projects / deliverable / linux.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
brcmfmac: Fix OOB interrupt not working for BCM43362
[deliverable/linux.git] / net / bluetooth / smp.c
... / ...
CommitLineData
1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
23#include <linux/crypto.h>
24#include <linux/scatterlist.h>
25#include <crypto/b128ops.h>
26
27#include <net/bluetooth/bluetooth.h>
28#include <net/bluetooth/hci_core.h>
29#include <net/bluetooth/l2cap.h>
30#include <net/bluetooth/mgmt.h>
31
32#include "smp.h"
33
34#define SMP_TIMEOUT msecs_to_jiffies(30000)
35
36#define AUTH_REQ_MASK 0x07
37
38enum {
39 SMP_FLAG_TK_VALID,
40 SMP_FLAG_CFM_PENDING,
41 SMP_FLAG_MITM_AUTH,
42 SMP_FLAG_COMPLETE,
43 SMP_FLAG_INITIATOR,
44};
45
46struct smp_chan {
47 struct l2cap_conn *conn;
48 u8 preq[7]; /* SMP Pairing Request */
49 u8 prsp[7]; /* SMP Pairing Response */
50 u8 prnd[16]; /* SMP Pairing Random (local) */
51 u8 rrnd[16]; /* SMP Pairing Random (remote) */
52 u8 pcnf[16]; /* SMP Pairing Confirm */
53 u8 tk[16]; /* SMP Temporary Key */
54 u8 enc_key_size;
55 u8 remote_key_dist;
56 bdaddr_t id_addr;
57 u8 id_addr_type;
58 u8 irk[16];
59 struct smp_csrk *csrk;
60 struct smp_csrk *slave_csrk;
61 struct smp_ltk *ltk;
62 struct smp_ltk *slave_ltk;
63 struct smp_irk *remote_irk;
64 unsigned long flags;
65
66 struct crypto_blkcipher *tfm_aes;
67};
68
69static inline void swap_buf(const u8 *src, u8 *dst, size_t len)
70{
71 size_t i;
72
73 for (i = 0; i < len; i++)
74 dst[len - 1 - i] = src[i];
75}
76
77static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
78{
79 struct blkcipher_desc desc;
80 struct scatterlist sg;
81 uint8_t tmp[16], data[16];
82 int err;
83
84 if (tfm == NULL) {
85 BT_ERR("tfm %p", tfm);
86 return -EINVAL;
87 }
88
89 desc.tfm = tfm;
90 desc.flags = 0;
91
92 /* The most significant octet of key corresponds to k[0] */
93 swap_buf(k, tmp, 16);
94
95 err = crypto_blkcipher_setkey(tfm, tmp, 16);
96 if (err) {
97 BT_ERR("cipher setkey failed: %d", err);
98 return err;
99 }
100
101 /* Most significant octet of plaintextData corresponds to data[0] */
102 swap_buf(r, data, 16);
103
104 sg_init_one(&sg, data, 16);
105
106 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
107 if (err)
108 BT_ERR("Encrypt data error %d", err);
109
110 /* Most significant octet of encryptedData corresponds to data[0] */
111 swap_buf(data, r, 16);
112
113 return err;
114}
115
116static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
117{
118 u8 _res[16];
119 int err;
120
121 /* r' = padding || r */
122 memcpy(_res, r, 3);
123 memset(_res + 3, 0, 13);
124
125 err = smp_e(tfm, irk, _res);
126 if (err) {
127 BT_ERR("Encrypt error");
128 return err;
129 }
130
131 /* The output of the random address function ah is:
132 * ah(h, r) = e(k, r') mod 2^24
133 * The output of the security function e is then truncated to 24 bits
134 * by taking the least significant 24 bits of the output of e as the
135 * result of ah.
136 */
137 memcpy(res, _res, 3);
138
139 return 0;
140}
141
142bool smp_irk_matches(struct crypto_blkcipher *tfm, u8 irk[16],
143 bdaddr_t *bdaddr)
144{
145 u8 hash[3];
146 int err;
147
148 BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk);
149
150 err = smp_ah(tfm, irk, &bdaddr->b[3], hash);
151 if (err)
152 return false;
153
154 return !memcmp(bdaddr->b, hash, 3);
155}
156
157int smp_generate_rpa(struct crypto_blkcipher *tfm, u8 irk[16], bdaddr_t *rpa)
158{
159 int err;
160
161 get_random_bytes(&rpa->b[3], 3);
162
163 rpa->b[5] &= 0x3f; /* Clear two most significant bits */
164 rpa->b[5] |= 0x40; /* Set second most significant bit */
165
166 err = smp_ah(tfm, irk, &rpa->b[3], rpa->b);
167 if (err < 0)
168 return err;
169
170 BT_DBG("RPA %pMR", rpa);
171
172 return 0;
173}
174
175static int smp_c1(struct smp_chan *smp, u8 k[16], u8 r[16], u8 preq[7],
176 u8 pres[7], u8 _iat, bdaddr_t *ia, u8 _rat, bdaddr_t *ra,
177 u8 res[16])
178{
179 struct hci_dev *hdev = smp->conn->hcon->hdev;
180 u8 p1[16], p2[16];
181 int err;
182
183 BT_DBG("%s", hdev->name);
184
185 memset(p1, 0, 16);
186
187 /* p1 = pres || preq || _rat || _iat */
188 p1[0] = _iat;
189 p1[1] = _rat;
190 memcpy(p1 + 2, preq, 7);
191 memcpy(p1 + 9, pres, 7);
192
193 /* p2 = padding || ia || ra */
194 memcpy(p2, ra, 6);
195 memcpy(p2 + 6, ia, 6);
196 memset(p2 + 12, 0, 4);
197
198 /* res = r XOR p1 */
199 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
200
201 /* res = e(k, res) */
202 err = smp_e(smp->tfm_aes, k, res);
203 if (err) {
204 BT_ERR("Encrypt data error");
205 return err;
206 }
207
208 /* res = res XOR p2 */
209 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
210
211 /* res = e(k, res) */
212 err = smp_e(smp->tfm_aes, k, res);
213 if (err)
214 BT_ERR("Encrypt data error");
215
216 return err;
217}
218
219static int smp_s1(struct smp_chan *smp, u8 k[16], u8 r1[16], u8 r2[16],
220 u8 _r[16])
221{
222 struct hci_dev *hdev = smp->conn->hcon->hdev;
223 int err;
224
225 BT_DBG("%s", hdev->name);
226
227 /* Just least significant octets from r1 and r2 are considered */
228 memcpy(_r, r2, 8);
229 memcpy(_r + 8, r1, 8);
230
231 err = smp_e(smp->tfm_aes, k, _r);
232 if (err)
233 BT_ERR("Encrypt data error");
234
235 return err;
236}
237
238static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
239 u16 dlen, void *data)
240{
241 struct sk_buff *skb;
242 struct l2cap_hdr *lh;
243 int len;
244
245 len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
246
247 if (len > conn->mtu)
248 return NULL;
249
250 skb = bt_skb_alloc(len, GFP_ATOMIC);
251 if (!skb)
252 return NULL;
253
254 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
255 lh->len = cpu_to_le16(sizeof(code) + dlen);
256 lh->cid = cpu_to_le16(L2CAP_CID_SMP);
257
258 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
259
260 memcpy(skb_put(skb, dlen), data, dlen);
261
262 return skb;
263}
264
265static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
266{
267 struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
268
269 BT_DBG("code 0x%2.2x", code);
270
271 if (!skb)
272 return;
273
274 skb->priority = HCI_PRIO_MAX;
275 hci_send_acl(conn->hchan, skb, 0);
276
277 cancel_delayed_work_sync(&conn->security_timer);
278 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
279}
280
281static __u8 authreq_to_seclevel(__u8 authreq)
282{
283 if (authreq & SMP_AUTH_MITM)
284 return BT_SECURITY_HIGH;
285 else
286 return BT_SECURITY_MEDIUM;
287}
288
289static __u8 seclevel_to_authreq(__u8 sec_level)
290{
291 switch (sec_level) {
292 case BT_SECURITY_HIGH:
293 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
294 case BT_SECURITY_MEDIUM:
295 return SMP_AUTH_BONDING;
296 default:
297 return SMP_AUTH_NONE;
298 }
299}
300
301static void build_pairing_cmd(struct l2cap_conn *conn,
302 struct smp_cmd_pairing *req,
303 struct smp_cmd_pairing *rsp, __u8 authreq)
304{
305 struct smp_chan *smp = conn->smp_chan;
306 struct hci_conn *hcon = conn->hcon;
307 struct hci_dev *hdev = hcon->hdev;
308 u8 local_dist = 0, remote_dist = 0;
309
310 if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
311 local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
312 remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
313 authreq |= SMP_AUTH_BONDING;
314 } else {
315 authreq &= ~SMP_AUTH_BONDING;
316 }
317
318 if (test_bit(HCI_RPA_RESOLVING, &hdev->dev_flags))
319 remote_dist |= SMP_DIST_ID_KEY;
320
321 if (test_bit(HCI_PRIVACY, &hdev->dev_flags))
322 local_dist |= SMP_DIST_ID_KEY;
323
324 if (rsp == NULL) {
325 req->io_capability = conn->hcon->io_capability;
326 req->oob_flag = SMP_OOB_NOT_PRESENT;
327 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
328 req->init_key_dist = local_dist;
329 req->resp_key_dist = remote_dist;
330 req->auth_req = (authreq & AUTH_REQ_MASK);
331
332 smp->remote_key_dist = remote_dist;
333 return;
334 }
335
336 rsp->io_capability = conn->hcon->io_capability;
337 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
338 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
339 rsp->init_key_dist = req->init_key_dist & remote_dist;
340 rsp->resp_key_dist = req->resp_key_dist & local_dist;
341 rsp->auth_req = (authreq & AUTH_REQ_MASK);
342
343 smp->remote_key_dist = rsp->init_key_dist;
344}
345
346static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
347{
348 struct smp_chan *smp = conn->smp_chan;
349
350 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
351 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
352 return SMP_ENC_KEY_SIZE;
353
354 smp->enc_key_size = max_key_size;
355
356 return 0;
357}
358
359static void smp_failure(struct l2cap_conn *conn, u8 reason)
360{
361 struct hci_conn *hcon = conn->hcon;
362
363 if (reason)
364 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
365 &reason);
366
367 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
368 mgmt_auth_failed(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type,
369 HCI_ERROR_AUTH_FAILURE);
370
371 cancel_delayed_work_sync(&conn->security_timer);
372
373 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
374 smp_chan_destroy(conn);
375}
376
377#define JUST_WORKS 0x00
378#define JUST_CFM 0x01
379#define REQ_PASSKEY 0x02
380#define CFM_PASSKEY 0x03
381#define REQ_OOB 0x04
382#define OVERLAP 0xFF
383
384static const u8 gen_method[5][5] = {
385 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
386 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
387 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
388 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
389 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
390};
391
392static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
393{
394 /* If either side has unknown io_caps, use JUST_CFM (which gets
395 * converted later to JUST_WORKS if we're initiators.
396 */
397 if (local_io > SMP_IO_KEYBOARD_DISPLAY ||
398 remote_io > SMP_IO_KEYBOARD_DISPLAY)
399 return JUST_CFM;
400
401 return gen_method[remote_io][local_io];
402}
403
404static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
405 u8 local_io, u8 remote_io)
406{
407 struct hci_conn *hcon = conn->hcon;
408 struct smp_chan *smp = conn->smp_chan;
409 u8 method;
410 u32 passkey = 0;
411 int ret = 0;
412
413 /* Initialize key for JUST WORKS */
414 memset(smp->tk, 0, sizeof(smp->tk));
415 clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
416
417 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
418
419 /* If neither side wants MITM, either "just" confirm an incoming
420 * request or use just-works for outgoing ones. The JUST_CFM
421 * will be converted to JUST_WORKS if necessary later in this
422 * function. If either side has MITM look up the method from the
423 * table.
424 */
425 if (!(auth & SMP_AUTH_MITM))
426 method = JUST_CFM;
427 else
428 method = get_auth_method(smp, local_io, remote_io);
429
430 /* Don't confirm locally initiated pairing attempts */
431 if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags))
432 method = JUST_WORKS;
433
434 /* Don't bother user space with no IO capabilities */
435 if (method == JUST_CFM && hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
436 method = JUST_WORKS;
437
438 /* If Just Works, Continue with Zero TK */
439 if (method == JUST_WORKS) {
440 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
441 return 0;
442 }
443
444 /* Not Just Works/Confirm results in MITM Authentication */
445 if (method != JUST_CFM)
446 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
447
448 /* If both devices have Keyoard-Display I/O, the master
449 * Confirms and the slave Enters the passkey.
450 */
451 if (method == OVERLAP) {
452 if (hcon->role == HCI_ROLE_MASTER)
453 method = CFM_PASSKEY;
454 else
455 method = REQ_PASSKEY;
456 }
457
458 /* Generate random passkey. */
459 if (method == CFM_PASSKEY) {
460 memset(smp->tk, 0, sizeof(smp->tk));
461 get_random_bytes(&passkey, sizeof(passkey));
462 passkey %= 1000000;
463 put_unaligned_le32(passkey, smp->tk);
464 BT_DBG("PassKey: %d", passkey);
465 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
466 }
467
468 hci_dev_lock(hcon->hdev);
469
470 if (method == REQ_PASSKEY)
471 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
472 hcon->type, hcon->dst_type);
473 else if (method == JUST_CFM)
474 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
475 hcon->type, hcon->dst_type,
476 passkey, 1);
477 else
478 ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst,
479 hcon->type, hcon->dst_type,
480 passkey, 0);
481
482 hci_dev_unlock(hcon->hdev);
483
484 return ret;
485}
486
487static u8 smp_confirm(struct smp_chan *smp)
488{
489 struct l2cap_conn *conn = smp->conn;
490 struct smp_cmd_pairing_confirm cp;
491 int ret;
492
493 BT_DBG("conn %p", conn);
494
495 ret = smp_c1(smp, smp->tk, smp->prnd, smp->preq, smp->prsp,
496 conn->hcon->init_addr_type, &conn->hcon->init_addr,
497 conn->hcon->resp_addr_type, &conn->hcon->resp_addr,
498 cp.confirm_val);
499 if (ret)
500 return SMP_UNSPECIFIED;
501
502 clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
503
504 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
505
506 return 0;
507}
508
509static u8 smp_random(struct smp_chan *smp)
510{
511 struct l2cap_conn *conn = smp->conn;
512 struct hci_conn *hcon = conn->hcon;
513 u8 confirm[16];
514 int ret;
515
516 if (IS_ERR_OR_NULL(smp->tfm_aes))
517 return SMP_UNSPECIFIED;
518
519 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
520
521 ret = smp_c1(smp, smp->tk, smp->rrnd, smp->preq, smp->prsp,
522 hcon->init_addr_type, &hcon->init_addr,
523 hcon->resp_addr_type, &hcon->resp_addr, confirm);
524 if (ret)
525 return SMP_UNSPECIFIED;
526
527 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
528 BT_ERR("Pairing failed (confirmation values mismatch)");
529 return SMP_CONFIRM_FAILED;
530 }
531
532 if (hcon->out) {
533 u8 stk[16];
534 __le64 rand = 0;
535 __le16 ediv = 0;
536
537 smp_s1(smp, smp->tk, smp->rrnd, smp->prnd, stk);
538
539 memset(stk + smp->enc_key_size, 0,
540 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
541
542 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
543 return SMP_UNSPECIFIED;
544
545 hci_le_start_enc(hcon, ediv, rand, stk);
546 hcon->enc_key_size = smp->enc_key_size;
547 set_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
548 } else {
549 u8 stk[16], auth;
550 __le64 rand = 0;
551 __le16 ediv = 0;
552
553 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
554 smp->prnd);
555
556 smp_s1(smp, smp->tk, smp->prnd, smp->rrnd, stk);
557
558 memset(stk + smp->enc_key_size, 0,
559 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
560
561 if (hcon->pending_sec_level == BT_SECURITY_HIGH)
562 auth = 1;
563 else
564 auth = 0;
565
566 /* Even though there's no _SLAVE suffix this is the
567 * slave STK we're adding for later lookup (the master
568 * STK never needs to be stored).
569 */
570 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
571 SMP_STK, auth, stk, smp->enc_key_size, ediv, rand);
572 }
573
574 return 0;
575}
576
577static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
578{
579 struct smp_chan *smp;
580
581 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
582 if (!smp)
583 return NULL;
584
585 smp->tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
586 if (IS_ERR(smp->tfm_aes)) {
587 BT_ERR("Unable to create ECB crypto context");
588 kfree(smp);
589 return NULL;
590 }
591
592 smp->conn = conn;
593 conn->smp_chan = smp;
594
595 hci_conn_hold(conn->hcon);
596
597 return smp;
598}
599
600void smp_chan_destroy(struct l2cap_conn *conn)
601{
602 struct smp_chan *smp = conn->smp_chan;
603 bool complete;
604
605 BUG_ON(!smp);
606
607 complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
608 mgmt_smp_complete(conn->hcon, complete);
609
610 kfree(smp->csrk);
611 kfree(smp->slave_csrk);
612
613 crypto_free_blkcipher(smp->tfm_aes);
614
615 /* If pairing failed clean up any keys we might have */
616 if (!complete) {
617 if (smp->ltk) {
618 list_del(&smp->ltk->list);
619 kfree(smp->ltk);
620 }
621
622 if (smp->slave_ltk) {
623 list_del(&smp->slave_ltk->list);
624 kfree(smp->slave_ltk);
625 }
626
627 if (smp->remote_irk) {
628 list_del(&smp->remote_irk->list);
629 kfree(smp->remote_irk);
630 }
631 }
632
633 kfree(smp);
634 conn->smp_chan = NULL;
635 hci_conn_drop(conn->hcon);
636}
637
638int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
639{
640 struct l2cap_conn *conn = hcon->l2cap_data;
641 struct smp_chan *smp;
642 u32 value;
643
644 BT_DBG("");
645
646 if (!conn || !test_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
647 return -ENOTCONN;
648
649 smp = conn->smp_chan;
650
651 switch (mgmt_op) {
652 case MGMT_OP_USER_PASSKEY_REPLY:
653 value = le32_to_cpu(passkey);
654 memset(smp->tk, 0, sizeof(smp->tk));
655 BT_DBG("PassKey: %d", value);
656 put_unaligned_le32(value, smp->tk);
657 /* Fall Through */
658 case MGMT_OP_USER_CONFIRM_REPLY:
659 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
660 break;
661 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
662 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
663 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
664 return 0;
665 default:
666 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
667 return -EOPNOTSUPP;
668 }
669
670 /* If it is our turn to send Pairing Confirm, do so now */
671 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) {
672 u8 rsp = smp_confirm(smp);
673 if (rsp)
674 smp_failure(conn, rsp);
675 }
676
677 return 0;
678}
679
680static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
681{
682 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
683 struct hci_dev *hdev = conn->hcon->hdev;
684 struct smp_chan *smp;
685 u8 key_size, auth, sec_level;
686 int ret;
687
688 BT_DBG("conn %p", conn);
689
690 if (skb->len < sizeof(*req))
691 return SMP_INVALID_PARAMS;
692
693 if (conn->hcon->role != HCI_ROLE_SLAVE)
694 return SMP_CMD_NOTSUPP;
695
696 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
697 smp = smp_chan_create(conn);
698 else
699 smp = conn->smp_chan;
700
701 if (!smp)
702 return SMP_UNSPECIFIED;
703
704 if (!test_bit(HCI_PAIRABLE, &hdev->dev_flags) &&
705 (req->auth_req & SMP_AUTH_BONDING))
706 return SMP_PAIRING_NOTSUPP;
707
708 smp->preq[0] = SMP_CMD_PAIRING_REQ;
709 memcpy(&smp->preq[1], req, sizeof(*req));
710 skb_pull(skb, sizeof(*req));
711
712 /* We didn't start the pairing, so match remote */
713 auth = req->auth_req;
714
715 sec_level = authreq_to_seclevel(auth);
716 if (sec_level > conn->hcon->pending_sec_level)
717 conn->hcon->pending_sec_level = sec_level;
718
719 /* If we need MITM check that it can be acheived */
720 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
721 u8 method;
722
723 method = get_auth_method(smp, conn->hcon->io_capability,
724 req->io_capability);
725 if (method == JUST_WORKS || method == JUST_CFM)
726 return SMP_AUTH_REQUIREMENTS;
727 }
728
729 build_pairing_cmd(conn, req, &rsp, auth);
730
731 key_size = min(req->max_key_size, rsp.max_key_size);
732 if (check_enc_key_size(conn, key_size))
733 return SMP_ENC_KEY_SIZE;
734
735 get_random_bytes(smp->prnd, sizeof(smp->prnd));
736
737 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
738 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
739
740 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
741
742 /* Request setup of TK */
743 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
744 if (ret)
745 return SMP_UNSPECIFIED;
746
747 return 0;
748}
749
750static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
751{
752 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
753 struct smp_chan *smp = conn->smp_chan;
754 u8 key_size, auth = SMP_AUTH_NONE;
755 int ret;
756
757 BT_DBG("conn %p", conn);
758
759 if (skb->len < sizeof(*rsp))
760 return SMP_INVALID_PARAMS;
761
762 if (conn->hcon->role != HCI_ROLE_MASTER)
763 return SMP_CMD_NOTSUPP;
764
765 skb_pull(skb, sizeof(*rsp));
766
767 req = (void *) &smp->preq[1];
768
769 key_size = min(req->max_key_size, rsp->max_key_size);
770 if (check_enc_key_size(conn, key_size))
771 return SMP_ENC_KEY_SIZE;
772
773 /* If we need MITM check that it can be acheived */
774 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
775 u8 method;
776
777 method = get_auth_method(smp, req->io_capability,
778 rsp->io_capability);
779 if (method == JUST_WORKS || method == JUST_CFM)
780 return SMP_AUTH_REQUIREMENTS;
781 }
782
783 get_random_bytes(smp->prnd, sizeof(smp->prnd));
784
785 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
786 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
787
788 /* Update remote key distribution in case the remote cleared
789 * some bits that we had enabled in our request.
790 */
791 smp->remote_key_dist &= rsp->resp_key_dist;
792
793 if ((req->auth_req & SMP_AUTH_BONDING) &&
794 (rsp->auth_req & SMP_AUTH_BONDING))
795 auth = SMP_AUTH_BONDING;
796
797 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
798
799 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
800 if (ret)
801 return SMP_UNSPECIFIED;
802
803 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
804
805 /* Can't compose response until we have been confirmed */
806 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
807 return smp_confirm(smp);
808
809 return 0;
810}
811
812static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
813{
814 struct smp_chan *smp = conn->smp_chan;
815
816 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
817
818 if (skb->len < sizeof(smp->pcnf))
819 return SMP_INVALID_PARAMS;
820
821 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
822 skb_pull(skb, sizeof(smp->pcnf));
823
824 if (conn->hcon->out)
825 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
826 smp->prnd);
827 else if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
828 return smp_confirm(smp);
829 else
830 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
831
832 return 0;
833}
834
835static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
836{
837 struct smp_chan *smp = conn->smp_chan;
838
839 BT_DBG("conn %p", conn);
840
841 if (skb->len < sizeof(smp->rrnd))
842 return SMP_INVALID_PARAMS;
843
844 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
845 skb_pull(skb, sizeof(smp->rrnd));
846
847 return smp_random(smp);
848}
849
850static bool smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
851{
852 struct smp_ltk *key;
853 struct hci_conn *hcon = conn->hcon;
854
855 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
856 hcon->role);
857 if (!key)
858 return false;
859
860 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
861 return false;
862
863 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
864 return true;
865
866 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
867 hcon->enc_key_size = key->enc_size;
868
869 /* We never store STKs for master role, so clear this flag */
870 clear_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
871
872 return true;
873}
874
875bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level)
876{
877 if (sec_level == BT_SECURITY_LOW)
878 return true;
879
880 /* If we're encrypted with an STK always claim insufficient
881 * security. This way we allow the connection to be re-encrypted
882 * with an LTK, even if the LTK provides the same level of
883 * security. Only exception is if we don't have an LTK (e.g.
884 * because of key distribution bits).
885 */
886 if (test_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags) &&
887 hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
888 hcon->role))
889 return false;
890
891 if (hcon->sec_level >= sec_level)
892 return true;
893
894 return false;
895}
896
897static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
898{
899 struct smp_cmd_security_req *rp = (void *) skb->data;
900 struct smp_cmd_pairing cp;
901 struct hci_conn *hcon = conn->hcon;
902 struct smp_chan *smp;
903 u8 sec_level;
904
905 BT_DBG("conn %p", conn);
906
907 if (skb->len < sizeof(*rp))
908 return SMP_INVALID_PARAMS;
909
910 if (hcon->role != HCI_ROLE_MASTER)
911 return SMP_CMD_NOTSUPP;
912
913 sec_level = authreq_to_seclevel(rp->auth_req);
914 if (smp_sufficient_security(hcon, sec_level))
915 return 0;
916
917 if (sec_level > hcon->pending_sec_level)
918 hcon->pending_sec_level = sec_level;
919
920 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
921 return 0;
922
923 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
924 return 0;
925
926 if (!test_bit(HCI_PAIRABLE, &hcon->hdev->dev_flags) &&
927 (rp->auth_req & SMP_AUTH_BONDING))
928 return SMP_PAIRING_NOTSUPP;
929
930 smp = smp_chan_create(conn);
931 if (!smp)
932 return SMP_UNSPECIFIED;
933
934 skb_pull(skb, sizeof(*rp));
935
936 memset(&cp, 0, sizeof(cp));
937 build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
938
939 smp->preq[0] = SMP_CMD_PAIRING_REQ;
940 memcpy(&smp->preq[1], &cp, sizeof(cp));
941
942 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
943
944 return 0;
945}
946
947int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
948{
949 struct l2cap_conn *conn = hcon->l2cap_data;
950 struct smp_chan *smp;
951 __u8 authreq;
952
953 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
954
955 /* This may be NULL if there's an unexpected disconnection */
956 if (!conn)
957 return 1;
958
959 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
960 return 1;
961
962 if (smp_sufficient_security(hcon, sec_level))
963 return 1;
964
965 if (sec_level > hcon->pending_sec_level)
966 hcon->pending_sec_level = sec_level;
967
968 if (hcon->role == HCI_ROLE_MASTER)
969 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
970 return 0;
971
972 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
973 return 0;
974
975 smp = smp_chan_create(conn);
976 if (!smp)
977 return 1;
978
979 authreq = seclevel_to_authreq(sec_level);
980
981 /* Require MITM if IO Capability allows or the security level
982 * requires it.
983 */
984 if (hcon->io_capability != HCI_IO_NO_INPUT_OUTPUT ||
985 hcon->pending_sec_level > BT_SECURITY_MEDIUM)
986 authreq |= SMP_AUTH_MITM;
987
988 if (hcon->role == HCI_ROLE_MASTER) {
989 struct smp_cmd_pairing cp;
990
991 build_pairing_cmd(conn, &cp, NULL, authreq);
992 smp->preq[0] = SMP_CMD_PAIRING_REQ;
993 memcpy(&smp->preq[1], &cp, sizeof(cp));
994
995 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
996 } else {
997 struct smp_cmd_security_req cp;
998 cp.auth_req = authreq;
999 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
1000 }
1001
1002 set_bit(SMP_FLAG_INITIATOR, &smp->flags);
1003
1004 return 0;
1005}
1006
1007static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
1008{
1009 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
1010 struct smp_chan *smp = conn->smp_chan;
1011
1012 BT_DBG("conn %p", conn);
1013
1014 if (skb->len < sizeof(*rp))
1015 return SMP_INVALID_PARAMS;
1016
1017 /* Ignore this PDU if it wasn't requested */
1018 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
1019 return 0;
1020
1021 skb_pull(skb, sizeof(*rp));
1022
1023 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
1024
1025 return 0;
1026}
1027
1028static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
1029{
1030 struct smp_cmd_master_ident *rp = (void *) skb->data;
1031 struct smp_chan *smp = conn->smp_chan;
1032 struct hci_dev *hdev = conn->hcon->hdev;
1033 struct hci_conn *hcon = conn->hcon;
1034 struct smp_ltk *ltk;
1035 u8 authenticated;
1036
1037 BT_DBG("conn %p", conn);
1038
1039 if (skb->len < sizeof(*rp))
1040 return SMP_INVALID_PARAMS;
1041
1042 /* Ignore this PDU if it wasn't requested */
1043 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
1044 return 0;
1045
1046 /* Mark the information as received */
1047 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
1048
1049 skb_pull(skb, sizeof(*rp));
1050
1051 hci_dev_lock(hdev);
1052 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
1053 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, SMP_LTK,
1054 authenticated, smp->tk, smp->enc_key_size,
1055 rp->ediv, rp->rand);
1056 smp->ltk = ltk;
1057 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1058 smp_distribute_keys(conn);
1059 hci_dev_unlock(hdev);
1060
1061 return 0;
1062}
1063
1064static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
1065{
1066 struct smp_cmd_ident_info *info = (void *) skb->data;
1067 struct smp_chan *smp = conn->smp_chan;
1068
1069 BT_DBG("");
1070
1071 if (skb->len < sizeof(*info))
1072 return SMP_INVALID_PARAMS;
1073
1074 /* Ignore this PDU if it wasn't requested */
1075 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1076 return 0;
1077
1078 skb_pull(skb, sizeof(*info));
1079
1080 memcpy(smp->irk, info->irk, 16);
1081
1082 return 0;
1083}
1084
1085static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
1086 struct sk_buff *skb)
1087{
1088 struct smp_cmd_ident_addr_info *info = (void *) skb->data;
1089 struct smp_chan *smp = conn->smp_chan;
1090 struct hci_conn *hcon = conn->hcon;
1091 bdaddr_t rpa;
1092
1093 BT_DBG("");
1094
1095 if (skb->len < sizeof(*info))
1096 return SMP_INVALID_PARAMS;
1097
1098 /* Ignore this PDU if it wasn't requested */
1099 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1100 return 0;
1101
1102 /* Mark the information as received */
1103 smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
1104
1105 skb_pull(skb, sizeof(*info));
1106
1107 hci_dev_lock(hcon->hdev);
1108
1109 /* Strictly speaking the Core Specification (4.1) allows sending
1110 * an empty address which would force us to rely on just the IRK
1111 * as "identity information". However, since such
1112 * implementations are not known of and in order to not over
1113 * complicate our implementation, simply pretend that we never
1114 * received an IRK for such a device.
1115 */
1116 if (!bacmp(&info->bdaddr, BDADDR_ANY)) {
1117 BT_ERR("Ignoring IRK with no identity address");
1118 goto distribute;
1119 }
1120
1121 bacpy(&smp->id_addr, &info->bdaddr);
1122 smp->id_addr_type = info->addr_type;
1123
1124 if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type))
1125 bacpy(&rpa, &hcon->dst);
1126 else
1127 bacpy(&rpa, BDADDR_ANY);
1128
1129 smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
1130 smp->id_addr_type, smp->irk, &rpa);
1131
1132distribute:
1133 smp_distribute_keys(conn);
1134
1135 hci_dev_unlock(hcon->hdev);
1136
1137 return 0;
1138}
1139
1140static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb)
1141{
1142 struct smp_cmd_sign_info *rp = (void *) skb->data;
1143 struct smp_chan *smp = conn->smp_chan;
1144 struct hci_dev *hdev = conn->hcon->hdev;
1145 struct smp_csrk *csrk;
1146
1147 BT_DBG("conn %p", conn);
1148
1149 if (skb->len < sizeof(*rp))
1150 return SMP_INVALID_PARAMS;
1151
1152 /* Ignore this PDU if it wasn't requested */
1153 if (!(smp->remote_key_dist & SMP_DIST_SIGN))
1154 return 0;
1155
1156 /* Mark the information as received */
1157 smp->remote_key_dist &= ~SMP_DIST_SIGN;
1158
1159 skb_pull(skb, sizeof(*rp));
1160
1161 hci_dev_lock(hdev);
1162 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1163 if (csrk) {
1164 csrk->master = 0x01;
1165 memcpy(csrk->val, rp->csrk, sizeof(csrk->val));
1166 }
1167 smp->csrk = csrk;
1168 if (!(smp->remote_key_dist & SMP_DIST_SIGN))
1169 smp_distribute_keys(conn);
1170 hci_dev_unlock(hdev);
1171
1172 return 0;
1173}
1174
1175int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
1176{
1177 struct hci_conn *hcon = conn->hcon;
1178 __u8 code, reason;
1179 int err = 0;
1180
1181 if (hcon->type != LE_LINK) {
1182 kfree_skb(skb);
1183 return 0;
1184 }
1185
1186 if (skb->len < 1) {
1187 kfree_skb(skb);
1188 return -EILSEQ;
1189 }
1190
1191 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
1192 err = -EOPNOTSUPP;
1193 reason = SMP_PAIRING_NOTSUPP;
1194 goto done;
1195 }
1196
1197 code = skb->data[0];
1198 skb_pull(skb, sizeof(code));
1199
1200 /*
1201 * The SMP context must be initialized for all other PDUs except
1202 * pairing and security requests. If we get any other PDU when
1203 * not initialized simply disconnect (done if this function
1204 * returns an error).
1205 */
1206 if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ &&
1207 !conn->smp_chan) {
1208 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code);
1209 kfree_skb(skb);
1210 return -EOPNOTSUPP;
1211 }
1212
1213 switch (code) {
1214 case SMP_CMD_PAIRING_REQ:
1215 reason = smp_cmd_pairing_req(conn, skb);
1216 break;
1217
1218 case SMP_CMD_PAIRING_FAIL:
1219 smp_failure(conn, 0);
1220 reason = 0;
1221 err = -EPERM;
1222 break;
1223
1224 case SMP_CMD_PAIRING_RSP:
1225 reason = smp_cmd_pairing_rsp(conn, skb);
1226 break;
1227
1228 case SMP_CMD_SECURITY_REQ:
1229 reason = smp_cmd_security_req(conn, skb);
1230 break;
1231
1232 case SMP_CMD_PAIRING_CONFIRM:
1233 reason = smp_cmd_pairing_confirm(conn, skb);
1234 break;
1235
1236 case SMP_CMD_PAIRING_RANDOM:
1237 reason = smp_cmd_pairing_random(conn, skb);
1238 break;
1239
1240 case SMP_CMD_ENCRYPT_INFO:
1241 reason = smp_cmd_encrypt_info(conn, skb);
1242 break;
1243
1244 case SMP_CMD_MASTER_IDENT:
1245 reason = smp_cmd_master_ident(conn, skb);
1246 break;
1247
1248 case SMP_CMD_IDENT_INFO:
1249 reason = smp_cmd_ident_info(conn, skb);
1250 break;
1251
1252 case SMP_CMD_IDENT_ADDR_INFO:
1253 reason = smp_cmd_ident_addr_info(conn, skb);
1254 break;
1255
1256 case SMP_CMD_SIGN_INFO:
1257 reason = smp_cmd_sign_info(conn, skb);
1258 break;
1259
1260 default:
1261 BT_DBG("Unknown command code 0x%2.2x", code);
1262
1263 reason = SMP_CMD_NOTSUPP;
1264 err = -EOPNOTSUPP;
1265 goto done;
1266 }
1267
1268done:
1269 if (reason)
1270 smp_failure(conn, reason);
1271
1272 kfree_skb(skb);
1273 return err;
1274}
1275
1276static void smp_notify_keys(struct l2cap_conn *conn)
1277{
1278 struct smp_chan *smp = conn->smp_chan;
1279 struct hci_conn *hcon = conn->hcon;
1280 struct hci_dev *hdev = hcon->hdev;
1281 struct smp_cmd_pairing *req = (void *) &smp->preq[1];
1282 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
1283 bool persistent;
1284
1285 if (smp->remote_irk) {
1286 mgmt_new_irk(hdev, smp->remote_irk);
1287 /* Now that user space can be considered to know the
1288 * identity address track the connection based on it
1289 * from now on.
1290 */
1291 bacpy(&hcon->dst, &smp->remote_irk->bdaddr);
1292 hcon->dst_type = smp->remote_irk->addr_type;
1293 l2cap_conn_update_id_addr(hcon);
1294
1295 /* When receiving an indentity resolving key for
1296 * a remote device that does not use a resolvable
1297 * private address, just remove the key so that
1298 * it is possible to use the controller white
1299 * list for scanning.
1300 *
1301 * Userspace will have been told to not store
1302 * this key at this point. So it is safe to
1303 * just remove it.
1304 */
1305 if (!bacmp(&smp->remote_irk->rpa, BDADDR_ANY)) {
1306 list_del(&smp->remote_irk->list);
1307 kfree(smp->remote_irk);
1308 smp->remote_irk = NULL;
1309 }
1310 }
1311
1312 /* The LTKs and CSRKs should be persistent only if both sides
1313 * had the bonding bit set in their authentication requests.
1314 */
1315 persistent = !!((req->auth_req & rsp->auth_req) & SMP_AUTH_BONDING);
1316
1317 if (smp->csrk) {
1318 smp->csrk->bdaddr_type = hcon->dst_type;
1319 bacpy(&smp->csrk->bdaddr, &hcon->dst);
1320 mgmt_new_csrk(hdev, smp->csrk, persistent);
1321 }
1322
1323 if (smp->slave_csrk) {
1324 smp->slave_csrk->bdaddr_type = hcon->dst_type;
1325 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst);
1326 mgmt_new_csrk(hdev, smp->slave_csrk, persistent);
1327 }
1328
1329 if (smp->ltk) {
1330 smp->ltk->bdaddr_type = hcon->dst_type;
1331 bacpy(&smp->ltk->bdaddr, &hcon->dst);
1332 mgmt_new_ltk(hdev, smp->ltk, persistent);
1333 }
1334
1335 if (smp->slave_ltk) {
1336 smp->slave_ltk->bdaddr_type = hcon->dst_type;
1337 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
1338 mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
1339 }
1340}
1341
1342int smp_distribute_keys(struct l2cap_conn *conn)
1343{
1344 struct smp_cmd_pairing *req, *rsp;
1345 struct smp_chan *smp = conn->smp_chan;
1346 struct hci_conn *hcon = conn->hcon;
1347 struct hci_dev *hdev = hcon->hdev;
1348 __u8 *keydist;
1349
1350 BT_DBG("conn %p", conn);
1351
1352 if (!test_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
1353 return 0;
1354
1355 rsp = (void *) &smp->prsp[1];
1356
1357 /* The responder sends its keys first */
1358 if (hcon->out && (smp->remote_key_dist & 0x07))
1359 return 0;
1360
1361 req = (void *) &smp->preq[1];
1362
1363 if (hcon->out) {
1364 keydist = &rsp->init_key_dist;
1365 *keydist &= req->init_key_dist;
1366 } else {
1367 keydist = &rsp->resp_key_dist;
1368 *keydist &= req->resp_key_dist;
1369 }
1370
1371 BT_DBG("keydist 0x%x", *keydist);
1372
1373 if (*keydist & SMP_DIST_ENC_KEY) {
1374 struct smp_cmd_encrypt_info enc;
1375 struct smp_cmd_master_ident ident;
1376 struct smp_ltk *ltk;
1377 u8 authenticated;
1378 __le16 ediv;
1379 __le64 rand;
1380
1381 get_random_bytes(enc.ltk, sizeof(enc.ltk));
1382 get_random_bytes(&ediv, sizeof(ediv));
1383 get_random_bytes(&rand, sizeof(rand));
1384
1385 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
1386
1387 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
1388 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type,
1389 SMP_LTK_SLAVE, authenticated, enc.ltk,
1390 smp->enc_key_size, ediv, rand);
1391 smp->slave_ltk = ltk;
1392
1393 ident.ediv = ediv;
1394 ident.rand = rand;
1395
1396 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
1397
1398 *keydist &= ~SMP_DIST_ENC_KEY;
1399 }
1400
1401 if (*keydist & SMP_DIST_ID_KEY) {
1402 struct smp_cmd_ident_addr_info addrinfo;
1403 struct smp_cmd_ident_info idinfo;
1404
1405 memcpy(idinfo.irk, hdev->irk, sizeof(idinfo.irk));
1406
1407 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
1408
1409 /* The hci_conn contains the local identity address
1410 * after the connection has been established.
1411 *
1412 * This is true even when the connection has been
1413 * established using a resolvable random address.
1414 */
1415 bacpy(&addrinfo.bdaddr, &hcon->src);
1416 addrinfo.addr_type = hcon->src_type;
1417
1418 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
1419 &addrinfo);
1420
1421 *keydist &= ~SMP_DIST_ID_KEY;
1422 }
1423
1424 if (*keydist & SMP_DIST_SIGN) {
1425 struct smp_cmd_sign_info sign;
1426 struct smp_csrk *csrk;
1427
1428 /* Generate a new random key */
1429 get_random_bytes(sign.csrk, sizeof(sign.csrk));
1430
1431 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1432 if (csrk) {
1433 csrk->master = 0x00;
1434 memcpy(csrk->val, sign.csrk, sizeof(csrk->val));
1435 }
1436 smp->slave_csrk = csrk;
1437
1438 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1439
1440 *keydist &= ~SMP_DIST_SIGN;
1441 }
1442
1443 /* If there are still keys to be received wait for them */
1444 if ((smp->remote_key_dist & 0x07))
1445 return 0;
1446
1447 clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags);
1448 cancel_delayed_work_sync(&conn->security_timer);
1449 set_bit(SMP_FLAG_COMPLETE, &smp->flags);
1450 smp_notify_keys(conn);
1451
1452 smp_chan_destroy(conn);
1453
1454 return 0;
1455}
Linux kernel - Deliverables
This page took 0.031131 seconds and 5 git commands to generate.