DivestOS/Patches/LineageOS-14.1/android_system_bt/376465.patch
Tad c47797d6b9
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-12-07 00:16:40 -05:00

48 lines
1.8 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Hui Peng <phui@google.com>
Date: Tue, 12 Sep 2023 23:47:48 +0000
Subject: [PATCH] Reject access to secure service authenticated from a temp
bonding [3]
Allow access to rfcomm PSM by default
Original bug
Bug: 294854926
Nearby regressions:
Bug: 298539299
Test: m com.android.btservices
Ignore-AOSP-First: security
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ab986fe4165aae74c5915f57ad2e78bf80f1d3ec)
Merged-In: If1f7c9278a9e877f64ae78b6f067c597fb5d0e66
Change-Id: If1f7c9278a9e877f64ae78b6f067c597fb5d0e66
---
stack/btm/btm_sec.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/stack/btm/btm_sec.c b/stack/btm/btm_sec.c
index 728861f2f..c603156ff 100644
--- a/stack/btm/btm_sec.c
+++ b/stack/btm/btm_sec.c
@@ -2356,15 +2356,15 @@ tBTM_STATUS btm_sec_l2cap_access_req (BD_ADDR bd_addr, UINT16 psm, UINT16 handle
{
if (is_originator)
{
- /* SM4 to SM4 -> always authenticate & encrypt */
- security_required |= (BTM_SEC_OUT_AUTHENTICATE | BTM_SEC_OUT_ENCRYPT);
+ /* SM4 to SM4 -> always encrypt */
+ security_required |= BTM_SEC_OUT_ENCRYPT;
}
else /* acceptor */
{
/* SM4 to SM4: the acceptor needs to make sure the authentication is already done */
chk_acp_auth_done = TRUE;
- /* SM4 to SM4 -> always authenticate & encrypt */
- security_required |= (BTM_SEC_IN_AUTHENTICATE | BTM_SEC_IN_ENCRYPT);
+ /* SM4 to SM4 -> always encrypt */
+ security_required |= BTM_SEC_IN_ENCRYPT;
}
}
else if (!(BTM_SM4_KNOWN & p_dev_rec->sm4))