Encryption is mandatory for keyboards.
---
android/hidhost.c | 27 ++++++++++++++++++++++++---
1 file changed, 24 insertions(+), 3 deletions(-)
diff --git a/android/hidhost.c b/android/hidhost.c
index 07985d8..d57b24b 100644
--- a/android/hidhost.c
+++ b/android/hidhost.c
@@ -579,6 +579,7 @@ static void control_connect_cb(GIOChannel *chan, GError *conn_err,
{
struct hid_device *dev = user_data;
GError *err = NULL;
+ int sec_level;
DBG("");
@@ -589,12 +590,15 @@ static void control_connect_cb(GIOChannel *chan, GError *conn_err,
goto failed;
}
+ /* Encryption is mandatory for keyboards */
+ sec_level = (dev->subclass & 0x40) ? BT_IO_SEC_MEDIUM : BT_IO_SEC_LOW;
+
/* Connect to the HID interrupt channel */
dev->intr_io = bt_io_connect(interrupt_connect_cb, dev, NULL, &err,
BT_IO_OPT_SOURCE_BDADDR, &adapter_addr,
BT_IO_OPT_DEST_BDADDR, &dev->dst,
BT_IO_OPT_PSM, L2CAP_PSM_HIDP_INTR,
- BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_LOW,
+ BT_IO_OPT_SEC_LEVEL, sec_level,
BT_IO_OPT_INVALID);
if (!dev->intr_io) {
error("hidhost: Failed to connect interrupt channel (%s)",
@@ -618,6 +622,7 @@ static void hid_sdp_search_cb(sdp_list_t *recs, int err, gpointer data)
struct hid_device *dev = data;
sdp_list_t *list;
GError *gerr = NULL;
+ int sec_level = BT_IO_SEC_LOW;
DBG("");
@@ -640,9 +645,14 @@ static void hid_sdp_search_cb(sdp_list_t *recs, int err, gpointer data)
dev->country = data->val.uint8;
data = sdp_data_get(rec, SDP_ATTR_HID_DEVICE_SUBCLASS);
- if (data)
+ if (data) {
dev->subclass = data->val.uint8;
+ /* Encryption is mandatory for keyboards */
+ if (dev->subclass & 0x40)
+ sec_level = BT_IO_SEC_MEDIUM;
+ }
+
data = sdp_data_get(rec, SDP_ATTR_HID_BOOT_DEVICE);
if (data)
dev->boot_dev = data->val.uint8;
@@ -673,6 +683,17 @@ static void hid_sdp_search_cb(sdp_list_t *recs, int err, gpointer data)
}
if (dev->ctrl_io) {
+ /* Encryption is mandatory for keyboards */
+ if ((dev->subclass & 0x40) && !bt_io_set(dev->ctrl_io, &gerr,
+ BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_MEDIUM,
+ BT_IO_OPT_INVALID)) {
+ error("hidhost: Cannot rise security level: %s",
+ gerr->message);
+ g_error_free(gerr);
+
+ goto fail;
+ }
+
if (uhid_create(dev) < 0)
goto fail;
return;
@@ -682,7 +703,7 @@ static void hid_sdp_search_cb(sdp_list_t *recs, int err, gpointer data)
BT_IO_OPT_SOURCE_BDADDR, &adapter_addr,
BT_IO_OPT_DEST_BDADDR, &dev->dst,
BT_IO_OPT_PSM, L2CAP_PSM_HIDP_CTRL,
- BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_LOW,
+ BT_IO_OPT_SEC_LEVEL, sec_level,
BT_IO_OPT_INVALID);
if (gerr) {
error("hidhost: Failed to connect control channel (%s)",
--
1.9.1
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
