Bluetooth: SSP: No MITM if required level is less than L3

Regardless IO capabilities, clear MITM flag for pairing initiator if the required security level is less than BT_SECURITY_L3. Signed-off-by: Lyle Zhu <[email protected]>
zephyrproject-rtos · Oct 16, 2024 · 0e4561b · 0e4561b
1 parent a427497
commit 0e4561b
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/subsys/bluetooth/host/classic/ssp.c b/subsys/bluetooth/host/classic/ssp.c
@@ -631,6 +631,9 @@ void bt_hci_io_capa_resp(struct net_buf *buf)
 /* Clear Bonding flag */
 #define BT_HCI_SET_NO_BONDING(auth) ((auth) & 0x01)
 
+/* Clear MITM flag */
+#define BT_HCI_SET_NO_MITM(auth) ((auth) & (~0x01))
+
 void bt_hci_io_capa_req(struct net_buf *buf)
 {
 	struct bt_hci_evt_io_capa_req *evt = (void *)buf->data;
@@ -675,6 +678,11 @@ void bt_hci_io_capa_req(struct net_buf *buf)
 				auth = BT_HCI_DEDICATED_BONDING;
 			}
 		}
+
+		if (conn->required_sec_level < BT_SECURITY_L3) {
+			/* If security level less than L3, clear MITM flag. */
+			auth = BT_HCI_SET_NO_MITM(auth);
+		}
 	} else {
 		auth = ssp_get_auth(conn);
 	}