[v1] Bluetooth: Check for encryption key size on connect

Message ID	20200917181031.v1.1.I67a8b8cd4def8166970ca37109db46d731b62bb6@changeid
State	Awaiting Upstream
Delegated to:	David Miller
Headers	show Return-Path: <netdev-owner@vger.kernel.org> Date: Thu, 17 Sep 2020 18:10:56 +0800 Message-Id: <20200917181031.v1.1.I67a8b8cd4def8166970ca37109db46d731b62bb6@changeid> Mime-Version: 1.0 Subject: [PATCH v1] Bluetooth: Check for encryption key size on connect From: Archie Pusaka <apusaka@google.com> To: linux-bluetooth <linux-bluetooth@vger.kernel.org>, Marcel Holtmann <marcel@holtmann.org> Cc: CrosBT Upstreaming <chromeos-bluetooth-upstreaming@chromium.org>, Archie Pusaka <apusaka@chromium.org>, Alain Michaud <alainm@chromium.org>, "David S. Miller" <davem@davemloft.net>, Jakub Kicinski <kuba@kernel.org>, Johan Hedberg <johan.hedberg@gmail.com>, linux-kernel@vger.kernel.org, netdev@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk
Series	[v1] Bluetooth: Check for encryption key size on connect \| expand [v1] Bluetooth: Check for encryption key size on connect

Message ID

20200917181031.v1.1.I67a8b8cd4def8166970ca37109db46d731b62bb6@changeid

State

Awaiting Upstream

Delegated to:

David Miller

Headers

Date: Thu, 17 Sep 2020 18:10:56 +0800
Message-Id: 
 <20200917181031.v1.1.I67a8b8cd4def8166970ca37109db46d731b62bb6@changeid>
Mime-Version: 1.0
Subject: [PATCH v1] Bluetooth: Check for encryption key size on connect
From: Archie Pusaka <apusaka@google.com>
To: linux-bluetooth <linux-bluetooth@vger.kernel.org>,
        Marcel Holtmann <marcel@holtmann.org>
Cc: CrosBT Upstreaming <chromeos-bluetooth-upstreaming@chromium.org>,
        Archie Pusaka <apusaka@chromium.org>,
        Alain Michaud <alainm@chromium.org>,
        "David S. Miller" <davem@davemloft.net>,
        Jakub Kicinski <kuba@kernel.org>,
        Johan Hedberg <johan.hedberg@gmail.com>,
        linux-kernel@vger.kernel.org, netdev@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk

Series

[v1] Bluetooth: Check for encryption key size on connect | expand

Commit Message

Archie Pusaka Sept. 17, 2020, 10:10 a.m. UTC

From: Archie Pusaka <apusaka@chromium.org>

When receiving connection, we only check whether the link has been
encrypted, but not the encryption key size of the link.

This patch adds check for encryption key size, and reject L2CAP
connection which size is below the specified threshold (default 7)
with security block.

Signed-off-by: Archie Pusaka <apusaka@chromium.org>
Reviewed-by: Alain Michaud <alainm@chromium.org>

---

 net/bluetooth/l2cap_core.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Comments

Marcel Holtmann Sept. 20, 2020, 6:18 a.m. UTC | #1

Hi Archie,

> When receiving connection, we only check whether the link has been
> encrypted, but not the encryption key size of the link.
> 
> This patch adds check for encryption key size, and reject L2CAP
> connection which size is below the specified threshold (default 7)
> with security block.

please include btmon trace in the commit message to demonstrate this.

Regards

Marcel

diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index ade83e224567..b4fc0ad38aaa 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -4101,7 +4101,8 @@  static struct l2cap_chan *l2cap_connect(struct l2cap_conn *conn,
 
 	/* Check if the ACL is secure enough (if not SDP) */
 	if (psm != cpu_to_le16(L2CAP_PSM_SDP) &&
-	    !hci_conn_check_link_mode(conn->hcon)) {
+	    (!hci_conn_check_link_mode(conn->hcon) ||
+	    !l2cap_check_enc_key_size(conn->hcon))) {
 		conn->disc_reason = HCI_ERROR_AUTH_FAILURE;
 		result = L2CAP_CR_SEC_BLOCK;
 		goto response;

[v1] Bluetooth: Check for encryption key size on connect

Commit Message

Comments

Patch