| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 8 Dec 2020 05:27:23 +0800
From: kernel test robot <lkp@...el.com>
To: Mincheol Son <encrypted.def@...il.com>, marcel@...tmann.org
Cc: kbuild-all@...ts.01.org, johan.hedberg@...il.com,
davem@...emloft.net, kuba@...nel.org,
linux-bluetooth@...r.kernel.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org,
Mincheol Son <encrypted.def@...il.com>
Subject: Re: [PATCH] Bluetooth: smp: Fix biased random passkey generation
Hi Mincheol,
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on bluetooth-next/master]
[also build test WARNING on net-next/master net/master bluetooth/master sparc-next/master v5.10-rc7 next-20201207]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Mincheol-Son/Bluetooth-smp-Fix-biased-random-passkey-generation/20201208-015207
base: https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git master
config: parisc-randconfig-r035-20201207 (attached as .config)
compiler: hppa-linux-gcc (GCC) 9.3.0
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/0day-ci/linux/commit/80c9c180f997bc9d9e1df4426fc7957839caee56
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Mincheol-Son/Bluetooth-smp-Fix-biased-random-passkey-generation/20201208-015207
git checkout 80c9c180f997bc9d9e1df4426fc7957839caee56
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-9.3.0 make.cross ARCH=parisc
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>
All warnings (new ones prefixed by >>):
net/bluetooth/smp.c: In function 'tk_request':
>> net/bluetooth/smp.c:927:3: warning: this decimal constant is unsigned only in ISO C90
927 | } while (passkey >= (u32)4200000000);
| ^
vim +927 net/bluetooth/smp.c
849
850 static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
851 u8 local_io, u8 remote_io)
852 {
853 struct hci_conn *hcon = conn->hcon;
854 struct l2cap_chan *chan = conn->smp;
855 struct smp_chan *smp = chan->data;
856 u32 passkey = 0;
857 int ret;
858
859 /* Initialize key for JUST WORKS */
860 memset(smp->tk, 0, sizeof(smp->tk));
861 clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
862
863 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
864
865 /* If neither side wants MITM, either "just" confirm an incoming
866 * request or use just-works for outgoing ones. The JUST_CFM
867 * will be converted to JUST_WORKS if necessary later in this
868 * function. If either side has MITM look up the method from the
869 * table.
870 */
871 if (!(auth & SMP_AUTH_MITM))
872 smp->method = JUST_CFM;
873 else
874 smp->method = get_auth_method(smp, local_io, remote_io);
875
876 /* Don't confirm locally initiated pairing attempts */
877 if (smp->method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR,
878 &smp->flags))
879 smp->method = JUST_WORKS;
880
881 /* Don't bother user space with no IO capabilities */
882 if (smp->method == JUST_CFM &&
883 hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
884 smp->method = JUST_WORKS;
885
886 /* If Just Works, Continue with Zero TK and ask user-space for
887 * confirmation */
888 if (smp->method == JUST_WORKS) {
889 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
890 hcon->type,
891 hcon->dst_type,
892 passkey, 1);
893 if (ret)
894 return ret;
895 set_bit(SMP_FLAG_WAIT_USER, &smp->flags);
896 return 0;
897 }
898
899 /* If this function is used for SC -> legacy fallback we
900 * can only recover the just-works case.
901 */
902 if (test_bit(SMP_FLAG_SC, &smp->flags))
903 return -EINVAL;
904
905 /* Not Just Works/Confirm results in MITM Authentication */
906 if (smp->method != JUST_CFM) {
907 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
908 if (hcon->pending_sec_level < BT_SECURITY_HIGH)
909 hcon->pending_sec_level = BT_SECURITY_HIGH;
910 }
911
912 /* If both devices have Keyoard-Display I/O, the master
913 * Confirms and the slave Enters the passkey.
914 */
915 if (smp->method == OVERLAP) {
916 if (hcon->role == HCI_ROLE_MASTER)
917 smp->method = CFM_PASSKEY;
918 else
919 smp->method = REQ_PASSKEY;
920 }
921
922 /* Generate random passkey. */
923 if (smp->method == CFM_PASSKEY) {
924 memset(smp->tk, 0, sizeof(smp->tk));
925 do {
926 get_random_bytes(&passkey, sizeof(passkey));
> 927 } while (passkey >= (u32)4200000000);
928 passkey %= 1000000;
929 put_unaligned_le32(passkey, smp->tk);
930 BT_DBG("PassKey: %d", passkey);
931 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
932 }
933
934 if (smp->method == REQ_PASSKEY)
935 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
936 hcon->type, hcon->dst_type);
937 else if (smp->method == JUST_CFM)
938 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
939 hcon->type, hcon->dst_type,
940 passkey, 1);
941 else
942 ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst,
943 hcon->type, hcon->dst_type,
944 passkey, 0);
945
946 return ret;
947 }
948
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
Download attachment ".config.gz" of type "application/gzip" (26078 bytes)
Powered by blists - more mailing lists