Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp2247728ybb; Mon, 30 Mar 2020 02:28:17 -0700 (PDT) X-Google-Smtp-Source: ADFU+vtJKDPD6iwtz4XYtAPb8LDFbKV5/fZa0jTUv7FPzNdj4twJjpP4YBR3fHaivJkMvlXHrUTp X-Received: by 2002:aca:52d0:: with SMTP id g199mr6977348oib.59.1585560497610; Mon, 30 Mar 2020 02:28:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1585560497; cv=none; d=google.com; s=arc-20160816; b=KhzrIQSLlnn7JRd4NgmN7PCGinDl2xHaVgkQ495qkXEUJM4VVu2ngJelCha03eBXz5 AAfBfh9XtLo3Rbvp8pnExLMgwc4HIvdG1s7OxR8o6qIcSdNP/sWpDWF876MIsRsN3TgX CN7xDMsD+TfBG6PSUlglqqTzylgOqB1HGMNf9R7zhbzSbFt9GPVD9Ef4kZ9NzG0jKxQr l+RrmTgg4rF3/NNzeaZnkHucF6qrqgv79gnXA7pWUSd7kTlI0RVEP5h1UTYjFva3EfwS Rbaxrdhidtbmx5UyVdXETQ/DL9nMlcwy5w47qUoLcBjFxMHQ4PXzTrbDef1Sllw5WHDH mmhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:to:subject :message-id:date:from:mime-version:dkim-signature; bh=g+MPuHyk7KP37PjrXpiyFYSQ8eUGQQaksY9hqdrrflE=; b=dCeIEUKiG0Gj6uvA9NS2AUOVlrO7GvFEG8k8R0OXGIXayP/whwwb7inUpF63QFvjgA uRpfGkrbUdy8kIrkY9g9ypOg0jUCCPGB2zwifA38WSC4FBqE7G0Ds7r506GLpfF9Jnd/ XLrEKhGKtR0KTl5YiKLYTQYL/81OI3nzA8O+emNPkP41y7dJvFEU9XLRmK5nKLTFBZvh dbGXBkct4JMnnb9K4OKJ3bKbXSfSqSFswnM2NaMtgn06OcizdwI5dhYs/e+wGgTmdFna Rg206itj/qhITTdRnXu40bAiyaUBEVdtwh5HvIjReT4PMlv5LdRKE/TQe0qAlX83whn1 FTTQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@silvair-com.20150623.gappssmtp.com header.s=20150623 header.b=rtt1Fb3A; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k21si1133893oik.231.2020.03.30.02.28.05; Mon, 30 Mar 2020 02:28:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@silvair-com.20150623.gappssmtp.com header.s=20150623 header.b=rtt1Fb3A; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727376AbgC3J1Z (ORCPT + 99 others); Mon, 30 Mar 2020 05:27:25 -0400 Received: from mail-vs1-f46.google.com ([209.85.217.46]:41137 "EHLO mail-vs1-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728656AbgC3J1Y (ORCPT ); Mon, 30 Mar 2020 05:27:24 -0400 Received: by mail-vs1-f46.google.com with SMTP id a63so10526211vsa.8 for ; Mon, 30 Mar 2020 02:27:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=silvair-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to :content-transfer-encoding; bh=g+MPuHyk7KP37PjrXpiyFYSQ8eUGQQaksY9hqdrrflE=; b=rtt1Fb3AOPM+yzZ3sO0hOVb3tY2IZQW0hp8EfyidQSjOrbKNKuNTIqfw+bVptdNY7h StAI+ND0LjIuwbF6wa1srr7vN5obmio2LGg7YDlBi/nPrIhSy418KWvi/um2ZIRwRHf3 TgxVzaBclkcERRztnRCPd49qewwp4ond3mBu+TAHo5c+lRa9uak1bzjGd1XoBqEnxfiP gW591QeTnyF9hTXr+4XXQ3Kv2MKss7nK/F5FRyhB92WUeTf7JLBJFvuxCxgOUeBa+yq9 McaRDTA/mkxTTYkK05w8GNdO/t8fw7gF8zuXZQZqj1exZnymGu5+UySOVngCQG1qX16c N0PQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-transfer-encoding; bh=g+MPuHyk7KP37PjrXpiyFYSQ8eUGQQaksY9hqdrrflE=; b=MOaQQ80FllqzoYhqoKNGkYUjqL0bzKK+we1QoNlPpmIUjxFawocxTV/7I6qF6caK6o Ij1uXfGsPJLnMrAwO6Wk8w/HMcgByI700nx7pdjCXblZDy3XrjUw+bYw06I9HYD1mlQO gw6JfX8yrmAkdZ6shykIYjrSWD61pVf74sFrCIY+MkIMvCgbHqN3/z4il/M7rI6R0t6x cf+wMkQC2dbMcbQJfh/i/Lcd7lyTwUty9NJcSXvdw6VlYvb+U7g305oE6v34Y6AAXMzs kNa8poWpxPMi+KhFz+zVdX7QBho4UbhIrC6Lvy27iwWMf3znAaX7VMxYUyPGKXt3ZqZZ W4Tg== X-Gm-Message-State: AGi0PuaIyGACFCOru7gMyGmsDZMeA0lWJ/B0+UNYONstxOUwm1i19x8p zb24/qXb8ifOn8oeeSJq4X3spTlHQp5qK79cj1yRh8U1fnNbww== X-Received: by 2002:a67:f34b:: with SMTP id p11mr7226980vsm.14.1585560442393; Mon, 30 Mar 2020 02:27:22 -0700 (PDT) MIME-Version: 1.0 From: =?UTF-8?B?UmFmYcWCIEdhamRh?= Date: Mon, 30 Mar 2020 11:27:11 +0200 Message-ID: Subject: Incorrect IV update behavior To: linux-bluetooth@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org Hi, It looks like there is a bug in daemon IV update procedure handling. When node with iv=3Dn and ivu=3DFalse receives beacon it should: a. beacon with IV=3Dn+1, IVU=3DTrue - set own IVU=3DTrue, send with IV=3Dn, don't reset sequence b. beacon with IV=3Dn+1, IVU=3DFalse - set own IV=3Dn+1, send with IV=3Dn+1 and reset sequence Currently, when daemon receives beacon with IV=3Dn+1, IVU=3DFalse it will start sending messages with new IV and set sequence to 0. However if daemon receives another beacon with IV=3Dn+1, IVU=3DTrue it will go back to sending messages with old IV=3Dn (IVU will be set to True). Because sequence number has been reset those messages will be dropped by replay protection and node will lose communication. Once IV is updated daemon should not go back to using the old value. --=20 Rafa=C5=82 Gajda Silvair Sp. z o.o.