CVS commit: src/sys/netbt

2024-03-13 Thread Nathanial Sloss
Module Name:src
Committed By:   nat
Date:   Wed Mar 13 07:22:16 UTC 2024

Added Files:
src/sys/netbt: hci_le.h

Log Message:
Bluetooth low energy - A beginning at least.

This was the start of support for low energy bluetooth support that I have
not as yet completed.

I'm committing this as it gives the hci defines for an impementation in NetBSD.


To generate a diff of this commit:
cvs rdiff -u -r0 -r1.1 src/sys/netbt/hci_le.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Added files:

Index: src/sys/netbt/hci_le.h
diff -u /dev/null src/sys/netbt/hci_le.h:1.1
--- /dev/null	Wed Mar 13 07:22:16 2024
+++ src/sys/netbt/hci_le.h	Wed Mar 13 07:22:16 2024
@@ -0,0 +1,368 @@
+/* $NetBSD: hci_le.h,v 1.1 2024/03/13 07:22:16 nat Exp $ */
+
+/*-
+ * Copyright (c) 2020 Nathanial Sloss 
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *notice, this list of conditions and the following disclaimer in the
+ *documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#define HCI_ADVERT_DATA_SIZE		31  /* advertising data size */
+#define HCI_SCAN_DATA_SIZE		31  /* scan resp. data size */
+ 
+/* LE Event masks */
+#define HCI_LE_EVMSK_ALL			0x001f
+#define HCI_LE_EVMSK_NONE			0x
+#define HCI_LE_EVMSK_CON_COMPL			0x0001
+#define HCI_LE_EVMSK_ADV_REPORT			0x0002
+#define HCI_LE_EVMSK_CON_UPDATE_COMPL		0x0004
+#define HCI_LE_EVMSK_READ_REMOTE_FEATURES_COMPL	0x0008
+#define HCI_LE_EVMSK_LONG_TERM_KEY_REQ		0x0010
+/* 0x0020 - 0x8000 - reserved for future use */
+
+/**
+ **
+ ** OGF 0x08	Bluetooth Low Energy (LE) Link commands
+ **
+ **/
+
+#define HCI_OGF_LE0x08
+
+#define HCI_OCF_LE_SET_EVENT_MASK			0x0001
+#define HCI_CMD_LE_SET_EVENT_MASK			0x2001
+typedef struct {
+	uint8_t		event_mask[HCI_EVENT_MASK_SIZE]; /* event_mask */
+} __packed hci_le_set_event_mask_cp;
+
+typedef hci_status_rp	hci_le_set_event_mask_rp;
+
+#define HCI_OCF_LE_READ_BUFFER_SIZE			0x0002
+#define HCI_CMD_LE_READ_BUFFER_SIZE			0x2002
+/* No command parameter(s) */
+
+typedef struct {
+	uint8_t		status; 	/* status 0x00 = success */
+	uint16_t	le_data_pktlen; /* buffer len*/
+	uint8_t		le_num_pkts; 	/* no. acl data packets */
+} __packed hci_le_read_buffer_size_rp;
+
+#define HCI_OCF_LE_READ_LOCAL_FEATURES			0x0003
+#define HCI_CMD_LE_READ_LOCAL_FEATURES			0x2003
+/* No command parameter(s) */
+
+typedef struct {
+	uint8_t		status; 	/* status 0x00 = success */
+	uint8_t		features[HCI_FEATURES_SIZE];	/* le features */
+} __packed hci_le_read_local_features_rp;
+
+#define HCI_OCF_LE_SET_RND_ADDR0x0005
+#define HCI_CMD_LE_SET_RND_ADDR0x2005
+typedef struct {
+	bdaddr_t	bdaddr; 	/* random local address */
+} __packed hci_le_set_rnd_addr_cp;
+
+typedef hci_status_rp	hci_le_set_rnd_addr_rp;
+/* XXX NS Finish defines. */
+#define HCI_OCF_LE_SET_ADVERT_PARAM			0x0006
+#define HCI_CMD_LE_SET_ADVERT_PARAM			0x2006
+typedef struct {
+	uint16_t	min_interval; 	/* min interval * 0.625ms */
+	uint16_t	max_interval; 	/* max_interval * 0.625ms */
+	uint8_t		advert_type;
+	uint8_t		own_address_type;
+	uint8_t		direct_address_type;
+	bdaddr_t	direct_address; /* remote address */
+	uint8_t		advert_channel_map;
+	uint8_t		advert_filter_policy;
+} __packed hci_le_set_advert_param_cp;
+
+typedef hci_status_rp	hci_le_set_advert_param_rp;
+
+#define HCF_OCF_LE_READ_ADVERT_CHAN_TX_PWR		0x0007
+#define HCF_CMD_LE_READ_ADVERT_CHAN_TX_PWR	

CVS commit: src/sys/netbt

2024-03-13 Thread Nathanial Sloss
Module Name:src
Committed By:   nat
Date:   Wed Mar 13 07:22:16 UTC 2024

Added Files:
src/sys/netbt: hci_le.h

Log Message:
Bluetooth low energy - A beginning at least.

This was the start of support for low energy bluetooth support that I have
not as yet completed.

I'm committing this as it gives the hci defines for an impementation in NetBSD.


To generate a diff of this commit:
cvs rdiff -u -r0 -r1.1 src/sys/netbt/hci_le.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: src/sys/netbt

2023-08-07 Thread Taylor R Campbell
Module Name:src
Committed By:   riastradh
Date:   Mon Aug  7 13:31:54 UTC 2023

Modified Files:
src/sys/netbt: bt_proto.c

Log Message:
netbt(4): Initialize bt_lock earlier.

Use a driver-class module modcmd init function, instead of a socket
domain init function; the socket-domain ones don't run until after
configure, but we need this to be initialized before configure so
that Bluetooth HCI drivers like ubt(4) can use it.

This is suboptimal but it's the least intrusive way I've thought of
to get this working, even if it's a little grody to make netbt a
`driver-class' (builtin) module.  Note that this doesn't mean netbt
becomes dynamically loadable or unloadable; we're just using a module
for initialization ordering.

PR kern/56988

XXX pullup-10


To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 src/sys/netbt/bt_proto.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netbt/bt_proto.c
diff -u src/sys/netbt/bt_proto.c:1.16 src/sys/netbt/bt_proto.c:1.17
--- src/sys/netbt/bt_proto.c:1.16	Thu Jan 21 15:41:30 2016
+++ src/sys/netbt/bt_proto.c	Mon Aug  7 13:31:54 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: bt_proto.c,v 1.16 2016/01/21 15:41:30 riastradh Exp $	*/
+/*	$NetBSD: bt_proto.c,v 1.17 2023/08/07 13:31:54 riastradh Exp $	*/
 
 /*-
  * Copyright (c) 2005 Iain Hibbert.
@@ -31,11 +31,12 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: bt_proto.c,v 1.16 2016/01/21 15:41:30 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: bt_proto.c,v 1.17 2023/08/07 13:31:54 riastradh Exp $");
 
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -113,6 +114,21 @@ kmutex_t *bt_lock;
 static void
 bt_init(void)
 {
+}
+
+MODULE(MODULE_CLASS_DRIVER, netbt, NULL);
+
+static int
+netbt_modcmd(modcmd_t cmd, void *aux)
+{
 
-	bt_lock = mutex_obj_alloc(MUTEX_DEFAULT, IPL_NONE);
+	switch (cmd) {
+	case MODULE_CMD_INIT:
+		bt_lock = mutex_obj_alloc(MUTEX_DEFAULT, IPL_NONE);
+		return 0;
+	case MODULE_CMD_FINI:
+		return EBUSY;	/* XXX */
+	default:
+		return ENOTTY;
+	}
 }



CVS commit: src/sys/netbt

2023-08-07 Thread Taylor R Campbell
Module Name:src
Committed By:   riastradh
Date:   Mon Aug  7 13:31:54 UTC 2023

Modified Files:
src/sys/netbt: bt_proto.c

Log Message:
netbt(4): Initialize bt_lock earlier.

Use a driver-class module modcmd init function, instead of a socket
domain init function; the socket-domain ones don't run until after
configure, but we need this to be initialized before configure so
that Bluetooth HCI drivers like ubt(4) can use it.

This is suboptimal but it's the least intrusive way I've thought of
to get this working, even if it's a little grody to make netbt a
`driver-class' (builtin) module.  Note that this doesn't mean netbt
becomes dynamically loadable or unloadable; we're just using a module
for initialization ordering.

PR kern/56988

XXX pullup-10


To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 src/sys/netbt/bt_proto.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: src/sys/netbt

2021-09-21 Thread Christos Zoulas
Module Name:src
Committed By:   christos
Date:   Tue Sep 21 15:03:08 UTC 2021

Modified Files:
src/sys/netbt: hci_ioctl.c

Log Message:
don't opencode kauth_cred_get()


To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 src/sys/netbt/hci_ioctl.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netbt/hci_ioctl.c
diff -u src/sys/netbt/hci_ioctl.c:1.14 src/sys/netbt/hci_ioctl.c:1.15
--- src/sys/netbt/hci_ioctl.c:1.14	Sat Feb  2 22:19:28 2019
+++ src/sys/netbt/hci_ioctl.c	Tue Sep 21 11:03:08 2021
@@ -1,4 +1,4 @@
-/*	$NetBSD: hci_ioctl.c,v 1.14 2019/02/03 03:19:28 mrg Exp $	*/
+/*	$NetBSD: hci_ioctl.c,v 1.15 2021/09/21 15:03:08 christos Exp $	*/
 
 /*-
  * Copyright (c) 2005 Iain Hibbert.
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: hci_ioctl.c,v 1.14 2019/02/03 03:19:28 mrg Exp $");
+__KERNEL_RCSID(0, "$NetBSD: hci_ioctl.c,v 1.15 2021/09/21 15:03:08 christos Exp $");
 
 #include 
 #include 
@@ -227,7 +227,7 @@ hci_ioctl_pcb(unsigned long cmd, void *d
 		break;
 
 	case SIOCSBTFLAGS:	/* set unit flags (privileged) */
-		err = kauth_authorize_device(curlwp->l_cred,
+		err = kauth_authorize_device(kauth_cred_get(),
 		KAUTH_DEVICE_BLUETOOTH_SETPRIV, unit, KAUTH_ARG(cmd),
 		btr, NULL);
 		if (err)
@@ -255,7 +255,7 @@ hci_ioctl_pcb(unsigned long cmd, void *d
 		break;
 
 	case SIOCSBTPOLICY:	/* set unit link policy (privileged) */
-		err = kauth_authorize_device(curlwp->l_cred,
+		err = kauth_authorize_device(kauth_cred_get(),
 		KAUTH_DEVICE_BLUETOOTH_SETPRIV, unit, KAUTH_ARG(cmd),
 		btr, NULL);
 		if (err)
@@ -267,7 +267,7 @@ hci_ioctl_pcb(unsigned long cmd, void *d
 		break;
 
 	case SIOCSBTPTYPE:	/* set unit packet types (privileged) */
-		err = kauth_authorize_device(curlwp->l_cred,
+		err = kauth_authorize_device(kauth_cred_get(),
 		KAUTH_DEVICE_BLUETOOTH_SETPRIV, unit, KAUTH_ARG(cmd),
 		btr, NULL);
 		if (err)
@@ -283,7 +283,7 @@ hci_ioctl_pcb(unsigned long cmd, void *d
 		break;
 
 	case SIOCZBTSTATS:	/* get & reset unit statistics */
-		err = kauth_authorize_device(curlwp->l_cred,
+		err = kauth_authorize_device(kauth_cred_get(),
 		KAUTH_DEVICE_BLUETOOTH_SETPRIV, unit, KAUTH_ARG(cmd),
 		btr, NULL);
 		if (err)
@@ -299,7 +299,7 @@ hci_ioctl_pcb(unsigned long cmd, void *d
 		 * sent to USB bluetooth controllers that are not an
 		 * integer number of frame sizes, the USB bus locks up.
 		 */
-		err = kauth_authorize_device(curlwp->l_cred,
+		err = kauth_authorize_device(kauth_cred_get(),
 		KAUTH_DEVICE_BLUETOOTH_SETPRIV, unit, KAUTH_ARG(cmd),
 		btr, NULL);
 		if (err)



CVS commit: src/sys/netbt

2021-09-21 Thread Christos Zoulas
Module Name:src
Committed By:   christos
Date:   Tue Sep 21 15:03:08 UTC 2021

Modified Files:
src/sys/netbt: hci_ioctl.c

Log Message:
don't opencode kauth_cred_get()


To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 src/sys/netbt/hci_ioctl.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: src/sys/netbt

2019-09-28 Thread Iain Hibbert
Module Name:src
Committed By:   plunky
Date:   Sat Sep 28 07:10:55 UTC 2019

Modified Files:
src/sys/netbt: hci_socket.c

Log Message:
permit read_encryption_key_size from userland


To generate a diff of this commit:
cvs rdiff -u -r1.46 -r1.47 src/sys/netbt/hci_socket.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: src/sys/netbt

2019-09-28 Thread Iain Hibbert
Module Name:src
Committed By:   plunky
Date:   Sat Sep 28 07:10:55 UTC 2019

Modified Files:
src/sys/netbt: hci_socket.c

Log Message:
permit read_encryption_key_size from userland


To generate a diff of this commit:
cvs rdiff -u -r1.46 -r1.47 src/sys/netbt/hci_socket.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netbt/hci_socket.c
diff -u src/sys/netbt/hci_socket.c:1.46 src/sys/netbt/hci_socket.c:1.47
--- src/sys/netbt/hci_socket.c:1.46	Mon Jan 28 12:53:01 2019
+++ src/sys/netbt/hci_socket.c	Sat Sep 28 07:10:55 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: hci_socket.c,v 1.46 2019/01/28 12:53:01 martin Exp $	*/
+/*	$NetBSD: hci_socket.c,v 1.47 2019/09/28 07:10:55 plunky Exp $	*/
 
 /*-
  * Copyright (c) 2005 Iain Hibbert.
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: hci_socket.c,v 1.46 2019/01/28 12:53:01 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: hci_socket.c,v 1.47 2019/09/28 07:10:55 plunky Exp $");
 
 /* load symbolic names */
 #ifdef BLUETOOTH_DEBUG
@@ -195,6 +195,8 @@ static const struct {
 	  18, 0x01, 0 },
 	{ HCI_CMD_READ_DEFAULT_ERRDATA_REPORTING,
 	  18, 0x04, 0 },
+	{ HCI_CMD_READ_ENCRYPTION_KEY_SIZE,
+	  20, 0x10, sizeof(hci_read_encryption_key_size_cp) },
 };
 
 /*



CVS commit: src/sys/netbt

2019-09-28 Thread Iain Hibbert
Module Name:src
Committed By:   plunky
Date:   Sat Sep 28 07:06:33 UTC 2019

Modified Files:
src/sys/netbt: hci.h hci_event.c

Log Message:
When encrypted connections are configured, verify that the encryption
key length has a minimum size when the adaptor supports that.

This addresses the 'Key Negotiation of Bluetooth' attack, CVE-2019-9506

https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/


To generate a diff of this commit:
cvs rdiff -u -r1.45 -r1.46 src/sys/netbt/hci.h
cvs rdiff -u -r1.25 -r1.26 src/sys/netbt/hci_event.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netbt/hci.h
diff -u src/sys/netbt/hci.h:1.45 src/sys/netbt/hci.h:1.46
--- src/sys/netbt/hci.h:1.45	Wed Jul 25 19:09:38 2018
+++ src/sys/netbt/hci.h	Sat Sep 28 07:06:33 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: hci.h,v 1.45 2018/07/25 19:09:38 kamil Exp $	*/
+/*	$NetBSD: hci.h,v 1.46 2019/09/28 07:06:33 plunky Exp $	*/
 
 /*-
  * Copyright (c) 2005 Iain Hibbert.
@@ -54,7 +54,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $Id: hci.h,v 1.45 2018/07/25 19:09:38 kamil Exp $
+ * $Id: hci.h,v 1.46 2019/09/28 07:06:33 plunky Exp $
  * $FreeBSD: src/sys/netgraph/bluetooth/include/ng_hci.h,v 1.6 2005/01/07 01:45:43 imp Exp $
  */
 
@@ -1812,6 +1812,17 @@ typedef struct {
 	uint16_t	accuracy;	/* clock accuracy */
 } __packed hci_read_clock_rp;
 
+#define HCI_OCF_READ_ENCRYPTION_KEY_SIZE		0x0008
+#define HCI_CMD_READ_ENCRYPTION_KEY_SIZE		0x1408
+typedef struct {
+	uint16_t	con_handle;	/* connection handle */
+} __packed hci_read_encryption_key_size_cp;
+
+typedef struct {
+	uint8_t		status;		/* 0x00 - success */
+	uint16_t	con_handle;	/* connection handle */
+	uint8_t		size;		/* key size */
+} __packed hci_read_encryption_key_size_rp;
 
 /**
  **

Index: src/sys/netbt/hci_event.c
diff -u src/sys/netbt/hci_event.c:1.25 src/sys/netbt/hci_event.c:1.26
--- src/sys/netbt/hci_event.c:1.25	Tue Aug 21 14:59:13 2018
+++ src/sys/netbt/hci_event.c	Sat Sep 28 07:06:33 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: hci_event.c,v 1.25 2018/08/21 14:59:13 plunky Exp $	*/
+/*	$NetBSD: hci_event.c,v 1.26 2019/09/28 07:06:33 plunky Exp $	*/
 
 /*-
  * Copyright (c) 2005 Iain Hibbert.
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: hci_event.c,v 1.25 2018/08/21 14:59:13 plunky Exp $");
+__KERNEL_RCSID(0, "$NetBSD: hci_event.c,v 1.26 2019/09/28 07:06:33 plunky Exp $");
 
 #include 
 #include 
@@ -63,6 +63,7 @@ static void hci_cmd_read_local_features(
 static void hci_cmd_read_local_extended_features(struct hci_unit *, struct mbuf *);
 static void hci_cmd_read_local_ver(struct hci_unit *, struct mbuf *);
 static void hci_cmd_read_local_commands(struct hci_unit *, struct mbuf *);
+static void hci_cmd_read_encryption_key_size(struct hci_unit *, struct mbuf *);
 static void hci_cmd_reset(struct hci_unit *, struct mbuf *);
 static void hci_cmd_create_con(struct hci_unit *unit, uint8_t status);
 
@@ -353,6 +354,10 @@ hci_event_command_compl(struct hci_unit 
 		hci_cmd_read_local_commands(unit, m);
 		break;
 
+	case HCI_CMD_READ_ENCRYPTION_KEY_SIZE:
+		hci_cmd_read_encryption_key_size(unit, m);
+		break;
+
 	case HCI_CMD_RESET:
 		hci_cmd_reset(unit, m);
 		break;
@@ -623,10 +628,11 @@ hci_event_con_compl(struct hci_unit *uni
 		return;
 	}
 
-	/* XXX could check auth_enable here */
-
-	if (ep.encryption_mode)
-		link->hl_flags |= (HCI_LINK_AUTH | HCI_LINK_ENCRYPT);
+	/*
+	 * We purposefully ignore ep.encryption_mode here - if that is set then
+	 * the link will be authenticated and encrypted, but we still want to
+	 * verify the key size and setmode sets the right flags
+	 */
 
 	link->hl_state = HCI_LINK_OPEN;
 	link->hl_handle = HCI_CON_HANDLE(le16toh(ep.con_handle));
@@ -777,17 +783,16 @@ hci_event_auth_compl(struct hci_unit *un
 /*
  * Encryption Change
  *
- * The encryption status has changed. Basically, we note the change
- * then notify the upper layer protocol unless further mode changes
- * are pending.
- * Note that if encryption gets disabled when it has been requested,
- * we will attempt to enable it again.. (its a feature not a bug :)
+ * The encryption status has changed. Make a note if disabled, or
+ * check the key size if possible before allowing it is enabled.
+ * (checking of key size was enabled in 3.0 spec)
  */
 static void
 hci_event_encryption_change(struct hci_unit *unit, struct mbuf *m)
 {
 	hci_encryption_change_ep ep;
 	struct hci_link *link;
+	uint16_t con_handle;
 	int err;
 
 	if (m->m_pkthdr.len < sizeof(ep))
@@ -796,27 +801,34 @@ hci_event_encryption_change(struct hci_u
 	m_copydata(m, 0, sizeof(ep), &ep);
 	m_adj(m, sizeof(ep));
 
-	ep.con_handle = HCI_CON_HANDLE(le16toh(ep.con_handle));
+	con_handle = H

CVS commit: src/sys/netbt

2019-09-28 Thread Iain Hibbert
Module Name:src
Committed By:   plunky
Date:   Sat Sep 28 07:06:33 UTC 2019

Modified Files:
src/sys/netbt: hci.h hci_event.c

Log Message:
When encrypted connections are configured, verify that the encryption
key length has a minimum size when the adaptor supports that.

This addresses the 'Key Negotiation of Bluetooth' attack, CVE-2019-9506

https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/


To generate a diff of this commit:
cvs rdiff -u -r1.45 -r1.46 src/sys/netbt/hci.h
cvs rdiff -u -r1.25 -r1.26 src/sys/netbt/hci_event.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: src/sys/netbt

2010-01-04 Thread Iain Hibbert
Module Name:src
Committed By:   plunky
Date:   Mon Jan  4 19:20:05 UTC 2010

Modified Files:
src/sys/netbt: l2cap_upper.c rfcomm_upper.c sco_upper.c

Log Message:
prevent local socket address from being changed after socket is
in use (connect or listen)


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/sys/netbt/l2cap_upper.c
cvs rdiff -u -r1.12 -r1.13 src/sys/netbt/rfcomm_upper.c
cvs rdiff -u -r1.8 -r1.9 src/sys/netbt/sco_upper.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: src/sys/netbt

2010-01-03 Thread Iain Hibbert
Module Name:src
Committed By:   plunky
Date:   Sun Jan  3 16:38:15 UTC 2010

Modified Files:
src/sys/netbt: rfcomm_session.c

Log Message:
when receiving a MCC PN response, the max frame size that the remote
party requests must be less than the one we asked for which will not
be greater than the max acceptable value so no need to test for that
but make sure that it is not smaller than minimum acceptable value.


To generate a diff of this commit:
cvs rdiff -u -r1.15 -r1.16 src/sys/netbt/rfcomm_session.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.