Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a67d1a30 authored by Hui Peng's avatar Hui Peng Committed by Automerger Merge Worker
Browse files

Reject access to secure service authenticated from a temp bonding [3] am:... 

Reject access to  secure service authenticated from a temp bonding [3] am: 9e4cef21 am: 81d6d8fa

Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/modules/Bluetooth/+/24737503



Change-Id: I5d6a97414731b424baa1909cafbdc93b007d2e7c
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents 029bba70 81d6d8fa

system/stack/btm/btm_sec.cc

+4 −4
Original line number Diff line number Diff line
@@ -1661,15 +1661,15 @@ tBTM_STATUS btm_sec_l2cap_access_req_by_requirement( 
      btm_cb.security_mode == BTM_SEC_MODE_SC) {

    if (BTM_SEC_IS_SM4(p_dev_rec->sm4)) {

      if (is_originator) {

        /* SM4 to SM4 -> always authenticate & encrypt */

        security_required |= (BTM_SEC_OUT_AUTHENTICATE | BTM_SEC_OUT_ENCRYPT);

        /* SM4 to SM4 -> always encrypt */

        security_required |= BTM_SEC_OUT_ENCRYPT;

      } else /* acceptor */

      {

        /* SM4 to SM4: the acceptor needs to make sure the authentication is

         * already done */

        chk_acp_auth_done = true;

        /* SM4 to SM4 -> always authenticate & encrypt */

        security_required |= (BTM_SEC_IN_AUTHENTICATE | BTM_SEC_IN_ENCRYPT);

        /* SM4 to SM4 -> always encrypt */

        security_required |= BTM_SEC_IN_ENCRYPT;

      }

    } else if (!(BTM_SM4_KNOWN & p_dev_rec->sm4)) {

      /* the remote features are not known yet */