From: Johan Hedberg Date: Thu, 29 May 2014 16:36:53 +0000 (+0300) Subject: Bluetooth: Fix properly ignoring LTKs of unknown types X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=61b433579b6ffecb1d3534fd482dcd48535277c8;p=GitHub%2FLineageOS%2FG12%2Fandroid_kernel_amlogic_linux-4.9.git Bluetooth: Fix properly ignoring LTKs of unknown types In case there are new LTK types in the future we shouldn't just blindly assume that != MGMT_LTK_UNAUTHENTICATED means that the key is authenticated. This patch adds explicit checks for each allowed key type in the form of a switch statement and skips any key which has an unknown value. Signed-off-by: Johan Hedberg Signed-off-by: Marcel Holtmann Cc: stable@vger.kernel.org --- diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c index 5e9c21a5525f..0fce54412ffd 100644 --- a/net/bluetooth/mgmt.c +++ b/net/bluetooth/mgmt.c @@ -4546,10 +4546,16 @@ static int load_long_term_keys(struct sock *sk, struct hci_dev *hdev, else type = HCI_SMP_LTK_SLAVE; - if (key->type == MGMT_LTK_UNAUTHENTICATED) + switch (key->type) { + case MGMT_LTK_UNAUTHENTICATED: authenticated = 0x00; - else + break; + case MGMT_LTK_AUTHENTICATED: authenticated = 0x01; + break; + default: + continue; + } hci_add_ltk(hdev, &key->addr.bdaddr, addr_type, type, authenticated, key->val, key->enc_size, key->ediv,