Bluetooth: Add flag to track STK encryption

There are certain subtle differences in behavior when we're encrypted
with the STK, such as allowing re-encryption even though the security
level stays the same. Because of this, add a flag to track whether we're
encrypted with an STK or not.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>

diff --git a/include/net/bluetooth/hci_core.h b/include/net/bluetooth/hci_core.h
index eb0add396595d50a8feefe378da40a52dda94993..9078da681f1683387e6a1e4592385c4026c16864 100644 (file)
--- a/include/net/bluetooth/hci_core.h
+++ b/include/net/bluetooth/hci_core.h
@@ -536,6 +536,7 @@ enum {
        HCI_CONN_AUTH,
        HCI_CONN_SECURE,
        HCI_CONN_FIPS,
+       HCI_CONN_STK_ENCRYPT,
 };
 
 static inline bool hci_conn_ssp_enabled(struct hci_conn *conn)

diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 8097559ebb48699a0b283fb81fe087f49c194127..b0b760dd66a3c513f926d7ae7bebff114299cd1d 100644 (file)
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -4365,8 +4365,11 @@ static void hci_le_ltk_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
         * using a distributed LTK.
         */
        if (ltk->type == SMP_STK) {
+               set_bit(HCI_CONN_STK_ENCRYPT, &conn->flags);
                list_del(&ltk->list);
                kfree(ltk);
+       } else {
+               clear_bit(HCI_CONN_STK_ENCRYPT, &conn->flags);
        }
 
        hci_dev_unlock(hdev);

diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 6ce7785a2708fb4cf95d86459289203a178bf1b2..68e6f245581c28867d80b5ad90f4399a8ce4dd0d 100644 (file)
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -538,6 +538,7 @@ static u8 smp_random(struct smp_chan *smp)
 
                hci_le_start_enc(hcon, ediv, rand, stk);
                hcon->enc_key_size = smp->enc_key_size;
+               set_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
        } else {
                u8 stk[16], auth;
                __le64 rand = 0;
@@ -856,6 +857,9 @@ static bool smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
        hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
        hcon->enc_key_size = key->enc_size;
 
+       /* We never store STKs for master role, so clear this flag */
+       clear_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
+
        return true;
 }