Piteball/android_kernel_google_msm
1
0
Fork 0
mirror of https://github.com/followmsi/android_kernel_google_msm.git synced 2024-11-06 23:17:41 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_google_msm/net
History
Claudio Takahasi dfb81e8ae6 Bluetooth: Fix removing Long Term Key 
commit 5981a8821b upstream.

This patch fixes authentication failure on LE link re-connection when
BlueZ acts as slave (peripheral). LTK is removed from the internal list
after its first use causing PIN or Key missing reply when re-connecting
the link. The LE Long Term Key Request event indicates that the master
is attempting to encrypt or re-encrypt the link.

Pre-condition: BlueZ host paired and running as slave.
How to reproduce(master):

  1) Establish an ACL LE encrypted link
  2) Disconnect the link
  3) Try to re-establish the ACL LE encrypted link (fails)

> HCI Event: LE Meta Event (0x3e) plen 19
      LE Connection Complete (0x01)
        Status: Success (0x00)
        Handle: 64
        Role: Slave (0x01)
...
@ Device Connected: 00:02:72:DC:29:C9 (1) flags 0x0000
> HCI Event: LE Meta Event (0x3e) plen 13
      LE Long Term Key Request (0x05)
        Handle: 64
        Random number: 875be18439d9aa37
        Encryption diversifier: 0x76ed
< HCI Command: LE Long Term Key Request Reply (0x08|0x001a) plen 18
        Handle: 64
        Long term key: 2aa531db2fce9f00a0569c7d23d17409
> HCI Event: Command Complete (0x0e) plen 6
      LE Long Term Key Request Reply (0x08|0x001a) ncmd 1
        Status: Success (0x00)
        Handle: 64
> HCI Event: Encryption Change (0x08) plen 4
        Status: Success (0x00)
        Handle: 64
        Encryption: Enabled with AES-CCM (0x01)
...
@ Device Disconnected: 00:02:72:DC:29:C9 (1) reason 3
< HCI Command: LE Set Advertise Enable (0x08|0x000a) plen 1
        Advertising: Enabled (0x01)
> HCI Event: Command Complete (0x0e) plen 4
      LE Set Advertise Enable (0x08|0x000a) ncmd 1
        Status: Success (0x00)
> HCI Event: LE Meta Event (0x3e) plen 19
      LE Connection Complete (0x01)
        Status: Success (0x00)
        Handle: 64
        Role: Slave (0x01)
...
@ Device Connected: 00:02:72:DC:29:C9 (1) flags 0x0000
> HCI Event: LE Meta Event (0x3e) plen 13
      LE Long Term Key Request (0x05)
        Handle: 64
        Random number: 875be18439d9aa37
        Encryption diversifier: 0x76ed
< HCI Command: LE Long Term Key Request Neg Reply (0x08|0x001b) plen 2
        Handle: 64
> HCI Event: Command Complete (0x0e) plen 6
      LE Long Term Key Request Neg Reply (0x08|0x001b) ncmd 1
        Status: Success (0x00)
        Handle: 64
> HCI Event: Disconnect Complete (0x05) plen 4
        Status: Success (0x00)
        Handle: 64
        Reason: Authentication Failure (0x05)
@ Device Disconnected: 00:02:72:DC:29:C9 (1) reason 0

Signed-off-by: Claudio Takahasi <claudio.takahasi@openbossa.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-04-26 17:13:19 -07:00
..
9p 9p: fix off by one causing access violations and memory corruption 2013-07-28 16:26:05 -07:00
802
8021q vlan: Set correct source MAC address with TX VLAN offload enabled 2014-04-26 17:13:16 -07:00
appletalk net: rework recvmsg handler msg_name and msg_namelen logic 2013-12-08 07:29:41 -08:00
atm net: rework recvmsg handler msg_name and msg_namelen logic 2013-12-08 07:29:41 -08:00
ax25 net: rework recvmsg handler msg_name and msg_namelen logic 2013-12-08 07:29:41 -08:00
batman-adv
bluetooth Bluetooth: Fix removing Long Term Key 2014-04-26 17:13:19 -07:00
bridge bridge: multicast: add sanity check for query source addresses 2014-04-26 17:13:16 -07:00
caif net: rework recvmsg handler msg_name and msg_namelen logic 2013-12-08 07:29:41 -08:00
can
ceph libceph: resend all writes after the osdmap loses the full flag 2014-03-30 21:40:30 -07:00
core net: add and use skb_gso_transport_seglen() 2014-03-11 16:09:59 -07:00
dcb
dccp
decnet
dns_resolver
dsa
econet
ethernet
ieee802154 6lowpan: Uncompression of traffic class field was incorrect 2013-12-08 07:29:41 -08:00
ipv4 net: ip, ipv6: handle gso skbs in forwarding path 2014-03-11 16:09:59 -07:00
ipv6 ipv6: some ipv6 statistic counters failed to disable bh 2014-04-26 17:13:18 -07:00
ipx net: rework recvmsg handler msg_name and msg_namelen logic 2013-12-08 07:29:41 -08:00
irda net: rework recvmsg handler msg_name and msg_namelen logic 2013-12-08 07:29:41 -08:00
iucv net: rework recvmsg handler msg_name and msg_namelen logic 2013-12-08 07:29:41 -08:00
key net: rework recvmsg handler msg_name and msg_namelen logic 2013-12-08 07:29:41 -08:00
l2tp net: rework recvmsg handler msg_name and msg_namelen logic 2013-12-08 07:29:41 -08:00
lapb
llc net: llc: fix use after free in llc_ui_recvmsg 2014-01-15 15:27:11 -08:00
mac80211 mac80211: fix AP powersave TX vs. wakeup race 2014-03-23 21:37:04 -07:00
netfilter netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages 2014-04-03 11:58:46 -07:00
netlabel netlabel: improve domain mapping validation 2013-06-27 11:27:31 -07:00
netlink net: rework recvmsg handler msg_name and msg_namelen logic 2013-12-08 07:29:41 -08:00
netrom net: rework recvmsg handler msg_name and msg_namelen logic 2013-12-08 07:29:41 -08:00
nfc net: rework recvmsg handler msg_name and msg_namelen logic 2013-12-08 07:29:41 -08:00
openvswitch
packet af_packet: block BH in prb_shutdown_retire_blk_timer() 2013-12-08 07:29:42 -08:00
phonet inet: prevent leakage of uninitialized memory to user in recv syscalls 2013-12-08 07:29:41 -08:00
rds rds: prevent dereference of a NULL device in rds_iw_laddr_check 2014-04-26 17:13:18 -07:00
rfkill
rose net: rose: restore old recvmsg behavior 2014-01-15 15:27:11 -08:00
rxrpc net: rework recvmsg handler msg_name and msg_namelen logic 2013-12-08 07:29:41 -08:00
sched htb: fix sign extension bug 2013-09-14 06:02:08 -07:00
sctp net: sctp: fix skb leakage in COOKIE ECHO path of chunk->auth_chunk 2014-04-26 17:13:16 -07:00
sunrpc SUNRPC: Prevent an rpc_task wakeup race 2014-03-11 16:10:08 -07:00
tipc net: rework recvmsg handler msg_name and msg_namelen logic 2013-12-08 07:29:41 -08:00
unix net: unix: non blocking recvmsg() should not return -EINTR 2014-04-26 17:13:16 -07:00
wanrouter
wimax
wireless radiotap: fix bitmap-end-finding buffer overrun 2014-01-08 09:42:12 -08:00
x25 net: rework recvmsg handler msg_name and msg_namelen logic 2013-12-08 07:29:41 -08:00
xfrm
compat.c x86, x32: Correct invalid use of user timespec in the kernel 2014-02-06 11:05:46 -08:00
Kconfig
Makefile
nonet.c
socket.c net: socket: error on a negative msg_namelen 2014-04-26 17:13:17 -07:00
sysctl_net.c