From 06985e882dcc1795b38b84f02e6594ba7a6283de Mon Sep 17 00:00:00 2001 From: Johan Hedberg Date: Tue, 1 Jul 2014 18:40:20 +0300 Subject: Bluetooth: Fix redundant encryption when receiving Security Request If we're already encrypted with a good enough LTK we should just ignore an incoming SMP Security Request. The code was already taking care of this in the smp_conn_security function before calling smp_ltk_encrypt but failed to do the same in smp_cmd_security_req. This patch fixes the issue by moving up the smp_sufficient_security function and using it in the Security Request handler before trying to request encryption. Signed-off-by: Johan Hedberg Signed-off-by: Marcel Holtmann Signed-off-by: Rupesh Tatiya --- net/bluetooth/smp.c | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c index b5562abdd..c58e2757d 100644 --- a/net/bluetooth/smp.c +++ b/net/bluetooth/smp.c @@ -730,16 +730,36 @@ static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level) return 1; } +bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level) +{ + if (sec_level == BT_SECURITY_LOW) { + BT_INFO("TRUE:(sec_level == BT_SECURITY_LOW)"); + return true; + } + if (hcon->sec_level >= sec_level) { + BT_INFO("TRUE:(hcon->sec_level >= sec_level)"); + return true; + } + BT_INFO("return false"); + return false; +} + static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb) { struct smp_cmd_security_req *rp = (void *) skb->data; struct smp_cmd_pairing cp; struct hci_conn *hcon = conn->hcon; struct smp_chan *smp; + u8 sec_level; BT_DBG("conn %p", conn); - hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req); + sec_level = authreq_to_seclevel(rp->auth_req); + if (smp_sufficient_security(hcon, sec_level)) + return 0; + + if (sec_level > hcon->pending_sec_level) + hcon->pending_sec_level = sec_level; if (smp_ltk_encrypt(conn, hcon->pending_sec_level)) return 0; -- cgit v1.2.3