Hi,
Here are some modifications to the IV Update and Key Refresh procedures,
based on PTS tests:
- MESH/NODE/IVU/*
- MESH/NODE/KR/*
Best regards,
Isak
Isak Westin (4):
mesh: Ignore Secure Network Beacon from subnet
mesh: Ignore SNB with invalid IV Index values
mesh: Allow Key refresh to skip Phase 2
mesh: Allow Key Refresh Phase 0 to 3 transition
mesh/cfgmod-server.c | 4 ++++
mesh/net.c | 22 +++++++++++++++++++---
2 files changed, 23 insertions(+), 3 deletions(-)
--
2.20.1
If this node is a member of a primary subnet and receives a Secure Network
beacon on a secondary subnet with an IV Index greater than the last known
IV Index of the primary subnet, the Secure Network beacon shall be ignored.
See MshPRFv1.0.1 section 3.10.5.
---
mesh/net.c | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/mesh/net.c b/mesh/net.c
index 7fec98531..dc3d1fd80 100644
--- a/mesh/net.c
+++ b/mesh/net.c
@@ -2708,7 +2708,7 @@ static void process_beacon(void *net_ptr, void *user_data)
struct net_beacon_data *beacon_data = user_data;
uint32_t ivi;
bool ivu, kr, local_kr;
- struct mesh_subnet *subnet;
+ struct mesh_subnet *subnet, *primary_subnet;
ivi = beacon_data->ivi;
@@ -2723,6 +2723,17 @@ static void process_beacon(void *net_ptr, void *user_data)
if (!subnet)
return;
+ /*
+ * @MshPRFv1.0.1 section 3.10.5: IV Update procedure
+ * If this node is a member of a primary subnet and receives a Secure
+ * Network beacon on a secondary subnet with an IV Index greater than
+ * the last known IV Index of the primary subnet, the Secure Network
+ * beacon shall be ignored.
+ */
+ primary_subnet = get_primary_subnet(net);
+ if (primary_subnet && subnet != primary_subnet && ivi > net->iv_index)
+ return;
+
/* Get IVU and KR boolean bits from beacon */
ivu = beacon_data->ivu;
kr = beacon_data->kr;
--
2.20.1
If we are in IV update in progress state, and receive a Secure Network
beacon with an IV index equal to last known IV index + 1, and IV update
flag set to 1, it should be ignored. See MshPRFv1.0.1 section 3.10.5.
---
mesh/net.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/mesh/net.c b/mesh/net.c
index dc3d1fd80..c225fdb9a 100644
--- a/mesh/net.c
+++ b/mesh/net.c
@@ -2671,6 +2671,10 @@ static bool update_iv_ivu_state(struct mesh_net *net, uint32_t iv_index,
if (iv_index == net->iv_index)
return false;
+ /* Ignore beacon with invalid IV index value */
+ if (net->iv_update && iv_index == net->iv_index + 1)
+ return false;
+
if (!net->iv_update) {
l_debug("iv_upd_state = IV_UPD_UPDATING");
net->iv_upd_state = IV_UPD_UPDATING;
--
2.20.1
If we are in Key Refresh Phase 1, and receive a Secure Network beacon
using the new NetKey and with KR flag set to 0, Phase 2 should be
skipped. See MshPRFv1.0.1 section 3.10.4.1.
---
mesh/net.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/mesh/net.c b/mesh/net.c
index c225fdb9a..379a6e250 100644
--- a/mesh/net.c
+++ b/mesh/net.c
@@ -2613,7 +2613,8 @@ static bool update_kr_state(struct mesh_subnet *subnet, bool kr, uint32_t id)
{
/* Figure out the key refresh phase */
if (kr) {
- if (id == subnet->net_key_upd) {
+ if (subnet->kr_phase == KEY_REFRESH_PHASE_ONE &&
+ id == subnet->net_key_upd) {
l_debug("Beacon based KR phase 2 change");
return (key_refresh_phase_two(subnet->net, subnet->idx)
== MESH_STATUS_SUCCESS);
@@ -2754,7 +2755,7 @@ static void process_beacon(void *net_ptr, void *user_data)
ivu != net->iv_update)
updated |= update_iv_ivu_state(net, ivi, ivu);
- if (kr != local_kr)
+ if (kr != local_kr || beacon_data->net_key_id != subnet->net_key_cur)
updated |= update_kr_state(subnet, kr, beacon_data->net_key_id);
if (updated)
--
2.20.1
Transition to Phase 3 from Phase 0 does not cause any state change, but
is a valid transition. See MshPRFv1.0.1 section 4.2.14.
---
mesh/cfgmod-server.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/mesh/cfgmod-server.c b/mesh/cfgmod-server.c
index 7044b670d..be90ef8c5 100644
--- a/mesh/cfgmod-server.c
+++ b/mesh/cfgmod-server.c
@@ -436,6 +436,10 @@ static uint16_t cfg_key_refresh_phase(struct mesh_node *node,
return 0;
}
+ if (pkt[2] == KEY_REFRESH_TRANS_THREE &&
+ phase == KEY_REFRESH_PHASE_NONE)
+ goto done;
+
status = mesh_net_key_refresh_phase_set(net, idx, pkt[2]);
l_debug("Set KR Phase: net=%3.3x transition=%d", idx, pkt[2]);
--
2.20.1
This is automated email and please do not reply to this email!
Dear submitter,
Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=681871
---Test result---
Test Summary:
CheckPatch PASS 2.64 seconds
GitLint PASS 1.80 seconds
Prep - Setup ELL PASS 31.47 seconds
Build - Prep PASS 0.79 seconds
Build - Configure PASS 9.77 seconds
Build - Make PASS 1043.24 seconds
Make Check PASS 12.14 seconds
Make Check w/Valgrind PASS 339.70 seconds
Make Distcheck PASS 276.83 seconds
Build w/ext ELL - Configure PASS 9.53 seconds
Build w/ext ELL - Make PASS 102.83 seconds
Incremental Build w/ patches PASS 483.15 seconds
Scan Build PASS 617.89 seconds
---
Regards,
Linux Bluetooth
Hello:
This series was applied to bluetooth/bluez.git (master)
by Brian Gix <[email protected]>:
On Thu, 29 Sep 2022 13:03:40 +0200 you wrote:
> Hi,
>
> Here are some modifications to the IV Update and Key Refresh procedures,
> based on PTS tests:
> - MESH/NODE/IVU/*
> - MESH/NODE/KR/*
>
> [...]
Here is the summary with links:
- [BlueZ,1/4] mesh: Ignore Secure Network Beacon from subnet
https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=926d16db8ae4
- [BlueZ,2/4] mesh: Ignore SNB with invalid IV Index values
https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=7d050890f01f
- [BlueZ,3/4] mesh: Allow Key refresh to skip Phase 2
https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=9d22d5424430
- [BlueZ,4/4] mesh: Allow Key Refresh Phase 0 to 3 transition
https://git.kernel.org/pub/scm/bluetooth/bluez.git/?id=291cff068009
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html