Commit f62e4323 authored by Marcel Holtmann's avatar Marcel Holtmann

Bluetooth: Disconnect L2CAP connections without encryption

For L2CAP connections with high security setting, the link will be
immediately dropped when the encryption gets disabled. For L2CAP
connections with medium security there will be grace period where
the remote device has the chance to re-enable encryption. If it
doesn't happen then the link will also be disconnected.

The requirement for the grace period with medium security comes from
Bluetooth 2.0 and earlier devices that require role switching.
Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
parent 8c84b830
...@@ -77,7 +77,9 @@ static void l2cap_sock_timeout(unsigned long arg) ...@@ -77,7 +77,9 @@ static void l2cap_sock_timeout(unsigned long arg)
bh_lock_sock(sk); bh_lock_sock(sk);
if (sk->sk_state == BT_CONNECT && if (sk->sk_state == BT_CONNECTED || sk->sk_state == BT_CONFIG)
reason = ECONNREFUSED;
else if (sk->sk_state == BT_CONNECT &&
l2cap_pi(sk)->sec_level != BT_SECURITY_SDP) l2cap_pi(sk)->sec_level != BT_SECURITY_SDP)
reason = ECONNREFUSED; reason = ECONNREFUSED;
else else
...@@ -2400,6 +2402,20 @@ static int l2cap_disconn_ind(struct hci_conn *hcon, u8 reason) ...@@ -2400,6 +2402,20 @@ static int l2cap_disconn_ind(struct hci_conn *hcon, u8 reason)
return 0; return 0;
} }
static inline void l2cap_check_encryption(struct sock *sk, u8 encrypt)
{
if (encrypt == 0x00) {
if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM) {
l2cap_sock_clear_timer(sk);
l2cap_sock_set_timer(sk, HZ * 5);
} else if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)
__l2cap_sock_close(sk, ECONNREFUSED);
} else {
if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM)
l2cap_sock_clear_timer(sk);
}
}
static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt) static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
{ {
struct l2cap_chan_list *l; struct l2cap_chan_list *l;
...@@ -2416,15 +2432,11 @@ static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt) ...@@ -2416,15 +2432,11 @@ static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
read_lock(&l->lock); read_lock(&l->lock);
for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) { for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
struct l2cap_pinfo *pi = l2cap_pi(sk);
bh_lock_sock(sk); bh_lock_sock(sk);
if (!status && encrypt == 0x00 && if (!status && (sk->sk_state == BT_CONNECTED ||
pi->sec_level == BT_SECURITY_HIGH &&
(sk->sk_state == BT_CONNECTED ||
sk->sk_state == BT_CONFIG)) { sk->sk_state == BT_CONFIG)) {
__l2cap_sock_close(sk, ECONNREFUSED); l2cap_check_encryption(sk, encrypt);
bh_unlock_sock(sk); bh_unlock_sock(sk);
continue; continue;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment