Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8556edd3 authored by Johan Hedberg's avatar Johan Hedberg Committed by Gustavo Padovan
Browse files

Bluetooth: Create a unified auth_type evaluation function 



The logic for determining the needed auth_type for an L2CAP socket is
rather complicated and has so far been duplicated in
l2cap_check_security as well as l2cap_do_connect. Additionally the
l2cap_check_security code was completely missing the handling of
SOCK_RAW type sockets. This patch creates a unified function for the
evaluation and makes l2cap_do_connect and l2cap_check_security use that
function.

Signed-off-by: default avatarJohan Hedberg <johan.hedberg@nokia.com>
Acked-by: default avatarMarcel Holtmann <marcel@holtmann.org>
Signed-off-by: default avatarGustavo F. Padovan <padovan@profusion.mobi>
parent 65cf686e

net/bluetooth/l2cap.c

+28 −49
Original line number Diff line number Diff line
@@ -305,34 +305,45 @@ static void l2cap_chan_del(struct sock *sk, int err) 
	}

}



/* Service level security */

static inline int l2cap_check_security(struct sock *sk)

static inline u8 l2cap_get_auth_type(struct sock *sk)

{

	struct l2cap_conn *conn = l2cap_pi(sk)->conn;

	__u8 auth_type;

	if (sk->sk_type == SOCK_RAW) {

		switch (l2cap_pi(sk)->sec_level) {

		case BT_SECURITY_HIGH:

			return HCI_AT_DEDICATED_BONDING_MITM;

		case BT_SECURITY_MEDIUM:

			return HCI_AT_DEDICATED_BONDING;

		default:

			return HCI_AT_NO_BONDING;

		}

	} else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) {

		if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW)

			l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;



	if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) {

		if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)

			auth_type = HCI_AT_NO_BONDING_MITM;

			return HCI_AT_NO_BONDING_MITM;

		else

			auth_type = HCI_AT_NO_BONDING;



		if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW)

			l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;

			return HCI_AT_NO_BONDING;

	} else {

		switch (l2cap_pi(sk)->sec_level) {

		case BT_SECURITY_HIGH:

			auth_type = HCI_AT_GENERAL_BONDING_MITM;

			break;

			return HCI_AT_GENERAL_BONDING_MITM;

		case BT_SECURITY_MEDIUM:

			auth_type = HCI_AT_GENERAL_BONDING;

			break;

			return HCI_AT_GENERAL_BONDING;

		default:

			auth_type = HCI_AT_NO_BONDING;

			break;

			return HCI_AT_NO_BONDING;

		}

	}

}



/* Service level security */

static inline int l2cap_check_security(struct sock *sk)

{

	struct l2cap_conn *conn = l2cap_pi(sk)->conn;

	__u8 auth_type;



	auth_type = l2cap_get_auth_type(sk);



	return hci_conn_security(conn->hcon, l2cap_pi(sk)->sec_level,

								auth_type);

}
@@ -1068,39 +1079,7 @@ static int l2cap_do_connect(struct sock *sk) 


	err = -ENOMEM;



	if (sk->sk_type == SOCK_RAW) {

		switch (l2cap_pi(sk)->sec_level) {

		case BT_SECURITY_HIGH:

			auth_type = HCI_AT_DEDICATED_BONDING_MITM;

			break;

		case BT_SECURITY_MEDIUM:

			auth_type = HCI_AT_DEDICATED_BONDING;

			break;

		default:

			auth_type = HCI_AT_NO_BONDING;

			break;

		}

	} else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) {

		if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)

			auth_type = HCI_AT_NO_BONDING_MITM;

		else

			auth_type = HCI_AT_NO_BONDING;



		if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW)

			l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;

	} else {

		switch (l2cap_pi(sk)->sec_level) {

		case BT_SECURITY_HIGH:

			auth_type = HCI_AT_GENERAL_BONDING_MITM;

			break;

		case BT_SECURITY_MEDIUM:

			auth_type = HCI_AT_GENERAL_BONDING;

			break;

		default:

			auth_type = HCI_AT_NO_BONDING;

			break;

		}

	}

	auth_type = l2cap_get_auth_type(sk);



	hcon = hci_connect(hdev, ACL_LINK, dst,

					l2cap_pi(sk)->sec_level, auth_type);