz Originally announced in 1998 as a replacement for RS-232 but has evolved

346 views • 21 slides
CS5530 Mobile/Wireless Systems Android Bluetooth Interface Yanyan Zhuang Department of Computer

CS5530 Mobile/Wireless Systems Android Bluetooth Interface Yanyan Zhuang Department of Computer

CS5530 Mobile/Wireless Systems Android Bluetooth Interface Yanyan Zhuang Department of Computer Science http://www.cs.uccs.edu/~yzhuang UC. Colorado Springs CS5530 Ref. CN5E, NT@UW, WUSTL Bluetooth Communication Bluetooth-enabled

343 views • 18 slides
Embedded wireless networking using Bluetooth & 802.11: state-of-the-art and research

Embedded wireless networking using Bluetooth & 802.11: state-of-the-art and research

Embedded wireless networking using Bluetooth & 802.11: state-of-the-art and research challenges Pravin Bhagwat pravin@acm.org http://www.winlab.rutgers.edu/~pravin 16 th ACM Supercomputing New York, NY June 22, 2001 Bluetooth A cable

1.31k views • 109 slides
The Serial Device Bus Johan Hovold Hovold Consulting AB Embedded Linux Conference Europe

The Serial Device Bus Johan Hovold Hovold Consulting AB Embedded Linux Conference Europe

The Serial Device Bus Johan Hovold Hovold Consulting AB Embedded Linux Conference Europe October 23, 2017 Introduction UARTs and RS-232 have been around since 1960s Common interface for Bluetooth, NFC, FM Radio and GPS devices TTY

1.06k views • 35 slides
anytime anywhere with Apsima 1 www.apsima.com Intro to BLE Beacons Micro-location

anytime anywhere with Apsima 1 www.apsima.com Intro to BLE Beacons Micro-location

Stay in touch, anytime anywhere with Apsima 1 www.apsima.com Intro to BLE Beacons Micro-location beacons utilize Bluetooth Low Energy (BLE) to allow any mobile device with enabled Bluetooth 4.0 to know where it is in relation to a

443 views • 28 slides
Linux from Sensors to Servers ! When is Linux Not Linux? ! 1 1 Linux runs across a huge range

Linux from Sensors to Servers ! When is Linux Not Linux? ! 1 1 Linux runs across a huge range

Linux from Sensors to Servers ! When is Linux Not Linux? ! 1 1 Linux runs across a huge range of systems ! CC BY-SA 2.0 FHKE, Flickr 2 Whats the difference between Linux on a big thing and Linux on a little thing? ! 3 ! Whats the

900 views • 52 slides
BIAS: Bluetooth Impersonation AttackS Daniele Antonioli (EPFL), Nils Tippenhauer (CISPA), Kasper

BIAS: Bluetooth Impersonation AttackS Daniele Antonioli (EPFL), Nils Tippenhauer (CISPA), Kasper

IEEE S&P 2020 BIAS: Bluetooth Impersonation AttackS Daniele Antonioli (EPFL), Nils Tippenhauer (CISPA), Kasper Rasmussen (Oxford Univ.) Daniele Antonioli ( @francozappa ) BIAS: Bluetooth Impersonation AttackS 1 Bluetooth standard

923 views • 34 slides
Computing using Linux: The Good and the Bad Christoph Lameter HPC and Linux Most of the

Computing using Linux: The Good and the Bad Christoph Lameter HPC and Linux Most of the

High Performance Computing using Linux: The Good and the Bad Christoph Lameter HPC and Linux Most of the supercomputers today run Linux. All of the computational clusters in corporations that I know of run Linux. Support for

419 views • 12 slides
Linux Overview Amir Hossein Payberah payberah@gmail.com 1 Agenda Linux Overview Linux

Linux Overview Amir Hossein Payberah payberah@gmail.com 1 Agenda Linux Overview Linux

Linux Overview Amir Hossein Payberah payberah@gmail.com 1 Agenda Linux Overview Linux Distributions Linux vs Windows Linux Architecture Linux Security 2 What is Linux? Similar Operating System To Microsoft Windows, Sun

1.11k views • 55 slides
Interviews with Different Users About Their Linux Setups Steven Ovadia My Linux Rig

Interviews with Different Users About Their Linux Setups Steven Ovadia My Linux Rig

The State of Desktop Linux: Interviews with Different Users About Their Linux Setups Steven Ovadia My Linux Rig www.mylinuxrig.com @steven_ovadia *** Associate Professor/Web Services Librarian LaGuardia Community College About My Linux

458 views • 27 slides

More recommend