lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 3 Mar 2021 22:10:02 +0100
From:   Marcel Holtmann <marcel@...tmann.org>
To:     Daniel Winkler <danielwinkler@...gle.com>
Cc:     Bluetooth Kernel Mailing List <linux-bluetooth@...r.kernel.org>,
        CrosBT Upstreaming <chromeos-bluetooth-upstreaming@...omium.org>,
        Alain Michaud <alainm@...omium.org>,
        Sonny Sasaka <sonnysasaka@...omium.org>,
        Miao-chen Chou <mcchou@...omium.org>,
        "David S. Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>,
        Johan Hedberg <johan.hedberg@...il.com>,
        Luiz Augusto von Dentz <luiz.dentz@...il.com>,
        LKML <linux-kernel@...r.kernel.org>, netdev@...r.kernel.org
Subject: Re: [PATCH] Bluetooth: Allow scannable adv with extended MGMT APIs

Hi Daniel,

> An issue was found, where if a bluetooth client requests a broadcast
> advertisement with scan response data, it will not be properly
> registered with the controller. This is because at the time that the
> hci_cp_le_set_scan_param structure is created, the scan response will
> not yet have been received since it comes in a second MGMT call. With
> empty scan response, the request defaults to a non-scannable PDU type.
> On some controllers, the subsequent scan response request will fail due
> to incorrect PDU type, and others will succeed and not use the scan
> response.
> 
> This fix allows the advertising parameters MGMT call to include a flag
> to let the kernel know whether a scan response will be coming, so that
> the correct PDU type is used in the first place. A bluetoothd change is
> also incoming to take advantage of it.
> 
> To test this, I created a broadcast advertisement with scan response
> data and registered it on the hatch chromebook. Without this change, the
> request fails, and with it will succeed.
> 
> Reviewed-by: Alain Michaud <alainm@...omium.org>
> Reviewed-by: Sonny Sasaka <sonnysasaka@...omium.org>
> Reviewed-by: Miao-chen Chou <mcchou@...omium.org>
> Signed-off-by: Daniel Winkler <danielwinkler@...gle.com>
> ---
> 
> include/net/bluetooth/mgmt.h | 1 +
> net/bluetooth/hci_request.c  | 3 ++-
> net/bluetooth/mgmt.c         | 1 +
> 3 files changed, 4 insertions(+), 1 deletion(-)

patch has been applied to bluetooth-next tree.

Regards

Marcel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ