diff options
author | Andre Guedes <andre.guedes@openbossa.org> | 2014-02-26 20:21:52 -0300 |
---|---|---|
committer | Marcel Holtmann <marcel@holtmann.org> | 2014-02-26 19:41:35 -0800 |
commit | a9b0a04c2aac1e6e41e254221926bdce75321f55 (patch) | |
tree | e46d1832cf05d9dd732bac178ab0b198385e051f | |
parent | 6046dc3e0602256b9941241dfd6b2e4824999b01 (diff) |
Bluetooth: Connection parameters and resolvable address
We should only accept connection parameters from identity addresses
(public or random static). Thus, we should check the address type
in hci_conn_params_add().
Additionally, since the IRK is removed during unpair, we should also
remove the connection parameters from that device.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
-rw-r--r-- | include/net/bluetooth/hci_core.h | 6 | ||||
-rw-r--r-- | net/bluetooth/hci_core.c | 25 | ||||
-rw-r--r-- | net/bluetooth/mgmt.c | 2 |
3 files changed, 26 insertions, 7 deletions
diff --git a/include/net/bluetooth/hci_core.h b/include/net/bluetooth/hci_core.h index b159810f67a..4b192d0fa76 100644 --- a/include/net/bluetooth/hci_core.h +++ b/include/net/bluetooth/hci_core.h @@ -801,9 +801,9 @@ int hci_blacklist_del(struct hci_dev *hdev, bdaddr_t *bdaddr, u8 type); struct hci_conn_params *hci_conn_params_lookup(struct hci_dev *hdev, bdaddr_t *addr, u8 addr_type); -void hci_conn_params_add(struct hci_dev *hdev, bdaddr_t *addr, u8 addr_type, - u8 auto_connect, u16 conn_min_interval, - u16 conn_max_interval); +int hci_conn_params_add(struct hci_dev *hdev, bdaddr_t *addr, u8 addr_type, + u8 auto_connect, u16 conn_min_interval, + u16 conn_max_interval); void hci_conn_params_del(struct hci_dev *hdev, bdaddr_t *addr, u8 addr_type); void hci_conn_params_clear(struct hci_dev *hdev); diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c index 9470a9c1432..6d83ca04097 100644 --- a/net/bluetooth/hci_core.c +++ b/net/bluetooth/hci_core.c @@ -3220,13 +3220,28 @@ static bool is_connected(struct hci_dev *hdev, bdaddr_t *addr, u8 type) return true; } +static bool is_identity_address(bdaddr_t *addr, u8 addr_type) +{ + if (addr_type == ADDR_LE_DEV_PUBLIC) + return true; + + /* Check for Random Static address type */ + if ((addr->b[5] & 0xc0) == 0xc0) + return true; + + return false; +} + /* This function requires the caller holds hdev->lock */ -void hci_conn_params_add(struct hci_dev *hdev, bdaddr_t *addr, u8 addr_type, - u8 auto_connect, u16 conn_min_interval, - u16 conn_max_interval) +int hci_conn_params_add(struct hci_dev *hdev, bdaddr_t *addr, u8 addr_type, + u8 auto_connect, u16 conn_min_interval, + u16 conn_max_interval) { struct hci_conn_params *params; + if (!is_identity_address(addr, addr_type)) + return -EINVAL; + params = hci_conn_params_lookup(hdev, addr, addr_type); if (params) goto update; @@ -3234,7 +3249,7 @@ void hci_conn_params_add(struct hci_dev *hdev, bdaddr_t *addr, u8 addr_type, params = kzalloc(sizeof(*params), GFP_KERNEL); if (!params) { BT_ERR("Out of memory"); - return; + return -ENOMEM; } bacpy(¶ms->addr, addr); @@ -3261,6 +3276,8 @@ update: BT_DBG("addr %pMR (type %u) auto_connect %u conn_min_interval 0x%.4x " "conn_max_interval 0x%.4x", addr, addr_type, auto_connect, conn_min_interval, conn_max_interval); + + return 0; } /* This function requires the caller holds hdev->lock */ diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c index f878267ba6a..2e6564e47de 100644 --- a/net/bluetooth/mgmt.c +++ b/net/bluetooth/mgmt.c @@ -2416,6 +2416,8 @@ static int unpair_device(struct sock *sk, struct hci_dev *hdev, void *data, hci_remove_irk(hdev, &cp->addr.bdaddr, addr_type); + hci_conn_params_del(hdev, &cp->addr.bdaddr, addr_type); + err = hci_remove_ltk(hdev, &cp->addr.bdaddr, addr_type); } |