Received: by 2002:a25:86ce:0:0:0:0:0 with SMTP id y14csp132036ybm; Wed, 22 May 2019 00:06:15 -0700 (PDT) X-Google-Smtp-Source: APXvYqw8sjmV9MAlom3SOGgitCU/r1NaqRQ881ws0cWopuHyZFYscfDMd6RAr/dqPizbh+hUYrsc X-Received: by 2002:a17:902:f096:: with SMTP id go22mr89590949plb.49.1558508775738; Wed, 22 May 2019 00:06:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1558508775; cv=none; d=google.com; s=arc-20160816; b=jvHpGzN6d0P2YjxHGjsy4BPiw8Ya84x7A+fJSEEs1mzlxEIqt4Qt8LNLZg6bhbo+F0 J5jY/yr5UyrU6TL/LfLIJHKrpPNVgPz7KtmWRdRt8chFQ6zFm4mAP3i8DBhcAlCYHYA0 H56ZODEsVfe5xK20Le/DYsBLYo+ivOl3S1vBUQJKS7GRRPYNJQwS/G0unzmDOrzjkFA2 0glGe6fEGhTNPw81mlVGS1sokFdBA5u4s7WNVn/uqKbp8yhUYA3Kb6ecNYycb/huz8DD qkn3pKybbfjgMra1DLZbVVXEeWb2iPJOcTA6vxTphM70UItfXcxQX99rXS4sTwpGXbuy 1EGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:to:from; bh=bhr1UKv7R/gO1YaV3TmBoP9p/kmbUMoJ8cHyZtl8k28=; b=w9ogOL7vK56Mt5+BoaghWPrbeUKGm2wYYsL6fNPdzpTCJzHejfJVKkAa0LtHY+33Im nkSglxQ7FJF68TDbwv6jfMLi6gjiXOX5rQiBm9uFafoWaLxtAnSgTcxf4O/PW0xusH5w cndCV5Efpd4TvW0eIV4sqC5rNkBdH2vx+M8enGxdr5UlDX+HJ0fthiKlP3HN9NHKKsPP 58//mQCA2yvw3oz3/d5+7ygL/9UM7v9iZX7togaglXHfu31NnNwwhgjmGppGaRTQipa4 rLvQajQsmjJ9Cb21Css62Rq9Xqzso+A/JPaceywC46hWSJLcM1s8/rw7Jmkm+IhVRmsN KxGQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j5si9306910plk.229.2019.05.22.00.05.49; Wed, 22 May 2019 00:06:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726480AbfEVHFq (ORCPT + 99 others); Wed, 22 May 2019 03:05:46 -0400 Received: from coyote.holtmann.net ([212.227.132.17]:49582 "EHLO mail.holtmann.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725796AbfEVHFq (ORCPT ); Wed, 22 May 2019 03:05:46 -0400 Received: from localhost.localdomain (p5B3D2A37.dip0.t-ipconnect.de [91.61.42.55]) by mail.holtmann.org (Postfix) with ESMTPSA id 1D6ECCF183; Wed, 22 May 2019 09:14:04 +0200 (CEST) From: Marcel Holtmann To: anarsoul@gmail.com, linux-bluetooth@vger.kernel.org Subject: [RFC] Bluetooth: Check key sizes only when Secure Simple Pairing is enabled Date: Wed, 22 May 2019 09:05:40 +0200 Message-Id: <20190522070540.48895-1-marcel@holtmann.org> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org The encryption is only mandatory to be enforced when both sides are using Secure Simple Pairing and this means the key size check makes only sense in that case. On legacy Bluetooth 2.0 and earlier devices like mice the encryption was optional and thus causing an issue if the key size check is not bound to using Secure Simple Pairing. Fixes: d5bb334a8e17 ("Bluetooth: Align minimum encryption key size for LE and BR/EDR connections") Signed-off-by: Marcel Holtmann Cc: stable@vger.kernel.org --- net/bluetooth/hci_conn.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c index 3cf0764d5793..7516cdde3373 100644 --- a/net/bluetooth/hci_conn.c +++ b/net/bluetooth/hci_conn.c @@ -1272,8 +1272,13 @@ int hci_conn_check_link_mode(struct hci_conn *conn) return 0; } - if (hci_conn_ssp_enabled(conn) && - !test_bit(HCI_CONN_ENCRYPT, &conn->flags)) + /* If Secure Simple Pairing is not enabled, then legacy connection + * setup is used and no encryption or key sizes can be enforced. + */ + if (!hci_conn_ssp_enabled(conn)) + return 1; + + if (!test_bit(HCI_CONN_ENCRYPT, &conn->flags)) return 0; /* The minimum encryption key size needs to be enforced by the -- 2.20.1