Correct hidd/h interrupt channel security

the legacy stack had it as none, but security was implied
since the channels can't exist without the protected channel
up.

Add security for consistency.

Bug: 159815595
Tag: #refactor
Test: compile & verify basic functions working
Change-Id: I8edd2a9f604c719876c1b64388041f4c7d94ce6c

diff --git a/stack/hid/hidd_conn.cc b/stack/hid/hidd_conn.cc
index e18868a..e6c2ef1 100644 (file)
--- a/stack/hid/hidd_conn.cc
+++ b/stack/hid/hidd_conn.cc
@@ -365,8 +365,9 @@ static void hidd_l2cif_config_ind(uint16_t cid, tL2CAP_CFG_INFO* p_cfg) {
     if ((p_hcon->conn_flags & HID_CONN_FLAGS_IS_ORIG) &&
         (p_hcon->conn_flags & HID_CONN_FLAGS_MY_CTRL_CFG_DONE)) {
       p_hcon->disc_reason = HID_L2CAP_CONN_FAIL;
-      if ((p_hcon->intr_cid = L2CA_ConnectReq2(
-               HID_PSM_INTERRUPT, hd_cb.device.addr, BTM_SEC_NONE)) == 0) {
+      if ((p_hcon->intr_cid =
+               L2CA_ConnectReq2(HID_PSM_INTERRUPT, hd_cb.device.addr,
+                                BTA_SEC_AUTHENTICATE | BTA_SEC_ENCRYPT)) == 0) {
         hidd_conn_disconnect();
         p_hcon->conn_state = HID_CONN_STATE_UNUSED;
 
@@ -448,8 +449,9 @@ static void hidd_l2cif_config_cfm(uint16_t cid, tL2CAP_CFG_INFO* p_cfg) {
     if ((p_hcon->conn_flags & HID_CONN_FLAGS_IS_ORIG) &&
         (p_hcon->conn_flags & HID_CONN_FLAGS_HIS_CTRL_CFG_DONE)) {
       p_hcon->disc_reason = HID_L2CAP_CONN_FAIL;
-      if ((p_hcon->intr_cid = L2CA_ConnectReq2(
-               HID_PSM_INTERRUPT, hd_cb.device.addr, BTM_SEC_NONE)) == 0) {
+      if ((p_hcon->intr_cid =
+               L2CA_ConnectReq2(HID_PSM_INTERRUPT, hd_cb.device.addr,
+                                BTA_SEC_AUTHENTICATE | BTA_SEC_ENCRYPT)) == 0) {
         hidd_conn_disconnect();
         p_hcon->conn_state = HID_CONN_STATE_UNUSED;
 
@@ -768,7 +770,8 @@ tHID_STATUS hidd_conn_reg(void) {
 
   if (!L2CA_Register2(HID_PSM_INTERRUPT, (tL2CAP_APPL_INFO*)&dev_reg_info,
                       false /* enable_snoop */, nullptr,
-                      hd_cb.l2cap_intr_cfg.mtu, BTM_SEC_NONE)) {
+                      hd_cb.l2cap_intr_cfg.mtu,
+                      BTA_SEC_AUTHENTICATE | BTA_SEC_ENCRYPT)) {
     L2CA_Deregister(HID_PSM_CONTROL);
     HIDD_TRACE_ERROR("HID Interrupt (device) registration failed");
     return (HID_ERR_L2CAP_FAILED);

diff --git a/stack/hid/hidh_conn.cc b/stack/hid/hidh_conn.cc
index 362dcb5..be72be8 100644 (file)
--- a/stack/hid/hidh_conn.cc
+++ b/stack/hid/hidh_conn.cc
@@ -106,7 +106,7 @@ tHID_STATUS hidh_conn_reg(void) {
   }
   if (!L2CA_Register2(HID_PSM_INTERRUPT, (tL2CAP_APPL_INFO*)&hst_reg_info,
                       false /* enable_snoop */, nullptr, hh_cb.l2cap_cfg.mtu,
-                      BTM_SEC_NONE)) {
+                      BTA_SEC_AUTHENTICATE | BTA_SEC_ENCRYPT)) {
     L2CA_Deregister(HID_PSM_CONTROL);
     HIDH_TRACE_ERROR("HID-Host Interrupt Registration failed");
     return (HID_ERR_L2CAP_FAILED);
@@ -492,8 +492,9 @@ static void hidh_l2cif_config_ind(uint16_t l2cap_cid, tL2CAP_CFG_INFO* p_cfg) {
                                                     CLOSE_EVT: Connection
                                                     Attempt was made but failed
                                                     */
-      p_hcon->intr_cid = L2CA_ConnectReq2(
-          HID_PSM_INTERRUPT, hh_cb.devices[dhandle].addr, BTM_SEC_NONE);
+      p_hcon->intr_cid =
+          L2CA_ConnectReq2(HID_PSM_INTERRUPT, hh_cb.devices[dhandle].addr,
+                           BTA_SEC_AUTHENTICATE | BTA_SEC_ENCRYPT);
       if (p_hcon->intr_cid == 0) {
         HIDH_TRACE_WARNING("HID-Host INTR Originate failed");
         reason = HID_L2CAP_REQ_FAIL;
@@ -572,8 +573,9 @@ static void hidh_l2cif_config_cfm(uint16_t l2cap_cid, tL2CAP_CFG_INFO* p_cfg) {
                                                     CLOSE_EVT: Connection
                                                     Attempt was made but failed
                                                     */
-      p_hcon->intr_cid = L2CA_ConnectReq2(
-          HID_PSM_INTERRUPT, hh_cb.devices[dhandle].addr, BTM_SEC_NONE);
+      p_hcon->intr_cid =
+          L2CA_ConnectReq2(HID_PSM_INTERRUPT, hh_cb.devices[dhandle].addr,
+                           BTA_SEC_AUTHENTICATE | BTA_SEC_ENCRYPT);
       if (p_hcon->intr_cid == 0) {
         HIDH_TRACE_WARNING("HID-Host INTR Originate failed");
         reason = HID_L2CAP_REQ_FAIL;