2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
34 #define SMP_TIMEOUT msecs_to_jiffies(30000)
36 #define AUTH_REQ_MASK 0x07
37 #define KEY_DIST_MASK 0x07
48 struct l2cap_conn
*conn
;
49 struct delayed_work security_timer
;
51 u8 preq
[7]; /* SMP Pairing Request */
52 u8 prsp
[7]; /* SMP Pairing Response */
53 u8 prnd
[16]; /* SMP Pairing Random (local) */
54 u8 rrnd
[16]; /* SMP Pairing Random (remote) */
55 u8 pcnf
[16]; /* SMP Pairing Confirm */
56 u8 tk
[16]; /* SMP Temporary Key */
62 struct smp_csrk
*csrk
;
63 struct smp_csrk
*slave_csrk
;
65 struct smp_ltk
*slave_ltk
;
66 struct smp_irk
*remote_irk
;
69 struct crypto_blkcipher
*tfm_aes
;
72 static inline void swap_buf(const u8
*src
, u8
*dst
, size_t len
)
76 for (i
= 0; i
< len
; i
++)
77 dst
[len
- 1 - i
] = src
[i
];
80 static int smp_e(struct crypto_blkcipher
*tfm
, const u8
*k
, u8
*r
)
82 struct blkcipher_desc desc
;
83 struct scatterlist sg
;
84 uint8_t tmp
[16], data
[16];
88 BT_ERR("tfm %p", tfm
);
95 /* The most significant octet of key corresponds to k[0] */
98 err
= crypto_blkcipher_setkey(tfm
, tmp
, 16);
100 BT_ERR("cipher setkey failed: %d", err
);
104 /* Most significant octet of plaintextData corresponds to data[0] */
105 swap_buf(r
, data
, 16);
107 sg_init_one(&sg
, data
, 16);
109 err
= crypto_blkcipher_encrypt(&desc
, &sg
, &sg
, 16);
111 BT_ERR("Encrypt data error %d", err
);
113 /* Most significant octet of encryptedData corresponds to data[0] */
114 swap_buf(data
, r
, 16);
119 static int smp_ah(struct crypto_blkcipher
*tfm
, u8 irk
[16], u8 r
[3], u8 res
[3])
124 /* r' = padding || r */
126 memset(_res
+ 3, 0, 13);
128 err
= smp_e(tfm
, irk
, _res
);
130 BT_ERR("Encrypt error");
134 /* The output of the random address function ah is:
135 * ah(h, r) = e(k, r') mod 2^24
136 * The output of the security function e is then truncated to 24 bits
137 * by taking the least significant 24 bits of the output of e as the
140 memcpy(res
, _res
, 3);
145 bool smp_irk_matches(struct hci_dev
*hdev
, u8 irk
[16], bdaddr_t
*bdaddr
)
147 struct l2cap_chan
*chan
= hdev
->smp_data
;
148 struct crypto_blkcipher
*tfm
;
152 if (!chan
|| !chan
->data
)
157 BT_DBG("RPA %pMR IRK %*phN", bdaddr
, 16, irk
);
159 err
= smp_ah(tfm
, irk
, &bdaddr
->b
[3], hash
);
163 return !memcmp(bdaddr
->b
, hash
, 3);
166 int smp_generate_rpa(struct hci_dev
*hdev
, u8 irk
[16], bdaddr_t
*rpa
)
168 struct l2cap_chan
*chan
= hdev
->smp_data
;
169 struct crypto_blkcipher
*tfm
;
172 if (!chan
|| !chan
->data
)
177 get_random_bytes(&rpa
->b
[3], 3);
179 rpa
->b
[5] &= 0x3f; /* Clear two most significant bits */
180 rpa
->b
[5] |= 0x40; /* Set second most significant bit */
182 err
= smp_ah(tfm
, irk
, &rpa
->b
[3], rpa
->b
);
186 BT_DBG("RPA %pMR", rpa
);
191 static int smp_c1(struct smp_chan
*smp
, u8 k
[16], u8 r
[16], u8 preq
[7],
192 u8 pres
[7], u8 _iat
, bdaddr_t
*ia
, u8 _rat
, bdaddr_t
*ra
,
195 struct hci_dev
*hdev
= smp
->conn
->hcon
->hdev
;
199 BT_DBG("%s", hdev
->name
);
203 /* p1 = pres || preq || _rat || _iat */
206 memcpy(p1
+ 2, preq
, 7);
207 memcpy(p1
+ 9, pres
, 7);
209 /* p2 = padding || ia || ra */
211 memcpy(p2
+ 6, ia
, 6);
212 memset(p2
+ 12, 0, 4);
215 u128_xor((u128
*) res
, (u128
*) r
, (u128
*) p1
);
217 /* res = e(k, res) */
218 err
= smp_e(smp
->tfm_aes
, k
, res
);
220 BT_ERR("Encrypt data error");
224 /* res = res XOR p2 */
225 u128_xor((u128
*) res
, (u128
*) res
, (u128
*) p2
);
227 /* res = e(k, res) */
228 err
= smp_e(smp
->tfm_aes
, k
, res
);
230 BT_ERR("Encrypt data error");
235 static int smp_s1(struct smp_chan
*smp
, u8 k
[16], u8 r1
[16], u8 r2
[16],
238 struct hci_dev
*hdev
= smp
->conn
->hcon
->hdev
;
241 BT_DBG("%s", hdev
->name
);
243 /* Just least significant octets from r1 and r2 are considered */
245 memcpy(_r
+ 8, r1
, 8);
247 err
= smp_e(smp
->tfm_aes
, k
, _r
);
249 BT_ERR("Encrypt data error");
254 static void smp_send_cmd(struct l2cap_conn
*conn
, u8 code
, u16 len
, void *data
)
256 struct l2cap_chan
*chan
= conn
->smp
;
257 struct smp_chan
*smp
;
264 BT_DBG("code 0x%2.2x", code
);
266 iv
[0].iov_base
= &code
;
269 iv
[1].iov_base
= data
;
272 memset(&msg
, 0, sizeof(msg
));
274 msg
.msg_iov
= (struct iovec
*) &iv
;
277 l2cap_chan_send(chan
, &msg
, 1 + len
);
284 cancel_delayed_work_sync(&smp
->security_timer
);
285 schedule_delayed_work(&smp
->security_timer
, SMP_TIMEOUT
);
288 static __u8
authreq_to_seclevel(__u8 authreq
)
290 if (authreq
& SMP_AUTH_MITM
)
291 return BT_SECURITY_HIGH
;
293 return BT_SECURITY_MEDIUM
;
296 static __u8
seclevel_to_authreq(__u8 sec_level
)
299 case BT_SECURITY_HIGH
:
300 return SMP_AUTH_MITM
| SMP_AUTH_BONDING
;
301 case BT_SECURITY_MEDIUM
:
302 return SMP_AUTH_BONDING
;
304 return SMP_AUTH_NONE
;
308 static void build_pairing_cmd(struct l2cap_conn
*conn
,
309 struct smp_cmd_pairing
*req
,
310 struct smp_cmd_pairing
*rsp
, __u8 authreq
)
312 struct l2cap_chan
*chan
= conn
->smp
;
313 struct smp_chan
*smp
= chan
->data
;
314 struct hci_conn
*hcon
= conn
->hcon
;
315 struct hci_dev
*hdev
= hcon
->hdev
;
316 u8 local_dist
= 0, remote_dist
= 0;
318 if (test_bit(HCI_BONDABLE
, &conn
->hcon
->hdev
->dev_flags
)) {
319 local_dist
= SMP_DIST_ENC_KEY
| SMP_DIST_SIGN
;
320 remote_dist
= SMP_DIST_ENC_KEY
| SMP_DIST_SIGN
;
321 authreq
|= SMP_AUTH_BONDING
;
323 authreq
&= ~SMP_AUTH_BONDING
;
326 if (test_bit(HCI_RPA_RESOLVING
, &hdev
->dev_flags
))
327 remote_dist
|= SMP_DIST_ID_KEY
;
329 if (test_bit(HCI_PRIVACY
, &hdev
->dev_flags
))
330 local_dist
|= SMP_DIST_ID_KEY
;
333 req
->io_capability
= conn
->hcon
->io_capability
;
334 req
->oob_flag
= SMP_OOB_NOT_PRESENT
;
335 req
->max_key_size
= SMP_MAX_ENC_KEY_SIZE
;
336 req
->init_key_dist
= local_dist
;
337 req
->resp_key_dist
= remote_dist
;
338 req
->auth_req
= (authreq
& AUTH_REQ_MASK
);
340 smp
->remote_key_dist
= remote_dist
;
344 rsp
->io_capability
= conn
->hcon
->io_capability
;
345 rsp
->oob_flag
= SMP_OOB_NOT_PRESENT
;
346 rsp
->max_key_size
= SMP_MAX_ENC_KEY_SIZE
;
347 rsp
->init_key_dist
= req
->init_key_dist
& remote_dist
;
348 rsp
->resp_key_dist
= req
->resp_key_dist
& local_dist
;
349 rsp
->auth_req
= (authreq
& AUTH_REQ_MASK
);
351 smp
->remote_key_dist
= rsp
->init_key_dist
;
354 static u8
check_enc_key_size(struct l2cap_conn
*conn
, __u8 max_key_size
)
356 struct l2cap_chan
*chan
= conn
->smp
;
357 struct smp_chan
*smp
= chan
->data
;
359 if ((max_key_size
> SMP_MAX_ENC_KEY_SIZE
) ||
360 (max_key_size
< SMP_MIN_ENC_KEY_SIZE
))
361 return SMP_ENC_KEY_SIZE
;
363 smp
->enc_key_size
= max_key_size
;
368 static void smp_chan_destroy(struct l2cap_conn
*conn
)
370 struct l2cap_chan
*chan
= conn
->smp
;
371 struct smp_chan
*smp
= chan
->data
;
376 cancel_delayed_work_sync(&smp
->security_timer
);
378 complete
= test_bit(SMP_FLAG_COMPLETE
, &smp
->flags
);
379 mgmt_smp_complete(conn
->hcon
, complete
);
382 kfree(smp
->slave_csrk
);
384 crypto_free_blkcipher(smp
->tfm_aes
);
386 /* If pairing failed clean up any keys we might have */
389 list_del(&smp
->ltk
->list
);
393 if (smp
->slave_ltk
) {
394 list_del(&smp
->slave_ltk
->list
);
395 kfree(smp
->slave_ltk
);
398 if (smp
->remote_irk
) {
399 list_del(&smp
->remote_irk
->list
);
400 kfree(smp
->remote_irk
);
406 hci_conn_drop(conn
->hcon
);
409 static void smp_failure(struct l2cap_conn
*conn
, u8 reason
)
411 struct hci_conn
*hcon
= conn
->hcon
;
412 struct l2cap_chan
*chan
= conn
->smp
;
415 smp_send_cmd(conn
, SMP_CMD_PAIRING_FAIL
, sizeof(reason
),
418 clear_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
);
419 mgmt_auth_failed(hcon
->hdev
, &hcon
->dst
, hcon
->type
, hcon
->dst_type
,
420 HCI_ERROR_AUTH_FAILURE
);
423 smp_chan_destroy(conn
);
426 #define JUST_WORKS 0x00
427 #define JUST_CFM 0x01
428 #define REQ_PASSKEY 0x02
429 #define CFM_PASSKEY 0x03
433 static const u8 gen_method
[5][5] = {
434 { JUST_WORKS
, JUST_CFM
, REQ_PASSKEY
, JUST_WORKS
, REQ_PASSKEY
},
435 { JUST_WORKS
, JUST_CFM
, REQ_PASSKEY
, JUST_WORKS
, REQ_PASSKEY
},
436 { CFM_PASSKEY
, CFM_PASSKEY
, REQ_PASSKEY
, JUST_WORKS
, CFM_PASSKEY
},
437 { JUST_WORKS
, JUST_CFM
, JUST_WORKS
, JUST_WORKS
, JUST_CFM
},
438 { CFM_PASSKEY
, CFM_PASSKEY
, REQ_PASSKEY
, JUST_WORKS
, OVERLAP
},
441 static u8
get_auth_method(struct smp_chan
*smp
, u8 local_io
, u8 remote_io
)
443 /* If either side has unknown io_caps, use JUST_CFM (which gets
444 * converted later to JUST_WORKS if we're initiators.
446 if (local_io
> SMP_IO_KEYBOARD_DISPLAY
||
447 remote_io
> SMP_IO_KEYBOARD_DISPLAY
)
450 return gen_method
[remote_io
][local_io
];
453 static int tk_request(struct l2cap_conn
*conn
, u8 remote_oob
, u8 auth
,
454 u8 local_io
, u8 remote_io
)
456 struct hci_conn
*hcon
= conn
->hcon
;
457 struct l2cap_chan
*chan
= conn
->smp
;
458 struct smp_chan
*smp
= chan
->data
;
463 /* Initialize key for JUST WORKS */
464 memset(smp
->tk
, 0, sizeof(smp
->tk
));
465 clear_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
467 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth
, local_io
, remote_io
);
469 /* If neither side wants MITM, either "just" confirm an incoming
470 * request or use just-works for outgoing ones. The JUST_CFM
471 * will be converted to JUST_WORKS if necessary later in this
472 * function. If either side has MITM look up the method from the
475 if (!(auth
& SMP_AUTH_MITM
))
478 method
= get_auth_method(smp
, local_io
, remote_io
);
480 /* Don't confirm locally initiated pairing attempts */
481 if (method
== JUST_CFM
&& test_bit(SMP_FLAG_INITIATOR
, &smp
->flags
))
484 /* Don't bother user space with no IO capabilities */
485 if (method
== JUST_CFM
&& hcon
->io_capability
== HCI_IO_NO_INPUT_OUTPUT
)
488 /* If Just Works, Continue with Zero TK */
489 if (method
== JUST_WORKS
) {
490 set_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
494 /* Not Just Works/Confirm results in MITM Authentication */
495 if (method
!= JUST_CFM
)
496 set_bit(SMP_FLAG_MITM_AUTH
, &smp
->flags
);
498 /* If both devices have Keyoard-Display I/O, the master
499 * Confirms and the slave Enters the passkey.
501 if (method
== OVERLAP
) {
502 if (hcon
->role
== HCI_ROLE_MASTER
)
503 method
= CFM_PASSKEY
;
505 method
= REQ_PASSKEY
;
508 /* Generate random passkey. */
509 if (method
== CFM_PASSKEY
) {
510 memset(smp
->tk
, 0, sizeof(smp
->tk
));
511 get_random_bytes(&passkey
, sizeof(passkey
));
513 put_unaligned_le32(passkey
, smp
->tk
);
514 BT_DBG("PassKey: %d", passkey
);
515 set_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
518 hci_dev_lock(hcon
->hdev
);
520 if (method
== REQ_PASSKEY
)
521 ret
= mgmt_user_passkey_request(hcon
->hdev
, &hcon
->dst
,
522 hcon
->type
, hcon
->dst_type
);
523 else if (method
== JUST_CFM
)
524 ret
= mgmt_user_confirm_request(hcon
->hdev
, &hcon
->dst
,
525 hcon
->type
, hcon
->dst_type
,
528 ret
= mgmt_user_passkey_notify(hcon
->hdev
, &hcon
->dst
,
529 hcon
->type
, hcon
->dst_type
,
532 hci_dev_unlock(hcon
->hdev
);
537 static u8
smp_confirm(struct smp_chan
*smp
)
539 struct l2cap_conn
*conn
= smp
->conn
;
540 struct smp_cmd_pairing_confirm cp
;
543 BT_DBG("conn %p", conn
);
545 ret
= smp_c1(smp
, smp
->tk
, smp
->prnd
, smp
->preq
, smp
->prsp
,
546 conn
->hcon
->init_addr_type
, &conn
->hcon
->init_addr
,
547 conn
->hcon
->resp_addr_type
, &conn
->hcon
->resp_addr
,
550 return SMP_UNSPECIFIED
;
552 clear_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
);
554 smp_send_cmd(smp
->conn
, SMP_CMD_PAIRING_CONFIRM
, sizeof(cp
), &cp
);
559 static u8
smp_random(struct smp_chan
*smp
)
561 struct l2cap_conn
*conn
= smp
->conn
;
562 struct hci_conn
*hcon
= conn
->hcon
;
566 if (IS_ERR_OR_NULL(smp
->tfm_aes
))
567 return SMP_UNSPECIFIED
;
569 BT_DBG("conn %p %s", conn
, conn
->hcon
->out
? "master" : "slave");
571 ret
= smp_c1(smp
, smp
->tk
, smp
->rrnd
, smp
->preq
, smp
->prsp
,
572 hcon
->init_addr_type
, &hcon
->init_addr
,
573 hcon
->resp_addr_type
, &hcon
->resp_addr
, confirm
);
575 return SMP_UNSPECIFIED
;
577 if (memcmp(smp
->pcnf
, confirm
, sizeof(smp
->pcnf
)) != 0) {
578 BT_ERR("Pairing failed (confirmation values mismatch)");
579 return SMP_CONFIRM_FAILED
;
587 smp_s1(smp
, smp
->tk
, smp
->rrnd
, smp
->prnd
, stk
);
589 memset(stk
+ smp
->enc_key_size
, 0,
590 SMP_MAX_ENC_KEY_SIZE
- smp
->enc_key_size
);
592 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
))
593 return SMP_UNSPECIFIED
;
595 hci_le_start_enc(hcon
, ediv
, rand
, stk
);
596 hcon
->enc_key_size
= smp
->enc_key_size
;
597 set_bit(HCI_CONN_STK_ENCRYPT
, &hcon
->flags
);
603 smp_send_cmd(conn
, SMP_CMD_PAIRING_RANDOM
, sizeof(smp
->prnd
),
606 smp_s1(smp
, smp
->tk
, smp
->prnd
, smp
->rrnd
, stk
);
608 memset(stk
+ smp
->enc_key_size
, 0,
609 SMP_MAX_ENC_KEY_SIZE
- smp
->enc_key_size
);
611 if (hcon
->pending_sec_level
== BT_SECURITY_HIGH
)
616 /* Even though there's no _SLAVE suffix this is the
617 * slave STK we're adding for later lookup (the master
618 * STK never needs to be stored).
620 hci_add_ltk(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
621 SMP_STK
, auth
, stk
, smp
->enc_key_size
, ediv
, rand
);
627 static void smp_notify_keys(struct l2cap_conn
*conn
)
629 struct l2cap_chan
*chan
= conn
->smp
;
630 struct smp_chan
*smp
= chan
->data
;
631 struct hci_conn
*hcon
= conn
->hcon
;
632 struct hci_dev
*hdev
= hcon
->hdev
;
633 struct smp_cmd_pairing
*req
= (void *) &smp
->preq
[1];
634 struct smp_cmd_pairing
*rsp
= (void *) &smp
->prsp
[1];
637 if (smp
->remote_irk
) {
638 mgmt_new_irk(hdev
, smp
->remote_irk
);
639 /* Now that user space can be considered to know the
640 * identity address track the connection based on it
643 bacpy(&hcon
->dst
, &smp
->remote_irk
->bdaddr
);
644 hcon
->dst_type
= smp
->remote_irk
->addr_type
;
645 queue_work(hdev
->workqueue
, &conn
->id_addr_update_work
);
647 /* When receiving an indentity resolving key for
648 * a remote device that does not use a resolvable
649 * private address, just remove the key so that
650 * it is possible to use the controller white
653 * Userspace will have been told to not store
654 * this key at this point. So it is safe to
657 if (!bacmp(&smp
->remote_irk
->rpa
, BDADDR_ANY
)) {
658 list_del(&smp
->remote_irk
->list
);
659 kfree(smp
->remote_irk
);
660 smp
->remote_irk
= NULL
;
664 /* The LTKs and CSRKs should be persistent only if both sides
665 * had the bonding bit set in their authentication requests.
667 persistent
= !!((req
->auth_req
& rsp
->auth_req
) & SMP_AUTH_BONDING
);
670 smp
->csrk
->bdaddr_type
= hcon
->dst_type
;
671 bacpy(&smp
->csrk
->bdaddr
, &hcon
->dst
);
672 mgmt_new_csrk(hdev
, smp
->csrk
, persistent
);
675 if (smp
->slave_csrk
) {
676 smp
->slave_csrk
->bdaddr_type
= hcon
->dst_type
;
677 bacpy(&smp
->slave_csrk
->bdaddr
, &hcon
->dst
);
678 mgmt_new_csrk(hdev
, smp
->slave_csrk
, persistent
);
682 smp
->ltk
->bdaddr_type
= hcon
->dst_type
;
683 bacpy(&smp
->ltk
->bdaddr
, &hcon
->dst
);
684 mgmt_new_ltk(hdev
, smp
->ltk
, persistent
);
687 if (smp
->slave_ltk
) {
688 smp
->slave_ltk
->bdaddr_type
= hcon
->dst_type
;
689 bacpy(&smp
->slave_ltk
->bdaddr
, &hcon
->dst
);
690 mgmt_new_ltk(hdev
, smp
->slave_ltk
, persistent
);
694 static void smp_distribute_keys(struct smp_chan
*smp
)
696 struct smp_cmd_pairing
*req
, *rsp
;
697 struct l2cap_conn
*conn
= smp
->conn
;
698 struct hci_conn
*hcon
= conn
->hcon
;
699 struct hci_dev
*hdev
= hcon
->hdev
;
702 BT_DBG("conn %p", conn
);
704 rsp
= (void *) &smp
->prsp
[1];
706 /* The responder sends its keys first */
707 if (hcon
->out
&& (smp
->remote_key_dist
& KEY_DIST_MASK
))
710 req
= (void *) &smp
->preq
[1];
713 keydist
= &rsp
->init_key_dist
;
714 *keydist
&= req
->init_key_dist
;
716 keydist
= &rsp
->resp_key_dist
;
717 *keydist
&= req
->resp_key_dist
;
720 BT_DBG("keydist 0x%x", *keydist
);
722 if (*keydist
& SMP_DIST_ENC_KEY
) {
723 struct smp_cmd_encrypt_info enc
;
724 struct smp_cmd_master_ident ident
;
730 get_random_bytes(enc
.ltk
, sizeof(enc
.ltk
));
731 get_random_bytes(&ediv
, sizeof(ediv
));
732 get_random_bytes(&rand
, sizeof(rand
));
734 smp_send_cmd(conn
, SMP_CMD_ENCRYPT_INFO
, sizeof(enc
), &enc
);
736 authenticated
= hcon
->sec_level
== BT_SECURITY_HIGH
;
737 ltk
= hci_add_ltk(hdev
, &hcon
->dst
, hcon
->dst_type
,
738 SMP_LTK_SLAVE
, authenticated
, enc
.ltk
,
739 smp
->enc_key_size
, ediv
, rand
);
740 smp
->slave_ltk
= ltk
;
745 smp_send_cmd(conn
, SMP_CMD_MASTER_IDENT
, sizeof(ident
), &ident
);
747 *keydist
&= ~SMP_DIST_ENC_KEY
;
750 if (*keydist
& SMP_DIST_ID_KEY
) {
751 struct smp_cmd_ident_addr_info addrinfo
;
752 struct smp_cmd_ident_info idinfo
;
754 memcpy(idinfo
.irk
, hdev
->irk
, sizeof(idinfo
.irk
));
756 smp_send_cmd(conn
, SMP_CMD_IDENT_INFO
, sizeof(idinfo
), &idinfo
);
758 /* The hci_conn contains the local identity address
759 * after the connection has been established.
761 * This is true even when the connection has been
762 * established using a resolvable random address.
764 bacpy(&addrinfo
.bdaddr
, &hcon
->src
);
765 addrinfo
.addr_type
= hcon
->src_type
;
767 smp_send_cmd(conn
, SMP_CMD_IDENT_ADDR_INFO
, sizeof(addrinfo
),
770 *keydist
&= ~SMP_DIST_ID_KEY
;
773 if (*keydist
& SMP_DIST_SIGN
) {
774 struct smp_cmd_sign_info sign
;
775 struct smp_csrk
*csrk
;
777 /* Generate a new random key */
778 get_random_bytes(sign
.csrk
, sizeof(sign
.csrk
));
780 csrk
= kzalloc(sizeof(*csrk
), GFP_KERNEL
);
783 memcpy(csrk
->val
, sign
.csrk
, sizeof(csrk
->val
));
785 smp
->slave_csrk
= csrk
;
787 smp_send_cmd(conn
, SMP_CMD_SIGN_INFO
, sizeof(sign
), &sign
);
789 *keydist
&= ~SMP_DIST_SIGN
;
792 /* If there are still keys to be received wait for them */
793 if (smp
->remote_key_dist
& KEY_DIST_MASK
)
796 set_bit(SMP_FLAG_COMPLETE
, &smp
->flags
);
797 smp_notify_keys(conn
);
799 smp_chan_destroy(conn
);
802 static void smp_timeout(struct work_struct
*work
)
804 struct smp_chan
*smp
= container_of(work
, struct smp_chan
,
805 security_timer
.work
);
806 struct l2cap_conn
*conn
= smp
->conn
;
808 BT_DBG("conn %p", conn
);
810 hci_disconnect(conn
->hcon
, HCI_ERROR_REMOTE_USER_TERM
);
813 static struct smp_chan
*smp_chan_create(struct l2cap_conn
*conn
)
815 struct l2cap_chan
*chan
= conn
->smp
;
816 struct smp_chan
*smp
;
818 smp
= kzalloc(sizeof(*smp
), GFP_ATOMIC
);
822 smp
->tfm_aes
= crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC
);
823 if (IS_ERR(smp
->tfm_aes
)) {
824 BT_ERR("Unable to create ECB crypto context");
832 INIT_DELAYED_WORK(&smp
->security_timer
, smp_timeout
);
834 hci_conn_hold(conn
->hcon
);
839 int smp_user_confirm_reply(struct hci_conn
*hcon
, u16 mgmt_op
, __le32 passkey
)
841 struct l2cap_conn
*conn
= hcon
->l2cap_data
;
842 struct l2cap_chan
*chan
;
843 struct smp_chan
*smp
;
856 l2cap_chan_lock(chan
);
865 case MGMT_OP_USER_PASSKEY_REPLY
:
866 value
= le32_to_cpu(passkey
);
867 memset(smp
->tk
, 0, sizeof(smp
->tk
));
868 BT_DBG("PassKey: %d", value
);
869 put_unaligned_le32(value
, smp
->tk
);
871 case MGMT_OP_USER_CONFIRM_REPLY
:
872 set_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
874 case MGMT_OP_USER_PASSKEY_NEG_REPLY
:
875 case MGMT_OP_USER_CONFIRM_NEG_REPLY
:
876 smp_failure(conn
, SMP_PASSKEY_ENTRY_FAILED
);
880 smp_failure(conn
, SMP_PASSKEY_ENTRY_FAILED
);
887 /* If it is our turn to send Pairing Confirm, do so now */
888 if (test_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
)) {
889 u8 rsp
= smp_confirm(smp
);
891 smp_failure(conn
, rsp
);
895 l2cap_chan_unlock(chan
);
899 static u8
smp_cmd_pairing_req(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
901 struct smp_cmd_pairing rsp
, *req
= (void *) skb
->data
;
902 struct l2cap_chan
*chan
= conn
->smp
;
903 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
904 struct smp_chan
*smp
;
905 u8 key_size
, auth
, sec_level
;
908 BT_DBG("conn %p", conn
);
910 if (skb
->len
< sizeof(*req
))
911 return SMP_INVALID_PARAMS
;
913 if (conn
->hcon
->role
!= HCI_ROLE_SLAVE
)
914 return SMP_CMD_NOTSUPP
;
917 smp
= smp_chan_create(conn
);
922 return SMP_UNSPECIFIED
;
924 if (!test_bit(HCI_BONDABLE
, &hdev
->dev_flags
) &&
925 (req
->auth_req
& SMP_AUTH_BONDING
))
926 return SMP_PAIRING_NOTSUPP
;
928 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
929 memcpy(&smp
->preq
[1], req
, sizeof(*req
));
930 skb_pull(skb
, sizeof(*req
));
932 /* We didn't start the pairing, so match remote */
933 auth
= req
->auth_req
;
935 sec_level
= authreq_to_seclevel(auth
);
936 if (sec_level
> conn
->hcon
->pending_sec_level
)
937 conn
->hcon
->pending_sec_level
= sec_level
;
939 /* If we need MITM check that it can be acheived */
940 if (conn
->hcon
->pending_sec_level
>= BT_SECURITY_HIGH
) {
943 method
= get_auth_method(smp
, conn
->hcon
->io_capability
,
945 if (method
== JUST_WORKS
|| method
== JUST_CFM
)
946 return SMP_AUTH_REQUIREMENTS
;
949 build_pairing_cmd(conn
, req
, &rsp
, auth
);
951 key_size
= min(req
->max_key_size
, rsp
.max_key_size
);
952 if (check_enc_key_size(conn
, key_size
))
953 return SMP_ENC_KEY_SIZE
;
955 get_random_bytes(smp
->prnd
, sizeof(smp
->prnd
));
957 smp
->prsp
[0] = SMP_CMD_PAIRING_RSP
;
958 memcpy(&smp
->prsp
[1], &rsp
, sizeof(rsp
));
960 smp_send_cmd(conn
, SMP_CMD_PAIRING_RSP
, sizeof(rsp
), &rsp
);
962 /* Request setup of TK */
963 ret
= tk_request(conn
, 0, auth
, rsp
.io_capability
, req
->io_capability
);
965 return SMP_UNSPECIFIED
;
970 static u8
smp_cmd_pairing_rsp(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
972 struct smp_cmd_pairing
*req
, *rsp
= (void *) skb
->data
;
973 struct l2cap_chan
*chan
= conn
->smp
;
974 struct smp_chan
*smp
= chan
->data
;
975 u8 key_size
, auth
= SMP_AUTH_NONE
;
978 BT_DBG("conn %p", conn
);
980 if (skb
->len
< sizeof(*rsp
))
981 return SMP_INVALID_PARAMS
;
983 if (conn
->hcon
->role
!= HCI_ROLE_MASTER
)
984 return SMP_CMD_NOTSUPP
;
986 skb_pull(skb
, sizeof(*rsp
));
988 req
= (void *) &smp
->preq
[1];
990 key_size
= min(req
->max_key_size
, rsp
->max_key_size
);
991 if (check_enc_key_size(conn
, key_size
))
992 return SMP_ENC_KEY_SIZE
;
994 /* If we need MITM check that it can be acheived */
995 if (conn
->hcon
->pending_sec_level
>= BT_SECURITY_HIGH
) {
998 method
= get_auth_method(smp
, req
->io_capability
,
1000 if (method
== JUST_WORKS
|| method
== JUST_CFM
)
1001 return SMP_AUTH_REQUIREMENTS
;
1004 get_random_bytes(smp
->prnd
, sizeof(smp
->prnd
));
1006 smp
->prsp
[0] = SMP_CMD_PAIRING_RSP
;
1007 memcpy(&smp
->prsp
[1], rsp
, sizeof(*rsp
));
1009 /* Update remote key distribution in case the remote cleared
1010 * some bits that we had enabled in our request.
1012 smp
->remote_key_dist
&= rsp
->resp_key_dist
;
1014 if ((req
->auth_req
& SMP_AUTH_BONDING
) &&
1015 (rsp
->auth_req
& SMP_AUTH_BONDING
))
1016 auth
= SMP_AUTH_BONDING
;
1018 auth
|= (req
->auth_req
| rsp
->auth_req
) & SMP_AUTH_MITM
;
1020 ret
= tk_request(conn
, 0, auth
, req
->io_capability
, rsp
->io_capability
);
1022 return SMP_UNSPECIFIED
;
1024 set_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
);
1026 /* Can't compose response until we have been confirmed */
1027 if (test_bit(SMP_FLAG_TK_VALID
, &smp
->flags
))
1028 return smp_confirm(smp
);
1033 static u8
smp_cmd_pairing_confirm(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1035 struct l2cap_chan
*chan
= conn
->smp
;
1036 struct smp_chan
*smp
= chan
->data
;
1038 BT_DBG("conn %p %s", conn
, conn
->hcon
->out
? "master" : "slave");
1040 if (skb
->len
< sizeof(smp
->pcnf
))
1041 return SMP_INVALID_PARAMS
;
1043 memcpy(smp
->pcnf
, skb
->data
, sizeof(smp
->pcnf
));
1044 skb_pull(skb
, sizeof(smp
->pcnf
));
1046 if (conn
->hcon
->out
)
1047 smp_send_cmd(conn
, SMP_CMD_PAIRING_RANDOM
, sizeof(smp
->prnd
),
1049 else if (test_bit(SMP_FLAG_TK_VALID
, &smp
->flags
))
1050 return smp_confirm(smp
);
1052 set_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
);
1057 static u8
smp_cmd_pairing_random(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1059 struct l2cap_chan
*chan
= conn
->smp
;
1060 struct smp_chan
*smp
= chan
->data
;
1062 BT_DBG("conn %p", conn
);
1064 if (skb
->len
< sizeof(smp
->rrnd
))
1065 return SMP_INVALID_PARAMS
;
1067 memcpy(smp
->rrnd
, skb
->data
, sizeof(smp
->rrnd
));
1068 skb_pull(skb
, sizeof(smp
->rrnd
));
1070 return smp_random(smp
);
1073 static bool smp_ltk_encrypt(struct l2cap_conn
*conn
, u8 sec_level
)
1075 struct smp_ltk
*key
;
1076 struct hci_conn
*hcon
= conn
->hcon
;
1078 key
= hci_find_ltk_by_addr(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
1083 if (sec_level
> BT_SECURITY_MEDIUM
&& !key
->authenticated
)
1086 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
))
1089 hci_le_start_enc(hcon
, key
->ediv
, key
->rand
, key
->val
);
1090 hcon
->enc_key_size
= key
->enc_size
;
1092 /* We never store STKs for master role, so clear this flag */
1093 clear_bit(HCI_CONN_STK_ENCRYPT
, &hcon
->flags
);
1098 bool smp_sufficient_security(struct hci_conn
*hcon
, u8 sec_level
)
1100 if (sec_level
== BT_SECURITY_LOW
)
1103 /* If we're encrypted with an STK always claim insufficient
1104 * security. This way we allow the connection to be re-encrypted
1105 * with an LTK, even if the LTK provides the same level of
1106 * security. Only exception is if we don't have an LTK (e.g.
1107 * because of key distribution bits).
1109 if (test_bit(HCI_CONN_STK_ENCRYPT
, &hcon
->flags
) &&
1110 hci_find_ltk_by_addr(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
1114 if (hcon
->sec_level
>= sec_level
)
1120 static u8
smp_cmd_security_req(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1122 struct smp_cmd_security_req
*rp
= (void *) skb
->data
;
1123 struct smp_cmd_pairing cp
;
1124 struct hci_conn
*hcon
= conn
->hcon
;
1125 struct l2cap_chan
*chan
= conn
->smp
;
1126 struct smp_chan
*smp
;
1129 BT_DBG("conn %p", conn
);
1131 if (skb
->len
< sizeof(*rp
))
1132 return SMP_INVALID_PARAMS
;
1134 if (hcon
->role
!= HCI_ROLE_MASTER
)
1135 return SMP_CMD_NOTSUPP
;
1137 sec_level
= authreq_to_seclevel(rp
->auth_req
);
1138 if (smp_sufficient_security(hcon
, sec_level
))
1141 if (sec_level
> hcon
->pending_sec_level
)
1142 hcon
->pending_sec_level
= sec_level
;
1144 if (smp_ltk_encrypt(conn
, hcon
->pending_sec_level
))
1147 /* If SMP is already in progress ignore this request */
1151 smp
= smp_chan_create(conn
);
1153 return SMP_UNSPECIFIED
;
1155 if (!test_bit(HCI_BONDABLE
, &hcon
->hdev
->dev_flags
) &&
1156 (rp
->auth_req
& SMP_AUTH_BONDING
))
1157 return SMP_PAIRING_NOTSUPP
;
1159 skb_pull(skb
, sizeof(*rp
));
1161 memset(&cp
, 0, sizeof(cp
));
1162 build_pairing_cmd(conn
, &cp
, NULL
, rp
->auth_req
);
1164 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
1165 memcpy(&smp
->preq
[1], &cp
, sizeof(cp
));
1167 smp_send_cmd(conn
, SMP_CMD_PAIRING_REQ
, sizeof(cp
), &cp
);
1172 int smp_conn_security(struct hci_conn
*hcon
, __u8 sec_level
)
1174 struct l2cap_conn
*conn
= hcon
->l2cap_data
;
1175 struct l2cap_chan
*chan
= conn
->smp
;
1176 struct smp_chan
*smp
;
1180 BT_DBG("conn %p hcon %p level 0x%2.2x", conn
, hcon
, sec_level
);
1182 /* This may be NULL if there's an unexpected disconnection */
1186 if (!test_bit(HCI_LE_ENABLED
, &hcon
->hdev
->dev_flags
))
1189 if (smp_sufficient_security(hcon
, sec_level
))
1192 if (sec_level
> hcon
->pending_sec_level
)
1193 hcon
->pending_sec_level
= sec_level
;
1195 if (hcon
->role
== HCI_ROLE_MASTER
)
1196 if (smp_ltk_encrypt(conn
, hcon
->pending_sec_level
))
1199 l2cap_chan_lock(chan
);
1201 /* If SMP is already in progress ignore this request */
1207 smp
= smp_chan_create(conn
);
1213 authreq
= seclevel_to_authreq(sec_level
);
1215 /* Require MITM if IO Capability allows or the security level
1218 if (hcon
->io_capability
!= HCI_IO_NO_INPUT_OUTPUT
||
1219 hcon
->pending_sec_level
> BT_SECURITY_MEDIUM
)
1220 authreq
|= SMP_AUTH_MITM
;
1222 if (hcon
->role
== HCI_ROLE_MASTER
) {
1223 struct smp_cmd_pairing cp
;
1225 build_pairing_cmd(conn
, &cp
, NULL
, authreq
);
1226 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
1227 memcpy(&smp
->preq
[1], &cp
, sizeof(cp
));
1229 smp_send_cmd(conn
, SMP_CMD_PAIRING_REQ
, sizeof(cp
), &cp
);
1231 struct smp_cmd_security_req cp
;
1232 cp
.auth_req
= authreq
;
1233 smp_send_cmd(conn
, SMP_CMD_SECURITY_REQ
, sizeof(cp
), &cp
);
1236 set_bit(SMP_FLAG_INITIATOR
, &smp
->flags
);
1240 l2cap_chan_unlock(chan
);
1244 static int smp_cmd_encrypt_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1246 struct smp_cmd_encrypt_info
*rp
= (void *) skb
->data
;
1247 struct l2cap_chan
*chan
= conn
->smp
;
1248 struct smp_chan
*smp
= chan
->data
;
1250 BT_DBG("conn %p", conn
);
1252 if (skb
->len
< sizeof(*rp
))
1253 return SMP_INVALID_PARAMS
;
1255 /* Ignore this PDU if it wasn't requested */
1256 if (!(smp
->remote_key_dist
& SMP_DIST_ENC_KEY
))
1259 skb_pull(skb
, sizeof(*rp
));
1261 memcpy(smp
->tk
, rp
->ltk
, sizeof(smp
->tk
));
1266 static int smp_cmd_master_ident(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1268 struct smp_cmd_master_ident
*rp
= (void *) skb
->data
;
1269 struct l2cap_chan
*chan
= conn
->smp
;
1270 struct smp_chan
*smp
= chan
->data
;
1271 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
1272 struct hci_conn
*hcon
= conn
->hcon
;
1273 struct smp_ltk
*ltk
;
1276 BT_DBG("conn %p", conn
);
1278 if (skb
->len
< sizeof(*rp
))
1279 return SMP_INVALID_PARAMS
;
1281 /* Ignore this PDU if it wasn't requested */
1282 if (!(smp
->remote_key_dist
& SMP_DIST_ENC_KEY
))
1285 /* Mark the information as received */
1286 smp
->remote_key_dist
&= ~SMP_DIST_ENC_KEY
;
1288 skb_pull(skb
, sizeof(*rp
));
1291 authenticated
= (hcon
->sec_level
== BT_SECURITY_HIGH
);
1292 ltk
= hci_add_ltk(hdev
, &hcon
->dst
, hcon
->dst_type
, SMP_LTK
,
1293 authenticated
, smp
->tk
, smp
->enc_key_size
,
1294 rp
->ediv
, rp
->rand
);
1296 if (!(smp
->remote_key_dist
& KEY_DIST_MASK
))
1297 smp_distribute_keys(smp
);
1298 hci_dev_unlock(hdev
);
1303 static int smp_cmd_ident_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1305 struct smp_cmd_ident_info
*info
= (void *) skb
->data
;
1306 struct l2cap_chan
*chan
= conn
->smp
;
1307 struct smp_chan
*smp
= chan
->data
;
1311 if (skb
->len
< sizeof(*info
))
1312 return SMP_INVALID_PARAMS
;
1314 /* Ignore this PDU if it wasn't requested */
1315 if (!(smp
->remote_key_dist
& SMP_DIST_ID_KEY
))
1318 skb_pull(skb
, sizeof(*info
));
1320 memcpy(smp
->irk
, info
->irk
, 16);
1325 static int smp_cmd_ident_addr_info(struct l2cap_conn
*conn
,
1326 struct sk_buff
*skb
)
1328 struct smp_cmd_ident_addr_info
*info
= (void *) skb
->data
;
1329 struct l2cap_chan
*chan
= conn
->smp
;
1330 struct smp_chan
*smp
= chan
->data
;
1331 struct hci_conn
*hcon
= conn
->hcon
;
1336 if (skb
->len
< sizeof(*info
))
1337 return SMP_INVALID_PARAMS
;
1339 /* Ignore this PDU if it wasn't requested */
1340 if (!(smp
->remote_key_dist
& SMP_DIST_ID_KEY
))
1343 /* Mark the information as received */
1344 smp
->remote_key_dist
&= ~SMP_DIST_ID_KEY
;
1346 skb_pull(skb
, sizeof(*info
));
1348 hci_dev_lock(hcon
->hdev
);
1350 /* Strictly speaking the Core Specification (4.1) allows sending
1351 * an empty address which would force us to rely on just the IRK
1352 * as "identity information". However, since such
1353 * implementations are not known of and in order to not over
1354 * complicate our implementation, simply pretend that we never
1355 * received an IRK for such a device.
1357 if (!bacmp(&info
->bdaddr
, BDADDR_ANY
)) {
1358 BT_ERR("Ignoring IRK with no identity address");
1362 bacpy(&smp
->id_addr
, &info
->bdaddr
);
1363 smp
->id_addr_type
= info
->addr_type
;
1365 if (hci_bdaddr_is_rpa(&hcon
->dst
, hcon
->dst_type
))
1366 bacpy(&rpa
, &hcon
->dst
);
1368 bacpy(&rpa
, BDADDR_ANY
);
1370 smp
->remote_irk
= hci_add_irk(conn
->hcon
->hdev
, &smp
->id_addr
,
1371 smp
->id_addr_type
, smp
->irk
, &rpa
);
1374 if (!(smp
->remote_key_dist
& KEY_DIST_MASK
))
1375 smp_distribute_keys(smp
);
1377 hci_dev_unlock(hcon
->hdev
);
1382 static int smp_cmd_sign_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1384 struct smp_cmd_sign_info
*rp
= (void *) skb
->data
;
1385 struct l2cap_chan
*chan
= conn
->smp
;
1386 struct smp_chan
*smp
= chan
->data
;
1387 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
1388 struct smp_csrk
*csrk
;
1390 BT_DBG("conn %p", conn
);
1392 if (skb
->len
< sizeof(*rp
))
1393 return SMP_INVALID_PARAMS
;
1395 /* Ignore this PDU if it wasn't requested */
1396 if (!(smp
->remote_key_dist
& SMP_DIST_SIGN
))
1399 /* Mark the information as received */
1400 smp
->remote_key_dist
&= ~SMP_DIST_SIGN
;
1402 skb_pull(skb
, sizeof(*rp
));
1405 csrk
= kzalloc(sizeof(*csrk
), GFP_KERNEL
);
1407 csrk
->master
= 0x01;
1408 memcpy(csrk
->val
, rp
->csrk
, sizeof(csrk
->val
));
1411 smp_distribute_keys(smp
);
1412 hci_dev_unlock(hdev
);
1417 static int smp_sig_channel(struct l2cap_chan
*chan
, struct sk_buff
*skb
)
1419 struct l2cap_conn
*conn
= chan
->conn
;
1420 struct hci_conn
*hcon
= conn
->hcon
;
1424 if (hcon
->type
!= LE_LINK
) {
1432 if (!test_bit(HCI_LE_ENABLED
, &hcon
->hdev
->dev_flags
)) {
1433 reason
= SMP_PAIRING_NOTSUPP
;
1437 code
= skb
->data
[0];
1438 skb_pull(skb
, sizeof(code
));
1441 * The SMP context must be initialized for all other PDUs except
1442 * pairing and security requests. If we get any other PDU when
1443 * not initialized simply disconnect (done if this function
1444 * returns an error).
1446 if (code
!= SMP_CMD_PAIRING_REQ
&& code
!= SMP_CMD_SECURITY_REQ
&&
1448 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code
);
1454 case SMP_CMD_PAIRING_REQ
:
1455 reason
= smp_cmd_pairing_req(conn
, skb
);
1458 case SMP_CMD_PAIRING_FAIL
:
1459 smp_failure(conn
, 0);
1463 case SMP_CMD_PAIRING_RSP
:
1464 reason
= smp_cmd_pairing_rsp(conn
, skb
);
1467 case SMP_CMD_SECURITY_REQ
:
1468 reason
= smp_cmd_security_req(conn
, skb
);
1471 case SMP_CMD_PAIRING_CONFIRM
:
1472 reason
= smp_cmd_pairing_confirm(conn
, skb
);
1475 case SMP_CMD_PAIRING_RANDOM
:
1476 reason
= smp_cmd_pairing_random(conn
, skb
);
1479 case SMP_CMD_ENCRYPT_INFO
:
1480 reason
= smp_cmd_encrypt_info(conn
, skb
);
1483 case SMP_CMD_MASTER_IDENT
:
1484 reason
= smp_cmd_master_ident(conn
, skb
);
1487 case SMP_CMD_IDENT_INFO
:
1488 reason
= smp_cmd_ident_info(conn
, skb
);
1491 case SMP_CMD_IDENT_ADDR_INFO
:
1492 reason
= smp_cmd_ident_addr_info(conn
, skb
);
1495 case SMP_CMD_SIGN_INFO
:
1496 reason
= smp_cmd_sign_info(conn
, skb
);
1500 BT_DBG("Unknown command code 0x%2.2x", code
);
1501 reason
= SMP_CMD_NOTSUPP
;
1508 smp_failure(conn
, reason
);
1515 static void smp_teardown_cb(struct l2cap_chan
*chan
, int err
)
1517 struct l2cap_conn
*conn
= chan
->conn
;
1519 BT_DBG("chan %p", chan
);
1522 smp_chan_destroy(conn
);
1525 l2cap_chan_put(chan
);
1528 static void smp_resume_cb(struct l2cap_chan
*chan
)
1530 struct smp_chan
*smp
= chan
->data
;
1531 struct l2cap_conn
*conn
= chan
->conn
;
1532 struct hci_conn
*hcon
= conn
->hcon
;
1534 BT_DBG("chan %p", chan
);
1539 if (!test_bit(HCI_CONN_ENCRYPT
, &hcon
->flags
))
1542 cancel_delayed_work(&smp
->security_timer
);
1544 smp_distribute_keys(smp
);
1547 static void smp_ready_cb(struct l2cap_chan
*chan
)
1549 struct l2cap_conn
*conn
= chan
->conn
;
1551 BT_DBG("chan %p", chan
);
1554 l2cap_chan_hold(chan
);
1557 static int smp_recv_cb(struct l2cap_chan
*chan
, struct sk_buff
*skb
)
1561 BT_DBG("chan %p", chan
);
1563 err
= smp_sig_channel(chan
, skb
);
1565 struct smp_chan
*smp
= chan
->data
;
1568 cancel_delayed_work_sync(&smp
->security_timer
);
1570 hci_disconnect(chan
->conn
->hcon
, HCI_ERROR_AUTH_FAILURE
);
1576 static struct sk_buff
*smp_alloc_skb_cb(struct l2cap_chan
*chan
,
1577 unsigned long hdr_len
,
1578 unsigned long len
, int nb
)
1580 struct sk_buff
*skb
;
1582 skb
= bt_skb_alloc(hdr_len
+ len
, GFP_KERNEL
);
1584 return ERR_PTR(-ENOMEM
);
1586 skb
->priority
= HCI_PRIO_MAX
;
1587 bt_cb(skb
)->chan
= chan
;
1592 static const struct l2cap_ops smp_chan_ops
= {
1593 .name
= "Security Manager",
1594 .ready
= smp_ready_cb
,
1595 .recv
= smp_recv_cb
,
1596 .alloc_skb
= smp_alloc_skb_cb
,
1597 .teardown
= smp_teardown_cb
,
1598 .resume
= smp_resume_cb
,
1600 .new_connection
= l2cap_chan_no_new_connection
,
1601 .state_change
= l2cap_chan_no_state_change
,
1602 .close
= l2cap_chan_no_close
,
1603 .defer
= l2cap_chan_no_defer
,
1604 .suspend
= l2cap_chan_no_suspend
,
1605 .set_shutdown
= l2cap_chan_no_set_shutdown
,
1606 .get_sndtimeo
= l2cap_chan_no_get_sndtimeo
,
1607 .memcpy_fromiovec
= l2cap_chan_no_memcpy_fromiovec
,
1610 static inline struct l2cap_chan
*smp_new_conn_cb(struct l2cap_chan
*pchan
)
1612 struct l2cap_chan
*chan
;
1614 BT_DBG("pchan %p", pchan
);
1616 chan
= l2cap_chan_create();
1620 chan
->chan_type
= pchan
->chan_type
;
1621 chan
->ops
= &smp_chan_ops
;
1622 chan
->scid
= pchan
->scid
;
1623 chan
->dcid
= chan
->scid
;
1624 chan
->imtu
= pchan
->imtu
;
1625 chan
->omtu
= pchan
->omtu
;
1626 chan
->mode
= pchan
->mode
;
1628 BT_DBG("created chan %p", chan
);
1633 static const struct l2cap_ops smp_root_chan_ops
= {
1634 .name
= "Security Manager Root",
1635 .new_connection
= smp_new_conn_cb
,
1637 /* None of these are implemented for the root channel */
1638 .close
= l2cap_chan_no_close
,
1639 .alloc_skb
= l2cap_chan_no_alloc_skb
,
1640 .recv
= l2cap_chan_no_recv
,
1641 .state_change
= l2cap_chan_no_state_change
,
1642 .teardown
= l2cap_chan_no_teardown
,
1643 .ready
= l2cap_chan_no_ready
,
1644 .defer
= l2cap_chan_no_defer
,
1645 .suspend
= l2cap_chan_no_suspend
,
1646 .resume
= l2cap_chan_no_resume
,
1647 .set_shutdown
= l2cap_chan_no_set_shutdown
,
1648 .get_sndtimeo
= l2cap_chan_no_get_sndtimeo
,
1649 .memcpy_fromiovec
= l2cap_chan_no_memcpy_fromiovec
,
1652 int smp_register(struct hci_dev
*hdev
)
1654 struct l2cap_chan
*chan
;
1655 struct crypto_blkcipher
*tfm_aes
;
1657 BT_DBG("%s", hdev
->name
);
1659 tfm_aes
= crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC
);
1660 if (IS_ERR(tfm_aes
)) {
1661 int err
= PTR_ERR(tfm_aes
);
1662 BT_ERR("Unable to create crypto context");
1666 chan
= l2cap_chan_create();
1668 crypto_free_blkcipher(tfm_aes
);
1672 chan
->data
= tfm_aes
;
1674 l2cap_add_scid(chan
, L2CAP_CID_SMP
);
1676 l2cap_chan_set_defaults(chan
);
1678 bacpy(&chan
->src
, &hdev
->bdaddr
);
1679 chan
->src_type
= BDADDR_LE_PUBLIC
;
1680 chan
->state
= BT_LISTEN
;
1681 chan
->mode
= L2CAP_MODE_BASIC
;
1682 chan
->imtu
= L2CAP_DEFAULT_MTU
;
1683 chan
->ops
= &smp_root_chan_ops
;
1685 hdev
->smp_data
= chan
;
1690 void smp_unregister(struct hci_dev
*hdev
)
1692 struct l2cap_chan
*chan
= hdev
->smp_data
;
1693 struct crypto_blkcipher
*tfm_aes
;
1698 BT_DBG("%s chan %p", hdev
->name
, chan
);
1700 tfm_aes
= chan
->data
;
1703 crypto_free_blkcipher(tfm_aes
);
1706 hdev
->smp_data
= NULL
;
1707 l2cap_chan_put(chan
);