~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/bluetooth/smp.c

Version: ~ [ linux-5.16 ] ~ [ linux-5.15.13 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.90 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.170 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.224 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.261 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.296 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.298 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.18.140 ] ~ [ linux-3.16.85 ] ~ [ linux-3.14.79 ] ~ [ linux-3.12.74 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2    BlueZ - Bluetooth protocol stack for Linux
  3    Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
  4 
  5    This program is free software; you can redistribute it and/or modify
  6    it under the terms of the GNU General Public License version 2 as
  7    published by the Free Software Foundation;
  8 
  9    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
 10    OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 11    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
 12    IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
 13    CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
 14    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 15    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 16    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 17 
 18    ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
 19    COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
 20    SOFTWARE IS DISCLAIMED.
 21 */
 22 
 23 #include <linux/crypto.h>
 24 #include <linux/scatterlist.h>
 25 #include <crypto/algapi.h>
 26 #include <crypto/b128ops.h>
 27 
 28 #include <net/bluetooth/bluetooth.h>
 29 #include <net/bluetooth/hci_core.h>
 30 #include <net/bluetooth/l2cap.h>
 31 #include <net/bluetooth/mgmt.h>
 32 
 33 #include "smp.h"
 34 
 35 #define SMP_TIMEOUT     msecs_to_jiffies(30000)
 36 
 37 #define AUTH_REQ_MASK   0x07
 38 
 39 #define SMP_FLAG_TK_VALID       1
 40 #define SMP_FLAG_CFM_PENDING    2
 41 #define SMP_FLAG_MITM_AUTH      3
 42 #define SMP_FLAG_COMPLETE       4
 43 #define SMP_FLAG_INITIATOR      5
 44 
 45 struct smp_chan {
 46         struct l2cap_conn *conn;
 47         u8              preq[7]; /* SMP Pairing Request */
 48         u8              prsp[7]; /* SMP Pairing Response */
 49         u8              prnd[16]; /* SMP Pairing Random (local) */
 50         u8              rrnd[16]; /* SMP Pairing Random (remote) */
 51         u8              pcnf[16]; /* SMP Pairing Confirm */
 52         u8              tk[16]; /* SMP Temporary Key */
 53         u8              enc_key_size;
 54         u8              remote_key_dist;
 55         bdaddr_t        id_addr;
 56         u8              id_addr_type;
 57         u8              irk[16];
 58         struct smp_csrk *csrk;
 59         struct smp_csrk *slave_csrk;
 60         struct smp_ltk  *ltk;
 61         struct smp_ltk  *slave_ltk;
 62         struct smp_irk  *remote_irk;
 63         unsigned long   flags;
 64 };
 65 
 66 static inline void swap128(const u8 src[16], u8 dst[16])
 67 {
 68         int i;
 69         for (i = 0; i < 16; i++)
 70                 dst[15 - i] = src[i];
 71 }
 72 
 73 static inline void swap56(const u8 src[7], u8 dst[7])
 74 {
 75         int i;
 76         for (i = 0; i < 7; i++)
 77                 dst[6 - i] = src[i];
 78 }
 79 
 80 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
 81 {
 82         struct blkcipher_desc desc;
 83         struct scatterlist sg;
 84         uint8_t tmp[16], data[16];
 85         int err;
 86 
 87         if (tfm == NULL) {
 88                 BT_ERR("tfm %p", tfm);
 89                 return -EINVAL;
 90         }
 91 
 92         desc.tfm = tfm;
 93         desc.flags = 0;
 94 
 95         /* The most significant octet of key corresponds to k[0] */
 96         swap128(k, tmp);
 97 
 98         err = crypto_blkcipher_setkey(tfm, tmp, 16);
 99         if (err) {
100                 BT_ERR("cipher setkey failed: %d", err);
101                 return err;
102         }
103 
104         /* Most significant octet of plaintextData corresponds to data[0] */
105         swap128(r, data);
106 
107         sg_init_one(&sg, data, 16);
108 
109         err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
110         if (err)
111                 BT_ERR("Encrypt data error %d", err);
112 
113         /* Most significant octet of encryptedData corresponds to data[0] */
114         swap128(data, r);
115 
116         return err;
117 }
118 
119 static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
120 {
121         u8 _res[16];
122         int err;
123 
124         /* r' = padding || r */
125         memcpy(_res, r, 3);
126         memset(_res + 3, 0, 13);
127 
128         err = smp_e(tfm, irk, _res);
129         if (err) {
130                 BT_ERR("Encrypt error");
131                 return err;
132         }
133 
134         /* The output of the random address function ah is:
135          *      ah(h, r) = e(k, r') mod 2^24
136          * The output of the security function e is then truncated to 24 bits
137          * by taking the least significant 24 bits of the output of e as the
138          * result of ah.
139          */
140         memcpy(res, _res, 3);
141 
142         return 0;
143 }
144 
145 bool smp_irk_matches(struct crypto_blkcipher *tfm, u8 irk[16],
146                      bdaddr_t *bdaddr)
147 {
148         u8 hash[3];
149         int err;
150 
151         BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk);
152 
153         err = smp_ah(tfm, irk, &bdaddr->b[3], hash);
154         if (err)
155                 return false;
156 
157         return !crypto_memneq(bdaddr->b, hash, 3);
158 }
159 
160 int smp_generate_rpa(struct crypto_blkcipher *tfm, u8 irk[16], bdaddr_t *rpa)
161 {
162         int err;
163 
164         get_random_bytes(&rpa->b[3], 3);
165 
166         rpa->b[5] &= 0x3f;      /* Clear two most significant bits */
167         rpa->b[5] |= 0x40;      /* Set second most significant bit */
168 
169         err = smp_ah(tfm, irk, &rpa->b[3], rpa->b);
170         if (err < 0)
171                 return err;
172 
173         BT_DBG("RPA %pMR", rpa);
174 
175         return 0;
176 }
177 
178 static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
179                   u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
180                   u8 _rat, bdaddr_t *ra, u8 res[16])
181 {
182         u8 p1[16], p2[16];
183         int err;
184 
185         memset(p1, 0, 16);
186 
187         /* p1 = pres || preq || _rat || _iat */
188         p1[0] = _iat;
189         p1[1] = _rat;
190         memcpy(p1 + 2, preq, 7);
191         memcpy(p1 + 9, pres, 7);
192 
193         /* p2 = padding || ia || ra */
194         memcpy(p2, ra, 6);
195         memcpy(p2 + 6, ia, 6);
196         memset(p2 + 12, 0, 4);
197 
198         /* res = r XOR p1 */
199         u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
200 
201         /* res = e(k, res) */
202         err = smp_e(tfm, k, res);
203         if (err) {
204                 BT_ERR("Encrypt data error");
205                 return err;
206         }
207 
208         /* res = res XOR p2 */
209         u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
210 
211         /* res = e(k, res) */
212         err = smp_e(tfm, k, res);
213         if (err)
214                 BT_ERR("Encrypt data error");
215 
216         return err;
217 }
218 
219 static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16], u8 r1[16],
220                   u8 r2[16], u8 _r[16])
221 {
222         int err;
223 
224         /* Just least significant octets from r1 and r2 are considered */
225         memcpy(_r, r2, 8);
226         memcpy(_r + 8, r1, 8);
227 
228         err = smp_e(tfm, k, _r);
229         if (err)
230                 BT_ERR("Encrypt data error");
231 
232         return err;
233 }
234 
235 static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
236                                      u16 dlen, void *data)
237 {
238         struct sk_buff *skb;
239         struct l2cap_hdr *lh;
240         int len;
241 
242         len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
243 
244         if (len > conn->mtu)
245                 return NULL;
246 
247         skb = bt_skb_alloc(len, GFP_ATOMIC);
248         if (!skb)
249                 return NULL;
250 
251         lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
252         lh->len = cpu_to_le16(sizeof(code) + dlen);
253         lh->cid = cpu_to_le16(L2CAP_CID_SMP);
254 
255         memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
256 
257         memcpy(skb_put(skb, dlen), data, dlen);
258 
259         return skb;
260 }
261 
262 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
263 {
264         struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
265 
266         BT_DBG("code 0x%2.2x", code);
267 
268         if (!skb)
269                 return;
270 
271         skb->priority = HCI_PRIO_MAX;
272         hci_send_acl(conn->hchan, skb, 0);
273 
274         cancel_delayed_work_sync(&conn->security_timer);
275         schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
276 }
277 
278 static __u8 authreq_to_seclevel(__u8 authreq)
279 {
280         if (authreq & SMP_AUTH_MITM)
281                 return BT_SECURITY_HIGH;
282         else
283                 return BT_SECURITY_MEDIUM;
284 }
285 
286 static __u8 seclevel_to_authreq(__u8 sec_level)
287 {
288         switch (sec_level) {
289         case BT_SECURITY_HIGH:
290                 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
291         case BT_SECURITY_MEDIUM:
292                 return SMP_AUTH_BONDING;
293         default:
294                 return SMP_AUTH_NONE;
295         }
296 }
297 
298 static void build_pairing_cmd(struct l2cap_conn *conn,
299                               struct smp_cmd_pairing *req,
300                               struct smp_cmd_pairing *rsp, __u8 authreq)
301 {
302         struct smp_chan *smp = conn->smp_chan;
303         struct hci_conn *hcon = conn->hcon;
304         struct hci_dev *hdev = hcon->hdev;
305         u8 local_dist = 0, remote_dist = 0;
306 
307         if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
308                 local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
309                 remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
310                 authreq |= SMP_AUTH_BONDING;
311         } else {
312                 authreq &= ~SMP_AUTH_BONDING;
313         }
314 
315         if (test_bit(HCI_RPA_RESOLVING, &hdev->dev_flags))
316                 remote_dist |= SMP_DIST_ID_KEY;
317 
318         if (test_bit(HCI_PRIVACY, &hdev->dev_flags))
319                 local_dist |= SMP_DIST_ID_KEY;
320 
321         if (rsp == NULL) {
322                 req->io_capability = conn->hcon->io_capability;
323                 req->oob_flag = SMP_OOB_NOT_PRESENT;
324                 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
325                 req->init_key_dist = local_dist;
326                 req->resp_key_dist = remote_dist;
327                 req->auth_req = (authreq & AUTH_REQ_MASK);
328 
329                 smp->remote_key_dist = remote_dist;
330                 return;
331         }
332 
333         rsp->io_capability = conn->hcon->io_capability;
334         rsp->oob_flag = SMP_OOB_NOT_PRESENT;
335         rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
336         rsp->init_key_dist = req->init_key_dist & remote_dist;
337         rsp->resp_key_dist = req->resp_key_dist & local_dist;
338         rsp->auth_req = (authreq & AUTH_REQ_MASK);
339 
340         smp->remote_key_dist = rsp->init_key_dist;
341 }
342 
343 static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
344 {
345         struct smp_chan *smp = conn->smp_chan;
346 
347         if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
348             (max_key_size < SMP_MIN_ENC_KEY_SIZE))
349                 return SMP_ENC_KEY_SIZE;
350 
351         smp->enc_key_size = max_key_size;
352 
353         return 0;
354 }
355 
356 static void smp_failure(struct l2cap_conn *conn, u8 reason)
357 {
358         struct hci_conn *hcon = conn->hcon;
359 
360         if (reason)
361                 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
362                              &reason);
363 
364         clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
365         mgmt_auth_failed(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type,
366                          HCI_ERROR_AUTH_FAILURE);
367 
368         cancel_delayed_work_sync(&conn->security_timer);
369 
370         if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
371                 smp_chan_destroy(conn);
372 }
373 
374 #define JUST_WORKS      0x00
375 #define JUST_CFM        0x01
376 #define REQ_PASSKEY     0x02
377 #define CFM_PASSKEY     0x03
378 #define REQ_OOB         0x04
379 #define OVERLAP         0xFF
380 
381 static const u8 gen_method[5][5] = {
382         { JUST_WORKS,  JUST_CFM,    REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
383         { JUST_WORKS,  JUST_CFM,    REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
384         { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
385         { JUST_WORKS,  JUST_CFM,    JUST_WORKS,  JUST_WORKS, JUST_CFM    },
386         { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP     },
387 };
388 
389 static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
390 {
391         /* If either side has unknown io_caps, use JUST WORKS */
392         if (local_io > SMP_IO_KEYBOARD_DISPLAY ||
393             remote_io > SMP_IO_KEYBOARD_DISPLAY)
394                 return JUST_WORKS;
395 
396         return gen_method[remote_io][local_io];
397 }
398 
399 static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
400                                                 u8 local_io, u8 remote_io)
401 {
402         struct hci_conn *hcon = conn->hcon;
403         struct smp_chan *smp = conn->smp_chan;
404         u8 method;
405         u32 passkey = 0;
406         int ret = 0;
407 
408         /* Initialize key for JUST WORKS */
409         memset(smp->tk, 0, sizeof(smp->tk));
410         clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
411 
412         BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
413 
414         /* If neither side wants MITM, use JUST WORKS */
415         /* Otherwise, look up method from the table */
416         if (!(auth & SMP_AUTH_MITM))
417                 method = JUST_WORKS;
418         else
419                 method = get_auth_method(smp, local_io, remote_io);
420 
421         /* If not bonding, don't ask user to confirm a Zero TK */
422         if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM)
423                 method = JUST_WORKS;
424 
425         /* Don't confirm locally initiated pairing attempts */
426         if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags))
427                 method = JUST_WORKS;
428 
429         /* If Just Works, Continue with Zero TK */
430         if (method == JUST_WORKS) {
431                 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
432                 return 0;
433         }
434 
435         /* Not Just Works/Confirm results in MITM Authentication */
436         if (method != JUST_CFM) {
437                 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
438                 if (hcon->pending_sec_level < BT_SECURITY_HIGH)
439                         hcon->pending_sec_level = BT_SECURITY_HIGH;
440         }
441 
442         /* If both devices have Keyoard-Display I/O, the master
443          * Confirms and the slave Enters the passkey.
444          */
445         if (method == OVERLAP) {
446                 if (hcon->link_mode & HCI_LM_MASTER)
447                         method = CFM_PASSKEY;
448                 else
449                         method = REQ_PASSKEY;
450         }
451 
452         /* Generate random passkey. */
453         if (method == CFM_PASSKEY) {
454                 memset(smp->tk, 0, sizeof(smp->tk));
455                 get_random_bytes(&passkey, sizeof(passkey));
456                 passkey %= 1000000;
457                 put_unaligned_le32(passkey, smp->tk);
458                 BT_DBG("PassKey: %d", passkey);
459                 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
460         }
461 
462         hci_dev_lock(hcon->hdev);
463 
464         if (method == REQ_PASSKEY)
465                 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
466                                                 hcon->type, hcon->dst_type);
467         else if (method == JUST_CFM)
468                 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
469                                                 hcon->type, hcon->dst_type,
470                                                 passkey, 1);
471         else
472                 ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst,
473                                                 hcon->type, hcon->dst_type,
474                                                 passkey, 0);
475 
476         hci_dev_unlock(hcon->hdev);
477 
478         return ret;
479 }
480 
481 static u8 smp_confirm(struct smp_chan *smp)
482 {
483         struct l2cap_conn *conn = smp->conn;
484         struct hci_dev *hdev = conn->hcon->hdev;
485         struct crypto_blkcipher *tfm = hdev->tfm_aes;
486         struct smp_cmd_pairing_confirm cp;
487         int ret;
488 
489         BT_DBG("conn %p", conn);
490 
491         /* Prevent mutual access to hdev->tfm_aes */
492         hci_dev_lock(hdev);
493 
494         ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
495                      conn->hcon->init_addr_type, &conn->hcon->init_addr,
496                      conn->hcon->resp_addr_type, &conn->hcon->resp_addr,
497                      cp.confirm_val);
498 
499         hci_dev_unlock(hdev);
500 
501         if (ret)
502                 return SMP_UNSPECIFIED;
503 
504         clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
505 
506         smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
507 
508         return 0;
509 }
510 
511 static u8 smp_random(struct smp_chan *smp)
512 {
513         struct l2cap_conn *conn = smp->conn;
514         struct hci_conn *hcon = conn->hcon;
515         struct hci_dev *hdev = hcon->hdev;
516         struct crypto_blkcipher *tfm = hdev->tfm_aes;
517         u8 confirm[16];
518         int ret;
519 
520         if (IS_ERR_OR_NULL(tfm))
521                 return SMP_UNSPECIFIED;
522 
523         BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
524 
525         /* Prevent mutual access to hdev->tfm_aes */
526         hci_dev_lock(hdev);
527 
528         ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
529                      hcon->init_addr_type, &hcon->init_addr,
530                      hcon->resp_addr_type, &hcon->resp_addr, confirm);
531 
532         hci_dev_unlock(hdev);
533 
534         if (ret)
535                 return SMP_UNSPECIFIED;
536 
537         if (crypto_memneq(smp->pcnf, confirm, sizeof(smp->pcnf))) {
538                 BT_ERR("Pairing failed (confirmation values mismatch)");
539                 return SMP_CONFIRM_FAILED;
540         }
541 
542         if (hcon->out) {
543                 u8 stk[16];
544                 __le64 rand = 0;
545                 __le16 ediv = 0;
546 
547                 smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, stk);
548 
549                 memset(stk + smp->enc_key_size, 0,
550                        SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
551 
552                 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
553                         return SMP_UNSPECIFIED;
554 
555                 hci_le_start_enc(hcon, ediv, rand, stk);
556                 hcon->enc_key_size = smp->enc_key_size;
557         } else {
558                 u8 stk[16], auth;
559                 __le64 rand = 0;
560                 __le16 ediv = 0;
561 
562                 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
563                              smp->prnd);
564 
565                 smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, stk);
566 
567                 memset(stk + smp->enc_key_size, 0,
568                        SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
569 
570                 if (hcon->pending_sec_level == BT_SECURITY_HIGH)
571                         auth = 1;
572                 else
573                         auth = 0;
574 
575                 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
576                             HCI_SMP_STK_SLAVE, auth, stk, smp->enc_key_size,
577                             ediv, rand);
578         }
579 
580         return 0;
581 }
582 
583 static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
584 {
585         struct smp_chan *smp;
586 
587         smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
588         if (!smp)
589                 return NULL;
590 
591         smp->conn = conn;
592         conn->smp_chan = smp;
593         conn->hcon->smp_conn = conn;
594 
595         hci_conn_hold(conn->hcon);
596 
597         return smp;
598 }
599 
600 void smp_chan_destroy(struct l2cap_conn *conn)
601 {
602         struct smp_chan *smp = conn->smp_chan;
603         bool complete;
604 
605         BUG_ON(!smp);
606 
607         complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
608         mgmt_smp_complete(conn->hcon, complete);
609 
610         kfree(smp->csrk);
611         kfree(smp->slave_csrk);
612 
613         /* If pairing failed clean up any keys we might have */
614         if (!complete) {
615                 if (smp->ltk) {
616                         list_del(&smp->ltk->list);
617                         kfree(smp->ltk);
618                 }
619 
620                 if (smp->slave_ltk) {
621                         list_del(&smp->slave_ltk->list);
622                         kfree(smp->slave_ltk);
623                 }
624 
625                 if (smp->remote_irk) {
626                         list_del(&smp->remote_irk->list);
627                         kfree(smp->remote_irk);
628                 }
629         }
630 
631         kfree(smp);
632         conn->smp_chan = NULL;
633         conn->hcon->smp_conn = NULL;
634         hci_conn_drop(conn->hcon);
635 }
636 
637 int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
638 {
639         struct l2cap_conn *conn = hcon->smp_conn;
640         struct smp_chan *smp;
641         u32 value;
642 
643         BT_DBG("");
644 
645         if (!conn)
646                 return -ENOTCONN;
647 
648         smp = conn->smp_chan;
649 
650         switch (mgmt_op) {
651         case MGMT_OP_USER_PASSKEY_REPLY:
652                 value = le32_to_cpu(passkey);
653                 memset(smp->tk, 0, sizeof(smp->tk));
654                 BT_DBG("PassKey: %d", value);
655                 put_unaligned_le32(value, smp->tk);
656                 /* Fall Through */
657         case MGMT_OP_USER_CONFIRM_REPLY:
658                 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
659                 break;
660         case MGMT_OP_USER_PASSKEY_NEG_REPLY:
661         case MGMT_OP_USER_CONFIRM_NEG_REPLY:
662                 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
663                 return 0;
664         default:
665                 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
666                 return -EOPNOTSUPP;
667         }
668 
669         /* If it is our turn to send Pairing Confirm, do so now */
670         if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) {
671                 u8 rsp = smp_confirm(smp);
672                 if (rsp)
673                         smp_failure(conn, rsp);
674         }
675 
676         return 0;
677 }
678 
679 static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
680 {
681         struct smp_cmd_pairing rsp, *req = (void *) skb->data;
682         struct smp_chan *smp;
683         u8 key_size, auth, sec_level;
684         int ret;
685 
686         BT_DBG("conn %p", conn);
687 
688         if (skb->len < sizeof(*req))
689                 return SMP_INVALID_PARAMS;
690 
691         if (conn->hcon->link_mode & HCI_LM_MASTER)
692                 return SMP_CMD_NOTSUPP;
693 
694         if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
695                 smp = smp_chan_create(conn);
696         else
697                 smp = conn->smp_chan;
698 
699         if (!smp)
700                 return SMP_UNSPECIFIED;
701 
702         smp->preq[0] = SMP_CMD_PAIRING_REQ;
703         memcpy(&smp->preq[1], req, sizeof(*req));
704         skb_pull(skb, sizeof(*req));
705 
706         /* We didn't start the pairing, so match remote */
707         auth = req->auth_req;
708 
709         sec_level = authreq_to_seclevel(auth);
710         if (sec_level > conn->hcon->pending_sec_level)
711                 conn->hcon->pending_sec_level = sec_level;
712 
713         /* If we need MITM check that it can be acheived */
714         if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
715                 u8 method;
716 
717                 method = get_auth_method(smp, conn->hcon->io_capability,
718                                          req->io_capability);
719                 if (method == JUST_WORKS || method == JUST_CFM)
720                         return SMP_AUTH_REQUIREMENTS;
721         }
722 
723         build_pairing_cmd(conn, req, &rsp, auth);
724 
725         key_size = min(req->max_key_size, rsp.max_key_size);
726         if (check_enc_key_size(conn, key_size))
727                 return SMP_ENC_KEY_SIZE;
728 
729         get_random_bytes(smp->prnd, sizeof(smp->prnd));
730 
731         smp->prsp[0] = SMP_CMD_PAIRING_RSP;
732         memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
733 
734         smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
735 
736         /* Request setup of TK */
737         ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
738         if (ret)
739                 return SMP_UNSPECIFIED;
740 
741         clear_bit(SMP_FLAG_INITIATOR, &smp->flags);
742 
743         return 0;
744 }
745 
746 static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
747 {
748         struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
749         struct smp_chan *smp = conn->smp_chan;
750         u8 key_size, auth = SMP_AUTH_NONE;
751         int ret;
752 
753         BT_DBG("conn %p", conn);
754 
755         if (skb->len < sizeof(*rsp))
756                 return SMP_INVALID_PARAMS;
757 
758         if (!(conn->hcon->link_mode & HCI_LM_MASTER))
759                 return SMP_CMD_NOTSUPP;
760 
761         skb_pull(skb, sizeof(*rsp));
762 
763         req = (void *) &smp->preq[1];
764 
765         key_size = min(req->max_key_size, rsp->max_key_size);
766         if (check_enc_key_size(conn, key_size))
767                 return SMP_ENC_KEY_SIZE;
768 
769         /* If we need MITM check that it can be acheived */
770         if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
771                 u8 method;
772 
773                 method = get_auth_method(smp, req->io_capability,
774                                          rsp->io_capability);
775                 if (method == JUST_WORKS || method == JUST_CFM)
776                         return SMP_AUTH_REQUIREMENTS;
777         }
778 
779         get_random_bytes(smp->prnd, sizeof(smp->prnd));
780 
781         smp->prsp[0] = SMP_CMD_PAIRING_RSP;
782         memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
783 
784         /* Update remote key distribution in case the remote cleared
785          * some bits that we had enabled in our request.
786          */
787         smp->remote_key_dist &= rsp->resp_key_dist;
788 
789         if ((req->auth_req & SMP_AUTH_BONDING) &&
790             (rsp->auth_req & SMP_AUTH_BONDING))
791                 auth = SMP_AUTH_BONDING;
792 
793         auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
794 
795         ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
796         if (ret)
797                 return SMP_UNSPECIFIED;
798 
799         set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
800 
801         /* Can't compose response until we have been confirmed */
802         if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
803                 return smp_confirm(smp);
804 
805         return 0;
806 }
807 
808 static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
809 {
810         struct smp_chan *smp = conn->smp_chan;
811 
812         BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
813 
814         if (skb->len < sizeof(smp->pcnf))
815                 return SMP_INVALID_PARAMS;
816 
817         memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
818         skb_pull(skb, sizeof(smp->pcnf));
819 
820         if (conn->hcon->out)
821                 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
822                              smp->prnd);
823         else if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
824                 return smp_confirm(smp);
825         else
826                 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
827 
828         return 0;
829 }
830 
831 static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
832 {
833         struct smp_chan *smp = conn->smp_chan;
834 
835         BT_DBG("conn %p", conn);
836 
837         if (skb->len < sizeof(smp->rrnd))
838                 return SMP_INVALID_PARAMS;
839 
840         memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
841         skb_pull(skb, sizeof(smp->rrnd));
842 
843         return smp_random(smp);
844 }
845 
846 static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
847 {
848         struct smp_ltk *key;
849         struct hci_conn *hcon = conn->hcon;
850 
851         key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
852                                    hcon->out);
853         if (!key)
854                 return 0;
855 
856         if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
857                 return 0;
858 
859         if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
860                 return 1;
861 
862         hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
863         hcon->enc_key_size = key->enc_size;
864 
865         return 1;
866 }
867 
868 static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
869 {
870         struct smp_cmd_security_req *rp = (void *) skb->data;
871         struct smp_cmd_pairing cp;
872         struct hci_conn *hcon = conn->hcon;
873         struct smp_chan *smp;
874         u8 sec_level;
875 
876         BT_DBG("conn %p", conn);
877 
878         if (skb->len < sizeof(*rp))
879                 return SMP_INVALID_PARAMS;
880 
881         if (!(conn->hcon->link_mode & HCI_LM_MASTER))
882                 return SMP_CMD_NOTSUPP;
883 
884         sec_level = authreq_to_seclevel(rp->auth_req);
885         if (sec_level > hcon->pending_sec_level)
886                 hcon->pending_sec_level = sec_level;
887 
888         if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
889                 return 0;
890 
891         if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
892                 return 0;
893 
894         smp = smp_chan_create(conn);
895 
896         skb_pull(skb, sizeof(*rp));
897 
898         memset(&cp, 0, sizeof(cp));
899         build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
900 
901         smp->preq[0] = SMP_CMD_PAIRING_REQ;
902         memcpy(&smp->preq[1], &cp, sizeof(cp));
903 
904         smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
905 
906         clear_bit(SMP_FLAG_INITIATOR, &smp->flags);
907 
908         return 0;
909 }
910 
911 bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level)
912 {
913         if (sec_level == BT_SECURITY_LOW)
914                 return true;
915 
916         if (hcon->sec_level >= sec_level)
917                 return true;
918 
919         return false;
920 }
921 
922 int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
923 {
924         struct l2cap_conn *conn = hcon->l2cap_data;
925         struct smp_chan *smp;
926         __u8 authreq;
927 
928         BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
929 
930         /* This may be NULL if there's an unexpected disconnection */
931         if (!conn)
932                 return 1;
933 
934         if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
935                 return 1;
936 
937         if (smp_sufficient_security(hcon, sec_level))
938                 return 1;
939 
940         if (sec_level > hcon->pending_sec_level)
941                 hcon->pending_sec_level = sec_level;
942 
943         if (hcon->link_mode & HCI_LM_MASTER)
944                 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
945                         return 0;
946 
947         if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
948                 return 0;
949 
950         smp = smp_chan_create(conn);
951         if (!smp)
952                 return 1;
953 
954         authreq = seclevel_to_authreq(sec_level);
955 
956         /* Require MITM if IO Capability allows or the security level
957          * requires it.
958          */
959         if (hcon->io_capability != HCI_IO_NO_INPUT_OUTPUT ||
960             hcon->pending_sec_level > BT_SECURITY_MEDIUM)
961                 authreq |= SMP_AUTH_MITM;
962 
963         if (hcon->link_mode & HCI_LM_MASTER) {
964                 struct smp_cmd_pairing cp;
965 
966                 build_pairing_cmd(conn, &cp, NULL, authreq);
967                 smp->preq[0] = SMP_CMD_PAIRING_REQ;
968                 memcpy(&smp->preq[1], &cp, sizeof(cp));
969 
970                 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
971         } else {
972                 struct smp_cmd_security_req cp;
973                 cp.auth_req = authreq;
974                 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
975         }
976 
977         set_bit(SMP_FLAG_INITIATOR, &smp->flags);
978 
979         return 0;
980 }
981 
982 static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
983 {
984         struct smp_cmd_encrypt_info *rp = (void *) skb->data;
985         struct smp_chan *smp = conn->smp_chan;
986 
987         BT_DBG("conn %p", conn);
988 
989         if (skb->len < sizeof(*rp))
990                 return SMP_INVALID_PARAMS;
991 
992         /* Ignore this PDU if it wasn't requested */
993         if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
994                 return 0;
995 
996         skb_pull(skb, sizeof(*rp));
997 
998         memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
999 
1000         return 0;
1001 }
1002 
1003 static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
1004 {
1005         struct smp_cmd_master_ident *rp = (void *) skb->data;
1006         struct smp_chan *smp = conn->smp_chan;
1007         struct hci_dev *hdev = conn->hcon->hdev;
1008         struct hci_conn *hcon = conn->hcon;
1009         struct smp_ltk *ltk;
1010         u8 authenticated;
1011 
1012         BT_DBG("conn %p", conn);
1013 
1014         if (skb->len < sizeof(*rp))
1015                 return SMP_INVALID_PARAMS;
1016 
1017         /* Ignore this PDU if it wasn't requested */
1018         if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
1019                 return 0;
1020 
1021         /* Mark the information as received */
1022         smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
1023 
1024         skb_pull(skb, sizeof(*rp));
1025 
1026         hci_dev_lock(hdev);
1027         authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
1028         ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, HCI_SMP_LTK,
1029                           authenticated, smp->tk, smp->enc_key_size,
1030                           rp->ediv, rp->rand);
1031         smp->ltk = ltk;
1032         if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1033                 smp_distribute_keys(conn);
1034         hci_dev_unlock(hdev);
1035 
1036         return 0;
1037 }
1038 
1039 static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
1040 {
1041         struct smp_cmd_ident_info *info = (void *) skb->data;
1042         struct smp_chan *smp = conn->smp_chan;
1043 
1044         BT_DBG("");
1045 
1046         if (skb->len < sizeof(*info))
1047                 return SMP_INVALID_PARAMS;
1048 
1049         /* Ignore this PDU if it wasn't requested */
1050         if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1051                 return 0;
1052 
1053         skb_pull(skb, sizeof(*info));
1054 
1055         memcpy(smp->irk, info->irk, 16);
1056 
1057         return 0;
1058 }
1059 
1060 static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
1061                                    struct sk_buff *skb)
1062 {
1063         struct smp_cmd_ident_addr_info *info = (void *) skb->data;
1064         struct smp_chan *smp = conn->smp_chan;
1065         struct hci_conn *hcon = conn->hcon;
1066         bdaddr_t rpa;
1067 
1068         BT_DBG("");
1069 
1070         if (skb->len < sizeof(*info))
1071                 return SMP_INVALID_PARAMS;
1072 
1073         /* Ignore this PDU if it wasn't requested */
1074         if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1075                 return 0;
1076 
1077         /* Mark the information as received */
1078         smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
1079 
1080         skb_pull(skb, sizeof(*info));
1081 
1082         /* Strictly speaking the Core Specification (4.1) allows sending
1083          * an empty address which would force us to rely on just the IRK
1084          * as "identity information". However, since such
1085          * implementations are not known of and in order to not over
1086          * complicate our implementation, simply pretend that we never
1087          * received an IRK for such a device.
1088          */
1089         if (!bacmp(&info->bdaddr, BDADDR_ANY)) {
1090                 BT_ERR("Ignoring IRK with no identity address");
1091                 smp_distribute_keys(conn);
1092                 return 0;
1093         }
1094 
1095         bacpy(&smp->id_addr, &info->bdaddr);
1096         smp->id_addr_type = info->addr_type;
1097 
1098         if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type))
1099                 bacpy(&rpa, &hcon->dst);
1100         else
1101                 bacpy(&rpa, BDADDR_ANY);
1102 
1103         smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
1104                                       smp->id_addr_type, smp->irk, &rpa);
1105 
1106         smp_distribute_keys(conn);
1107 
1108         return 0;
1109 }
1110 
1111 static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb)
1112 {
1113         struct smp_cmd_sign_info *rp = (void *) skb->data;
1114         struct smp_chan *smp = conn->smp_chan;
1115         struct hci_dev *hdev = conn->hcon->hdev;
1116         struct smp_csrk *csrk;
1117 
1118         BT_DBG("conn %p", conn);
1119 
1120         if (skb->len < sizeof(*rp))
1121                 return SMP_INVALID_PARAMS;
1122 
1123         /* Ignore this PDU if it wasn't requested */
1124         if (!(smp->remote_key_dist & SMP_DIST_SIGN))
1125                 return 0;
1126 
1127         /* Mark the information as received */
1128         smp->remote_key_dist &= ~SMP_DIST_SIGN;
1129 
1130         skb_pull(skb, sizeof(*rp));
1131 
1132         hci_dev_lock(hdev);
1133         csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1134         if (csrk) {
1135                 csrk->master = 0x01;
1136                 memcpy(csrk->val, rp->csrk, sizeof(csrk->val));
1137         }
1138         smp->csrk = csrk;
1139         if (!(smp->remote_key_dist & SMP_DIST_SIGN))
1140                 smp_distribute_keys(conn);
1141         hci_dev_unlock(hdev);
1142 
1143         return 0;
1144 }
1145 
1146 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
1147 {
1148         struct hci_conn *hcon = conn->hcon;
1149         __u8 code, reason;
1150         int err = 0;
1151 
1152         if (hcon->type != LE_LINK) {
1153                 kfree_skb(skb);
1154                 return 0;
1155         }
1156 
1157         if (skb->len < 1) {
1158                 kfree_skb(skb);
1159                 return -EILSEQ;
1160         }
1161 
1162         if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
1163                 err = -ENOTSUPP;
1164                 reason = SMP_PAIRING_NOTSUPP;
1165                 goto done;
1166         }
1167 
1168         code = skb->data[0];
1169         skb_pull(skb, sizeof(code));
1170 
1171         /*
1172          * The SMP context must be initialized for all other PDUs except
1173          * pairing and security requests. If we get any other PDU when
1174          * not initialized simply disconnect (done if this function
1175          * returns an error).
1176          */
1177         if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ &&
1178             !conn->smp_chan) {
1179                 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code);
1180                 kfree_skb(skb);
1181                 return -ENOTSUPP;
1182         }
1183 
1184         switch (code) {
1185         case SMP_CMD_PAIRING_REQ:
1186                 reason = smp_cmd_pairing_req(conn, skb);
1187                 break;
1188 
1189         case SMP_CMD_PAIRING_FAIL:
1190                 smp_failure(conn, 0);
1191                 reason = 0;
1192                 err = -EPERM;
1193                 break;
1194 
1195         case SMP_CMD_PAIRING_RSP:
1196                 reason = smp_cmd_pairing_rsp(conn, skb);
1197                 break;
1198 
1199         case SMP_CMD_SECURITY_REQ:
1200                 reason = smp_cmd_security_req(conn, skb);
1201                 break;
1202 
1203         case SMP_CMD_PAIRING_CONFIRM:
1204                 reason = smp_cmd_pairing_confirm(conn, skb);
1205                 break;
1206 
1207         case SMP_CMD_PAIRING_RANDOM:
1208                 reason = smp_cmd_pairing_random(conn, skb);
1209                 break;
1210 
1211         case SMP_CMD_ENCRYPT_INFO:
1212                 reason = smp_cmd_encrypt_info(conn, skb);
1213                 break;
1214 
1215         case SMP_CMD_MASTER_IDENT:
1216                 reason = smp_cmd_master_ident(conn, skb);
1217                 break;
1218 
1219         case SMP_CMD_IDENT_INFO:
1220                 reason = smp_cmd_ident_info(conn, skb);
1221                 break;
1222 
1223         case SMP_CMD_IDENT_ADDR_INFO:
1224                 reason = smp_cmd_ident_addr_info(conn, skb);
1225                 break;
1226 
1227         case SMP_CMD_SIGN_INFO:
1228                 reason = smp_cmd_sign_info(conn, skb);
1229                 break;
1230 
1231         default:
1232                 BT_DBG("Unknown command code 0x%2.2x", code);
1233 
1234                 reason = SMP_CMD_NOTSUPP;
1235                 err = -EOPNOTSUPP;
1236                 goto done;
1237         }
1238 
1239 done:
1240         if (reason)
1241                 smp_failure(conn, reason);
1242 
1243         kfree_skb(skb);
1244         return err;
1245 }
1246 
1247 static void smp_notify_keys(struct l2cap_conn *conn)
1248 {
1249         struct smp_chan *smp = conn->smp_chan;
1250         struct hci_conn *hcon = conn->hcon;
1251         struct hci_dev *hdev = hcon->hdev;
1252         struct smp_cmd_pairing *req = (void *) &smp->preq[1];
1253         struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
1254         bool persistent;
1255 
1256         if (smp->remote_irk) {
1257                 mgmt_new_irk(hdev, smp->remote_irk);
1258                 /* Now that user space can be considered to know the
1259                  * identity address track the connection based on it
1260                  * from now on.
1261                  */
1262                 bacpy(&hcon->dst, &smp->remote_irk->bdaddr);
1263                 hcon->dst_type = smp->remote_irk->addr_type;
1264                 l2cap_conn_update_id_addr(hcon);
1265         }
1266 
1267         /* The LTKs and CSRKs should be persistent only if both sides
1268          * had the bonding bit set in their authentication requests.
1269          */
1270         persistent = !!((req->auth_req & rsp->auth_req) & SMP_AUTH_BONDING);
1271 
1272         if (smp->csrk) {
1273                 smp->csrk->bdaddr_type = hcon->dst_type;
1274                 bacpy(&smp->csrk->bdaddr, &hcon->dst);
1275                 mgmt_new_csrk(hdev, smp->csrk, persistent);
1276         }
1277 
1278         if (smp->slave_csrk) {
1279                 smp->slave_csrk->bdaddr_type = hcon->dst_type;
1280                 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst);
1281                 mgmt_new_csrk(hdev, smp->slave_csrk, persistent);
1282         }
1283 
1284         if (smp->ltk) {
1285                 smp->ltk->bdaddr_type = hcon->dst_type;
1286                 bacpy(&smp->ltk->bdaddr, &hcon->dst);
1287                 mgmt_new_ltk(hdev, smp->ltk, persistent);
1288         }
1289 
1290         if (smp->slave_ltk) {
1291                 smp->slave_ltk->bdaddr_type = hcon->dst_type;
1292                 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
1293                 mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
1294         }
1295 }
1296 
1297 int smp_distribute_keys(struct l2cap_conn *conn)
1298 {
1299         struct smp_cmd_pairing *req, *rsp;
1300         struct smp_chan *smp = conn->smp_chan;
1301         struct hci_conn *hcon = conn->hcon;
1302         struct hci_dev *hdev = hcon->hdev;
1303         __u8 *keydist;
1304 
1305         BT_DBG("conn %p", conn);
1306 
1307         if (!test_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
1308                 return 0;
1309 
1310         rsp = (void *) &smp->prsp[1];
1311 
1312         /* The responder sends its keys first */
1313         if (hcon->out && (smp->remote_key_dist & 0x07))
1314                 return 0;
1315 
1316         req = (void *) &smp->preq[1];
1317 
1318         if (hcon->out) {
1319                 keydist = &rsp->init_key_dist;
1320                 *keydist &= req->init_key_dist;
1321         } else {
1322                 keydist = &rsp->resp_key_dist;
1323                 *keydist &= req->resp_key_dist;
1324         }
1325 
1326         BT_DBG("keydist 0x%x", *keydist);
1327 
1328         if (*keydist & SMP_DIST_ENC_KEY) {
1329                 struct smp_cmd_encrypt_info enc;
1330                 struct smp_cmd_master_ident ident;
1331                 struct smp_ltk *ltk;
1332                 u8 authenticated;
1333                 __le16 ediv;
1334                 __le64 rand;
1335 
1336                 get_random_bytes(enc.ltk, sizeof(enc.ltk));
1337                 get_random_bytes(&ediv, sizeof(ediv));
1338                 get_random_bytes(&rand, sizeof(rand));
1339 
1340                 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
1341 
1342                 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
1343                 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type,
1344                                   HCI_SMP_LTK_SLAVE, authenticated, enc.ltk,
1345                                   smp->enc_key_size, ediv, rand);
1346                 smp->slave_ltk = ltk;
1347 
1348                 ident.ediv = ediv;
1349                 ident.rand = rand;
1350 
1351                 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
1352 
1353                 *keydist &= ~SMP_DIST_ENC_KEY;
1354         }
1355 
1356         if (*keydist & SMP_DIST_ID_KEY) {
1357                 struct smp_cmd_ident_addr_info addrinfo;
1358                 struct smp_cmd_ident_info idinfo;
1359 
1360                 memcpy(idinfo.irk, hdev->irk, sizeof(idinfo.irk));
1361 
1362                 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
1363 
1364                 /* The hci_conn contains the local identity address
1365                  * after the connection has been established.
1366                  *
1367                  * This is true even when the connection has been
1368                  * established using a resolvable random address.
1369                  */
1370                 bacpy(&addrinfo.bdaddr, &hcon->src);
1371                 addrinfo.addr_type = hcon->src_type;
1372 
1373                 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
1374                              &addrinfo);
1375 
1376                 *keydist &= ~SMP_DIST_ID_KEY;
1377         }
1378 
1379         if (*keydist & SMP_DIST_SIGN) {
1380                 struct smp_cmd_sign_info sign;
1381                 struct smp_csrk *csrk;
1382 
1383                 /* Generate a new random key */
1384                 get_random_bytes(sign.csrk, sizeof(sign.csrk));
1385 
1386                 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1387                 if (csrk) {
1388                         csrk->master = 0x00;
1389                         memcpy(csrk->val, sign.csrk, sizeof(csrk->val));
1390                 }
1391                 smp->slave_csrk = csrk;
1392 
1393                 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1394 
1395                 *keydist &= ~SMP_DIST_SIGN;
1396         }
1397 
1398         /* If there are still keys to be received wait for them */
1399         if ((smp->remote_key_dist & 0x07))
1400                 return 0;
1401 
1402         clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags);
1403         cancel_delayed_work_sync(&conn->security_timer);
1404         set_bit(SMP_FLAG_COMPLETE, &smp->flags);
1405         smp_notify_keys(conn);
1406 
1407         smp_chan_destroy(conn);
1408 
1409         return 0;
1410 }
1411 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp