[3.13.y.z extended stable] Patch "Bluetooth: Fix setting correct security level when initiating SMP" has been added to staging queue

Kamal Mostafa kamal at canonical.com
Tue Oct 21 20:09:13 UTC 2014


This is a note to let you know that I have just added a patch titled

    Bluetooth: Fix setting correct security level when initiating SMP

to the linux-3.13.y-queue branch of the 3.13.y.z extended stable tree 
which can be found at:

 http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.13.y-queue

This patch is scheduled to be released in version 3.13.11.10.

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.13.y.z tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Kamal

------

>From a5c3576d285d5ca03171bc352bfbf2456c9d0440 Mon Sep 17 00:00:00 2001
From: Johan Hedberg <johan.hedberg at intel.com>
Date: Thu, 18 Sep 2014 11:26:32 +0300
Subject: Bluetooth: Fix setting correct security level when initiating SMP

commit 5eb596f55cacc2389554a8d7572d90d5e9d4269d upstream.

We can only determine the final security level when both pairing request
and response have been exchanged. When initiating pairing the starting
target security level is set to MEDIUM unless explicitly specified to be
HIGH, so that we can still perform pairing even if the remote doesn't
have MITM capabilities. However, once we've received the pairing
response we should re-consult the remote and local IO capabilities and
upgrade the target security level if necessary.

Without this patch the resulting Long Term Key will occasionally be
reported to be unauthenticated when it in reality is an authenticated
one.

Signed-off-by: Johan Hedberg <johan.hedberg at intel.com>
Signed-off-by: Marcel Holtmann <marcel at holtmann.org>
Signed-off-by: Kamal Mostafa <kamal at canonical.com>
---
 net/bluetooth/smp.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 7e355bb..cd52609 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -326,8 +326,11 @@ static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
 	}

 	/* Not Just Works/Confirm results in MITM Authentication */
-	if (method != JUST_CFM)
+	if (method != JUST_CFM) {
 		set_bit(SMP_FLAG_MITM_AUTH, &smp->smp_flags);
+		if (hcon->pending_sec_level < BT_SECURITY_HIGH)
+			hcon->pending_sec_level = BT_SECURITY_HIGH;
+	}

 	/* If both devices have Keyoard-Display I/O, the master
 	 * Confirms and the slave Enters the passkey.
--
1.9.1





More information about the kernel-team mailing list