Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 205c749e authored by Zach Johnson's avatar Zach Johnson
Browse files

BTM_SEC_IN_AUTHORIZE is never set, only checked or removed 

For clarity, falsed out these expressions in these
super complicated conditionals.

A future patch set will remove them.

Bug: 159815595
Tag: #refactor
Test: compile & verify basic functions working
Change-Id: Ib7e9fcbc0c3018c38ea243974e22a3aa39c7f2f7
parent 3bca50ae

system/stack/btm/btm_sec.cc

+28 −42
Original line number Diff line number Diff line
@@ -464,8 +464,7 @@ bool BTM_SetSecurityLevel(bool is_originator, const char* p_name, 


    /* Parameter validation.  Originator should not set requirements for

     * incoming connections */

    sec_level &=

        ~(BTM_SEC_IN_AUTHORIZE | BTM_SEC_IN_ENCRYPT | BTM_SEC_IN_AUTHENTICATE |

    sec_level &= ~(BTM_SEC_IN_ENCRYPT | BTM_SEC_IN_AUTHENTICATE |

                   BTM_SEC_IN_MITM | BTM_SEC_IN_MIN_16_DIGIT_PIN);



    if (btm_cb.security_mode == BTM_SEC_MODE_SP ||
@@ -488,10 +487,9 @@ bool BTM_SetSecurityLevel(bool is_originator, const char* p_name, 
#endif

/* clear out the old setting, just in case it exists */

    {

      p_srec->security_flags &=

          ~(BTM_SEC_IN_AUTHORIZE | BTM_SEC_IN_ENCRYPT |

            BTM_SEC_IN_AUTHENTICATE | BTM_SEC_IN_MITM | BTM_SEC_FORCE_MASTER |

            BTM_SEC_ATTEMPT_MASTER | BTM_SEC_FORCE_SLAVE |

      p_srec->security_flags &= ~(

          BTM_SEC_IN_ENCRYPT | BTM_SEC_IN_AUTHENTICATE | BTM_SEC_IN_MITM |

          BTM_SEC_FORCE_MASTER | BTM_SEC_ATTEMPT_MASTER | BTM_SEC_FORCE_SLAVE |

          BTM_SEC_ATTEMPT_SLAVE | BTM_SEC_IN_MIN_16_DIGIT_PIN);

    }
@@ -1693,17 +1691,12 @@ tBTM_STATUS btm_sec_l2cap_access_req(const RawAddress& bd_addr, uint16_t psm, 
            (((security_required & BTM_SEC_IN_FLAGS) ==

              (BTM_SEC_IN_AUTHENTICATE | BTM_SEC_IN_ENCRYPT)) &&

             btm_dev_encrypted(p_dev_rec)) ||

            (((security_required & BTM_SEC_IN_FLAGS) == BTM_SEC_IN_AUTHORIZE) &&

             (btm_dev_authorized(p_dev_rec) ||

            (false && (btm_dev_authorized(p_dev_rec) ||

                       btm_serv_trusted(p_dev_rec, p_serv_rec))) ||

            (((security_required & BTM_SEC_IN_FLAGS) ==

              (BTM_SEC_IN_AUTHENTICATE | BTM_SEC_IN_AUTHORIZE)) &&

             ((btm_dev_authorized(p_dev_rec) ||

            (false && ((btm_dev_authorized(p_dev_rec) ||

                        btm_serv_trusted(p_dev_rec, p_serv_rec)) &&

                       btm_dev_authenticated(p_dev_rec))) ||

            (((security_required & BTM_SEC_IN_FLAGS) ==

              (BTM_SEC_IN_ENCRYPT | BTM_SEC_IN_AUTHORIZE)) &&

             ((btm_dev_authorized(p_dev_rec) ||

            (false && ((btm_dev_authorized(p_dev_rec) ||

                        btm_serv_trusted(p_dev_rec, p_serv_rec)) &&

                       btm_dev_encrypted(p_dev_rec))) ||

            (((security_required & BTM_SEC_IN_FLAGS) == BTM_SEC_IN_FLAGS) &&
@@ -1985,17 +1978,12 @@ tBTM_STATUS btm_sec_mx_access_request(const RawAddress& bd_addr, uint16_t psm, 
            ((((security_required & BTM_SEC_IN_FLAGS) ==

               BTM_SEC_IN_AUTHENTICATE) &&

              btm_dev_authenticated(p_dev_rec))) ||

            (((security_required & BTM_SEC_IN_FLAGS) == BTM_SEC_IN_AUTHORIZE) &&

             (btm_dev_authorized(p_dev_rec) ||

            (false && (btm_dev_authorized(p_dev_rec) ||

                       btm_serv_trusted(p_dev_rec, p_serv_rec))) ||

            (((security_required & BTM_SEC_IN_FLAGS) ==

              (BTM_SEC_IN_AUTHORIZE | BTM_SEC_IN_AUTHENTICATE)) &&

             ((btm_dev_authorized(p_dev_rec) ||

            (false && ((btm_dev_authorized(p_dev_rec) ||

                        btm_serv_trusted(p_dev_rec, p_serv_rec)) &&

                       btm_dev_authenticated(p_dev_rec))) ||

            (((security_required & BTM_SEC_IN_FLAGS) ==

              (BTM_SEC_IN_AUTHORIZE | BTM_SEC_IN_ENCRYPT)) &&

             ((btm_dev_authorized(p_dev_rec) ||

            (false && ((btm_dev_authorized(p_dev_rec) ||

                        btm_serv_trusted(p_dev_rec, p_serv_rec)) &&

                       btm_dev_encrypted(p_dev_rec))) ||

            ((((security_required & BTM_SEC_IN_FLAGS) ==
@@ -2023,8 +2011,7 @@ tBTM_STATUS btm_sec_mx_access_request(const RawAddress& bd_addr, uint16_t psm, 
      /* btm_sec_execute_procedure */

      if ((is_originator &&

           (p_serv_rec->security_flags & BTM_SEC_OUT_AUTHORIZE)) ||

          (!is_originator &&

           (p_serv_rec->security_flags & BTM_SEC_IN_AUTHORIZE))) {

          (!is_originator && false)) {

        BTM_TRACE_EVENT("%s: still need authorization", __func__);

        rc = BTM_CMD_STARTED;

      }
@@ -4669,8 +4656,7 @@ tBTM_STATUS btm_sec_execute_procedure(tBTM_SEC_DEV_REC* p_dev_rec) { 
  if (!(p_dev_rec->sec_flags & BTM_SEC_AUTHORIZED) &&

      ((p_dev_rec->is_originator &&

        (p_dev_rec->security_required & BTM_SEC_OUT_AUTHORIZE)) ||

       (!p_dev_rec->is_originator &&

        (p_dev_rec->security_required & BTM_SEC_IN_AUTHORIZE)))) {

       (!p_dev_rec->is_originator && false))) {

    BTM_TRACE_EVENT(

        "service id:%d, is trusted:%d", p_dev_rec->p_cur_service->service_id,

        (BTM_SEC_IS_SERVICE_TRUSTED(p_dev_rec->trusted_mask,
@@ -4686,10 +4672,10 @@ tBTM_STATUS btm_sec_execute_procedure(tBTM_SEC_DEV_REC* p_dev_rec) { 


  /* All required  security procedures already established */

  p_dev_rec->security_required &=

      ~(BTM_SEC_OUT_AUTHORIZE | BTM_SEC_IN_AUTHORIZE |

        BTM_SEC_OUT_AUTHENTICATE | BTM_SEC_IN_AUTHENTICATE |

        BTM_SEC_OUT_ENCRYPT | BTM_SEC_IN_ENCRYPT | BTM_SEC_FORCE_MASTER |

        BTM_SEC_ATTEMPT_MASTER | BTM_SEC_FORCE_SLAVE | BTM_SEC_ATTEMPT_SLAVE);

      ~(BTM_SEC_OUT_AUTHORIZE | BTM_SEC_OUT_AUTHENTICATE |

        BTM_SEC_IN_AUTHENTICATE | BTM_SEC_OUT_ENCRYPT | BTM_SEC_IN_ENCRYPT |

        BTM_SEC_FORCE_MASTER | BTM_SEC_ATTEMPT_MASTER | BTM_SEC_FORCE_SLAVE |

        BTM_SEC_ATTEMPT_SLAVE);



  BTM_TRACE_EVENT("Security Manager: trusted:0x%04x%04x",

                  p_dev_rec->trusted_mask[1], p_dev_rec->trusted_mask[0]);

system/stack/btm/security_device_record.h

+1 −2
Original line number Diff line number Diff line
@@ -281,8 +281,7 @@ extern void btm_sco_disc_chk_pend_for_modechange(uint16_t hci_handle); 
 */

#define BTM_SEC_OUT_FLAGS \

  (BTM_SEC_OUT_AUTHENTICATE | BTM_SEC_OUT_ENCRYPT | BTM_SEC_OUT_AUTHORIZE)

#define BTM_SEC_IN_FLAGS \

  (BTM_SEC_IN_AUTHENTICATE | BTM_SEC_IN_ENCRYPT | BTM_SEC_IN_AUTHORIZE)

#define BTM_SEC_IN_FLAGS (BTM_SEC_IN_AUTHENTICATE | BTM_SEC_IN_ENCRYPT)



#define BTM_SEC_OUT_LEVEL4_FLAGS                                       \

  (BTM_SEC_OUT_AUTHENTICATE | BTM_SEC_OUT_ENCRYPT | BTM_SEC_OUT_MITM | \

system/stack/include/btm_api_types.h

+0 −2
Original line number Diff line number Diff line
@@ -634,8 +634,6 @@ typedef void(tBTM_ESCO_CBACK)(tBTM_ESCO_EVT event, tBTM_ESCO_EVT_DATA* p_data); 
*/

/* Nothing required */

#define BTM_SEC_NONE 0x0000

/* Inbound call requires authorization */

#define BTM_SEC_IN_AUTHORIZE 0x0001

/* Inbound call requires authentication */

#define BTM_SEC_IN_AUTHENTICATE 0x0002

/* Inbound call requires encryption */