Received: by 2002:ab2:23c8:0:b0:1f2:fdbc:cb93 with SMTP id a8csp72269lqe; Tue, 26 Mar 2024 21:32:41 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUMrS7YQaG+DW+tnzi+p+fKZxYDSO1K1XNB+VXfrK+XjJ5LV0Xjo69YYt81MoXH5Jch/xukAxf5UCOHXpbxangNKean9uIpQfmfu1rjrw== X-Google-Smtp-Source: AGHT+IERgrdlrcEfXIqGshtNf+ZiYi93hwamPlLyRS0oqtGT6e+9e/JoAoT8xPaeBckZY/95MalC X-Received: by 2002:a05:6808:1513:b0:3c3:75ac:3b45 with SMTP id u19-20020a056808151300b003c375ac3b45mr3835724oiw.45.1711513960926; Tue, 26 Mar 2024 21:32:40 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1711513960; cv=pass; d=google.com; s=arc-20160816; b=tFMzEFLt8W+Sh/ikh1FAkQyn48HEsMIX1xIaErUAj1NRpsz+6rya2CFGemFd+XUFZ1 bmIGhsQcrT8kUKRUCCs1luWT1OJpb5420XeU6hD899mkq/z4BIo78SnJDpv48cmAcJE5 7oTvv7966HFw0BpzUwzmiK+WFo6UT/aFaP3Vlt1mBpqfAi2AjM7H5VuFCnsFidBdrImc Mk5VhnsIO6hSmqnxzX0x5asp5J/qpm+9fmsOP0WLSoeDmKy5uJmJCbNW5CAgBz2lzQbK NZnyQl3x8FmeS3ZiMcmptpofssMyDXubkxHjNAKn3RfcaHFcMov0BKUDpkKhJhAyDxC0 aZdg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:message-id:date:subject:to:from :dkim-signature; bh=LJ5uyujg2B+J0TBV7YDoRy7rmffmNcxEYPaS/OWPDww=; fh=zYMO24QDExuP7Ab1Ph8SqcQ7aAwCbutxhrhEcKf9WA4=; b=mYUNX4A6YPonS/S3dpEPpphNk5sNpjwb9gJvG0w3lOTaT6hjG8yAQDz2PunoK5vyIf UpU3X2cVJRg2lbhm4euj6rgUTYe/Cy65N19FNUOrjybu+fUKYC+8Ojj6x14OobJ3qIMJ 3ahT/1LTX3piffjJXfbwN5XS9n9Oqw7vzcywondx/Odl7UXF4KxP+PbhZhAgxY1/AOAo I8QovQBxwYxY8FhLCgkp9fKFL3NkZCKi3QaGm+v6mCvsR8OiBSyh0FbcgN7A3TstFj6c ogZaTF9rzG7WtKi2UMubqkY7m2SmB+YyU1KYdMYjKqDWRgADMClP99YTLVkHueapKRM8 1J3A==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@canonical.com header.s=20210705 header.b=sAevQKoY; arc=pass (i=1 spf=pass spfdomain=canonical.com dkim=pass dkdomain=canonical.com dmarc=pass fromdomain=canonical.com); spf=pass (google.com: domain of linux-bluetooth+bounces-2810-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-bluetooth+bounces-2810-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id x32-20020a634860000000b005dc95934e54si11325950pgk.52.2024.03.26.21.32.40 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 26 Mar 2024 21:32:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-bluetooth+bounces-2810-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@canonical.com header.s=20210705 header.b=sAevQKoY; arc=pass (i=1 spf=pass spfdomain=canonical.com dkim=pass dkdomain=canonical.com dmarc=pass fromdomain=canonical.com); spf=pass (google.com: domain of linux-bluetooth+bounces-2810-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-bluetooth+bounces-2810-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 382C3B22ECA for ; Wed, 27 Mar 2024 04:31:41 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 35445652; Wed, 27 Mar 2024 04:31:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="sAevQKoY" X-Original-To: linux-bluetooth@vger.kernel.org Received: from smtp-relay-canonical-0.canonical.com (smtp-relay-canonical-0.canonical.com [185.125.188.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 703AC36B for ; Wed, 27 Mar 2024 04:31:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.120 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711513894; cv=none; b=rpjHEBhspJ+N+K1bbIpJpC8DSlo6uYfxHAsHxx15RxojlQvA+X+rpEB+7m9xH0Doi1AqyVpjYalbNsqyM8rFj8Wga/UxiwF2ZcqIAkC0fpB23xtl3Gl0SsrVfRrzm55LPgnnTQnodujFaglQphDQArpvg3MyXeYwcLdxDB9lYqM= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711513894; c=relaxed/simple; bh=OpH1qgJ21IOSTBs710VOfIQd6xPgRDhtRSviTmp9mrw=; h=From:To:Subject:Date:Message-Id:MIME-Version; b=CVAkszFXoGx/fRjdg/jso6KF8Sxy9Nl6vX03X6rDfNCxyl6hySpmxR157w8gi03Z6lnuj1C4CcXDhkAdf0NCqeA0FPNsv/MvFg8/hPugW7CPXYS6GGh+lqmJWjHBUXK3FZ8VzBJ55JaKAO9GU189BHxerwCdJJqtNbaPWgMhyg8= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=sAevQKoY; arc=none smtp.client-ip=185.125.188.120 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Received: from hwang4-ThinkPad-T14s-Gen-2a.conference (1.general.hwang4.uk.vpn [10.172.195.16]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-canonical-0.canonical.com (Postfix) with ESMTPSA id 8CA963FB33; Wed, 27 Mar 2024 04:31:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1711513889; bh=LJ5uyujg2B+J0TBV7YDoRy7rmffmNcxEYPaS/OWPDww=; h=From:To:Subject:Date:Message-Id:MIME-Version; b=sAevQKoYrB8i7QZIz9yRGj+aKWlHQ32/AI65pDC8izSaiucmDgRVSmWWRtzbhD8PJ UUucFrh0AS6qLkIMeJG/WjCxm0cKuk9szZAef8p86NsbU5F+UqSluSKG6SleEdFz/2 CpLaYayhNMFQeBEBA8JHctIyhvT9jqFmhQlHtxYXfbIzVCStIbg5SCT1slzpSHuh9l SO6OY9gwaEQ4xoafvlHq0TIXxhBQvIXVExqllMjFryvoxJr3wYNOVPeGO6mv/dinNj 9917PdELNpSByu/WCYQVbvxibBKkLYTqz2reGmpChoWM7UuYzS88aNag0cy6gNb/SN HtndR1t6VkFsA== From: Hui Wang To: linux-bluetooth@vger.kernel.org, luiz.dentz@gmail.com, marcel@holtmann.org, johan.hedberg@gmail.com, pmenzel@molgen.mpg.de Subject: [PATCH v2] Bluetooth: hci_event: set the conn encrypted before conn establishes Date: Wed, 27 Mar 2024 12:30:30 +0800 Message-Id: <20240327043030.243737-1-hui.wang@canonical.com> X-Mailer: git-send-email 2.34.1 Precedence: bulk X-Mailing-List: linux-bluetooth@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit We have a BT headset (Lenovo Thinkplus XT99), the pairing and connecting has no problem, once this headset is paired, bluez will remember this device and will auto re-connect it whenever the device is powered on. The auto re-connecting works well with Windows and Android, but with Linux, it always fails. Through debugging, we found at the rfcomm connection stage, the bluetooth stack reports "Connection refused - security block (0x0003)". For this device, the re-connecting negotiation process is different from other BT headsets, it sends the Link_KEY_REQUEST command before the CONNECT_REQUEST completes, and it doesn't send ENCRYPT_CHANGE command during the negotiation. When the device sends the "connect complete" to hci, the ev->encr_mode is 1. So here in the conn_complete_evt(), if ev->encr_mode is 1, link type is ACL and HCI_CONN_ENCRYPT is not set, we set HCI_CONN_ENCRYPT to this conn, and update conn->enc_key_size accordingly. After this change, this BT headset could re-connect with Linux successfully. This is the btmon log after applying the patch, after receiving the "Connect Complete" with "Encryption: Enabled", will send the command to read encryption key size: > HCI Event: Connect Request (0x04) plen 10 Address: 8C:3C:AA:D8:11:67 (OUI 8C-3C-AA) Class: 0x240404 Major class: Audio/Video (headset, speaker, stereo, video, vcr) Minor class: Wearable Headset Device Rendering (Printing, Speaker) Audio (Speaker, Microphone, Headset) Link type: ACL (0x01) ... > HCI Event: Link Key Request (0x17) plen 6 Address: 8C:3C:AA:D8:11:67 (OUI 8C-3C-AA) < HCI Command: Link Key Request Reply (0x01|0x000b) plen 22 Address: 8C:3C:AA:D8:11:67 (OUI 8C-3C-AA) Link key: ${32-hex-digits-key} ... > HCI Event: Connect Complete (0x03) plen 11 Status: Success (0x00) Handle: 256 Address: 8C:3C:AA:D8:11:67 (OUI 8C-3C-AA) Link type: ACL (0x01) Encryption: Enabled (0x01) < HCI Command: Read Encryption Key... (0x05|0x0008) plen 2 Handle: 256 < ACL Data TX: Handle 256 flags 0x00 dlen 10 L2CAP: Information Request (0x0a) ident 1 len 2 Type: Extended features supported (0x0002) > HCI Event: Command Complete (0x0e) plen 7 Read Encryption Key Size (0x05|0x0008) ncmd 1 Status: Success (0x00) Handle: 256 Key size: 16 ... The Bluetooth host controller I have tested: Intel 8087:0029 Intel 8087:0033 Link: https://github.com/bluez/bluez/issues/704 Reviewed-by: Paul Menzel Reviewed-by: Luiz Augusto von Dentz Signed-off-by: Hui Wang --- In the v2: - I replaced "goto notify" with if {} else {} - Change the commit title and description according to comments in v1 This is the btmon log for auto re-connecting negotiation (also pasted the log to the https://github.com/bluez/bluez/issues/704): Before applying this patch: https://pastebin.com/NUa9RJv8 After applying the patch: https://pastebin.com/GqviChTC net/bluetooth/hci_event.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c index 4ae224824012..a8b8cfebe018 100644 --- a/net/bluetooth/hci_event.c +++ b/net/bluetooth/hci_event.c @@ -3208,6 +3208,31 @@ static void hci_conn_complete_evt(struct hci_dev *hdev, void *data, if (test_bit(HCI_ENCRYPT, &hdev->flags)) set_bit(HCI_CONN_ENCRYPT, &conn->flags); + /* "Link key request" completed ahead of "connect request" completes */ + if (ev->encr_mode == 1 && !test_bit(HCI_CONN_ENCRYPT, &conn->flags) && + ev->link_type == ACL_LINK) { + struct link_key *key; + struct hci_cp_read_enc_key_size cp; + + key = hci_find_link_key(hdev, &ev->bdaddr); + if (key) { + set_bit(HCI_CONN_ENCRYPT, &conn->flags); + + if (!(hdev->commands[20] & 0x10)) { + conn->enc_key_size = HCI_LINK_KEY_SIZE; + } else { + cp.handle = cpu_to_le16(conn->handle); + if (hci_send_cmd(hdev, HCI_OP_READ_ENC_KEY_SIZE, + sizeof(cp), &cp)) { + bt_dev_err(hdev, "sending read key size failed"); + conn->enc_key_size = HCI_LINK_KEY_SIZE; + } + } + + hci_encrypt_cfm(conn, ev->status); + } + } + /* Get remote features */ if (conn->type == ACL_LINK) { struct hci_cp_read_remote_features cp; -- 2.34.1