Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9e4cef21 authored by Hui Peng's avatar Hui Peng
Browse files

Reject access to secure service authenticated from a temp bonding [3] 

Allow access to rfcomm PSM by default

Original bug
Bug: 294854926

Nearby regressions:
Bug: 298539299

Test: m com.android.btservices
Ignore-AOSP-First: security
Merged-In: If1f7c9278a9e877f64ae78b6f067c597fb5d0e66
Change-Id: If1f7c9278a9e877f64ae78b6f067c597fb5d0e66
parent 9878a84e

system/stack/btm/btm_sec.cc

+4 −4
Original line number Diff line number Diff line
@@ -1651,15 +1651,15 @@ tBTM_STATUS btm_sec_l2cap_access_req_by_requirement( 
      btm_cb.security_mode == BTM_SEC_MODE_SC) {

    if (BTM_SEC_IS_SM4(p_dev_rec->sm4)) {

      if (is_originator) {

        /* SM4 to SM4 -> always authenticate & encrypt */

        security_required |= (BTM_SEC_OUT_AUTHENTICATE | BTM_SEC_OUT_ENCRYPT);

        /* SM4 to SM4 -> always encrypt */

        security_required |= BTM_SEC_OUT_ENCRYPT;

      } else /* acceptor */

      {

        /* SM4 to SM4: the acceptor needs to make sure the authentication is

         * already done */

        chk_acp_auth_done = true;

        /* SM4 to SM4 -> always authenticate & encrypt */

        security_required |= (BTM_SEC_IN_AUTHENTICATE | BTM_SEC_IN_ENCRYPT);

        /* SM4 to SM4 -> always encrypt */

        security_required |= BTM_SEC_IN_ENCRYPT;

      }

    } else if (!(BTM_SM4_KNOWN & p_dev_rec->sm4)) {

      /* the remote features are not known yet */