Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1afc2a1a authored by Johan Hedberg's avatar Johan Hedberg Committed by Marcel Holtmann
Browse files

Bluetooth: Fix SMP security level when we have no IO capabilities 



When the local IO capability is NoInputNoOutput any attempt to convert
the remote authentication requirement to a target security level is
futile. This patch makes sure that we set the target security level at
most to MEDIUM if the local IO capability is NoInputNoOutput.

Signed-off-by: default avatarJohan Hedberg <johan.hedberg@intel.com>
Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
parent 24bd0bd9

net/bluetooth/smp.c

+10 −2
Original line number Diff line number Diff line
@@ -959,7 +959,11 @@ static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb) 
	memcpy(&smp->preq[1], req, sizeof(*req));

	skb_pull(skb, sizeof(*req));



	if (conn->hcon->io_capability == 0x03)

		sec_level = BT_SECURITY_MEDIUM;

	else

		sec_level = authreq_to_seclevel(auth);



	if (sec_level > conn->hcon->pending_sec_level)

		conn->hcon->pending_sec_level = sec_level;
@@ -1165,7 +1169,11 @@ static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb) 


	auth = rp->auth_req & AUTH_REQ_MASK;



	if (hcon->io_capability == 0x03)

		sec_level = BT_SECURITY_MEDIUM;

	else

		sec_level = authreq_to_seclevel(auth);



	if (smp_sufficient_security(hcon, sec_level))

		return 0;