Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 532a2631 authored by Andre Eisenbach's avatar Andre Eisenbach
Browse files

Check remote LMP version before enabling secure connections 

Request remote version information for LE links when connecting and
ensure LMP version is >= 8 (Bluetooth 4.2) before setting the LinkKey
bits in the pairing request.

This is to ensure older remote devices do not get confused by the
additional bit(s) in the pairing request.

Bug: 25277879
Change-Id: I25424e541fa5244d8f522dffc62cdedc24f4f35b
parent ae50b339

system/device/include/interop_database.h

+0 −6
Original line number Diff line number Diff line
@@ -36,15 +36,9 @@ static const interop_entry_t interop_database[] = { 
  {{0xac, 0x9e, 0x17,       0,0,0}, 3, INTEROP_DISABLE_LE_SECURE_CONNECTIONS},

  {{0xf0, 0x79, 0x59,       0,0,0}, 3, INTEROP_DISABLE_LE_SECURE_CONNECTIONS},



  // Polar Heart Rate Monitor

  {{0x00, 0x22, 0xd0,       0,0,0}, 3, INTEROP_DISABLE_LE_SECURE_CONNECTIONS},



  // Motorola Key Link

  {{0x1c, 0x96, 0x5a,       0,0,0}, 3, INTEROP_DISABLE_LE_SECURE_CONNECTIONS},



  // Dialog Keyboard/Mouse

  {{0x80, 0xea, 0xCa,       0,0,0}, 3, INTEROP_DISABLE_LE_SECURE_CONNECTIONS},



  // Flic smart button

  {{0x80, 0xe4, 0xda, 0x70,   0,0}, 4, INTEROP_DISABLE_LE_SECURE_CONNECTIONS},

system/stack/btm/btm_acl.c

+1 −1
Original line number Diff line number Diff line
@@ -268,8 +268,8 @@ void btm_acl_created (BD_ADDR bda, DEV_CLASS dc, BD_NAME bdn, 
            if (transport == BT_TRANSPORT_BR_EDR)

            {

                btsnd_hcic_read_rmt_clk_offset (p->hci_handle);

                btsnd_hcic_rmt_ver_req (p->hci_handle);

            }

            btsnd_hcic_rmt_ver_req (p->hci_handle);

            p_dev_rec = btm_find_dev_by_handle (hci_handle);



#if (BLE_INCLUDED == TRUE)

system/stack/include/hcidefs.h

+3 −0
Original line number Diff line number Diff line
@@ -24,6 +24,9 @@ 
#define HCI_PROTO_VERSION_2_0 0x03      /* Version for BT spec 2.0          */

#define HCI_PROTO_VERSION_2_1 0x04      /* Version for BT spec 2.1 [Lisbon] */

#define HCI_PROTO_VERSION_3_0 0x05      /* Version for BT spec 3.0          */

#define HCI_PROTO_VERSION_4_0 0x06      /* Version for BT spec 4.0          */

#define HCI_PROTO_VERSION_4_1 0x07      /* Version for BT spec 4.1          */

#define HCI_PROTO_VERSION_4_2 0x08      /* Version for BT spec 4.2          */

#define HCI_PROTO_REVISION    0x000C    /* Current implementation version   */

/*

**  Definitions for HCI groups

system/stack/smp/smp_act.c

+13 −0
Original line number Diff line number Diff line
@@ -51,6 +51,18 @@ const tSMP_ACT smp_distribute_act [] = 
    smp_set_derive_link_key

};



static bool lmp_version_below(BD_ADDR bda, uint8_t version)

{

    tACL_CONN *acl = btm_bda_to_acl(bda, BT_TRANSPORT_LE);

    if (acl == NULL || acl->lmp_version == 0)

    {

        SMP_TRACE_WARNING("%s cannot retrieve LMP version...", __func__);

        return false;

    }

    SMP_TRACE_WARNING("%s LMP version %d < %d", __func__, acl->lmp_version, version);

    return acl->lmp_version < version;

}



/*******************************************************************************

** Function         smp_update_key_mask

** Description      This function updates the key mask for sending or receiving.
@@ -173,6 +185,7 @@ void smp_send_app_cback(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 
                    }



                    if (!(p_cb->loc_auth_req & SMP_SC_SUPPORT_BIT)

                        || lmp_version_below(p_cb->pairing_bda, HCI_PROTO_VERSION_4_2)

                        || interop_match(INTEROP_DISABLE_LE_SECURE_CONNECTIONS,

                            (const bt_bdaddr_t *)&p_cb->pairing_bda))

                    {