Commit a9a830a6 authored by Luiz Augusto von Dentz's avatar Luiz Augusto von Dentz
Browse files

Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE 



The code shall always check if HCI_QUIRK_BROKEN_READ_ENC_KEY_SIZE has
been set before attempting to use HCI_OP_READ_ENC_KEY_SIZE.

Fixes: c569242c ("Bluetooth: hci_event: set the conn encrypted before conn establishes")
Signed-off-by: default avatarLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
parent b23d98d4

include/net/bluetooth/hci_core.h

+4 −0
Original line number Diff line number Diff line
@@ -1907,6 +1907,10 @@ void hci_conn_del_sysfs(struct hci_conn *conn); 
#define privacy_mode_capable(dev) (use_ll_privacy(dev) && \

				   (hdev->commands[39] & 0x04))



#define read_key_size_capable(dev) \

	((dev)->commands[20] & 0x10 && \

	 !test_bit(HCI_QUIRK_BROKEN_READ_ENC_KEY_SIZE, &hdev->quirks))



/* Use enhanced synchronous connection if command is supported and its quirk

 * has not been set.

 */

net/bluetooth/hci_event.c

+2 −3
Original line number Diff line number Diff line
@@ -3218,7 +3218,7 @@ static void hci_conn_complete_evt(struct hci_dev *hdev, void *data, 
			if (key) {

				set_bit(HCI_CONN_ENCRYPT, &conn->flags);



				if (!(hdev->commands[20] & 0x10)) {

				if (!read_key_size_capable(hdev)) {

					conn->enc_key_size = HCI_LINK_KEY_SIZE;

				} else {

					cp.handle = cpu_to_le16(conn->handle);
@@ -3666,8 +3666,7 @@ static void hci_encrypt_change_evt(struct hci_dev *hdev, void *data, 
		 * controller really supports it. If it doesn't, assume

		 * the default size (16).

		 */

		if (!(hdev->commands[20] & 0x10) ||

		    test_bit(HCI_QUIRK_BROKEN_READ_ENC_KEY_SIZE, &hdev->quirks)) {

		if (!read_key_size_capable(hdev)) {

			conn->enc_key_size = HCI_LINK_KEY_SIZE;

			goto notify;

		}