This is a note to let you know that I've just added the patch titled
Bluetooth: Fix setting correct authentication information for SMP STK
to the 3.15-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
bluetooth-fix-setting-correct-authentication-information-for-smp-stk.patch
and it can be found in the queue-3.15 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From fff3490f47810e2d34b91fb9e31103e923b11c2f Mon Sep 17 00:00:00 2001
From: Johan Hedberg <johan.hedberg@xxxxxxxxx>
Date: Tue, 10 Jun 2014 15:19:50 +0300
Subject: Bluetooth: Fix setting correct authentication information for SMP STK
From: Johan Hedberg <johan.hedberg@xxxxxxxxx>
commit fff3490f47810e2d34b91fb9e31103e923b11c2f upstream.
When we store the STK in slave role we should set the correct
authentication information for it. If the pairing is producing a HIGH
security level the STK is considered authenticated, and otherwise it's
considered unauthenticated. This patch fixes the value passed to the
hci_add_ltk() function when adding the STK on the slave side.
Signed-off-by: Johan Hedberg <johan.hedberg@xxxxxxxxx>
Tested-by: Marcin Kraglak <marcin.kraglak@xxxxxxxxx>
Signed-off-by: Marcel Holtmann <marcel@xxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/bluetooth/smp.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -533,7 +533,7 @@ static void random_work(struct work_stru
hci_le_start_enc(hcon, ediv, rand, stk);
hcon->enc_key_size = smp->enc_key_size;
} else {
- u8 stk[16];
+ u8 stk[16], auth;
__le64 rand = 0;
__le16 ediv = 0;
@@ -545,8 +545,13 @@ static void random_work(struct work_stru
memset(stk + smp->enc_key_size, 0,
SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
+ if (hcon->pending_sec_level == BT_SECURITY_HIGH)
+ auth = 1;
+ else
+ auth = 0;
+
hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
- HCI_SMP_STK_SLAVE, 0, stk, smp->enc_key_size,
+ HCI_SMP_STK_SLAVE, auth, stk, smp->enc_key_size,
ediv, rand);
}
Patches currently in stable-queue which might be from johan.hedberg@xxxxxxxxx are
queue-3.15/bluetooth-fix-locking-of-hdev-when-calling-into-smp-code.patch
queue-3.15/bluetooth-allow-change-security-level-on-att_cid-in-slave-role.patch
queue-3.15/bluetooth-refactor-discovery-stopping-into-its-own-function.patch
queue-3.15/bluetooth-reuse-hci_stop_discovery-function-when-cleaning-up-hci-state.patch
queue-3.15/bluetooth-fix-incorrectly-overriding-conn-src_type.patch
queue-3.15/bluetooth-fix-indicating-discovery-state-when-canceling-inquiry.patch
queue-3.15/bluetooth-fix-setting-correct-authentication-information-for-smp-stk.patch
queue-3.15/bluetooth-fix-ssp-acceptor-just-works-confirmation-without-mitm.patch
queue-3.15/bluetooth-fix-check-for-connection-encryption.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html