Skip to content

Commit 532f8bc

Browse files
VudentzVudentz
committed
Revert "Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE"
This reverts commit 59b047b which breaks compatibility with commands like: bluetoothd[46328]: @ MGMT Command: Load.. (0x0013) plen 74 {0x0001} [hci0] Keys: 2 BR/EDR Address: C0:DC:DA:A5:E5:47 (Samsung Electronics Co.,Ltd) Key type: Authenticated key from P-256 (0x03) Central: 0x00 Encryption size: 16 Diversifier[2]: 0000 Randomizer[8]: 0000000000000000 Key[16]: 6ed96089bd9765be2f2c971b0b95f624 LE Address: D7:2A:DE:1E:73:A2 (Static) Key type: Unauthenticated key from P-256 (0x02) Central: 0x00 Encryption size: 16 Diversifier[2]: 0000 Randomizer[8]: 0000000000000000 Key[16]: 87dd2546ededda380ffcdc0a8faa4597 @ MGMT Event: Command Status (0x0002) plen 3 {0x0001} [hci0] Load Long Term Keys (0x0013) Status: Invalid Parameters (0x0d) Cc: [email protected] Link: bluez/bluez#875 Fixes: 59b047b ("Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE") Signed-off-by: Luiz Augusto von Dentz <[email protected]>
1 parent 227a0cd commit 532f8bc

File tree

3 files changed

+7
-30
lines changed

3 files changed

+7
-30
lines changed

include/net/bluetooth/hci_core.h

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -186,7 +186,6 @@ struct blocked_key {
186186
struct smp_csrk {
187187
bdaddr_t bdaddr;
188188
u8 bdaddr_type;
189-
u8 link_type;
190189
u8 type;
191190
u8 val[16];
192191
};
@@ -196,7 +195,6 @@ struct smp_ltk {
196195
struct rcu_head rcu;
197196
bdaddr_t bdaddr;
198197
u8 bdaddr_type;
199-
u8 link_type;
200198
u8 authenticated;
201199
u8 type;
202200
u8 enc_size;
@@ -211,16 +209,13 @@ struct smp_irk {
211209
bdaddr_t rpa;
212210
bdaddr_t bdaddr;
213211
u8 addr_type;
214-
u8 link_type;
215212
u8 val[16];
216213
};
217214

218215
struct link_key {
219216
struct list_head list;
220217
struct rcu_head rcu;
221218
bdaddr_t bdaddr;
222-
u8 bdaddr_type;
223-
u8 link_type;
224219
u8 type;
225220
u8 val[HCI_LINK_KEY_SIZE];
226221
u8 pin_len;

net/bluetooth/mgmt.c

Lines changed: 7 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -2833,8 +2833,7 @@ static int load_link_keys(struct sock *sk, struct hci_dev *hdev, void *data,
28332833
for (i = 0; i < key_count; i++) {
28342834
struct mgmt_link_key_info *key = &cp->keys[i];
28352835

2836-
/* Considering SMP over BREDR/LE, there is no need to check addr_type */
2837-
if (key->type > 0x08)
2836+
if (key->addr.type != BDADDR_BREDR || key->type > 0x08)
28382837
return mgmt_cmd_status(sk, hdev->id,
28392838
MGMT_OP_LOAD_LINK_KEYS,
28402839
MGMT_STATUS_INVALID_PARAMS);
@@ -7089,7 +7088,6 @@ static int load_irks(struct sock *sk, struct hci_dev *hdev, void *cp_data,
70897088

70907089
for (i = 0; i < irk_count; i++) {
70917090
struct mgmt_irk_info *irk = &cp->irks[i];
7092-
u8 addr_type = le_addr_type(irk->addr.type);
70937091

70947092
if (hci_is_blocked_key(hdev,
70957093
HCI_BLOCKED_KEY_TYPE_IRK,
@@ -7099,12 +7097,8 @@ static int load_irks(struct sock *sk, struct hci_dev *hdev, void *cp_data,
70997097
continue;
71007098
}
71017099

7102-
/* When using SMP over BR/EDR, the addr type should be set to BREDR */
7103-
if (irk->addr.type == BDADDR_BREDR)
7104-
addr_type = BDADDR_BREDR;
7105-
71067100
hci_add_irk(hdev, &irk->addr.bdaddr,
7107-
addr_type, irk->val,
7101+
le_addr_type(irk->addr.type), irk->val,
71087102
BDADDR_ANY);
71097103
}
71107104

@@ -7185,7 +7179,6 @@ static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
71857179
for (i = 0; i < key_count; i++) {
71867180
struct mgmt_ltk_info *key = &cp->keys[i];
71877181
u8 type, authenticated;
7188-
u8 addr_type = le_addr_type(key->addr.type);
71897182

71907183
if (hci_is_blocked_key(hdev,
71917184
HCI_BLOCKED_KEY_TYPE_LTK,
@@ -7220,12 +7213,8 @@ static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev,
72207213
continue;
72217214
}
72227215

7223-
/* When using SMP over BR/EDR, the addr type should be set to BREDR */
7224-
if (key->addr.type == BDADDR_BREDR)
7225-
addr_type = BDADDR_BREDR;
7226-
72277216
hci_add_ltk(hdev, &key->addr.bdaddr,
7228-
addr_type, type, authenticated,
7217+
le_addr_type(key->addr.type), type, authenticated,
72297218
key->val, key->enc_size, key->ediv, key->rand);
72307219
}
72317220

@@ -9519,7 +9508,7 @@ void mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
95199508

95209509
ev.store_hint = persistent;
95219510
bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
9522-
ev.key.addr.type = link_to_bdaddr(key->link_type, key->bdaddr_type);
9511+
ev.key.addr.type = BDADDR_BREDR;
95239512
ev.key.type = key->type;
95249513
memcpy(ev.key.val, key->val, HCI_LINK_KEY_SIZE);
95259514
ev.key.pin_len = key->pin_len;
@@ -9570,7 +9559,7 @@ void mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, bool persistent)
95709559
ev.store_hint = persistent;
95719560

95729561
bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
9573-
ev.key.addr.type = link_to_bdaddr(key->link_type, key->bdaddr_type);
9562+
ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type);
95749563
ev.key.type = mgmt_ltk_type(key);
95759564
ev.key.enc_size = key->enc_size;
95769565
ev.key.ediv = key->ediv;
@@ -9599,7 +9588,7 @@ void mgmt_new_irk(struct hci_dev *hdev, struct smp_irk *irk, bool persistent)
95999588

96009589
bacpy(&ev.rpa, &irk->rpa);
96019590
bacpy(&ev.irk.addr.bdaddr, &irk->bdaddr);
9602-
ev.irk.addr.type = link_to_bdaddr(irk->link_type, irk->addr_type);
9591+
ev.irk.addr.type = link_to_bdaddr(LE_LINK, irk->addr_type);
96039592
memcpy(ev.irk.val, irk->val, sizeof(irk->val));
96049593

96059594
mgmt_event(MGMT_EV_NEW_IRK, hdev, &ev, sizeof(ev), NULL);
@@ -9628,7 +9617,7 @@ void mgmt_new_csrk(struct hci_dev *hdev, struct smp_csrk *csrk,
96289617
ev.store_hint = persistent;
96299618

96309619
bacpy(&ev.key.addr.bdaddr, &csrk->bdaddr);
9631-
ev.key.addr.type = link_to_bdaddr(csrk->link_type, csrk->bdaddr_type);
9620+
ev.key.addr.type = link_to_bdaddr(LE_LINK, csrk->bdaddr_type);
96329621
ev.key.type = csrk->type;
96339622
memcpy(ev.key.val, csrk->val, sizeof(csrk->val));
96349623

net/bluetooth/smp.c

Lines changed: 0 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1060,7 +1060,6 @@ static void smp_notify_keys(struct l2cap_conn *conn)
10601060
}
10611061

10621062
if (smp->remote_irk) {
1063-
smp->remote_irk->link_type = hcon->type;
10641063
mgmt_new_irk(hdev, smp->remote_irk, persistent);
10651064

10661065
/* Now that user space can be considered to know the
@@ -1080,28 +1079,24 @@ static void smp_notify_keys(struct l2cap_conn *conn)
10801079
}
10811080

10821081
if (smp->csrk) {
1083-
smp->csrk->link_type = hcon->type;
10841082
smp->csrk->bdaddr_type = hcon->dst_type;
10851083
bacpy(&smp->csrk->bdaddr, &hcon->dst);
10861084
mgmt_new_csrk(hdev, smp->csrk, persistent);
10871085
}
10881086

10891087
if (smp->responder_csrk) {
1090-
smp->responder_csrk->link_type = hcon->type;
10911088
smp->responder_csrk->bdaddr_type = hcon->dst_type;
10921089
bacpy(&smp->responder_csrk->bdaddr, &hcon->dst);
10931090
mgmt_new_csrk(hdev, smp->responder_csrk, persistent);
10941091
}
10951092

10961093
if (smp->ltk) {
1097-
smp->ltk->link_type = hcon->type;
10981094
smp->ltk->bdaddr_type = hcon->dst_type;
10991095
bacpy(&smp->ltk->bdaddr, &hcon->dst);
11001096
mgmt_new_ltk(hdev, smp->ltk, persistent);
11011097
}
11021098

11031099
if (smp->responder_ltk) {
1104-
smp->responder_ltk->link_type = hcon->type;
11051100
smp->responder_ltk->bdaddr_type = hcon->dst_type;
11061101
bacpy(&smp->responder_ltk->bdaddr, &hcon->dst);
11071102
mgmt_new_ltk(hdev, smp->responder_ltk, persistent);
@@ -1121,8 +1116,6 @@ static void smp_notify_keys(struct l2cap_conn *conn)
11211116
key = hci_add_link_key(hdev, smp->conn->hcon, &hcon->dst,
11221117
smp->link_key, type, 0, &persistent);
11231118
if (key) {
1124-
key->link_type = hcon->type;
1125-
key->bdaddr_type = hcon->dst_type;
11261119
mgmt_new_link_key(hdev, key, persistent);
11271120

11281121
/* Don't keep debug keys around if the relevant

0 commit comments

Comments
 (0)