summaryrefslogtreecommitdiff
path: root/net/bluetooth
diff options
context:
space:
mode:
authorJohan Hedberg <johan.hedberg@intel.com>2014-09-18 12:26:32 +0400
committerMarcel Holtmann <marcel@holtmann.org>2014-09-18 19:39:37 +0400
commit5eb596f55cacc2389554a8d7572d90d5e9d4269d (patch)
treebf28b3dda0666f703a7db043049f90aa96879c3c /net/bluetooth
parent0097db06f5ab2df1756bc4cbf4395593024d87a1 (diff)
downloadlinux-5eb596f55cacc2389554a8d7572d90d5e9d4269d.tar.xz
Bluetooth: Fix setting correct security level when initiating SMP
We can only determine the final security level when both pairing request and response have been exchanged. When initiating pairing the starting target security level is set to MEDIUM unless explicitly specified to be HIGH, so that we can still perform pairing even if the remote doesn't have MITM capabilities. However, once we've received the pairing response we should re-consult the remote and local IO capabilities and upgrade the target security level if necessary. Without this patch the resulting Long Term Key will occasionally be reported to be unauthenticated when it in reality is an authenticated one. Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Cc: stable@vger.kernel.org
Diffstat (limited to 'net/bluetooth')
-rw-r--r--net/bluetooth/smp.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 51fc7db2d84e..f09b6b65cf6b 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -494,8 +494,11 @@ static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
}
/* Not Just Works/Confirm results in MITM Authentication */
- if (method != JUST_CFM)
+ if (method != JUST_CFM) {
set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
+ if (hcon->pending_sec_level < BT_SECURITY_HIGH)
+ hcon->pending_sec_level = BT_SECURITY_HIGH;
+ }
/* If both devices have Keyoard-Display I/O, the master
* Confirms and the slave Enters the passkey.