Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp3235897ybb; Mon, 6 Apr 2020 05:05:04 -0700 (PDT) X-Google-Smtp-Source: APiQypKD33Vy665YwAGSa3KPGMG2tePtdxlp0dnSRlkKEWALC0HMZtVPzag/L0y3GaWG5/iCT8zP X-Received: by 2002:aca:61d4:: with SMTP id v203mr12803660oib.72.1586174704199; Mon, 06 Apr 2020 05:05:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1586174704; cv=none; d=google.com; s=arc-20160816; b=HC2hbE4feh4I8u1D7ygw2K+YpdWWwOjv4gwqLc4yB+PRdUhb3+LIaqIOCA5SV15r86 c3yr0w1E0OG2z0e8dVHGr1nMU8cxDUpaD06onbJ8sAEFCNA15vYIdC67o4FjXGb2z1Jx f6lASqzY96XrG5dlXE3nhWN2eS7sOXcsjUk3oned9BnWMPRmxMv5+Qk3247UfZ74cwGE qV4B7O2u9BjZBrHGnoEbzVvUqbF0LHgrieH+SR8/m6mnf+dKgav+qLFutD2S4K0dWcuG Mo6qz8njHJXH4Gd7bsu1SolEzyfia/2H+jUpTpWvthd2o2ANkoAPfcLY3+N8LhKVVNfn 04Pw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:references:message-id :content-transfer-encoding:cc:date:in-reply-to:from:subject :mime-version; bh=UX3I6LCpJam9vLRMzlmUS6Tptz/+3FlPpOrndD5Kz14=; b=hHsDhpRaN/Z6hAkUgPO62GSfX3Eulgfi8j8HoqSXmA7gsshTmYTASE2NumBTqUm21J KWMM5EbrO25IphHNVHKK67G/NfKTTFr0dMBQeMU3zIyuukfC65a8A3kuDz7D5/x2V5XR oP+jGAyM5Tltqj39cOSHbpdWJ3CHqNt4XsBTfo818ZKGphQKbdlHj5jicfsYmQkL653d mPzoNCfTPzpIjLUub4iIU7LSctlD9ZGI4fuiHQ8TQkjm9HU3WtGB63kDgbGhZNXxv8d2 wBlhwlB6x6N8+I8qHmlY/LT3qnw3E5Hu7qQBGExvvjTbLCVjFuHdZORSf15mHCenvaM+ VoEQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j15si7958293ots.187.2020.04.06.05.04.40; Mon, 06 Apr 2020 05:05:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727674AbgDFMEi convert rfc822-to-8bit (ORCPT + 99 others); Mon, 6 Apr 2020 08:04:38 -0400 Received: from coyote.holtmann.net ([212.227.132.17]:36513 "EHLO mail.holtmann.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727614AbgDFMEi (ORCPT ); Mon, 6 Apr 2020 08:04:38 -0400 Received: from marcel-macbook.fritz.box (p4FEFC5A7.dip0.t-ipconnect.de [79.239.197.167]) by mail.holtmann.org (Postfix) with ESMTPSA id 54F5DCECC3; Mon, 6 Apr 2020 14:14:11 +0200 (CEST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.80.23.2.2\)) Subject: Re: [PATCH] Bluetooth: Always request for user confirmation for Just Works (LE SC) From: Marcel Holtmann In-Reply-To: <20200404000439.12219-1-sonnysasaka@chromium.org> Date: Mon, 6 Apr 2020 14:04:36 +0200 Cc: linux-bluetooth@vger.kernel.org Content-Transfer-Encoding: 8BIT Message-Id: References: <20200404000439.12219-1-sonnysasaka@chromium.org> To: Sonny Sasaka X-Mailer: Apple Mail (2.3608.80.23.2.2) Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org Hi Sonny, > To improve security, always give the user-space daemon a chance to > accept or reject a Just Works pairing (LE). The daemon may decide to > auto-accept based on the user's intent. > > This patch is similar to the previous patch but applies for LE Secure > Connections (SC). > > Signed-off-by: Sonny Sasaka > --- > net/bluetooth/smp.c | 14 +++++++++++++- > 1 file changed, 13 insertions(+), 1 deletion(-) > > diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c > index d0b695ee49f6..daf03339dedd 100644 > --- a/net/bluetooth/smp.c > +++ b/net/bluetooth/smp.c > @@ -2202,7 +2202,7 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb) > if (err) > return SMP_UNSPECIFIED; > > - if (smp->method == JUST_WORKS || smp->method == REQ_OOB) { > + if (smp->method == REQ_OOB) { > if (hcon->out) { > sc_dhkey_check(smp); > SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK); > @@ -2210,6 +2210,18 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb) > return 0; > } > > + /* If Just Works, ask user-space for confirmation. */ > + if (smp->method == JUST_WORKS) { > + err = mgmt_user_confirm_request(hcon->hdev, &hcon->dst, > + hcon->type, hcon->dst_type, passkey, 1); > + if (err) > + return SMP_UNSPECIFIED; > + > + set_bit(SMP_FLAG_WAIT_USER, &smp->flags); > + > + return 0; > + } > + > err = smp_g2(smp->tfm_cmac, pkax, pkbx, na, nb, &passkey); > if (err) > return SMP_UNSPECIFIED; @@ -2202,7 +2204,7 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb) if (err) return SMP_UNSPECIFIED; - if (smp->method == JUST_WORKS || smp->method == REQ_OOB) { + if (smp->method == REQ_OOB) { if (hcon->out) { sc_dhkey_check(smp); SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK); @@ -2214,7 +2216,10 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb) if (err) return SMP_UNSPECIFIED; - confirm_hint = 0; + if (smp->method == JUST_WORKS) + confirm_hint = 0; + else + confirm_hint = 1; confirm: err = mgmt_user_confirm_request(hcon->hdev, &hcon->dst, hcon->type, Isn’t this what you are actually doing (minus the required comment of course)? Regards Marcel