diff mbox series

Bluetooth: Always request for user confirmation for Just Works

Message ID CAOxioNnvHMgHyVxbt2Oj+FeHcOT8MdxYtuv_s0PPd_YzkvuxGg@mail.gmail.com
State New
Headers show
Series Bluetooth: Always request for user confirmation for Just Works | expand

Commit Message

Sonny Sasaka March 28, 2020, 12:09 a.m. UTC
To improve security, always give the user-space daemon a chance to
accept or reject a Just Works pairing (LE). The daemon may decide to
auto-accept based on the user's intent.

Signed-off-by: Sonny Sasaka <sonnysasaka@chromium.org>
---
 net/bluetooth/smp.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

  memset(smp->tk, 0, sizeof(smp->tk));
@@ -883,9 +884,16 @@ static int tk_request(struct l2cap_conn *conn, u8
remote_oob, u8 auth,
     hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
  smp->method = JUST_WORKS;

- /* If Just Works, Continue with Zero TK */
+ /* If Just Works, Continue with Zero TK and ask user-space for
+ * confirmation */
  if (smp->method == JUST_WORKS) {
- set_bit(SMP_FLAG_TK_VALID, &smp->flags);
+ err = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
+ hcon->type,
+ hcon->dst_type,
+ passkey, 1);
+ if (err)
+ return SMP_UNSPECIFIED;
+ set_bit(SMP_FLAG_WAIT_USER, &smp->flags);
  return 0;
  }
diff mbox series

Patch

diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 1476a91ce935..d0b695ee49f6 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -855,6 +855,7 @@  static int tk_request(struct l2cap_conn *conn, u8
remote_oob, u8 auth,
  struct smp_chan *smp = chan->data;
  u32 passkey = 0;
  int ret = 0;
+ int err;

  /* Initialize key for JUST WORKS */