From 1246df3c988f09b7ff3c8438fb78b4a0880f5d15 Mon Sep 17 00:00:00 2001 From: Arkadiusz Lichwa Date: Thu, 21 Jan 2016 09:55:03 +0100 Subject: [PATCH] Bluetooth: BR/EDR: Validate security on encryption key refresh evt During endup pairing as acceptor update security level on encryption key refresh complete event. Change-Id: Id1d252bfa5a7f6c69d52b3f6b23907025e711fb2 Signed-off-by: Arkadiusz Lichwa --- net/bluetooth/hci_core.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c index 6134200618a..a0d25763f96 100644 --- a/net/bluetooth/hci_core.c +++ b/net/bluetooth/hci_core.c @@ -1161,14 +1161,19 @@ static void hci_encrypt_key_refresh_complete(struct net_buf *buf) /* * Update keys with last pairing info for proper sec level update. - * This is done only for LE transport, for BR/EDR keys are updated on - * HCI 'Link Key Notification Event' + * This is done only for LE transport. For BR/EDR transport keys are + * updated on HCI 'Link Key Notification Event', therefore update here + * only security level based on available keys and encryption state. */ if (conn->type == BT_CONN_TYPE_LE) { bt_smp_update_keys(conn); + update_sec_level(conn); +#if defined(CONFIG_BLUETOOTH_BREDR) + } else { + update_sec_level_br(conn); +#endif /* CONFIG_BLUETOOTH_BREDR */ } - update_sec_level(conn); bt_l2cap_encrypt_change(conn); bt_conn_security_changed(conn); bt_conn_unref(conn);