DivestOS/Patches/LineageOS-16.0/android_system_bt/377781.patch

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Hui Peng <phui@google.com>
Date: Wed, 13 Sep 2023 00:00:44 +0000
Subject: [PATCH] Enforce authentication if encryption is required

Original bug
Bug: 294854926

regressions:
Bug: 299570702
Bug: 299561281

Test: Test: m com.android.btservices
Test: QA validation
Ignore-AOSP-First: security
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:778d3fb3fb520e54425ecefe9a28453002053553)
Merged-In: I0370ed2e3166d56f708e1981c2126526e1db9eaa
Change-Id: I0370ed2e3166d56f708e1981c2126526e1db9eaa
---
 stack/btm/btm_sec.cc | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/stack/btm/btm_sec.cc b/stack/btm/btm_sec.cc
index b8a423d28..71f737ebf 100644
--- a/stack/btm/btm_sec.cc
+++ b/stack/btm/btm_sec.cc
@@ -5082,13 +5082,15 @@ tBTM_STATUS btm_sec_execute_procedure(tBTM_SEC_DEV_REC* p_dev_rec) {
     // Check link status of BR/EDR
     if (!(p_dev_rec->sec_flags & BTM_SEC_AUTHENTICATED)) {
       if (p_dev_rec->is_originator) {
-        if (p_dev_rec->security_required & BTM_SEC_OUT_AUTHENTICATE) {
-          LOG_DEBUG(LOG_TAG, "Outgoing authentication Required");
+        if (p_dev_rec->security_required &
+            (BTM_SEC_OUT_AUTHENTICATE | BTM_SEC_OUT_ENCRYPT)) {
+          LOG_DEBUG(LOG_TAG, "Outgoing authentication/encryption Required");
           start_auth = true;
         }
       } else {
-        if (p_dev_rec->security_required & BTM_SEC_IN_AUTHENTICATE) {
-          LOG_DEBUG(LOG_TAG, "Incoming authentication Required");
+        if (p_dev_rec->security_required &
+            (BTM_SEC_IN_AUTHENTICATE | BTM_SEC_IN_ENCRYPT)) {
+          LOG_DEBUG(LOG_TAG, "Incoming authentication/encryption Required");
           start_auth = true;
         }
       }
16.0: Import and verify picks https://review.lineageos.org/q/topic:P_asb_2022-05 https://review.lineageos.org/q/topic:P_asb_2022-06 https://review.lineageos.org/q/topic:P_asb_2022-07 https://review.lineageos.org/q/topic:P_asb_2022-08 https://review.lineageos.org/q/topic:P_asb_2022-09 https://review.lineageos.org/q/topic:P_asb_2022-10 https://review.lineageos.org/q/topic:P_asb_2022-11 https://review.lineageos.org/q/topic:P_asb_2022-12 https://review.lineageos.org/q/topic:P_asb_2023-01 https://review.lineageos.org/q/topic:P_asb_2023-02 https://review.lineageos.org/q/topic:P_asb_2023-03 https://review.lineageos.org/q/topic:P_asb_2023-04 https://review.lineageos.org/q/topic:P_asb_2023-05 https://review.lineageos.org/q/topic:P_asb_2023-06 https://review.lineageos.org/q/topic:P_asb_2023-07 accounted for via manifest change: https://review.lineageos.org/c/LineageOS/android_external_freetype/+/361250 https://review.lineageos.org/q/topic:P_asb_2023-08 accounted for via manifest change: https://review.lineageos.org/c/LineageOS/android_external_freetype/+/364606 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/365328 https://review.lineageos.org/q/topic:P_asb_2023-09 https://review.lineageos.org/q/topic:P_asb_2023-10 https://review.lineageos.org/q/topic:P_asb_2023-11 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/374916 https://review.lineageos.org/q/topic:P_asb_2023-12 https://review.lineageos.org/q/topic:P_asb_2024-01 https://review.lineageos.org/q/topic:P_asb_2024-02 https://review.lineageos.org/q/topic:P_asb_2024-03 https://review.lineageos.org/q/topic:P_asb_2024-04 Signed-off-by: Tavi <tavi@divested.dev> 2024-05-07 23:13:31 +00:00			`From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001`
			`From: Hui Peng <phui@google.com>`
			`Date: Wed, 13 Sep 2023 00:00:44 +0000`
			`Subject: [PATCH] Enforce authentication if encryption is required`

			`Original bug`
			`Bug: 294854926`

			`regressions:`
			`Bug: 299570702`
			`Bug: 299561281`

			`Test: Test: m com.android.btservices`
			`Test: QA validation`
			`Ignore-AOSP-First: security`
			`(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:778d3fb3fb520e54425ecefe9a28453002053553)`
			`Merged-In: I0370ed2e3166d56f708e1981c2126526e1db9eaa`
			`Change-Id: I0370ed2e3166d56f708e1981c2126526e1db9eaa`
			`---`
			`stack/btm/btm_sec.cc \| 10 ++++++----`
			`1 file changed, 6 insertions(+), 4 deletions(-)`

			`diff --git a/stack/btm/btm_sec.cc b/stack/btm/btm_sec.cc`
			`index b8a423d28..71f737ebf 100644`
			`--- a/stack/btm/btm_sec.cc`
			`+++ b/stack/btm/btm_sec.cc`
			`@@ -5082,13 +5082,15 @@ tBTM_STATUS btm_sec_execute_procedure(tBTM_SEC_DEV_REC* p_dev_rec) {`
			`// Check link status of BR/EDR`
			`if (!(p_dev_rec->sec_flags & BTM_SEC_AUTHENTICATED)) {`
			`if (p_dev_rec->is_originator) {`
			`- if (p_dev_rec->security_required & BTM_SEC_OUT_AUTHENTICATE) {`
			`- LOG_DEBUG(LOG_TAG, "Outgoing authentication Required");`
			`+ if (p_dev_rec->security_required &`
			`+ (BTM_SEC_OUT_AUTHENTICATE \| BTM_SEC_OUT_ENCRYPT)) {`
			`+ LOG_DEBUG(LOG_TAG, "Outgoing authentication/encryption Required");`
			`start_auth = true;`
			`}`
			`} else {`
			`- if (p_dev_rec->security_required & BTM_SEC_IN_AUTHENTICATE) {`
			`- LOG_DEBUG(LOG_TAG, "Incoming authentication Required");`
			`+ if (p_dev_rec->security_required &`
			`+ (BTM_SEC_IN_AUTHENTICATE \| BTM_SEC_IN_ENCRYPT)) {`
			`+ LOG_DEBUG(LOG_TAG, "Incoming authentication/encryption Required");`
			`start_auth = true;`
			`}`
			`}`