| Message ID | 20200408171516.15151-1-brian.gix@intel.com (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Brian Gix |
| Headers | show |
| Series | [BlueZ,v2] mesh: Ignore beacons with IVU if IV already updated | expand |
Applied, Thanks On Wed, 2020-04-08 at 10:15 -0700, Brian Gix wrote: > From: Rafał Gajda <rafal.gajda@silvair.com> > > When daemon receives beacon with IV=n+1, IVU=False it will > start sending messages with new IV and set sequence to 0. > However if daemon receives another beacon with IV=n+1, IVU=True it > will go back to sending messages with old IV=n (IVU set to True). > Because sequence number has been reset those messages will be dropped > by replay protection and node will lose communication. > > Once IV is updated daemon should not go back to using the old value. > > This patch adds beacon rejection if IV has already been updated. > --- > mesh/net.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/mesh/net.c b/mesh/net.c > index 9a56d2ee8..bfb9c4435 100644 > --- a/mesh/net.c > +++ b/mesh/net.c > @@ -2696,6 +2696,10 @@ static void update_iv_ivu_state(struct mesh_net *net, uint32_t iv_index, > /* If first beacon seen, accept without judgement */ > if (net->iv_upd_state == IV_UPD_INIT) { > if (ivu) { > + /* Ignore beacons with IVU if IV already updated */ > + if (iv_index == net->iv_index && !net->iv_update) > + return; > + > /* Other devices will be accepting old or new iv_index, > * but we don't know how far through update they are. > * Starting permissive state will allow us maximum > @@ -2717,6 +2721,10 @@ static void update_iv_ivu_state(struct mesh_net *net, uint32_t iv_index, > return; > } > > + /* Ignore beacons with IVU if IV already updated */ > + if (iv_index == net->iv_index) > + return; > + > if (!net->iv_update) { > l_info("iv_upd_state = IV_UPD_UPDATING"); > net->iv_upd_state = IV_UPD_UPDATING;
diff --git a/mesh/net.c b/mesh/net.c index 9a56d2ee8..bfb9c4435 100644 --- a/mesh/net.c +++ b/mesh/net.c @@ -2696,6 +2696,10 @@ static void update_iv_ivu_state(struct mesh_net *net, uint32_t iv_index, /* If first beacon seen, accept without judgement */ if (net->iv_upd_state == IV_UPD_INIT) { if (ivu) { + /* Ignore beacons with IVU if IV already updated */ + if (iv_index == net->iv_index && !net->iv_update) + return; + /* Other devices will be accepting old or new iv_index, * but we don't know how far through update they are. * Starting permissive state will allow us maximum @@ -2717,6 +2721,10 @@ static void update_iv_ivu_state(struct mesh_net *net, uint32_t iv_index, return; } + /* Ignore beacons with IVU if IV already updated */ + if (iv_index == net->iv_index) + return; + if (!net->iv_update) { l_info("iv_upd_state = IV_UPD_UPDATING"); net->iv_upd_state = IV_UPD_UPDATING;
From: Rafał Gajda <rafal.gajda@silvair.com> When daemon receives beacon with IV=n+1, IVU=False it will start sending messages with new IV and set sequence to 0. However if daemon receives another beacon with IV=n+1, IVU=True it will go back to sending messages with old IV=n (IVU set to True). Because sequence number has been reset those messages will be dropped by replay protection and node will lose communication. Once IV is updated daemon should not go back to using the old value. This patch adds beacon rejection if IV has already been updated. --- mesh/net.c | 8 ++++++++ 1 file changed, 8 insertions(+)