From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Johan Hedberg , Marcin Kraglak , Marcel Holtmann Subject: [PATCH 3.15 059/122] Bluetooth: Fix setting correct authentication information for SMP STK Date: Mon, 7 Jul 2014 16:57:01 -0700 Message-Id: <20140707235736.041789995@linuxfoundation.org> In-Reply-To: <20140707235734.234226883@linuxfoundation.org> References: <20140707235734.234226883@linuxfoundation.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: 3.15-stable review patch. If anyone has any objections, please let me know. ------------------ From: Johan Hedberg commit fff3490f47810e2d34b91fb9e31103e923b11c2f upstream. When we store the STK in slave role we should set the correct authentication information for it. If the pairing is producing a HIGH security level the STK is considered authenticated, and otherwise it's considered unauthenticated. This patch fixes the value passed to the hci_add_ltk() function when adding the STK on the slave side. Signed-off-by: Johan Hedberg Tested-by: Marcin Kraglak Signed-off-by: Marcel Holtmann Signed-off-by: Greg Kroah-Hartman --- net/bluetooth/smp.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) --- a/net/bluetooth/smp.c +++ b/net/bluetooth/smp.c @@ -533,7 +533,7 @@ static void random_work(struct work_stru hci_le_start_enc(hcon, ediv, rand, stk); hcon->enc_key_size = smp->enc_key_size; } else { - u8 stk[16]; + u8 stk[16], auth; __le64 rand = 0; __le16 ediv = 0; @@ -545,8 +545,13 @@ static void random_work(struct work_stru memset(stk + smp->enc_key_size, 0, SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size); + if (hcon->pending_sec_level == BT_SECURITY_HIGH) + auth = 1; + else + auth = 0; + hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type, - HCI_SMP_STK_SLAVE, 0, stk, smp->enc_key_size, + HCI_SMP_STK_SLAVE, auth, stk, smp->enc_key_size, ediv, rand); }