[PATCH 3.13 164/198] Bluetooth: Fix setting correct authentication information for SMP STK

From: Kamal Mostafa
Date: Tue Jul 15 2014 - 17:50:28 EST

Next message: Kamal Mostafa: "[PATCH 3.13 028/198] UBIFS: fix an mmap and fsync race condition"
Previous message: Kamal Mostafa: "[PATCH 3.13 145/198] iio: adc: at91: signedness bug in at91_adc_get_trigger_value_by_name()"
In reply to: Kamal Mostafa: "[PATCH 3.13 145/198] iio: adc: at91: signedness bug in at91_adc_get_trigger_value_by_name()"
Next in thread: Kamal Mostafa: "[PATCH 3.13 028/198] UBIFS: fix an mmap and fsync race condition"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

3.13.11.5 -stable review patch. If anyone has any objections, please let me know.

------------------

From: Johan Hedberg <johan.hedberg@xxxxxxxxx>

commit fff3490f47810e2d34b91fb9e31103e923b11c2f upstream.

When we store the STK in slave role we should set the correct
authentication information for it. If the pairing is producing a HIGH
security level the STK is considered authenticated, and otherwise it's
considered unauthenticated. This patch fixes the value passed to the
hci_add_ltk() function when adding the STK on the slave side.

Signed-off-by: Johan Hedberg <johan.hedberg@xxxxxxxxx>
Tested-by: Marcin Kraglak <marcin.kraglak@xxxxxxxxx>
Signed-off-by: Marcel Holtmann <marcel@xxxxxxxxxxxx>
[ kamal: backport to 3.13-stable: context ]
Signed-off-by: Kamal Mostafa <kamal@xxxxxxxxxxxxx>
---
net/bluetooth/smp.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 4b07acb..7e355bb 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -467,7 +467,7 @@ static void random_work(struct work_struct *work)
hci_le_start_enc(hcon, ediv, rand, stk);
hcon->enc_key_size = smp->enc_key_size;
} else {
- u8 stk[16], r[16], rand[8];
+ u8 stk[16], r[16], rand[8], auth;
__le16 ediv;

memset(rand, 0, sizeof(rand));
@@ -482,8 +482,13 @@ static void random_work(struct work_struct *work)
memset(stk + smp->enc_key_size, 0,
SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);

+ if (hcon->pending_sec_level == BT_SECURITY_HIGH)
+ auth = 1;
+ else
+ auth = 0;
+
hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
- HCI_SMP_STK_SLAVE, 0, 0, stk, smp->enc_key_size,
+ HCI_SMP_STK_SLAVE, 0, auth, stk, smp->enc_key_size,
ediv, rand);
}

--
1.9.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Kamal Mostafa: "[PATCH 3.13 028/198] UBIFS: fix an mmap and fsync race condition"
Previous message: Kamal Mostafa: "[PATCH 3.13 145/198] iio: adc: at91: signedness bug in at91_adc_get_trigger_value_by_name()"
In reply to: Kamal Mostafa: "[PATCH 3.13 145/198] iio: adc: at91: signedness bug in at91_adc_get_trigger_value_by_name()"
Next in thread: Kamal Mostafa: "[PATCH 3.13 028/198] UBIFS: fix an mmap and fsync race condition"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]