lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Jul 2014 16:57:01 -0700 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-kernel@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, stable@...r.kernel.org, Johan Hedberg <johan.hedberg@...el.com>, Marcin Kraglak <marcin.kraglak@...to.com>, Marcel Holtmann <marcel@...tmann.org> Subject: [PATCH 3.15 059/122] Bluetooth: Fix setting correct authentication information for SMP STK 3.15-stable review patch. If anyone has any objections, please let me know. ------------------ From: Johan Hedberg <johan.hedberg@...el.com> commit fff3490f47810e2d34b91fb9e31103e923b11c2f upstream. When we store the STK in slave role we should set the correct authentication information for it. If the pairing is producing a HIGH security level the STK is considered authenticated, and otherwise it's considered unauthenticated. This patch fixes the value passed to the hci_add_ltk() function when adding the STK on the slave side. Signed-off-by: Johan Hedberg <johan.hedberg@...el.com> Tested-by: Marcin Kraglak <marcin.kraglak@...to.com> Signed-off-by: Marcel Holtmann <marcel@...tmann.org> Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org> --- net/bluetooth/smp.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) --- a/net/bluetooth/smp.c +++ b/net/bluetooth/smp.c @@ -533,7 +533,7 @@ static void random_work(struct work_stru hci_le_start_enc(hcon, ediv, rand, stk); hcon->enc_key_size = smp->enc_key_size; } else { - u8 stk[16]; + u8 stk[16], auth; __le64 rand = 0; __le16 ediv = 0; @@ -545,8 +545,13 @@ static void random_work(struct work_stru memset(stk + smp->enc_key_size, 0, SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size); + if (hcon->pending_sec_level == BT_SECURITY_HIGH) + auth = 1; + else + auth = 0; + hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type, - HCI_SMP_STK_SLAVE, 0, stk, smp->enc_key_size, + HCI_SMP_STK_SLAVE, auth, stk, smp->enc_key_size, ediv, rand); } -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists