projects / platform / kernel / linux-rpi.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7c5cca3)
Bluetooth: SMP: Fix trying to use non-existent local OOB data
authorJohan Hedberg <johan.hedberg@intel.com>
Tue, 11 Sep 2018 11:10:12 +0000 (14:10 +0300)
committerMarcel Holtmann <marcel@holtmann.org>
Tue, 11 Sep 2018 11:33:57 +0000 (13:33 +0200)
A remote device may claim that it has received our OOB data, even
though we never geneated it. Add a new flag to track whether we
actually have OOB data, and ignore the remote peer's flag if haven't
generated OOB data.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
net/bluetooth/smp.c patch | blob | history

diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index ae91e2d..9752879 100644 (file)
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -83,6 +83,7 @@ enum {
 
 struct smp_dev {
        /* Secure Connections OOB data */
+       bool                    local_oob;
        u8                      local_pk[64];
        u8                      local_rand[16];
        bool                    debug_key;
@@ -599,6 +600,8 @@ int smp_generate_oob(struct hci_dev *hdev, u8 hash[16], u8 rand[16])
 
        memcpy(rand, smp->local_rand, 16);
 
+       smp->local_oob = true;
+
        return 0;
 }
 
@@ -1785,7 +1788,7 @@ static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
         * successfully received our local OOB data - therefore set the
         * flag to indicate that local OOB is in use.
         */
-       if (req->oob_flag == SMP_OOB_PRESENT)
+       if (req->oob_flag == SMP_OOB_PRESENT && SMP_DEV(hdev)->local_oob)
                set_bit(SMP_FLAG_LOCAL_OOB, &smp->flags);
 
        /* SMP over BR/EDR requires special treatment */
@@ -1967,7 +1970,7 @@ static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
         * successfully received our local OOB data - therefore set the
         * flag to indicate that local OOB is in use.
         */
-       if (rsp->oob_flag == SMP_OOB_PRESENT)
+       if (rsp->oob_flag == SMP_OOB_PRESENT && SMP_DEV(hdev)->local_oob)
                set_bit(SMP_FLAG_LOCAL_OOB, &smp->flags);
 
        smp->prsp[0] = SMP_CMD_PAIRING_RSP;
@@ -3230,6 +3233,7 @@ static struct l2cap_chan *smp_add_cid(struct hci_dev *hdev, u16 cid)
                return ERR_CAST(tfm_ecdh);
        }
 
+       smp->local_oob = false;
        smp->tfm_aes = tfm_aes;
        smp->tfm_cmac = tfm_cmac;
        smp->tfm_ecdh = tfm_ecdh;
Domain: System / Kernel;