| Message ID | 20250507190533.289009-1-luiz.dentz@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | [v1] Bluetooth: L2CAP: Fix not checking l2cap_chan security level | expand |
This is automated email and please do not reply to this email! Dear submitter, Thank you for submitting the patches to the linux bluetooth mailing list. This is a CI test results with your patch series: PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=960627 ---Test result--- Test Summary: CheckPatch PENDING 0.38 seconds GitLint PENDING 0.29 seconds SubjectPrefix PASS 0.06 seconds BuildKernel PASS 24.54 seconds CheckAllWarning PASS 28.27 seconds CheckSparse PASS 30.24 seconds BuildKernel32 PASS 24.13 seconds TestRunnerSetup PASS 461.95 seconds TestRunner_l2cap-tester PASS 22.44 seconds TestRunner_iso-tester PASS 33.85 seconds TestRunner_bnep-tester PASS 4.73 seconds TestRunner_mgmt-tester FAIL 118.66 seconds TestRunner_rfcomm-tester PASS 8.13 seconds TestRunner_sco-tester PASS 13.05 seconds TestRunner_ioctl-tester PASS 8.28 seconds TestRunner_mesh-tester PASS 6.10 seconds TestRunner_smp-tester PASS 7.17 seconds TestRunner_userchan-tester PASS 4.98 seconds IncrementalBuild PENDING 0.63 seconds Details ############################## Test: CheckPatch - PENDING Desc: Run checkpatch.pl script Output: ############################## Test: GitLint - PENDING Desc: Run gitlint Output: ############################## Test: TestRunner_mgmt-tester - FAIL Desc: Run mgmt-tester with test-runner Output: Total: 490, Passed: 484 (98.8%), Failed: 2, Not Run: 4 Failed Test Cases LL Privacy - Add Device 2 (2 Devices to AL) Failed 0.167 seconds LL Privacy - Set Flags 3 (2 Devices to RL) Failed 0.189 seconds ############################## Test: IncrementalBuild - PENDING Desc: Incremental build with the patches in the series Output: --- Regards, Linux Bluetooth
Hello: This patch was applied to bluetooth/bluetooth-next.git (master) by Luiz Augusto von Dentz <luiz.von.dentz@intel.com>: On Wed, 7 May 2025 15:05:33 -0400 you wrote: > From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> > > l2cap_check_enc_key_size shall check the security level of the > l2cap_chan rather than the hci_conn since for incoming connection > request that may be different as hci_conn may already been > encrypted using a different security level. > > [...] Here is the summary with links: - [v1] Bluetooth: L2CAP: Fix not checking l2cap_chan security level https://git.kernel.org/bluetooth/bluetooth-next/c/18f5b2456b36 You are awesome, thank you!
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c index 73472756618a..042d3ac3b4a3 100644 --- a/net/bluetooth/l2cap_core.c +++ b/net/bluetooth/l2cap_core.c @@ -1411,7 +1411,8 @@ static void l2cap_request_info(struct l2cap_conn *conn) sizeof(req), &req); } -static bool l2cap_check_enc_key_size(struct hci_conn *hcon) +static bool l2cap_check_enc_key_size(struct hci_conn *hcon, + struct l2cap_chan *chan) { /* The minimum encryption key size needs to be enforced by the * host stack before establishing any L2CAP connections. The @@ -1425,7 +1426,7 @@ static bool l2cap_check_enc_key_size(struct hci_conn *hcon) int min_key_size = hcon->hdev->min_enc_key_size; /* On FIPS security level, key size must be 16 bytes */ - if (hcon->sec_level == BT_SECURITY_FIPS) + if (chan->sec_level == BT_SECURITY_FIPS) min_key_size = 16; return (!test_bit(HCI_CONN_ENCRYPT, &hcon->flags) || @@ -1453,7 +1454,7 @@ static void l2cap_do_start(struct l2cap_chan *chan) !__l2cap_no_conn_pending(chan)) return; - if (l2cap_check_enc_key_size(conn->hcon)) + if (l2cap_check_enc_key_size(conn->hcon, chan)) l2cap_start_connection(chan); else __set_chan_timer(chan, L2CAP_DISC_TIMEOUT); @@ -1528,7 +1529,7 @@ static void l2cap_conn_start(struct l2cap_conn *conn) continue; } - if (l2cap_check_enc_key_size(conn->hcon)) + if (l2cap_check_enc_key_size(conn->hcon, chan)) l2cap_start_connection(chan); else l2cap_chan_close(chan, ECONNREFUSED); @@ -3992,7 +3993,7 @@ static void l2cap_connect(struct l2cap_conn *conn, struct l2cap_cmd_hdr *cmd, /* Check if the ACL is secure enough (if not SDP) */ if (psm != cpu_to_le16(L2CAP_PSM_SDP) && (!hci_conn_check_link_mode(conn->hcon) || - !l2cap_check_enc_key_size(conn->hcon))) { + !l2cap_check_enc_key_size(conn->hcon, pchan))) { conn->disc_reason = HCI_ERROR_AUTH_FAILURE; result = L2CAP_CR_SEC_BLOCK; goto response; @@ -7352,7 +7353,7 @@ static void l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt) } if (chan->state == BT_CONNECT) { - if (!status && l2cap_check_enc_key_size(hcon)) + if (!status && l2cap_check_enc_key_size(hcon, chan)) l2cap_start_connection(chan); else __set_chan_timer(chan, L2CAP_DISC_TIMEOUT); @@ -7362,7 +7363,7 @@ static void l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt) struct l2cap_conn_rsp rsp; __u16 res, stat; - if (!status && l2cap_check_enc_key_size(hcon)) { + if (!status && l2cap_check_enc_key_size(hcon, chan)) { if (test_bit(FLAG_DEFER_SETUP, &chan->flags)) { res = L2CAP_CR_PEND; stat = L2CAP_CS_AUTHOR_PEND;