diff options
Diffstat (limited to 'net-wireless/bluez/files')
| -rw-r--r-- | net-wireless/bluez/files/bluez-5.70-CVE-2023-45866.patch | 43 | ||||
| -rw-r--r-- | net-wireless/bluez/files/bluez-5.71-link-old-kernels.patch | 163 |
2 files changed, 0 insertions, 206 deletions
diff --git a/net-wireless/bluez/files/bluez-5.70-CVE-2023-45866.patch b/net-wireless/bluez/files/bluez-5.70-CVE-2023-45866.patch deleted file mode 100644 index 6e5ac253585c..000000000000 --- a/net-wireless/bluez/files/bluez-5.70-CVE-2023-45866.patch +++ /dev/null @@ -1,43 +0,0 @@ -https://bugs.gentoo.org/919383 -https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=25a471a83e02e1effb15d5a488b3f0085eaeb675 - -From 25a471a83e02e1effb15d5a488b3f0085eaeb675 Mon Sep 17 00:00:00 2001 -From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> -Date: Tue, 10 Oct 2023 13:03:12 -0700 -Subject: input.conf: Change default of ClassicBondedOnly - -This changes the default of ClassicBondedOnly since defaulting to false -is not inline with HID specification which mandates the of Security Mode -4: - -BLUETOOTH SPECIFICATION Page 84 of 123 -Human Interface Device (HID) Profile: - - 5.4.3.4.2 Security Modes - Bluetooth HID Hosts shall use Security Mode 4 when interoperating with - Bluetooth HID devices that are compliant to the Bluetooth Core - Specification v2.1+EDR[6]. ---- a/profiles/input/device.c -+++ b/profiles/input/device.c -@@ -81,7 +81,7 @@ struct input_device { - - static int idle_timeout = 0; - static bool uhid_enabled = false; --static bool classic_bonded_only = false; -+static bool classic_bonded_only = true; - - void input_set_idle_timeout(int timeout) - { ---- a/profiles/input/input.conf -+++ b/profiles/input/input.conf -@@ -17,7 +17,7 @@ - # platforms may want to make sure that input connections only come from bonded - # device connections. Several older mice have been known for not supporting - # pairing/encryption. --# Defaults to false to maximize device compatibility. -+# Defaults to true for security. - #ClassicBondedOnly=true - - # LE upgrade security --- -cgit 1.2.3-korg diff --git a/net-wireless/bluez/files/bluez-5.71-link-old-kernels.patch b/net-wireless/bluez/files/bluez-5.71-link-old-kernels.patch deleted file mode 100644 index 33cee137f277..000000000000 --- a/net-wireless/bluez/files/bluez-5.71-link-old-kernels.patch +++ /dev/null @@ -1,163 +0,0 @@ -From 7ad5669402c9acff8e4cc808edc12a41df36654e Mon Sep 17 00:00:00 2001 -From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> -Date: Wed, 20 Dec 2023 12:20:03 -0500 -Subject: [PATCH] adapter: Fix link key address type for old kernels - -On old kernels only BDADDR_BREDR is supported so this attempts to detect -that and retry. - -Fixes: https://github.com/bluez/bluez/issues/686 ---- - src/adapter.c | 59 ++++++++++++++++++++++++++++++++++++++------------- - 1 file changed, 44 insertions(+), 15 deletions(-) - -diff --git a/src/adapter.c b/src/adapter.c -index ee70b00d2..022390f0d 100644 ---- a/src/adapter.c -+++ b/src/adapter.c -@@ -311,6 +311,7 @@ struct btd_adapter { - bool pincode_requested; /* PIN requested during last bonding */ - GSList *connections; /* Connected devices */ - GSList *devices; /* Devices structure pointers */ -+ GSList *load_keys; /* Devices keys to be loaded */ - GSList *connect_list; /* Devices to connect when found */ - struct btd_device *connect_le; /* LE device waiting to be connected */ - sdp_list_t *services; /* Services associated to adapter */ -@@ -4284,6 +4285,9 @@ static int set_privacy(struct btd_adapter *adapter, uint8_t privacy) - return -1; - } - -+static void load_link_keys(struct btd_adapter *adapter, bool debug_keys, -+ bool retry); -+ - static void load_link_keys_complete(uint8_t status, uint16_t length, - const void *param, void *user_data) - { -@@ -4293,18 +4297,31 @@ static void load_link_keys_complete(uint8_t status, uint16_t length, - btd_error(adapter->dev_id, - "Failed to load link keys for hci%u: %s (0x%02x)", - adapter->dev_id, mgmt_errstr(status), status); -+ -+ if (status == MGMT_STATUS_INVALID_PARAMS) { -+ load_link_keys(adapter, btd_opts.debug_keys, true); -+ /* Release keys after retry since we shall only retry -+ * once. -+ */ -+ goto done; -+ } -+ - return; - } - - DBG("link keys loaded for hci%u", adapter->dev_id); -+ -+done: -+ g_slist_free_full(adapter->load_keys, g_free); -+ adapter->load_keys = NULL; - } - --static void load_link_keys(struct btd_adapter *adapter, GSList *keys, -- bool debug_keys) -+static void load_link_keys(struct btd_adapter *adapter, bool debug_keys, -+ bool retry) - { - struct mgmt_cp_load_link_keys *cp; - struct mgmt_link_key_info *key; -- size_t key_count, cp_size; -+ size_t count, cp_size; - unsigned int id; - GSList *l; - -@@ -4318,12 +4335,14 @@ static void load_link_keys(struct btd_adapter *adapter, GSList *keys, - if (!(adapter->supported_settings & MGMT_SETTING_BREDR)) - return; - -- key_count = g_slist_length(keys); -+ count = g_slist_length(adapter->load_keys); -+ if (!count) -+ return; - -- DBG("hci%u keys %zu debug_keys %d", adapter->dev_id, key_count, -- debug_keys); -+ DBG("hci%u keys %zu debug_keys %d retry %s", adapter->dev_id, count, -+ debug_keys, retry ? "true" : "false"); - -- cp_size = sizeof(*cp) + (key_count * sizeof(*key)); -+ cp_size = sizeof(*cp) + (count * sizeof(*key)); - - cp = g_try_malloc0(cp_size); - if (cp == NULL) { -@@ -4341,13 +4360,18 @@ static void load_link_keys(struct btd_adapter *adapter, GSList *keys, - * behavior for debug keys. - */ - cp->debug_keys = debug_keys; -- cp->key_count = htobs(key_count); -+ cp->key_count = htobs(count); - -- for (l = keys, key = cp->keys; l != NULL; l = g_slist_next(l), key++) { -+ for (l = adapter->load_keys, key = cp->keys; l != NULL; -+ l = g_slist_next(l), key++) { - struct link_key_info *info = l->data; - - bacpy(&key->addr.bdaddr, &info->bdaddr); -- key->addr.type = info->bdaddr_type; -+ /* Old kernels might only support loading with type set to -+ * BDADDR_BREDR so on retry set that instead of using the stored -+ * info. -+ */ -+ key->addr.type = retry ? BDADDR_BREDR : info->bdaddr_type; - key->type = info->type; - memcpy(key->val, info->key, 16); - key->pin_len = info->pin_len; -@@ -4359,9 +4383,12 @@ static void load_link_keys(struct btd_adapter *adapter, GSList *keys, - - g_free(cp); - -- if (id == 0) -+ if (id == 0) { - btd_error(adapter->dev_id, "Failed to load link keys for hci%u", - adapter->dev_id); -+ g_slist_free_full(adapter->load_keys, g_free); -+ adapter->load_keys = NULL; -+ } - } - - static void load_ltks_complete(uint8_t status, uint16_t length, -@@ -4873,7 +4900,6 @@ static void load_defaults(struct btd_adapter *adapter) - static void load_devices(struct btd_adapter *adapter) - { - char dirname[PATH_MAX]; -- GSList *keys = NULL; - GSList *ltks = NULL; - GSList *irks = NULL; - GSList *params = NULL; -@@ -4964,7 +4990,8 @@ static void load_devices(struct btd_adapter *adapter) - } - - if (key_info) -- keys = g_slist_append(keys, key_info); -+ adapter->load_keys = g_slist_append(adapter->load_keys, -+ key_info); - - if (ltk_info) - ltks = g_slist_append(ltks, ltk_info); -@@ -5013,8 +5040,7 @@ static void load_devices(struct btd_adapter *adapter) - - closedir(dir); - -- load_link_keys(adapter, keys, btd_opts.debug_keys); -- g_slist_free_full(keys, g_free); -+ load_link_keys(adapter, btd_opts.debug_keys, false); - - load_ltks(adapter, ltks); - g_slist_free_full(ltks, g_free); -@@ -6930,6 +6956,9 @@ static void adapter_remove(struct btd_adapter *adapter) - g_slist_free(adapter->devices); - adapter->devices = NULL; - -+ g_slist_free(adapter->load_keys); -+ adapter->load_keys = NULL; -+ - discovery_cleanup(adapter, 0); - - unload_drivers(adapter); |