mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-12-23 22:49:28 -05:00
082bc48c32
https://review.lineageos.org/q/topic:P_asb_2022-05 https://review.lineageos.org/q/topic:P_asb_2022-06 https://review.lineageos.org/q/topic:P_asb_2022-07 https://review.lineageos.org/q/topic:P_asb_2022-08 https://review.lineageos.org/q/topic:P_asb_2022-09 https://review.lineageos.org/q/topic:P_asb_2022-10 https://review.lineageos.org/q/topic:P_asb_2022-11 https://review.lineageos.org/q/topic:P_asb_2022-12 https://review.lineageos.org/q/topic:P_asb_2023-01 https://review.lineageos.org/q/topic:P_asb_2023-02 https://review.lineageos.org/q/topic:P_asb_2023-03 https://review.lineageos.org/q/topic:P_asb_2023-04 https://review.lineageos.org/q/topic:P_asb_2023-05 https://review.lineageos.org/q/topic:P_asb_2023-06 https://review.lineageos.org/q/topic:P_asb_2023-07 accounted for via manifest change: https://review.lineageos.org/c/LineageOS/android_external_freetype/+/361250 https://review.lineageos.org/q/topic:P_asb_2023-08 accounted for via manifest change: https://review.lineageos.org/c/LineageOS/android_external_freetype/+/364606 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/365328 https://review.lineageos.org/q/topic:P_asb_2023-09 https://review.lineageos.org/q/topic:P_asb_2023-10 https://review.lineageos.org/q/topic:P_asb_2023-11 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/374916 https://review.lineageos.org/q/topic:P_asb_2023-12 https://review.lineageos.org/q/topic:P_asb_2024-01 https://review.lineageos.org/q/topic:P_asb_2024-02 https://review.lineageos.org/q/topic:P_asb_2024-03 https://review.lineageos.org/q/topic:P_asb_2024-04 Signed-off-by: Tavi <tavi@divested.dev>
48 lines
1.8 KiB
Diff
48 lines
1.8 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Hui Peng <phui@google.com>
|
|
Date: Tue, 12 Sep 2023 23:47:48 +0000
|
|
Subject: [PATCH] Reject access to secure service authenticated from a temp
|
|
bonding [3]
|
|
|
|
Allow access to rfcomm PSM by default
|
|
|
|
Original bug
|
|
Bug: 294854926
|
|
|
|
Nearby regressions:
|
|
Bug: 298539299
|
|
|
|
Test: m com.android.btservices
|
|
Ignore-AOSP-First: security
|
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ab986fe4165aae74c5915f57ad2e78bf80f1d3ec)
|
|
Merged-In: If1f7c9278a9e877f64ae78b6f067c597fb5d0e66
|
|
Change-Id: If1f7c9278a9e877f64ae78b6f067c597fb5d0e66
|
|
---
|
|
stack/btm/btm_sec.cc | 8 ++++----
|
|
1 file changed, 4 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/stack/btm/btm_sec.cc b/stack/btm/btm_sec.cc
|
|
index bce9eae06..41f81631e 100644
|
|
--- a/stack/btm/btm_sec.cc
|
|
+++ b/stack/btm/btm_sec.cc
|
|
@@ -2117,15 +2117,15 @@ tBTM_STATUS btm_sec_l2cap_access_req(const RawAddress& bd_addr, uint16_t psm,
|
|
btm_cb.security_mode == BTM_SEC_MODE_SC) {
|
|
if (BTM_SEC_IS_SM4(p_dev_rec->sm4)) {
|
|
if (is_originator) {
|
|
- /* SM4 to SM4 -> always authenticate & encrypt */
|
|
- security_required |= (BTM_SEC_OUT_AUTHENTICATE | BTM_SEC_OUT_ENCRYPT);
|
|
+ /* SM4 to SM4 -> always encrypt */
|
|
+ security_required |= BTM_SEC_OUT_ENCRYPT;
|
|
} else /* acceptor */
|
|
{
|
|
/* SM4 to SM4: the acceptor needs to make sure the authentication is
|
|
* already done */
|
|
chk_acp_auth_done = true;
|
|
- /* SM4 to SM4 -> always authenticate & encrypt */
|
|
- security_required |= (BTM_SEC_IN_AUTHENTICATE | BTM_SEC_IN_ENCRYPT);
|
|
+ /* SM4 to SM4 -> always encrypt */
|
|
+ security_required |= BTM_SEC_IN_ENCRYPT;
|
|
}
|
|
} else if (!(BTM_SM4_KNOWN & p_dev_rec->sm4)) {
|
|
/* the remote features are not known yet */
|