Use encrypted link for avdtp and avctp channels

This is a backport of the AOSP changes for b/345258562. Test: mmm packages/modules/Bluetooth Bug: 345258562 Ignore-AOSP-First: security Tag: #security (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:d26e79ab057057cbfcafc5eaeaaf1581afebd007) Merged-In: I4ef23f9dec4aaae6a526c11a7c2489159bd7fdf8 Change-Id: I4ef23f9dec4aaae6a526c11a7c2489159bd7fdf8
author: Brian Delwiche <delwiche@google.com> 2024-09-23 18:22:36 +0000
committer: aoleary <seanm187@gmail.com> 2025-07-08 08:55:55 +0000
commit: 6081a8c19c850dce073023e198be6cd250817132 (patch)
tree: bf447f333362930b4de9eae8195c5d7273e05027
parent: 2c11b40726d8ad86e7e5c010d4d6834a2b447099 (diff)
5 files changed, 13 insertions, 7 deletions
diff --git a/system/stack/avct/avct_api.cc b/system/stack/avct/avct_api.cc
index b52e1afdf4..3254264092 100644
--- a/system/stack/avct/avct_api.cc
+++ b/system/stack/avct/avct_api.cc
@@ -63,9 +63,11 @@ void AVCT_Register() {
   /* initialize AVCTP data structures */
   memset(&avct_cb, 0, sizeof(tAVCT_CB));
 
+  uint16_t sec = BTA_SEC_AUTHENTICATE | BTA_SEC_ENCRYPT;
+
   /* register PSM with L2CAP */
   L2CA_Register2(AVCT_PSM, avct_l2c_appl, true /* enable_snoop */, nullptr,
-                 kAvrcMtu, 0, BTA_SEC_AUTHENTICATE);
+                 kAvrcMtu, 0, sec);
 
   /* Include the browsing channel which uses eFCR */
   tL2CAP_ERTM_INFO ertm_info;
@@ -73,7 +75,7 @@ void AVCT_Register() {
 
   L2CA_Register2(AVCT_BR_PSM, avct_l2c_br_appl, true /*enable_snoop*/,
                  &ertm_info, kAvrcBrMtu, AVCT_MIN_BROWSE_MTU,
-                 BTA_SEC_AUTHENTICATE);
+                 sec);
 
   avct_cb.trace_level = avct_trace_level;
 }
diff --git a/system/stack/avct/avct_bcb_act.cc b/system/stack/avct/avct_bcb_act.cc
index d59c4e8f49..ba327662e7 100644
--- a/system/stack/avct/avct_bcb_act.cc
+++ b/system/stack/avct/avct_bcb_act.cc
@@ -114,8 +114,9 @@ void avct_bcb_chnl_open(tAVCT_BCB* p_bcb, UNUSED_ATTR tAVCT_LCB_EVT* p_data) {
 
   /* call l2cap connect req */
   p_bcb->ch_state = AVCT_CH_CONN;
-  p_bcb->ch_lcid =
-      L2CA_ConnectReq2(AVCT_BR_PSM, p_lcb->peer_addr, BTA_SEC_AUTHENTICATE);
+  p_bcb->ch_lcid = L2CA_ConnectReq2(AVCT_BR_PSM, p_lcb->peer_addr,
+    BTA_SEC_AUTHENTICATE | BTA_SEC_ENCRYPT);
+
   if (p_bcb->ch_lcid == 0) {
     /* if connect req failed, send ourselves close event */
     tAVCT_LCB_EVT avct_lcb_evt;
diff --git a/system/stack/avct/avct_lcb_act.cc b/system/stack/avct/avct_lcb_act.cc
index 2a2f6b2161..6c5585ffa6 100644
--- a/system/stack/avct/avct_lcb_act.cc
+++ b/system/stack/avct/avct_lcb_act.cc
@@ -185,7 +185,8 @@ void avct_lcb_chnl_open(tAVCT_LCB* p_lcb, UNUSED_ATTR tAVCT_LCB_EVT* p_data) {
 
   p_lcb->ch_state = AVCT_CH_CONN;
   p_lcb->ch_lcid =
-      L2CA_ConnectReq2(AVCT_PSM, p_lcb->peer_addr, BTA_SEC_AUTHENTICATE);
+      L2CA_ConnectReq2(AVCT_PSM, p_lcb->peer_addr,
+                       BTA_SEC_AUTHENTICATE | BTA_SEC_ENCRYPT);
   if (p_lcb->ch_lcid == 0) {
     /* if connect req failed, send ourselves close event */
     tAVCT_LCB_EVT avct_lcb_evt;
diff --git a/system/stack/avdt/avdt_ad.cc b/system/stack/avdt/avdt_ad.cc
index ccfb12945c..9d2d6779ca 100644
--- a/system/stack/avdt/avdt_ad.cc
+++ b/system/stack/avdt/avdt_ad.cc
@@ -548,7 +548,8 @@ void avdt_ad_open_req(uint8_t type, AvdtpCcb* p_ccb, AvdtpScb* p_scb,
 
     /* call l2cap connect req */
     lcid =
-        L2CA_ConnectReq2(AVDT_PSM, p_ccb->peer_addr, BTM_SEC_OUT_AUTHENTICATE);
+        L2CA_ConnectReq2(AVDT_PSM, p_ccb->peer_addr,
+                         BTM_SEC_OUT_AUTHENTICATE | BTM_SEC_OUT_ENCRYPT);
     if (lcid != 0) {
       /* if connect req ok, store tcid in lcid table  */
       avdtp_cb.ad.lcid_tbl[lcid] = avdt_ad_tc_tbl_to_idx(p_tbl);
diff --git a/system/stack/avdt/avdt_api.cc b/system/stack/avdt/avdt_api.cc
index a5f53885e8..ea4d2acd00 100644
--- a/system/stack/avdt/avdt_api.cc
+++ b/system/stack/avdt/avdt_api.cc
@@ -95,9 +95,10 @@ void avdt_scb_transport_channel_timer_timeout(void* data) {
  *
  ******************************************************************************/
 void AVDT_Register(AvdtpRcb* p_reg, tAVDT_CTRL_CBACK* p_cback) {
+  uint16_t sec = BTA_SEC_AUTHENTICATE | BTA_SEC_ENCRYPT;
   /* register PSM with L2CAP */
   L2CA_Register2(AVDT_PSM, avdt_l2c_appl, true /* enable_snoop */, nullptr,
-                 kAvdtpMtu, 0, BTA_SEC_AUTHENTICATE);
+                 kAvdtpMtu, 0, sec);
 
   /* initialize AVDTP data structures */
   avdt_scb_init();
author	Brian Delwiche <delwiche@google.com>	2024-09-23 18:22:36 +0000
committer	aoleary <seanm187@gmail.com>	2025-07-08 08:55:55 +0000
commit	6081a8c19c850dce073023e198be6cd250817132 (patch)
tree	bf447f333362930b4de9eae8195c5d7273e05027
parent	2c11b40726d8ad86e7e5c010d4d6834a2b447099 (diff)