Bluetooth: Allow re-encryption with LTK when STK is in use

If we're encrypted with the STK we should allow re-encryption with an LTK even though the achieved security level is the same. This patch adds the necessary logic to the smp_sufficient_security function which is used to determine whether to proceed with encryption or not. Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
author: Johan Hedberg <johan.hedberg@intel.com> 2014-07-01 18:14:13 +0200
committer: Marcel Holtmann <marcel@holtmann.org> 2014-07-03 17:42:54 +0200
commit: 9ab65d60c212c23f1605f35aea229f4c94df2334 (patch)
tree: 5ee86b593782a7f61b2301117569c31fd37a8f88 /net/bluetooth/smp.c
parent: Bluetooth: Add flag to track STK encryption (diff)
download: linux-9ab65d60c212c23f1605f35aea229f4c94df2334.tar.xz
linux-9ab65d60c212c23f1605f35aea229f4c94df2334.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 68e6f245581c..55c41de2f5a0 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -868,6 +868,14 @@ bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level)
 	if (sec_level == BT_SECURITY_LOW)
 		return true;
 
+	/* If we're encrypted with an STK always claim insufficient
+	 * security. This way we allow the connection to be re-encrypted
+	 * with an LTK, even if the LTK provides the same level of
+	 * security.
+	 */
+	if (test_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags))
+		return false;
+
 	if (hcon->sec_level >= sec_level)
 		return true;
author	Johan Hedberg <johan.hedberg@intel.com>	2014-07-01 18:14:13 +0200
committer	Marcel Holtmann <marcel@holtmann.org>	2014-07-03 17:42:54 +0200
commit	9ab65d60c212c23f1605f35aea229f4c94df2334 (patch)
tree	5ee86b593782a7f61b2301117569c31fd37a8f88 /net/bluetooth/smp.c
parent	Bluetooth: Add flag to track STK encryption (diff)
download	linux-9ab65d60c212c23f1605f35aea229f4c94df2334.tar.xz linux-9ab65d60c212c23f1605f35aea229f4c94df2334.zip