Skip to content

Commit dc2f26a

Browse files
joerchanjoerchan
committed
Bluetooth: host: Allow requesting new security when security changed
Allow to request a higher security level during the key distribution phase. This is required by ATT and L2CAP since they only react to the encrypt change event where they resend the current request. The current request might require a higher security level still and might have to request a higher security level before the pairing procedure has been finished. Signed-off-by: Joakim Andersson <[email protected]>
1 parent 66dc901 commit dc2f26a

File tree

1 file changed

+18
-6
lines changed
  • subsys/bluetooth/host

1 file changed

+18
-6
lines changed

subsys/bluetooth/host/smp.c

Lines changed: 18 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1796,12 +1796,6 @@ static void smp_reset(struct bt_smp *smp)
17961796
atomic_set(&smp->allowed_cmds, 0);
17971797
atomic_set(smp->flags, 0);
17981798

1799-
if (conn->required_sec_level != conn->sec_level) {
1800-
/* TODO report error */
1801-
/* reset required security level in case of error */
1802-
conn->required_sec_level = conn->sec_level;
1803-
}
1804-
18051799
if (IS_ENABLED(CONFIG_BT_CENTRAL) &&
18061800
conn->role == BT_HCI_ROLE_MASTER) {
18071801
atomic_set_bit(&smp->allowed_cmds, BT_SMP_CMD_SECURITY_REQUEST);
@@ -1867,6 +1861,10 @@ static void smp_pairing_complete(struct bt_smp *smp, uint8_t status)
18671861
}
18681862

18691863
smp_reset(smp);
1864+
1865+
if (conn->sec_level != conn->required_sec_level) {
1866+
bt_smp_start_security(conn);
1867+
}
18701868
}
18711869

18721870
static void smp_timeout(struct k_work *work)
@@ -3059,6 +3057,13 @@ static int smp_send_pairing_req(struct bt_conn *conn)
30593057
return -EIO;
30603058
}
30613059

3060+
/* A higher security level is requested during the key distribution
3061+
* phase, once pairing is complete a new pairing procedure will start.
3062+
*/
3063+
if (atomic_test_bit(smp->flags, SMP_FLAG_KEYS_DISTR)) {
3064+
return 0;
3065+
}
3066+
30623067
/* pairing is in progress */
30633068
if (atomic_test_bit(smp->flags, SMP_FLAG_PAIRING)) {
30643069
return -EBUSY;
@@ -3920,6 +3925,13 @@ static uint8_t smp_security_request(struct bt_smp *smp, struct net_buf *buf)
39203925

39213926
BT_DBG("");
39223927

3928+
/* A higher security level is requested during the key distribution
3929+
* phase, once pairing is complete a new pairing procedure will start.
3930+
*/
3931+
if (atomic_test_bit(smp->flags, SMP_FLAG_KEYS_DISTR)) {
3932+
return 0;
3933+
}
3934+
39233935
if (atomic_test_bit(smp->flags, SMP_FLAG_PAIRING)) {
39243936
/* We have already started pairing process */
39253937
return 0;

0 commit comments

Comments
 (0)