Bluetooth: Use MITM Protection when IO caps allow it

When responding to a remotely-initiated pairing procedure, a MITM
protected SSP associaton model can be used for pairing if both local
and remote IO capabilities are set to something other than
NoInputNoOutput, regardless of the bonding type (Dedicated or
General).

This was already done for Dedicated Bonding but this patch proposes to
use the same policy for General Bonding as well.

The GAP Specification gives the flexibility to decide whether MITM
Protection is used ot not (Bluetooth Core Specification v4.0 Volume 3,
part C, section 6.5.3).

Note however that the recommendation is *not* to set this flag "unless
the security policy of an available local service requires MITM
Protection" (for both Dedicated and General Bonding). However, as we are
already requiring MITM for Dedicated Bonding, we will follow this
behaviour also for General Bonding.

Signed-off-by: Timo Mueller <timo.mueller@bmw-carit.de>
Signed-off-by: Mikel Astiz <mikel.astiz@bmw-carit.de>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>

diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 2c097322b126ec69e5e250687781332cd149529c..8f76e352ad00f9284786880b3a3e5ee23217f938 100644 (file)
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -3424,11 +3424,6 @@ static u8 hci_get_auth_req(struct hci_conn *conn)
            conn->remote_auth == HCI_AT_NO_BONDING_MITM)
                return conn->remote_auth | (conn->auth_type & 0x01);
 
-       /* For general bonding, use the given auth_type */
-       if (conn->remote_auth == HCI_AT_GENERAL_BONDING ||
-           conn->remote_auth == HCI_AT_GENERAL_BONDING_MITM)
-               return conn->auth_type;
-
        /* If both remote and local have enough IO capabilities, require
         * MITM protection
         */
@@ -3436,8 +3431,8 @@ static u8 hci_get_auth_req(struct hci_conn *conn)
            conn->io_capability != HCI_IO_NO_INPUT_OUTPUT)
                return conn->remote_auth | 0x01;
 
-       /* No MITM protection possible so remove requirement */
-       return conn->remote_auth & ~0x01;
+       /* No MITM protection possible so ignore remote requirement */
+       return (conn->remote_auth & ~0x01) | (conn->auth_type & 0x01);
 }
 
 static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)