Commit 7e74170a authored by Timo Mueller's avatar Timo Mueller Committed by Johan Hedberg

Bluetooth: Use MITM Protection when IO caps allow it

When responding to a remotely-initiated pairing procedure, a MITM
protected SSP associaton model can be used for pairing if both local
and remote IO capabilities are set to something other than
NoInputNoOutput, regardless of the bonding type (Dedicated or
General).

This was already done for Dedicated Bonding but this patch proposes to
use the same policy for General Bonding as well.

The GAP Specification gives the flexibility to decide whether MITM
Protection is used ot not (Bluetooth Core Specification v4.0 Volume 3,
part C, section 6.5.3).

Note however that the recommendation is *not* to set this flag "unless
the security policy of an available local service requires MITM
Protection" (for both Dedicated and General Bonding). However, as we are
already requiring MITM for Dedicated Bonding, we will follow this
behaviour also for General Bonding.
Signed-off-by: default avatarTimo Mueller <timo.mueller@bmw-carit.de>
Signed-off-by: default avatarMikel Astiz <mikel.astiz@bmw-carit.de>
Signed-off-by: default avatarJohan Hedberg <johan.hedberg@intel.com>
parent 6fd6b915
...@@ -3424,11 +3424,6 @@ static u8 hci_get_auth_req(struct hci_conn *conn) ...@@ -3424,11 +3424,6 @@ static u8 hci_get_auth_req(struct hci_conn *conn)
conn->remote_auth == HCI_AT_NO_BONDING_MITM) conn->remote_auth == HCI_AT_NO_BONDING_MITM)
return conn->remote_auth | (conn->auth_type & 0x01); return conn->remote_auth | (conn->auth_type & 0x01);
/* For general bonding, use the given auth_type */
if (conn->remote_auth == HCI_AT_GENERAL_BONDING ||
conn->remote_auth == HCI_AT_GENERAL_BONDING_MITM)
return conn->auth_type;
/* If both remote and local have enough IO capabilities, require /* If both remote and local have enough IO capabilities, require
* MITM protection * MITM protection
*/ */
...@@ -3436,8 +3431,8 @@ static u8 hci_get_auth_req(struct hci_conn *conn) ...@@ -3436,8 +3431,8 @@ static u8 hci_get_auth_req(struct hci_conn *conn)
conn->io_capability != HCI_IO_NO_INPUT_OUTPUT) conn->io_capability != HCI_IO_NO_INPUT_OUTPUT)
return conn->remote_auth | 0x01; return conn->remote_auth | 0x01;
/* No MITM protection possible so remove requirement */ /* No MITM protection possible so ignore remote requirement */
return conn->remote_auth & ~0x01; return (conn->remote_auth & ~0x01) | (conn->auth_type & 0x01);
} }
static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb) static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment