| Message ID | 20200406180402.7782-1-sonnysasaka@chromium.org (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Marcel Holtmann |
| Headers | show |
| Series | [v2] Bluetooth: Always request for user confirmation for Just Works (LE SC) | expand |
Hi Marcel, Thanks for the suggestion. I have sent an updated patch based on your suggestion with a little modification. Let me know if this looks good. Thanks! On Mon, Apr 6, 2020 at 11:04 AM Sonny Sasaka <sonnysasaka@chromium.org> wrote: > > To improve security, always give the user-space daemon a chance to > accept or reject a Just Works pairing (LE). The daemon may decide to > auto-accept based on the user's intent. > > This patch is similar to the previous patch but applies for LE Secure > Connections (SC). > > Signed-off-by: Sonny Sasaka <sonnysasaka@chromium.org> > --- > net/bluetooth/smp.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c > index d0b695ee49f6..2f48518d120b 100644 > --- a/net/bluetooth/smp.c > +++ b/net/bluetooth/smp.c > @@ -2202,7 +2202,7 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb) > if (err) > return SMP_UNSPECIFIED; > > - if (smp->method == JUST_WORKS || smp->method == REQ_OOB) { > + if (smp->method == REQ_OOB) { > if (hcon->out) { > sc_dhkey_check(smp); > SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK); > @@ -2217,6 +2217,9 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb) > confirm_hint = 0; > > confirm: > + if (smp->method == JUST_WORKS) > + confirm_hint = 1; > + > err = mgmt_user_confirm_request(hcon->hdev, &hcon->dst, hcon->type, > hcon->dst_type, passkey, confirm_hint); > if (err) > -- > 2.17.1 >
Hi Marcel, Could you please take another look at this v2 patch based on your suggestions? Thanks. On Mon, Apr 6, 2020 at 11:04 AM Sonny Sasaka <sonnysasaka@chromium.org> wrote: > > To improve security, always give the user-space daemon a chance to > accept or reject a Just Works pairing (LE). The daemon may decide to > auto-accept based on the user's intent. > > This patch is similar to the previous patch but applies for LE Secure > Connections (SC). > > Signed-off-by: Sonny Sasaka <sonnysasaka@chromium.org> > --- > net/bluetooth/smp.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c > index d0b695ee49f6..2f48518d120b 100644 > --- a/net/bluetooth/smp.c > +++ b/net/bluetooth/smp.c > @@ -2202,7 +2202,7 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb) > if (err) > return SMP_UNSPECIFIED; > > - if (smp->method == JUST_WORKS || smp->method == REQ_OOB) { > + if (smp->method == REQ_OOB) { > if (hcon->out) { > sc_dhkey_check(smp); > SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK); > @@ -2217,6 +2217,9 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb) > confirm_hint = 0; > > confirm: > + if (smp->method == JUST_WORKS) > + confirm_hint = 1; > + > err = mgmt_user_confirm_request(hcon->hdev, &hcon->dst, hcon->type, > hcon->dst_type, passkey, confirm_hint); > if (err) > -- > 2.17.1 >
Hi Sonny, > To improve security, always give the user-space daemon a chance to > accept or reject a Just Works pairing (LE). The daemon may decide to > auto-accept based on the user's intent. > > This patch is similar to the previous patch but applies for LE Secure > Connections (SC). > > Signed-off-by: Sonny Sasaka <sonnysasaka@chromium.org> > --- > net/bluetooth/smp.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) patch has been applied to bluetooth-next tree. Regards Marcel
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c index d0b695ee49f6..2f48518d120b 100644 --- a/net/bluetooth/smp.c +++ b/net/bluetooth/smp.c @@ -2202,7 +2202,7 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb) if (err) return SMP_UNSPECIFIED; - if (smp->method == JUST_WORKS || smp->method == REQ_OOB) { + if (smp->method == REQ_OOB) { if (hcon->out) { sc_dhkey_check(smp); SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK); @@ -2217,6 +2217,9 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb) confirm_hint = 0; confirm: + if (smp->method == JUST_WORKS) + confirm_hint = 1; + err = mgmt_user_confirm_request(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type, passkey, confirm_hint); if (err)
To improve security, always give the user-space daemon a chance to accept or reject a Just Works pairing (LE). The daemon may decide to auto-accept based on the user's intent. This patch is similar to the previous patch but applies for LE Secure Connections (SC). Signed-off-by: Sonny Sasaka <sonnysasaka@chromium.org> --- net/bluetooth/smp.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)