From 08f0d1c7428570660dc9c34be2507d53f3ca5224 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Narajowski?= <michal.narajowski@codecoup.pl>
Date: Thu, 21 Jan 2021 14:47:19 +0100
Subject: [PATCH] Bluetooth: Mesh: Add a flag for DevKey-only based models
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This prevents a Configuration Client from binding an app key to a model
that only supports DevKey-based security.

Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
---
 subsys/bluetooth/mesh/access.c  | 8 --------
 subsys/bluetooth/mesh/access.h  | 9 +++++++++
 subsys/bluetooth/mesh/cfg_cli.c | 2 ++
 subsys/bluetooth/mesh/cfg_srv.c | 7 ++++---
 4 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/subsys/bluetooth/mesh/access.c b/subsys/bluetooth/mesh/access.c
index 3a4e2831229..9b760445bc9 100644
--- a/subsys/bluetooth/mesh/access.c
+++ b/subsys/bluetooth/mesh/access.c
@@ -29,14 +29,6 @@
 #include <zephyr/logging/log.h>
 LOG_MODULE_REGISTER(bt_mesh_access);
 
-/* bt_mesh_model.flags */
-enum {
-	BT_MESH_MOD_BIND_PENDING = BIT(0),
-	BT_MESH_MOD_SUB_PENDING = BIT(1),
-	BT_MESH_MOD_PUB_PENDING = BIT(2),
-	BT_MESH_MOD_EXTENDED = BIT(3),
-};
-
 /* Model publication information for persistent storage. */
 struct mod_pub_val {
 	uint16_t addr;
diff --git a/subsys/bluetooth/mesh/access.h b/subsys/bluetooth/mesh/access.h
index 110f83168d2..8fe22d1e767 100644
--- a/subsys/bluetooth/mesh/access.h
+++ b/subsys/bluetooth/mesh/access.h
@@ -10,6 +10,15 @@ enum bt_mesh_walk {
 	BT_MESH_WALK_CONTINUE,
 };
 
+/* bt_mesh_model.flags */
+enum {
+	BT_MESH_MOD_BIND_PENDING = BIT(0),
+	BT_MESH_MOD_SUB_PENDING = BIT(1),
+	BT_MESH_MOD_PUB_PENDING = BIT(2),
+	BT_MESH_MOD_EXTENDED = BIT(3),
+	BT_MESH_MOD_DEVKEY_ONLY = BIT(4),
+};
+
 void bt_mesh_elem_register(struct bt_mesh_elem *elem, uint8_t count);
 
 uint8_t bt_mesh_elem_count(void);
diff --git a/subsys/bluetooth/mesh/cfg_cli.c b/subsys/bluetooth/mesh/cfg_cli.c
index f38db817e45..079549e751e 100644
--- a/subsys/bluetooth/mesh/cfg_cli.c
+++ b/subsys/bluetooth/mesh/cfg_cli.c
@@ -19,6 +19,7 @@
 
 #include "common/bt_str.h"
 
+#include "access.h"
 #include "net.h"
 #include "foundation.h"
 #include "msg.h"
@@ -996,6 +997,7 @@ static int cfg_cli_init(struct bt_mesh_model *model)
 	 * and remote keys are allowed to access this model.
 	 */
 	model->keys[0] = BT_MESH_KEY_DEV_ANY;
+	model->flags |= BT_MESH_MOD_DEVKEY_ONLY;
 
 	bt_mesh_msg_ack_ctx_init(&cli->ack_ctx);
 
diff --git a/subsys/bluetooth/mesh/cfg_srv.c b/subsys/bluetooth/mesh/cfg_srv.c
index 875c1e9f3bc..4b684ed269c 100644
--- a/subsys/bluetooth/mesh/cfg_srv.c
+++ b/subsys/bluetooth/mesh/cfg_srv.c
@@ -1893,9 +1893,9 @@ static int mod_app_bind(struct bt_mesh_model *model,
 		goto send_status;
 	}
 
-	/* Configuration Server only allows device key based access */
-	if (model == mod) {
-		LOG_ERR("Client tried to bind AppKey to Configuration Model");
+	/* Some models only allow device key based access */
+	if (mod->flags & BT_MESH_MOD_DEVKEY_ONLY) {
+		LOG_ERR("Client tried to bind AppKey to DevKey based model");
 		status = STATUS_CANNOT_BIND;
 		goto send_status;
 	}
@@ -2535,6 +2535,7 @@ static int cfg_srv_init(struct bt_mesh_model *model)
 	 * device-key is allowed to access this model.
 	 */
 	model->keys[0] = BT_MESH_KEY_DEV_LOCAL;
+	model->flags |= BT_MESH_MOD_DEVKEY_ONLY;
 
 	return 0;
 }