Received: by 2002:a25:f815:0:0:0:0:0 with SMTP id u21csp3633282ybd;
        Tue, 25 Jun 2019 06:04:29 -0700 (PDT)
X-Google-Smtp-Source: APXvYqw6NCc0meUsl76IqroBDFx8Qttpap0wz33FcC5/UgWhnuQiJ3yiCpwGuyvWIJqdpFpOp+UK
X-Received: by 2002:a17:902:8649:: with SMTP id y9mr76387065plt.289.1561467869428;
        Tue, 25 Jun 2019 06:04:29 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1561467869; cv=none;
        d=google.com; s=arc-20160816;
        b=Cey590i898Nv84RVkw2wB0GbqjKYg5QsqWTVtmgkQ5TvajEL8Sb/Dut44pNuAMkrYD
         MydRibZxRRipeN3TVS3R0322erp/UnMc2XwloyGyl/DNTHaoSz0c1gZP5G7zgZpn3TuC
         m7HTvUdWm9aiQwkhWvntcHaorWl3Om3Bz6z2ggcfERR2AMQuipSSxypM0DQNALmz+pZ+
         fWXOSae+NYx7vWd2CWa3cX5xsLpSrMkiW1m8l8pqxfx5I7EboMlj1skm1CoXurhQ8+Dv
         vVtcvTfCWYwcO77zxBWYb5xhDZAfqKks0r5tzUmZEwGiceo0DhLi5UcR/J6HMYYyc5Rn
         dUFw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from:dkim-signature;
        bh=c/PpAKWApr2iPqAv22nVepO/MPcRLHhRovvaZUJ0fQo=;
        b=i00v46NtI81zlrgS3Y5ZSp3mnViQ9VZ/P3q74dMTMBZH4JEzjr+s0iOPRT5CsBwXUh
         hSE/efEZPicYBemGC8gzmiwhJ2DeOvCYyrErHTl0BpdTS4L3PtmeaP5L7xXHkwfhYeqb
         fAdKGzQLQXLiVSr+EUCDGllJlcV7M4p1uEeb7TENWnc0+COtBHdlOjFvGtlw0UZnVqcH
         Fu+1qJB52W7n/tLw5ztDzFdu1MIWRFGak67wsXfp/p2S5J+LmisRaPJBy/7xbjH7tC0a
         az2vEgn3LZh1dAMsRFmHmrTtsHKqXN97x1iJkLXo2281TGgNX2U414gVmeRxMoN0EPLV
         mhWQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@silvair-com.20150623.gappssmtp.com header.s=20150623 header.b=Z9TP+jrA;
       spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org
Return-Path: <linux-bluetooth-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id x22si13948112pfm.79.2019.06.25.06.04.00;
        Tue, 25 Jun 2019 06:04:29 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@silvair-com.20150623.gappssmtp.com header.s=20150623 header.b=Z9TP+jrA;
       spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727964AbfFYLZi (ORCPT <rfc822;cars6155@gmail.com> + 99 others);
        Tue, 25 Jun 2019 07:25:38 -0400
Received: from mail-lf1-f66.google.com ([209.85.167.66]:35064 "EHLO
        mail-lf1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727887AbfFYLZi (ORCPT
        <rfc822;linux-bluetooth@vger.kernel.org>);
        Tue, 25 Jun 2019 07:25:38 -0400
Received: by mail-lf1-f66.google.com with SMTP id a25so12367585lfg.2
        for <linux-bluetooth@vger.kernel.org>; Tue, 25 Jun 2019 04:25:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=silvair-com.20150623.gappssmtp.com; s=20150623;
        h=from:to:cc:subject:date:message-id:mime-version
         :content-transfer-encoding;
        bh=c/PpAKWApr2iPqAv22nVepO/MPcRLHhRovvaZUJ0fQo=;
        b=Z9TP+jrASdP3rw6+Cx7FjEq6HQqr4SbtlSSW6jFuz89486R6s+WfuipxLd57JSL1A1
         bgo6fFZ7Oci4aWa9Wg0TS0AJ2kdpma5f4RISq++FMLuvVtdJy8laEhLB1/8RkFtr6zIa
         jZks7voBbWSOR9KozTsQhz59dR3Tg1lvlQ5SFM3Zrratc8lORPPrGcJntHJTl6/g+xCR
         bz7y/gHePkLPyYwQpmETmIcliRNXxi8PMvDCH0b8/5iKfwsm+whk/2tHu+Yrz0dXThWy
         dQcIrdlkNaQuAQQBNs0JHalZZu1lyORggj/QPxycghl/6sJGw+S513xs13WqKyfjbXA1
         3o4g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
         :content-transfer-encoding;
        bh=c/PpAKWApr2iPqAv22nVepO/MPcRLHhRovvaZUJ0fQo=;
        b=SeEPGG6WlTQgVFTsbVAGeMccAcPnaiymO7Uy+kN3vmShbw/YrRnhU6fFKJPcnPqz0Y
         HHxfG72kNZ1msfCoaAjn3D5RFubyE4wyfiEp+e2eIaf3KWZK7Dn4jppogSr4n8CEpCHf
         2gtwkcOrXykd/JqFv4bqqu5iUZOgBe+uxgwSvx4CvexLcXBz4EYSWQQ5LtRSeBq5CEmI
         5mfMeV5btshPMqobZDMAs82uAygsmmcRLcEyZf4/r3gnhroq6arcQBUJeXAOB4VMgGge
         QSbczBFAfvc8bEctTlS/2MdgnCGiDb75sFzW4fzhKGi4T/mIdO2eDcg78CTt3UKZd2JS
         Fd8g==
X-Gm-Message-State: APjAAAWZj27f0rxxyHtJ7IF8FQh6mmaezi2OpFNPSx51rzMVehk5mfrM
        9BDQX5+x1xhpkFNChSvGOIo/8+eyl2Y=
X-Received: by 2002:ac2:5981:: with SMTP id w1mr13712250lfn.48.1561461936351;
        Tue, 25 Jun 2019 04:25:36 -0700 (PDT)
Received: from mlowasrzechonek2133.silvair.lan ([217.153.94.18])
        by smtp.gmail.com with ESMTPSA id i195sm1895799lfi.87.2019.06.25.04.25.35
        (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256);
        Tue, 25 Jun 2019 04:25:35 -0700 (PDT)
From:   =?UTF-8?q?Micha=C5=82=20Lowas-Rzechonek?= 
        <michal.lowas-rzechonek@silvair.com>
To:     linux-bluetooth@vger.kernel.org
Cc:     Brian Gix <brian.gix@intel.com>,
        Jakub Witowski <jakub.witowski@silvair.com>
Subject: [PATCH BlueZ] mesh: Honor IV Update flag in app layer crypto
Date:   Tue, 25 Jun 2019 13:25:30 +0200
Message-Id: <20190625112530.21870-1-michal.lowas-rzechonek@silvair.com>
X-Mailer: git-send-email 2.19.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-bluetooth-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-bluetooth.vger.kernel.org>
X-Mailing-List: linux-bluetooth@vger.kernel.org

Since IV Index is used in application nonces, we need to honor IV Update
flag not only in network layer crypto, but also in application layer.
Otherwise, we cannot decode application payloads from nodes that are in
IV Update state.
---
 mesh/net.c | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/mesh/net.c b/mesh/net.c
index a597b8794..1aa1c4cfa 100644
--- a/mesh/net.c
+++ b/mesh/net.c
@@ -2489,6 +2489,14 @@ static void net_rx(void *net_ptr, void *user_data)
 	size_t out_size;
 	uint32_t key_id;
 	int8_t rssi = 0;
+	uint32_t iv_index;
+	bool iv_flag = !!(net->iv_index & 1);
+	bool iv_pkt = !!(data->data[0] & 0x80);
+
+	if (iv_pkt == iv_flag)
+		iv_index = net->iv_index;
+	else
+		iv_index = net->iv_index - 1;
 
 	key_id = net_key_decrypt(net->iv_index, data->data, data->len,
 							&out, &out_size);
@@ -2504,16 +2512,10 @@ static void net_rx(void *net_ptr, void *user_data)
 		rssi = data->info->rssi;
 	}
 
-	relay_advice = packet_received(net, key_id, net->iv_index,
+	relay_advice = packet_received(net, key_id, iv_index,
 							out, out_size, rssi);
 	if (relay_advice > data->relay_advice) {
-		bool iv_flag = !!(net->iv_index & 1);
-		bool iv_pkt = !!(data->data[0] & 0x80);
-
-		data->iv_index = net->iv_index;
-		if (iv_pkt != iv_flag)
-			data->iv_index--;
-
+		data->iv_index = iv_index;
 		data->relay_advice = relay_advice;
 		data->key_id = key_id;
 		data->net = net;
-- 
2.19.1