From 8f7672e117294cb5adffdfcf3b1aae1ba3e9040c Mon Sep 17 00:00:00 2001 From: zhanghaipeng Date: Wed, 16 Oct 2024 20:49:57 +0800 Subject: [PATCH] fix(bt/ble): Update esp32 libbtdm_app.a (17db8bd) - Added a verification step for the Access Address within the CONNECT_IND PDU --- components/bt/controller/esp32/Kconfig.in | 9 +++++++++ components/bt/controller/lib_esp32 | 2 +- components/bt/include/esp32/include/esp_bt.h | 10 +++++++++- 3 files changed, 19 insertions(+), 2 deletions(-) diff --git a/components/bt/controller/esp32/Kconfig.in b/components/bt/controller/esp32/Kconfig.in index 0fd0b6e413..80f8bb2d6e 100644 --- a/components/bt/controller/esp32/Kconfig.in +++ b/components/bt/controller/esp32/Kconfig.in @@ -444,6 +444,15 @@ config BTDM_CTRL_SCAN_BACKOFF_UPPERLIMITMAX minimize collision of scan request PDUs from nultiple scanners. If scan backoff is disabled, in active scanning, scan request PDU will be sent every time when HW receives scannable ADV PDU. +config BTDM_CTRL_CHECK_CONNECT_IND_ACCESS_ADDRESS + bool "Enable enhanced Access Address check in CONNECT_IND" + default n + help + Enabling this option will add stricter verification of the Access Address in the CONNECT_IND PDU. + This improves security by ensuring that only connection requests with valid Access Addresses are accepted. + If disabled, only basic checks are applied, improving compatibility. + + config BTDM_BLE_ADV_REPORT_FLOW_CTRL_SUPP bool "BLE adv report flow control supported" depends on (BTDM_CTRL_MODE_BTDM || BTDM_CTRL_MODE_BLE_ONLY) diff --git a/components/bt/controller/lib_esp32 b/components/bt/controller/lib_esp32 index c3f6258cfb..171c4a7653 160000 --- a/components/bt/controller/lib_esp32 +++ b/components/bt/controller/lib_esp32 @@ -1 +1 @@ -Subproject commit c3f6258cfbd776d51e30bd6168f42b0cf5d73ea8 +Subproject commit 171c4a7653d2ef56edecaa832bdd4faedd403d77 diff --git a/components/bt/include/esp32/include/esp_bt.h b/components/bt/include/esp32/include/esp_bt.h index 43c475e7e6..4aa60073d3 100644 --- a/components/bt/include/esp32/include/esp_bt.h +++ b/components/bt/include/esp32/include/esp_bt.h @@ -55,7 +55,7 @@ extern "C" { * * @note Please do not modify this value */ -#define ESP_BT_CONTROLLER_CONFIG_MAGIC_VAL 0x20240926 +#define ESP_BT_CONTROLLER_CONFIG_MAGIC_VAL 0x20241015 /** * @brief Bluetooth Controller mode @@ -193,6 +193,12 @@ the advertising packet will be discarded until the memory is restored. */ #define BTDM_BLE_LLCP_DISC_FLAG (BTDM_BLE_LLCP_CONN_UPDATE | BTDM_BLE_LLCP_CHAN_MAP_UPDATE) +#ifdef CONFIG_BTDM_CTRL_CHECK_CONNECT_IND_ACCESS_ADDRESS +#define BTDM_CTRL_CHECK_CONNECT_IND_ACCESS_ADDRESS_ENABLED CONFIG_BTDM_CTRL_CHECK_CONNECT_IND_ACCESS_ADDRESS +#else +#define BTDM_CTRL_CHECK_CONNECT_IND_ACCESS_ADDRESS_ENABLED 0 +#endif + /** * @brief Default Bluetooth Controller configuration */ @@ -222,6 +228,7 @@ the advertising packet will be discarded until the memory is restored. */ .dup_list_refresh_period = SCAN_DUPL_CACHE_REFRESH_PERIOD, \ .ble_scan_backoff = BTDM_CTRL_SCAN_BACKOFF_UPPERLIMITMAX, \ .ble_llcp_disc_flag = BTDM_BLE_LLCP_DISC_FLAG, \ + .ble_aa_check = BTDM_CTRL_CHECK_CONNECT_IND_ACCESS_ADDRESS_ENABLED, \ .magic = ESP_BT_CONTROLLER_CONFIG_MAGIC_VAL, \ } @@ -275,6 +282,7 @@ typedef struct { uint16_t dup_list_refresh_period; /*!< Scan duplicate filtering list refresh period in seconds. Configurable in menuconfig */ bool ble_scan_backoff; /*!< True if BLE scan backoff is enabled; false otherwise. Configurable in menuconfig */ uint8_t ble_llcp_disc_flag; /*!< BLE disconnect flag when instant passed. Configurable in menuconfig */ + bool ble_aa_check; /*!< True if adds a verification step for the Access Address within the CONNECT_IND PDU; false otherwise. Configurable in menuconfig */ uint32_t magic; /*!< Magic number */ } esp_bt_controller_config_t;