2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
34 #define SMP_TIMEOUT msecs_to_jiffies(30000)
36 #define AUTH_REQ_MASK 0x07
47 struct l2cap_conn
*conn
;
48 struct delayed_work security_timer
;
50 u8 preq
[7]; /* SMP Pairing Request */
51 u8 prsp
[7]; /* SMP Pairing Response */
52 u8 prnd
[16]; /* SMP Pairing Random (local) */
53 u8 rrnd
[16]; /* SMP Pairing Random (remote) */
54 u8 pcnf
[16]; /* SMP Pairing Confirm */
55 u8 tk
[16]; /* SMP Temporary Key */
61 struct smp_csrk
*csrk
;
62 struct smp_csrk
*slave_csrk
;
64 struct smp_ltk
*slave_ltk
;
65 struct smp_irk
*remote_irk
;
68 struct crypto_blkcipher
*tfm_aes
;
71 static inline void swap_buf(const u8
*src
, u8
*dst
, size_t len
)
75 for (i
= 0; i
< len
; i
++)
76 dst
[len
- 1 - i
] = src
[i
];
79 static int smp_e(struct crypto_blkcipher
*tfm
, const u8
*k
, u8
*r
)
81 struct blkcipher_desc desc
;
82 struct scatterlist sg
;
83 uint8_t tmp
[16], data
[16];
87 BT_ERR("tfm %p", tfm
);
94 /* The most significant octet of key corresponds to k[0] */
97 err
= crypto_blkcipher_setkey(tfm
, tmp
, 16);
99 BT_ERR("cipher setkey failed: %d", err
);
103 /* Most significant octet of plaintextData corresponds to data[0] */
104 swap_buf(r
, data
, 16);
106 sg_init_one(&sg
, data
, 16);
108 err
= crypto_blkcipher_encrypt(&desc
, &sg
, &sg
, 16);
110 BT_ERR("Encrypt data error %d", err
);
112 /* Most significant octet of encryptedData corresponds to data[0] */
113 swap_buf(data
, r
, 16);
118 static int smp_ah(struct crypto_blkcipher
*tfm
, u8 irk
[16], u8 r
[3], u8 res
[3])
123 /* r' = padding || r */
125 memset(_res
+ 3, 0, 13);
127 err
= smp_e(tfm
, irk
, _res
);
129 BT_ERR("Encrypt error");
133 /* The output of the random address function ah is:
134 * ah(h, r) = e(k, r') mod 2^24
135 * The output of the security function e is then truncated to 24 bits
136 * by taking the least significant 24 bits of the output of e as the
139 memcpy(res
, _res
, 3);
144 bool smp_irk_matches(struct hci_dev
*hdev
, u8 irk
[16], bdaddr_t
*bdaddr
)
146 struct l2cap_chan
*chan
= hdev
->smp_data
;
147 struct crypto_blkcipher
*tfm
;
151 if (!chan
|| !chan
->data
)
156 BT_DBG("RPA %pMR IRK %*phN", bdaddr
, 16, irk
);
158 err
= smp_ah(tfm
, irk
, &bdaddr
->b
[3], hash
);
162 return !memcmp(bdaddr
->b
, hash
, 3);
165 int smp_generate_rpa(struct hci_dev
*hdev
, u8 irk
[16], bdaddr_t
*rpa
)
167 struct l2cap_chan
*chan
= hdev
->smp_data
;
168 struct crypto_blkcipher
*tfm
;
171 if (!chan
|| !chan
->data
)
176 get_random_bytes(&rpa
->b
[3], 3);
178 rpa
->b
[5] &= 0x3f; /* Clear two most significant bits */
179 rpa
->b
[5] |= 0x40; /* Set second most significant bit */
181 err
= smp_ah(tfm
, irk
, &rpa
->b
[3], rpa
->b
);
185 BT_DBG("RPA %pMR", rpa
);
190 static int smp_c1(struct smp_chan
*smp
, u8 k
[16], u8 r
[16], u8 preq
[7],
191 u8 pres
[7], u8 _iat
, bdaddr_t
*ia
, u8 _rat
, bdaddr_t
*ra
,
194 struct hci_dev
*hdev
= smp
->conn
->hcon
->hdev
;
198 BT_DBG("%s", hdev
->name
);
202 /* p1 = pres || preq || _rat || _iat */
205 memcpy(p1
+ 2, preq
, 7);
206 memcpy(p1
+ 9, pres
, 7);
208 /* p2 = padding || ia || ra */
210 memcpy(p2
+ 6, ia
, 6);
211 memset(p2
+ 12, 0, 4);
214 u128_xor((u128
*) res
, (u128
*) r
, (u128
*) p1
);
216 /* res = e(k, res) */
217 err
= smp_e(smp
->tfm_aes
, k
, res
);
219 BT_ERR("Encrypt data error");
223 /* res = res XOR p2 */
224 u128_xor((u128
*) res
, (u128
*) res
, (u128
*) p2
);
226 /* res = e(k, res) */
227 err
= smp_e(smp
->tfm_aes
, k
, res
);
229 BT_ERR("Encrypt data error");
234 static int smp_s1(struct smp_chan
*smp
, u8 k
[16], u8 r1
[16], u8 r2
[16],
237 struct hci_dev
*hdev
= smp
->conn
->hcon
->hdev
;
240 BT_DBG("%s", hdev
->name
);
242 /* Just least significant octets from r1 and r2 are considered */
244 memcpy(_r
+ 8, r1
, 8);
246 err
= smp_e(smp
->tfm_aes
, k
, _r
);
248 BT_ERR("Encrypt data error");
253 static void smp_send_cmd(struct l2cap_conn
*conn
, u8 code
, u16 len
, void *data
)
255 struct l2cap_chan
*chan
= conn
->smp
;
256 struct smp_chan
*smp
;
263 BT_DBG("code 0x%2.2x", code
);
265 iv
[0].iov_base
= &code
;
268 iv
[1].iov_base
= data
;
271 memset(&msg
, 0, sizeof(msg
));
273 msg
.msg_iov
= (struct iovec
*) &iv
;
276 l2cap_chan_send(chan
, &msg
, 1 + len
);
283 cancel_delayed_work_sync(&smp
->security_timer
);
284 schedule_delayed_work(&smp
->security_timer
, SMP_TIMEOUT
);
287 static __u8
authreq_to_seclevel(__u8 authreq
)
289 if (authreq
& SMP_AUTH_MITM
)
290 return BT_SECURITY_HIGH
;
292 return BT_SECURITY_MEDIUM
;
295 static __u8
seclevel_to_authreq(__u8 sec_level
)
298 case BT_SECURITY_HIGH
:
299 return SMP_AUTH_MITM
| SMP_AUTH_BONDING
;
300 case BT_SECURITY_MEDIUM
:
301 return SMP_AUTH_BONDING
;
303 return SMP_AUTH_NONE
;
307 static void build_pairing_cmd(struct l2cap_conn
*conn
,
308 struct smp_cmd_pairing
*req
,
309 struct smp_cmd_pairing
*rsp
, __u8 authreq
)
311 struct l2cap_chan
*chan
= conn
->smp
;
312 struct smp_chan
*smp
= chan
->data
;
313 struct hci_conn
*hcon
= conn
->hcon
;
314 struct hci_dev
*hdev
= hcon
->hdev
;
315 u8 local_dist
= 0, remote_dist
= 0;
317 if (test_bit(HCI_BONDABLE
, &conn
->hcon
->hdev
->dev_flags
)) {
318 local_dist
= SMP_DIST_ENC_KEY
| SMP_DIST_SIGN
;
319 remote_dist
= SMP_DIST_ENC_KEY
| SMP_DIST_SIGN
;
320 authreq
|= SMP_AUTH_BONDING
;
322 authreq
&= ~SMP_AUTH_BONDING
;
325 if (test_bit(HCI_RPA_RESOLVING
, &hdev
->dev_flags
))
326 remote_dist
|= SMP_DIST_ID_KEY
;
328 if (test_bit(HCI_PRIVACY
, &hdev
->dev_flags
))
329 local_dist
|= SMP_DIST_ID_KEY
;
332 req
->io_capability
= conn
->hcon
->io_capability
;
333 req
->oob_flag
= SMP_OOB_NOT_PRESENT
;
334 req
->max_key_size
= SMP_MAX_ENC_KEY_SIZE
;
335 req
->init_key_dist
= local_dist
;
336 req
->resp_key_dist
= remote_dist
;
337 req
->auth_req
= (authreq
& AUTH_REQ_MASK
);
339 smp
->remote_key_dist
= remote_dist
;
343 rsp
->io_capability
= conn
->hcon
->io_capability
;
344 rsp
->oob_flag
= SMP_OOB_NOT_PRESENT
;
345 rsp
->max_key_size
= SMP_MAX_ENC_KEY_SIZE
;
346 rsp
->init_key_dist
= req
->init_key_dist
& remote_dist
;
347 rsp
->resp_key_dist
= req
->resp_key_dist
& local_dist
;
348 rsp
->auth_req
= (authreq
& AUTH_REQ_MASK
);
350 smp
->remote_key_dist
= rsp
->init_key_dist
;
353 static u8
check_enc_key_size(struct l2cap_conn
*conn
, __u8 max_key_size
)
355 struct l2cap_chan
*chan
= conn
->smp
;
356 struct smp_chan
*smp
= chan
->data
;
358 if ((max_key_size
> SMP_MAX_ENC_KEY_SIZE
) ||
359 (max_key_size
< SMP_MIN_ENC_KEY_SIZE
))
360 return SMP_ENC_KEY_SIZE
;
362 smp
->enc_key_size
= max_key_size
;
367 static void smp_chan_destroy(struct l2cap_conn
*conn
)
369 struct l2cap_chan
*chan
= conn
->smp
;
370 struct smp_chan
*smp
= chan
->data
;
375 cancel_delayed_work_sync(&smp
->security_timer
);
377 complete
= test_bit(SMP_FLAG_COMPLETE
, &smp
->flags
);
378 mgmt_smp_complete(conn
->hcon
, complete
);
381 kfree(smp
->slave_csrk
);
383 crypto_free_blkcipher(smp
->tfm_aes
);
385 /* If pairing failed clean up any keys we might have */
388 list_del(&smp
->ltk
->list
);
392 if (smp
->slave_ltk
) {
393 list_del(&smp
->slave_ltk
->list
);
394 kfree(smp
->slave_ltk
);
397 if (smp
->remote_irk
) {
398 list_del(&smp
->remote_irk
->list
);
399 kfree(smp
->remote_irk
);
405 hci_conn_drop(conn
->hcon
);
408 static void smp_failure(struct l2cap_conn
*conn
, u8 reason
)
410 struct hci_conn
*hcon
= conn
->hcon
;
411 struct l2cap_chan
*chan
= conn
->smp
;
414 smp_send_cmd(conn
, SMP_CMD_PAIRING_FAIL
, sizeof(reason
),
417 clear_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
);
418 mgmt_auth_failed(hcon
->hdev
, &hcon
->dst
, hcon
->type
, hcon
->dst_type
,
419 HCI_ERROR_AUTH_FAILURE
);
422 smp_chan_destroy(conn
);
425 #define JUST_WORKS 0x00
426 #define JUST_CFM 0x01
427 #define REQ_PASSKEY 0x02
428 #define CFM_PASSKEY 0x03
432 static const u8 gen_method
[5][5] = {
433 { JUST_WORKS
, JUST_CFM
, REQ_PASSKEY
, JUST_WORKS
, REQ_PASSKEY
},
434 { JUST_WORKS
, JUST_CFM
, REQ_PASSKEY
, JUST_WORKS
, REQ_PASSKEY
},
435 { CFM_PASSKEY
, CFM_PASSKEY
, REQ_PASSKEY
, JUST_WORKS
, CFM_PASSKEY
},
436 { JUST_WORKS
, JUST_CFM
, JUST_WORKS
, JUST_WORKS
, JUST_CFM
},
437 { CFM_PASSKEY
, CFM_PASSKEY
, REQ_PASSKEY
, JUST_WORKS
, OVERLAP
},
440 static u8
get_auth_method(struct smp_chan
*smp
, u8 local_io
, u8 remote_io
)
442 /* If either side has unknown io_caps, use JUST_CFM (which gets
443 * converted later to JUST_WORKS if we're initiators.
445 if (local_io
> SMP_IO_KEYBOARD_DISPLAY
||
446 remote_io
> SMP_IO_KEYBOARD_DISPLAY
)
449 return gen_method
[remote_io
][local_io
];
452 static int tk_request(struct l2cap_conn
*conn
, u8 remote_oob
, u8 auth
,
453 u8 local_io
, u8 remote_io
)
455 struct hci_conn
*hcon
= conn
->hcon
;
456 struct l2cap_chan
*chan
= conn
->smp
;
457 struct smp_chan
*smp
= chan
->data
;
462 /* Initialize key for JUST WORKS */
463 memset(smp
->tk
, 0, sizeof(smp
->tk
));
464 clear_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
466 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth
, local_io
, remote_io
);
468 /* If neither side wants MITM, either "just" confirm an incoming
469 * request or use just-works for outgoing ones. The JUST_CFM
470 * will be converted to JUST_WORKS if necessary later in this
471 * function. If either side has MITM look up the method from the
474 if (!(auth
& SMP_AUTH_MITM
))
477 method
= get_auth_method(smp
, local_io
, remote_io
);
479 /* Don't confirm locally initiated pairing attempts */
480 if (method
== JUST_CFM
&& test_bit(SMP_FLAG_INITIATOR
, &smp
->flags
))
483 /* Don't bother user space with no IO capabilities */
484 if (method
== JUST_CFM
&& hcon
->io_capability
== HCI_IO_NO_INPUT_OUTPUT
)
487 /* If Just Works, Continue with Zero TK */
488 if (method
== JUST_WORKS
) {
489 set_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
493 /* Not Just Works/Confirm results in MITM Authentication */
494 if (method
!= JUST_CFM
)
495 set_bit(SMP_FLAG_MITM_AUTH
, &smp
->flags
);
497 /* If both devices have Keyoard-Display I/O, the master
498 * Confirms and the slave Enters the passkey.
500 if (method
== OVERLAP
) {
501 if (hcon
->role
== HCI_ROLE_MASTER
)
502 method
= CFM_PASSKEY
;
504 method
= REQ_PASSKEY
;
507 /* Generate random passkey. */
508 if (method
== CFM_PASSKEY
) {
509 memset(smp
->tk
, 0, sizeof(smp
->tk
));
510 get_random_bytes(&passkey
, sizeof(passkey
));
512 put_unaligned_le32(passkey
, smp
->tk
);
513 BT_DBG("PassKey: %d", passkey
);
514 set_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
517 hci_dev_lock(hcon
->hdev
);
519 if (method
== REQ_PASSKEY
)
520 ret
= mgmt_user_passkey_request(hcon
->hdev
, &hcon
->dst
,
521 hcon
->type
, hcon
->dst_type
);
522 else if (method
== JUST_CFM
)
523 ret
= mgmt_user_confirm_request(hcon
->hdev
, &hcon
->dst
,
524 hcon
->type
, hcon
->dst_type
,
527 ret
= mgmt_user_passkey_notify(hcon
->hdev
, &hcon
->dst
,
528 hcon
->type
, hcon
->dst_type
,
531 hci_dev_unlock(hcon
->hdev
);
536 static u8
smp_confirm(struct smp_chan
*smp
)
538 struct l2cap_conn
*conn
= smp
->conn
;
539 struct smp_cmd_pairing_confirm cp
;
542 BT_DBG("conn %p", conn
);
544 ret
= smp_c1(smp
, smp
->tk
, smp
->prnd
, smp
->preq
, smp
->prsp
,
545 conn
->hcon
->init_addr_type
, &conn
->hcon
->init_addr
,
546 conn
->hcon
->resp_addr_type
, &conn
->hcon
->resp_addr
,
549 return SMP_UNSPECIFIED
;
551 clear_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
);
553 smp_send_cmd(smp
->conn
, SMP_CMD_PAIRING_CONFIRM
, sizeof(cp
), &cp
);
558 static u8
smp_random(struct smp_chan
*smp
)
560 struct l2cap_conn
*conn
= smp
->conn
;
561 struct hci_conn
*hcon
= conn
->hcon
;
565 if (IS_ERR_OR_NULL(smp
->tfm_aes
))
566 return SMP_UNSPECIFIED
;
568 BT_DBG("conn %p %s", conn
, conn
->hcon
->out
? "master" : "slave");
570 ret
= smp_c1(smp
, smp
->tk
, smp
->rrnd
, smp
->preq
, smp
->prsp
,
571 hcon
->init_addr_type
, &hcon
->init_addr
,
572 hcon
->resp_addr_type
, &hcon
->resp_addr
, confirm
);
574 return SMP_UNSPECIFIED
;
576 if (memcmp(smp
->pcnf
, confirm
, sizeof(smp
->pcnf
)) != 0) {
577 BT_ERR("Pairing failed (confirmation values mismatch)");
578 return SMP_CONFIRM_FAILED
;
586 smp_s1(smp
, smp
->tk
, smp
->rrnd
, smp
->prnd
, stk
);
588 memset(stk
+ smp
->enc_key_size
, 0,
589 SMP_MAX_ENC_KEY_SIZE
- smp
->enc_key_size
);
591 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
))
592 return SMP_UNSPECIFIED
;
594 hci_le_start_enc(hcon
, ediv
, rand
, stk
);
595 hcon
->enc_key_size
= smp
->enc_key_size
;
596 set_bit(HCI_CONN_STK_ENCRYPT
, &hcon
->flags
);
602 smp_send_cmd(conn
, SMP_CMD_PAIRING_RANDOM
, sizeof(smp
->prnd
),
605 smp_s1(smp
, smp
->tk
, smp
->prnd
, smp
->rrnd
, stk
);
607 memset(stk
+ smp
->enc_key_size
, 0,
608 SMP_MAX_ENC_KEY_SIZE
- smp
->enc_key_size
);
610 if (hcon
->pending_sec_level
== BT_SECURITY_HIGH
)
615 /* Even though there's no _SLAVE suffix this is the
616 * slave STK we're adding for later lookup (the master
617 * STK never needs to be stored).
619 hci_add_ltk(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
620 SMP_STK
, auth
, stk
, smp
->enc_key_size
, ediv
, rand
);
626 static void smp_notify_keys(struct l2cap_conn
*conn
)
628 struct l2cap_chan
*chan
= conn
->smp
;
629 struct smp_chan
*smp
= chan
->data
;
630 struct hci_conn
*hcon
= conn
->hcon
;
631 struct hci_dev
*hdev
= hcon
->hdev
;
632 struct smp_cmd_pairing
*req
= (void *) &smp
->preq
[1];
633 struct smp_cmd_pairing
*rsp
= (void *) &smp
->prsp
[1];
636 if (smp
->remote_irk
) {
637 mgmt_new_irk(hdev
, smp
->remote_irk
);
638 /* Now that user space can be considered to know the
639 * identity address track the connection based on it
642 bacpy(&hcon
->dst
, &smp
->remote_irk
->bdaddr
);
643 hcon
->dst_type
= smp
->remote_irk
->addr_type
;
644 queue_work(hdev
->workqueue
, &conn
->id_addr_update_work
);
646 /* When receiving an indentity resolving key for
647 * a remote device that does not use a resolvable
648 * private address, just remove the key so that
649 * it is possible to use the controller white
652 * Userspace will have been told to not store
653 * this key at this point. So it is safe to
656 if (!bacmp(&smp
->remote_irk
->rpa
, BDADDR_ANY
)) {
657 list_del(&smp
->remote_irk
->list
);
658 kfree(smp
->remote_irk
);
659 smp
->remote_irk
= NULL
;
663 /* The LTKs and CSRKs should be persistent only if both sides
664 * had the bonding bit set in their authentication requests.
666 persistent
= !!((req
->auth_req
& rsp
->auth_req
) & SMP_AUTH_BONDING
);
669 smp
->csrk
->bdaddr_type
= hcon
->dst_type
;
670 bacpy(&smp
->csrk
->bdaddr
, &hcon
->dst
);
671 mgmt_new_csrk(hdev
, smp
->csrk
, persistent
);
674 if (smp
->slave_csrk
) {
675 smp
->slave_csrk
->bdaddr_type
= hcon
->dst_type
;
676 bacpy(&smp
->slave_csrk
->bdaddr
, &hcon
->dst
);
677 mgmt_new_csrk(hdev
, smp
->slave_csrk
, persistent
);
681 smp
->ltk
->bdaddr_type
= hcon
->dst_type
;
682 bacpy(&smp
->ltk
->bdaddr
, &hcon
->dst
);
683 mgmt_new_ltk(hdev
, smp
->ltk
, persistent
);
686 if (smp
->slave_ltk
) {
687 smp
->slave_ltk
->bdaddr_type
= hcon
->dst_type
;
688 bacpy(&smp
->slave_ltk
->bdaddr
, &hcon
->dst
);
689 mgmt_new_ltk(hdev
, smp
->slave_ltk
, persistent
);
693 static void smp_distribute_keys(struct smp_chan
*smp
)
695 struct smp_cmd_pairing
*req
, *rsp
;
696 struct l2cap_conn
*conn
= smp
->conn
;
697 struct hci_conn
*hcon
= conn
->hcon
;
698 struct hci_dev
*hdev
= hcon
->hdev
;
701 BT_DBG("conn %p", conn
);
703 rsp
= (void *) &smp
->prsp
[1];
705 /* The responder sends its keys first */
706 if (hcon
->out
&& (smp
->remote_key_dist
& 0x07))
709 req
= (void *) &smp
->preq
[1];
712 keydist
= &rsp
->init_key_dist
;
713 *keydist
&= req
->init_key_dist
;
715 keydist
= &rsp
->resp_key_dist
;
716 *keydist
&= req
->resp_key_dist
;
719 BT_DBG("keydist 0x%x", *keydist
);
721 if (*keydist
& SMP_DIST_ENC_KEY
) {
722 struct smp_cmd_encrypt_info enc
;
723 struct smp_cmd_master_ident ident
;
729 get_random_bytes(enc
.ltk
, sizeof(enc
.ltk
));
730 get_random_bytes(&ediv
, sizeof(ediv
));
731 get_random_bytes(&rand
, sizeof(rand
));
733 smp_send_cmd(conn
, SMP_CMD_ENCRYPT_INFO
, sizeof(enc
), &enc
);
735 authenticated
= hcon
->sec_level
== BT_SECURITY_HIGH
;
736 ltk
= hci_add_ltk(hdev
, &hcon
->dst
, hcon
->dst_type
,
737 SMP_LTK_SLAVE
, authenticated
, enc
.ltk
,
738 smp
->enc_key_size
, ediv
, rand
);
739 smp
->slave_ltk
= ltk
;
744 smp_send_cmd(conn
, SMP_CMD_MASTER_IDENT
, sizeof(ident
), &ident
);
746 *keydist
&= ~SMP_DIST_ENC_KEY
;
749 if (*keydist
& SMP_DIST_ID_KEY
) {
750 struct smp_cmd_ident_addr_info addrinfo
;
751 struct smp_cmd_ident_info idinfo
;
753 memcpy(idinfo
.irk
, hdev
->irk
, sizeof(idinfo
.irk
));
755 smp_send_cmd(conn
, SMP_CMD_IDENT_INFO
, sizeof(idinfo
), &idinfo
);
757 /* The hci_conn contains the local identity address
758 * after the connection has been established.
760 * This is true even when the connection has been
761 * established using a resolvable random address.
763 bacpy(&addrinfo
.bdaddr
, &hcon
->src
);
764 addrinfo
.addr_type
= hcon
->src_type
;
766 smp_send_cmd(conn
, SMP_CMD_IDENT_ADDR_INFO
, sizeof(addrinfo
),
769 *keydist
&= ~SMP_DIST_ID_KEY
;
772 if (*keydist
& SMP_DIST_SIGN
) {
773 struct smp_cmd_sign_info sign
;
774 struct smp_csrk
*csrk
;
776 /* Generate a new random key */
777 get_random_bytes(sign
.csrk
, sizeof(sign
.csrk
));
779 csrk
= kzalloc(sizeof(*csrk
), GFP_KERNEL
);
782 memcpy(csrk
->val
, sign
.csrk
, sizeof(csrk
->val
));
784 smp
->slave_csrk
= csrk
;
786 smp_send_cmd(conn
, SMP_CMD_SIGN_INFO
, sizeof(sign
), &sign
);
788 *keydist
&= ~SMP_DIST_SIGN
;
791 /* If there are still keys to be received wait for them */
792 if ((smp
->remote_key_dist
& 0x07))
795 set_bit(SMP_FLAG_COMPLETE
, &smp
->flags
);
796 smp_notify_keys(conn
);
798 smp_chan_destroy(conn
);
801 static void smp_timeout(struct work_struct
*work
)
803 struct smp_chan
*smp
= container_of(work
, struct smp_chan
,
804 security_timer
.work
);
805 struct l2cap_conn
*conn
= smp
->conn
;
807 BT_DBG("conn %p", conn
);
809 hci_disconnect(conn
->hcon
, HCI_ERROR_REMOTE_USER_TERM
);
812 static struct smp_chan
*smp_chan_create(struct l2cap_conn
*conn
)
814 struct l2cap_chan
*chan
= conn
->smp
;
815 struct smp_chan
*smp
;
817 smp
= kzalloc(sizeof(*smp
), GFP_ATOMIC
);
821 smp
->tfm_aes
= crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC
);
822 if (IS_ERR(smp
->tfm_aes
)) {
823 BT_ERR("Unable to create ECB crypto context");
831 INIT_DELAYED_WORK(&smp
->security_timer
, smp_timeout
);
833 hci_conn_hold(conn
->hcon
);
838 int smp_user_confirm_reply(struct hci_conn
*hcon
, u16 mgmt_op
, __le32 passkey
)
840 struct l2cap_conn
*conn
= hcon
->l2cap_data
;
841 struct l2cap_chan
*chan
;
842 struct smp_chan
*smp
;
855 l2cap_chan_lock(chan
);
864 case MGMT_OP_USER_PASSKEY_REPLY
:
865 value
= le32_to_cpu(passkey
);
866 memset(smp
->tk
, 0, sizeof(smp
->tk
));
867 BT_DBG("PassKey: %d", value
);
868 put_unaligned_le32(value
, smp
->tk
);
870 case MGMT_OP_USER_CONFIRM_REPLY
:
871 set_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
873 case MGMT_OP_USER_PASSKEY_NEG_REPLY
:
874 case MGMT_OP_USER_CONFIRM_NEG_REPLY
:
875 smp_failure(conn
, SMP_PASSKEY_ENTRY_FAILED
);
879 smp_failure(conn
, SMP_PASSKEY_ENTRY_FAILED
);
886 /* If it is our turn to send Pairing Confirm, do so now */
887 if (test_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
)) {
888 u8 rsp
= smp_confirm(smp
);
890 smp_failure(conn
, rsp
);
894 l2cap_chan_unlock(chan
);
898 static u8
smp_cmd_pairing_req(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
900 struct smp_cmd_pairing rsp
, *req
= (void *) skb
->data
;
901 struct l2cap_chan
*chan
= conn
->smp
;
902 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
903 struct smp_chan
*smp
;
904 u8 key_size
, auth
, sec_level
;
907 BT_DBG("conn %p", conn
);
909 if (skb
->len
< sizeof(*req
))
910 return SMP_INVALID_PARAMS
;
912 if (conn
->hcon
->role
!= HCI_ROLE_SLAVE
)
913 return SMP_CMD_NOTSUPP
;
916 smp
= smp_chan_create(conn
);
921 return SMP_UNSPECIFIED
;
923 if (!test_bit(HCI_BONDABLE
, &hdev
->dev_flags
) &&
924 (req
->auth_req
& SMP_AUTH_BONDING
))
925 return SMP_PAIRING_NOTSUPP
;
927 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
928 memcpy(&smp
->preq
[1], req
, sizeof(*req
));
929 skb_pull(skb
, sizeof(*req
));
931 /* We didn't start the pairing, so match remote */
932 auth
= req
->auth_req
;
934 sec_level
= authreq_to_seclevel(auth
);
935 if (sec_level
> conn
->hcon
->pending_sec_level
)
936 conn
->hcon
->pending_sec_level
= sec_level
;
938 /* If we need MITM check that it can be acheived */
939 if (conn
->hcon
->pending_sec_level
>= BT_SECURITY_HIGH
) {
942 method
= get_auth_method(smp
, conn
->hcon
->io_capability
,
944 if (method
== JUST_WORKS
|| method
== JUST_CFM
)
945 return SMP_AUTH_REQUIREMENTS
;
948 build_pairing_cmd(conn
, req
, &rsp
, auth
);
950 key_size
= min(req
->max_key_size
, rsp
.max_key_size
);
951 if (check_enc_key_size(conn
, key_size
))
952 return SMP_ENC_KEY_SIZE
;
954 get_random_bytes(smp
->prnd
, sizeof(smp
->prnd
));
956 smp
->prsp
[0] = SMP_CMD_PAIRING_RSP
;
957 memcpy(&smp
->prsp
[1], &rsp
, sizeof(rsp
));
959 smp_send_cmd(conn
, SMP_CMD_PAIRING_RSP
, sizeof(rsp
), &rsp
);
961 /* Request setup of TK */
962 ret
= tk_request(conn
, 0, auth
, rsp
.io_capability
, req
->io_capability
);
964 return SMP_UNSPECIFIED
;
969 static u8
smp_cmd_pairing_rsp(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
971 struct smp_cmd_pairing
*req
, *rsp
= (void *) skb
->data
;
972 struct l2cap_chan
*chan
= conn
->smp
;
973 struct smp_chan
*smp
= chan
->data
;
974 u8 key_size
, auth
= SMP_AUTH_NONE
;
977 BT_DBG("conn %p", conn
);
979 if (skb
->len
< sizeof(*rsp
))
980 return SMP_INVALID_PARAMS
;
982 if (conn
->hcon
->role
!= HCI_ROLE_MASTER
)
983 return SMP_CMD_NOTSUPP
;
985 skb_pull(skb
, sizeof(*rsp
));
987 req
= (void *) &smp
->preq
[1];
989 key_size
= min(req
->max_key_size
, rsp
->max_key_size
);
990 if (check_enc_key_size(conn
, key_size
))
991 return SMP_ENC_KEY_SIZE
;
993 /* If we need MITM check that it can be acheived */
994 if (conn
->hcon
->pending_sec_level
>= BT_SECURITY_HIGH
) {
997 method
= get_auth_method(smp
, req
->io_capability
,
999 if (method
== JUST_WORKS
|| method
== JUST_CFM
)
1000 return SMP_AUTH_REQUIREMENTS
;
1003 get_random_bytes(smp
->prnd
, sizeof(smp
->prnd
));
1005 smp
->prsp
[0] = SMP_CMD_PAIRING_RSP
;
1006 memcpy(&smp
->prsp
[1], rsp
, sizeof(*rsp
));
1008 /* Update remote key distribution in case the remote cleared
1009 * some bits that we had enabled in our request.
1011 smp
->remote_key_dist
&= rsp
->resp_key_dist
;
1013 if ((req
->auth_req
& SMP_AUTH_BONDING
) &&
1014 (rsp
->auth_req
& SMP_AUTH_BONDING
))
1015 auth
= SMP_AUTH_BONDING
;
1017 auth
|= (req
->auth_req
| rsp
->auth_req
) & SMP_AUTH_MITM
;
1019 ret
= tk_request(conn
, 0, auth
, req
->io_capability
, rsp
->io_capability
);
1021 return SMP_UNSPECIFIED
;
1023 set_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
);
1025 /* Can't compose response until we have been confirmed */
1026 if (test_bit(SMP_FLAG_TK_VALID
, &smp
->flags
))
1027 return smp_confirm(smp
);
1032 static u8
smp_cmd_pairing_confirm(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1034 struct l2cap_chan
*chan
= conn
->smp
;
1035 struct smp_chan
*smp
= chan
->data
;
1037 BT_DBG("conn %p %s", conn
, conn
->hcon
->out
? "master" : "slave");
1039 if (skb
->len
< sizeof(smp
->pcnf
))
1040 return SMP_INVALID_PARAMS
;
1042 memcpy(smp
->pcnf
, skb
->data
, sizeof(smp
->pcnf
));
1043 skb_pull(skb
, sizeof(smp
->pcnf
));
1045 if (conn
->hcon
->out
)
1046 smp_send_cmd(conn
, SMP_CMD_PAIRING_RANDOM
, sizeof(smp
->prnd
),
1048 else if (test_bit(SMP_FLAG_TK_VALID
, &smp
->flags
))
1049 return smp_confirm(smp
);
1051 set_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
);
1056 static u8
smp_cmd_pairing_random(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1058 struct l2cap_chan
*chan
= conn
->smp
;
1059 struct smp_chan
*smp
= chan
->data
;
1061 BT_DBG("conn %p", conn
);
1063 if (skb
->len
< sizeof(smp
->rrnd
))
1064 return SMP_INVALID_PARAMS
;
1066 memcpy(smp
->rrnd
, skb
->data
, sizeof(smp
->rrnd
));
1067 skb_pull(skb
, sizeof(smp
->rrnd
));
1069 return smp_random(smp
);
1072 static bool smp_ltk_encrypt(struct l2cap_conn
*conn
, u8 sec_level
)
1074 struct smp_ltk
*key
;
1075 struct hci_conn
*hcon
= conn
->hcon
;
1077 key
= hci_find_ltk_by_addr(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
1082 if (sec_level
> BT_SECURITY_MEDIUM
&& !key
->authenticated
)
1085 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
))
1088 hci_le_start_enc(hcon
, key
->ediv
, key
->rand
, key
->val
);
1089 hcon
->enc_key_size
= key
->enc_size
;
1091 /* We never store STKs for master role, so clear this flag */
1092 clear_bit(HCI_CONN_STK_ENCRYPT
, &hcon
->flags
);
1097 bool smp_sufficient_security(struct hci_conn
*hcon
, u8 sec_level
)
1099 if (sec_level
== BT_SECURITY_LOW
)
1102 /* If we're encrypted with an STK always claim insufficient
1103 * security. This way we allow the connection to be re-encrypted
1104 * with an LTK, even if the LTK provides the same level of
1105 * security. Only exception is if we don't have an LTK (e.g.
1106 * because of key distribution bits).
1108 if (test_bit(HCI_CONN_STK_ENCRYPT
, &hcon
->flags
) &&
1109 hci_find_ltk_by_addr(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
1113 if (hcon
->sec_level
>= sec_level
)
1119 static u8
smp_cmd_security_req(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1121 struct smp_cmd_security_req
*rp
= (void *) skb
->data
;
1122 struct smp_cmd_pairing cp
;
1123 struct hci_conn
*hcon
= conn
->hcon
;
1124 struct l2cap_chan
*chan
= conn
->smp
;
1125 struct smp_chan
*smp
;
1128 BT_DBG("conn %p", conn
);
1130 if (skb
->len
< sizeof(*rp
))
1131 return SMP_INVALID_PARAMS
;
1133 if (hcon
->role
!= HCI_ROLE_MASTER
)
1134 return SMP_CMD_NOTSUPP
;
1136 sec_level
= authreq_to_seclevel(rp
->auth_req
);
1137 if (smp_sufficient_security(hcon
, sec_level
))
1140 if (sec_level
> hcon
->pending_sec_level
)
1141 hcon
->pending_sec_level
= sec_level
;
1143 if (smp_ltk_encrypt(conn
, hcon
->pending_sec_level
))
1146 /* If SMP is already in progress ignore this request */
1150 smp
= smp_chan_create(conn
);
1152 return SMP_UNSPECIFIED
;
1154 if (!test_bit(HCI_BONDABLE
, &hcon
->hdev
->dev_flags
) &&
1155 (rp
->auth_req
& SMP_AUTH_BONDING
))
1156 return SMP_PAIRING_NOTSUPP
;
1158 skb_pull(skb
, sizeof(*rp
));
1160 memset(&cp
, 0, sizeof(cp
));
1161 build_pairing_cmd(conn
, &cp
, NULL
, rp
->auth_req
);
1163 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
1164 memcpy(&smp
->preq
[1], &cp
, sizeof(cp
));
1166 smp_send_cmd(conn
, SMP_CMD_PAIRING_REQ
, sizeof(cp
), &cp
);
1171 int smp_conn_security(struct hci_conn
*hcon
, __u8 sec_level
)
1173 struct l2cap_conn
*conn
= hcon
->l2cap_data
;
1174 struct l2cap_chan
*chan
= conn
->smp
;
1175 struct smp_chan
*smp
;
1179 BT_DBG("conn %p hcon %p level 0x%2.2x", conn
, hcon
, sec_level
);
1181 /* This may be NULL if there's an unexpected disconnection */
1185 if (!test_bit(HCI_LE_ENABLED
, &hcon
->hdev
->dev_flags
))
1188 if (smp_sufficient_security(hcon
, sec_level
))
1191 if (sec_level
> hcon
->pending_sec_level
)
1192 hcon
->pending_sec_level
= sec_level
;
1194 if (hcon
->role
== HCI_ROLE_MASTER
)
1195 if (smp_ltk_encrypt(conn
, hcon
->pending_sec_level
))
1198 l2cap_chan_lock(chan
);
1200 /* If SMP is already in progress ignore this request */
1206 smp
= smp_chan_create(conn
);
1212 authreq
= seclevel_to_authreq(sec_level
);
1214 /* Require MITM if IO Capability allows or the security level
1217 if (hcon
->io_capability
!= HCI_IO_NO_INPUT_OUTPUT
||
1218 hcon
->pending_sec_level
> BT_SECURITY_MEDIUM
)
1219 authreq
|= SMP_AUTH_MITM
;
1221 if (hcon
->role
== HCI_ROLE_MASTER
) {
1222 struct smp_cmd_pairing cp
;
1224 build_pairing_cmd(conn
, &cp
, NULL
, authreq
);
1225 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
1226 memcpy(&smp
->preq
[1], &cp
, sizeof(cp
));
1228 smp_send_cmd(conn
, SMP_CMD_PAIRING_REQ
, sizeof(cp
), &cp
);
1230 struct smp_cmd_security_req cp
;
1231 cp
.auth_req
= authreq
;
1232 smp_send_cmd(conn
, SMP_CMD_SECURITY_REQ
, sizeof(cp
), &cp
);
1235 set_bit(SMP_FLAG_INITIATOR
, &smp
->flags
);
1239 l2cap_chan_unlock(chan
);
1243 static int smp_cmd_encrypt_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1245 struct smp_cmd_encrypt_info
*rp
= (void *) skb
->data
;
1246 struct l2cap_chan
*chan
= conn
->smp
;
1247 struct smp_chan
*smp
= chan
->data
;
1249 BT_DBG("conn %p", conn
);
1251 if (skb
->len
< sizeof(*rp
))
1252 return SMP_INVALID_PARAMS
;
1254 /* Ignore this PDU if it wasn't requested */
1255 if (!(smp
->remote_key_dist
& SMP_DIST_ENC_KEY
))
1258 skb_pull(skb
, sizeof(*rp
));
1260 memcpy(smp
->tk
, rp
->ltk
, sizeof(smp
->tk
));
1265 static int smp_cmd_master_ident(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1267 struct smp_cmd_master_ident
*rp
= (void *) skb
->data
;
1268 struct l2cap_chan
*chan
= conn
->smp
;
1269 struct smp_chan
*smp
= chan
->data
;
1270 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
1271 struct hci_conn
*hcon
= conn
->hcon
;
1272 struct smp_ltk
*ltk
;
1275 BT_DBG("conn %p", conn
);
1277 if (skb
->len
< sizeof(*rp
))
1278 return SMP_INVALID_PARAMS
;
1280 /* Ignore this PDU if it wasn't requested */
1281 if (!(smp
->remote_key_dist
& SMP_DIST_ENC_KEY
))
1284 /* Mark the information as received */
1285 smp
->remote_key_dist
&= ~SMP_DIST_ENC_KEY
;
1287 skb_pull(skb
, sizeof(*rp
));
1290 authenticated
= (hcon
->sec_level
== BT_SECURITY_HIGH
);
1291 ltk
= hci_add_ltk(hdev
, &hcon
->dst
, hcon
->dst_type
, SMP_LTK
,
1292 authenticated
, smp
->tk
, smp
->enc_key_size
,
1293 rp
->ediv
, rp
->rand
);
1295 if (!(smp
->remote_key_dist
& SMP_DIST_ID_KEY
))
1296 smp_distribute_keys(smp
);
1297 hci_dev_unlock(hdev
);
1302 static int smp_cmd_ident_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1304 struct smp_cmd_ident_info
*info
= (void *) skb
->data
;
1305 struct l2cap_chan
*chan
= conn
->smp
;
1306 struct smp_chan
*smp
= chan
->data
;
1310 if (skb
->len
< sizeof(*info
))
1311 return SMP_INVALID_PARAMS
;
1313 /* Ignore this PDU if it wasn't requested */
1314 if (!(smp
->remote_key_dist
& SMP_DIST_ID_KEY
))
1317 skb_pull(skb
, sizeof(*info
));
1319 memcpy(smp
->irk
, info
->irk
, 16);
1324 static int smp_cmd_ident_addr_info(struct l2cap_conn
*conn
,
1325 struct sk_buff
*skb
)
1327 struct smp_cmd_ident_addr_info
*info
= (void *) skb
->data
;
1328 struct l2cap_chan
*chan
= conn
->smp
;
1329 struct smp_chan
*smp
= chan
->data
;
1330 struct hci_conn
*hcon
= conn
->hcon
;
1335 if (skb
->len
< sizeof(*info
))
1336 return SMP_INVALID_PARAMS
;
1338 /* Ignore this PDU if it wasn't requested */
1339 if (!(smp
->remote_key_dist
& SMP_DIST_ID_KEY
))
1342 /* Mark the information as received */
1343 smp
->remote_key_dist
&= ~SMP_DIST_ID_KEY
;
1345 skb_pull(skb
, sizeof(*info
));
1347 hci_dev_lock(hcon
->hdev
);
1349 /* Strictly speaking the Core Specification (4.1) allows sending
1350 * an empty address which would force us to rely on just the IRK
1351 * as "identity information". However, since such
1352 * implementations are not known of and in order to not over
1353 * complicate our implementation, simply pretend that we never
1354 * received an IRK for such a device.
1356 if (!bacmp(&info
->bdaddr
, BDADDR_ANY
)) {
1357 BT_ERR("Ignoring IRK with no identity address");
1361 bacpy(&smp
->id_addr
, &info
->bdaddr
);
1362 smp
->id_addr_type
= info
->addr_type
;
1364 if (hci_bdaddr_is_rpa(&hcon
->dst
, hcon
->dst_type
))
1365 bacpy(&rpa
, &hcon
->dst
);
1367 bacpy(&rpa
, BDADDR_ANY
);
1369 smp
->remote_irk
= hci_add_irk(conn
->hcon
->hdev
, &smp
->id_addr
,
1370 smp
->id_addr_type
, smp
->irk
, &rpa
);
1373 smp_distribute_keys(smp
);
1375 hci_dev_unlock(hcon
->hdev
);
1380 static int smp_cmd_sign_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1382 struct smp_cmd_sign_info
*rp
= (void *) skb
->data
;
1383 struct l2cap_chan
*chan
= conn
->smp
;
1384 struct smp_chan
*smp
= chan
->data
;
1385 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
1386 struct smp_csrk
*csrk
;
1388 BT_DBG("conn %p", conn
);
1390 if (skb
->len
< sizeof(*rp
))
1391 return SMP_INVALID_PARAMS
;
1393 /* Ignore this PDU if it wasn't requested */
1394 if (!(smp
->remote_key_dist
& SMP_DIST_SIGN
))
1397 /* Mark the information as received */
1398 smp
->remote_key_dist
&= ~SMP_DIST_SIGN
;
1400 skb_pull(skb
, sizeof(*rp
));
1403 csrk
= kzalloc(sizeof(*csrk
), GFP_KERNEL
);
1405 csrk
->master
= 0x01;
1406 memcpy(csrk
->val
, rp
->csrk
, sizeof(csrk
->val
));
1409 smp_distribute_keys(smp
);
1410 hci_dev_unlock(hdev
);
1415 static int smp_sig_channel(struct l2cap_chan
*chan
, struct sk_buff
*skb
)
1417 struct l2cap_conn
*conn
= chan
->conn
;
1418 struct hci_conn
*hcon
= conn
->hcon
;
1422 if (hcon
->type
!= LE_LINK
) {
1430 if (!test_bit(HCI_LE_ENABLED
, &hcon
->hdev
->dev_flags
)) {
1431 reason
= SMP_PAIRING_NOTSUPP
;
1435 code
= skb
->data
[0];
1436 skb_pull(skb
, sizeof(code
));
1439 * The SMP context must be initialized for all other PDUs except
1440 * pairing and security requests. If we get any other PDU when
1441 * not initialized simply disconnect (done if this function
1442 * returns an error).
1444 if (code
!= SMP_CMD_PAIRING_REQ
&& code
!= SMP_CMD_SECURITY_REQ
&&
1446 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code
);
1452 case SMP_CMD_PAIRING_REQ
:
1453 reason
= smp_cmd_pairing_req(conn
, skb
);
1456 case SMP_CMD_PAIRING_FAIL
:
1457 smp_failure(conn
, 0);
1461 case SMP_CMD_PAIRING_RSP
:
1462 reason
= smp_cmd_pairing_rsp(conn
, skb
);
1465 case SMP_CMD_SECURITY_REQ
:
1466 reason
= smp_cmd_security_req(conn
, skb
);
1469 case SMP_CMD_PAIRING_CONFIRM
:
1470 reason
= smp_cmd_pairing_confirm(conn
, skb
);
1473 case SMP_CMD_PAIRING_RANDOM
:
1474 reason
= smp_cmd_pairing_random(conn
, skb
);
1477 case SMP_CMD_ENCRYPT_INFO
:
1478 reason
= smp_cmd_encrypt_info(conn
, skb
);
1481 case SMP_CMD_MASTER_IDENT
:
1482 reason
= smp_cmd_master_ident(conn
, skb
);
1485 case SMP_CMD_IDENT_INFO
:
1486 reason
= smp_cmd_ident_info(conn
, skb
);
1489 case SMP_CMD_IDENT_ADDR_INFO
:
1490 reason
= smp_cmd_ident_addr_info(conn
, skb
);
1493 case SMP_CMD_SIGN_INFO
:
1494 reason
= smp_cmd_sign_info(conn
, skb
);
1498 BT_DBG("Unknown command code 0x%2.2x", code
);
1499 reason
= SMP_CMD_NOTSUPP
;
1506 smp_failure(conn
, reason
);
1513 static void smp_teardown_cb(struct l2cap_chan
*chan
, int err
)
1515 struct l2cap_conn
*conn
= chan
->conn
;
1517 BT_DBG("chan %p", chan
);
1520 smp_chan_destroy(conn
);
1523 l2cap_chan_put(chan
);
1526 static void smp_resume_cb(struct l2cap_chan
*chan
)
1528 struct smp_chan
*smp
= chan
->data
;
1529 struct l2cap_conn
*conn
= chan
->conn
;
1530 struct hci_conn
*hcon
= conn
->hcon
;
1532 BT_DBG("chan %p", chan
);
1537 if (!test_bit(HCI_CONN_ENCRYPT
, &hcon
->flags
))
1540 cancel_delayed_work(&smp
->security_timer
);
1542 smp_distribute_keys(smp
);
1545 static void smp_ready_cb(struct l2cap_chan
*chan
)
1547 struct l2cap_conn
*conn
= chan
->conn
;
1549 BT_DBG("chan %p", chan
);
1552 l2cap_chan_hold(chan
);
1555 static int smp_recv_cb(struct l2cap_chan
*chan
, struct sk_buff
*skb
)
1559 BT_DBG("chan %p", chan
);
1561 err
= smp_sig_channel(chan
, skb
);
1563 struct smp_chan
*smp
= chan
->data
;
1566 cancel_delayed_work_sync(&smp
->security_timer
);
1568 hci_disconnect(chan
->conn
->hcon
, HCI_ERROR_AUTH_FAILURE
);
1574 static struct sk_buff
*smp_alloc_skb_cb(struct l2cap_chan
*chan
,
1575 unsigned long hdr_len
,
1576 unsigned long len
, int nb
)
1578 struct sk_buff
*skb
;
1580 skb
= bt_skb_alloc(hdr_len
+ len
, GFP_KERNEL
);
1582 return ERR_PTR(-ENOMEM
);
1584 skb
->priority
= HCI_PRIO_MAX
;
1585 bt_cb(skb
)->chan
= chan
;
1590 static const struct l2cap_ops smp_chan_ops
= {
1591 .name
= "Security Manager",
1592 .ready
= smp_ready_cb
,
1593 .recv
= smp_recv_cb
,
1594 .alloc_skb
= smp_alloc_skb_cb
,
1595 .teardown
= smp_teardown_cb
,
1596 .resume
= smp_resume_cb
,
1598 .new_connection
= l2cap_chan_no_new_connection
,
1599 .state_change
= l2cap_chan_no_state_change
,
1600 .close
= l2cap_chan_no_close
,
1601 .defer
= l2cap_chan_no_defer
,
1602 .suspend
= l2cap_chan_no_suspend
,
1603 .set_shutdown
= l2cap_chan_no_set_shutdown
,
1604 .get_sndtimeo
= l2cap_chan_no_get_sndtimeo
,
1605 .memcpy_fromiovec
= l2cap_chan_no_memcpy_fromiovec
,
1608 static inline struct l2cap_chan
*smp_new_conn_cb(struct l2cap_chan
*pchan
)
1610 struct l2cap_chan
*chan
;
1612 BT_DBG("pchan %p", pchan
);
1614 chan
= l2cap_chan_create();
1618 chan
->chan_type
= pchan
->chan_type
;
1619 chan
->ops
= &smp_chan_ops
;
1620 chan
->scid
= pchan
->scid
;
1621 chan
->dcid
= chan
->scid
;
1622 chan
->imtu
= pchan
->imtu
;
1623 chan
->omtu
= pchan
->omtu
;
1624 chan
->mode
= pchan
->mode
;
1626 BT_DBG("created chan %p", chan
);
1631 static const struct l2cap_ops smp_root_chan_ops
= {
1632 .name
= "Security Manager Root",
1633 .new_connection
= smp_new_conn_cb
,
1635 /* None of these are implemented for the root channel */
1636 .close
= l2cap_chan_no_close
,
1637 .alloc_skb
= l2cap_chan_no_alloc_skb
,
1638 .recv
= l2cap_chan_no_recv
,
1639 .state_change
= l2cap_chan_no_state_change
,
1640 .teardown
= l2cap_chan_no_teardown
,
1641 .ready
= l2cap_chan_no_ready
,
1642 .defer
= l2cap_chan_no_defer
,
1643 .suspend
= l2cap_chan_no_suspend
,
1644 .resume
= l2cap_chan_no_resume
,
1645 .set_shutdown
= l2cap_chan_no_set_shutdown
,
1646 .get_sndtimeo
= l2cap_chan_no_get_sndtimeo
,
1647 .memcpy_fromiovec
= l2cap_chan_no_memcpy_fromiovec
,
1650 int smp_register(struct hci_dev
*hdev
)
1652 struct l2cap_chan
*chan
;
1653 struct crypto_blkcipher
*tfm_aes
;
1655 BT_DBG("%s", hdev
->name
);
1657 tfm_aes
= crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC
);
1658 if (IS_ERR(tfm_aes
)) {
1659 int err
= PTR_ERR(tfm_aes
);
1660 BT_ERR("Unable to create crypto context");
1664 chan
= l2cap_chan_create();
1666 crypto_free_blkcipher(tfm_aes
);
1670 chan
->data
= tfm_aes
;
1672 l2cap_add_scid(chan
, L2CAP_CID_SMP
);
1674 l2cap_chan_set_defaults(chan
);
1676 bacpy(&chan
->src
, &hdev
->bdaddr
);
1677 chan
->src_type
= BDADDR_LE_PUBLIC
;
1678 chan
->state
= BT_LISTEN
;
1679 chan
->mode
= L2CAP_MODE_BASIC
;
1680 chan
->imtu
= L2CAP_DEFAULT_MTU
;
1681 chan
->ops
= &smp_root_chan_ops
;
1683 hdev
->smp_data
= chan
;
1688 void smp_unregister(struct hci_dev
*hdev
)
1690 struct l2cap_chan
*chan
= hdev
->smp_data
;
1691 struct crypto_blkcipher
*tfm_aes
;
1696 BT_DBG("%s chan %p", hdev
->name
, chan
);
1698 tfm_aes
= chan
->data
;
1701 crypto_free_blkcipher(tfm_aes
);
1704 hdev
->smp_data
= NULL
;
1705 l2cap_chan_put(chan
);