summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
author Himanshu Rawat <rwt@google.com> 2025-03-11 14:02:01 -0700
committer Himanshu Rawat <rwt@google.com> 2025-03-17 09:53:32 -0700
commit473e8125b6ad89b13b99a4dacf1cd6fcd16a74b5 (patch)
tree6942febd71bbf7be66f52f48580a99e30aec593f
parentefdf75f7c8441dba69d8dacedb1001785e2f7fbc (diff)
Encrypt BR/EDR link immediately after pairing
In the peripheral role stack does not immediately encrypt the link after BR/EDR pairing. Instead it tries to change the role first. If the role change fails, the link is not encrypted. Some remote devices don't like to concede the central role. Secured service access would eventually force the encryption but it delays potential CTKD and service discovery. Test: mmm packages/modules/Bluetooth Flag: com.android.bluetooth.flags.immediate_encryption_after_pairing Bug: 401192310 Bug: 402510244 Change-Id: I9a31ae46cb80b3bb42c6f4b0fbf957fb83876db1
-rw-r--r--system/stack/btm/btm_sec.cc9
1 files changed, 7 insertions, 2 deletions
diff --git a/system/stack/btm/btm_sec.cc b/system/stack/btm/btm_sec.cc
index 439fa7bc0f..6244b951c6 100644
--- a/system/stack/btm/btm_sec.cc
+++ b/system/stack/btm/btm_sec.cc
@@ -3130,12 +3130,12 @@ void btm_sec_auth_complete(uint16_t handle, tHCI_STATUS status) {
p_dev_rec->sec_rec.security_required &= ~BTM_SEC_OUT_AUTHENTICATE;
if (status != HCI_SUCCESS) {
- if ((status != HCI_ERR_PEER_USER) && (status != HCI_ERR_CONN_CAUSE_LOCAL_HOST)) {
+ if (status != HCI_ERR_PEER_USER && status != HCI_ERR_CONN_CAUSE_LOCAL_HOST) {
btm_sec_send_hci_disconnect(
p_dev_rec, HCI_ERR_PEER_USER, p_dev_rec->hci_handle,
"stack::btm::btm_sec::btm_sec_auth_retry Auth fail while bonding");
}
- } else {
+ } else if (!com::android::bluetooth::flags::immediate_encryption_after_pairing()) {
BTM_LogHistory(kBtmLogTag, p_dev_rec->bd_addr, "Bonding completed",
hci_error_code_text(status));
@@ -3160,6 +3160,11 @@ void btm_sec_auth_complete(uint16_t handle, tHCI_STATUS status) {
}
l2cu_start_post_bond_timer(p_dev_rec->hci_handle);
+ } else {
+ BTM_LogHistory(kBtmLogTag, p_dev_rec->bd_addr, "Bonding completed",
+ hci_error_code_text(status));
+ BTM_SetEncryption(p_dev_rec->bd_addr, BT_TRANSPORT_BR_EDR, NULL, NULL, BTM_BLE_SEC_NONE);
+ l2cu_start_post_bond_timer(p_dev_rec->hci_handle);
}
return;