blob: 3ebf65b508813b57c42ec3c2b4f75c1b97e9122d [file] [log] [blame]
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
Gustavo Padovan8c520a52012-05-23 04:04:22 -030023#include <linux/crypto.h>
24#include <linux/scatterlist.h>
25#include <crypto/b128ops.h>
26
Anderson Brigliaeb492e02011-06-09 18:50:40 -030027#include <net/bluetooth/bluetooth.h>
28#include <net/bluetooth/hci_core.h>
29#include <net/bluetooth/l2cap.h>
Brian Gix2b64d152011-12-21 16:12:12 -080030#include <net/bluetooth/mgmt.h>
Marcel Holtmannac4b7232013-10-10 14:54:16 -070031
32#include "smp.h"
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030033
Johan Hedbergb28b4942014-09-05 22:19:55 +030034#define SMP_ALLOW_CMD(smp, code) set_bit(code, &smp->allow_cmd)
Johan Hedbergb28b4942014-09-05 22:19:55 +030035
Marcel Holtmann17b02e62012-03-01 14:32:37 -080036#define SMP_TIMEOUT msecs_to_jiffies(30000)
Vinicius Costa Gomes5d3de7d2011-06-14 13:37:41 -030037
Johan Hedberg065a13e2012-10-11 16:26:06 +020038#define AUTH_REQ_MASK 0x07
Johan Hedberg88d3a8a2014-09-05 22:19:53 +030039#define KEY_DIST_MASK 0x07
Johan Hedberg065a13e2012-10-11 16:26:06 +020040
Johan Hedberg533e35d2014-06-16 19:25:18 +030041enum {
42 SMP_FLAG_TK_VALID,
43 SMP_FLAG_CFM_PENDING,
44 SMP_FLAG_MITM_AUTH,
45 SMP_FLAG_COMPLETE,
46 SMP_FLAG_INITIATOR,
47};
Johan Hedberg4bc58f52014-05-20 09:45:47 +030048
49struct smp_chan {
Johan Hedbergb68fda62014-08-11 22:06:40 +030050 struct l2cap_conn *conn;
51 struct delayed_work security_timer;
Johan Hedbergb28b4942014-09-05 22:19:55 +030052 unsigned long allow_cmd; /* Bitmask of allowed commands */
Johan Hedbergb68fda62014-08-11 22:06:40 +030053
Johan Hedberg4bc58f52014-05-20 09:45:47 +030054 u8 preq[7]; /* SMP Pairing Request */
55 u8 prsp[7]; /* SMP Pairing Response */
56 u8 prnd[16]; /* SMP Pairing Random (local) */
57 u8 rrnd[16]; /* SMP Pairing Random (remote) */
58 u8 pcnf[16]; /* SMP Pairing Confirm */
59 u8 tk[16]; /* SMP Temporary Key */
60 u8 enc_key_size;
61 u8 remote_key_dist;
62 bdaddr_t id_addr;
63 u8 id_addr_type;
64 u8 irk[16];
65 struct smp_csrk *csrk;
66 struct smp_csrk *slave_csrk;
67 struct smp_ltk *ltk;
68 struct smp_ltk *slave_ltk;
69 struct smp_irk *remote_irk;
Johan Hedberg4a74d652014-05-20 09:45:50 +030070 unsigned long flags;
Johan Hedberg6a7bd102014-06-27 14:23:03 +030071
72 struct crypto_blkcipher *tfm_aes;
Johan Hedberg4bc58f52014-05-20 09:45:47 +030073};
74
Johan Hedberg8a2936f2014-06-16 19:25:19 +030075static inline void swap_buf(const u8 *src, u8 *dst, size_t len)
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030076{
Johan Hedberg8a2936f2014-06-16 19:25:19 +030077 size_t i;
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030078
Johan Hedberg8a2936f2014-06-16 19:25:19 +030079 for (i = 0; i < len; i++)
80 dst[len - 1 - i] = src[i];
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030081}
82
83static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
84{
85 struct blkcipher_desc desc;
86 struct scatterlist sg;
Johan Hedberg943a7322014-03-18 12:58:24 +020087 uint8_t tmp[16], data[16];
Johan Hedberg201a5922013-12-02 10:49:04 +020088 int err;
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030089
90 if (tfm == NULL) {
91 BT_ERR("tfm %p", tfm);
92 return -EINVAL;
93 }
94
95 desc.tfm = tfm;
96 desc.flags = 0;
97
Johan Hedberg943a7322014-03-18 12:58:24 +020098 /* The most significant octet of key corresponds to k[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +030099 swap_buf(k, tmp, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200100
101 err = crypto_blkcipher_setkey(tfm, tmp, 16);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300102 if (err) {
103 BT_ERR("cipher setkey failed: %d", err);
104 return err;
105 }
106
Johan Hedberg943a7322014-03-18 12:58:24 +0200107 /* Most significant octet of plaintextData corresponds to data[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300108 swap_buf(r, data, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200109
110 sg_init_one(&sg, data, 16);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300111
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300112 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
113 if (err)
114 BT_ERR("Encrypt data error %d", err);
115
Johan Hedberg943a7322014-03-18 12:58:24 +0200116 /* Most significant octet of encryptedData corresponds to data[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300117 swap_buf(data, r, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200118
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300119 return err;
120}
121
Johan Hedberg60478052014-02-18 10:19:31 +0200122static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
123{
Johan Hedberg943a7322014-03-18 12:58:24 +0200124 u8 _res[16];
Johan Hedberg60478052014-02-18 10:19:31 +0200125 int err;
126
127 /* r' = padding || r */
Johan Hedberg943a7322014-03-18 12:58:24 +0200128 memcpy(_res, r, 3);
129 memset(_res + 3, 0, 13);
Johan Hedberg60478052014-02-18 10:19:31 +0200130
Johan Hedberg943a7322014-03-18 12:58:24 +0200131 err = smp_e(tfm, irk, _res);
Johan Hedberg60478052014-02-18 10:19:31 +0200132 if (err) {
133 BT_ERR("Encrypt error");
134 return err;
135 }
136
137 /* The output of the random address function ah is:
138 * ah(h, r) = e(k, r') mod 2^24
139 * The output of the security function e is then truncated to 24 bits
140 * by taking the least significant 24 bits of the output of e as the
141 * result of ah.
142 */
Johan Hedberg943a7322014-03-18 12:58:24 +0200143 memcpy(res, _res, 3);
Johan Hedberg60478052014-02-18 10:19:31 +0200144
145 return 0;
146}
147
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300148bool smp_irk_matches(struct hci_dev *hdev, u8 irk[16], bdaddr_t *bdaddr)
Johan Hedberg60478052014-02-18 10:19:31 +0200149{
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300150 struct l2cap_chan *chan = hdev->smp_data;
151 struct crypto_blkcipher *tfm;
Johan Hedberg60478052014-02-18 10:19:31 +0200152 u8 hash[3];
153 int err;
154
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300155 if (!chan || !chan->data)
156 return false;
157
158 tfm = chan->data;
159
Johan Hedberg60478052014-02-18 10:19:31 +0200160 BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk);
161
162 err = smp_ah(tfm, irk, &bdaddr->b[3], hash);
163 if (err)
164 return false;
165
166 return !memcmp(bdaddr->b, hash, 3);
167}
168
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300169int smp_generate_rpa(struct hci_dev *hdev, u8 irk[16], bdaddr_t *rpa)
Johan Hedbergb1e2b3a2014-02-23 19:42:19 +0200170{
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300171 struct l2cap_chan *chan = hdev->smp_data;
172 struct crypto_blkcipher *tfm;
Johan Hedbergb1e2b3a2014-02-23 19:42:19 +0200173 int err;
174
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300175 if (!chan || !chan->data)
176 return -EOPNOTSUPP;
177
178 tfm = chan->data;
179
Johan Hedbergb1e2b3a2014-02-23 19:42:19 +0200180 get_random_bytes(&rpa->b[3], 3);
181
182 rpa->b[5] &= 0x3f; /* Clear two most significant bits */
183 rpa->b[5] |= 0x40; /* Set second most significant bit */
184
185 err = smp_ah(tfm, irk, &rpa->b[3], rpa->b);
186 if (err < 0)
187 return err;
188
189 BT_DBG("RPA %pMR", rpa);
190
191 return 0;
192}
193
Johan Hedberge491eaf2014-10-25 21:15:37 +0200194static int smp_c1(struct crypto_blkcipher *tfm_aes, u8 k[16], u8 r[16],
195 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia, u8 _rat,
196 bdaddr_t *ra, u8 res[16])
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300197{
198 u8 p1[16], p2[16];
199 int err;
200
201 memset(p1, 0, 16);
202
203 /* p1 = pres || preq || _rat || _iat */
Johan Hedberg943a7322014-03-18 12:58:24 +0200204 p1[0] = _iat;
205 p1[1] = _rat;
206 memcpy(p1 + 2, preq, 7);
207 memcpy(p1 + 9, pres, 7);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300208
209 /* p2 = padding || ia || ra */
Johan Hedberg943a7322014-03-18 12:58:24 +0200210 memcpy(p2, ra, 6);
211 memcpy(p2 + 6, ia, 6);
212 memset(p2 + 12, 0, 4);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300213
214 /* res = r XOR p1 */
215 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
216
217 /* res = e(k, res) */
Johan Hedberge491eaf2014-10-25 21:15:37 +0200218 err = smp_e(tfm_aes, k, res);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300219 if (err) {
220 BT_ERR("Encrypt data error");
221 return err;
222 }
223
224 /* res = res XOR p2 */
225 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
226
227 /* res = e(k, res) */
Johan Hedberge491eaf2014-10-25 21:15:37 +0200228 err = smp_e(tfm_aes, k, res);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300229 if (err)
230 BT_ERR("Encrypt data error");
231
232 return err;
233}
234
Johan Hedberge491eaf2014-10-25 21:15:37 +0200235static int smp_s1(struct crypto_blkcipher *tfm_aes, u8 k[16], u8 r1[16],
236 u8 r2[16], u8 _r[16])
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300237{
238 int err;
239
240 /* Just least significant octets from r1 and r2 are considered */
Johan Hedberg943a7322014-03-18 12:58:24 +0200241 memcpy(_r, r2, 8);
242 memcpy(_r + 8, r1, 8);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300243
Johan Hedberge491eaf2014-10-25 21:15:37 +0200244 err = smp_e(tfm_aes, k, _r);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300245 if (err)
246 BT_ERR("Encrypt data error");
247
248 return err;
249}
250
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300251static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
252{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300253 struct l2cap_chan *chan = conn->smp;
Johan Hedbergb68fda62014-08-11 22:06:40 +0300254 struct smp_chan *smp;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300255 struct kvec iv[2];
256 struct msghdr msg;
257
258 if (!chan)
259 return;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300260
261 BT_DBG("code 0x%2.2x", code);
262
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300263 iv[0].iov_base = &code;
264 iv[0].iov_len = 1;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300265
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300266 iv[1].iov_base = data;
267 iv[1].iov_len = len;
268
269 memset(&msg, 0, sizeof(msg));
270
271 msg.msg_iov = (struct iovec *) &iv;
272 msg.msg_iovlen = 2;
273
274 l2cap_chan_send(chan, &msg, 1 + len);
Vinicius Costa Gomese2dcd112011-08-19 21:06:50 -0300275
Johan Hedbergb68fda62014-08-11 22:06:40 +0300276 if (!chan->data)
277 return;
278
279 smp = chan->data;
280
281 cancel_delayed_work_sync(&smp->security_timer);
Johan Hedberg1b0921d2014-09-05 22:19:48 +0300282 schedule_delayed_work(&smp->security_timer, SMP_TIMEOUT);
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300283}
284
Brian Gix2b64d152011-12-21 16:12:12 -0800285static __u8 authreq_to_seclevel(__u8 authreq)
286{
287 if (authreq & SMP_AUTH_MITM)
288 return BT_SECURITY_HIGH;
289 else
290 return BT_SECURITY_MEDIUM;
291}
292
293static __u8 seclevel_to_authreq(__u8 sec_level)
294{
295 switch (sec_level) {
296 case BT_SECURITY_HIGH:
297 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
298 case BT_SECURITY_MEDIUM:
299 return SMP_AUTH_BONDING;
300 default:
301 return SMP_AUTH_NONE;
302 }
303}
304
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300305static void build_pairing_cmd(struct l2cap_conn *conn,
Marcel Holtmannf1560462013-10-13 05:43:25 -0700306 struct smp_cmd_pairing *req,
307 struct smp_cmd_pairing *rsp, __u8 authreq)
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300308{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300309 struct l2cap_chan *chan = conn->smp;
310 struct smp_chan *smp = chan->data;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200311 struct hci_conn *hcon = conn->hcon;
312 struct hci_dev *hdev = hcon->hdev;
313 u8 local_dist = 0, remote_dist = 0;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300314
Johan Hedbergb6ae8452014-07-30 09:22:22 +0300315 if (test_bit(HCI_BONDABLE, &conn->hcon->hdev->dev_flags)) {
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -0700316 local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
317 remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300318 authreq |= SMP_AUTH_BONDING;
Brian Gix2b64d152011-12-21 16:12:12 -0800319 } else {
320 authreq &= ~SMP_AUTH_BONDING;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300321 }
322
Johan Hedbergfd349c02014-02-18 10:19:36 +0200323 if (test_bit(HCI_RPA_RESOLVING, &hdev->dev_flags))
324 remote_dist |= SMP_DIST_ID_KEY;
325
Johan Hedberg863efaf2014-02-22 19:06:32 +0200326 if (test_bit(HCI_PRIVACY, &hdev->dev_flags))
327 local_dist |= SMP_DIST_ID_KEY;
328
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300329 if (rsp == NULL) {
330 req->io_capability = conn->hcon->io_capability;
331 req->oob_flag = SMP_OOB_NOT_PRESENT;
332 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200333 req->init_key_dist = local_dist;
334 req->resp_key_dist = remote_dist;
Johan Hedberg065a13e2012-10-11 16:26:06 +0200335 req->auth_req = (authreq & AUTH_REQ_MASK);
Johan Hedbergfd349c02014-02-18 10:19:36 +0200336
337 smp->remote_key_dist = remote_dist;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300338 return;
339 }
340
341 rsp->io_capability = conn->hcon->io_capability;
342 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
343 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200344 rsp->init_key_dist = req->init_key_dist & remote_dist;
345 rsp->resp_key_dist = req->resp_key_dist & local_dist;
Johan Hedberg065a13e2012-10-11 16:26:06 +0200346 rsp->auth_req = (authreq & AUTH_REQ_MASK);
Johan Hedbergfd349c02014-02-18 10:19:36 +0200347
348 smp->remote_key_dist = rsp->init_key_dist;
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300349}
350
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300351static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
352{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300353 struct l2cap_chan *chan = conn->smp;
354 struct smp_chan *smp = chan->data;
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300355
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300356 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
Marcel Holtmannf1560462013-10-13 05:43:25 -0700357 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300358 return SMP_ENC_KEY_SIZE;
359
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300360 smp->enc_key_size = max_key_size;
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300361
362 return 0;
363}
364
Johan Hedberg6f48e262014-08-11 22:06:44 +0300365static void smp_chan_destroy(struct l2cap_conn *conn)
366{
367 struct l2cap_chan *chan = conn->smp;
368 struct smp_chan *smp = chan->data;
369 bool complete;
370
371 BUG_ON(!smp);
372
373 cancel_delayed_work_sync(&smp->security_timer);
Johan Hedberg6f48e262014-08-11 22:06:44 +0300374
Johan Hedberg6f48e262014-08-11 22:06:44 +0300375 complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
376 mgmt_smp_complete(conn->hcon, complete);
377
378 kfree(smp->csrk);
379 kfree(smp->slave_csrk);
380
381 crypto_free_blkcipher(smp->tfm_aes);
382
383 /* If pairing failed clean up any keys we might have */
384 if (!complete) {
385 if (smp->ltk) {
386 list_del(&smp->ltk->list);
387 kfree(smp->ltk);
388 }
389
390 if (smp->slave_ltk) {
391 list_del(&smp->slave_ltk->list);
392 kfree(smp->slave_ltk);
393 }
394
395 if (smp->remote_irk) {
396 list_del(&smp->remote_irk->list);
397 kfree(smp->remote_irk);
398 }
399 }
400
401 chan->data = NULL;
402 kfree(smp);
403 hci_conn_drop(conn->hcon);
404}
405
Johan Hedberg84794e12013-11-06 11:24:57 +0200406static void smp_failure(struct l2cap_conn *conn, u8 reason)
Brian Gix4f957a72011-11-23 08:28:36 -0800407{
Johan Hedbergbab73cb2012-02-09 16:07:29 +0200408 struct hci_conn *hcon = conn->hcon;
Johan Hedbergb68fda62014-08-11 22:06:40 +0300409 struct l2cap_chan *chan = conn->smp;
Johan Hedbergbab73cb2012-02-09 16:07:29 +0200410
Johan Hedberg84794e12013-11-06 11:24:57 +0200411 if (reason)
Brian Gix4f957a72011-11-23 08:28:36 -0800412 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
Marcel Holtmannf1560462013-10-13 05:43:25 -0700413 &reason);
Brian Gix4f957a72011-11-23 08:28:36 -0800414
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700415 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
Johan Hedberge1e930f2014-09-08 17:09:49 -0700416 mgmt_auth_failed(hcon, HCI_ERROR_AUTH_FAILURE);
Vinicius Costa Gomesf1c09c02012-02-01 18:27:56 -0300417
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300418 if (chan->data)
Vinicius Costa Gomesf1c09c02012-02-01 18:27:56 -0300419 smp_chan_destroy(conn);
Brian Gix4f957a72011-11-23 08:28:36 -0800420}
421
Brian Gix2b64d152011-12-21 16:12:12 -0800422#define JUST_WORKS 0x00
423#define JUST_CFM 0x01
424#define REQ_PASSKEY 0x02
425#define CFM_PASSKEY 0x03
426#define REQ_OOB 0x04
427#define OVERLAP 0xFF
428
429static const u8 gen_method[5][5] = {
430 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
431 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
432 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
433 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
434 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
435};
436
Johan Hedberg581370c2014-06-17 13:07:38 +0300437static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
438{
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300439 /* If either side has unknown io_caps, use JUST_CFM (which gets
440 * converted later to JUST_WORKS if we're initiators.
441 */
Johan Hedberg581370c2014-06-17 13:07:38 +0300442 if (local_io > SMP_IO_KEYBOARD_DISPLAY ||
443 remote_io > SMP_IO_KEYBOARD_DISPLAY)
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300444 return JUST_CFM;
Johan Hedberg581370c2014-06-17 13:07:38 +0300445
446 return gen_method[remote_io][local_io];
447}
448
Brian Gix2b64d152011-12-21 16:12:12 -0800449static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
450 u8 local_io, u8 remote_io)
451{
452 struct hci_conn *hcon = conn->hcon;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300453 struct l2cap_chan *chan = conn->smp;
454 struct smp_chan *smp = chan->data;
Brian Gix2b64d152011-12-21 16:12:12 -0800455 u8 method;
456 u32 passkey = 0;
457 int ret = 0;
458
459 /* Initialize key for JUST WORKS */
460 memset(smp->tk, 0, sizeof(smp->tk));
Johan Hedberg4a74d652014-05-20 09:45:50 +0300461 clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800462
463 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
464
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300465 /* If neither side wants MITM, either "just" confirm an incoming
466 * request or use just-works for outgoing ones. The JUST_CFM
467 * will be converted to JUST_WORKS if necessary later in this
468 * function. If either side has MITM look up the method from the
469 * table.
470 */
Johan Hedberg581370c2014-06-17 13:07:38 +0300471 if (!(auth & SMP_AUTH_MITM))
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300472 method = JUST_CFM;
Brian Gix2b64d152011-12-21 16:12:12 -0800473 else
Johan Hedberg581370c2014-06-17 13:07:38 +0300474 method = get_auth_method(smp, local_io, remote_io);
Brian Gix2b64d152011-12-21 16:12:12 -0800475
Johan Hedberga82505c2014-03-24 14:39:07 +0200476 /* Don't confirm locally initiated pairing attempts */
Johan Hedberg4a74d652014-05-20 09:45:50 +0300477 if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags))
Johan Hedberga82505c2014-03-24 14:39:07 +0200478 method = JUST_WORKS;
479
Johan Hedberg02f3e252014-07-16 15:09:13 +0300480 /* Don't bother user space with no IO capabilities */
481 if (method == JUST_CFM && hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
482 method = JUST_WORKS;
483
Brian Gix2b64d152011-12-21 16:12:12 -0800484 /* If Just Works, Continue with Zero TK */
485 if (method == JUST_WORKS) {
Johan Hedberg4a74d652014-05-20 09:45:50 +0300486 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800487 return 0;
488 }
489
490 /* Not Just Works/Confirm results in MITM Authentication */
Johan Hedberg5eb596f2014-09-18 11:26:32 +0300491 if (method != JUST_CFM) {
Johan Hedberg4a74d652014-05-20 09:45:50 +0300492 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
Johan Hedberg5eb596f2014-09-18 11:26:32 +0300493 if (hcon->pending_sec_level < BT_SECURITY_HIGH)
494 hcon->pending_sec_level = BT_SECURITY_HIGH;
495 }
Brian Gix2b64d152011-12-21 16:12:12 -0800496
497 /* If both devices have Keyoard-Display I/O, the master
498 * Confirms and the slave Enters the passkey.
499 */
500 if (method == OVERLAP) {
Johan Hedberg40bef302014-07-16 11:42:27 +0300501 if (hcon->role == HCI_ROLE_MASTER)
Brian Gix2b64d152011-12-21 16:12:12 -0800502 method = CFM_PASSKEY;
503 else
504 method = REQ_PASSKEY;
505 }
506
Johan Hedberg01ad34d2014-03-19 14:14:53 +0200507 /* Generate random passkey. */
Brian Gix2b64d152011-12-21 16:12:12 -0800508 if (method == CFM_PASSKEY) {
Johan Hedberg943a7322014-03-18 12:58:24 +0200509 memset(smp->tk, 0, sizeof(smp->tk));
Brian Gix2b64d152011-12-21 16:12:12 -0800510 get_random_bytes(&passkey, sizeof(passkey));
511 passkey %= 1000000;
Johan Hedberg943a7322014-03-18 12:58:24 +0200512 put_unaligned_le32(passkey, smp->tk);
Brian Gix2b64d152011-12-21 16:12:12 -0800513 BT_DBG("PassKey: %d", passkey);
Johan Hedberg4a74d652014-05-20 09:45:50 +0300514 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800515 }
516
517 hci_dev_lock(hcon->hdev);
518
519 if (method == REQ_PASSKEY)
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700520 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
Johan Hedberg272d90d2012-02-09 15:26:12 +0200521 hcon->type, hcon->dst_type);
Johan Hedberg4eb65e62014-03-24 14:39:05 +0200522 else if (method == JUST_CFM)
523 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
524 hcon->type, hcon->dst_type,
525 passkey, 1);
Brian Gix2b64d152011-12-21 16:12:12 -0800526 else
Johan Hedberg01ad34d2014-03-19 14:14:53 +0200527 ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst,
Johan Hedberg272d90d2012-02-09 15:26:12 +0200528 hcon->type, hcon->dst_type,
Johan Hedberg39adbff2014-03-20 08:18:14 +0200529 passkey, 0);
Brian Gix2b64d152011-12-21 16:12:12 -0800530
531 hci_dev_unlock(hcon->hdev);
532
533 return ret;
534}
535
Johan Hedberg1cc61142014-05-20 09:45:52 +0300536static u8 smp_confirm(struct smp_chan *smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300537{
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300538 struct l2cap_conn *conn = smp->conn;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300539 struct smp_cmd_pairing_confirm cp;
540 int ret;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300541
542 BT_DBG("conn %p", conn);
543
Johan Hedberge491eaf2014-10-25 21:15:37 +0200544 ret = smp_c1(smp->tfm_aes, smp->tk, smp->prnd, smp->preq, smp->prsp,
Johan Hedbergb1cd5fd2014-02-28 12:54:17 +0200545 conn->hcon->init_addr_type, &conn->hcon->init_addr,
Johan Hedberg943a7322014-03-18 12:58:24 +0200546 conn->hcon->resp_addr_type, &conn->hcon->resp_addr,
547 cp.confirm_val);
Johan Hedberg1cc61142014-05-20 09:45:52 +0300548 if (ret)
549 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300550
Johan Hedberg4a74d652014-05-20 09:45:50 +0300551 clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800552
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300553 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
554
Johan Hedbergb28b4942014-09-05 22:19:55 +0300555 if (conn->hcon->out)
556 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
557 else
558 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
559
Johan Hedberg1cc61142014-05-20 09:45:52 +0300560 return 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300561}
562
Johan Hedberg861580a2014-05-20 09:45:51 +0300563static u8 smp_random(struct smp_chan *smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300564{
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300565 struct l2cap_conn *conn = smp->conn;
566 struct hci_conn *hcon = conn->hcon;
Johan Hedberg861580a2014-05-20 09:45:51 +0300567 u8 confirm[16];
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300568 int ret;
569
Johan Hedbergec70f362014-06-27 14:23:04 +0300570 if (IS_ERR_OR_NULL(smp->tfm_aes))
Johan Hedberg861580a2014-05-20 09:45:51 +0300571 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300572
573 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
574
Johan Hedberge491eaf2014-10-25 21:15:37 +0200575 ret = smp_c1(smp->tfm_aes, smp->tk, smp->rrnd, smp->preq, smp->prsp,
Johan Hedbergb1cd5fd2014-02-28 12:54:17 +0200576 hcon->init_addr_type, &hcon->init_addr,
Johan Hedberg943a7322014-03-18 12:58:24 +0200577 hcon->resp_addr_type, &hcon->resp_addr, confirm);
Johan Hedberg861580a2014-05-20 09:45:51 +0300578 if (ret)
579 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300580
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300581 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
582 BT_ERR("Pairing failed (confirmation values mismatch)");
Johan Hedberg861580a2014-05-20 09:45:51 +0300583 return SMP_CONFIRM_FAILED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300584 }
585
586 if (hcon->out) {
Marcel Holtmannfe39c7b2014-02-27 16:00:28 -0800587 u8 stk[16];
588 __le64 rand = 0;
589 __le16 ediv = 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300590
Johan Hedberge491eaf2014-10-25 21:15:37 +0200591 smp_s1(smp->tfm_aes, smp->tk, smp->rrnd, smp->prnd, stk);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300592
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300593 memset(stk + smp->enc_key_size, 0,
Gustavo F. Padovan04124682012-03-08 01:25:00 -0300594 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300595
Johan Hedberg861580a2014-05-20 09:45:51 +0300596 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
597 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300598
599 hci_le_start_enc(hcon, ediv, rand, stk);
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300600 hcon->enc_key_size = smp->enc_key_size;
Johan Hedbergfe59a052014-07-01 19:14:12 +0300601 set_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300602 } else {
Johan Hedbergfff34902014-06-10 15:19:50 +0300603 u8 stk[16], auth;
Marcel Holtmannfe39c7b2014-02-27 16:00:28 -0800604 __le64 rand = 0;
605 __le16 ediv = 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300606
Johan Hedberg943a7322014-03-18 12:58:24 +0200607 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
608 smp->prnd);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300609
Johan Hedberge491eaf2014-10-25 21:15:37 +0200610 smp_s1(smp->tfm_aes, smp->tk, smp->prnd, smp->rrnd, stk);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300611
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300612 memset(stk + smp->enc_key_size, 0,
Marcel Holtmannf1560462013-10-13 05:43:25 -0700613 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300614
Johan Hedbergfff34902014-06-10 15:19:50 +0300615 if (hcon->pending_sec_level == BT_SECURITY_HIGH)
616 auth = 1;
617 else
618 auth = 0;
619
Johan Hedberg7d5843b2014-06-16 19:25:15 +0300620 /* Even though there's no _SLAVE suffix this is the
621 * slave STK we're adding for later lookup (the master
622 * STK never needs to be stored).
623 */
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700624 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
Johan Hedberg2ceba532014-06-16 19:25:16 +0300625 SMP_STK, auth, stk, smp->enc_key_size, ediv, rand);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300626 }
627
Johan Hedberg861580a2014-05-20 09:45:51 +0300628 return 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300629}
630
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300631static void smp_notify_keys(struct l2cap_conn *conn)
632{
633 struct l2cap_chan *chan = conn->smp;
634 struct smp_chan *smp = chan->data;
635 struct hci_conn *hcon = conn->hcon;
636 struct hci_dev *hdev = hcon->hdev;
637 struct smp_cmd_pairing *req = (void *) &smp->preq[1];
638 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
639 bool persistent;
640
641 if (smp->remote_irk) {
642 mgmt_new_irk(hdev, smp->remote_irk);
643 /* Now that user space can be considered to know the
644 * identity address track the connection based on it
645 * from now on.
646 */
647 bacpy(&hcon->dst, &smp->remote_irk->bdaddr);
648 hcon->dst_type = smp->remote_irk->addr_type;
Johan Hedbergf3d82d02014-09-05 22:19:50 +0300649 queue_work(hdev->workqueue, &conn->id_addr_update_work);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300650
651 /* When receiving an indentity resolving key for
652 * a remote device that does not use a resolvable
653 * private address, just remove the key so that
654 * it is possible to use the controller white
655 * list for scanning.
656 *
657 * Userspace will have been told to not store
658 * this key at this point. So it is safe to
659 * just remove it.
660 */
661 if (!bacmp(&smp->remote_irk->rpa, BDADDR_ANY)) {
662 list_del(&smp->remote_irk->list);
663 kfree(smp->remote_irk);
664 smp->remote_irk = NULL;
665 }
666 }
667
668 /* The LTKs and CSRKs should be persistent only if both sides
669 * had the bonding bit set in their authentication requests.
670 */
671 persistent = !!((req->auth_req & rsp->auth_req) & SMP_AUTH_BONDING);
672
673 if (smp->csrk) {
674 smp->csrk->bdaddr_type = hcon->dst_type;
675 bacpy(&smp->csrk->bdaddr, &hcon->dst);
676 mgmt_new_csrk(hdev, smp->csrk, persistent);
677 }
678
679 if (smp->slave_csrk) {
680 smp->slave_csrk->bdaddr_type = hcon->dst_type;
681 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst);
682 mgmt_new_csrk(hdev, smp->slave_csrk, persistent);
683 }
684
685 if (smp->ltk) {
686 smp->ltk->bdaddr_type = hcon->dst_type;
687 bacpy(&smp->ltk->bdaddr, &hcon->dst);
688 mgmt_new_ltk(hdev, smp->ltk, persistent);
689 }
690
691 if (smp->slave_ltk) {
692 smp->slave_ltk->bdaddr_type = hcon->dst_type;
693 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
694 mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
695 }
696}
697
Johan Hedbergb28b4942014-09-05 22:19:55 +0300698static void smp_allow_key_dist(struct smp_chan *smp)
699{
700 /* Allow the first expected phase 3 PDU. The rest of the PDUs
701 * will be allowed in each PDU handler to ensure we receive
702 * them in the correct order.
703 */
704 if (smp->remote_key_dist & SMP_DIST_ENC_KEY)
705 SMP_ALLOW_CMD(smp, SMP_CMD_ENCRYPT_INFO);
706 else if (smp->remote_key_dist & SMP_DIST_ID_KEY)
707 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
708 else if (smp->remote_key_dist & SMP_DIST_SIGN)
709 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
710}
711
Johan Hedbergd6268e82014-09-05 22:19:51 +0300712static void smp_distribute_keys(struct smp_chan *smp)
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300713{
714 struct smp_cmd_pairing *req, *rsp;
Johan Hedberg86d14072014-08-11 22:06:43 +0300715 struct l2cap_conn *conn = smp->conn;
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300716 struct hci_conn *hcon = conn->hcon;
717 struct hci_dev *hdev = hcon->hdev;
718 __u8 *keydist;
719
720 BT_DBG("conn %p", conn);
721
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300722 rsp = (void *) &smp->prsp[1];
723
724 /* The responder sends its keys first */
Johan Hedbergb28b4942014-09-05 22:19:55 +0300725 if (hcon->out && (smp->remote_key_dist & KEY_DIST_MASK)) {
726 smp_allow_key_dist(smp);
Johan Hedberg86d14072014-08-11 22:06:43 +0300727 return;
Johan Hedbergb28b4942014-09-05 22:19:55 +0300728 }
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300729
730 req = (void *) &smp->preq[1];
731
732 if (hcon->out) {
733 keydist = &rsp->init_key_dist;
734 *keydist &= req->init_key_dist;
735 } else {
736 keydist = &rsp->resp_key_dist;
737 *keydist &= req->resp_key_dist;
738 }
739
740 BT_DBG("keydist 0x%x", *keydist);
741
742 if (*keydist & SMP_DIST_ENC_KEY) {
743 struct smp_cmd_encrypt_info enc;
744 struct smp_cmd_master_ident ident;
745 struct smp_ltk *ltk;
746 u8 authenticated;
747 __le16 ediv;
748 __le64 rand;
749
750 get_random_bytes(enc.ltk, sizeof(enc.ltk));
751 get_random_bytes(&ediv, sizeof(ediv));
752 get_random_bytes(&rand, sizeof(rand));
753
754 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
755
756 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
757 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type,
758 SMP_LTK_SLAVE, authenticated, enc.ltk,
759 smp->enc_key_size, ediv, rand);
760 smp->slave_ltk = ltk;
761
762 ident.ediv = ediv;
763 ident.rand = rand;
764
765 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
766
767 *keydist &= ~SMP_DIST_ENC_KEY;
768 }
769
770 if (*keydist & SMP_DIST_ID_KEY) {
771 struct smp_cmd_ident_addr_info addrinfo;
772 struct smp_cmd_ident_info idinfo;
773
774 memcpy(idinfo.irk, hdev->irk, sizeof(idinfo.irk));
775
776 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
777
778 /* The hci_conn contains the local identity address
779 * after the connection has been established.
780 *
781 * This is true even when the connection has been
782 * established using a resolvable random address.
783 */
784 bacpy(&addrinfo.bdaddr, &hcon->src);
785 addrinfo.addr_type = hcon->src_type;
786
787 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
788 &addrinfo);
789
790 *keydist &= ~SMP_DIST_ID_KEY;
791 }
792
793 if (*keydist & SMP_DIST_SIGN) {
794 struct smp_cmd_sign_info sign;
795 struct smp_csrk *csrk;
796
797 /* Generate a new random key */
798 get_random_bytes(sign.csrk, sizeof(sign.csrk));
799
800 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
801 if (csrk) {
802 csrk->master = 0x00;
803 memcpy(csrk->val, sign.csrk, sizeof(csrk->val));
804 }
805 smp->slave_csrk = csrk;
806
807 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
808
809 *keydist &= ~SMP_DIST_SIGN;
810 }
811
812 /* If there are still keys to be received wait for them */
Johan Hedbergb28b4942014-09-05 22:19:55 +0300813 if (smp->remote_key_dist & KEY_DIST_MASK) {
814 smp_allow_key_dist(smp);
Johan Hedberg86d14072014-08-11 22:06:43 +0300815 return;
Johan Hedbergb28b4942014-09-05 22:19:55 +0300816 }
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300817
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300818 set_bit(SMP_FLAG_COMPLETE, &smp->flags);
819 smp_notify_keys(conn);
820
821 smp_chan_destroy(conn);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300822}
823
Johan Hedbergb68fda62014-08-11 22:06:40 +0300824static void smp_timeout(struct work_struct *work)
825{
826 struct smp_chan *smp = container_of(work, struct smp_chan,
827 security_timer.work);
828 struct l2cap_conn *conn = smp->conn;
829
830 BT_DBG("conn %p", conn);
831
Johan Hedberg1e91c292014-08-18 20:33:29 +0300832 hci_disconnect(conn->hcon, HCI_ERROR_REMOTE_USER_TERM);
Johan Hedbergb68fda62014-08-11 22:06:40 +0300833}
834
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300835static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
836{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300837 struct l2cap_chan *chan = conn->smp;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300838 struct smp_chan *smp;
839
Marcel Holtmannf1560462013-10-13 05:43:25 -0700840 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300841 if (!smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300842 return NULL;
843
Johan Hedberg6a7bd102014-06-27 14:23:03 +0300844 smp->tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
845 if (IS_ERR(smp->tfm_aes)) {
846 BT_ERR("Unable to create ECB crypto context");
847 kfree(smp);
848 return NULL;
849 }
850
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300851 smp->conn = conn;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300852 chan->data = smp;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300853
Johan Hedbergb28b4942014-09-05 22:19:55 +0300854 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_FAIL);
855
Johan Hedbergb68fda62014-08-11 22:06:40 +0300856 INIT_DELAYED_WORK(&smp->security_timer, smp_timeout);
857
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300858 hci_conn_hold(conn->hcon);
859
860 return smp;
861}
862
Brian Gix2b64d152011-12-21 16:12:12 -0800863int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
864{
Johan Hedbergb10e8012014-06-27 14:23:07 +0300865 struct l2cap_conn *conn = hcon->l2cap_data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300866 struct l2cap_chan *chan;
Brian Gix2b64d152011-12-21 16:12:12 -0800867 struct smp_chan *smp;
868 u32 value;
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300869 int err;
Brian Gix2b64d152011-12-21 16:12:12 -0800870
871 BT_DBG("");
872
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300873 if (!conn)
Brian Gix2b64d152011-12-21 16:12:12 -0800874 return -ENOTCONN;
875
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300876 chan = conn->smp;
877 if (!chan)
878 return -ENOTCONN;
879
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300880 l2cap_chan_lock(chan);
881 if (!chan->data) {
882 err = -ENOTCONN;
883 goto unlock;
884 }
885
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300886 smp = chan->data;
Brian Gix2b64d152011-12-21 16:12:12 -0800887
888 switch (mgmt_op) {
889 case MGMT_OP_USER_PASSKEY_REPLY:
890 value = le32_to_cpu(passkey);
Johan Hedberg943a7322014-03-18 12:58:24 +0200891 memset(smp->tk, 0, sizeof(smp->tk));
Brian Gix2b64d152011-12-21 16:12:12 -0800892 BT_DBG("PassKey: %d", value);
Johan Hedberg943a7322014-03-18 12:58:24 +0200893 put_unaligned_le32(value, smp->tk);
Brian Gix2b64d152011-12-21 16:12:12 -0800894 /* Fall Through */
895 case MGMT_OP_USER_CONFIRM_REPLY:
Johan Hedberg4a74d652014-05-20 09:45:50 +0300896 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800897 break;
898 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
899 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
Johan Hedberg84794e12013-11-06 11:24:57 +0200900 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300901 err = 0;
902 goto unlock;
Brian Gix2b64d152011-12-21 16:12:12 -0800903 default:
Johan Hedberg84794e12013-11-06 11:24:57 +0200904 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300905 err = -EOPNOTSUPP;
906 goto unlock;
Brian Gix2b64d152011-12-21 16:12:12 -0800907 }
908
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300909 err = 0;
910
Brian Gix2b64d152011-12-21 16:12:12 -0800911 /* If it is our turn to send Pairing Confirm, do so now */
Johan Hedberg1cc61142014-05-20 09:45:52 +0300912 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) {
913 u8 rsp = smp_confirm(smp);
914 if (rsp)
915 smp_failure(conn, rsp);
916 }
Brian Gix2b64d152011-12-21 16:12:12 -0800917
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300918unlock:
919 l2cap_chan_unlock(chan);
920 return err;
Brian Gix2b64d152011-12-21 16:12:12 -0800921}
922
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300923static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300924{
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300925 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300926 struct l2cap_chan *chan = conn->smp;
Johan Hedbergb3c64102014-07-10 11:02:07 +0300927 struct hci_dev *hdev = conn->hcon->hdev;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300928 struct smp_chan *smp;
Johan Hedbergc7262e72014-06-17 13:07:37 +0300929 u8 key_size, auth, sec_level;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300930 int ret;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300931
932 BT_DBG("conn %p", conn);
933
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200934 if (skb->len < sizeof(*req))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300935 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200936
Johan Hedberg40bef302014-07-16 11:42:27 +0300937 if (conn->hcon->role != HCI_ROLE_SLAVE)
Brian Gix2b64d152011-12-21 16:12:12 -0800938 return SMP_CMD_NOTSUPP;
939
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300940 if (!chan->data)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300941 smp = smp_chan_create(conn);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300942 else
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300943 smp = chan->data;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300944
Andrei Emeltchenkod08fd0e2012-07-19 17:03:43 +0300945 if (!smp)
946 return SMP_UNSPECIFIED;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -0300947
Johan Hedbergc05b9332014-09-10 17:37:42 -0700948 /* We didn't start the pairing, so match remote */
949 auth = req->auth_req & AUTH_REQ_MASK;
950
Johan Hedbergb6ae8452014-07-30 09:22:22 +0300951 if (!test_bit(HCI_BONDABLE, &hdev->dev_flags) &&
Johan Hedbergc05b9332014-09-10 17:37:42 -0700952 (auth & SMP_AUTH_BONDING))
Johan Hedbergb3c64102014-07-10 11:02:07 +0300953 return SMP_PAIRING_NOTSUPP;
954
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300955 smp->preq[0] = SMP_CMD_PAIRING_REQ;
956 memcpy(&smp->preq[1], req, sizeof(*req));
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300957 skb_pull(skb, sizeof(*req));
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300958
Johan Hedberg5be5e272014-09-10 17:58:54 -0700959 if (conn->hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
Johan Hedberg1afc2a12014-09-10 17:37:44 -0700960 sec_level = BT_SECURITY_MEDIUM;
961 else
962 sec_level = authreq_to_seclevel(auth);
963
Johan Hedbergc7262e72014-06-17 13:07:37 +0300964 if (sec_level > conn->hcon->pending_sec_level)
965 conn->hcon->pending_sec_level = sec_level;
Ido Yarivfdde0a22012-03-05 20:09:38 +0200966
Stephen Hemminger49c922b2014-10-27 21:12:20 -0700967 /* If we need MITM check that it can be achieved */
Johan Hedberg2ed8f652014-06-17 13:07:39 +0300968 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
969 u8 method;
970
971 method = get_auth_method(smp, conn->hcon->io_capability,
972 req->io_capability);
973 if (method == JUST_WORKS || method == JUST_CFM)
974 return SMP_AUTH_REQUIREMENTS;
975 }
976
Brian Gix2b64d152011-12-21 16:12:12 -0800977 build_pairing_cmd(conn, req, &rsp, auth);
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300978
979 key_size = min(req->max_key_size, rsp.max_key_size);
980 if (check_enc_key_size(conn, key_size))
981 return SMP_ENC_KEY_SIZE;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300982
Johan Hedberge84a6b12013-12-02 10:49:03 +0200983 get_random_bytes(smp->prnd, sizeof(smp->prnd));
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300984
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300985 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
986 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -0300987
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300988 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
Johan Hedbergb28b4942014-09-05 22:19:55 +0300989 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300990
Brian Gix2b64d152011-12-21 16:12:12 -0800991 /* Request setup of TK */
992 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
993 if (ret)
994 return SMP_UNSPECIFIED;
995
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300996 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300997}
998
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300999static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001000{
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -03001001 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001002 struct l2cap_chan *chan = conn->smp;
1003 struct smp_chan *smp = chan->data;
Johan Hedberg3a7dbfb2014-09-10 17:37:41 -07001004 u8 key_size, auth;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001005 int ret;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001006
1007 BT_DBG("conn %p", conn);
1008
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001009 if (skb->len < sizeof(*rsp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001010 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001011
Johan Hedberg40bef302014-07-16 11:42:27 +03001012 if (conn->hcon->role != HCI_ROLE_MASTER)
Brian Gix2b64d152011-12-21 16:12:12 -08001013 return SMP_CMD_NOTSUPP;
1014
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -03001015 skb_pull(skb, sizeof(*rsp));
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001016
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001017 req = (void *) &smp->preq[1];
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -03001018
1019 key_size = min(req->max_key_size, rsp->max_key_size);
1020 if (check_enc_key_size(conn, key_size))
1021 return SMP_ENC_KEY_SIZE;
1022
Johan Hedbergc05b9332014-09-10 17:37:42 -07001023 auth = rsp->auth_req & AUTH_REQ_MASK;
1024
Stephen Hemminger49c922b2014-10-27 21:12:20 -07001025 /* If we need MITM check that it can be achieved */
Johan Hedberg2ed8f652014-06-17 13:07:39 +03001026 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
1027 u8 method;
1028
1029 method = get_auth_method(smp, req->io_capability,
1030 rsp->io_capability);
1031 if (method == JUST_WORKS || method == JUST_CFM)
1032 return SMP_AUTH_REQUIREMENTS;
1033 }
1034
Johan Hedberge84a6b12013-12-02 10:49:03 +02001035 get_random_bytes(smp->prnd, sizeof(smp->prnd));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001036
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001037 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
1038 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001039
Johan Hedbergfdcc4be2014-03-14 10:53:50 +02001040 /* Update remote key distribution in case the remote cleared
1041 * some bits that we had enabled in our request.
1042 */
1043 smp->remote_key_dist &= rsp->resp_key_dist;
1044
Johan Hedbergc05b9332014-09-10 17:37:42 -07001045 auth |= req->auth_req;
Brian Gix2b64d152011-12-21 16:12:12 -08001046
Johan Hedberg476585e2012-06-06 18:54:15 +08001047 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
Brian Gix2b64d152011-12-21 16:12:12 -08001048 if (ret)
1049 return SMP_UNSPECIFIED;
1050
Johan Hedberg4a74d652014-05-20 09:45:50 +03001051 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -08001052
1053 /* Can't compose response until we have been confirmed */
Johan Hedberg4a74d652014-05-20 09:45:50 +03001054 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
Johan Hedberg1cc61142014-05-20 09:45:52 +03001055 return smp_confirm(smp);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001056
1057 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001058}
1059
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001060static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001061{
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001062 struct l2cap_chan *chan = conn->smp;
1063 struct smp_chan *smp = chan->data;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001064
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001065 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
1066
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001067 if (skb->len < sizeof(smp->pcnf))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001068 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001069
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001070 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
1071 skb_pull(skb, sizeof(smp->pcnf));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001072
Johan Hedbergb28b4942014-09-05 22:19:55 +03001073 if (conn->hcon->out) {
Johan Hedberg943a7322014-03-18 12:58:24 +02001074 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
1075 smp->prnd);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001076 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
1077 return 0;
1078 }
1079
1080 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
Johan Hedberg1cc61142014-05-20 09:45:52 +03001081 return smp_confirm(smp);
Johan Hedberg943a7322014-03-18 12:58:24 +02001082 else
Johan Hedberg4a74d652014-05-20 09:45:50 +03001083 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001084
1085 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001086}
1087
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001088static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001089{
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001090 struct l2cap_chan *chan = conn->smp;
1091 struct smp_chan *smp = chan->data;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001092
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001093 BT_DBG("conn %p", conn);
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001094
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001095 if (skb->len < sizeof(smp->rrnd))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001096 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001097
Johan Hedberg943a7322014-03-18 12:58:24 +02001098 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001099 skb_pull(skb, sizeof(smp->rrnd));
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001100
Johan Hedberg861580a2014-05-20 09:45:51 +03001101 return smp_random(smp);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001102}
1103
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001104static bool smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001105{
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001106 struct smp_ltk *key;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001107 struct hci_conn *hcon = conn->hcon;
1108
Johan Hedberg98a0b842014-01-30 19:40:00 -08001109 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
Johan Hedberge804d252014-07-16 11:42:28 +03001110 hcon->role);
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001111 if (!key)
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001112 return false;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001113
Johan Hedberga6f78332014-09-10 17:37:45 -07001114 if (smp_ltk_sec_level(key) < sec_level)
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001115 return false;
Johan Hedberg4dab7862012-06-07 14:58:37 +08001116
Johan Hedberg51a8efd2012-01-16 06:10:31 +02001117 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001118 return true;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001119
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001120 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
1121 hcon->enc_key_size = key->enc_size;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001122
Johan Hedbergfe59a052014-07-01 19:14:12 +03001123 /* We never store STKs for master role, so clear this flag */
1124 clear_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
1125
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001126 return true;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001127}
Marcel Holtmannf1560462013-10-13 05:43:25 -07001128
Johan Hedberg854f4722014-07-01 18:40:20 +03001129bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level)
1130{
1131 if (sec_level == BT_SECURITY_LOW)
1132 return true;
1133
Johan Hedberg9ab65d602014-07-01 19:14:13 +03001134 /* If we're encrypted with an STK always claim insufficient
1135 * security. This way we allow the connection to be re-encrypted
1136 * with an LTK, even if the LTK provides the same level of
Johan Hedbergb2d5e252014-07-14 14:34:55 +03001137 * security. Only exception is if we don't have an LTK (e.g.
1138 * because of key distribution bits).
Johan Hedberg9ab65d602014-07-01 19:14:13 +03001139 */
Johan Hedbergb2d5e252014-07-14 14:34:55 +03001140 if (test_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags) &&
1141 hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
Johan Hedberge804d252014-07-16 11:42:28 +03001142 hcon->role))
Johan Hedberg9ab65d602014-07-01 19:14:13 +03001143 return false;
1144
Johan Hedberg854f4722014-07-01 18:40:20 +03001145 if (hcon->sec_level >= sec_level)
1146 return true;
1147
1148 return false;
1149}
1150
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001151static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001152{
1153 struct smp_cmd_security_req *rp = (void *) skb->data;
1154 struct smp_cmd_pairing cp;
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -03001155 struct hci_conn *hcon = conn->hcon;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001156 struct smp_chan *smp;
Johan Hedbergc05b9332014-09-10 17:37:42 -07001157 u8 sec_level, auth;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001158
1159 BT_DBG("conn %p", conn);
1160
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001161 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001162 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001163
Johan Hedberg40bef302014-07-16 11:42:27 +03001164 if (hcon->role != HCI_ROLE_MASTER)
Johan Hedberg86ca9ea2013-11-05 11:30:39 +02001165 return SMP_CMD_NOTSUPP;
1166
Johan Hedbergc05b9332014-09-10 17:37:42 -07001167 auth = rp->auth_req & AUTH_REQ_MASK;
1168
Johan Hedberg5be5e272014-09-10 17:58:54 -07001169 if (hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
Johan Hedberg1afc2a12014-09-10 17:37:44 -07001170 sec_level = BT_SECURITY_MEDIUM;
1171 else
1172 sec_level = authreq_to_seclevel(auth);
1173
Johan Hedberg854f4722014-07-01 18:40:20 +03001174 if (smp_sufficient_security(hcon, sec_level))
1175 return 0;
1176
Johan Hedbergc7262e72014-06-17 13:07:37 +03001177 if (sec_level > hcon->pending_sec_level)
1178 hcon->pending_sec_level = sec_level;
Vinicius Costa Gomesfeb45eb2011-08-25 20:02:35 -03001179
Johan Hedberg4dab7862012-06-07 14:58:37 +08001180 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001181 return 0;
1182
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001183 smp = smp_chan_create(conn);
Johan Hedbergc29d2442014-06-16 19:25:14 +03001184 if (!smp)
1185 return SMP_UNSPECIFIED;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001186
Johan Hedbergb6ae8452014-07-30 09:22:22 +03001187 if (!test_bit(HCI_BONDABLE, &hcon->hdev->dev_flags) &&
Johan Hedbergc05b9332014-09-10 17:37:42 -07001188 (auth & SMP_AUTH_BONDING))
Johan Hedberg616d55b2014-07-29 14:18:48 +03001189 return SMP_PAIRING_NOTSUPP;
1190
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001191 skb_pull(skb, sizeof(*rp));
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001192
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001193 memset(&cp, 0, sizeof(cp));
Johan Hedbergc05b9332014-09-10 17:37:42 -07001194 build_pairing_cmd(conn, &cp, NULL, auth);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001195
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001196 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1197 memcpy(&smp->preq[1], &cp, sizeof(cp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -03001198
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001199 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001200 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -03001201
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001202 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001203}
1204
Vinicius Costa Gomescc110922012-08-23 21:32:43 -03001205int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001206{
Vinicius Costa Gomescc110922012-08-23 21:32:43 -03001207 struct l2cap_conn *conn = hcon->l2cap_data;
Johan Hedbergc68b7f12014-09-06 06:59:10 +03001208 struct l2cap_chan *chan;
Johan Hedberg0a66cf22014-03-24 14:39:03 +02001209 struct smp_chan *smp;
Brian Gix2b64d152011-12-21 16:12:12 -08001210 __u8 authreq;
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001211 int ret;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001212
Vinicius Costa Gomes3a0259b2011-06-09 18:50:43 -03001213 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
1214
Johan Hedberg0a66cf22014-03-24 14:39:03 +02001215 /* This may be NULL if there's an unexpected disconnection */
1216 if (!conn)
1217 return 1;
1218
Johan Hedbergc68b7f12014-09-06 06:59:10 +03001219 chan = conn->smp;
1220
Johan Hedberg757aee02013-04-24 13:05:32 +03001221 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
Andre Guedes2e65c9d2011-06-30 19:20:56 -03001222 return 1;
1223
Johan Hedbergad32a2f2013-05-14 18:05:12 +03001224 if (smp_sufficient_security(hcon, sec_level))
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -03001225 return 1;
1226
Johan Hedbergc7262e72014-06-17 13:07:37 +03001227 if (sec_level > hcon->pending_sec_level)
1228 hcon->pending_sec_level = sec_level;
1229
Johan Hedberg40bef302014-07-16 11:42:27 +03001230 if (hcon->role == HCI_ROLE_MASTER)
Johan Hedbergc7262e72014-06-17 13:07:37 +03001231 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
1232 return 0;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001233
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001234 l2cap_chan_lock(chan);
1235
1236 /* If SMP is already in progress ignore this request */
1237 if (chan->data) {
1238 ret = 0;
1239 goto unlock;
1240 }
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001241
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001242 smp = smp_chan_create(conn);
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001243 if (!smp) {
1244 ret = 1;
1245 goto unlock;
1246 }
Brian Gix2b64d152011-12-21 16:12:12 -08001247
1248 authreq = seclevel_to_authreq(sec_level);
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001249
Johan Hedberg79897d22014-06-01 09:45:24 +03001250 /* Require MITM if IO Capability allows or the security level
1251 * requires it.
Johan Hedberg2e233642014-03-18 15:42:30 +02001252 */
Johan Hedberg79897d22014-06-01 09:45:24 +03001253 if (hcon->io_capability != HCI_IO_NO_INPUT_OUTPUT ||
Johan Hedbergc7262e72014-06-17 13:07:37 +03001254 hcon->pending_sec_level > BT_SECURITY_MEDIUM)
Johan Hedberg2e233642014-03-18 15:42:30 +02001255 authreq |= SMP_AUTH_MITM;
1256
Johan Hedberg40bef302014-07-16 11:42:27 +03001257 if (hcon->role == HCI_ROLE_MASTER) {
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001258 struct smp_cmd_pairing cp;
Anderson Brigliaf01ead32011-06-09 18:50:45 -03001259
Brian Gix2b64d152011-12-21 16:12:12 -08001260 build_pairing_cmd(conn, &cp, NULL, authreq);
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001261 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1262 memcpy(&smp->preq[1], &cp, sizeof(cp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -03001263
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001264 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001265 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001266 } else {
1267 struct smp_cmd_security_req cp;
Brian Gix2b64d152011-12-21 16:12:12 -08001268 cp.auth_req = authreq;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001269 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001270 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_REQ);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001271 }
1272
Johan Hedberg4a74d652014-05-20 09:45:50 +03001273 set_bit(SMP_FLAG_INITIATOR, &smp->flags);
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001274 ret = 0;
Johan Hedbergedca7922014-03-24 15:54:11 +02001275
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001276unlock:
1277 l2cap_chan_unlock(chan);
1278 return ret;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001279}
1280
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001281static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
1282{
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001283 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001284 struct l2cap_chan *chan = conn->smp;
1285 struct smp_chan *smp = chan->data;
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001286
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001287 BT_DBG("conn %p", conn);
1288
1289 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001290 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001291
Johan Hedbergb28b4942014-09-05 22:19:55 +03001292 SMP_ALLOW_CMD(smp, SMP_CMD_MASTER_IDENT);
Johan Hedberg6131ddc2014-02-18 10:19:37 +02001293
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001294 skb_pull(skb, sizeof(*rp));
1295
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001296 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001297
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001298 return 0;
1299}
1300
1301static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
1302{
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001303 struct smp_cmd_master_ident *rp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001304 struct l2cap_chan *chan = conn->smp;
1305 struct smp_chan *smp = chan->data;
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001306 struct hci_dev *hdev = conn->hcon->hdev;
1307 struct hci_conn *hcon = conn->hcon;
Johan Hedberg23d0e122014-02-19 14:57:46 +02001308 struct smp_ltk *ltk;
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001309 u8 authenticated;
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001310
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001311 BT_DBG("conn %p", conn);
1312
1313 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001314 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001315
Johan Hedberg9747a9f2014-02-26 23:33:43 +02001316 /* Mark the information as received */
1317 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
1318
Johan Hedbergb28b4942014-09-05 22:19:55 +03001319 if (smp->remote_key_dist & SMP_DIST_ID_KEY)
1320 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
Johan Hedberg196332f2014-09-09 16:21:46 -07001321 else if (smp->remote_key_dist & SMP_DIST_SIGN)
1322 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001323
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001324 skb_pull(skb, sizeof(*rp));
1325
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001326 hci_dev_lock(hdev);
Marcel Holtmannce39fb42013-10-13 02:23:39 -07001327 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
Johan Hedberg2ceba532014-06-16 19:25:16 +03001328 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, SMP_LTK,
Johan Hedberg23d0e122014-02-19 14:57:46 +02001329 authenticated, smp->tk, smp->enc_key_size,
1330 rp->ediv, rp->rand);
1331 smp->ltk = ltk;
Johan Hedbergc6e81e92014-09-05 22:19:54 +03001332 if (!(smp->remote_key_dist & KEY_DIST_MASK))
Johan Hedbergd6268e82014-09-05 22:19:51 +03001333 smp_distribute_keys(smp);
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001334 hci_dev_unlock(hdev);
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001335
1336 return 0;
1337}
1338
Johan Hedbergfd349c02014-02-18 10:19:36 +02001339static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
1340{
1341 struct smp_cmd_ident_info *info = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001342 struct l2cap_chan *chan = conn->smp;
1343 struct smp_chan *smp = chan->data;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001344
1345 BT_DBG("");
1346
1347 if (skb->len < sizeof(*info))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001348 return SMP_INVALID_PARAMS;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001349
Johan Hedbergb28b4942014-09-05 22:19:55 +03001350 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_ADDR_INFO);
Johan Hedberg6131ddc2014-02-18 10:19:37 +02001351
Johan Hedbergfd349c02014-02-18 10:19:36 +02001352 skb_pull(skb, sizeof(*info));
1353
1354 memcpy(smp->irk, info->irk, 16);
1355
1356 return 0;
1357}
1358
1359static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
1360 struct sk_buff *skb)
1361{
1362 struct smp_cmd_ident_addr_info *info = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001363 struct l2cap_chan *chan = conn->smp;
1364 struct smp_chan *smp = chan->data;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001365 struct hci_conn *hcon = conn->hcon;
1366 bdaddr_t rpa;
1367
1368 BT_DBG("");
1369
1370 if (skb->len < sizeof(*info))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001371 return SMP_INVALID_PARAMS;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001372
Johan Hedberg9747a9f2014-02-26 23:33:43 +02001373 /* Mark the information as received */
1374 smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
1375
Johan Hedbergb28b4942014-09-05 22:19:55 +03001376 if (smp->remote_key_dist & SMP_DIST_SIGN)
1377 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
1378
Johan Hedbergfd349c02014-02-18 10:19:36 +02001379 skb_pull(skb, sizeof(*info));
1380
Johan Hedberg31dd6242014-06-27 14:23:02 +03001381 hci_dev_lock(hcon->hdev);
1382
Johan Hedberga9a58f82014-02-25 22:24:37 +02001383 /* Strictly speaking the Core Specification (4.1) allows sending
1384 * an empty address which would force us to rely on just the IRK
1385 * as "identity information". However, since such
1386 * implementations are not known of and in order to not over
1387 * complicate our implementation, simply pretend that we never
1388 * received an IRK for such a device.
1389 */
1390 if (!bacmp(&info->bdaddr, BDADDR_ANY)) {
1391 BT_ERR("Ignoring IRK with no identity address");
Johan Hedberg31dd6242014-06-27 14:23:02 +03001392 goto distribute;
Johan Hedberga9a58f82014-02-25 22:24:37 +02001393 }
1394
Johan Hedbergfd349c02014-02-18 10:19:36 +02001395 bacpy(&smp->id_addr, &info->bdaddr);
1396 smp->id_addr_type = info->addr_type;
1397
1398 if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type))
1399 bacpy(&rpa, &hcon->dst);
1400 else
1401 bacpy(&rpa, BDADDR_ANY);
1402
Johan Hedberg23d0e122014-02-19 14:57:46 +02001403 smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
1404 smp->id_addr_type, smp->irk, &rpa);
Johan Hedbergfd349c02014-02-18 10:19:36 +02001405
Johan Hedberg31dd6242014-06-27 14:23:02 +03001406distribute:
Johan Hedbergc6e81e92014-09-05 22:19:54 +03001407 if (!(smp->remote_key_dist & KEY_DIST_MASK))
1408 smp_distribute_keys(smp);
Johan Hedbergfd349c02014-02-18 10:19:36 +02001409
Johan Hedberg31dd6242014-06-27 14:23:02 +03001410 hci_dev_unlock(hcon->hdev);
1411
Johan Hedbergfd349c02014-02-18 10:19:36 +02001412 return 0;
1413}
1414
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001415static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb)
1416{
1417 struct smp_cmd_sign_info *rp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001418 struct l2cap_chan *chan = conn->smp;
1419 struct smp_chan *smp = chan->data;
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001420 struct hci_dev *hdev = conn->hcon->hdev;
1421 struct smp_csrk *csrk;
1422
1423 BT_DBG("conn %p", conn);
1424
1425 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001426 return SMP_INVALID_PARAMS;
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001427
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001428 /* Mark the information as received */
1429 smp->remote_key_dist &= ~SMP_DIST_SIGN;
1430
1431 skb_pull(skb, sizeof(*rp));
1432
1433 hci_dev_lock(hdev);
1434 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1435 if (csrk) {
1436 csrk->master = 0x01;
1437 memcpy(csrk->val, rp->csrk, sizeof(csrk->val));
1438 }
1439 smp->csrk = csrk;
Johan Hedbergd6268e82014-09-05 22:19:51 +03001440 smp_distribute_keys(smp);
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001441 hci_dev_unlock(hdev);
1442
1443 return 0;
1444}
1445
Johan Hedberg4befb862014-08-11 22:06:38 +03001446static int smp_sig_channel(struct l2cap_chan *chan, struct sk_buff *skb)
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001447{
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001448 struct l2cap_conn *conn = chan->conn;
Marcel Holtmann7b9899d2013-10-03 00:00:57 -07001449 struct hci_conn *hcon = conn->hcon;
Johan Hedbergb28b4942014-09-05 22:19:55 +03001450 struct smp_chan *smp;
Marcel Holtmann92381f52013-10-03 01:23:08 -07001451 __u8 code, reason;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001452 int err = 0;
1453
Marcel Holtmann7b9899d2013-10-03 00:00:57 -07001454 if (hcon->type != LE_LINK) {
1455 kfree_skb(skb);
Johan Hedberg3432711f2013-10-16 11:37:01 +03001456 return 0;
Marcel Holtmann7b9899d2013-10-03 00:00:57 -07001457 }
1458
Johan Hedberg8ae9b982014-08-11 22:06:39 +03001459 if (skb->len < 1)
Marcel Holtmann92381f52013-10-03 01:23:08 -07001460 return -EILSEQ;
Marcel Holtmann92381f52013-10-03 01:23:08 -07001461
Marcel Holtmann06ae3312013-10-18 03:43:00 -07001462 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
Andre Guedes2e65c9d2011-06-30 19:20:56 -03001463 reason = SMP_PAIRING_NOTSUPP;
1464 goto done;
1465 }
1466
Marcel Holtmann92381f52013-10-03 01:23:08 -07001467 code = skb->data[0];
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001468 skb_pull(skb, sizeof(code));
1469
Johan Hedbergb28b4942014-09-05 22:19:55 +03001470 smp = chan->data;
1471
1472 if (code > SMP_CMD_MAX)
1473 goto drop;
1474
Johan Hedberg24bd0bd2014-09-10 17:37:43 -07001475 if (smp && !test_and_clear_bit(code, &smp->allow_cmd))
Johan Hedbergb28b4942014-09-05 22:19:55 +03001476 goto drop;
1477
1478 /* If we don't have a context the only allowed commands are
1479 * pairing request and security request.
Johan Hedberg8cf9fa12013-01-29 10:44:23 -06001480 */
Johan Hedbergb28b4942014-09-05 22:19:55 +03001481 if (!smp && code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ)
1482 goto drop;
Johan Hedberg8cf9fa12013-01-29 10:44:23 -06001483
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001484 switch (code) {
1485 case SMP_CMD_PAIRING_REQ:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001486 reason = smp_cmd_pairing_req(conn, skb);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001487 break;
1488
1489 case SMP_CMD_PAIRING_FAIL:
Johan Hedberg84794e12013-11-06 11:24:57 +02001490 smp_failure(conn, 0);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001491 err = -EPERM;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001492 break;
1493
1494 case SMP_CMD_PAIRING_RSP:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001495 reason = smp_cmd_pairing_rsp(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001496 break;
1497
1498 case SMP_CMD_SECURITY_REQ:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001499 reason = smp_cmd_security_req(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001500 break;
1501
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001502 case SMP_CMD_PAIRING_CONFIRM:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001503 reason = smp_cmd_pairing_confirm(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001504 break;
1505
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001506 case SMP_CMD_PAIRING_RANDOM:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001507 reason = smp_cmd_pairing_random(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001508 break;
1509
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001510 case SMP_CMD_ENCRYPT_INFO:
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001511 reason = smp_cmd_encrypt_info(conn, skb);
1512 break;
1513
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001514 case SMP_CMD_MASTER_IDENT:
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001515 reason = smp_cmd_master_ident(conn, skb);
1516 break;
1517
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001518 case SMP_CMD_IDENT_INFO:
Johan Hedbergfd349c02014-02-18 10:19:36 +02001519 reason = smp_cmd_ident_info(conn, skb);
1520 break;
1521
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001522 case SMP_CMD_IDENT_ADDR_INFO:
Johan Hedbergfd349c02014-02-18 10:19:36 +02001523 reason = smp_cmd_ident_addr_info(conn, skb);
1524 break;
1525
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001526 case SMP_CMD_SIGN_INFO:
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001527 reason = smp_cmd_sign_info(conn, skb);
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001528 break;
1529
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001530 default:
1531 BT_DBG("Unknown command code 0x%2.2x", code);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001532 reason = SMP_CMD_NOTSUPP;
Vinicius Costa Gomes3a0259b2011-06-09 18:50:43 -03001533 goto done;
1534 }
1535
1536done:
Johan Hedberg9b7b18e2014-08-18 20:33:31 +03001537 if (!err) {
1538 if (reason)
1539 smp_failure(conn, reason);
Johan Hedberg8ae9b982014-08-11 22:06:39 +03001540 kfree_skb(skb);
Johan Hedberg9b7b18e2014-08-18 20:33:31 +03001541 }
1542
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001543 return err;
Johan Hedbergb28b4942014-09-05 22:19:55 +03001544
1545drop:
1546 BT_ERR("%s unexpected SMP command 0x%02x from %pMR", hcon->hdev->name,
1547 code, &hcon->dst);
1548 kfree_skb(skb);
1549 return 0;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001550}
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001551
Johan Hedberg70db83c2014-08-08 09:37:16 +03001552static void smp_teardown_cb(struct l2cap_chan *chan, int err)
1553{
1554 struct l2cap_conn *conn = chan->conn;
1555
1556 BT_DBG("chan %p", chan);
1557
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001558 if (chan->data)
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001559 smp_chan_destroy(conn);
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001560
Johan Hedberg70db83c2014-08-08 09:37:16 +03001561 conn->smp = NULL;
1562 l2cap_chan_put(chan);
1563}
1564
Johan Hedberg44f1a7a2014-08-11 22:06:36 +03001565static void smp_resume_cb(struct l2cap_chan *chan)
1566{
Johan Hedbergb68fda62014-08-11 22:06:40 +03001567 struct smp_chan *smp = chan->data;
Johan Hedberg44f1a7a2014-08-11 22:06:36 +03001568 struct l2cap_conn *conn = chan->conn;
1569 struct hci_conn *hcon = conn->hcon;
1570
1571 BT_DBG("chan %p", chan);
1572
Johan Hedberg86d14072014-08-11 22:06:43 +03001573 if (!smp)
1574 return;
Johan Hedbergb68fda62014-08-11 22:06:40 +03001575
Johan Hedberg84bc0db2014-09-05 22:19:49 +03001576 if (!test_bit(HCI_CONN_ENCRYPT, &hcon->flags))
1577 return;
1578
Johan Hedberg86d14072014-08-11 22:06:43 +03001579 cancel_delayed_work(&smp->security_timer);
1580
Johan Hedbergd6268e82014-09-05 22:19:51 +03001581 smp_distribute_keys(smp);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +03001582}
1583
Johan Hedberg70db83c2014-08-08 09:37:16 +03001584static void smp_ready_cb(struct l2cap_chan *chan)
1585{
1586 struct l2cap_conn *conn = chan->conn;
1587
1588 BT_DBG("chan %p", chan);
1589
1590 conn->smp = chan;
1591 l2cap_chan_hold(chan);
1592}
1593
Johan Hedberg4befb862014-08-11 22:06:38 +03001594static int smp_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
1595{
1596 int err;
1597
1598 BT_DBG("chan %p", chan);
1599
1600 err = smp_sig_channel(chan, skb);
1601 if (err) {
Johan Hedbergb68fda62014-08-11 22:06:40 +03001602 struct smp_chan *smp = chan->data;
Johan Hedberg4befb862014-08-11 22:06:38 +03001603
Johan Hedbergb68fda62014-08-11 22:06:40 +03001604 if (smp)
1605 cancel_delayed_work_sync(&smp->security_timer);
Johan Hedberg4befb862014-08-11 22:06:38 +03001606
Johan Hedberg1e91c292014-08-18 20:33:29 +03001607 hci_disconnect(chan->conn->hcon, HCI_ERROR_AUTH_FAILURE);
Johan Hedberg4befb862014-08-11 22:06:38 +03001608 }
1609
1610 return err;
1611}
1612
Johan Hedberg70db83c2014-08-08 09:37:16 +03001613static struct sk_buff *smp_alloc_skb_cb(struct l2cap_chan *chan,
1614 unsigned long hdr_len,
1615 unsigned long len, int nb)
1616{
1617 struct sk_buff *skb;
1618
1619 skb = bt_skb_alloc(hdr_len + len, GFP_KERNEL);
1620 if (!skb)
1621 return ERR_PTR(-ENOMEM);
1622
1623 skb->priority = HCI_PRIO_MAX;
1624 bt_cb(skb)->chan = chan;
1625
1626 return skb;
1627}
1628
1629static const struct l2cap_ops smp_chan_ops = {
1630 .name = "Security Manager",
1631 .ready = smp_ready_cb,
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001632 .recv = smp_recv_cb,
Johan Hedberg70db83c2014-08-08 09:37:16 +03001633 .alloc_skb = smp_alloc_skb_cb,
1634 .teardown = smp_teardown_cb,
Johan Hedberg44f1a7a2014-08-11 22:06:36 +03001635 .resume = smp_resume_cb,
Johan Hedberg70db83c2014-08-08 09:37:16 +03001636
1637 .new_connection = l2cap_chan_no_new_connection,
Johan Hedberg70db83c2014-08-08 09:37:16 +03001638 .state_change = l2cap_chan_no_state_change,
1639 .close = l2cap_chan_no_close,
1640 .defer = l2cap_chan_no_defer,
1641 .suspend = l2cap_chan_no_suspend,
Johan Hedberg70db83c2014-08-08 09:37:16 +03001642 .set_shutdown = l2cap_chan_no_set_shutdown,
1643 .get_sndtimeo = l2cap_chan_no_get_sndtimeo,
1644 .memcpy_fromiovec = l2cap_chan_no_memcpy_fromiovec,
1645};
1646
1647static inline struct l2cap_chan *smp_new_conn_cb(struct l2cap_chan *pchan)
1648{
1649 struct l2cap_chan *chan;
1650
1651 BT_DBG("pchan %p", pchan);
1652
1653 chan = l2cap_chan_create();
1654 if (!chan)
1655 return NULL;
1656
1657 chan->chan_type = pchan->chan_type;
1658 chan->ops = &smp_chan_ops;
1659 chan->scid = pchan->scid;
1660 chan->dcid = chan->scid;
1661 chan->imtu = pchan->imtu;
1662 chan->omtu = pchan->omtu;
1663 chan->mode = pchan->mode;
1664
1665 BT_DBG("created chan %p", chan);
1666
1667 return chan;
1668}
1669
1670static const struct l2cap_ops smp_root_chan_ops = {
1671 .name = "Security Manager Root",
1672 .new_connection = smp_new_conn_cb,
1673
1674 /* None of these are implemented for the root channel */
1675 .close = l2cap_chan_no_close,
1676 .alloc_skb = l2cap_chan_no_alloc_skb,
1677 .recv = l2cap_chan_no_recv,
1678 .state_change = l2cap_chan_no_state_change,
1679 .teardown = l2cap_chan_no_teardown,
1680 .ready = l2cap_chan_no_ready,
1681 .defer = l2cap_chan_no_defer,
1682 .suspend = l2cap_chan_no_suspend,
1683 .resume = l2cap_chan_no_resume,
1684 .set_shutdown = l2cap_chan_no_set_shutdown,
1685 .get_sndtimeo = l2cap_chan_no_get_sndtimeo,
1686 .memcpy_fromiovec = l2cap_chan_no_memcpy_fromiovec,
1687};
1688
Johan Hedberg711eafe2014-08-08 09:32:52 +03001689int smp_register(struct hci_dev *hdev)
1690{
Johan Hedberg70db83c2014-08-08 09:37:16 +03001691 struct l2cap_chan *chan;
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001692 struct crypto_blkcipher *tfm_aes;
Johan Hedberg70db83c2014-08-08 09:37:16 +03001693
Johan Hedberg711eafe2014-08-08 09:32:52 +03001694 BT_DBG("%s", hdev->name);
1695
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001696 tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
1697 if (IS_ERR(tfm_aes)) {
1698 int err = PTR_ERR(tfm_aes);
Johan Hedberg711eafe2014-08-08 09:32:52 +03001699 BT_ERR("Unable to create crypto context");
Johan Hedberg711eafe2014-08-08 09:32:52 +03001700 return err;
1701 }
1702
Johan Hedberg70db83c2014-08-08 09:37:16 +03001703 chan = l2cap_chan_create();
1704 if (!chan) {
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001705 crypto_free_blkcipher(tfm_aes);
Johan Hedberg70db83c2014-08-08 09:37:16 +03001706 return -ENOMEM;
1707 }
1708
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001709 chan->data = tfm_aes;
1710
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001711 l2cap_add_scid(chan, L2CAP_CID_SMP);
Johan Hedberg70db83c2014-08-08 09:37:16 +03001712
1713 l2cap_chan_set_defaults(chan);
1714
1715 bacpy(&chan->src, &hdev->bdaddr);
1716 chan->src_type = BDADDR_LE_PUBLIC;
1717 chan->state = BT_LISTEN;
1718 chan->mode = L2CAP_MODE_BASIC;
1719 chan->imtu = L2CAP_DEFAULT_MTU;
1720 chan->ops = &smp_root_chan_ops;
1721
1722 hdev->smp_data = chan;
1723
Johan Hedberg711eafe2014-08-08 09:32:52 +03001724 return 0;
1725}
1726
1727void smp_unregister(struct hci_dev *hdev)
1728{
Johan Hedberg70db83c2014-08-08 09:37:16 +03001729 struct l2cap_chan *chan = hdev->smp_data;
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001730 struct crypto_blkcipher *tfm_aes;
Johan Hedberg70db83c2014-08-08 09:37:16 +03001731
1732 if (!chan)
1733 return;
1734
1735 BT_DBG("%s chan %p", hdev->name, chan);
Johan Hedberg711eafe2014-08-08 09:32:52 +03001736
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001737 tfm_aes = chan->data;
1738 if (tfm_aes) {
1739 chan->data = NULL;
1740 crypto_free_blkcipher(tfm_aes);
Johan Hedberg711eafe2014-08-08 09:32:52 +03001741 }
Johan Hedberg70db83c2014-08-08 09:37:16 +03001742
1743 hdev->smp_data = NULL;
1744 l2cap_chan_put(chan);
Johan Hedberg711eafe2014-08-08 09:32:52 +03001745}