From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Luiz Augusto von Dentz <luiz.von.dentz@intel.com>,
Marcel Holtmann <marcel@holtmann.org>,
Hans-Christian Noren Egtvedt <hegtvedt@cisco.com>
Subject: [PATCH 4.9 07/16] Bluetooth: Disconnect if E0 is used for Level 4
Date: Fri, 16 Oct 2020 11:07:11 +0200 [thread overview]
Message-ID: <20201016090437.581507022@linuxfoundation.org> (raw)
In-Reply-To: <20201016090437.205626543@linuxfoundation.org>
From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
commit 8746f135bb01872ff412d408ea1aa9ebd328c1f5 upstream.
E0 is not allowed with Level 4:
BLUETOOTH CORE SPECIFICATION Version 5.2 | Vol 3, Part C page 1319:
'128-bit equivalent strength for link and encryption keys
required using FIPS approved algorithms (E0 not allowed,
SAFER+ not allowed, and P-192 not allowed; encryption key
not shortened'
SC enabled:
> HCI Event: Read Remote Extended Features (0x23) plen 13
Status: Success (0x00)
Handle: 256
Page: 1/2
Features: 0x0b 0x00 0x00 0x00 0x00 0x00 0x00 0x00
Secure Simple Pairing (Host Support)
LE Supported (Host)
Secure Connections (Host Support)
> HCI Event: Encryption Change (0x08) plen 4
Status: Success (0x00)
Handle: 256
Encryption: Enabled with AES-CCM (0x02)
SC disabled:
> HCI Event: Read Remote Extended Features (0x23) plen 13
Status: Success (0x00)
Handle: 256
Page: 1/2
Features: 0x03 0x00 0x00 0x00 0x00 0x00 0x00 0x00
Secure Simple Pairing (Host Support)
LE Supported (Host)
> HCI Event: Encryption Change (0x08) plen 4
Status: Success (0x00)
Handle: 256
Encryption: Enabled with E0 (0x01)
[May 8 20:23] Bluetooth: hci0: Invalid security: expect AES but E0 was used
< HCI Command: Disconnect (0x01|0x0006) plen 3
Handle: 256
Reason: Authentication Failure (0x05)
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Cc: Hans-Christian Noren Egtvedt <hegtvedt@cisco.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
include/net/bluetooth/hci_core.h | 10 ++++++----
net/bluetooth/hci_conn.c | 17 +++++++++++++++++
net/bluetooth/hci_event.c | 20 ++++++++------------
3 files changed, 31 insertions(+), 16 deletions(-)
--- a/include/net/bluetooth/hci_core.h
+++ b/include/net/bluetooth/hci_core.h
@@ -1271,11 +1271,13 @@ static inline void hci_encrypt_cfm(struc
else
encrypt = 0x01;
- if (conn->sec_level == BT_SECURITY_SDP)
- conn->sec_level = BT_SECURITY_LOW;
+ if (!status) {
+ if (conn->sec_level == BT_SECURITY_SDP)
+ conn->sec_level = BT_SECURITY_LOW;
- if (conn->pending_sec_level > conn->sec_level)
- conn->sec_level = conn->pending_sec_level;
+ if (conn->pending_sec_level > conn->sec_level)
+ conn->sec_level = conn->pending_sec_level;
+ }
mutex_lock(&hci_cb_list_lock);
list_for_each_entry(cb, &hci_cb_list, list) {
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -1163,6 +1163,23 @@ int hci_conn_check_link_mode(struct hci_
return 0;
}
+ /* AES encryption is required for Level 4:
+ *
+ * BLUETOOTH CORE SPECIFICATION Version 5.2 | Vol 3, Part C
+ * page 1319:
+ *
+ * 128-bit equivalent strength for link and encryption keys
+ * required using FIPS approved algorithms (E0 not allowed,
+ * SAFER+ not allowed, and P-192 not allowed; encryption key
+ * not shortened)
+ */
+ if (conn->sec_level == BT_SECURITY_FIPS &&
+ !test_bit(HCI_CONN_AES_CCM, &conn->flags)) {
+ bt_dev_err(conn->hdev,
+ "Invalid security: Missing AES-CCM usage");
+ return 0;
+ }
+
if (hci_conn_ssp_enabled(conn) &&
!test_bit(HCI_CONN_ENCRYPT, &conn->flags))
return 0;
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -2626,26 +2626,22 @@ static void hci_encrypt_change_evt(struc
clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
+ /* Check link security requirements are met */
+ if (!hci_conn_check_link_mode(conn))
+ ev->status = HCI_ERROR_AUTH_FAILURE;
+
if (ev->status && conn->state == BT_CONNECTED) {
if (ev->status == HCI_ERROR_PIN_OR_KEY_MISSING)
set_bit(HCI_CONN_AUTH_FAILURE, &conn->flags);
+ /* Notify upper layers so they can cleanup before
+ * disconnecting.
+ */
+ hci_encrypt_cfm(conn, ev->status);
hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
hci_conn_drop(conn);
goto unlock;
}
-
- /* In Secure Connections Only mode, do not allow any connections
- * that are not encrypted with AES-CCM using a P-256 authenticated
- * combination key.
- */
- if (hci_dev_test_flag(hdev, HCI_SC_ONLY) &&
- (!test_bit(HCI_CONN_AES_CCM, &conn->flags) ||
- conn->key_type != HCI_LK_AUTH_COMBINATION_P256)) {
- hci_connect_cfm(conn, HCI_ERROR_AUTH_FAILURE);
- hci_conn_drop(conn);
- goto unlock;
- }
/* Try reading the encryption key size for encrypted ACL links */
if (!ev->status && ev->encrypt && conn->type == ACL_LINK) {
next prev parent reply other threads:[~2020-10-16 9:08 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-16 9:07 [PATCH 4.9 00/16] 4.9.240-rc1 review Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.9 01/16] Bluetooth: A2MP: Fix not initializing all members Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.9 02/16] Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.9 03/16] Bluetooth: MGMT: Fix not checking if BT_HS is enabled Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.9 04/16] Bluetooth: fix kernel oops in store_pending_adv_report Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.9 05/16] Bluetooth: Consolidate encryption handling in hci_encrypt_cfm Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.9 06/16] Bluetooth: Fix update of connection state in `hci_encrypt_cfm` Greg Kroah-Hartman
2020-10-16 9:07 ` Greg Kroah-Hartman [this message]
2020-10-16 9:07 ` [PATCH 4.9 08/16] media: usbtv: Fix refcounting mixup Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.9 09/16] USB: serial: option: add Cellient MPL200 card Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.9 10/16] USB: serial: option: Add Telit FT980-KS composition Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.9 11/16] staging: comedi: check validity of wMaxPacketSize of usb endpoints found Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.9 12/16] USB: serial: pl2303: add device-id for HP GC device Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.9 13/16] USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.9 14/16] reiserfs: Initialize inode keys properly Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.9 15/16] reiserfs: Fix oops during mount Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.9 16/16] crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA Greg Kroah-Hartman
2020-10-16 13:46 ` [PATCH 4.9 00/16] 4.9.240-rc1 review Jon Hunter
2020-10-16 19:00 ` Guenter Roeck
2020-10-17 7:56 ` Naresh Kamboju
2020-10-17 16:14 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201016090437.581507022@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=hegtvedt@cisco.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luiz.von.dentz@intel.com \
--cc=marcel@holtmann.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.