linux

mirror of https://github.com/raspberrypi/linux.git synced 2025-12-27 12:32:50 +00:00

Files

Luiz Augusto von Dentz c82b6357a5 Bluetooth: hci_event: Fix not using key encryption size when its known

This fixes the regression introduced by 50c1241e6a8a ("Bluetooth: l2cap:
Check encryption key size on incoming connection") introduced a check for
l2cap_check_enc_key_size which checks for hcon->enc_key_size which may
not be initialized if HCI_OP_READ_ENC_KEY_SIZE is still pending.

If the key encryption size is known, due previously reading it using
HCI_OP_READ_ENC_KEY_SIZE, then store it as part of link_key/smp_ltk
structures so the next time the encryption is changed their values are
used as conn->enc_key_size thus avoiding the racing against
HCI_OP_READ_ENC_KEY_SIZE.

Now that the enc_size is stored as part of key the information the code
then attempts to check that there is no downgrade of security if
HCI_OP_READ_ENC_KEY_SIZE returns a value smaller than what has been
previously stored.

Link: https://bugzilla.kernel.org/show_bug.cgi?id=220061
Link: https://bugzilla.kernel.org/show_bug.cgi?id=220063
Fixes: 522e9ed157 ("Bluetooth: l2cap: Check encryption key size on incoming connection")
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>

2025-05-08 10:24:15 -04:00

bluetooth.h

Bluetooth: ISO: add TX timestamping

2025-03-25 12:50:07 -04:00

coredump.h

Bluetooth: Add support for hci devcoredump

2023-04-23 21:57:59 -07:00

hci_core.h

Bluetooth: hci_event: Fix not using key encryption size when its known

2025-05-08 10:24:15 -04:00

hci_mon.h

Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name