[3.8.y.z extended stable] Patch "Bluetooth: Fix setting correct authentication information for SMP STK" has been added to staging queue

Kamal Mostafa kamal at canonical.com
Tue Jul 22 22:17:49 UTC 2014 

This is a note to let you know that I have just added a patch titled

    Bluetooth: Fix setting correct authentication information for SMP STK

to the linux-3.8.y-queue branch of the 3.8.y.z extended stable tree 
which can be found at:

 http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.8.y-queue

This patch is scheduled to be released in version 3.8.13.27.

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.8.y.z tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Kamal

------

>From 9f6da325736f3cdd98010569982f7da4a22dda6e Mon Sep 17 00:00:00 2001
From: Johan Hedberg <johan.hedberg at intel.com>
Date: Tue, 10 Jun 2014 15:19:50 +0300
Subject: Bluetooth: Fix setting correct authentication information for SMP STK

commit fff3490f47810e2d34b91fb9e31103e923b11c2f upstream.

When we store the STK in slave role we should set the correct
authentication information for it. If the pairing is producing a HIGH
security level the STK is considered authenticated, and otherwise it's
considered unauthenticated. This patch fixes the value passed to the
hci_add_ltk() function when adding the STK on the slave side.

Signed-off-by: Johan Hedberg <johan.hedberg at intel.com>
Tested-by: Marcin Kraglak <marcin.kraglak at tieto.com>
Signed-off-by: Marcel Holtmann <marcel at holtmann.org>
[ kamal: backport to 3.8-stable: context ]
Signed-off-by: Kamal Mostafa <kamal at canonical.com>
---
 net/bluetooth/smp.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 5abefb1..ba765a4 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -464,7 +464,7 @@ static void random_work(struct work_struct *work)
 		hci_le_start_enc(hcon, ediv, rand, stk);
 		hcon->enc_key_size = smp->enc_key_size;
 	} else {
-		u8 stk[16], r[16], rand[8];
+		u8 stk[16], r[16], rand[8], auth;
 		__le16 ediv;

 		memset(rand, 0, sizeof(rand));
@@ -479,8 +479,13 @@ static void random_work(struct work_struct *work)
 		memset(stk + smp->enc_key_size, 0,
 				SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);

+		if (hcon->pending_sec_level == BT_SECURITY_HIGH)
+			auth = 1;
+		else
+			auth = 0;
+
 		hci_add_ltk(hcon->hdev, conn->dst, hcon->dst_type,
-			    HCI_SMP_STK_SLAVE, 0, 0, stk, smp->enc_key_size,
+			    HCI_SMP_STK_SLAVE, 0, auth, stk, smp->enc_key_size,
 			    ediv, rand);
 	}

--
1.9.1

More information about the kernel-team mailing list