projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Bluetooth: Add public l2cap_conn_shutdown() API to request disconnection
[deliverable/linux.git] / net / bluetooth / smp.c
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21 */
22
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
26
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
31
32 #include "smp.h"
33
34 #define SMP_TIMEOUT msecs_to_jiffies(30000)
35
36 #define AUTH_REQ_MASK 0x07
37
38 enum {
39 SMP_FLAG_TK_VALID,
40 SMP_FLAG_CFM_PENDING,
41 SMP_FLAG_MITM_AUTH,
42 SMP_FLAG_COMPLETE,
43 SMP_FLAG_INITIATOR,
44 };
45
46 struct smp_chan {
47 struct l2cap_conn *conn;
48 u8 preq[7]; /* SMP Pairing Request */
49 u8 prsp[7]; /* SMP Pairing Response */
50 u8 prnd[16]; /* SMP Pairing Random (local) */
51 u8 rrnd[16]; /* SMP Pairing Random (remote) */
52 u8 pcnf[16]; /* SMP Pairing Confirm */
53 u8 tk[16]; /* SMP Temporary Key */
54 u8 enc_key_size;
55 u8 remote_key_dist;
56 bdaddr_t id_addr;
57 u8 id_addr_type;
58 u8 irk[16];
59 struct smp_csrk *csrk;
60 struct smp_csrk *slave_csrk;
61 struct smp_ltk *ltk;
62 struct smp_ltk *slave_ltk;
63 struct smp_irk *remote_irk;
64 unsigned long flags;
65
66 struct crypto_blkcipher *tfm_aes;
67 };
68
69 static inline void swap_buf(const u8 *src, u8 *dst, size_t len)
70 {
71 size_t i;
72
73 for (i = 0; i < len; i++)
74 dst[len - 1 - i] = src[i];
75 }
76
77 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
78 {
79 struct blkcipher_desc desc;
80 struct scatterlist sg;
81 uint8_t tmp[16], data[16];
82 int err;
83
84 if (tfm == NULL) {
85 BT_ERR("tfm %p", tfm);
86 return -EINVAL;
87 }
88
89 desc.tfm = tfm;
90 desc.flags = 0;
91
92 /* The most significant octet of key corresponds to k[0] */
93 swap_buf(k, tmp, 16);
94
95 err = crypto_blkcipher_setkey(tfm, tmp, 16);
96 if (err) {
97 BT_ERR("cipher setkey failed: %d", err);
98 return err;
99 }
100
101 /* Most significant octet of plaintextData corresponds to data[0] */
102 swap_buf(r, data, 16);
103
104 sg_init_one(&sg, data, 16);
105
106 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
107 if (err)
108 BT_ERR("Encrypt data error %d", err);
109
110 /* Most significant octet of encryptedData corresponds to data[0] */
111 swap_buf(data, r, 16);
112
113 return err;
114 }
115
116 static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
117 {
118 u8 _res[16];
119 int err;
120
121 /* r' = padding || r */
122 memcpy(_res, r, 3);
123 memset(_res + 3, 0, 13);
124
125 err = smp_e(tfm, irk, _res);
126 if (err) {
127 BT_ERR("Encrypt error");
128 return err;
129 }
130
131 /* The output of the random address function ah is:
132 * ah(h, r) = e(k, r') mod 2^24
133 * The output of the security function e is then truncated to 24 bits
134 * by taking the least significant 24 bits of the output of e as the
135 * result of ah.
136 */
137 memcpy(res, _res, 3);
138
139 return 0;
140 }
141
142 bool smp_irk_matches(struct hci_dev *hdev, u8 irk[16], bdaddr_t *bdaddr)
143 {
144 struct l2cap_chan *chan = hdev->smp_data;
145 struct crypto_blkcipher *tfm;
146 u8 hash[3];
147 int err;
148
149 if (!chan || !chan->data)
150 return false;
151
152 tfm = chan->data;
153
154 BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk);
155
156 err = smp_ah(tfm, irk, &bdaddr->b[3], hash);
157 if (err)
158 return false;
159
160 return !memcmp(bdaddr->b, hash, 3);
161 }
162
163 int smp_generate_rpa(struct hci_dev *hdev, u8 irk[16], bdaddr_t *rpa)
164 {
165 struct l2cap_chan *chan = hdev->smp_data;
166 struct crypto_blkcipher *tfm;
167 int err;
168
169 if (!chan || !chan->data)
170 return -EOPNOTSUPP;
171
172 tfm = chan->data;
173
174 get_random_bytes(&rpa->b[3], 3);
175
176 rpa->b[5] &= 0x3f; /* Clear two most significant bits */
177 rpa->b[5] |= 0x40; /* Set second most significant bit */
178
179 err = smp_ah(tfm, irk, &rpa->b[3], rpa->b);
180 if (err < 0)
181 return err;
182
183 BT_DBG("RPA %pMR", rpa);
184
185 return 0;
186 }
187
188 static int smp_c1(struct smp_chan *smp, u8 k[16], u8 r[16], u8 preq[7],
189 u8 pres[7], u8 _iat, bdaddr_t *ia, u8 _rat, bdaddr_t *ra,
190 u8 res[16])
191 {
192 struct hci_dev *hdev = smp->conn->hcon->hdev;
193 u8 p1[16], p2[16];
194 int err;
195
196 BT_DBG("%s", hdev->name);
197
198 memset(p1, 0, 16);
199
200 /* p1 = pres || preq || _rat || _iat */
201 p1[0] = _iat;
202 p1[1] = _rat;
203 memcpy(p1 + 2, preq, 7);
204 memcpy(p1 + 9, pres, 7);
205
206 /* p2 = padding || ia || ra */
207 memcpy(p2, ra, 6);
208 memcpy(p2 + 6, ia, 6);
209 memset(p2 + 12, 0, 4);
210
211 /* res = r XOR p1 */
212 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
213
214 /* res = e(k, res) */
215 err = smp_e(smp->tfm_aes, k, res);
216 if (err) {
217 BT_ERR("Encrypt data error");
218 return err;
219 }
220
221 /* res = res XOR p2 */
222 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
223
224 /* res = e(k, res) */
225 err = smp_e(smp->tfm_aes, k, res);
226 if (err)
227 BT_ERR("Encrypt data error");
228
229 return err;
230 }
231
232 static int smp_s1(struct smp_chan *smp, u8 k[16], u8 r1[16], u8 r2[16],
233 u8 _r[16])
234 {
235 struct hci_dev *hdev = smp->conn->hcon->hdev;
236 int err;
237
238 BT_DBG("%s", hdev->name);
239
240 /* Just least significant octets from r1 and r2 are considered */
241 memcpy(_r, r2, 8);
242 memcpy(_r + 8, r1, 8);
243
244 err = smp_e(smp->tfm_aes, k, _r);
245 if (err)
246 BT_ERR("Encrypt data error");
247
248 return err;
249 }
250
251 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
252 {
253 struct l2cap_chan *chan = conn->smp;
254 struct kvec iv[2];
255 struct msghdr msg;
256
257 if (!chan)
258 return;
259
260 BT_DBG("code 0x%2.2x", code);
261
262 iv[0].iov_base = &code;
263 iv[0].iov_len = 1;
264
265 iv[1].iov_base = data;
266 iv[1].iov_len = len;
267
268 memset(&msg, 0, sizeof(msg));
269
270 msg.msg_iov = (struct iovec *) &iv;
271 msg.msg_iovlen = 2;
272
273 l2cap_chan_send(chan, &msg, 1 + len);
274
275 cancel_delayed_work_sync(&conn->security_timer);
276 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
277 }
278
279 static __u8 authreq_to_seclevel(__u8 authreq)
280 {
281 if (authreq & SMP_AUTH_MITM)
282 return BT_SECURITY_HIGH;
283 else
284 return BT_SECURITY_MEDIUM;
285 }
286
287 static __u8 seclevel_to_authreq(__u8 sec_level)
288 {
289 switch (sec_level) {
290 case BT_SECURITY_HIGH:
291 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
292 case BT_SECURITY_MEDIUM:
293 return SMP_AUTH_BONDING;
294 default:
295 return SMP_AUTH_NONE;
296 }
297 }
298
299 static void build_pairing_cmd(struct l2cap_conn *conn,
300 struct smp_cmd_pairing *req,
301 struct smp_cmd_pairing *rsp, __u8 authreq)
302 {
303 struct l2cap_chan *chan = conn->smp;
304 struct smp_chan *smp = chan->data;
305 struct hci_conn *hcon = conn->hcon;
306 struct hci_dev *hdev = hcon->hdev;
307 u8 local_dist = 0, remote_dist = 0;
308
309 if (test_bit(HCI_BONDABLE, &conn->hcon->hdev->dev_flags)) {
310 local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
311 remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
312 authreq |= SMP_AUTH_BONDING;
313 } else {
314 authreq &= ~SMP_AUTH_BONDING;
315 }
316
317 if (test_bit(HCI_RPA_RESOLVING, &hdev->dev_flags))
318 remote_dist |= SMP_DIST_ID_KEY;
319
320 if (test_bit(HCI_PRIVACY, &hdev->dev_flags))
321 local_dist |= SMP_DIST_ID_KEY;
322
323 if (rsp == NULL) {
324 req->io_capability = conn->hcon->io_capability;
325 req->oob_flag = SMP_OOB_NOT_PRESENT;
326 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
327 req->init_key_dist = local_dist;
328 req->resp_key_dist = remote_dist;
329 req->auth_req = (authreq & AUTH_REQ_MASK);
330
331 smp->remote_key_dist = remote_dist;
332 return;
333 }
334
335 rsp->io_capability = conn->hcon->io_capability;
336 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
337 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
338 rsp->init_key_dist = req->init_key_dist & remote_dist;
339 rsp->resp_key_dist = req->resp_key_dist & local_dist;
340 rsp->auth_req = (authreq & AUTH_REQ_MASK);
341
342 smp->remote_key_dist = rsp->init_key_dist;
343 }
344
345 static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
346 {
347 struct l2cap_chan *chan = conn->smp;
348 struct smp_chan *smp = chan->data;
349
350 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
351 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
352 return SMP_ENC_KEY_SIZE;
353
354 smp->enc_key_size = max_key_size;
355
356 return 0;
357 }
358
359 static void smp_failure(struct l2cap_conn *conn, u8 reason)
360 {
361 struct hci_conn *hcon = conn->hcon;
362
363 if (reason)
364 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
365 &reason);
366
367 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
368 mgmt_auth_failed(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type,
369 HCI_ERROR_AUTH_FAILURE);
370
371 cancel_delayed_work_sync(&conn->security_timer);
372
373 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
374 smp_chan_destroy(conn);
375 }
376
377 #define JUST_WORKS 0x00
378 #define JUST_CFM 0x01
379 #define REQ_PASSKEY 0x02
380 #define CFM_PASSKEY 0x03
381 #define REQ_OOB 0x04
382 #define OVERLAP 0xFF
383
384 static const u8 gen_method[5][5] = {
385 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
386 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
387 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
388 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
389 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
390 };
391
392 static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
393 {
394 /* If either side has unknown io_caps, use JUST_CFM (which gets
395 * converted later to JUST_WORKS if we're initiators.
396 */
397 if (local_io > SMP_IO_KEYBOARD_DISPLAY ||
398 remote_io > SMP_IO_KEYBOARD_DISPLAY)
399 return JUST_CFM;
400
401 return gen_method[remote_io][local_io];
402 }
403
404 static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
405 u8 local_io, u8 remote_io)
406 {
407 struct hci_conn *hcon = conn->hcon;
408 struct l2cap_chan *chan = conn->smp;
409 struct smp_chan *smp = chan->data;
410 u8 method;
411 u32 passkey = 0;
412 int ret = 0;
413
414 /* Initialize key for JUST WORKS */
415 memset(smp->tk, 0, sizeof(smp->tk));
416 clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
417
418 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
419
420 /* If neither side wants MITM, either "just" confirm an incoming
421 * request or use just-works for outgoing ones. The JUST_CFM
422 * will be converted to JUST_WORKS if necessary later in this
423 * function. If either side has MITM look up the method from the
424 * table.
425 */
426 if (!(auth & SMP_AUTH_MITM))
427 method = JUST_CFM;
428 else
429 method = get_auth_method(smp, local_io, remote_io);
430
431 /* Don't confirm locally initiated pairing attempts */
432 if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags))
433 method = JUST_WORKS;
434
435 /* Don't bother user space with no IO capabilities */
436 if (method == JUST_CFM && hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
437 method = JUST_WORKS;
438
439 /* If Just Works, Continue with Zero TK */
440 if (method == JUST_WORKS) {
441 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
442 return 0;
443 }
444
445 /* Not Just Works/Confirm results in MITM Authentication */
446 if (method != JUST_CFM)
447 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
448
449 /* If both devices have Keyoard-Display I/O, the master
450 * Confirms and the slave Enters the passkey.
451 */
452 if (method == OVERLAP) {
453 if (hcon->role == HCI_ROLE_MASTER)
454 method = CFM_PASSKEY;
455 else
456 method = REQ_PASSKEY;
457 }
458
459 /* Generate random passkey. */
460 if (method == CFM_PASSKEY) {
461 memset(smp->tk, 0, sizeof(smp->tk));
462 get_random_bytes(&passkey, sizeof(passkey));
463 passkey %= 1000000;
464 put_unaligned_le32(passkey, smp->tk);
465 BT_DBG("PassKey: %d", passkey);
466 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
467 }
468
469 hci_dev_lock(hcon->hdev);
470
471 if (method == REQ_PASSKEY)
472 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
473 hcon->type, hcon->dst_type);
474 else if (method == JUST_CFM)
475 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
476 hcon->type, hcon->dst_type,
477 passkey, 1);
478 else
479 ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst,
480 hcon->type, hcon->dst_type,
481 passkey, 0);
482
483 hci_dev_unlock(hcon->hdev);
484
485 return ret;
486 }
487
488 static u8 smp_confirm(struct smp_chan *smp)
489 {
490 struct l2cap_conn *conn = smp->conn;
491 struct smp_cmd_pairing_confirm cp;
492 int ret;
493
494 BT_DBG("conn %p", conn);
495
496 ret = smp_c1(smp, smp->tk, smp->prnd, smp->preq, smp->prsp,
497 conn->hcon->init_addr_type, &conn->hcon->init_addr,
498 conn->hcon->resp_addr_type, &conn->hcon->resp_addr,
499 cp.confirm_val);
500 if (ret)
501 return SMP_UNSPECIFIED;
502
503 clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
504
505 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
506
507 return 0;
508 }
509
510 static u8 smp_random(struct smp_chan *smp)
511 {
512 struct l2cap_conn *conn = smp->conn;
513 struct hci_conn *hcon = conn->hcon;
514 u8 confirm[16];
515 int ret;
516
517 if (IS_ERR_OR_NULL(smp->tfm_aes))
518 return SMP_UNSPECIFIED;
519
520 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
521
522 ret = smp_c1(smp, smp->tk, smp->rrnd, smp->preq, smp->prsp,
523 hcon->init_addr_type, &hcon->init_addr,
524 hcon->resp_addr_type, &hcon->resp_addr, confirm);
525 if (ret)
526 return SMP_UNSPECIFIED;
527
528 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
529 BT_ERR("Pairing failed (confirmation values mismatch)");
530 return SMP_CONFIRM_FAILED;
531 }
532
533 if (hcon->out) {
534 u8 stk[16];
535 __le64 rand = 0;
536 __le16 ediv = 0;
537
538 smp_s1(smp, smp->tk, smp->rrnd, smp->prnd, stk);
539
540 memset(stk + smp->enc_key_size, 0,
541 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
542
543 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
544 return SMP_UNSPECIFIED;
545
546 hci_le_start_enc(hcon, ediv, rand, stk);
547 hcon->enc_key_size = smp->enc_key_size;
548 set_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
549 } else {
550 u8 stk[16], auth;
551 __le64 rand = 0;
552 __le16 ediv = 0;
553
554 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
555 smp->prnd);
556
557 smp_s1(smp, smp->tk, smp->prnd, smp->rrnd, stk);
558
559 memset(stk + smp->enc_key_size, 0,
560 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
561
562 if (hcon->pending_sec_level == BT_SECURITY_HIGH)
563 auth = 1;
564 else
565 auth = 0;
566
567 /* Even though there's no _SLAVE suffix this is the
568 * slave STK we're adding for later lookup (the master
569 * STK never needs to be stored).
570 */
571 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
572 SMP_STK, auth, stk, smp->enc_key_size, ediv, rand);
573 }
574
575 return 0;
576 }
577
578 static void smp_notify_keys(struct l2cap_conn *conn)
579 {
580 struct l2cap_chan *chan = conn->smp;
581 struct smp_chan *smp = chan->data;
582 struct hci_conn *hcon = conn->hcon;
583 struct hci_dev *hdev = hcon->hdev;
584 struct smp_cmd_pairing *req = (void *) &smp->preq[1];
585 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
586 bool persistent;
587
588 if (smp->remote_irk) {
589 mgmt_new_irk(hdev, smp->remote_irk);
590 /* Now that user space can be considered to know the
591 * identity address track the connection based on it
592 * from now on.
593 */
594 bacpy(&hcon->dst, &smp->remote_irk->bdaddr);
595 hcon->dst_type = smp->remote_irk->addr_type;
596 l2cap_conn_update_id_addr(hcon);
597
598 /* When receiving an indentity resolving key for
599 * a remote device that does not use a resolvable
600 * private address, just remove the key so that
601 * it is possible to use the controller white
602 * list for scanning.
603 *
604 * Userspace will have been told to not store
605 * this key at this point. So it is safe to
606 * just remove it.
607 */
608 if (!bacmp(&smp->remote_irk->rpa, BDADDR_ANY)) {
609 list_del(&smp->remote_irk->list);
610 kfree(smp->remote_irk);
611 smp->remote_irk = NULL;
612 }
613 }
614
615 /* The LTKs and CSRKs should be persistent only if both sides
616 * had the bonding bit set in their authentication requests.
617 */
618 persistent = !!((req->auth_req & rsp->auth_req) & SMP_AUTH_BONDING);
619
620 if (smp->csrk) {
621 smp->csrk->bdaddr_type = hcon->dst_type;
622 bacpy(&smp->csrk->bdaddr, &hcon->dst);
623 mgmt_new_csrk(hdev, smp->csrk, persistent);
624 }
625
626 if (smp->slave_csrk) {
627 smp->slave_csrk->bdaddr_type = hcon->dst_type;
628 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst);
629 mgmt_new_csrk(hdev, smp->slave_csrk, persistent);
630 }
631
632 if (smp->ltk) {
633 smp->ltk->bdaddr_type = hcon->dst_type;
634 bacpy(&smp->ltk->bdaddr, &hcon->dst);
635 mgmt_new_ltk(hdev, smp->ltk, persistent);
636 }
637
638 if (smp->slave_ltk) {
639 smp->slave_ltk->bdaddr_type = hcon->dst_type;
640 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
641 mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
642 }
643 }
644
645 static int smp_distribute_keys(struct l2cap_conn *conn)
646 {
647 struct smp_cmd_pairing *req, *rsp;
648 struct l2cap_chan *chan = conn->smp;
649 struct smp_chan *smp = chan->data;
650 struct hci_conn *hcon = conn->hcon;
651 struct hci_dev *hdev = hcon->hdev;
652 __u8 *keydist;
653
654 BT_DBG("conn %p", conn);
655
656 if (!test_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
657 return 0;
658
659 rsp = (void *) &smp->prsp[1];
660
661 /* The responder sends its keys first */
662 if (hcon->out && (smp->remote_key_dist & 0x07))
663 return 0;
664
665 req = (void *) &smp->preq[1];
666
667 if (hcon->out) {
668 keydist = &rsp->init_key_dist;
669 *keydist &= req->init_key_dist;
670 } else {
671 keydist = &rsp->resp_key_dist;
672 *keydist &= req->resp_key_dist;
673 }
674
675 BT_DBG("keydist 0x%x", *keydist);
676
677 if (*keydist & SMP_DIST_ENC_KEY) {
678 struct smp_cmd_encrypt_info enc;
679 struct smp_cmd_master_ident ident;
680 struct smp_ltk *ltk;
681 u8 authenticated;
682 __le16 ediv;
683 __le64 rand;
684
685 get_random_bytes(enc.ltk, sizeof(enc.ltk));
686 get_random_bytes(&ediv, sizeof(ediv));
687 get_random_bytes(&rand, sizeof(rand));
688
689 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
690
691 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
692 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type,
693 SMP_LTK_SLAVE, authenticated, enc.ltk,
694 smp->enc_key_size, ediv, rand);
695 smp->slave_ltk = ltk;
696
697 ident.ediv = ediv;
698 ident.rand = rand;
699
700 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
701
702 *keydist &= ~SMP_DIST_ENC_KEY;
703 }
704
705 if (*keydist & SMP_DIST_ID_KEY) {
706 struct smp_cmd_ident_addr_info addrinfo;
707 struct smp_cmd_ident_info idinfo;
708
709 memcpy(idinfo.irk, hdev->irk, sizeof(idinfo.irk));
710
711 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
712
713 /* The hci_conn contains the local identity address
714 * after the connection has been established.
715 *
716 * This is true even when the connection has been
717 * established using a resolvable random address.
718 */
719 bacpy(&addrinfo.bdaddr, &hcon->src);
720 addrinfo.addr_type = hcon->src_type;
721
722 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
723 &addrinfo);
724
725 *keydist &= ~SMP_DIST_ID_KEY;
726 }
727
728 if (*keydist & SMP_DIST_SIGN) {
729 struct smp_cmd_sign_info sign;
730 struct smp_csrk *csrk;
731
732 /* Generate a new random key */
733 get_random_bytes(sign.csrk, sizeof(sign.csrk));
734
735 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
736 if (csrk) {
737 csrk->master = 0x00;
738 memcpy(csrk->val, sign.csrk, sizeof(csrk->val));
739 }
740 smp->slave_csrk = csrk;
741
742 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
743
744 *keydist &= ~SMP_DIST_SIGN;
745 }
746
747 /* If there are still keys to be received wait for them */
748 if ((smp->remote_key_dist & 0x07))
749 return 0;
750
751 clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags);
752 cancel_delayed_work_sync(&conn->security_timer);
753 set_bit(SMP_FLAG_COMPLETE, &smp->flags);
754 smp_notify_keys(conn);
755
756 smp_chan_destroy(conn);
757
758 return 0;
759 }
760
761 static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
762 {
763 struct l2cap_chan *chan = conn->smp;
764 struct smp_chan *smp;
765
766 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
767 if (!smp) {
768 clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags);
769 return NULL;
770 }
771
772 smp->tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
773 if (IS_ERR(smp->tfm_aes)) {
774 BT_ERR("Unable to create ECB crypto context");
775 kfree(smp);
776 clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags);
777 return NULL;
778 }
779
780 smp->conn = conn;
781 chan->data = smp;
782
783 hci_conn_hold(conn->hcon);
784
785 return smp;
786 }
787
788 void smp_chan_destroy(struct l2cap_conn *conn)
789 {
790 struct l2cap_chan *chan = conn->smp;
791 struct smp_chan *smp = chan->data;
792 bool complete;
793
794 BUG_ON(!smp);
795
796 complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
797 mgmt_smp_complete(conn->hcon, complete);
798
799 kfree(smp->csrk);
800 kfree(smp->slave_csrk);
801
802 crypto_free_blkcipher(smp->tfm_aes);
803
804 /* If pairing failed clean up any keys we might have */
805 if (!complete) {
806 if (smp->ltk) {
807 list_del(&smp->ltk->list);
808 kfree(smp->ltk);
809 }
810
811 if (smp->slave_ltk) {
812 list_del(&smp->slave_ltk->list);
813 kfree(smp->slave_ltk);
814 }
815
816 if (smp->remote_irk) {
817 list_del(&smp->remote_irk->list);
818 kfree(smp->remote_irk);
819 }
820 }
821
822 chan->data = NULL;
823 kfree(smp);
824 hci_conn_drop(conn->hcon);
825 }
826
827 int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
828 {
829 struct l2cap_conn *conn = hcon->l2cap_data;
830 struct l2cap_chan *chan;
831 struct smp_chan *smp;
832 u32 value;
833
834 BT_DBG("");
835
836 if (!conn || !test_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
837 return -ENOTCONN;
838
839 chan = conn->smp;
840 if (!chan)
841 return -ENOTCONN;
842
843 smp = chan->data;
844
845 switch (mgmt_op) {
846 case MGMT_OP_USER_PASSKEY_REPLY:
847 value = le32_to_cpu(passkey);
848 memset(smp->tk, 0, sizeof(smp->tk));
849 BT_DBG("PassKey: %d", value);
850 put_unaligned_le32(value, smp->tk);
851 /* Fall Through */
852 case MGMT_OP_USER_CONFIRM_REPLY:
853 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
854 break;
855 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
856 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
857 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
858 return 0;
859 default:
860 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
861 return -EOPNOTSUPP;
862 }
863
864 /* If it is our turn to send Pairing Confirm, do so now */
865 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) {
866 u8 rsp = smp_confirm(smp);
867 if (rsp)
868 smp_failure(conn, rsp);
869 }
870
871 return 0;
872 }
873
874 static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
875 {
876 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
877 struct hci_dev *hdev = conn->hcon->hdev;
878 struct smp_chan *smp;
879 u8 key_size, auth, sec_level;
880 int ret;
881
882 BT_DBG("conn %p", conn);
883
884 if (skb->len < sizeof(*req))
885 return SMP_INVALID_PARAMS;
886
887 if (conn->hcon->role != HCI_ROLE_SLAVE)
888 return SMP_CMD_NOTSUPP;
889
890 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags)) {
891 smp = smp_chan_create(conn);
892 } else {
893 struct l2cap_chan *chan = conn->smp;
894 smp = chan->data;
895 }
896
897 if (!smp)
898 return SMP_UNSPECIFIED;
899
900 if (!test_bit(HCI_BONDABLE, &hdev->dev_flags) &&
901 (req->auth_req & SMP_AUTH_BONDING))
902 return SMP_PAIRING_NOTSUPP;
903
904 smp->preq[0] = SMP_CMD_PAIRING_REQ;
905 memcpy(&smp->preq[1], req, sizeof(*req));
906 skb_pull(skb, sizeof(*req));
907
908 /* We didn't start the pairing, so match remote */
909 auth = req->auth_req;
910
911 sec_level = authreq_to_seclevel(auth);
912 if (sec_level > conn->hcon->pending_sec_level)
913 conn->hcon->pending_sec_level = sec_level;
914
915 /* If we need MITM check that it can be acheived */
916 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
917 u8 method;
918
919 method = get_auth_method(smp, conn->hcon->io_capability,
920 req->io_capability);
921 if (method == JUST_WORKS || method == JUST_CFM)
922 return SMP_AUTH_REQUIREMENTS;
923 }
924
925 build_pairing_cmd(conn, req, &rsp, auth);
926
927 key_size = min(req->max_key_size, rsp.max_key_size);
928 if (check_enc_key_size(conn, key_size))
929 return SMP_ENC_KEY_SIZE;
930
931 get_random_bytes(smp->prnd, sizeof(smp->prnd));
932
933 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
934 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
935
936 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
937
938 /* Request setup of TK */
939 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
940 if (ret)
941 return SMP_UNSPECIFIED;
942
943 return 0;
944 }
945
946 static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
947 {
948 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
949 struct l2cap_chan *chan = conn->smp;
950 struct smp_chan *smp = chan->data;
951 u8 key_size, auth = SMP_AUTH_NONE;
952 int ret;
953
954 BT_DBG("conn %p", conn);
955
956 if (skb->len < sizeof(*rsp))
957 return SMP_INVALID_PARAMS;
958
959 if (conn->hcon->role != HCI_ROLE_MASTER)
960 return SMP_CMD_NOTSUPP;
961
962 skb_pull(skb, sizeof(*rsp));
963
964 req = (void *) &smp->preq[1];
965
966 key_size = min(req->max_key_size, rsp->max_key_size);
967 if (check_enc_key_size(conn, key_size))
968 return SMP_ENC_KEY_SIZE;
969
970 /* If we need MITM check that it can be acheived */
971 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
972 u8 method;
973
974 method = get_auth_method(smp, req->io_capability,
975 rsp->io_capability);
976 if (method == JUST_WORKS || method == JUST_CFM)
977 return SMP_AUTH_REQUIREMENTS;
978 }
979
980 get_random_bytes(smp->prnd, sizeof(smp->prnd));
981
982 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
983 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
984
985 /* Update remote key distribution in case the remote cleared
986 * some bits that we had enabled in our request.
987 */
988 smp->remote_key_dist &= rsp->resp_key_dist;
989
990 if ((req->auth_req & SMP_AUTH_BONDING) &&
991 (rsp->auth_req & SMP_AUTH_BONDING))
992 auth = SMP_AUTH_BONDING;
993
994 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
995
996 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
997 if (ret)
998 return SMP_UNSPECIFIED;
999
1000 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
1001
1002 /* Can't compose response until we have been confirmed */
1003 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
1004 return smp_confirm(smp);
1005
1006 return 0;
1007 }
1008
1009 static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
1010 {
1011 struct l2cap_chan *chan = conn->smp;
1012 struct smp_chan *smp = chan->data;
1013
1014 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
1015
1016 if (skb->len < sizeof(smp->pcnf))
1017 return SMP_INVALID_PARAMS;
1018
1019 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
1020 skb_pull(skb, sizeof(smp->pcnf));
1021
1022 if (conn->hcon->out)
1023 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
1024 smp->prnd);
1025 else if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
1026 return smp_confirm(smp);
1027 else
1028 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
1029
1030 return 0;
1031 }
1032
1033 static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
1034 {
1035 struct l2cap_chan *chan = conn->smp;
1036 struct smp_chan *smp = chan->data;
1037
1038 BT_DBG("conn %p", conn);
1039
1040 if (skb->len < sizeof(smp->rrnd))
1041 return SMP_INVALID_PARAMS;
1042
1043 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
1044 skb_pull(skb, sizeof(smp->rrnd));
1045
1046 return smp_random(smp);
1047 }
1048
1049 static bool smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
1050 {
1051 struct smp_ltk *key;
1052 struct hci_conn *hcon = conn->hcon;
1053
1054 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
1055 hcon->role);
1056 if (!key)
1057 return false;
1058
1059 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
1060 return false;
1061
1062 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
1063 return true;
1064
1065 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
1066 hcon->enc_key_size = key->enc_size;
1067
1068 /* We never store STKs for master role, so clear this flag */
1069 clear_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
1070
1071 return true;
1072 }
1073
1074 bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level)
1075 {
1076 if (sec_level == BT_SECURITY_LOW)
1077 return true;
1078
1079 /* If we're encrypted with an STK always claim insufficient
1080 * security. This way we allow the connection to be re-encrypted
1081 * with an LTK, even if the LTK provides the same level of
1082 * security. Only exception is if we don't have an LTK (e.g.
1083 * because of key distribution bits).
1084 */
1085 if (test_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags) &&
1086 hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
1087 hcon->role))
1088 return false;
1089
1090 if (hcon->sec_level >= sec_level)
1091 return true;
1092
1093 return false;
1094 }
1095
1096 static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
1097 {
1098 struct smp_cmd_security_req *rp = (void *) skb->data;
1099 struct smp_cmd_pairing cp;
1100 struct hci_conn *hcon = conn->hcon;
1101 struct smp_chan *smp;
1102 u8 sec_level;
1103
1104 BT_DBG("conn %p", conn);
1105
1106 if (skb->len < sizeof(*rp))
1107 return SMP_INVALID_PARAMS;
1108
1109 if (hcon->role != HCI_ROLE_MASTER)
1110 return SMP_CMD_NOTSUPP;
1111
1112 sec_level = authreq_to_seclevel(rp->auth_req);
1113 if (smp_sufficient_security(hcon, sec_level))
1114 return 0;
1115
1116 if (sec_level > hcon->pending_sec_level)
1117 hcon->pending_sec_level = sec_level;
1118
1119 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
1120 return 0;
1121
1122 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
1123 return 0;
1124
1125 smp = smp_chan_create(conn);
1126 if (!smp)
1127 return SMP_UNSPECIFIED;
1128
1129 if (!test_bit(HCI_BONDABLE, &hcon->hdev->dev_flags) &&
1130 (rp->auth_req & SMP_AUTH_BONDING))
1131 return SMP_PAIRING_NOTSUPP;
1132
1133 skb_pull(skb, sizeof(*rp));
1134
1135 memset(&cp, 0, sizeof(cp));
1136 build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
1137
1138 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1139 memcpy(&smp->preq[1], &cp, sizeof(cp));
1140
1141 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
1142
1143 return 0;
1144 }
1145
1146 int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
1147 {
1148 struct l2cap_conn *conn = hcon->l2cap_data;
1149 struct smp_chan *smp;
1150 __u8 authreq;
1151
1152 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
1153
1154 /* This may be NULL if there's an unexpected disconnection */
1155 if (!conn)
1156 return 1;
1157
1158 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
1159 return 1;
1160
1161 if (smp_sufficient_security(hcon, sec_level))
1162 return 1;
1163
1164 if (sec_level > hcon->pending_sec_level)
1165 hcon->pending_sec_level = sec_level;
1166
1167 if (hcon->role == HCI_ROLE_MASTER)
1168 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
1169 return 0;
1170
1171 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
1172 return 0;
1173
1174 smp = smp_chan_create(conn);
1175 if (!smp)
1176 return 1;
1177
1178 authreq = seclevel_to_authreq(sec_level);
1179
1180 /* Require MITM if IO Capability allows or the security level
1181 * requires it.
1182 */
1183 if (hcon->io_capability != HCI_IO_NO_INPUT_OUTPUT ||
1184 hcon->pending_sec_level > BT_SECURITY_MEDIUM)
1185 authreq |= SMP_AUTH_MITM;
1186
1187 if (hcon->role == HCI_ROLE_MASTER) {
1188 struct smp_cmd_pairing cp;
1189
1190 build_pairing_cmd(conn, &cp, NULL, authreq);
1191 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1192 memcpy(&smp->preq[1], &cp, sizeof(cp));
1193
1194 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
1195 } else {
1196 struct smp_cmd_security_req cp;
1197 cp.auth_req = authreq;
1198 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
1199 }
1200
1201 set_bit(SMP_FLAG_INITIATOR, &smp->flags);
1202
1203 return 0;
1204 }
1205
1206 static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
1207 {
1208 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
1209 struct l2cap_chan *chan = conn->smp;
1210 struct smp_chan *smp = chan->data;
1211
1212 BT_DBG("conn %p", conn);
1213
1214 if (skb->len < sizeof(*rp))
1215 return SMP_INVALID_PARAMS;
1216
1217 /* Ignore this PDU if it wasn't requested */
1218 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
1219 return 0;
1220
1221 skb_pull(skb, sizeof(*rp));
1222
1223 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
1224
1225 return 0;
1226 }
1227
1228 static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
1229 {
1230 struct smp_cmd_master_ident *rp = (void *) skb->data;
1231 struct l2cap_chan *chan = conn->smp;
1232 struct smp_chan *smp = chan->data;
1233 struct hci_dev *hdev = conn->hcon->hdev;
1234 struct hci_conn *hcon = conn->hcon;
1235 struct smp_ltk *ltk;
1236 u8 authenticated;
1237
1238 BT_DBG("conn %p", conn);
1239
1240 if (skb->len < sizeof(*rp))
1241 return SMP_INVALID_PARAMS;
1242
1243 /* Ignore this PDU if it wasn't requested */
1244 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
1245 return 0;
1246
1247 /* Mark the information as received */
1248 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
1249
1250 skb_pull(skb, sizeof(*rp));
1251
1252 hci_dev_lock(hdev);
1253 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
1254 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, SMP_LTK,
1255 authenticated, smp->tk, smp->enc_key_size,
1256 rp->ediv, rp->rand);
1257 smp->ltk = ltk;
1258 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1259 smp_distribute_keys(conn);
1260 hci_dev_unlock(hdev);
1261
1262 return 0;
1263 }
1264
1265 static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
1266 {
1267 struct smp_cmd_ident_info *info = (void *) skb->data;
1268 struct l2cap_chan *chan = conn->smp;
1269 struct smp_chan *smp = chan->data;
1270
1271 BT_DBG("");
1272
1273 if (skb->len < sizeof(*info))
1274 return SMP_INVALID_PARAMS;
1275
1276 /* Ignore this PDU if it wasn't requested */
1277 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1278 return 0;
1279
1280 skb_pull(skb, sizeof(*info));
1281
1282 memcpy(smp->irk, info->irk, 16);
1283
1284 return 0;
1285 }
1286
1287 static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
1288 struct sk_buff *skb)
1289 {
1290 struct smp_cmd_ident_addr_info *info = (void *) skb->data;
1291 struct l2cap_chan *chan = conn->smp;
1292 struct smp_chan *smp = chan->data;
1293 struct hci_conn *hcon = conn->hcon;
1294 bdaddr_t rpa;
1295
1296 BT_DBG("");
1297
1298 if (skb->len < sizeof(*info))
1299 return SMP_INVALID_PARAMS;
1300
1301 /* Ignore this PDU if it wasn't requested */
1302 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1303 return 0;
1304
1305 /* Mark the information as received */
1306 smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
1307
1308 skb_pull(skb, sizeof(*info));
1309
1310 hci_dev_lock(hcon->hdev);
1311
1312 /* Strictly speaking the Core Specification (4.1) allows sending
1313 * an empty address which would force us to rely on just the IRK
1314 * as "identity information". However, since such
1315 * implementations are not known of and in order to not over
1316 * complicate our implementation, simply pretend that we never
1317 * received an IRK for such a device.
1318 */
1319 if (!bacmp(&info->bdaddr, BDADDR_ANY)) {
1320 BT_ERR("Ignoring IRK with no identity address");
1321 goto distribute;
1322 }
1323
1324 bacpy(&smp->id_addr, &info->bdaddr);
1325 smp->id_addr_type = info->addr_type;
1326
1327 if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type))
1328 bacpy(&rpa, &hcon->dst);
1329 else
1330 bacpy(&rpa, BDADDR_ANY);
1331
1332 smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
1333 smp->id_addr_type, smp->irk, &rpa);
1334
1335 distribute:
1336 smp_distribute_keys(conn);
1337
1338 hci_dev_unlock(hcon->hdev);
1339
1340 return 0;
1341 }
1342
1343 static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb)
1344 {
1345 struct smp_cmd_sign_info *rp = (void *) skb->data;
1346 struct l2cap_chan *chan = conn->smp;
1347 struct smp_chan *smp = chan->data;
1348 struct hci_dev *hdev = conn->hcon->hdev;
1349 struct smp_csrk *csrk;
1350
1351 BT_DBG("conn %p", conn);
1352
1353 if (skb->len < sizeof(*rp))
1354 return SMP_INVALID_PARAMS;
1355
1356 /* Ignore this PDU if it wasn't requested */
1357 if (!(smp->remote_key_dist & SMP_DIST_SIGN))
1358 return 0;
1359
1360 /* Mark the information as received */
1361 smp->remote_key_dist &= ~SMP_DIST_SIGN;
1362
1363 skb_pull(skb, sizeof(*rp));
1364
1365 hci_dev_lock(hdev);
1366 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1367 if (csrk) {
1368 csrk->master = 0x01;
1369 memcpy(csrk->val, rp->csrk, sizeof(csrk->val));
1370 }
1371 smp->csrk = csrk;
1372 smp_distribute_keys(conn);
1373 hci_dev_unlock(hdev);
1374
1375 return 0;
1376 }
1377
1378 static int smp_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
1379 {
1380 struct l2cap_conn *conn = chan->conn;
1381 struct hci_conn *hcon = conn->hcon;
1382 __u8 code, reason;
1383 int err = 0;
1384
1385 if (hcon->type != LE_LINK) {
1386 kfree_skb(skb);
1387 return 0;
1388 }
1389
1390 if (skb->len < 1) {
1391 kfree_skb(skb);
1392 return -EILSEQ;
1393 }
1394
1395 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
1396 err = -EOPNOTSUPP;
1397 reason = SMP_PAIRING_NOTSUPP;
1398 goto done;
1399 }
1400
1401 code = skb->data[0];
1402 skb_pull(skb, sizeof(code));
1403
1404 /*
1405 * The SMP context must be initialized for all other PDUs except
1406 * pairing and security requests. If we get any other PDU when
1407 * not initialized simply disconnect (done if this function
1408 * returns an error).
1409 */
1410 if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ &&
1411 !test_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags)) {
1412 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code);
1413 kfree_skb(skb);
1414 return -EOPNOTSUPP;
1415 }
1416
1417 switch (code) {
1418 case SMP_CMD_PAIRING_REQ:
1419 reason = smp_cmd_pairing_req(conn, skb);
1420 break;
1421
1422 case SMP_CMD_PAIRING_FAIL:
1423 smp_failure(conn, 0);
1424 reason = 0;
1425 err = -EPERM;
1426 break;
1427
1428 case SMP_CMD_PAIRING_RSP:
1429 reason = smp_cmd_pairing_rsp(conn, skb);
1430 break;
1431
1432 case SMP_CMD_SECURITY_REQ:
1433 reason = smp_cmd_security_req(conn, skb);
1434 break;
1435
1436 case SMP_CMD_PAIRING_CONFIRM:
1437 reason = smp_cmd_pairing_confirm(conn, skb);
1438 break;
1439
1440 case SMP_CMD_PAIRING_RANDOM:
1441 reason = smp_cmd_pairing_random(conn, skb);
1442 break;
1443
1444 case SMP_CMD_ENCRYPT_INFO:
1445 reason = smp_cmd_encrypt_info(conn, skb);
1446 break;
1447
1448 case SMP_CMD_MASTER_IDENT:
1449 reason = smp_cmd_master_ident(conn, skb);
1450 break;
1451
1452 case SMP_CMD_IDENT_INFO:
1453 reason = smp_cmd_ident_info(conn, skb);
1454 break;
1455
1456 case SMP_CMD_IDENT_ADDR_INFO:
1457 reason = smp_cmd_ident_addr_info(conn, skb);
1458 break;
1459
1460 case SMP_CMD_SIGN_INFO:
1461 reason = smp_cmd_sign_info(conn, skb);
1462 break;
1463
1464 default:
1465 BT_DBG("Unknown command code 0x%2.2x", code);
1466
1467 reason = SMP_CMD_NOTSUPP;
1468 err = -EOPNOTSUPP;
1469 goto done;
1470 }
1471
1472 done:
1473 if (reason)
1474 smp_failure(conn, reason);
1475
1476 kfree_skb(skb);
1477 return err;
1478 }
1479
1480 static void smp_teardown_cb(struct l2cap_chan *chan, int err)
1481 {
1482 struct l2cap_conn *conn = chan->conn;
1483
1484 BT_DBG("chan %p", chan);
1485
1486 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags)) {
1487 cancel_delayed_work_sync(&conn->security_timer);
1488 smp_chan_destroy(conn);
1489 }
1490
1491 conn->smp = NULL;
1492 l2cap_chan_put(chan);
1493 }
1494
1495 static void smp_resume_cb(struct l2cap_chan *chan)
1496 {
1497 struct l2cap_conn *conn = chan->conn;
1498 struct hci_conn *hcon = conn->hcon;
1499
1500 BT_DBG("chan %p", chan);
1501
1502 if (test_bit(HCI_CONN_ENCRYPT, &hcon->flags))
1503 smp_distribute_keys(conn);
1504 cancel_delayed_work(&conn->security_timer);
1505 }
1506
1507 static void smp_ready_cb(struct l2cap_chan *chan)
1508 {
1509 struct l2cap_conn *conn = chan->conn;
1510
1511 BT_DBG("chan %p", chan);
1512
1513 conn->smp = chan;
1514 l2cap_chan_hold(chan);
1515 }
1516
1517 static struct sk_buff *smp_alloc_skb_cb(struct l2cap_chan *chan,
1518 unsigned long hdr_len,
1519 unsigned long len, int nb)
1520 {
1521 struct sk_buff *skb;
1522
1523 skb = bt_skb_alloc(hdr_len + len, GFP_KERNEL);
1524 if (!skb)
1525 return ERR_PTR(-ENOMEM);
1526
1527 skb->priority = HCI_PRIO_MAX;
1528 bt_cb(skb)->chan = chan;
1529
1530 return skb;
1531 }
1532
1533 static const struct l2cap_ops smp_chan_ops = {
1534 .name = "Security Manager",
1535 .ready = smp_ready_cb,
1536 .recv = smp_recv_cb,
1537 .alloc_skb = smp_alloc_skb_cb,
1538 .teardown = smp_teardown_cb,
1539 .resume = smp_resume_cb,
1540
1541 .new_connection = l2cap_chan_no_new_connection,
1542 .state_change = l2cap_chan_no_state_change,
1543 .close = l2cap_chan_no_close,
1544 .defer = l2cap_chan_no_defer,
1545 .suspend = l2cap_chan_no_suspend,
1546 .set_shutdown = l2cap_chan_no_set_shutdown,
1547 .get_sndtimeo = l2cap_chan_no_get_sndtimeo,
1548 .memcpy_fromiovec = l2cap_chan_no_memcpy_fromiovec,
1549 };
1550
1551 static inline struct l2cap_chan *smp_new_conn_cb(struct l2cap_chan *pchan)
1552 {
1553 struct l2cap_chan *chan;
1554
1555 BT_DBG("pchan %p", pchan);
1556
1557 chan = l2cap_chan_create();
1558 if (!chan)
1559 return NULL;
1560
1561 chan->chan_type = pchan->chan_type;
1562 chan->ops = &smp_chan_ops;
1563 chan->scid = pchan->scid;
1564 chan->dcid = chan->scid;
1565 chan->imtu = pchan->imtu;
1566 chan->omtu = pchan->omtu;
1567 chan->mode = pchan->mode;
1568
1569 BT_DBG("created chan %p", chan);
1570
1571 return chan;
1572 }
1573
1574 static const struct l2cap_ops smp_root_chan_ops = {
1575 .name = "Security Manager Root",
1576 .new_connection = smp_new_conn_cb,
1577
1578 /* None of these are implemented for the root channel */
1579 .close = l2cap_chan_no_close,
1580 .alloc_skb = l2cap_chan_no_alloc_skb,
1581 .recv = l2cap_chan_no_recv,
1582 .state_change = l2cap_chan_no_state_change,
1583 .teardown = l2cap_chan_no_teardown,
1584 .ready = l2cap_chan_no_ready,
1585 .defer = l2cap_chan_no_defer,
1586 .suspend = l2cap_chan_no_suspend,
1587 .resume = l2cap_chan_no_resume,
1588 .set_shutdown = l2cap_chan_no_set_shutdown,
1589 .get_sndtimeo = l2cap_chan_no_get_sndtimeo,
1590 .memcpy_fromiovec = l2cap_chan_no_memcpy_fromiovec,
1591 };
1592
1593 int smp_register(struct hci_dev *hdev)
1594 {
1595 struct l2cap_chan *chan;
1596 struct crypto_blkcipher *tfm_aes;
1597
1598 BT_DBG("%s", hdev->name);
1599
1600 tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
1601 if (IS_ERR(tfm_aes)) {
1602 int err = PTR_ERR(tfm_aes);
1603 BT_ERR("Unable to create crypto context");
1604 return err;
1605 }
1606
1607 chan = l2cap_chan_create();
1608 if (!chan) {
1609 crypto_free_blkcipher(tfm_aes);
1610 return -ENOMEM;
1611 }
1612
1613 chan->data = tfm_aes;
1614
1615 l2cap_add_scid(chan, L2CAP_CID_SMP);
1616
1617 l2cap_chan_set_defaults(chan);
1618
1619 bacpy(&chan->src, &hdev->bdaddr);
1620 chan->src_type = BDADDR_LE_PUBLIC;
1621 chan->state = BT_LISTEN;
1622 chan->mode = L2CAP_MODE_BASIC;
1623 chan->imtu = L2CAP_DEFAULT_MTU;
1624 chan->ops = &smp_root_chan_ops;
1625
1626 hdev->smp_data = chan;
1627
1628 return 0;
1629 }
1630
1631 void smp_unregister(struct hci_dev *hdev)
1632 {
1633 struct l2cap_chan *chan = hdev->smp_data;
1634 struct crypto_blkcipher *tfm_aes;
1635
1636 if (!chan)
1637 return;
1638
1639 BT_DBG("%s chan %p", hdev->name, chan);
1640
1641 tfm_aes = chan->data;
1642 if (tfm_aes) {
1643 chan->data = NULL;
1644 crypto_free_blkcipher(tfm_aes);
1645 }
1646
1647 hdev->smp_data = NULL;
1648 l2cap_chan_put(chan);
1649 }
Linux kernel - Deliverables
This page took 0.061748 seconds and 6 git commands to generate.