Bluetooth: Limit security mode 4 level 0 to connection oriented channels
The exception for certain PSM channels when it comes to security mode 4 level 0 should only be checked when actually a connection oriented channel is established. Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This commit is contained in:
Marcel Holtmann
Johan Hedberg
parent
43b1b8dfb4
commit
6a974b50a1
2 changed files with 22 additions and 12 deletions
|
|
@ -677,7 +677,8 @@ void l2cap_chan_close(struct l2cap_chan *chan, int reason)
|
||||||
|
|
||||||
static inline u8 l2cap_get_auth_type(struct l2cap_chan *chan)
|
static inline u8 l2cap_get_auth_type(struct l2cap_chan *chan)
|
||||||
{
|
{
|
||||||
if (chan->chan_type == L2CAP_CHAN_RAW) {
|
switch (chan->chan_type) {
|
||||||
|
case L2CAP_CHAN_RAW:
|
||||||
switch (chan->sec_level) {
|
switch (chan->sec_level) {
|
||||||
case BT_SECURITY_HIGH:
|
case BT_SECURITY_HIGH:
|
||||||
return HCI_AT_DEDICATED_BONDING_MITM;
|
return HCI_AT_DEDICATED_BONDING_MITM;
|
||||||
|
|
@ -686,15 +687,19 @@ static inline u8 l2cap_get_auth_type(struct l2cap_chan *chan)
|
||||||
default:
|
default:
|
||||||
return HCI_AT_NO_BONDING;
|
return HCI_AT_NO_BONDING;
|
||||||
}
|
}
|
||||||
} else if (chan->psm == __constant_cpu_to_le16(L2CAP_PSM_SDP)) {
|
break;
|
||||||
if (chan->sec_level == BT_SECURITY_LOW)
|
case L2CAP_CHAN_CONN_ORIENTED:
|
||||||
chan->sec_level = BT_SECURITY_SDP;
|
if (chan->psm == __constant_cpu_to_le16(L2CAP_PSM_SDP)) {
|
||||||
|
if (chan->sec_level == BT_SECURITY_LOW)
|
||||||
|
chan->sec_level = BT_SECURITY_SDP;
|
||||||
|
|
||||||
if (chan->sec_level == BT_SECURITY_HIGH)
|
if (chan->sec_level == BT_SECURITY_HIGH)
|
||||||
return HCI_AT_NO_BONDING_MITM;
|
return HCI_AT_NO_BONDING_MITM;
|
||||||
else
|
else
|
||||||
return HCI_AT_NO_BONDING;
|
return HCI_AT_NO_BONDING;
|
||||||
} else {
|
}
|
||||||
|
/* fall through */
|
||||||
|
default:
|
||||||
switch (chan->sec_level) {
|
switch (chan->sec_level) {
|
||||||
case BT_SECURITY_HIGH:
|
case BT_SECURITY_HIGH:
|
||||||
return HCI_AT_GENERAL_BONDING_MITM;
|
return HCI_AT_GENERAL_BONDING_MITM;
|
||||||
|
|
@ -703,6 +708,7 @@ static inline u8 l2cap_get_auth_type(struct l2cap_chan *chan)
|
||||||
default:
|
default:
|
||||||
return HCI_AT_NO_BONDING;
|
return HCI_AT_NO_BONDING;
|
||||||
}
|
}
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -100,9 +100,13 @@ static int l2cap_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
|
||||||
if (err < 0)
|
if (err < 0)
|
||||||
goto done;
|
goto done;
|
||||||
|
|
||||||
if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP ||
|
switch (chan->chan_type) {
|
||||||
__le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM)
|
case L2CAP_CHAN_CONN_ORIENTED:
|
||||||
chan->sec_level = BT_SECURITY_SDP;
|
if (__le16_to_cpu(la.l2_psm) == L2CAP_PSM_SDP ||
|
||||||
|
__le16_to_cpu(la.l2_psm) == L2CAP_PSM_RFCOMM)
|
||||||
|
chan->sec_level = BT_SECURITY_SDP;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);
|
bacpy(&bt_sk(sk)->src, &la.l2_bdaddr);
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue