Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp1042859ybb; Fri, 3 Apr 2020 17:05:23 -0700 (PDT) X-Google-Smtp-Source: APiQypKqyr1OjivfSBQg+wLNjaDk93fZ9xKIp2nyv1rNBU3rS4mcxkwaAnP4kDED8syExJb9KF2w X-Received: by 2002:a9d:3f62:: with SMTP id m89mr8435421otc.20.1585958723837; Fri, 03 Apr 2020 17:05:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1585958723; cv=none; d=google.com; s=arc-20160816; b=KJyT2gaNQTSab3b49oLL11DIxKah4qj4LCyBYxAI5p71r3fO3DMf8vt/+tZFRybUev tqWQJDQGQfj8c3Dh7VAptEaXH4peH4lKMD1rpDoN/BmOluyl+oYlMoRPHUp0/hg9+U+C H9a7rkFCI02MJ6J0Ce9QJj6F2ulhNISFk+yiw0ZsmwGKFFOJ4c73YIdVZ1fdER43w+1W HoLWrNoqRoflIX44n3KrzUVRTUtK8j3m6LEf5WuZZwZoS+ddlHokpwO3rDQ9Fy64NeJe 3kWo9755x9YAAeBwZ1bjPzoyOO7+JVgGjgCYy9yoKwA5z9PD8LDjmU6LxP2k3h4n0jwp R8fA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :dkim-signature; bh=gx2Zz31qQKSdLwjcNZC1UDAz/ogOFa1LRseoq/TcLn8=; b=0RsGi+E8CsBblL1rPaXusqySGynEZHZgjeg0S1g33FmNWFErOYt7TaFyXFJ3zYQOko FjWDupuvca3yZExFKNDOD+CizLxBjN9P3xOdCJTWbopInTUNe69ItjArKKvmTBc2a+WN DeoRqplb8k0KT37JDEtFA8adjuPI+X3pzjvJzpNP/ftI2sGGBQaBUCxBs9vHW7lHueIv Z+EjeMFSwaemyNvqQ/eFnlmsV+G1OViCy/HwWth7k2tG2Mmky16L0ndqYOKKdjrprlS8 9gcupRQZ/fpFZSOxfWZJBNXgG825T5xkY8qjmVELm/XKluGA5sOfQQrnBQr88DDrE5DV /e2A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=J1U7N2O0; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v61si4506346otb.20.2020.04.03.17.04.59; Fri, 03 Apr 2020 17:05:23 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=J1U7N2O0; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726028AbgDDAE5 (ORCPT + 99 others); Fri, 3 Apr 2020 20:04:57 -0400 Received: from mail-pg1-f195.google.com ([209.85.215.195]:45514 "EHLO mail-pg1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725980AbgDDAE5 (ORCPT ); Fri, 3 Apr 2020 20:04:57 -0400 Received: by mail-pg1-f195.google.com with SMTP id o26so4367138pgc.12 for ; Fri, 03 Apr 2020 17:04:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id; bh=gx2Zz31qQKSdLwjcNZC1UDAz/ogOFa1LRseoq/TcLn8=; b=J1U7N2O0pKRUdrpiwlpEXGv6/1RINjYsFP3YaJ0ecuz2pKUbFsx3hMlxIBEVwQtVc0 PRhumJ02bKlN9q0e+qWDWOKAaL6MeU7XVLByFs1dYBZR+FYZENkIygHvCpLHITy81eOe xtGk5s1IpwGy4kngBMml4fcmtBO3rVTmvTjEY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=gx2Zz31qQKSdLwjcNZC1UDAz/ogOFa1LRseoq/TcLn8=; b=LRwi9ZRkEptRez/cqdpur0Ss7myu2i2tc/y+d4mSI21PBxz990dym+GpSgQW4DX1yD c7YsKSOi0uzQLHqIH/FI2hJEkEp+wln7QNIKP3Wr96cgx2PfvQk5+1W4lbhxMLpAJSHl Z0+7CMredlwamBzDDfWf1ER4B+6q00mrJ+T8sgqnRZMSsKPNPrS3D3gHJEBgGe3fn3ae zLg9A7qUVBU6wV7ByPcmor0+Q1Egd5eaxQ4ZEngU1kqVP3xc/GL9hA3GbJScKYDslRra dhZFVioEWJG2A+cfixMWzdd9yAqoPOHQ8OmXqmoojqt0m3xbCkH4YQ5DnYRJP4XxZ/+E QaPQ== X-Gm-Message-State: AGi0PubliQRjOE/BAq5LofKPcks71W60PnLXpkj1TfWIYeDKZ92uTyoB hjZ0lY5PASdP+NBvZL7vFBZAIuitKyo= X-Received: by 2002:a63:1158:: with SMTP id 24mr10778707pgr.88.1585958696111; Fri, 03 Apr 2020 17:04:56 -0700 (PDT) Received: from localhost.localdomain (c-73-231-41-185.hsd1.ca.comcast.net. [73.231.41.185]) by smtp.googlemail.com with ESMTPSA id nl7sm6924674pjb.36.2020.04.03.17.04.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 03 Apr 2020 17:04:55 -0700 (PDT) From: Sonny Sasaka To: linux-bluetooth@vger.kernel.org Cc: Sonny Sasaka Subject: [PATCH] Bluetooth: Always request for user confirmation for Just Works (LE SC) Date: Fri, 3 Apr 2020 17:04:39 -0700 Message-Id: <20200404000439.12219-1-sonnysasaka@chromium.org> X-Mailer: git-send-email 2.17.1 Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org To improve security, always give the user-space daemon a chance to accept or reject a Just Works pairing (LE). The daemon may decide to auto-accept based on the user's intent. This patch is similar to the previous patch but applies for LE Secure Connections (SC). Signed-off-by: Sonny Sasaka --- net/bluetooth/smp.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c index d0b695ee49f6..daf03339dedd 100644 --- a/net/bluetooth/smp.c +++ b/net/bluetooth/smp.c @@ -2202,7 +2202,7 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb) if (err) return SMP_UNSPECIFIED; - if (smp->method == JUST_WORKS || smp->method == REQ_OOB) { + if (smp->method == REQ_OOB) { if (hcon->out) { sc_dhkey_check(smp); SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK); @@ -2210,6 +2210,18 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb) return 0; } + /* If Just Works, ask user-space for confirmation. */ + if (smp->method == JUST_WORKS) { + err = mgmt_user_confirm_request(hcon->hdev, &hcon->dst, + hcon->type, hcon->dst_type, passkey, 1); + if (err) + return SMP_UNSPECIFIED; + + set_bit(SMP_FLAG_WAIT_USER, &smp->flags); + + return 0; + } + err = smp_g2(smp->tfm_cmac, pkax, pkbx, na, nb, &passkey); if (err) return SMP_UNSPECIFIED; -- 2.17.1