2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
34 #define SMP_TIMEOUT msecs_to_jiffies(30000)
36 #define AUTH_REQ_MASK 0x07
47 struct l2cap_conn
*conn
;
48 struct delayed_work security_timer
;
50 u8 preq
[7]; /* SMP Pairing Request */
51 u8 prsp
[7]; /* SMP Pairing Response */
52 u8 prnd
[16]; /* SMP Pairing Random (local) */
53 u8 rrnd
[16]; /* SMP Pairing Random (remote) */
54 u8 pcnf
[16]; /* SMP Pairing Confirm */
55 u8 tk
[16]; /* SMP Temporary Key */
61 struct smp_csrk
*csrk
;
62 struct smp_csrk
*slave_csrk
;
64 struct smp_ltk
*slave_ltk
;
65 struct smp_irk
*remote_irk
;
68 struct crypto_blkcipher
*tfm_aes
;
71 static inline void swap_buf(const u8
*src
, u8
*dst
, size_t len
)
75 for (i
= 0; i
< len
; i
++)
76 dst
[len
- 1 - i
] = src
[i
];
79 static int smp_e(struct crypto_blkcipher
*tfm
, const u8
*k
, u8
*r
)
81 struct blkcipher_desc desc
;
82 struct scatterlist sg
;
83 uint8_t tmp
[16], data
[16];
87 BT_ERR("tfm %p", tfm
);
94 /* The most significant octet of key corresponds to k[0] */
97 err
= crypto_blkcipher_setkey(tfm
, tmp
, 16);
99 BT_ERR("cipher setkey failed: %d", err
);
103 /* Most significant octet of plaintextData corresponds to data[0] */
104 swap_buf(r
, data
, 16);
106 sg_init_one(&sg
, data
, 16);
108 err
= crypto_blkcipher_encrypt(&desc
, &sg
, &sg
, 16);
110 BT_ERR("Encrypt data error %d", err
);
112 /* Most significant octet of encryptedData corresponds to data[0] */
113 swap_buf(data
, r
, 16);
118 static int smp_ah(struct crypto_blkcipher
*tfm
, u8 irk
[16], u8 r
[3], u8 res
[3])
123 /* r' = padding || r */
125 memset(_res
+ 3, 0, 13);
127 err
= smp_e(tfm
, irk
, _res
);
129 BT_ERR("Encrypt error");
133 /* The output of the random address function ah is:
134 * ah(h, r) = e(k, r') mod 2^24
135 * The output of the security function e is then truncated to 24 bits
136 * by taking the least significant 24 bits of the output of e as the
139 memcpy(res
, _res
, 3);
144 bool smp_irk_matches(struct hci_dev
*hdev
, u8 irk
[16], bdaddr_t
*bdaddr
)
146 struct l2cap_chan
*chan
= hdev
->smp_data
;
147 struct crypto_blkcipher
*tfm
;
151 if (!chan
|| !chan
->data
)
156 BT_DBG("RPA %pMR IRK %*phN", bdaddr
, 16, irk
);
158 err
= smp_ah(tfm
, irk
, &bdaddr
->b
[3], hash
);
162 return !memcmp(bdaddr
->b
, hash
, 3);
165 int smp_generate_rpa(struct hci_dev
*hdev
, u8 irk
[16], bdaddr_t
*rpa
)
167 struct l2cap_chan
*chan
= hdev
->smp_data
;
168 struct crypto_blkcipher
*tfm
;
171 if (!chan
|| !chan
->data
)
176 get_random_bytes(&rpa
->b
[3], 3);
178 rpa
->b
[5] &= 0x3f; /* Clear two most significant bits */
179 rpa
->b
[5] |= 0x40; /* Set second most significant bit */
181 err
= smp_ah(tfm
, irk
, &rpa
->b
[3], rpa
->b
);
185 BT_DBG("RPA %pMR", rpa
);
190 static int smp_c1(struct smp_chan
*smp
, u8 k
[16], u8 r
[16], u8 preq
[7],
191 u8 pres
[7], u8 _iat
, bdaddr_t
*ia
, u8 _rat
, bdaddr_t
*ra
,
194 struct hci_dev
*hdev
= smp
->conn
->hcon
->hdev
;
198 BT_DBG("%s", hdev
->name
);
202 /* p1 = pres || preq || _rat || _iat */
205 memcpy(p1
+ 2, preq
, 7);
206 memcpy(p1
+ 9, pres
, 7);
208 /* p2 = padding || ia || ra */
210 memcpy(p2
+ 6, ia
, 6);
211 memset(p2
+ 12, 0, 4);
214 u128_xor((u128
*) res
, (u128
*) r
, (u128
*) p1
);
216 /* res = e(k, res) */
217 err
= smp_e(smp
->tfm_aes
, k
, res
);
219 BT_ERR("Encrypt data error");
223 /* res = res XOR p2 */
224 u128_xor((u128
*) res
, (u128
*) res
, (u128
*) p2
);
226 /* res = e(k, res) */
227 err
= smp_e(smp
->tfm_aes
, k
, res
);
229 BT_ERR("Encrypt data error");
234 static int smp_s1(struct smp_chan
*smp
, u8 k
[16], u8 r1
[16], u8 r2
[16],
237 struct hci_dev
*hdev
= smp
->conn
->hcon
->hdev
;
240 BT_DBG("%s", hdev
->name
);
242 /* Just least significant octets from r1 and r2 are considered */
244 memcpy(_r
+ 8, r1
, 8);
246 err
= smp_e(smp
->tfm_aes
, k
, _r
);
248 BT_ERR("Encrypt data error");
253 static void smp_send_cmd(struct l2cap_conn
*conn
, u8 code
, u16 len
, void *data
)
255 struct l2cap_chan
*chan
= conn
->smp
;
256 struct smp_chan
*smp
;
263 BT_DBG("code 0x%2.2x", code
);
265 iv
[0].iov_base
= &code
;
268 iv
[1].iov_base
= data
;
271 memset(&msg
, 0, sizeof(msg
));
273 msg
.msg_iov
= (struct iovec
*) &iv
;
276 l2cap_chan_send(chan
, &msg
, 1 + len
);
283 cancel_delayed_work_sync(&smp
->security_timer
);
284 if (test_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
))
285 schedule_delayed_work(&smp
->security_timer
, SMP_TIMEOUT
);
288 static __u8
authreq_to_seclevel(__u8 authreq
)
290 if (authreq
& SMP_AUTH_MITM
)
291 return BT_SECURITY_HIGH
;
293 return BT_SECURITY_MEDIUM
;
296 static __u8
seclevel_to_authreq(__u8 sec_level
)
299 case BT_SECURITY_HIGH
:
300 return SMP_AUTH_MITM
| SMP_AUTH_BONDING
;
301 case BT_SECURITY_MEDIUM
:
302 return SMP_AUTH_BONDING
;
304 return SMP_AUTH_NONE
;
308 static void build_pairing_cmd(struct l2cap_conn
*conn
,
309 struct smp_cmd_pairing
*req
,
310 struct smp_cmd_pairing
*rsp
, __u8 authreq
)
312 struct l2cap_chan
*chan
= conn
->smp
;
313 struct smp_chan
*smp
= chan
->data
;
314 struct hci_conn
*hcon
= conn
->hcon
;
315 struct hci_dev
*hdev
= hcon
->hdev
;
316 u8 local_dist
= 0, remote_dist
= 0;
318 if (test_bit(HCI_BONDABLE
, &conn
->hcon
->hdev
->dev_flags
)) {
319 local_dist
= SMP_DIST_ENC_KEY
| SMP_DIST_SIGN
;
320 remote_dist
= SMP_DIST_ENC_KEY
| SMP_DIST_SIGN
;
321 authreq
|= SMP_AUTH_BONDING
;
323 authreq
&= ~SMP_AUTH_BONDING
;
326 if (test_bit(HCI_RPA_RESOLVING
, &hdev
->dev_flags
))
327 remote_dist
|= SMP_DIST_ID_KEY
;
329 if (test_bit(HCI_PRIVACY
, &hdev
->dev_flags
))
330 local_dist
|= SMP_DIST_ID_KEY
;
333 req
->io_capability
= conn
->hcon
->io_capability
;
334 req
->oob_flag
= SMP_OOB_NOT_PRESENT
;
335 req
->max_key_size
= SMP_MAX_ENC_KEY_SIZE
;
336 req
->init_key_dist
= local_dist
;
337 req
->resp_key_dist
= remote_dist
;
338 req
->auth_req
= (authreq
& AUTH_REQ_MASK
);
340 smp
->remote_key_dist
= remote_dist
;
344 rsp
->io_capability
= conn
->hcon
->io_capability
;
345 rsp
->oob_flag
= SMP_OOB_NOT_PRESENT
;
346 rsp
->max_key_size
= SMP_MAX_ENC_KEY_SIZE
;
347 rsp
->init_key_dist
= req
->init_key_dist
& remote_dist
;
348 rsp
->resp_key_dist
= req
->resp_key_dist
& local_dist
;
349 rsp
->auth_req
= (authreq
& AUTH_REQ_MASK
);
351 smp
->remote_key_dist
= rsp
->init_key_dist
;
354 static u8
check_enc_key_size(struct l2cap_conn
*conn
, __u8 max_key_size
)
356 struct l2cap_chan
*chan
= conn
->smp
;
357 struct smp_chan
*smp
= chan
->data
;
359 if ((max_key_size
> SMP_MAX_ENC_KEY_SIZE
) ||
360 (max_key_size
< SMP_MIN_ENC_KEY_SIZE
))
361 return SMP_ENC_KEY_SIZE
;
363 smp
->enc_key_size
= max_key_size
;
368 static void smp_failure(struct l2cap_conn
*conn
, u8 reason
)
370 struct hci_conn
*hcon
= conn
->hcon
;
371 struct l2cap_chan
*chan
= conn
->smp
;
372 struct smp_chan
*smp
;
375 smp_send_cmd(conn
, SMP_CMD_PAIRING_FAIL
, sizeof(reason
),
378 clear_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
);
379 mgmt_auth_failed(hcon
->hdev
, &hcon
->dst
, hcon
->type
, hcon
->dst_type
,
380 HCI_ERROR_AUTH_FAILURE
);
387 cancel_delayed_work_sync(&smp
->security_timer
);
389 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
390 smp_chan_destroy(conn
);
393 #define JUST_WORKS 0x00
394 #define JUST_CFM 0x01
395 #define REQ_PASSKEY 0x02
396 #define CFM_PASSKEY 0x03
400 static const u8 gen_method
[5][5] = {
401 { JUST_WORKS
, JUST_CFM
, REQ_PASSKEY
, JUST_WORKS
, REQ_PASSKEY
},
402 { JUST_WORKS
, JUST_CFM
, REQ_PASSKEY
, JUST_WORKS
, REQ_PASSKEY
},
403 { CFM_PASSKEY
, CFM_PASSKEY
, REQ_PASSKEY
, JUST_WORKS
, CFM_PASSKEY
},
404 { JUST_WORKS
, JUST_CFM
, JUST_WORKS
, JUST_WORKS
, JUST_CFM
},
405 { CFM_PASSKEY
, CFM_PASSKEY
, REQ_PASSKEY
, JUST_WORKS
, OVERLAP
},
408 static u8
get_auth_method(struct smp_chan
*smp
, u8 local_io
, u8 remote_io
)
410 /* If either side has unknown io_caps, use JUST_CFM (which gets
411 * converted later to JUST_WORKS if we're initiators.
413 if (local_io
> SMP_IO_KEYBOARD_DISPLAY
||
414 remote_io
> SMP_IO_KEYBOARD_DISPLAY
)
417 return gen_method
[remote_io
][local_io
];
420 static int tk_request(struct l2cap_conn
*conn
, u8 remote_oob
, u8 auth
,
421 u8 local_io
, u8 remote_io
)
423 struct hci_conn
*hcon
= conn
->hcon
;
424 struct l2cap_chan
*chan
= conn
->smp
;
425 struct smp_chan
*smp
= chan
->data
;
430 /* Initialize key for JUST WORKS */
431 memset(smp
->tk
, 0, sizeof(smp
->tk
));
432 clear_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
434 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth
, local_io
, remote_io
);
436 /* If neither side wants MITM, either "just" confirm an incoming
437 * request or use just-works for outgoing ones. The JUST_CFM
438 * will be converted to JUST_WORKS if necessary later in this
439 * function. If either side has MITM look up the method from the
442 if (!(auth
& SMP_AUTH_MITM
))
445 method
= get_auth_method(smp
, local_io
, remote_io
);
447 /* Don't confirm locally initiated pairing attempts */
448 if (method
== JUST_CFM
&& test_bit(SMP_FLAG_INITIATOR
, &smp
->flags
))
451 /* Don't bother user space with no IO capabilities */
452 if (method
== JUST_CFM
&& hcon
->io_capability
== HCI_IO_NO_INPUT_OUTPUT
)
455 /* If Just Works, Continue with Zero TK */
456 if (method
== JUST_WORKS
) {
457 set_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
461 /* Not Just Works/Confirm results in MITM Authentication */
462 if (method
!= JUST_CFM
)
463 set_bit(SMP_FLAG_MITM_AUTH
, &smp
->flags
);
465 /* If both devices have Keyoard-Display I/O, the master
466 * Confirms and the slave Enters the passkey.
468 if (method
== OVERLAP
) {
469 if (hcon
->role
== HCI_ROLE_MASTER
)
470 method
= CFM_PASSKEY
;
472 method
= REQ_PASSKEY
;
475 /* Generate random passkey. */
476 if (method
== CFM_PASSKEY
) {
477 memset(smp
->tk
, 0, sizeof(smp
->tk
));
478 get_random_bytes(&passkey
, sizeof(passkey
));
480 put_unaligned_le32(passkey
, smp
->tk
);
481 BT_DBG("PassKey: %d", passkey
);
482 set_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
485 hci_dev_lock(hcon
->hdev
);
487 if (method
== REQ_PASSKEY
)
488 ret
= mgmt_user_passkey_request(hcon
->hdev
, &hcon
->dst
,
489 hcon
->type
, hcon
->dst_type
);
490 else if (method
== JUST_CFM
)
491 ret
= mgmt_user_confirm_request(hcon
->hdev
, &hcon
->dst
,
492 hcon
->type
, hcon
->dst_type
,
495 ret
= mgmt_user_passkey_notify(hcon
->hdev
, &hcon
->dst
,
496 hcon
->type
, hcon
->dst_type
,
499 hci_dev_unlock(hcon
->hdev
);
504 static u8
smp_confirm(struct smp_chan
*smp
)
506 struct l2cap_conn
*conn
= smp
->conn
;
507 struct smp_cmd_pairing_confirm cp
;
510 BT_DBG("conn %p", conn
);
512 ret
= smp_c1(smp
, smp
->tk
, smp
->prnd
, smp
->preq
, smp
->prsp
,
513 conn
->hcon
->init_addr_type
, &conn
->hcon
->init_addr
,
514 conn
->hcon
->resp_addr_type
, &conn
->hcon
->resp_addr
,
517 return SMP_UNSPECIFIED
;
519 clear_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
);
521 smp_send_cmd(smp
->conn
, SMP_CMD_PAIRING_CONFIRM
, sizeof(cp
), &cp
);
526 static u8
smp_random(struct smp_chan
*smp
)
528 struct l2cap_conn
*conn
= smp
->conn
;
529 struct hci_conn
*hcon
= conn
->hcon
;
533 if (IS_ERR_OR_NULL(smp
->tfm_aes
))
534 return SMP_UNSPECIFIED
;
536 BT_DBG("conn %p %s", conn
, conn
->hcon
->out
? "master" : "slave");
538 ret
= smp_c1(smp
, smp
->tk
, smp
->rrnd
, smp
->preq
, smp
->prsp
,
539 hcon
->init_addr_type
, &hcon
->init_addr
,
540 hcon
->resp_addr_type
, &hcon
->resp_addr
, confirm
);
542 return SMP_UNSPECIFIED
;
544 if (memcmp(smp
->pcnf
, confirm
, sizeof(smp
->pcnf
)) != 0) {
545 BT_ERR("Pairing failed (confirmation values mismatch)");
546 return SMP_CONFIRM_FAILED
;
554 smp_s1(smp
, smp
->tk
, smp
->rrnd
, smp
->prnd
, stk
);
556 memset(stk
+ smp
->enc_key_size
, 0,
557 SMP_MAX_ENC_KEY_SIZE
- smp
->enc_key_size
);
559 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
))
560 return SMP_UNSPECIFIED
;
562 hci_le_start_enc(hcon
, ediv
, rand
, stk
);
563 hcon
->enc_key_size
= smp
->enc_key_size
;
564 set_bit(HCI_CONN_STK_ENCRYPT
, &hcon
->flags
);
570 smp_send_cmd(conn
, SMP_CMD_PAIRING_RANDOM
, sizeof(smp
->prnd
),
573 smp_s1(smp
, smp
->tk
, smp
->prnd
, smp
->rrnd
, stk
);
575 memset(stk
+ smp
->enc_key_size
, 0,
576 SMP_MAX_ENC_KEY_SIZE
- smp
->enc_key_size
);
578 if (hcon
->pending_sec_level
== BT_SECURITY_HIGH
)
583 /* Even though there's no _SLAVE suffix this is the
584 * slave STK we're adding for later lookup (the master
585 * STK never needs to be stored).
587 hci_add_ltk(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
588 SMP_STK
, auth
, stk
, smp
->enc_key_size
, ediv
, rand
);
594 static void smp_notify_keys(struct l2cap_conn
*conn
)
596 struct l2cap_chan
*chan
= conn
->smp
;
597 struct smp_chan
*smp
= chan
->data
;
598 struct hci_conn
*hcon
= conn
->hcon
;
599 struct hci_dev
*hdev
= hcon
->hdev
;
600 struct smp_cmd_pairing
*req
= (void *) &smp
->preq
[1];
601 struct smp_cmd_pairing
*rsp
= (void *) &smp
->prsp
[1];
604 if (smp
->remote_irk
) {
605 mgmt_new_irk(hdev
, smp
->remote_irk
);
606 /* Now that user space can be considered to know the
607 * identity address track the connection based on it
610 bacpy(&hcon
->dst
, &smp
->remote_irk
->bdaddr
);
611 hcon
->dst_type
= smp
->remote_irk
->addr_type
;
612 l2cap_conn_update_id_addr(hcon
);
614 /* When receiving an indentity resolving key for
615 * a remote device that does not use a resolvable
616 * private address, just remove the key so that
617 * it is possible to use the controller white
620 * Userspace will have been told to not store
621 * this key at this point. So it is safe to
624 if (!bacmp(&smp
->remote_irk
->rpa
, BDADDR_ANY
)) {
625 list_del(&smp
->remote_irk
->list
);
626 kfree(smp
->remote_irk
);
627 smp
->remote_irk
= NULL
;
631 /* The LTKs and CSRKs should be persistent only if both sides
632 * had the bonding bit set in their authentication requests.
634 persistent
= !!((req
->auth_req
& rsp
->auth_req
) & SMP_AUTH_BONDING
);
637 smp
->csrk
->bdaddr_type
= hcon
->dst_type
;
638 bacpy(&smp
->csrk
->bdaddr
, &hcon
->dst
);
639 mgmt_new_csrk(hdev
, smp
->csrk
, persistent
);
642 if (smp
->slave_csrk
) {
643 smp
->slave_csrk
->bdaddr_type
= hcon
->dst_type
;
644 bacpy(&smp
->slave_csrk
->bdaddr
, &hcon
->dst
);
645 mgmt_new_csrk(hdev
, smp
->slave_csrk
, persistent
);
649 smp
->ltk
->bdaddr_type
= hcon
->dst_type
;
650 bacpy(&smp
->ltk
->bdaddr
, &hcon
->dst
);
651 mgmt_new_ltk(hdev
, smp
->ltk
, persistent
);
654 if (smp
->slave_ltk
) {
655 smp
->slave_ltk
->bdaddr_type
= hcon
->dst_type
;
656 bacpy(&smp
->slave_ltk
->bdaddr
, &hcon
->dst
);
657 mgmt_new_ltk(hdev
, smp
->slave_ltk
, persistent
);
661 static int smp_distribute_keys(struct l2cap_conn
*conn
)
663 struct smp_cmd_pairing
*req
, *rsp
;
664 struct l2cap_chan
*chan
= conn
->smp
;
665 struct smp_chan
*smp
= chan
->data
;
666 struct hci_conn
*hcon
= conn
->hcon
;
667 struct hci_dev
*hdev
= hcon
->hdev
;
670 BT_DBG("conn %p", conn
);
672 if (!test_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
675 rsp
= (void *) &smp
->prsp
[1];
677 /* The responder sends its keys first */
678 if (hcon
->out
&& (smp
->remote_key_dist
& 0x07))
681 req
= (void *) &smp
->preq
[1];
684 keydist
= &rsp
->init_key_dist
;
685 *keydist
&= req
->init_key_dist
;
687 keydist
= &rsp
->resp_key_dist
;
688 *keydist
&= req
->resp_key_dist
;
691 BT_DBG("keydist 0x%x", *keydist
);
693 if (*keydist
& SMP_DIST_ENC_KEY
) {
694 struct smp_cmd_encrypt_info enc
;
695 struct smp_cmd_master_ident ident
;
701 get_random_bytes(enc
.ltk
, sizeof(enc
.ltk
));
702 get_random_bytes(&ediv
, sizeof(ediv
));
703 get_random_bytes(&rand
, sizeof(rand
));
705 smp_send_cmd(conn
, SMP_CMD_ENCRYPT_INFO
, sizeof(enc
), &enc
);
707 authenticated
= hcon
->sec_level
== BT_SECURITY_HIGH
;
708 ltk
= hci_add_ltk(hdev
, &hcon
->dst
, hcon
->dst_type
,
709 SMP_LTK_SLAVE
, authenticated
, enc
.ltk
,
710 smp
->enc_key_size
, ediv
, rand
);
711 smp
->slave_ltk
= ltk
;
716 smp_send_cmd(conn
, SMP_CMD_MASTER_IDENT
, sizeof(ident
), &ident
);
718 *keydist
&= ~SMP_DIST_ENC_KEY
;
721 if (*keydist
& SMP_DIST_ID_KEY
) {
722 struct smp_cmd_ident_addr_info addrinfo
;
723 struct smp_cmd_ident_info idinfo
;
725 memcpy(idinfo
.irk
, hdev
->irk
, sizeof(idinfo
.irk
));
727 smp_send_cmd(conn
, SMP_CMD_IDENT_INFO
, sizeof(idinfo
), &idinfo
);
729 /* The hci_conn contains the local identity address
730 * after the connection has been established.
732 * This is true even when the connection has been
733 * established using a resolvable random address.
735 bacpy(&addrinfo
.bdaddr
, &hcon
->src
);
736 addrinfo
.addr_type
= hcon
->src_type
;
738 smp_send_cmd(conn
, SMP_CMD_IDENT_ADDR_INFO
, sizeof(addrinfo
),
741 *keydist
&= ~SMP_DIST_ID_KEY
;
744 if (*keydist
& SMP_DIST_SIGN
) {
745 struct smp_cmd_sign_info sign
;
746 struct smp_csrk
*csrk
;
748 /* Generate a new random key */
749 get_random_bytes(sign
.csrk
, sizeof(sign
.csrk
));
751 csrk
= kzalloc(sizeof(*csrk
), GFP_KERNEL
);
754 memcpy(csrk
->val
, sign
.csrk
, sizeof(csrk
->val
));
756 smp
->slave_csrk
= csrk
;
758 smp_send_cmd(conn
, SMP_CMD_SIGN_INFO
, sizeof(sign
), &sign
);
760 *keydist
&= ~SMP_DIST_SIGN
;
763 /* If there are still keys to be received wait for them */
764 if ((smp
->remote_key_dist
& 0x07))
767 clear_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
);
768 cancel_delayed_work_sync(&smp
->security_timer
);
769 set_bit(SMP_FLAG_COMPLETE
, &smp
->flags
);
770 smp_notify_keys(conn
);
772 smp_chan_destroy(conn
);
777 static void smp_timeout(struct work_struct
*work
)
779 struct smp_chan
*smp
= container_of(work
, struct smp_chan
,
780 security_timer
.work
);
781 struct l2cap_conn
*conn
= smp
->conn
;
783 BT_DBG("conn %p", conn
);
785 l2cap_conn_shutdown(conn
, ETIMEDOUT
);
788 static struct smp_chan
*smp_chan_create(struct l2cap_conn
*conn
)
790 struct l2cap_chan
*chan
= conn
->smp
;
791 struct smp_chan
*smp
;
793 smp
= kzalloc(sizeof(*smp
), GFP_ATOMIC
);
795 clear_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
);
799 smp
->tfm_aes
= crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC
);
800 if (IS_ERR(smp
->tfm_aes
)) {
801 BT_ERR("Unable to create ECB crypto context");
803 clear_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
);
810 INIT_DELAYED_WORK(&smp
->security_timer
, smp_timeout
);
812 hci_conn_hold(conn
->hcon
);
817 void smp_chan_destroy(struct l2cap_conn
*conn
)
819 struct l2cap_chan
*chan
= conn
->smp
;
820 struct smp_chan
*smp
= chan
->data
;
825 complete
= test_bit(SMP_FLAG_COMPLETE
, &smp
->flags
);
826 mgmt_smp_complete(conn
->hcon
, complete
);
829 kfree(smp
->slave_csrk
);
831 crypto_free_blkcipher(smp
->tfm_aes
);
833 /* If pairing failed clean up any keys we might have */
836 list_del(&smp
->ltk
->list
);
840 if (smp
->slave_ltk
) {
841 list_del(&smp
->slave_ltk
->list
);
842 kfree(smp
->slave_ltk
);
845 if (smp
->remote_irk
) {
846 list_del(&smp
->remote_irk
->list
);
847 kfree(smp
->remote_irk
);
853 hci_conn_drop(conn
->hcon
);
856 int smp_user_confirm_reply(struct hci_conn
*hcon
, u16 mgmt_op
, __le32 passkey
)
858 struct l2cap_conn
*conn
= hcon
->l2cap_data
;
859 struct l2cap_chan
*chan
;
860 struct smp_chan
*smp
;
865 if (!conn
|| !test_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
875 case MGMT_OP_USER_PASSKEY_REPLY
:
876 value
= le32_to_cpu(passkey
);
877 memset(smp
->tk
, 0, sizeof(smp
->tk
));
878 BT_DBG("PassKey: %d", value
);
879 put_unaligned_le32(value
, smp
->tk
);
881 case MGMT_OP_USER_CONFIRM_REPLY
:
882 set_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
884 case MGMT_OP_USER_PASSKEY_NEG_REPLY
:
885 case MGMT_OP_USER_CONFIRM_NEG_REPLY
:
886 smp_failure(conn
, SMP_PASSKEY_ENTRY_FAILED
);
889 smp_failure(conn
, SMP_PASSKEY_ENTRY_FAILED
);
893 /* If it is our turn to send Pairing Confirm, do so now */
894 if (test_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
)) {
895 u8 rsp
= smp_confirm(smp
);
897 smp_failure(conn
, rsp
);
903 static u8
smp_cmd_pairing_req(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
905 struct smp_cmd_pairing rsp
, *req
= (void *) skb
->data
;
906 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
907 struct smp_chan
*smp
;
908 u8 key_size
, auth
, sec_level
;
911 BT_DBG("conn %p", conn
);
913 if (skb
->len
< sizeof(*req
))
914 return SMP_INVALID_PARAMS
;
916 if (conn
->hcon
->role
!= HCI_ROLE_SLAVE
)
917 return SMP_CMD_NOTSUPP
;
919 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
)) {
920 smp
= smp_chan_create(conn
);
922 struct l2cap_chan
*chan
= conn
->smp
;
927 return SMP_UNSPECIFIED
;
929 if (!test_bit(HCI_BONDABLE
, &hdev
->dev_flags
) &&
930 (req
->auth_req
& SMP_AUTH_BONDING
))
931 return SMP_PAIRING_NOTSUPP
;
933 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
934 memcpy(&smp
->preq
[1], req
, sizeof(*req
));
935 skb_pull(skb
, sizeof(*req
));
937 /* We didn't start the pairing, so match remote */
938 auth
= req
->auth_req
;
940 sec_level
= authreq_to_seclevel(auth
);
941 if (sec_level
> conn
->hcon
->pending_sec_level
)
942 conn
->hcon
->pending_sec_level
= sec_level
;
944 /* If we need MITM check that it can be acheived */
945 if (conn
->hcon
->pending_sec_level
>= BT_SECURITY_HIGH
) {
948 method
= get_auth_method(smp
, conn
->hcon
->io_capability
,
950 if (method
== JUST_WORKS
|| method
== JUST_CFM
)
951 return SMP_AUTH_REQUIREMENTS
;
954 build_pairing_cmd(conn
, req
, &rsp
, auth
);
956 key_size
= min(req
->max_key_size
, rsp
.max_key_size
);
957 if (check_enc_key_size(conn
, key_size
))
958 return SMP_ENC_KEY_SIZE
;
960 get_random_bytes(smp
->prnd
, sizeof(smp
->prnd
));
962 smp
->prsp
[0] = SMP_CMD_PAIRING_RSP
;
963 memcpy(&smp
->prsp
[1], &rsp
, sizeof(rsp
));
965 smp_send_cmd(conn
, SMP_CMD_PAIRING_RSP
, sizeof(rsp
), &rsp
);
967 /* Request setup of TK */
968 ret
= tk_request(conn
, 0, auth
, rsp
.io_capability
, req
->io_capability
);
970 return SMP_UNSPECIFIED
;
975 static u8
smp_cmd_pairing_rsp(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
977 struct smp_cmd_pairing
*req
, *rsp
= (void *) skb
->data
;
978 struct l2cap_chan
*chan
= conn
->smp
;
979 struct smp_chan
*smp
= chan
->data
;
980 u8 key_size
, auth
= SMP_AUTH_NONE
;
983 BT_DBG("conn %p", conn
);
985 if (skb
->len
< sizeof(*rsp
))
986 return SMP_INVALID_PARAMS
;
988 if (conn
->hcon
->role
!= HCI_ROLE_MASTER
)
989 return SMP_CMD_NOTSUPP
;
991 skb_pull(skb
, sizeof(*rsp
));
993 req
= (void *) &smp
->preq
[1];
995 key_size
= min(req
->max_key_size
, rsp
->max_key_size
);
996 if (check_enc_key_size(conn
, key_size
))
997 return SMP_ENC_KEY_SIZE
;
999 /* If we need MITM check that it can be acheived */
1000 if (conn
->hcon
->pending_sec_level
>= BT_SECURITY_HIGH
) {
1003 method
= get_auth_method(smp
, req
->io_capability
,
1004 rsp
->io_capability
);
1005 if (method
== JUST_WORKS
|| method
== JUST_CFM
)
1006 return SMP_AUTH_REQUIREMENTS
;
1009 get_random_bytes(smp
->prnd
, sizeof(smp
->prnd
));
1011 smp
->prsp
[0] = SMP_CMD_PAIRING_RSP
;
1012 memcpy(&smp
->prsp
[1], rsp
, sizeof(*rsp
));
1014 /* Update remote key distribution in case the remote cleared
1015 * some bits that we had enabled in our request.
1017 smp
->remote_key_dist
&= rsp
->resp_key_dist
;
1019 if ((req
->auth_req
& SMP_AUTH_BONDING
) &&
1020 (rsp
->auth_req
& SMP_AUTH_BONDING
))
1021 auth
= SMP_AUTH_BONDING
;
1023 auth
|= (req
->auth_req
| rsp
->auth_req
) & SMP_AUTH_MITM
;
1025 ret
= tk_request(conn
, 0, auth
, req
->io_capability
, rsp
->io_capability
);
1027 return SMP_UNSPECIFIED
;
1029 set_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
);
1031 /* Can't compose response until we have been confirmed */
1032 if (test_bit(SMP_FLAG_TK_VALID
, &smp
->flags
))
1033 return smp_confirm(smp
);
1038 static u8
smp_cmd_pairing_confirm(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1040 struct l2cap_chan
*chan
= conn
->smp
;
1041 struct smp_chan
*smp
= chan
->data
;
1043 BT_DBG("conn %p %s", conn
, conn
->hcon
->out
? "master" : "slave");
1045 if (skb
->len
< sizeof(smp
->pcnf
))
1046 return SMP_INVALID_PARAMS
;
1048 memcpy(smp
->pcnf
, skb
->data
, sizeof(smp
->pcnf
));
1049 skb_pull(skb
, sizeof(smp
->pcnf
));
1051 if (conn
->hcon
->out
)
1052 smp_send_cmd(conn
, SMP_CMD_PAIRING_RANDOM
, sizeof(smp
->prnd
),
1054 else if (test_bit(SMP_FLAG_TK_VALID
, &smp
->flags
))
1055 return smp_confirm(smp
);
1057 set_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
);
1062 static u8
smp_cmd_pairing_random(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1064 struct l2cap_chan
*chan
= conn
->smp
;
1065 struct smp_chan
*smp
= chan
->data
;
1067 BT_DBG("conn %p", conn
);
1069 if (skb
->len
< sizeof(smp
->rrnd
))
1070 return SMP_INVALID_PARAMS
;
1072 memcpy(smp
->rrnd
, skb
->data
, sizeof(smp
->rrnd
));
1073 skb_pull(skb
, sizeof(smp
->rrnd
));
1075 return smp_random(smp
);
1078 static bool smp_ltk_encrypt(struct l2cap_conn
*conn
, u8 sec_level
)
1080 struct smp_ltk
*key
;
1081 struct hci_conn
*hcon
= conn
->hcon
;
1083 key
= hci_find_ltk_by_addr(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
1088 if (sec_level
> BT_SECURITY_MEDIUM
&& !key
->authenticated
)
1091 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
))
1094 hci_le_start_enc(hcon
, key
->ediv
, key
->rand
, key
->val
);
1095 hcon
->enc_key_size
= key
->enc_size
;
1097 /* We never store STKs for master role, so clear this flag */
1098 clear_bit(HCI_CONN_STK_ENCRYPT
, &hcon
->flags
);
1103 bool smp_sufficient_security(struct hci_conn
*hcon
, u8 sec_level
)
1105 if (sec_level
== BT_SECURITY_LOW
)
1108 /* If we're encrypted with an STK always claim insufficient
1109 * security. This way we allow the connection to be re-encrypted
1110 * with an LTK, even if the LTK provides the same level of
1111 * security. Only exception is if we don't have an LTK (e.g.
1112 * because of key distribution bits).
1114 if (test_bit(HCI_CONN_STK_ENCRYPT
, &hcon
->flags
) &&
1115 hci_find_ltk_by_addr(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
1119 if (hcon
->sec_level
>= sec_level
)
1125 static u8
smp_cmd_security_req(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1127 struct smp_cmd_security_req
*rp
= (void *) skb
->data
;
1128 struct smp_cmd_pairing cp
;
1129 struct hci_conn
*hcon
= conn
->hcon
;
1130 struct smp_chan
*smp
;
1133 BT_DBG("conn %p", conn
);
1135 if (skb
->len
< sizeof(*rp
))
1136 return SMP_INVALID_PARAMS
;
1138 if (hcon
->role
!= HCI_ROLE_MASTER
)
1139 return SMP_CMD_NOTSUPP
;
1141 sec_level
= authreq_to_seclevel(rp
->auth_req
);
1142 if (smp_sufficient_security(hcon
, sec_level
))
1145 if (sec_level
> hcon
->pending_sec_level
)
1146 hcon
->pending_sec_level
= sec_level
;
1148 if (smp_ltk_encrypt(conn
, hcon
->pending_sec_level
))
1151 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
1154 smp
= smp_chan_create(conn
);
1156 return SMP_UNSPECIFIED
;
1158 if (!test_bit(HCI_BONDABLE
, &hcon
->hdev
->dev_flags
) &&
1159 (rp
->auth_req
& SMP_AUTH_BONDING
))
1160 return SMP_PAIRING_NOTSUPP
;
1162 skb_pull(skb
, sizeof(*rp
));
1164 memset(&cp
, 0, sizeof(cp
));
1165 build_pairing_cmd(conn
, &cp
, NULL
, rp
->auth_req
);
1167 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
1168 memcpy(&smp
->preq
[1], &cp
, sizeof(cp
));
1170 smp_send_cmd(conn
, SMP_CMD_PAIRING_REQ
, sizeof(cp
), &cp
);
1175 int smp_conn_security(struct hci_conn
*hcon
, __u8 sec_level
)
1177 struct l2cap_conn
*conn
= hcon
->l2cap_data
;
1178 struct smp_chan
*smp
;
1181 BT_DBG("conn %p hcon %p level 0x%2.2x", conn
, hcon
, sec_level
);
1183 /* This may be NULL if there's an unexpected disconnection */
1187 if (!test_bit(HCI_LE_ENABLED
, &hcon
->hdev
->dev_flags
))
1190 if (smp_sufficient_security(hcon
, sec_level
))
1193 if (sec_level
> hcon
->pending_sec_level
)
1194 hcon
->pending_sec_level
= sec_level
;
1196 if (hcon
->role
== HCI_ROLE_MASTER
)
1197 if (smp_ltk_encrypt(conn
, hcon
->pending_sec_level
))
1200 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
1203 smp
= smp_chan_create(conn
);
1207 authreq
= seclevel_to_authreq(sec_level
);
1209 /* Require MITM if IO Capability allows or the security level
1212 if (hcon
->io_capability
!= HCI_IO_NO_INPUT_OUTPUT
||
1213 hcon
->pending_sec_level
> BT_SECURITY_MEDIUM
)
1214 authreq
|= SMP_AUTH_MITM
;
1216 if (hcon
->role
== HCI_ROLE_MASTER
) {
1217 struct smp_cmd_pairing cp
;
1219 build_pairing_cmd(conn
, &cp
, NULL
, authreq
);
1220 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
1221 memcpy(&smp
->preq
[1], &cp
, sizeof(cp
));
1223 smp_send_cmd(conn
, SMP_CMD_PAIRING_REQ
, sizeof(cp
), &cp
);
1225 struct smp_cmd_security_req cp
;
1226 cp
.auth_req
= authreq
;
1227 smp_send_cmd(conn
, SMP_CMD_SECURITY_REQ
, sizeof(cp
), &cp
);
1230 set_bit(SMP_FLAG_INITIATOR
, &smp
->flags
);
1235 static int smp_cmd_encrypt_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1237 struct smp_cmd_encrypt_info
*rp
= (void *) skb
->data
;
1238 struct l2cap_chan
*chan
= conn
->smp
;
1239 struct smp_chan
*smp
= chan
->data
;
1241 BT_DBG("conn %p", conn
);
1243 if (skb
->len
< sizeof(*rp
))
1244 return SMP_INVALID_PARAMS
;
1246 /* Ignore this PDU if it wasn't requested */
1247 if (!(smp
->remote_key_dist
& SMP_DIST_ENC_KEY
))
1250 skb_pull(skb
, sizeof(*rp
));
1252 memcpy(smp
->tk
, rp
->ltk
, sizeof(smp
->tk
));
1257 static int smp_cmd_master_ident(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1259 struct smp_cmd_master_ident
*rp
= (void *) skb
->data
;
1260 struct l2cap_chan
*chan
= conn
->smp
;
1261 struct smp_chan
*smp
= chan
->data
;
1262 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
1263 struct hci_conn
*hcon
= conn
->hcon
;
1264 struct smp_ltk
*ltk
;
1267 BT_DBG("conn %p", conn
);
1269 if (skb
->len
< sizeof(*rp
))
1270 return SMP_INVALID_PARAMS
;
1272 /* Ignore this PDU if it wasn't requested */
1273 if (!(smp
->remote_key_dist
& SMP_DIST_ENC_KEY
))
1276 /* Mark the information as received */
1277 smp
->remote_key_dist
&= ~SMP_DIST_ENC_KEY
;
1279 skb_pull(skb
, sizeof(*rp
));
1282 authenticated
= (hcon
->sec_level
== BT_SECURITY_HIGH
);
1283 ltk
= hci_add_ltk(hdev
, &hcon
->dst
, hcon
->dst_type
, SMP_LTK
,
1284 authenticated
, smp
->tk
, smp
->enc_key_size
,
1285 rp
->ediv
, rp
->rand
);
1287 if (!(smp
->remote_key_dist
& SMP_DIST_ID_KEY
))
1288 smp_distribute_keys(conn
);
1289 hci_dev_unlock(hdev
);
1294 static int smp_cmd_ident_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1296 struct smp_cmd_ident_info
*info
= (void *) skb
->data
;
1297 struct l2cap_chan
*chan
= conn
->smp
;
1298 struct smp_chan
*smp
= chan
->data
;
1302 if (skb
->len
< sizeof(*info
))
1303 return SMP_INVALID_PARAMS
;
1305 /* Ignore this PDU if it wasn't requested */
1306 if (!(smp
->remote_key_dist
& SMP_DIST_ID_KEY
))
1309 skb_pull(skb
, sizeof(*info
));
1311 memcpy(smp
->irk
, info
->irk
, 16);
1316 static int smp_cmd_ident_addr_info(struct l2cap_conn
*conn
,
1317 struct sk_buff
*skb
)
1319 struct smp_cmd_ident_addr_info
*info
= (void *) skb
->data
;
1320 struct l2cap_chan
*chan
= conn
->smp
;
1321 struct smp_chan
*smp
= chan
->data
;
1322 struct hci_conn
*hcon
= conn
->hcon
;
1327 if (skb
->len
< sizeof(*info
))
1328 return SMP_INVALID_PARAMS
;
1330 /* Ignore this PDU if it wasn't requested */
1331 if (!(smp
->remote_key_dist
& SMP_DIST_ID_KEY
))
1334 /* Mark the information as received */
1335 smp
->remote_key_dist
&= ~SMP_DIST_ID_KEY
;
1337 skb_pull(skb
, sizeof(*info
));
1339 hci_dev_lock(hcon
->hdev
);
1341 /* Strictly speaking the Core Specification (4.1) allows sending
1342 * an empty address which would force us to rely on just the IRK
1343 * as "identity information". However, since such
1344 * implementations are not known of and in order to not over
1345 * complicate our implementation, simply pretend that we never
1346 * received an IRK for such a device.
1348 if (!bacmp(&info
->bdaddr
, BDADDR_ANY
)) {
1349 BT_ERR("Ignoring IRK with no identity address");
1353 bacpy(&smp
->id_addr
, &info
->bdaddr
);
1354 smp
->id_addr_type
= info
->addr_type
;
1356 if (hci_bdaddr_is_rpa(&hcon
->dst
, hcon
->dst_type
))
1357 bacpy(&rpa
, &hcon
->dst
);
1359 bacpy(&rpa
, BDADDR_ANY
);
1361 smp
->remote_irk
= hci_add_irk(conn
->hcon
->hdev
, &smp
->id_addr
,
1362 smp
->id_addr_type
, smp
->irk
, &rpa
);
1365 smp_distribute_keys(conn
);
1367 hci_dev_unlock(hcon
->hdev
);
1372 static int smp_cmd_sign_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1374 struct smp_cmd_sign_info
*rp
= (void *) skb
->data
;
1375 struct l2cap_chan
*chan
= conn
->smp
;
1376 struct smp_chan
*smp
= chan
->data
;
1377 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
1378 struct smp_csrk
*csrk
;
1380 BT_DBG("conn %p", conn
);
1382 if (skb
->len
< sizeof(*rp
))
1383 return SMP_INVALID_PARAMS
;
1385 /* Ignore this PDU if it wasn't requested */
1386 if (!(smp
->remote_key_dist
& SMP_DIST_SIGN
))
1389 /* Mark the information as received */
1390 smp
->remote_key_dist
&= ~SMP_DIST_SIGN
;
1392 skb_pull(skb
, sizeof(*rp
));
1395 csrk
= kzalloc(sizeof(*csrk
), GFP_KERNEL
);
1397 csrk
->master
= 0x01;
1398 memcpy(csrk
->val
, rp
->csrk
, sizeof(csrk
->val
));
1401 smp_distribute_keys(conn
);
1402 hci_dev_unlock(hdev
);
1407 static int smp_sig_channel(struct l2cap_chan
*chan
, struct sk_buff
*skb
)
1409 struct l2cap_conn
*conn
= chan
->conn
;
1410 struct hci_conn
*hcon
= conn
->hcon
;
1414 if (hcon
->type
!= LE_LINK
) {
1422 if (!test_bit(HCI_LE_ENABLED
, &hcon
->hdev
->dev_flags
)) {
1424 reason
= SMP_PAIRING_NOTSUPP
;
1428 code
= skb
->data
[0];
1429 skb_pull(skb
, sizeof(code
));
1432 * The SMP context must be initialized for all other PDUs except
1433 * pairing and security requests. If we get any other PDU when
1434 * not initialized simply disconnect (done if this function
1435 * returns an error).
1437 if (code
!= SMP_CMD_PAIRING_REQ
&& code
!= SMP_CMD_SECURITY_REQ
&&
1438 !test_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
)) {
1439 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code
);
1440 reason
= SMP_CMD_NOTSUPP
;
1446 case SMP_CMD_PAIRING_REQ
:
1447 reason
= smp_cmd_pairing_req(conn
, skb
);
1450 case SMP_CMD_PAIRING_FAIL
:
1451 smp_failure(conn
, 0);
1456 case SMP_CMD_PAIRING_RSP
:
1457 reason
= smp_cmd_pairing_rsp(conn
, skb
);
1460 case SMP_CMD_SECURITY_REQ
:
1461 reason
= smp_cmd_security_req(conn
, skb
);
1464 case SMP_CMD_PAIRING_CONFIRM
:
1465 reason
= smp_cmd_pairing_confirm(conn
, skb
);
1468 case SMP_CMD_PAIRING_RANDOM
:
1469 reason
= smp_cmd_pairing_random(conn
, skb
);
1472 case SMP_CMD_ENCRYPT_INFO
:
1473 reason
= smp_cmd_encrypt_info(conn
, skb
);
1476 case SMP_CMD_MASTER_IDENT
:
1477 reason
= smp_cmd_master_ident(conn
, skb
);
1480 case SMP_CMD_IDENT_INFO
:
1481 reason
= smp_cmd_ident_info(conn
, skb
);
1484 case SMP_CMD_IDENT_ADDR_INFO
:
1485 reason
= smp_cmd_ident_addr_info(conn
, skb
);
1488 case SMP_CMD_SIGN_INFO
:
1489 reason
= smp_cmd_sign_info(conn
, skb
);
1493 BT_DBG("Unknown command code 0x%2.2x", code
);
1495 reason
= SMP_CMD_NOTSUPP
;
1502 smp_failure(conn
, reason
);
1508 static void smp_teardown_cb(struct l2cap_chan
*chan
, int err
)
1510 struct l2cap_conn
*conn
= chan
->conn
;
1511 struct smp_chan
*smp
= chan
->data
;
1513 BT_DBG("chan %p", chan
);
1515 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
)) {
1516 cancel_delayed_work_sync(&smp
->security_timer
);
1517 smp_chan_destroy(conn
);
1521 l2cap_chan_put(chan
);
1524 static void smp_resume_cb(struct l2cap_chan
*chan
)
1526 struct smp_chan
*smp
= chan
->data
;
1527 struct l2cap_conn
*conn
= chan
->conn
;
1528 struct hci_conn
*hcon
= conn
->hcon
;
1530 BT_DBG("chan %p", chan
);
1532 if (test_bit(HCI_CONN_ENCRYPT
, &hcon
->flags
))
1533 smp_distribute_keys(conn
);
1536 cancel_delayed_work(&smp
->security_timer
);
1539 static void smp_ready_cb(struct l2cap_chan
*chan
)
1541 struct l2cap_conn
*conn
= chan
->conn
;
1543 BT_DBG("chan %p", chan
);
1546 l2cap_chan_hold(chan
);
1549 static int smp_recv_cb(struct l2cap_chan
*chan
, struct sk_buff
*skb
)
1553 BT_DBG("chan %p", chan
);
1555 err
= smp_sig_channel(chan
, skb
);
1557 struct smp_chan
*smp
= chan
->data
;
1560 cancel_delayed_work_sync(&smp
->security_timer
);
1562 l2cap_conn_shutdown(chan
->conn
, -err
);
1568 static struct sk_buff
*smp_alloc_skb_cb(struct l2cap_chan
*chan
,
1569 unsigned long hdr_len
,
1570 unsigned long len
, int nb
)
1572 struct sk_buff
*skb
;
1574 skb
= bt_skb_alloc(hdr_len
+ len
, GFP_KERNEL
);
1576 return ERR_PTR(-ENOMEM
);
1578 skb
->priority
= HCI_PRIO_MAX
;
1579 bt_cb(skb
)->chan
= chan
;
1584 static const struct l2cap_ops smp_chan_ops
= {
1585 .name
= "Security Manager",
1586 .ready
= smp_ready_cb
,
1587 .recv
= smp_recv_cb
,
1588 .alloc_skb
= smp_alloc_skb_cb
,
1589 .teardown
= smp_teardown_cb
,
1590 .resume
= smp_resume_cb
,
1592 .new_connection
= l2cap_chan_no_new_connection
,
1593 .state_change
= l2cap_chan_no_state_change
,
1594 .close
= l2cap_chan_no_close
,
1595 .defer
= l2cap_chan_no_defer
,
1596 .suspend
= l2cap_chan_no_suspend
,
1597 .set_shutdown
= l2cap_chan_no_set_shutdown
,
1598 .get_sndtimeo
= l2cap_chan_no_get_sndtimeo
,
1599 .memcpy_fromiovec
= l2cap_chan_no_memcpy_fromiovec
,
1602 static inline struct l2cap_chan
*smp_new_conn_cb(struct l2cap_chan
*pchan
)
1604 struct l2cap_chan
*chan
;
1606 BT_DBG("pchan %p", pchan
);
1608 chan
= l2cap_chan_create();
1612 chan
->chan_type
= pchan
->chan_type
;
1613 chan
->ops
= &smp_chan_ops
;
1614 chan
->scid
= pchan
->scid
;
1615 chan
->dcid
= chan
->scid
;
1616 chan
->imtu
= pchan
->imtu
;
1617 chan
->omtu
= pchan
->omtu
;
1618 chan
->mode
= pchan
->mode
;
1620 BT_DBG("created chan %p", chan
);
1625 static const struct l2cap_ops smp_root_chan_ops
= {
1626 .name
= "Security Manager Root",
1627 .new_connection
= smp_new_conn_cb
,
1629 /* None of these are implemented for the root channel */
1630 .close
= l2cap_chan_no_close
,
1631 .alloc_skb
= l2cap_chan_no_alloc_skb
,
1632 .recv
= l2cap_chan_no_recv
,
1633 .state_change
= l2cap_chan_no_state_change
,
1634 .teardown
= l2cap_chan_no_teardown
,
1635 .ready
= l2cap_chan_no_ready
,
1636 .defer
= l2cap_chan_no_defer
,
1637 .suspend
= l2cap_chan_no_suspend
,
1638 .resume
= l2cap_chan_no_resume
,
1639 .set_shutdown
= l2cap_chan_no_set_shutdown
,
1640 .get_sndtimeo
= l2cap_chan_no_get_sndtimeo
,
1641 .memcpy_fromiovec
= l2cap_chan_no_memcpy_fromiovec
,
1644 int smp_register(struct hci_dev
*hdev
)
1646 struct l2cap_chan
*chan
;
1647 struct crypto_blkcipher
*tfm_aes
;
1649 BT_DBG("%s", hdev
->name
);
1651 tfm_aes
= crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC
);
1652 if (IS_ERR(tfm_aes
)) {
1653 int err
= PTR_ERR(tfm_aes
);
1654 BT_ERR("Unable to create crypto context");
1658 chan
= l2cap_chan_create();
1660 crypto_free_blkcipher(tfm_aes
);
1664 chan
->data
= tfm_aes
;
1666 l2cap_add_scid(chan
, L2CAP_CID_SMP
);
1668 l2cap_chan_set_defaults(chan
);
1670 bacpy(&chan
->src
, &hdev
->bdaddr
);
1671 chan
->src_type
= BDADDR_LE_PUBLIC
;
1672 chan
->state
= BT_LISTEN
;
1673 chan
->mode
= L2CAP_MODE_BASIC
;
1674 chan
->imtu
= L2CAP_DEFAULT_MTU
;
1675 chan
->ops
= &smp_root_chan_ops
;
1677 hdev
->smp_data
= chan
;
1682 void smp_unregister(struct hci_dev
*hdev
)
1684 struct l2cap_chan
*chan
= hdev
->smp_data
;
1685 struct crypto_blkcipher
*tfm_aes
;
1690 BT_DBG("%s chan %p", hdev
->name
, chan
);
1692 tfm_aes
= chan
->data
;
1695 crypto_free_blkcipher(tfm_aes
);
1698 hdev
->smp_data
= NULL
;
1699 l2cap_chan_put(chan
);