Re: [PATCH] Bluetooth: Always request for user confirmation for Just Works (LE SC)

Marcel Holtmann <marcel@xxxxxxxxxxxx> · Mon, 6 Apr 2020 14:04:36 +0200




Hi Sonny,

> To improve security, always give the user-space daemon a chance to
> accept or reject a Just Works pairing (LE). The daemon may decide to
> auto-accept based on the user's intent.
> 
> This patch is similar to the previous patch but applies for LE Secure
> Connections (SC).
> 
> Signed-off-by: Sonny Sasaka <sonnysasaka@xxxxxxxxxxxx>
> ---
> net/bluetooth/smp.c | 14 +++++++++++++-
> 1 file changed, 13 insertions(+), 1 deletion(-)
> 
> diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
> index d0b695ee49f6..daf03339dedd 100644
> --- a/net/bluetooth/smp.c
> +++ b/net/bluetooth/smp.c
> @@ -2202,7 +2202,7 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
> 	if (err)
> 		return SMP_UNSPECIFIED;
> 
> -	if (smp->method == JUST_WORKS || smp->method == REQ_OOB) {
> +	if (smp->method == REQ_OOB) {
> 		if (hcon->out) {
> 			sc_dhkey_check(smp);
> 			SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
> @@ -2210,6 +2210,18 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
> 		return 0;
> 	}
> 
> +	/* If Just Works, ask user-space for confirmation. */
> +	if (smp->method == JUST_WORKS) {
> +		err = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
> +				hcon->type, hcon->dst_type, passkey, 1);
> +		if (err)
> +			return SMP_UNSPECIFIED;
> +
> +		set_bit(SMP_FLAG_WAIT_USER, &smp->flags);
> +
> +		return 0;
> +	}
> +
> 	err = smp_g2(smp->tfm_cmac, pkax, pkbx, na, nb, &passkey);
> 	if (err)
> 		return SMP_UNSPECIFIED;

@@ -2202,7 +2204,7 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
        if (err)
                return SMP_UNSPECIFIED;
 
-       if (smp->method == JUST_WORKS || smp->method == REQ_OOB) {
+       if (smp->method == REQ_OOB) {
                if (hcon->out) {
                        sc_dhkey_check(smp);
                        SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
@@ -2214,7 +2216,10 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
        if (err)
                return SMP_UNSPECIFIED;
 
-       confirm_hint = 0;
+       if (smp->method == JUST_WORKS)
+               confirm_hint = 0;
+       else
+               confirm_hint = 1;
 
 confirm:
        err = mgmt_user_confirm_request(hcon->hdev, &hcon->dst, hcon->type,

Isn’t this what you are actually doing (minus the required comment of course)?

Regards

Marcel







