Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp6847484ybl;
        Wed, 15 Jan 2020 11:09:37 -0800 (PST)
X-Google-Smtp-Source: APXvYqwGb/p6bxv2xSHui5oJ50MuJibabKEQQcThZR1L1BrMxAwBEYi0NVjDSUXgShiK7Q1K/aIg
X-Received: by 2002:aca:4b06:: with SMTP id y6mr1057909oia.81.1579115377029;
        Wed, 15 Jan 2020 11:09:37 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1579115377; cv=none;
        d=google.com; s=arc-20160816;
        b=ax7eOoCcLZviTx3QyF21Py8B6hPX+9yPi6Jdqz2hJtxNobYkL6mjYhRc0xjPKgeYEc
         PPJmRqAbA267I+2+HRdYUDI6xOIMhsczpdffLQeDXligFrWIPWYnpCuOmOpPNV/Ca8U8
         Aeay/fQoP6O/qJOqGUk7QA3GqGhQjJ5TNBOhDnMjEVvZMQj5WkTIDY/PoBm7vYoMKfWA
         Bp534tud6kFkt2nCPt0ea3SPdSM/UDS4/hWVZmkRAhPjsmWsWtpBHkejBvBHqKjSltZP
         1VSIcBWjqOpNsQ4Gk0SZB53RtZ894OErcyIwAJe+25vLEd+AKQIJZXf++PBD92j5ARh8
         wiOA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-transfer-encoding:content-disposition:mime-version
         :references:mail-followup-to:message-id:subject:cc:to:from:date
         :dkim-signature;
        bh=mpx/BfaMH53DrJbQQGbvjglxbmBASWfs+0RtN4pfmL8=;
        b=gUZaEhSjrOihxTQQVVoPQNYhz7uz8TWmNgZquuNytZrOY+6ROym7POG/AC38QXcEuD
         A84eVebip6CAyDR217f5nNcwLRSNPD9EHJWg+3f4zSA/gDtgAMl6JEhn1mLN3zgOg8S2
         gq8dXPFe5fCjMEWjxJFFbK4HviOG3WY2YiL48e5o4mMalZMpVVb5aSZLshVfVOT5iuzZ
         6B1Bv/qgZnwiqSXKuYpyEdnscYA/qRaGpvE/ySeHmB35f7ORlp22ts2Psb3mp4aNVFYf
         dXzDBqj0ylo00x76KGMbdRYEFnVsyNV5vN7IBHTYadMd7SsDsvZWtP4xZUukg4ZWaTHy
         ZYVg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@silvair-com.20150623.gappssmtp.com header.s=20150623 header.b=gbJy9oa7;
       spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org
Return-Path: <linux-bluetooth-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id f3si10320564oia.264.2020.01.15.11.09.10;
        Wed, 15 Jan 2020 11:09:37 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@silvair-com.20150623.gappssmtp.com header.s=20150623 header.b=gbJy9oa7;
       spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728949AbgAOTJJ (ORCPT <rfc822;ruprecht.th@gmail.com>
        + 99 others); Wed, 15 Jan 2020 14:09:09 -0500
Received: from mail-lf1-f67.google.com ([209.85.167.67]:36339 "EHLO
        mail-lf1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726362AbgAOTJJ (ORCPT
        <rfc822;linux-bluetooth@vger.kernel.org>);
        Wed, 15 Jan 2020 14:09:09 -0500
Received: by mail-lf1-f67.google.com with SMTP id n12so13586190lfe.3
        for <linux-bluetooth@vger.kernel.org>; Wed, 15 Jan 2020 11:09:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=silvair-com.20150623.gappssmtp.com; s=20150623;
        h=date:from:to:cc:subject:message-id:mail-followup-to:references
         :mime-version:content-disposition:content-transfer-encoding
         :in-reply-to:user-agent;
        bh=mpx/BfaMH53DrJbQQGbvjglxbmBASWfs+0RtN4pfmL8=;
        b=gbJy9oa7yCGe4ttyco0IMgS52VL164H9GJEH1xDRH1Tvz5fTn+BatPlFCOAVeovKm+
         IRMdpf3Kt0VIk/WVnfpNZgJGWGfr8JM7bvS/wAuniHaMZDJOXPJRKTqUGmdBnCzIcq5I
         3N24fxhYmih63Q+mB/1iJ46TXD7YTJkC+Sh8GMPXnO4c3FjXWC4Om755bOVXVqSSgPHN
         pTQ0pIfZ5pBEX74lVUH8BjT87kFsX5vYfa6LYRlh7JRqZmEC+Avb/giNOMAnMmzPIDNV
         q/cn3b4lSo9GVSTxK00ghSZYNVRqMse46QdTzc1pwN472sfyk0xdv12HIuN7uCoCMy93
         TKeg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id
         :mail-followup-to:references:mime-version:content-disposition
         :content-transfer-encoding:in-reply-to:user-agent;
        bh=mpx/BfaMH53DrJbQQGbvjglxbmBASWfs+0RtN4pfmL8=;
        b=WCLkMo0fn97NGWZMR9M5b97ZAnLx3p8sKkcttOKQUhfu7NhZQaFoDOVY1RFuxOEt6r
         lL0ZGh3MJ9M0xloeEw3j/KxHyTOUc9TJrbt3yFfyi2FsaXzIoA89meio1pJIhAhYIrXF
         JdG32wjIUMjk7QuWk28F9om1WJiZHpZCrh6gk3SATKl+NZpEmWv5eq4U4sO0zAK5qZ4C
         OkObYA9shYyiX8A3MBntiJBqh3pJ9qnp4ABDwhe2MZBPXNuXwIssKOO9vI9aKMO2w+dO
         LyUYRPriaCepCONtvdTRB8O99DjPuO0ZfjW3l5u8ofvC1yVF+guHW24wul5TGsAsIA4m
         jTkg==
X-Gm-Message-State: APjAAAUVybZTpY2M15xdYmNQfVNf0TZzVhkEgKQRcUU0+laAKIxJU4nL
        YSYwxaUpMr6H33oXpcxXRGn+dYt4S30=
X-Received: by 2002:a19:f519:: with SMTP id j25mr219218lfb.41.1579115347539;
        Wed, 15 Jan 2020 11:09:07 -0800 (PST)
Received: from kynes (apn-5-60-0-97.dynamic.gprs.plus.pl. [5.60.0.97])
        by smtp.gmail.com with ESMTPSA id y8sm9616715lji.56.2020.01.15.11.09.05
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 15 Jan 2020 11:09:06 -0800 (PST)
Date:   Wed, 15 Jan 2020 20:09:04 +0100
From:   "michal.lowas-rzechonek@silvair.com" 
        <michal.lowas-rzechonek@silvair.com>
To:     "Gix, Brian" <brian.gix@intel.com>
Cc:     "jakub.witowski@silvair.com" <jakub.witowski@silvair.com>,
        "linux-bluetooth@vger.kernel.org" <linux-bluetooth@vger.kernel.org>,
        "istotlan@ingas-xps13.amr.corp.intel.com" 
        <istotlan@ingas-xps13.amr.corp.intel.com>
Subject: Re: [PATCH 0/1] Sequence number out of range fix
Message-ID: <20200115190904.qcusabsj3ti7sid4@kynes>
Mail-Followup-To: "Gix, Brian" <brian.gix@intel.com>,
        "jakub.witowski@silvair.com" <jakub.witowski@silvair.com>,
        "linux-bluetooth@vger.kernel.org" <linux-bluetooth@vger.kernel.org>,
        "istotlan@ingas-xps13.amr.corp.intel.com" <istotlan@ingas-xps13.amr.corp.intel.com>
References: <20200115170830.7479-1-jakub.witowski@silvair.com>
 <4da92cbf6134822629bd2204fb7161c04008780e.camel@intel.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <4da92cbf6134822629bd2204fb7161c04008780e.camel@intel.com>
User-Agent: NeoMutt/20180716
Sender: linux-bluetooth-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-bluetooth.vger.kernel.org>
X-Mailing-List: linux-bluetooth@vger.kernel.org

Brian, Jakub,

On 01/15, Gix, Brian wrote:
> This is a very dangerous course of action.  The suggested patch might
> potentially cause a node to re-use a sequence number more than once,
> which would cause a "dirty nonce" condition, and allow unauthorized
> entities to derive the encrypted data without the keys.

Good point. Note that his is also possible in the current
implementation: since seq_num is applied to nonce with a 24bit mask,
it's going to wrap around.

> While this is technically possible, especially with a daemon that
> might be looping back messages internally without ever using the OTA
> interface, it is not really possible in an actual BT driven real life
> system.

There is another option to exhaust the 24 bit range: we have the
overcommit mechanism in the storage. Let's say the daemon starts, sends
a few messages (and overcommits the sequence by a certain value), then
either the daemon, or the system crashes.

Do that a few times, and you end up with storage containing sequence
number exceeding 24 bits.

> Beacuse we store sequence numbers internally with a u32 sized data
> type, we should *let* the value go over the max legal sequence
> nunmbver of 0xFFFFFF (perhaps capping it at 0x01000000 to prevent
> "super overflows").  Then we *reject* all send requests with a
> sequence number > 0xFFFFFF.

Sounds good.

-- 
Michał Lowas-Rzechonek <michal.lowas-rzechonek@silvair.com>
Silvair http://silvair.com
Jasnogórska 44, 31-358 Krakow, POLAND