Re: [PATCH] Bluetooth: HCI: Fix authentication failure error during pairing

Luiz Augusto von Dentz <luiz.dentz@xxxxxxxxx> · Tue, 30 Nov 2021 11:21:17 -0800

Hi Sathish,

On Tue, Nov 30, 2021 at 7:23 AM Sathish Narasimman
<sathish.narasimman@xxxxxxxxx> wrote:
>
> When Experimental LL_Privacy enabled & Privacy is set to device mode the
> pairing of 2 linux devices fails with authentication failure error. This
> happens only on the 2nd attempt when we swap the advertiser/initiator
> role. This is because the init_addr is updated with dev->rpa which still
> holds the previous connection RPA. This patch fixes the issue when
> ll_privacy is enabled.

What does the previous RPA has to do with the 2nd connection? This
doesn't explain exactly what is the problem, does this means that
local_rpa is not used on the 2nd connection? And why would the
controller not set a local_rpa?

> Signed-off-by: Sathish Narasimman <sathish.narasimman@xxxxxxxxx>
> ---
>  net/bluetooth/hci_event.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
> index 9d8d2d9e5d1f..bd40d8cedc27 100644
> --- a/net/bluetooth/hci_event.c
> +++ b/net/bluetooth/hci_event.c
> @@ -5314,8 +5314,10 @@ static void le_conn_update_addr(struct hci_conn *conn, bdaddr_t *bdaddr,
>                         conn->init_addr_type = ADDR_LE_DEV_RANDOM;
>                         bacpy(&conn->init_addr, local_rpa);
>                 } else if (hci_dev_test_flag(conn->hdev, HCI_PRIVACY)) {
> -                       conn->init_addr_type = ADDR_LE_DEV_RANDOM;
> -                       bacpy(&conn->init_addr, &conn->hdev->rpa);
> +                       if (!use_ll_privacy(conn->hdev)) {
> +                               conn->init_addr_type = ADDR_LE_DEV_RANDOM;
> +                               bacpy(&conn->init_addr, &conn->hdev->rpa);
> +                       }

This can't be right, first it doesn't set any init address and second
I would expect the controller to always set a local_rpa when LL
Privacy is enabled. I suspect the controller is either getting
confused with the first pairing and then the swapping of the roles
with the removal of the devices or there is some else at play because
neither local_rpa or hdev->rpa seems to be set in the init_addr.

>                 } else {
>                         hci_copy_identity_address(conn->hdev, &conn->init_addr,
>                                                   &conn->init_addr_type);
> --
> 2.17.1
>

-- 
Luiz Augusto von Dentz