diff options
| author | Johan Hedberg <johan.hedberg@intel.com> | 2014-07-01 11:40:20 -0400 |
|---|---|---|
| committer | Marcel Holtmann <marcel@holtmann.org> | 2014-07-03 11:42:53 -0400 |
| commit | 854f47278fb36f4904649b994acf559e13920232 (patch) | |
| tree | d71450cfb145242ed67b02bde8388d5dffa484a7 /net/bluetooth/smp.c | |
| parent | c70a7e4cc8d22cb1ce684637ef8a4bb3a80d15b7 (diff) | |
Bluetooth: Fix redundant encryption when receiving Security Request
If we're already encrypted with a good enough LTK we should just ignore
an incoming SMP Security Request. The code was already taking care of
this in the smp_conn_security function before calling smp_ltk_encrypt
but failed to do the same in smp_cmd_security_req. This patch fixes the
issue by moving up the smp_sufficient_security function and using it in
the Security Request handler before trying to request encryption.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Diffstat (limited to 'net/bluetooth/smp.c')
| -rw-r--r-- | net/bluetooth/smp.c | 25 |
1 files changed, 14 insertions, 11 deletions
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c index 35f57090ddd0..6ce7785a2708 100644 --- a/net/bluetooth/smp.c +++ b/net/bluetooth/smp.c | |||
| @@ -859,6 +859,17 @@ static bool smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level) | |||
| 859 | return true; | 859 | return true; |
| 860 | } | 860 | } |
| 861 | 861 | ||
| 862 | bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level) | ||
| 863 | { | ||
| 864 | if (sec_level == BT_SECURITY_LOW) | ||
| 865 | return true; | ||
| 866 | |||
| 867 | if (hcon->sec_level >= sec_level) | ||
| 868 | return true; | ||
| 869 | |||
| 870 | return false; | ||
| 871 | } | ||
| 872 | |||
| 862 | static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb) | 873 | static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb) |
| 863 | { | 874 | { |
| 864 | struct smp_cmd_security_req *rp = (void *) skb->data; | 875 | struct smp_cmd_security_req *rp = (void *) skb->data; |
| @@ -876,6 +887,9 @@ static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb) | |||
| 876 | return SMP_CMD_NOTSUPP; | 887 | return SMP_CMD_NOTSUPP; |
| 877 | 888 | ||
| 878 | sec_level = authreq_to_seclevel(rp->auth_req); | 889 | sec_level = authreq_to_seclevel(rp->auth_req); |
| 890 | if (smp_sufficient_security(hcon, sec_level)) | ||
| 891 | return 0; | ||
| 892 | |||
| 879 | if (sec_level > hcon->pending_sec_level) | 893 | if (sec_level > hcon->pending_sec_level) |
| 880 | hcon->pending_sec_level = sec_level; | 894 | hcon->pending_sec_level = sec_level; |
| 881 | 895 | ||
| @@ -904,17 +918,6 @@ static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb) | |||
| 904 | return 0; | 918 | return 0; |
| 905 | } | 919 | } |
| 906 | 920 | ||
| 907 | bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level) | ||
| 908 | { | ||
| 909 | if (sec_level == BT_SECURITY_LOW) | ||
| 910 | return true; | ||
| 911 | |||
| 912 | if (hcon->sec_level >= sec_level) | ||
| 913 | return true; | ||
| 914 | |||
| 915 | return false; | ||
| 916 | } | ||
| 917 | |||
| 918 | int smp_conn_security(struct hci_conn *hcon, __u8 sec_level) | 921 | int smp_conn_security(struct hci_conn *hcon, __u8 sec_level) |
| 919 | { | 922 | { |
| 920 | struct l2cap_conn *conn = hcon->l2cap_data; | 923 | struct l2cap_conn *conn = hcon->l2cap_data; |