2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
34 #define SMP_TIMEOUT msecs_to_jiffies(30000)
36 #define AUTH_REQ_MASK 0x07
47 struct l2cap_conn
*conn
;
48 u8 preq
[7]; /* SMP Pairing Request */
49 u8 prsp
[7]; /* SMP Pairing Response */
50 u8 prnd
[16]; /* SMP Pairing Random (local) */
51 u8 rrnd
[16]; /* SMP Pairing Random (remote) */
52 u8 pcnf
[16]; /* SMP Pairing Confirm */
53 u8 tk
[16]; /* SMP Temporary Key */
59 struct smp_csrk
*csrk
;
60 struct smp_csrk
*slave_csrk
;
62 struct smp_ltk
*slave_ltk
;
63 struct smp_irk
*remote_irk
;
66 struct crypto_blkcipher
*tfm_aes
;
69 static inline void swap_buf(const u8
*src
, u8
*dst
, size_t len
)
73 for (i
= 0; i
< len
; i
++)
74 dst
[len
- 1 - i
] = src
[i
];
77 static int smp_e(struct crypto_blkcipher
*tfm
, const u8
*k
, u8
*r
)
79 struct blkcipher_desc desc
;
80 struct scatterlist sg
;
81 uint8_t tmp
[16], data
[16];
85 BT_ERR("tfm %p", tfm
);
92 /* The most significant octet of key corresponds to k[0] */
95 err
= crypto_blkcipher_setkey(tfm
, tmp
, 16);
97 BT_ERR("cipher setkey failed: %d", err
);
101 /* Most significant octet of plaintextData corresponds to data[0] */
102 swap_buf(r
, data
, 16);
104 sg_init_one(&sg
, data
, 16);
106 err
= crypto_blkcipher_encrypt(&desc
, &sg
, &sg
, 16);
108 BT_ERR("Encrypt data error %d", err
);
110 /* Most significant octet of encryptedData corresponds to data[0] */
111 swap_buf(data
, r
, 16);
116 static int smp_ah(struct crypto_blkcipher
*tfm
, u8 irk
[16], u8 r
[3], u8 res
[3])
121 /* r' = padding || r */
123 memset(_res
+ 3, 0, 13);
125 err
= smp_e(tfm
, irk
, _res
);
127 BT_ERR("Encrypt error");
131 /* The output of the random address function ah is:
132 * ah(h, r) = e(k, r') mod 2^24
133 * The output of the security function e is then truncated to 24 bits
134 * by taking the least significant 24 bits of the output of e as the
137 memcpy(res
, _res
, 3);
142 bool smp_irk_matches(struct hci_dev
*hdev
, u8 irk
[16], bdaddr_t
*bdaddr
)
144 struct l2cap_chan
*chan
= hdev
->smp_data
;
145 struct crypto_blkcipher
*tfm
;
149 if (!chan
|| !chan
->data
)
154 BT_DBG("RPA %pMR IRK %*phN", bdaddr
, 16, irk
);
156 err
= smp_ah(tfm
, irk
, &bdaddr
->b
[3], hash
);
160 return !memcmp(bdaddr
->b
, hash
, 3);
163 int smp_generate_rpa(struct hci_dev
*hdev
, u8 irk
[16], bdaddr_t
*rpa
)
165 struct l2cap_chan
*chan
= hdev
->smp_data
;
166 struct crypto_blkcipher
*tfm
;
169 if (!chan
|| !chan
->data
)
174 get_random_bytes(&rpa
->b
[3], 3);
176 rpa
->b
[5] &= 0x3f; /* Clear two most significant bits */
177 rpa
->b
[5] |= 0x40; /* Set second most significant bit */
179 err
= smp_ah(tfm
, irk
, &rpa
->b
[3], rpa
->b
);
183 BT_DBG("RPA %pMR", rpa
);
188 static int smp_c1(struct smp_chan
*smp
, u8 k
[16], u8 r
[16], u8 preq
[7],
189 u8 pres
[7], u8 _iat
, bdaddr_t
*ia
, u8 _rat
, bdaddr_t
*ra
,
192 struct hci_dev
*hdev
= smp
->conn
->hcon
->hdev
;
196 BT_DBG("%s", hdev
->name
);
200 /* p1 = pres || preq || _rat || _iat */
203 memcpy(p1
+ 2, preq
, 7);
204 memcpy(p1
+ 9, pres
, 7);
206 /* p2 = padding || ia || ra */
208 memcpy(p2
+ 6, ia
, 6);
209 memset(p2
+ 12, 0, 4);
212 u128_xor((u128
*) res
, (u128
*) r
, (u128
*) p1
);
214 /* res = e(k, res) */
215 err
= smp_e(smp
->tfm_aes
, k
, res
);
217 BT_ERR("Encrypt data error");
221 /* res = res XOR p2 */
222 u128_xor((u128
*) res
, (u128
*) res
, (u128
*) p2
);
224 /* res = e(k, res) */
225 err
= smp_e(smp
->tfm_aes
, k
, res
);
227 BT_ERR("Encrypt data error");
232 static int smp_s1(struct smp_chan
*smp
, u8 k
[16], u8 r1
[16], u8 r2
[16],
235 struct hci_dev
*hdev
= smp
->conn
->hcon
->hdev
;
238 BT_DBG("%s", hdev
->name
);
240 /* Just least significant octets from r1 and r2 are considered */
242 memcpy(_r
+ 8, r1
, 8);
244 err
= smp_e(smp
->tfm_aes
, k
, _r
);
246 BT_ERR("Encrypt data error");
251 static void smp_send_cmd(struct l2cap_conn
*conn
, u8 code
, u16 len
, void *data
)
253 struct l2cap_chan
*chan
= conn
->smp
;
260 BT_DBG("code 0x%2.2x", code
);
262 iv
[0].iov_base
= &code
;
265 iv
[1].iov_base
= data
;
268 memset(&msg
, 0, sizeof(msg
));
270 msg
.msg_iov
= (struct iovec
*) &iv
;
273 l2cap_chan_send(chan
, &msg
, 1 + len
);
275 cancel_delayed_work_sync(&conn
->security_timer
);
276 schedule_delayed_work(&conn
->security_timer
, SMP_TIMEOUT
);
279 static __u8
authreq_to_seclevel(__u8 authreq
)
281 if (authreq
& SMP_AUTH_MITM
)
282 return BT_SECURITY_HIGH
;
284 return BT_SECURITY_MEDIUM
;
287 static __u8
seclevel_to_authreq(__u8 sec_level
)
290 case BT_SECURITY_HIGH
:
291 return SMP_AUTH_MITM
| SMP_AUTH_BONDING
;
292 case BT_SECURITY_MEDIUM
:
293 return SMP_AUTH_BONDING
;
295 return SMP_AUTH_NONE
;
299 static void build_pairing_cmd(struct l2cap_conn
*conn
,
300 struct smp_cmd_pairing
*req
,
301 struct smp_cmd_pairing
*rsp
, __u8 authreq
)
303 struct l2cap_chan
*chan
= conn
->smp
;
304 struct smp_chan
*smp
= chan
->data
;
305 struct hci_conn
*hcon
= conn
->hcon
;
306 struct hci_dev
*hdev
= hcon
->hdev
;
307 u8 local_dist
= 0, remote_dist
= 0;
309 if (test_bit(HCI_BONDABLE
, &conn
->hcon
->hdev
->dev_flags
)) {
310 local_dist
= SMP_DIST_ENC_KEY
| SMP_DIST_SIGN
;
311 remote_dist
= SMP_DIST_ENC_KEY
| SMP_DIST_SIGN
;
312 authreq
|= SMP_AUTH_BONDING
;
314 authreq
&= ~SMP_AUTH_BONDING
;
317 if (test_bit(HCI_RPA_RESOLVING
, &hdev
->dev_flags
))
318 remote_dist
|= SMP_DIST_ID_KEY
;
320 if (test_bit(HCI_PRIVACY
, &hdev
->dev_flags
))
321 local_dist
|= SMP_DIST_ID_KEY
;
324 req
->io_capability
= conn
->hcon
->io_capability
;
325 req
->oob_flag
= SMP_OOB_NOT_PRESENT
;
326 req
->max_key_size
= SMP_MAX_ENC_KEY_SIZE
;
327 req
->init_key_dist
= local_dist
;
328 req
->resp_key_dist
= remote_dist
;
329 req
->auth_req
= (authreq
& AUTH_REQ_MASK
);
331 smp
->remote_key_dist
= remote_dist
;
335 rsp
->io_capability
= conn
->hcon
->io_capability
;
336 rsp
->oob_flag
= SMP_OOB_NOT_PRESENT
;
337 rsp
->max_key_size
= SMP_MAX_ENC_KEY_SIZE
;
338 rsp
->init_key_dist
= req
->init_key_dist
& remote_dist
;
339 rsp
->resp_key_dist
= req
->resp_key_dist
& local_dist
;
340 rsp
->auth_req
= (authreq
& AUTH_REQ_MASK
);
342 smp
->remote_key_dist
= rsp
->init_key_dist
;
345 static u8
check_enc_key_size(struct l2cap_conn
*conn
, __u8 max_key_size
)
347 struct l2cap_chan
*chan
= conn
->smp
;
348 struct smp_chan
*smp
= chan
->data
;
350 if ((max_key_size
> SMP_MAX_ENC_KEY_SIZE
) ||
351 (max_key_size
< SMP_MIN_ENC_KEY_SIZE
))
352 return SMP_ENC_KEY_SIZE
;
354 smp
->enc_key_size
= max_key_size
;
359 static void smp_failure(struct l2cap_conn
*conn
, u8 reason
)
361 struct hci_conn
*hcon
= conn
->hcon
;
364 smp_send_cmd(conn
, SMP_CMD_PAIRING_FAIL
, sizeof(reason
),
367 clear_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
);
368 mgmt_auth_failed(hcon
->hdev
, &hcon
->dst
, hcon
->type
, hcon
->dst_type
,
369 HCI_ERROR_AUTH_FAILURE
);
371 cancel_delayed_work_sync(&conn
->security_timer
);
373 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
374 smp_chan_destroy(conn
);
377 #define JUST_WORKS 0x00
378 #define JUST_CFM 0x01
379 #define REQ_PASSKEY 0x02
380 #define CFM_PASSKEY 0x03
384 static const u8 gen_method
[5][5] = {
385 { JUST_WORKS
, JUST_CFM
, REQ_PASSKEY
, JUST_WORKS
, REQ_PASSKEY
},
386 { JUST_WORKS
, JUST_CFM
, REQ_PASSKEY
, JUST_WORKS
, REQ_PASSKEY
},
387 { CFM_PASSKEY
, CFM_PASSKEY
, REQ_PASSKEY
, JUST_WORKS
, CFM_PASSKEY
},
388 { JUST_WORKS
, JUST_CFM
, JUST_WORKS
, JUST_WORKS
, JUST_CFM
},
389 { CFM_PASSKEY
, CFM_PASSKEY
, REQ_PASSKEY
, JUST_WORKS
, OVERLAP
},
392 static u8
get_auth_method(struct smp_chan
*smp
, u8 local_io
, u8 remote_io
)
394 /* If either side has unknown io_caps, use JUST_CFM (which gets
395 * converted later to JUST_WORKS if we're initiators.
397 if (local_io
> SMP_IO_KEYBOARD_DISPLAY
||
398 remote_io
> SMP_IO_KEYBOARD_DISPLAY
)
401 return gen_method
[remote_io
][local_io
];
404 static int tk_request(struct l2cap_conn
*conn
, u8 remote_oob
, u8 auth
,
405 u8 local_io
, u8 remote_io
)
407 struct hci_conn
*hcon
= conn
->hcon
;
408 struct l2cap_chan
*chan
= conn
->smp
;
409 struct smp_chan
*smp
= chan
->data
;
414 /* Initialize key for JUST WORKS */
415 memset(smp
->tk
, 0, sizeof(smp
->tk
));
416 clear_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
418 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth
, local_io
, remote_io
);
420 /* If neither side wants MITM, either "just" confirm an incoming
421 * request or use just-works for outgoing ones. The JUST_CFM
422 * will be converted to JUST_WORKS if necessary later in this
423 * function. If either side has MITM look up the method from the
426 if (!(auth
& SMP_AUTH_MITM
))
429 method
= get_auth_method(smp
, local_io
, remote_io
);
431 /* Don't confirm locally initiated pairing attempts */
432 if (method
== JUST_CFM
&& test_bit(SMP_FLAG_INITIATOR
, &smp
->flags
))
435 /* Don't bother user space with no IO capabilities */
436 if (method
== JUST_CFM
&& hcon
->io_capability
== HCI_IO_NO_INPUT_OUTPUT
)
439 /* If Just Works, Continue with Zero TK */
440 if (method
== JUST_WORKS
) {
441 set_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
445 /* Not Just Works/Confirm results in MITM Authentication */
446 if (method
!= JUST_CFM
)
447 set_bit(SMP_FLAG_MITM_AUTH
, &smp
->flags
);
449 /* If both devices have Keyoard-Display I/O, the master
450 * Confirms and the slave Enters the passkey.
452 if (method
== OVERLAP
) {
453 if (hcon
->role
== HCI_ROLE_MASTER
)
454 method
= CFM_PASSKEY
;
456 method
= REQ_PASSKEY
;
459 /* Generate random passkey. */
460 if (method
== CFM_PASSKEY
) {
461 memset(smp
->tk
, 0, sizeof(smp
->tk
));
462 get_random_bytes(&passkey
, sizeof(passkey
));
464 put_unaligned_le32(passkey
, smp
->tk
);
465 BT_DBG("PassKey: %d", passkey
);
466 set_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
469 hci_dev_lock(hcon
->hdev
);
471 if (method
== REQ_PASSKEY
)
472 ret
= mgmt_user_passkey_request(hcon
->hdev
, &hcon
->dst
,
473 hcon
->type
, hcon
->dst_type
);
474 else if (method
== JUST_CFM
)
475 ret
= mgmt_user_confirm_request(hcon
->hdev
, &hcon
->dst
,
476 hcon
->type
, hcon
->dst_type
,
479 ret
= mgmt_user_passkey_notify(hcon
->hdev
, &hcon
->dst
,
480 hcon
->type
, hcon
->dst_type
,
483 hci_dev_unlock(hcon
->hdev
);
488 static u8
smp_confirm(struct smp_chan
*smp
)
490 struct l2cap_conn
*conn
= smp
->conn
;
491 struct smp_cmd_pairing_confirm cp
;
494 BT_DBG("conn %p", conn
);
496 ret
= smp_c1(smp
, smp
->tk
, smp
->prnd
, smp
->preq
, smp
->prsp
,
497 conn
->hcon
->init_addr_type
, &conn
->hcon
->init_addr
,
498 conn
->hcon
->resp_addr_type
, &conn
->hcon
->resp_addr
,
501 return SMP_UNSPECIFIED
;
503 clear_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
);
505 smp_send_cmd(smp
->conn
, SMP_CMD_PAIRING_CONFIRM
, sizeof(cp
), &cp
);
510 static u8
smp_random(struct smp_chan
*smp
)
512 struct l2cap_conn
*conn
= smp
->conn
;
513 struct hci_conn
*hcon
= conn
->hcon
;
517 if (IS_ERR_OR_NULL(smp
->tfm_aes
))
518 return SMP_UNSPECIFIED
;
520 BT_DBG("conn %p %s", conn
, conn
->hcon
->out
? "master" : "slave");
522 ret
= smp_c1(smp
, smp
->tk
, smp
->rrnd
, smp
->preq
, smp
->prsp
,
523 hcon
->init_addr_type
, &hcon
->init_addr
,
524 hcon
->resp_addr_type
, &hcon
->resp_addr
, confirm
);
526 return SMP_UNSPECIFIED
;
528 if (memcmp(smp
->pcnf
, confirm
, sizeof(smp
->pcnf
)) != 0) {
529 BT_ERR("Pairing failed (confirmation values mismatch)");
530 return SMP_CONFIRM_FAILED
;
538 smp_s1(smp
, smp
->tk
, smp
->rrnd
, smp
->prnd
, stk
);
540 memset(stk
+ smp
->enc_key_size
, 0,
541 SMP_MAX_ENC_KEY_SIZE
- smp
->enc_key_size
);
543 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
))
544 return SMP_UNSPECIFIED
;
546 hci_le_start_enc(hcon
, ediv
, rand
, stk
);
547 hcon
->enc_key_size
= smp
->enc_key_size
;
548 set_bit(HCI_CONN_STK_ENCRYPT
, &hcon
->flags
);
554 smp_send_cmd(conn
, SMP_CMD_PAIRING_RANDOM
, sizeof(smp
->prnd
),
557 smp_s1(smp
, smp
->tk
, smp
->prnd
, smp
->rrnd
, stk
);
559 memset(stk
+ smp
->enc_key_size
, 0,
560 SMP_MAX_ENC_KEY_SIZE
- smp
->enc_key_size
);
562 if (hcon
->pending_sec_level
== BT_SECURITY_HIGH
)
567 /* Even though there's no _SLAVE suffix this is the
568 * slave STK we're adding for later lookup (the master
569 * STK never needs to be stored).
571 hci_add_ltk(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
572 SMP_STK
, auth
, stk
, smp
->enc_key_size
, ediv
, rand
);
578 static struct smp_chan
*smp_chan_create(struct l2cap_conn
*conn
)
580 struct l2cap_chan
*chan
= conn
->smp
;
581 struct smp_chan
*smp
;
583 smp
= kzalloc(sizeof(*smp
), GFP_ATOMIC
);
585 clear_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
);
589 smp
->tfm_aes
= crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC
);
590 if (IS_ERR(smp
->tfm_aes
)) {
591 BT_ERR("Unable to create ECB crypto context");
593 clear_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
);
600 hci_conn_hold(conn
->hcon
);
605 void smp_chan_destroy(struct l2cap_conn
*conn
)
607 struct l2cap_chan
*chan
= conn
->smp
;
608 struct smp_chan
*smp
= chan
->data
;
613 complete
= test_bit(SMP_FLAG_COMPLETE
, &smp
->flags
);
614 mgmt_smp_complete(conn
->hcon
, complete
);
617 kfree(smp
->slave_csrk
);
619 crypto_free_blkcipher(smp
->tfm_aes
);
621 /* If pairing failed clean up any keys we might have */
624 list_del(&smp
->ltk
->list
);
628 if (smp
->slave_ltk
) {
629 list_del(&smp
->slave_ltk
->list
);
630 kfree(smp
->slave_ltk
);
633 if (smp
->remote_irk
) {
634 list_del(&smp
->remote_irk
->list
);
635 kfree(smp
->remote_irk
);
641 hci_conn_drop(conn
->hcon
);
644 int smp_user_confirm_reply(struct hci_conn
*hcon
, u16 mgmt_op
, __le32 passkey
)
646 struct l2cap_conn
*conn
= hcon
->l2cap_data
;
647 struct l2cap_chan
*chan
;
648 struct smp_chan
*smp
;
653 if (!conn
|| !test_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
663 case MGMT_OP_USER_PASSKEY_REPLY
:
664 value
= le32_to_cpu(passkey
);
665 memset(smp
->tk
, 0, sizeof(smp
->tk
));
666 BT_DBG("PassKey: %d", value
);
667 put_unaligned_le32(value
, smp
->tk
);
669 case MGMT_OP_USER_CONFIRM_REPLY
:
670 set_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
672 case MGMT_OP_USER_PASSKEY_NEG_REPLY
:
673 case MGMT_OP_USER_CONFIRM_NEG_REPLY
:
674 smp_failure(conn
, SMP_PASSKEY_ENTRY_FAILED
);
677 smp_failure(conn
, SMP_PASSKEY_ENTRY_FAILED
);
681 /* If it is our turn to send Pairing Confirm, do so now */
682 if (test_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
)) {
683 u8 rsp
= smp_confirm(smp
);
685 smp_failure(conn
, rsp
);
691 static u8
smp_cmd_pairing_req(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
693 struct smp_cmd_pairing rsp
, *req
= (void *) skb
->data
;
694 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
695 struct smp_chan
*smp
;
696 u8 key_size
, auth
, sec_level
;
699 BT_DBG("conn %p", conn
);
701 if (skb
->len
< sizeof(*req
))
702 return SMP_INVALID_PARAMS
;
704 if (conn
->hcon
->role
!= HCI_ROLE_SLAVE
)
705 return SMP_CMD_NOTSUPP
;
707 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
)) {
708 smp
= smp_chan_create(conn
);
710 struct l2cap_chan
*chan
= conn
->smp
;
715 return SMP_UNSPECIFIED
;
717 if (!test_bit(HCI_BONDABLE
, &hdev
->dev_flags
) &&
718 (req
->auth_req
& SMP_AUTH_BONDING
))
719 return SMP_PAIRING_NOTSUPP
;
721 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
722 memcpy(&smp
->preq
[1], req
, sizeof(*req
));
723 skb_pull(skb
, sizeof(*req
));
725 /* We didn't start the pairing, so match remote */
726 auth
= req
->auth_req
;
728 sec_level
= authreq_to_seclevel(auth
);
729 if (sec_level
> conn
->hcon
->pending_sec_level
)
730 conn
->hcon
->pending_sec_level
= sec_level
;
732 /* If we need MITM check that it can be acheived */
733 if (conn
->hcon
->pending_sec_level
>= BT_SECURITY_HIGH
) {
736 method
= get_auth_method(smp
, conn
->hcon
->io_capability
,
738 if (method
== JUST_WORKS
|| method
== JUST_CFM
)
739 return SMP_AUTH_REQUIREMENTS
;
742 build_pairing_cmd(conn
, req
, &rsp
, auth
);
744 key_size
= min(req
->max_key_size
, rsp
.max_key_size
);
745 if (check_enc_key_size(conn
, key_size
))
746 return SMP_ENC_KEY_SIZE
;
748 get_random_bytes(smp
->prnd
, sizeof(smp
->prnd
));
750 smp
->prsp
[0] = SMP_CMD_PAIRING_RSP
;
751 memcpy(&smp
->prsp
[1], &rsp
, sizeof(rsp
));
753 smp_send_cmd(conn
, SMP_CMD_PAIRING_RSP
, sizeof(rsp
), &rsp
);
755 /* Request setup of TK */
756 ret
= tk_request(conn
, 0, auth
, rsp
.io_capability
, req
->io_capability
);
758 return SMP_UNSPECIFIED
;
763 static u8
smp_cmd_pairing_rsp(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
765 struct smp_cmd_pairing
*req
, *rsp
= (void *) skb
->data
;
766 struct l2cap_chan
*chan
= conn
->smp
;
767 struct smp_chan
*smp
= chan
->data
;
768 u8 key_size
, auth
= SMP_AUTH_NONE
;
771 BT_DBG("conn %p", conn
);
773 if (skb
->len
< sizeof(*rsp
))
774 return SMP_INVALID_PARAMS
;
776 if (conn
->hcon
->role
!= HCI_ROLE_MASTER
)
777 return SMP_CMD_NOTSUPP
;
779 skb_pull(skb
, sizeof(*rsp
));
781 req
= (void *) &smp
->preq
[1];
783 key_size
= min(req
->max_key_size
, rsp
->max_key_size
);
784 if (check_enc_key_size(conn
, key_size
))
785 return SMP_ENC_KEY_SIZE
;
787 /* If we need MITM check that it can be acheived */
788 if (conn
->hcon
->pending_sec_level
>= BT_SECURITY_HIGH
) {
791 method
= get_auth_method(smp
, req
->io_capability
,
793 if (method
== JUST_WORKS
|| method
== JUST_CFM
)
794 return SMP_AUTH_REQUIREMENTS
;
797 get_random_bytes(smp
->prnd
, sizeof(smp
->prnd
));
799 smp
->prsp
[0] = SMP_CMD_PAIRING_RSP
;
800 memcpy(&smp
->prsp
[1], rsp
, sizeof(*rsp
));
802 /* Update remote key distribution in case the remote cleared
803 * some bits that we had enabled in our request.
805 smp
->remote_key_dist
&= rsp
->resp_key_dist
;
807 if ((req
->auth_req
& SMP_AUTH_BONDING
) &&
808 (rsp
->auth_req
& SMP_AUTH_BONDING
))
809 auth
= SMP_AUTH_BONDING
;
811 auth
|= (req
->auth_req
| rsp
->auth_req
) & SMP_AUTH_MITM
;
813 ret
= tk_request(conn
, 0, auth
, req
->io_capability
, rsp
->io_capability
);
815 return SMP_UNSPECIFIED
;
817 set_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
);
819 /* Can't compose response until we have been confirmed */
820 if (test_bit(SMP_FLAG_TK_VALID
, &smp
->flags
))
821 return smp_confirm(smp
);
826 static u8
smp_cmd_pairing_confirm(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
828 struct l2cap_chan
*chan
= conn
->smp
;
829 struct smp_chan
*smp
= chan
->data
;
831 BT_DBG("conn %p %s", conn
, conn
->hcon
->out
? "master" : "slave");
833 if (skb
->len
< sizeof(smp
->pcnf
))
834 return SMP_INVALID_PARAMS
;
836 memcpy(smp
->pcnf
, skb
->data
, sizeof(smp
->pcnf
));
837 skb_pull(skb
, sizeof(smp
->pcnf
));
840 smp_send_cmd(conn
, SMP_CMD_PAIRING_RANDOM
, sizeof(smp
->prnd
),
842 else if (test_bit(SMP_FLAG_TK_VALID
, &smp
->flags
))
843 return smp_confirm(smp
);
845 set_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
);
850 static u8
smp_cmd_pairing_random(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
852 struct l2cap_chan
*chan
= conn
->smp
;
853 struct smp_chan
*smp
= chan
->data
;
855 BT_DBG("conn %p", conn
);
857 if (skb
->len
< sizeof(smp
->rrnd
))
858 return SMP_INVALID_PARAMS
;
860 memcpy(smp
->rrnd
, skb
->data
, sizeof(smp
->rrnd
));
861 skb_pull(skb
, sizeof(smp
->rrnd
));
863 return smp_random(smp
);
866 static bool smp_ltk_encrypt(struct l2cap_conn
*conn
, u8 sec_level
)
869 struct hci_conn
*hcon
= conn
->hcon
;
871 key
= hci_find_ltk_by_addr(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
876 if (sec_level
> BT_SECURITY_MEDIUM
&& !key
->authenticated
)
879 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
))
882 hci_le_start_enc(hcon
, key
->ediv
, key
->rand
, key
->val
);
883 hcon
->enc_key_size
= key
->enc_size
;
885 /* We never store STKs for master role, so clear this flag */
886 clear_bit(HCI_CONN_STK_ENCRYPT
, &hcon
->flags
);
891 bool smp_sufficient_security(struct hci_conn
*hcon
, u8 sec_level
)
893 if (sec_level
== BT_SECURITY_LOW
)
896 /* If we're encrypted with an STK always claim insufficient
897 * security. This way we allow the connection to be re-encrypted
898 * with an LTK, even if the LTK provides the same level of
899 * security. Only exception is if we don't have an LTK (e.g.
900 * because of key distribution bits).
902 if (test_bit(HCI_CONN_STK_ENCRYPT
, &hcon
->flags
) &&
903 hci_find_ltk_by_addr(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
907 if (hcon
->sec_level
>= sec_level
)
913 static u8
smp_cmd_security_req(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
915 struct smp_cmd_security_req
*rp
= (void *) skb
->data
;
916 struct smp_cmd_pairing cp
;
917 struct hci_conn
*hcon
= conn
->hcon
;
918 struct smp_chan
*smp
;
921 BT_DBG("conn %p", conn
);
923 if (skb
->len
< sizeof(*rp
))
924 return SMP_INVALID_PARAMS
;
926 if (hcon
->role
!= HCI_ROLE_MASTER
)
927 return SMP_CMD_NOTSUPP
;
929 sec_level
= authreq_to_seclevel(rp
->auth_req
);
930 if (smp_sufficient_security(hcon
, sec_level
))
933 if (sec_level
> hcon
->pending_sec_level
)
934 hcon
->pending_sec_level
= sec_level
;
936 if (smp_ltk_encrypt(conn
, hcon
->pending_sec_level
))
939 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
942 smp
= smp_chan_create(conn
);
944 return SMP_UNSPECIFIED
;
946 if (!test_bit(HCI_BONDABLE
, &hcon
->hdev
->dev_flags
) &&
947 (rp
->auth_req
& SMP_AUTH_BONDING
))
948 return SMP_PAIRING_NOTSUPP
;
950 skb_pull(skb
, sizeof(*rp
));
952 memset(&cp
, 0, sizeof(cp
));
953 build_pairing_cmd(conn
, &cp
, NULL
, rp
->auth_req
);
955 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
956 memcpy(&smp
->preq
[1], &cp
, sizeof(cp
));
958 smp_send_cmd(conn
, SMP_CMD_PAIRING_REQ
, sizeof(cp
), &cp
);
963 int smp_conn_security(struct hci_conn
*hcon
, __u8 sec_level
)
965 struct l2cap_conn
*conn
= hcon
->l2cap_data
;
966 struct smp_chan
*smp
;
969 BT_DBG("conn %p hcon %p level 0x%2.2x", conn
, hcon
, sec_level
);
971 /* This may be NULL if there's an unexpected disconnection */
975 if (!test_bit(HCI_LE_ENABLED
, &hcon
->hdev
->dev_flags
))
978 if (smp_sufficient_security(hcon
, sec_level
))
981 if (sec_level
> hcon
->pending_sec_level
)
982 hcon
->pending_sec_level
= sec_level
;
984 if (hcon
->role
== HCI_ROLE_MASTER
)
985 if (smp_ltk_encrypt(conn
, hcon
->pending_sec_level
))
988 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
991 smp
= smp_chan_create(conn
);
995 authreq
= seclevel_to_authreq(sec_level
);
997 /* Require MITM if IO Capability allows or the security level
1000 if (hcon
->io_capability
!= HCI_IO_NO_INPUT_OUTPUT
||
1001 hcon
->pending_sec_level
> BT_SECURITY_MEDIUM
)
1002 authreq
|= SMP_AUTH_MITM
;
1004 if (hcon
->role
== HCI_ROLE_MASTER
) {
1005 struct smp_cmd_pairing cp
;
1007 build_pairing_cmd(conn
, &cp
, NULL
, authreq
);
1008 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
1009 memcpy(&smp
->preq
[1], &cp
, sizeof(cp
));
1011 smp_send_cmd(conn
, SMP_CMD_PAIRING_REQ
, sizeof(cp
), &cp
);
1013 struct smp_cmd_security_req cp
;
1014 cp
.auth_req
= authreq
;
1015 smp_send_cmd(conn
, SMP_CMD_SECURITY_REQ
, sizeof(cp
), &cp
);
1018 set_bit(SMP_FLAG_INITIATOR
, &smp
->flags
);
1023 static int smp_cmd_encrypt_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1025 struct smp_cmd_encrypt_info
*rp
= (void *) skb
->data
;
1026 struct l2cap_chan
*chan
= conn
->smp
;
1027 struct smp_chan
*smp
= chan
->data
;
1029 BT_DBG("conn %p", conn
);
1031 if (skb
->len
< sizeof(*rp
))
1032 return SMP_INVALID_PARAMS
;
1034 /* Ignore this PDU if it wasn't requested */
1035 if (!(smp
->remote_key_dist
& SMP_DIST_ENC_KEY
))
1038 skb_pull(skb
, sizeof(*rp
));
1040 memcpy(smp
->tk
, rp
->ltk
, sizeof(smp
->tk
));
1045 static int smp_cmd_master_ident(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1047 struct smp_cmd_master_ident
*rp
= (void *) skb
->data
;
1048 struct l2cap_chan
*chan
= conn
->smp
;
1049 struct smp_chan
*smp
= chan
->data
;
1050 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
1051 struct hci_conn
*hcon
= conn
->hcon
;
1052 struct smp_ltk
*ltk
;
1055 BT_DBG("conn %p", conn
);
1057 if (skb
->len
< sizeof(*rp
))
1058 return SMP_INVALID_PARAMS
;
1060 /* Ignore this PDU if it wasn't requested */
1061 if (!(smp
->remote_key_dist
& SMP_DIST_ENC_KEY
))
1064 /* Mark the information as received */
1065 smp
->remote_key_dist
&= ~SMP_DIST_ENC_KEY
;
1067 skb_pull(skb
, sizeof(*rp
));
1070 authenticated
= (hcon
->sec_level
== BT_SECURITY_HIGH
);
1071 ltk
= hci_add_ltk(hdev
, &hcon
->dst
, hcon
->dst_type
, SMP_LTK
,
1072 authenticated
, smp
->tk
, smp
->enc_key_size
,
1073 rp
->ediv
, rp
->rand
);
1075 if (!(smp
->remote_key_dist
& SMP_DIST_ID_KEY
))
1076 smp_distribute_keys(conn
);
1077 hci_dev_unlock(hdev
);
1082 static int smp_cmd_ident_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1084 struct smp_cmd_ident_info
*info
= (void *) skb
->data
;
1085 struct l2cap_chan
*chan
= conn
->smp
;
1086 struct smp_chan
*smp
= chan
->data
;
1090 if (skb
->len
< sizeof(*info
))
1091 return SMP_INVALID_PARAMS
;
1093 /* Ignore this PDU if it wasn't requested */
1094 if (!(smp
->remote_key_dist
& SMP_DIST_ID_KEY
))
1097 skb_pull(skb
, sizeof(*info
));
1099 memcpy(smp
->irk
, info
->irk
, 16);
1104 static int smp_cmd_ident_addr_info(struct l2cap_conn
*conn
,
1105 struct sk_buff
*skb
)
1107 struct smp_cmd_ident_addr_info
*info
= (void *) skb
->data
;
1108 struct l2cap_chan
*chan
= conn
->smp
;
1109 struct smp_chan
*smp
= chan
->data
;
1110 struct hci_conn
*hcon
= conn
->hcon
;
1115 if (skb
->len
< sizeof(*info
))
1116 return SMP_INVALID_PARAMS
;
1118 /* Ignore this PDU if it wasn't requested */
1119 if (!(smp
->remote_key_dist
& SMP_DIST_ID_KEY
))
1122 /* Mark the information as received */
1123 smp
->remote_key_dist
&= ~SMP_DIST_ID_KEY
;
1125 skb_pull(skb
, sizeof(*info
));
1127 hci_dev_lock(hcon
->hdev
);
1129 /* Strictly speaking the Core Specification (4.1) allows sending
1130 * an empty address which would force us to rely on just the IRK
1131 * as "identity information". However, since such
1132 * implementations are not known of and in order to not over
1133 * complicate our implementation, simply pretend that we never
1134 * received an IRK for such a device.
1136 if (!bacmp(&info
->bdaddr
, BDADDR_ANY
)) {
1137 BT_ERR("Ignoring IRK with no identity address");
1141 bacpy(&smp
->id_addr
, &info
->bdaddr
);
1142 smp
->id_addr_type
= info
->addr_type
;
1144 if (hci_bdaddr_is_rpa(&hcon
->dst
, hcon
->dst_type
))
1145 bacpy(&rpa
, &hcon
->dst
);
1147 bacpy(&rpa
, BDADDR_ANY
);
1149 smp
->remote_irk
= hci_add_irk(conn
->hcon
->hdev
, &smp
->id_addr
,
1150 smp
->id_addr_type
, smp
->irk
, &rpa
);
1153 smp_distribute_keys(conn
);
1155 hci_dev_unlock(hcon
->hdev
);
1160 static int smp_cmd_sign_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1162 struct smp_cmd_sign_info
*rp
= (void *) skb
->data
;
1163 struct l2cap_chan
*chan
= conn
->smp
;
1164 struct smp_chan
*smp
= chan
->data
;
1165 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
1166 struct smp_csrk
*csrk
;
1168 BT_DBG("conn %p", conn
);
1170 if (skb
->len
< sizeof(*rp
))
1171 return SMP_INVALID_PARAMS
;
1173 /* Ignore this PDU if it wasn't requested */
1174 if (!(smp
->remote_key_dist
& SMP_DIST_SIGN
))
1177 /* Mark the information as received */
1178 smp
->remote_key_dist
&= ~SMP_DIST_SIGN
;
1180 skb_pull(skb
, sizeof(*rp
));
1183 csrk
= kzalloc(sizeof(*csrk
), GFP_KERNEL
);
1185 csrk
->master
= 0x01;
1186 memcpy(csrk
->val
, rp
->csrk
, sizeof(csrk
->val
));
1189 smp_distribute_keys(conn
);
1190 hci_dev_unlock(hdev
);
1195 static int smp_recv_cb(struct l2cap_chan
*chan
, struct sk_buff
*skb
)
1197 struct l2cap_conn
*conn
= chan
->conn
;
1198 struct hci_conn
*hcon
= conn
->hcon
;
1202 if (hcon
->type
!= LE_LINK
) {
1212 if (!test_bit(HCI_LE_ENABLED
, &hcon
->hdev
->dev_flags
)) {
1214 reason
= SMP_PAIRING_NOTSUPP
;
1218 code
= skb
->data
[0];
1219 skb_pull(skb
, sizeof(code
));
1222 * The SMP context must be initialized for all other PDUs except
1223 * pairing and security requests. If we get any other PDU when
1224 * not initialized simply disconnect (done if this function
1225 * returns an error).
1227 if (code
!= SMP_CMD_PAIRING_REQ
&& code
!= SMP_CMD_SECURITY_REQ
&&
1228 !test_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
)) {
1229 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code
);
1235 case SMP_CMD_PAIRING_REQ
:
1236 reason
= smp_cmd_pairing_req(conn
, skb
);
1239 case SMP_CMD_PAIRING_FAIL
:
1240 smp_failure(conn
, 0);
1245 case SMP_CMD_PAIRING_RSP
:
1246 reason
= smp_cmd_pairing_rsp(conn
, skb
);
1249 case SMP_CMD_SECURITY_REQ
:
1250 reason
= smp_cmd_security_req(conn
, skb
);
1253 case SMP_CMD_PAIRING_CONFIRM
:
1254 reason
= smp_cmd_pairing_confirm(conn
, skb
);
1257 case SMP_CMD_PAIRING_RANDOM
:
1258 reason
= smp_cmd_pairing_random(conn
, skb
);
1261 case SMP_CMD_ENCRYPT_INFO
:
1262 reason
= smp_cmd_encrypt_info(conn
, skb
);
1265 case SMP_CMD_MASTER_IDENT
:
1266 reason
= smp_cmd_master_ident(conn
, skb
);
1269 case SMP_CMD_IDENT_INFO
:
1270 reason
= smp_cmd_ident_info(conn
, skb
);
1273 case SMP_CMD_IDENT_ADDR_INFO
:
1274 reason
= smp_cmd_ident_addr_info(conn
, skb
);
1277 case SMP_CMD_SIGN_INFO
:
1278 reason
= smp_cmd_sign_info(conn
, skb
);
1282 BT_DBG("Unknown command code 0x%2.2x", code
);
1284 reason
= SMP_CMD_NOTSUPP
;
1291 smp_failure(conn
, reason
);
1297 static void smp_notify_keys(struct l2cap_conn
*conn
)
1299 struct l2cap_chan
*chan
= conn
->smp
;
1300 struct smp_chan
*smp
= chan
->data
;
1301 struct hci_conn
*hcon
= conn
->hcon
;
1302 struct hci_dev
*hdev
= hcon
->hdev
;
1303 struct smp_cmd_pairing
*req
= (void *) &smp
->preq
[1];
1304 struct smp_cmd_pairing
*rsp
= (void *) &smp
->prsp
[1];
1307 if (smp
->remote_irk
) {
1308 mgmt_new_irk(hdev
, smp
->remote_irk
);
1309 /* Now that user space can be considered to know the
1310 * identity address track the connection based on it
1313 bacpy(&hcon
->dst
, &smp
->remote_irk
->bdaddr
);
1314 hcon
->dst_type
= smp
->remote_irk
->addr_type
;
1315 l2cap_conn_update_id_addr(hcon
);
1317 /* When receiving an indentity resolving key for
1318 * a remote device that does not use a resolvable
1319 * private address, just remove the key so that
1320 * it is possible to use the controller white
1321 * list for scanning.
1323 * Userspace will have been told to not store
1324 * this key at this point. So it is safe to
1327 if (!bacmp(&smp
->remote_irk
->rpa
, BDADDR_ANY
)) {
1328 list_del(&smp
->remote_irk
->list
);
1329 kfree(smp
->remote_irk
);
1330 smp
->remote_irk
= NULL
;
1334 /* The LTKs and CSRKs should be persistent only if both sides
1335 * had the bonding bit set in their authentication requests.
1337 persistent
= !!((req
->auth_req
& rsp
->auth_req
) & SMP_AUTH_BONDING
);
1340 smp
->csrk
->bdaddr_type
= hcon
->dst_type
;
1341 bacpy(&smp
->csrk
->bdaddr
, &hcon
->dst
);
1342 mgmt_new_csrk(hdev
, smp
->csrk
, persistent
);
1345 if (smp
->slave_csrk
) {
1346 smp
->slave_csrk
->bdaddr_type
= hcon
->dst_type
;
1347 bacpy(&smp
->slave_csrk
->bdaddr
, &hcon
->dst
);
1348 mgmt_new_csrk(hdev
, smp
->slave_csrk
, persistent
);
1352 smp
->ltk
->bdaddr_type
= hcon
->dst_type
;
1353 bacpy(&smp
->ltk
->bdaddr
, &hcon
->dst
);
1354 mgmt_new_ltk(hdev
, smp
->ltk
, persistent
);
1357 if (smp
->slave_ltk
) {
1358 smp
->slave_ltk
->bdaddr_type
= hcon
->dst_type
;
1359 bacpy(&smp
->slave_ltk
->bdaddr
, &hcon
->dst
);
1360 mgmt_new_ltk(hdev
, smp
->slave_ltk
, persistent
);
1364 int smp_distribute_keys(struct l2cap_conn
*conn
)
1366 struct smp_cmd_pairing
*req
, *rsp
;
1367 struct l2cap_chan
*chan
= conn
->smp
;
1368 struct smp_chan
*smp
= chan
->data
;
1369 struct hci_conn
*hcon
= conn
->hcon
;
1370 struct hci_dev
*hdev
= hcon
->hdev
;
1373 BT_DBG("conn %p", conn
);
1375 if (!test_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
1378 rsp
= (void *) &smp
->prsp
[1];
1380 /* The responder sends its keys first */
1381 if (hcon
->out
&& (smp
->remote_key_dist
& 0x07))
1384 req
= (void *) &smp
->preq
[1];
1387 keydist
= &rsp
->init_key_dist
;
1388 *keydist
&= req
->init_key_dist
;
1390 keydist
= &rsp
->resp_key_dist
;
1391 *keydist
&= req
->resp_key_dist
;
1394 BT_DBG("keydist 0x%x", *keydist
);
1396 if (*keydist
& SMP_DIST_ENC_KEY
) {
1397 struct smp_cmd_encrypt_info enc
;
1398 struct smp_cmd_master_ident ident
;
1399 struct smp_ltk
*ltk
;
1404 get_random_bytes(enc
.ltk
, sizeof(enc
.ltk
));
1405 get_random_bytes(&ediv
, sizeof(ediv
));
1406 get_random_bytes(&rand
, sizeof(rand
));
1408 smp_send_cmd(conn
, SMP_CMD_ENCRYPT_INFO
, sizeof(enc
), &enc
);
1410 authenticated
= hcon
->sec_level
== BT_SECURITY_HIGH
;
1411 ltk
= hci_add_ltk(hdev
, &hcon
->dst
, hcon
->dst_type
,
1412 SMP_LTK_SLAVE
, authenticated
, enc
.ltk
,
1413 smp
->enc_key_size
, ediv
, rand
);
1414 smp
->slave_ltk
= ltk
;
1419 smp_send_cmd(conn
, SMP_CMD_MASTER_IDENT
, sizeof(ident
), &ident
);
1421 *keydist
&= ~SMP_DIST_ENC_KEY
;
1424 if (*keydist
& SMP_DIST_ID_KEY
) {
1425 struct smp_cmd_ident_addr_info addrinfo
;
1426 struct smp_cmd_ident_info idinfo
;
1428 memcpy(idinfo
.irk
, hdev
->irk
, sizeof(idinfo
.irk
));
1430 smp_send_cmd(conn
, SMP_CMD_IDENT_INFO
, sizeof(idinfo
), &idinfo
);
1432 /* The hci_conn contains the local identity address
1433 * after the connection has been established.
1435 * This is true even when the connection has been
1436 * established using a resolvable random address.
1438 bacpy(&addrinfo
.bdaddr
, &hcon
->src
);
1439 addrinfo
.addr_type
= hcon
->src_type
;
1441 smp_send_cmd(conn
, SMP_CMD_IDENT_ADDR_INFO
, sizeof(addrinfo
),
1444 *keydist
&= ~SMP_DIST_ID_KEY
;
1447 if (*keydist
& SMP_DIST_SIGN
) {
1448 struct smp_cmd_sign_info sign
;
1449 struct smp_csrk
*csrk
;
1451 /* Generate a new random key */
1452 get_random_bytes(sign
.csrk
, sizeof(sign
.csrk
));
1454 csrk
= kzalloc(sizeof(*csrk
), GFP_KERNEL
);
1456 csrk
->master
= 0x00;
1457 memcpy(csrk
->val
, sign
.csrk
, sizeof(csrk
->val
));
1459 smp
->slave_csrk
= csrk
;
1461 smp_send_cmd(conn
, SMP_CMD_SIGN_INFO
, sizeof(sign
), &sign
);
1463 *keydist
&= ~SMP_DIST_SIGN
;
1466 /* If there are still keys to be received wait for them */
1467 if ((smp
->remote_key_dist
& 0x07))
1470 clear_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
);
1471 cancel_delayed_work_sync(&conn
->security_timer
);
1472 set_bit(SMP_FLAG_COMPLETE
, &smp
->flags
);
1473 smp_notify_keys(conn
);
1475 smp_chan_destroy(conn
);
1480 static void smp_teardown_cb(struct l2cap_chan
*chan
, int err
)
1482 struct l2cap_conn
*conn
= chan
->conn
;
1484 BT_DBG("chan %p", chan
);
1486 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
)) {
1487 cancel_delayed_work_sync(&conn
->security_timer
);
1488 smp_chan_destroy(conn
);
1492 l2cap_chan_put(chan
);
1495 static void smp_ready_cb(struct l2cap_chan
*chan
)
1497 struct l2cap_conn
*conn
= chan
->conn
;
1499 BT_DBG("chan %p", chan
);
1502 l2cap_chan_hold(chan
);
1505 static struct sk_buff
*smp_alloc_skb_cb(struct l2cap_chan
*chan
,
1506 unsigned long hdr_len
,
1507 unsigned long len
, int nb
)
1509 struct sk_buff
*skb
;
1511 skb
= bt_skb_alloc(hdr_len
+ len
, GFP_KERNEL
);
1513 return ERR_PTR(-ENOMEM
);
1515 skb
->priority
= HCI_PRIO_MAX
;
1516 bt_cb(skb
)->chan
= chan
;
1521 static const struct l2cap_ops smp_chan_ops
= {
1522 .name
= "Security Manager",
1523 .ready
= smp_ready_cb
,
1524 .recv
= smp_recv_cb
,
1525 .alloc_skb
= smp_alloc_skb_cb
,
1526 .teardown
= smp_teardown_cb
,
1528 .new_connection
= l2cap_chan_no_new_connection
,
1529 .state_change
= l2cap_chan_no_state_change
,
1530 .close
= l2cap_chan_no_close
,
1531 .defer
= l2cap_chan_no_defer
,
1532 .suspend
= l2cap_chan_no_suspend
,
1533 .resume
= l2cap_chan_no_resume
,
1534 .set_shutdown
= l2cap_chan_no_set_shutdown
,
1535 .get_sndtimeo
= l2cap_chan_no_get_sndtimeo
,
1536 .memcpy_fromiovec
= l2cap_chan_no_memcpy_fromiovec
,
1539 static inline struct l2cap_chan
*smp_new_conn_cb(struct l2cap_chan
*pchan
)
1541 struct l2cap_chan
*chan
;
1543 BT_DBG("pchan %p", pchan
);
1545 chan
= l2cap_chan_create();
1549 chan
->chan_type
= pchan
->chan_type
;
1550 chan
->ops
= &smp_chan_ops
;
1551 chan
->scid
= pchan
->scid
;
1552 chan
->dcid
= chan
->scid
;
1553 chan
->imtu
= pchan
->imtu
;
1554 chan
->omtu
= pchan
->omtu
;
1555 chan
->mode
= pchan
->mode
;
1557 BT_DBG("created chan %p", chan
);
1562 static const struct l2cap_ops smp_root_chan_ops
= {
1563 .name
= "Security Manager Root",
1564 .new_connection
= smp_new_conn_cb
,
1566 /* None of these are implemented for the root channel */
1567 .close
= l2cap_chan_no_close
,
1568 .alloc_skb
= l2cap_chan_no_alloc_skb
,
1569 .recv
= l2cap_chan_no_recv
,
1570 .state_change
= l2cap_chan_no_state_change
,
1571 .teardown
= l2cap_chan_no_teardown
,
1572 .ready
= l2cap_chan_no_ready
,
1573 .defer
= l2cap_chan_no_defer
,
1574 .suspend
= l2cap_chan_no_suspend
,
1575 .resume
= l2cap_chan_no_resume
,
1576 .set_shutdown
= l2cap_chan_no_set_shutdown
,
1577 .get_sndtimeo
= l2cap_chan_no_get_sndtimeo
,
1578 .memcpy_fromiovec
= l2cap_chan_no_memcpy_fromiovec
,
1581 int smp_register(struct hci_dev
*hdev
)
1583 struct l2cap_chan
*chan
;
1584 struct crypto_blkcipher
*tfm_aes
;
1586 BT_DBG("%s", hdev
->name
);
1588 tfm_aes
= crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC
);
1589 if (IS_ERR(tfm_aes
)) {
1590 int err
= PTR_ERR(tfm_aes
);
1591 BT_ERR("Unable to create crypto context");
1595 chan
= l2cap_chan_create();
1597 crypto_free_blkcipher(tfm_aes
);
1601 chan
->data
= tfm_aes
;
1603 l2cap_add_scid(chan
, L2CAP_CID_SMP
);
1605 l2cap_chan_set_defaults(chan
);
1607 bacpy(&chan
->src
, &hdev
->bdaddr
);
1608 chan
->src_type
= BDADDR_LE_PUBLIC
;
1609 chan
->state
= BT_LISTEN
;
1610 chan
->mode
= L2CAP_MODE_BASIC
;
1611 chan
->imtu
= L2CAP_DEFAULT_MTU
;
1612 chan
->ops
= &smp_root_chan_ops
;
1614 hdev
->smp_data
= chan
;
1619 void smp_unregister(struct hci_dev
*hdev
)
1621 struct l2cap_chan
*chan
= hdev
->smp_data
;
1622 struct crypto_blkcipher
*tfm_aes
;
1627 BT_DBG("%s chan %p", hdev
->name
, chan
);
1629 tfm_aes
= chan
->data
;
1632 crypto_free_blkcipher(tfm_aes
);
1635 hdev
->smp_data
= NULL
;
1636 l2cap_chan_put(chan
);