lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <07D55B75-02FB-4BCB-8918-CB5D0E15C2CE@holtmann.org>
Date:   Thu, 12 Mar 2020 08:23:39 +0100
From:   Marcel Holtmann <marcel@...tmann.org>
To:     Howard Chung <howardchung@...gle.com>
Cc:     Bluez mailing list <linux-bluetooth@...r.kernel.org>,
        chromeos-bluetooth-upstreaming@...omium.org,
        "David S. Miller" <davem@...emloft.net>,
        Johan Hedberg <johan.hedberg@...il.com>,
        netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
        Jakub Kicinski <kuba@...nel.org>
Subject: Re: [Bluez PATCH v2] Bluetooth: L2CAP: handle l2cap config request
 during open state

Hi Howard,

> According to Core Spec Version 5.2 | Vol 3, Part A 6.1.5,
> the incoming L2CAP_ConfigReq should be handled during
> OPEN state.
> 
> The section below shows the btmon trace when running
> L2CAP/COS/CFD/BV-12-C before and after this change.
> 
> === Before ===
> ...
>> ACL Data RX: Handle 256 flags 0x02 dlen 12                #22
>      L2CAP: Connection Request (0x02) ident 2 len 4
>        PSM: 1 (0x0001)
>        Source CID: 65
> < ACL Data TX: Handle 256 flags 0x00 dlen 16                #23
>      L2CAP: Connection Response (0x03) ident 2 len 8
>        Destination CID: 64
>        Source CID: 65
>        Result: Connection successful (0x0000)
>        Status: No further information available (0x0000)
> < ACL Data TX: Handle 256 flags 0x00 dlen 12                #24
>      L2CAP: Configure Request (0x04) ident 2 len 4
>        Destination CID: 65
>        Flags: 0x0000
>> HCI Event: Number of Completed Packets (0x13) plen 5      #25
>        Num handles: 1
>        Handle: 256
>        Count: 1
>> HCI Event: Number of Completed Packets (0x13) plen 5      #26
>        Num handles: 1
>        Handle: 256
>        Count: 1
>> ACL Data RX: Handle 256 flags 0x02 dlen 16                #27
>      L2CAP: Configure Request (0x04) ident 3 len 8
>        Destination CID: 64
>        Flags: 0x0000
>        Option: Unknown (0x10) [hint]
>        01 00                                            ..
> < ACL Data TX: Handle 256 flags 0x00 dlen 18                #28
>      L2CAP: Configure Response (0x05) ident 3 len 10
>        Source CID: 65
>        Flags: 0x0000
>        Result: Success (0x0000)
>        Option: Maximum Transmission Unit (0x01) [mandatory]
>          MTU: 672
>> HCI Event: Number of Completed Packets (0x13) plen 5      #29
>        Num handles: 1
>        Handle: 256
>        Count: 1
>> ACL Data RX: Handle 256 flags 0x02 dlen 14                #30
>      L2CAP: Configure Response (0x05) ident 2 len 6
>        Source CID: 64
>        Flags: 0x0000
>        Result: Success (0x0000)
>> ACL Data RX: Handle 256 flags 0x02 dlen 20                #31
>      L2CAP: Configure Request (0x04) ident 3 len 12
>        Destination CID: 64
>        Flags: 0x0000
>        Option: Unknown (0x10) [hint]
>        01 00 91 02 11 11                                ......
> < ACL Data TX: Handle 256 flags 0x00 dlen 14                #32
>      L2CAP: Command Reject (0x01) ident 3 len 6
>        Reason: Invalid CID in request (0x0002)
>        Destination CID: 64
>        Source CID: 65
>> HCI Event: Number of Completed Packets (0x13) plen 5      #33
>        Num handles: 1
>        Handle: 256
>        Count: 1
> ...
> === After ===
> ...
>> ACL Data RX: Handle 256 flags 0x02 dlen 12               #22
>      L2CAP: Connection Request (0x02) ident 2 len 4
>        PSM: 1 (0x0001)
>        Source CID: 65
> < ACL Data TX: Handle 256 flags 0x00 dlen 16               #23
>      L2CAP: Connection Response (0x03) ident 2 len 8
>        Destination CID: 64
>        Source CID: 65
>        Result: Connection successful (0x0000)
>        Status: No further information available (0x0000)
> < ACL Data TX: Handle 256 flags 0x00 dlen 12               #24
>      L2CAP: Configure Request (0x04) ident 2 len 4
>        Destination CID: 65
>        Flags: 0x0000
>> HCI Event: Number of Completed Packets (0x13) plen 5     #25
>        Num handles: 1
>        Handle: 256
>        Count: 1
>> HCI Event: Number of Completed Packets (0x13) plen 5     #26
>        Num handles: 1
>        Handle: 256
>        Count: 1
>> ACL Data RX: Handle 256 flags 0x02 dlen 16               #27
>      L2CAP: Configure Request (0x04) ident 3 len 8
>        Destination CID: 64
>        Flags: 0x0000
>        Option: Unknown (0x10) [hint]
>        01 00                                            ..
> < ACL Data TX: Handle 256 flags 0x00 dlen 18               #28
>      L2CAP: Configure Response (0x05) ident 3 len 10
>        Source CID: 65
>        Flags: 0x0000
>        Result: Success (0x0000)
>        Option: Maximum Transmission Unit (0x01) [mandatory]
>          MTU: 672
>> HCI Event: Number of Completed Packets (0x13) plen 5     #29
>        Num handles: 1
>        Handle: 256
>        Count: 1
>> ACL Data RX: Handle 256 flags 0x02 dlen 14               #30
>      L2CAP: Configure Response (0x05) ident 2 len 6
>        Source CID: 64
>        Flags: 0x0000
>        Result: Success (0x0000)
>> ACL Data RX: Handle 256 flags 0x02 dlen 20               #31
>      L2CAP: Configure Request (0x04) ident 3 len 12
>        Destination CID: 64
>        Flags: 0x0000
>        Option: Unknown (0x10) [hint]
>        01 00 91 02 11 11                                .....
> < ACL Data TX: Handle 256 flags 0x00 dlen 18               #32
>      L2CAP: Configure Response (0x05) ident 3 len 10
>        Source CID: 65
>        Flags: 0x0000
>        Result: Success (0x0000)
>        Option: Maximum Transmission Unit (0x01) [mandatory]
>          MTU: 672
> < ACL Data TX: Handle 256 flags 0x00 dlen 12               #33
>      L2CAP: Configure Request (0x04) ident 3 len 4
>        Destination CID: 65
>        Flags: 0x0000
>> HCI Event: Number of Completed Packets (0x13) plen 5     #34
>        Num handles: 1
>        Handle: 256
>        Count: 1
>> HCI Event: Number of Completed Packets (0x13) plen 5     #35
>        Num handles: 1
>        Handle: 256
>        Count: 1
> ...
> 
> Signed-off-by: Howard Chung <howardchung@...gle.com>
> 
> ---
> 
> Changes in v2:
> - Updated commit messages
> 
> net/bluetooth/l2cap_core.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)

patch has been applied to bluetooth-next tree.

Regards

Marcel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ