From bd81052d41e4ce0b8a2a727905aba0b134abb635 Mon Sep 17 00:00:00 2001
From: Arkadiusz Lichwa <arkadiusz.lichwa@tieto.com>
Date: Thu, 21 Jan 2016 09:42:05 +0100
Subject: [PATCH] Bluetooth: BR/EDR: Validate security on connection complete
 evt

During endup pairing as acceptor update security level and link encryption
state on connection complete event.

Change-Id: I6189a3c6675c080e3ab2610c81b617294dbd98d5
Signed-off-by: Arkadiusz Lichwa <arkadiusz.lichwa@tieto.com>
---
 net/bluetooth/hci_core.c | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c
index 36bd5f60b66..49c331797c8 100644
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c
@@ -897,6 +897,30 @@ static void conn_req(struct net_buf *buf)
 	bt_conn_unref(conn);
 }
 
+static void update_sec_level_br(struct bt_conn *conn)
+{
+	if (!conn->encrypt) {
+		conn->sec_level = BT_SECURITY_LOW;
+		return;
+	}
+
+	if (conn->keys && (conn->keys->keys & BT_KEYS_LINK_KEY)) {
+		conn->sec_level = BT_SECURITY_MEDIUM;
+		if (atomic_test_bit(&conn->keys->flags,
+				    BT_KEYS_AUTHENTICATED)) {
+			conn->sec_level = BT_SECURITY_HIGH;
+		}
+	} else {
+		BT_WARN("No BR/EDR link key found");
+		conn->sec_level = BT_SECURITY_MEDIUM;
+	}
+
+	if (conn->required_sec_level > conn->sec_level) {
+		BT_ERR("Failed to set required security level");
+		bt_conn_disconnect(conn, BT_HCI_ERR_AUTHENTICATION_FAIL);
+	}
+}
+
 static void conn_complete(struct net_buf *buf)
 {
 	struct bt_hci_evt_conn_complete *evt = (void *)buf->data;
@@ -920,6 +944,8 @@ static void conn_complete(struct net_buf *buf)
 	}
 
 	conn->handle = handle;
+	conn->encrypt = evt->encr_enabled;
+	update_sec_level_br(conn);
 	bt_conn_set_state(conn, BT_CONN_CONNECTED);
 	bt_conn_unref(conn);
 }