aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/bluetooth/smp.c17
1 files changed, 1 insertions, 16 deletions
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index ef8f96d2c059..be8371b4eb63 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -32,7 +32,6 @@
32#include "smp.h" 32#include "smp.h"
33 33
34#define SMP_ALLOW_CMD(smp, code) set_bit(code, &smp->allow_cmd) 34#define SMP_ALLOW_CMD(smp, code) set_bit(code, &smp->allow_cmd)
35#define SMP_DISALLOW_CMD(smp, code) clear_bit(code, &smp->allow_cmd)
36 35
37#define SMP_TIMEOUT msecs_to_jiffies(30000) 36#define SMP_TIMEOUT msecs_to_jiffies(30000)
38 37
@@ -956,8 +955,6 @@ static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
956 (auth & SMP_AUTH_BONDING)) 955 (auth & SMP_AUTH_BONDING))
957 return SMP_PAIRING_NOTSUPP; 956 return SMP_PAIRING_NOTSUPP;
958 957
959 SMP_DISALLOW_CMD(smp, SMP_CMD_PAIRING_REQ);
960
961 smp->preq[0] = SMP_CMD_PAIRING_REQ; 958 smp->preq[0] = SMP_CMD_PAIRING_REQ;
962 memcpy(&smp->preq[1], req, sizeof(*req)); 959 memcpy(&smp->preq[1], req, sizeof(*req));
963 skb_pull(skb, sizeof(*req)); 960 skb_pull(skb, sizeof(*req));
@@ -1014,8 +1011,6 @@ static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
1014 if (conn->hcon->role != HCI_ROLE_MASTER) 1011 if (conn->hcon->role != HCI_ROLE_MASTER)
1015 return SMP_CMD_NOTSUPP; 1012 return SMP_CMD_NOTSUPP;
1016 1013
1017 SMP_DISALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
1018
1019 skb_pull(skb, sizeof(*rsp)); 1014 skb_pull(skb, sizeof(*rsp));
1020 1015
1021 req = (void *) &smp->preq[1]; 1016 req = (void *) &smp->preq[1];
@@ -1071,8 +1066,6 @@ static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
1071 if (skb->len < sizeof(smp->pcnf)) 1066 if (skb->len < sizeof(smp->pcnf))
1072 return SMP_INVALID_PARAMS; 1067 return SMP_INVALID_PARAMS;
1073 1068
1074 SMP_DISALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
1075
1076 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf)); 1069 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
1077 skb_pull(skb, sizeof(smp->pcnf)); 1070 skb_pull(skb, sizeof(smp->pcnf));
1078 1071
@@ -1101,8 +1094,6 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
1101 if (skb->len < sizeof(smp->rrnd)) 1094 if (skb->len < sizeof(smp->rrnd))
1102 return SMP_INVALID_PARAMS; 1095 return SMP_INVALID_PARAMS;
1103 1096
1104 SMP_DISALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
1105
1106 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd)); 1097 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
1107 skb_pull(skb, sizeof(smp->rrnd)); 1098 skb_pull(skb, sizeof(smp->rrnd));
1108 1099
@@ -1293,7 +1284,6 @@ static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
1293 if (skb->len < sizeof(*rp)) 1284 if (skb->len < sizeof(*rp))
1294 return SMP_INVALID_PARAMS; 1285 return SMP_INVALID_PARAMS;
1295 1286
1296 SMP_DISALLOW_CMD(smp, SMP_CMD_ENCRYPT_INFO);
1297 SMP_ALLOW_CMD(smp, SMP_CMD_MASTER_IDENT); 1287 SMP_ALLOW_CMD(smp, SMP_CMD_MASTER_IDENT);
1298 1288
1299 skb_pull(skb, sizeof(*rp)); 1289 skb_pull(skb, sizeof(*rp));
@@ -1321,7 +1311,6 @@ static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
1321 /* Mark the information as received */ 1311 /* Mark the information as received */
1322 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY; 1312 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
1323 1313
1324 SMP_DISALLOW_CMD(smp, SMP_CMD_MASTER_IDENT);
1325 if (smp->remote_key_dist & SMP_DIST_ID_KEY) 1314 if (smp->remote_key_dist & SMP_DIST_ID_KEY)
1326 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO); 1315 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
1327 else if (smp->remote_key_dist & SMP_DIST_SIGN) 1316 else if (smp->remote_key_dist & SMP_DIST_SIGN)
@@ -1353,7 +1342,6 @@ static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
1353 if (skb->len < sizeof(*info)) 1342 if (skb->len < sizeof(*info))
1354 return SMP_INVALID_PARAMS; 1343 return SMP_INVALID_PARAMS;
1355 1344
1356 SMP_DISALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
1357 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_ADDR_INFO); 1345 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_ADDR_INFO);
1358 1346
1359 skb_pull(skb, sizeof(*info)); 1347 skb_pull(skb, sizeof(*info));
@@ -1380,7 +1368,6 @@ static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
1380 /* Mark the information as received */ 1368 /* Mark the information as received */
1381 smp->remote_key_dist &= ~SMP_DIST_ID_KEY; 1369 smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
1382 1370
1383 SMP_DISALLOW_CMD(smp, SMP_CMD_IDENT_ADDR_INFO);
1384 if (smp->remote_key_dist & SMP_DIST_SIGN) 1371 if (smp->remote_key_dist & SMP_DIST_SIGN)
1385 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO); 1372 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
1386 1373
@@ -1436,8 +1423,6 @@ static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb)
1436 /* Mark the information as received */ 1423 /* Mark the information as received */
1437 smp->remote_key_dist &= ~SMP_DIST_SIGN; 1424 smp->remote_key_dist &= ~SMP_DIST_SIGN;
1438 1425
1439 SMP_DISALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
1440
1441 skb_pull(skb, sizeof(*rp)); 1426 skb_pull(skb, sizeof(*rp));
1442 1427
1443 hci_dev_lock(hdev); 1428 hci_dev_lock(hdev);
@@ -1482,7 +1467,7 @@ static int smp_sig_channel(struct l2cap_chan *chan, struct sk_buff *skb)
1482 if (code > SMP_CMD_MAX) 1467 if (code > SMP_CMD_MAX)
1483 goto drop; 1468 goto drop;
1484 1469
1485 if (smp && !test_bit(code, &smp->allow_cmd)) 1470 if (smp && !test_and_clear_bit(code, &smp->allow_cmd))
1486 goto drop; 1471 goto drop;
1487 1472
1488 /* If we don't have a context the only allowed commands are 1473 /* If we don't have a context the only allowed commands are
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-10 08:43:38 -0500