From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Luiz Augusto von Dentz <luiz.von.dentz@intel.com>,
Marcel Holtmann <marcel@holtmann.org>,
Hans-Christian Noren Egtvedt <hegtvedt@cisco.com>
Subject: [PATCH 4.4 06/16] Bluetooth: Disconnect if E0 is used for Level 4
Date: Fri, 16 Oct 2020 11:06:59 +0200 [thread overview]
Message-ID: <20201016090435.734532793@linuxfoundation.org> (raw)
In-Reply-To: <20201016090435.423923738@linuxfoundation.org>
From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
commit 8746f135bb01872ff412d408ea1aa9ebd328c1f5 upstream.
E0 is not allowed with Level 4:
BLUETOOTH CORE SPECIFICATION Version 5.2 | Vol 3, Part C page 1319:
'128-bit equivalent strength for link and encryption keys
required using FIPS approved algorithms (E0 not allowed,
SAFER+ not allowed, and P-192 not allowed; encryption key
not shortened'
SC enabled:
> HCI Event: Read Remote Extended Features (0x23) plen 13
Status: Success (0x00)
Handle: 256
Page: 1/2
Features: 0x0b 0x00 0x00 0x00 0x00 0x00 0x00 0x00
Secure Simple Pairing (Host Support)
LE Supported (Host)
Secure Connections (Host Support)
> HCI Event: Encryption Change (0x08) plen 4
Status: Success (0x00)
Handle: 256
Encryption: Enabled with AES-CCM (0x02)
SC disabled:
> HCI Event: Read Remote Extended Features (0x23) plen 13
Status: Success (0x00)
Handle: 256
Page: 1/2
Features: 0x03 0x00 0x00 0x00 0x00 0x00 0x00 0x00
Secure Simple Pairing (Host Support)
LE Supported (Host)
> HCI Event: Encryption Change (0x08) plen 4
Status: Success (0x00)
Handle: 256
Encryption: Enabled with E0 (0x01)
[May 8 20:23] Bluetooth: hci0: Invalid security: expect AES but E0 was used
< HCI Command: Disconnect (0x01|0x0006) plen 3
Handle: 256
Reason: Authentication Failure (0x05)
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Cc: Hans-Christian Noren Egtvedt <hegtvedt@cisco.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
include/net/bluetooth/hci_core.h | 10 ++++++----
net/bluetooth/hci_conn.c | 17 +++++++++++++++++
net/bluetooth/hci_event.c | 20 ++++++++------------
3 files changed, 31 insertions(+), 16 deletions(-)
--- a/include/net/bluetooth/hci_core.h
+++ b/include/net/bluetooth/hci_core.h
@@ -1256,11 +1256,13 @@ static inline void hci_encrypt_cfm(struc
else
encrypt = 0x01;
- if (conn->sec_level == BT_SECURITY_SDP)
- conn->sec_level = BT_SECURITY_LOW;
+ if (!status) {
+ if (conn->sec_level == BT_SECURITY_SDP)
+ conn->sec_level = BT_SECURITY_LOW;
- if (conn->pending_sec_level > conn->sec_level)
- conn->sec_level = conn->pending_sec_level;
+ if (conn->pending_sec_level > conn->sec_level)
+ conn->sec_level = conn->pending_sec_level;
+ }
mutex_lock(&hci_cb_list_lock);
list_for_each_entry(cb, &hci_cb_list, list) {
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -1173,6 +1173,23 @@ int hci_conn_check_link_mode(struct hci_
return 0;
}
+ /* AES encryption is required for Level 4:
+ *
+ * BLUETOOTH CORE SPECIFICATION Version 5.2 | Vol 3, Part C
+ * page 1319:
+ *
+ * 128-bit equivalent strength for link and encryption keys
+ * required using FIPS approved algorithms (E0 not allowed,
+ * SAFER+ not allowed, and P-192 not allowed; encryption key
+ * not shortened)
+ */
+ if (conn->sec_level == BT_SECURITY_FIPS &&
+ !test_bit(HCI_CONN_AES_CCM, &conn->flags)) {
+ bt_dev_err(conn->hdev,
+ "Invalid security: Missing AES-CCM usage");
+ return 0;
+ }
+
if (hci_conn_ssp_enabled(conn) &&
!test_bit(HCI_CONN_ENCRYPT, &conn->flags))
return 0;
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -2615,23 +2615,19 @@ static void hci_encrypt_change_evt(struc
clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
+ /* Check link security requirements are met */
+ if (!hci_conn_check_link_mode(conn))
+ ev->status = HCI_ERROR_AUTH_FAILURE;
+
if (ev->status && conn->state == BT_CONNECTED) {
+ /* Notify upper layers so they can cleanup before
+ * disconnecting.
+ */
+ hci_encrypt_cfm(conn, ev->status);
hci_disconnect(conn, HCI_ERROR_AUTH_FAILURE);
hci_conn_drop(conn);
goto unlock;
}
-
- /* In Secure Connections Only mode, do not allow any connections
- * that are not encrypted with AES-CCM using a P-256 authenticated
- * combination key.
- */
- if (hci_dev_test_flag(hdev, HCI_SC_ONLY) &&
- (!test_bit(HCI_CONN_AES_CCM, &conn->flags) ||
- conn->key_type != HCI_LK_AUTH_COMBINATION_P256)) {
- hci_connect_cfm(conn, HCI_ERROR_AUTH_FAILURE);
- hci_conn_drop(conn);
- goto unlock;
- }
/* Try reading the encryption key size for encrypted ACL links */
if (!ev->status && ev->encrypt && conn->type == ACL_LINK) {
next prev parent reply other threads:[~2020-10-16 9:07 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-16 9:06 [PATCH 4.4 00/16] 4.4.240-rc1 review Greg Kroah-Hartman
2020-10-16 9:06 ` [PATCH 4.4 01/16] Bluetooth: A2MP: Fix not initializing all members Greg Kroah-Hartman
2020-10-16 9:06 ` [PATCH 4.4 02/16] Bluetooth: MGMT: Fix not checking if BT_HS is enabled Greg Kroah-Hartman
2020-10-16 9:06 ` [PATCH 4.4 03/16] Bluetooth: fix kernel oops in store_pending_adv_report Greg Kroah-Hartman
2020-10-16 9:06 ` [PATCH 4.4 04/16] Bluetooth: Consolidate encryption handling in hci_encrypt_cfm Greg Kroah-Hartman
2020-10-16 9:06 ` [PATCH 4.4 05/16] Bluetooth: Fix update of connection state in `hci_encrypt_cfm` Greg Kroah-Hartman
2020-10-16 9:06 ` Greg Kroah-Hartman [this message]
2020-10-16 9:07 ` [PATCH 4.4 07/16] media: usbtv: Fix refcounting mixup Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.4 08/16] USB: serial: option: add Cellient MPL200 card Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.4 09/16] USB: serial: option: Add Telit FT980-KS composition Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.4 10/16] staging: comedi: check validity of wMaxPacketSize of usb endpoints found Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.4 11/16] USB: serial: pl2303: add device-id for HP GC device Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.4 12/16] USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.4 13/16] reiserfs: Initialize inode keys properly Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.4 14/16] reiserfs: Fix oops during mount Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.4 15/16] spi: unbinding slave before calling spi_destroy_queue Greg Kroah-Hartman
2020-10-16 9:07 ` [PATCH 4.4 16/16] crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA Greg Kroah-Hartman
2020-10-16 10:34 ` [PATCH 4.4 00/16] 4.4.240-rc1 review Pavel Machek
2020-10-16 13:46 ` Jon Hunter
2020-10-16 19:00 ` Guenter Roeck
2020-10-17 8:09 ` Naresh Kamboju
2020-10-17 16:19 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201016090435.734532793@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=hegtvedt@cisco.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luiz.von.dentz@intel.com \
--cc=marcel@holtmann.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).