summaryrefslogtreecommitdiffstats
path: root/net/bluetooth
diff options
context:
space:
mode:
authorAlain Michaud <alainm@chromium.org>2020-03-25 14:48:34 +0000
committerMarcel Holtmann <marcel@holtmann.org>2020-03-25 15:50:35 +0100
commit32b50729d91f0b59336851bf765b9423add00710 (patch)
tree6c14be997d596f4efc4813779407428686abe7ae /net/bluetooth
parentb48596d1dc257900b9639f61e1cfd95250e7381b (diff)
downloadlinux-32b50729d91f0b59336851bf765b9423add00710.tar.gz
linux-32b50729d91f0b59336851bf765b9423add00710.tar.bz2
linux-32b50729d91f0b59336851bf765b9423add00710.zip
Bluetooth: don't assume key size is 16 when the command fails
With this change, the encryption key size is not assumed to be 16 if the read_encryption_key_size command fails for any reason. This ensures that if the controller fails the command for any reason that the encryption key size isn't implicitely set to 16 and instead take a more concervative posture to assume it is 0. Signed-off-by: Alain Michaud <alainm@chromium.org> Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Diffstat (limited to 'net/bluetooth')
-rw-r--r--net/bluetooth/hci_event.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index cd3d7d90029b..0a591be8b0ae 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -2963,14 +2963,14 @@ static void read_enc_key_size_complete(struct hci_dev *hdev, u8 status,
if (!conn)
goto unlock;
- /* If we fail to read the encryption key size, assume maximum
- * (which is the same we do also when this HCI command isn't
- * supported.
+ /* While unexpected, the read_enc_key_size command may fail. The most
+ * secure approach is to then assume the key size is 0 to force a
+ * disconnection.
*/
if (rp->status) {
bt_dev_err(hdev, "failed to read key size for handle %u",
handle);
- conn->enc_key_size = HCI_LINK_KEY_SIZE;
+ conn->enc_key_size = 0;
} else {
conn->enc_key_size = rp->key_size;
}