blob: 4ecbf2774fbd9800e079d10c6c52cf81595c6ff8 [file] [log] [blame]
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
Gustavo Padovan8c520a52012-05-23 04:04:22 -030023#include <linux/crypto.h>
24#include <linux/scatterlist.h>
25#include <crypto/b128ops.h>
26
Anderson Brigliaeb492e02011-06-09 18:50:40 -030027#include <net/bluetooth/bluetooth.h>
28#include <net/bluetooth/hci_core.h>
29#include <net/bluetooth/l2cap.h>
Brian Gix2b64d152011-12-21 16:12:12 -080030#include <net/bluetooth/mgmt.h>
Marcel Holtmannac4b7232013-10-10 14:54:16 -070031
32#include "smp.h"
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030033
Johan Hedbergb28b4942014-09-05 22:19:55 +030034#define SMP_ALLOW_CMD(smp, code) set_bit(code, &smp->allow_cmd)
Johan Hedbergb28b4942014-09-05 22:19:55 +030035
Marcel Holtmann17b02e62012-03-01 14:32:37 -080036#define SMP_TIMEOUT msecs_to_jiffies(30000)
Vinicius Costa Gomes5d3de7d2011-06-14 13:37:41 -030037
Johan Hedberg0edb14d2014-05-26 13:29:28 +030038#define AUTH_REQ_MASK(dev) (test_bit(HCI_SC_ENABLED, &(dev)->dev_flags) ? \
39 0x1f : 0x07)
40#define KEY_DIST_MASK 0x07
Johan Hedberg065a13e2012-10-11 16:26:06 +020041
Johan Hedberg533e35d2014-06-16 19:25:18 +030042enum {
43 SMP_FLAG_TK_VALID,
44 SMP_FLAG_CFM_PENDING,
45 SMP_FLAG_MITM_AUTH,
46 SMP_FLAG_COMPLETE,
47 SMP_FLAG_INITIATOR,
Johan Hedberg65668772014-05-16 11:03:34 +030048 SMP_FLAG_SC,
Johan Hedberg533e35d2014-06-16 19:25:18 +030049};
Johan Hedberg4bc58f52014-05-20 09:45:47 +030050
51struct smp_chan {
Johan Hedbergb68fda62014-08-11 22:06:40 +030052 struct l2cap_conn *conn;
53 struct delayed_work security_timer;
Johan Hedbergb28b4942014-09-05 22:19:55 +030054 unsigned long allow_cmd; /* Bitmask of allowed commands */
Johan Hedbergb68fda62014-08-11 22:06:40 +030055
Johan Hedberg4bc58f52014-05-20 09:45:47 +030056 u8 preq[7]; /* SMP Pairing Request */
57 u8 prsp[7]; /* SMP Pairing Response */
58 u8 prnd[16]; /* SMP Pairing Random (local) */
59 u8 rrnd[16]; /* SMP Pairing Random (remote) */
60 u8 pcnf[16]; /* SMP Pairing Confirm */
61 u8 tk[16]; /* SMP Temporary Key */
62 u8 enc_key_size;
63 u8 remote_key_dist;
64 bdaddr_t id_addr;
65 u8 id_addr_type;
66 u8 irk[16];
67 struct smp_csrk *csrk;
68 struct smp_csrk *slave_csrk;
69 struct smp_ltk *ltk;
70 struct smp_ltk *slave_ltk;
71 struct smp_irk *remote_irk;
Johan Hedberg4a74d652014-05-20 09:45:50 +030072 unsigned long flags;
Johan Hedberg6a7bd102014-06-27 14:23:03 +030073
74 struct crypto_blkcipher *tfm_aes;
Johan Hedberg4bc58f52014-05-20 09:45:47 +030075};
76
Johan Hedberg8a2936f2014-06-16 19:25:19 +030077static inline void swap_buf(const u8 *src, u8 *dst, size_t len)
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030078{
Johan Hedberg8a2936f2014-06-16 19:25:19 +030079 size_t i;
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030080
Johan Hedberg8a2936f2014-06-16 19:25:19 +030081 for (i = 0; i < len; i++)
82 dst[len - 1 - i] = src[i];
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030083}
84
85static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
86{
87 struct blkcipher_desc desc;
88 struct scatterlist sg;
Johan Hedberg943a7322014-03-18 12:58:24 +020089 uint8_t tmp[16], data[16];
Johan Hedberg201a5922013-12-02 10:49:04 +020090 int err;
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030091
92 if (tfm == NULL) {
93 BT_ERR("tfm %p", tfm);
94 return -EINVAL;
95 }
96
97 desc.tfm = tfm;
98 desc.flags = 0;
99
Johan Hedberg943a7322014-03-18 12:58:24 +0200100 /* The most significant octet of key corresponds to k[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300101 swap_buf(k, tmp, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200102
103 err = crypto_blkcipher_setkey(tfm, tmp, 16);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300104 if (err) {
105 BT_ERR("cipher setkey failed: %d", err);
106 return err;
107 }
108
Johan Hedberg943a7322014-03-18 12:58:24 +0200109 /* Most significant octet of plaintextData corresponds to data[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300110 swap_buf(r, data, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200111
112 sg_init_one(&sg, data, 16);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300113
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300114 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
115 if (err)
116 BT_ERR("Encrypt data error %d", err);
117
Johan Hedberg943a7322014-03-18 12:58:24 +0200118 /* Most significant octet of encryptedData corresponds to data[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300119 swap_buf(data, r, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200120
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300121 return err;
122}
123
Johan Hedberg60478052014-02-18 10:19:31 +0200124static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
125{
Johan Hedberg943a7322014-03-18 12:58:24 +0200126 u8 _res[16];
Johan Hedberg60478052014-02-18 10:19:31 +0200127 int err;
128
129 /* r' = padding || r */
Johan Hedberg943a7322014-03-18 12:58:24 +0200130 memcpy(_res, r, 3);
131 memset(_res + 3, 0, 13);
Johan Hedberg60478052014-02-18 10:19:31 +0200132
Johan Hedberg943a7322014-03-18 12:58:24 +0200133 err = smp_e(tfm, irk, _res);
Johan Hedberg60478052014-02-18 10:19:31 +0200134 if (err) {
135 BT_ERR("Encrypt error");
136 return err;
137 }
138
139 /* The output of the random address function ah is:
140 * ah(h, r) = e(k, r') mod 2^24
141 * The output of the security function e is then truncated to 24 bits
142 * by taking the least significant 24 bits of the output of e as the
143 * result of ah.
144 */
Johan Hedberg943a7322014-03-18 12:58:24 +0200145 memcpy(res, _res, 3);
Johan Hedberg60478052014-02-18 10:19:31 +0200146
147 return 0;
148}
149
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300150bool smp_irk_matches(struct hci_dev *hdev, u8 irk[16], bdaddr_t *bdaddr)
Johan Hedberg60478052014-02-18 10:19:31 +0200151{
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300152 struct l2cap_chan *chan = hdev->smp_data;
153 struct crypto_blkcipher *tfm;
Johan Hedberg60478052014-02-18 10:19:31 +0200154 u8 hash[3];
155 int err;
156
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300157 if (!chan || !chan->data)
158 return false;
159
160 tfm = chan->data;
161
Johan Hedberg60478052014-02-18 10:19:31 +0200162 BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk);
163
164 err = smp_ah(tfm, irk, &bdaddr->b[3], hash);
165 if (err)
166 return false;
167
168 return !memcmp(bdaddr->b, hash, 3);
169}
170
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300171int smp_generate_rpa(struct hci_dev *hdev, u8 irk[16], bdaddr_t *rpa)
Johan Hedbergb1e2b3a2014-02-23 19:42:19 +0200172{
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300173 struct l2cap_chan *chan = hdev->smp_data;
174 struct crypto_blkcipher *tfm;
Johan Hedbergb1e2b3a2014-02-23 19:42:19 +0200175 int err;
176
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300177 if (!chan || !chan->data)
178 return -EOPNOTSUPP;
179
180 tfm = chan->data;
181
Johan Hedbergb1e2b3a2014-02-23 19:42:19 +0200182 get_random_bytes(&rpa->b[3], 3);
183
184 rpa->b[5] &= 0x3f; /* Clear two most significant bits */
185 rpa->b[5] |= 0x40; /* Set second most significant bit */
186
187 err = smp_ah(tfm, irk, &rpa->b[3], rpa->b);
188 if (err < 0)
189 return err;
190
191 BT_DBG("RPA %pMR", rpa);
192
193 return 0;
194}
195
Johan Hedberge491eaf2014-10-25 21:15:37 +0200196static int smp_c1(struct crypto_blkcipher *tfm_aes, u8 k[16], u8 r[16],
197 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia, u8 _rat,
198 bdaddr_t *ra, u8 res[16])
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300199{
200 u8 p1[16], p2[16];
201 int err;
202
203 memset(p1, 0, 16);
204
205 /* p1 = pres || preq || _rat || _iat */
Johan Hedberg943a7322014-03-18 12:58:24 +0200206 p1[0] = _iat;
207 p1[1] = _rat;
208 memcpy(p1 + 2, preq, 7);
209 memcpy(p1 + 9, pres, 7);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300210
211 /* p2 = padding || ia || ra */
Johan Hedberg943a7322014-03-18 12:58:24 +0200212 memcpy(p2, ra, 6);
213 memcpy(p2 + 6, ia, 6);
214 memset(p2 + 12, 0, 4);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300215
216 /* res = r XOR p1 */
217 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
218
219 /* res = e(k, res) */
Johan Hedberge491eaf2014-10-25 21:15:37 +0200220 err = smp_e(tfm_aes, k, res);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300221 if (err) {
222 BT_ERR("Encrypt data error");
223 return err;
224 }
225
226 /* res = res XOR p2 */
227 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
228
229 /* res = e(k, res) */
Johan Hedberge491eaf2014-10-25 21:15:37 +0200230 err = smp_e(tfm_aes, k, res);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300231 if (err)
232 BT_ERR("Encrypt data error");
233
234 return err;
235}
236
Johan Hedberge491eaf2014-10-25 21:15:37 +0200237static int smp_s1(struct crypto_blkcipher *tfm_aes, u8 k[16], u8 r1[16],
238 u8 r2[16], u8 _r[16])
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300239{
240 int err;
241
242 /* Just least significant octets from r1 and r2 are considered */
Johan Hedberg943a7322014-03-18 12:58:24 +0200243 memcpy(_r, r2, 8);
244 memcpy(_r + 8, r1, 8);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300245
Johan Hedberge491eaf2014-10-25 21:15:37 +0200246 err = smp_e(tfm_aes, k, _r);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300247 if (err)
248 BT_ERR("Encrypt data error");
249
250 return err;
251}
252
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300253static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
254{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300255 struct l2cap_chan *chan = conn->smp;
Johan Hedbergb68fda62014-08-11 22:06:40 +0300256 struct smp_chan *smp;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300257 struct kvec iv[2];
258 struct msghdr msg;
259
260 if (!chan)
261 return;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300262
263 BT_DBG("code 0x%2.2x", code);
264
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300265 iv[0].iov_base = &code;
266 iv[0].iov_len = 1;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300267
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300268 iv[1].iov_base = data;
269 iv[1].iov_len = len;
270
271 memset(&msg, 0, sizeof(msg));
272
273 msg.msg_iov = (struct iovec *) &iv;
274 msg.msg_iovlen = 2;
275
276 l2cap_chan_send(chan, &msg, 1 + len);
Vinicius Costa Gomese2dcd112011-08-19 21:06:50 -0300277
Johan Hedbergb68fda62014-08-11 22:06:40 +0300278 if (!chan->data)
279 return;
280
281 smp = chan->data;
282
283 cancel_delayed_work_sync(&smp->security_timer);
Johan Hedberg1b0921d2014-09-05 22:19:48 +0300284 schedule_delayed_work(&smp->security_timer, SMP_TIMEOUT);
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300285}
286
Johan Hedbergd2eb9e12014-05-16 10:59:06 +0300287static u8 authreq_to_seclevel(u8 authreq)
Brian Gix2b64d152011-12-21 16:12:12 -0800288{
Johan Hedbergd2eb9e12014-05-16 10:59:06 +0300289 if (authreq & SMP_AUTH_MITM) {
290 if (authreq & SMP_AUTH_SC)
291 return BT_SECURITY_FIPS;
292 else
293 return BT_SECURITY_HIGH;
294 } else {
Brian Gix2b64d152011-12-21 16:12:12 -0800295 return BT_SECURITY_MEDIUM;
Johan Hedbergd2eb9e12014-05-16 10:59:06 +0300296 }
Brian Gix2b64d152011-12-21 16:12:12 -0800297}
298
299static __u8 seclevel_to_authreq(__u8 sec_level)
300{
301 switch (sec_level) {
Johan Hedbergd2eb9e12014-05-16 10:59:06 +0300302 case BT_SECURITY_FIPS:
Brian Gix2b64d152011-12-21 16:12:12 -0800303 case BT_SECURITY_HIGH:
304 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
305 case BT_SECURITY_MEDIUM:
306 return SMP_AUTH_BONDING;
307 default:
308 return SMP_AUTH_NONE;
309 }
310}
311
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300312static void build_pairing_cmd(struct l2cap_conn *conn,
Marcel Holtmannf1560462013-10-13 05:43:25 -0700313 struct smp_cmd_pairing *req,
314 struct smp_cmd_pairing *rsp, __u8 authreq)
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300315{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300316 struct l2cap_chan *chan = conn->smp;
317 struct smp_chan *smp = chan->data;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200318 struct hci_conn *hcon = conn->hcon;
319 struct hci_dev *hdev = hcon->hdev;
320 u8 local_dist = 0, remote_dist = 0;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300321
Johan Hedbergb6ae8452014-07-30 09:22:22 +0300322 if (test_bit(HCI_BONDABLE, &conn->hcon->hdev->dev_flags)) {
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -0700323 local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
324 remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300325 authreq |= SMP_AUTH_BONDING;
Brian Gix2b64d152011-12-21 16:12:12 -0800326 } else {
327 authreq &= ~SMP_AUTH_BONDING;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300328 }
329
Johan Hedbergfd349c02014-02-18 10:19:36 +0200330 if (test_bit(HCI_RPA_RESOLVING, &hdev->dev_flags))
331 remote_dist |= SMP_DIST_ID_KEY;
332
Johan Hedberg863efaf2014-02-22 19:06:32 +0200333 if (test_bit(HCI_PRIVACY, &hdev->dev_flags))
334 local_dist |= SMP_DIST_ID_KEY;
335
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300336 if (rsp == NULL) {
337 req->io_capability = conn->hcon->io_capability;
338 req->oob_flag = SMP_OOB_NOT_PRESENT;
339 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200340 req->init_key_dist = local_dist;
341 req->resp_key_dist = remote_dist;
Johan Hedberg0edb14d2014-05-26 13:29:28 +0300342 req->auth_req = (authreq & AUTH_REQ_MASK(hdev));
Johan Hedbergfd349c02014-02-18 10:19:36 +0200343
344 smp->remote_key_dist = remote_dist;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300345 return;
346 }
347
348 rsp->io_capability = conn->hcon->io_capability;
349 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
350 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200351 rsp->init_key_dist = req->init_key_dist & remote_dist;
352 rsp->resp_key_dist = req->resp_key_dist & local_dist;
Johan Hedberg0edb14d2014-05-26 13:29:28 +0300353 rsp->auth_req = (authreq & AUTH_REQ_MASK(hdev));
Johan Hedbergfd349c02014-02-18 10:19:36 +0200354
355 smp->remote_key_dist = rsp->init_key_dist;
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300356}
357
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300358static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
359{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300360 struct l2cap_chan *chan = conn->smp;
361 struct smp_chan *smp = chan->data;
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300362
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300363 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
Marcel Holtmannf1560462013-10-13 05:43:25 -0700364 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300365 return SMP_ENC_KEY_SIZE;
366
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300367 smp->enc_key_size = max_key_size;
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300368
369 return 0;
370}
371
Johan Hedberg6f48e262014-08-11 22:06:44 +0300372static void smp_chan_destroy(struct l2cap_conn *conn)
373{
374 struct l2cap_chan *chan = conn->smp;
375 struct smp_chan *smp = chan->data;
376 bool complete;
377
378 BUG_ON(!smp);
379
380 cancel_delayed_work_sync(&smp->security_timer);
Johan Hedberg6f48e262014-08-11 22:06:44 +0300381
Johan Hedberg6f48e262014-08-11 22:06:44 +0300382 complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
383 mgmt_smp_complete(conn->hcon, complete);
384
385 kfree(smp->csrk);
386 kfree(smp->slave_csrk);
387
388 crypto_free_blkcipher(smp->tfm_aes);
389
390 /* If pairing failed clean up any keys we might have */
391 if (!complete) {
392 if (smp->ltk) {
Johan Hedberg970d0f12014-11-13 14:37:47 +0200393 list_del_rcu(&smp->ltk->list);
394 kfree_rcu(smp->ltk, rcu);
Johan Hedberg6f48e262014-08-11 22:06:44 +0300395 }
396
397 if (smp->slave_ltk) {
Johan Hedberg970d0f12014-11-13 14:37:47 +0200398 list_del_rcu(&smp->slave_ltk->list);
399 kfree_rcu(smp->slave_ltk, rcu);
Johan Hedberg6f48e262014-08-11 22:06:44 +0300400 }
401
402 if (smp->remote_irk) {
Johan Hedbergadae20c2014-11-13 14:37:48 +0200403 list_del_rcu(&smp->remote_irk->list);
404 kfree_rcu(smp->remote_irk, rcu);
Johan Hedberg6f48e262014-08-11 22:06:44 +0300405 }
406 }
407
408 chan->data = NULL;
409 kfree(smp);
410 hci_conn_drop(conn->hcon);
411}
412
Johan Hedberg84794e12013-11-06 11:24:57 +0200413static void smp_failure(struct l2cap_conn *conn, u8 reason)
Brian Gix4f957a72011-11-23 08:28:36 -0800414{
Johan Hedbergbab73cb2012-02-09 16:07:29 +0200415 struct hci_conn *hcon = conn->hcon;
Johan Hedbergb68fda62014-08-11 22:06:40 +0300416 struct l2cap_chan *chan = conn->smp;
Johan Hedbergbab73cb2012-02-09 16:07:29 +0200417
Johan Hedberg84794e12013-11-06 11:24:57 +0200418 if (reason)
Brian Gix4f957a72011-11-23 08:28:36 -0800419 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
Marcel Holtmannf1560462013-10-13 05:43:25 -0700420 &reason);
Brian Gix4f957a72011-11-23 08:28:36 -0800421
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700422 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
Johan Hedberge1e930f2014-09-08 17:09:49 -0700423 mgmt_auth_failed(hcon, HCI_ERROR_AUTH_FAILURE);
Vinicius Costa Gomesf1c09c02012-02-01 18:27:56 -0300424
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300425 if (chan->data)
Vinicius Costa Gomesf1c09c02012-02-01 18:27:56 -0300426 smp_chan_destroy(conn);
Brian Gix4f957a72011-11-23 08:28:36 -0800427}
428
Brian Gix2b64d152011-12-21 16:12:12 -0800429#define JUST_WORKS 0x00
430#define JUST_CFM 0x01
431#define REQ_PASSKEY 0x02
432#define CFM_PASSKEY 0x03
433#define REQ_OOB 0x04
434#define OVERLAP 0xFF
435
436static const u8 gen_method[5][5] = {
437 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
438 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
439 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
440 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
441 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
442};
443
Johan Hedberg581370c2014-06-17 13:07:38 +0300444static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
445{
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300446 /* If either side has unknown io_caps, use JUST_CFM (which gets
447 * converted later to JUST_WORKS if we're initiators.
448 */
Johan Hedberg581370c2014-06-17 13:07:38 +0300449 if (local_io > SMP_IO_KEYBOARD_DISPLAY ||
450 remote_io > SMP_IO_KEYBOARD_DISPLAY)
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300451 return JUST_CFM;
Johan Hedberg581370c2014-06-17 13:07:38 +0300452
453 return gen_method[remote_io][local_io];
454}
455
Brian Gix2b64d152011-12-21 16:12:12 -0800456static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
457 u8 local_io, u8 remote_io)
458{
459 struct hci_conn *hcon = conn->hcon;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300460 struct l2cap_chan *chan = conn->smp;
461 struct smp_chan *smp = chan->data;
Brian Gix2b64d152011-12-21 16:12:12 -0800462 u8 method;
463 u32 passkey = 0;
464 int ret = 0;
465
466 /* Initialize key for JUST WORKS */
467 memset(smp->tk, 0, sizeof(smp->tk));
Johan Hedberg4a74d652014-05-20 09:45:50 +0300468 clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800469
470 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
471
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300472 /* If neither side wants MITM, either "just" confirm an incoming
473 * request or use just-works for outgoing ones. The JUST_CFM
474 * will be converted to JUST_WORKS if necessary later in this
475 * function. If either side has MITM look up the method from the
476 * table.
477 */
Johan Hedberg581370c2014-06-17 13:07:38 +0300478 if (!(auth & SMP_AUTH_MITM))
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300479 method = JUST_CFM;
Brian Gix2b64d152011-12-21 16:12:12 -0800480 else
Johan Hedberg581370c2014-06-17 13:07:38 +0300481 method = get_auth_method(smp, local_io, remote_io);
Brian Gix2b64d152011-12-21 16:12:12 -0800482
Johan Hedberga82505c2014-03-24 14:39:07 +0200483 /* Don't confirm locally initiated pairing attempts */
Johan Hedberg4a74d652014-05-20 09:45:50 +0300484 if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags))
Johan Hedberga82505c2014-03-24 14:39:07 +0200485 method = JUST_WORKS;
486
Johan Hedberg02f3e252014-07-16 15:09:13 +0300487 /* Don't bother user space with no IO capabilities */
488 if (method == JUST_CFM && hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
489 method = JUST_WORKS;
490
Brian Gix2b64d152011-12-21 16:12:12 -0800491 /* If Just Works, Continue with Zero TK */
492 if (method == JUST_WORKS) {
Johan Hedberg4a74d652014-05-20 09:45:50 +0300493 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800494 return 0;
495 }
496
497 /* Not Just Works/Confirm results in MITM Authentication */
Johan Hedberg5eb596f2014-09-18 11:26:32 +0300498 if (method != JUST_CFM) {
Johan Hedberg4a74d652014-05-20 09:45:50 +0300499 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
Johan Hedberg5eb596f2014-09-18 11:26:32 +0300500 if (hcon->pending_sec_level < BT_SECURITY_HIGH)
501 hcon->pending_sec_level = BT_SECURITY_HIGH;
502 }
Brian Gix2b64d152011-12-21 16:12:12 -0800503
504 /* If both devices have Keyoard-Display I/O, the master
505 * Confirms and the slave Enters the passkey.
506 */
507 if (method == OVERLAP) {
Johan Hedberg40bef302014-07-16 11:42:27 +0300508 if (hcon->role == HCI_ROLE_MASTER)
Brian Gix2b64d152011-12-21 16:12:12 -0800509 method = CFM_PASSKEY;
510 else
511 method = REQ_PASSKEY;
512 }
513
Johan Hedberg01ad34d2014-03-19 14:14:53 +0200514 /* Generate random passkey. */
Brian Gix2b64d152011-12-21 16:12:12 -0800515 if (method == CFM_PASSKEY) {
Johan Hedberg943a7322014-03-18 12:58:24 +0200516 memset(smp->tk, 0, sizeof(smp->tk));
Brian Gix2b64d152011-12-21 16:12:12 -0800517 get_random_bytes(&passkey, sizeof(passkey));
518 passkey %= 1000000;
Johan Hedberg943a7322014-03-18 12:58:24 +0200519 put_unaligned_le32(passkey, smp->tk);
Brian Gix2b64d152011-12-21 16:12:12 -0800520 BT_DBG("PassKey: %d", passkey);
Johan Hedberg4a74d652014-05-20 09:45:50 +0300521 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800522 }
523
Brian Gix2b64d152011-12-21 16:12:12 -0800524 if (method == REQ_PASSKEY)
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700525 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
Johan Hedberg272d90d2012-02-09 15:26:12 +0200526 hcon->type, hcon->dst_type);
Johan Hedberg4eb65e62014-03-24 14:39:05 +0200527 else if (method == JUST_CFM)
528 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
529 hcon->type, hcon->dst_type,
530 passkey, 1);
Brian Gix2b64d152011-12-21 16:12:12 -0800531 else
Johan Hedberg01ad34d2014-03-19 14:14:53 +0200532 ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst,
Johan Hedberg272d90d2012-02-09 15:26:12 +0200533 hcon->type, hcon->dst_type,
Johan Hedberg39adbff2014-03-20 08:18:14 +0200534 passkey, 0);
Brian Gix2b64d152011-12-21 16:12:12 -0800535
Brian Gix2b64d152011-12-21 16:12:12 -0800536 return ret;
537}
538
Johan Hedberg1cc61142014-05-20 09:45:52 +0300539static u8 smp_confirm(struct smp_chan *smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300540{
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300541 struct l2cap_conn *conn = smp->conn;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300542 struct smp_cmd_pairing_confirm cp;
543 int ret;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300544
545 BT_DBG("conn %p", conn);
546
Johan Hedberge491eaf2014-10-25 21:15:37 +0200547 ret = smp_c1(smp->tfm_aes, smp->tk, smp->prnd, smp->preq, smp->prsp,
Johan Hedbergb1cd5fd2014-02-28 12:54:17 +0200548 conn->hcon->init_addr_type, &conn->hcon->init_addr,
Johan Hedberg943a7322014-03-18 12:58:24 +0200549 conn->hcon->resp_addr_type, &conn->hcon->resp_addr,
550 cp.confirm_val);
Johan Hedberg1cc61142014-05-20 09:45:52 +0300551 if (ret)
552 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300553
Johan Hedberg4a74d652014-05-20 09:45:50 +0300554 clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800555
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300556 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
557
Johan Hedbergb28b4942014-09-05 22:19:55 +0300558 if (conn->hcon->out)
559 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
560 else
561 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
562
Johan Hedberg1cc61142014-05-20 09:45:52 +0300563 return 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300564}
565
Johan Hedberg861580a2014-05-20 09:45:51 +0300566static u8 smp_random(struct smp_chan *smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300567{
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300568 struct l2cap_conn *conn = smp->conn;
569 struct hci_conn *hcon = conn->hcon;
Johan Hedberg861580a2014-05-20 09:45:51 +0300570 u8 confirm[16];
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300571 int ret;
572
Johan Hedbergec70f362014-06-27 14:23:04 +0300573 if (IS_ERR_OR_NULL(smp->tfm_aes))
Johan Hedberg861580a2014-05-20 09:45:51 +0300574 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300575
576 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
577
Johan Hedberge491eaf2014-10-25 21:15:37 +0200578 ret = smp_c1(smp->tfm_aes, smp->tk, smp->rrnd, smp->preq, smp->prsp,
Johan Hedbergb1cd5fd2014-02-28 12:54:17 +0200579 hcon->init_addr_type, &hcon->init_addr,
Johan Hedberg943a7322014-03-18 12:58:24 +0200580 hcon->resp_addr_type, &hcon->resp_addr, confirm);
Johan Hedberg861580a2014-05-20 09:45:51 +0300581 if (ret)
582 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300583
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300584 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
585 BT_ERR("Pairing failed (confirmation values mismatch)");
Johan Hedberg861580a2014-05-20 09:45:51 +0300586 return SMP_CONFIRM_FAILED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300587 }
588
589 if (hcon->out) {
Marcel Holtmannfe39c7b2014-02-27 16:00:28 -0800590 u8 stk[16];
591 __le64 rand = 0;
592 __le16 ediv = 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300593
Johan Hedberge491eaf2014-10-25 21:15:37 +0200594 smp_s1(smp->tfm_aes, smp->tk, smp->rrnd, smp->prnd, stk);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300595
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300596 memset(stk + smp->enc_key_size, 0,
Gustavo F. Padovan04124682012-03-08 01:25:00 -0300597 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300598
Johan Hedberg861580a2014-05-20 09:45:51 +0300599 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
600 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300601
602 hci_le_start_enc(hcon, ediv, rand, stk);
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300603 hcon->enc_key_size = smp->enc_key_size;
Johan Hedbergfe59a052014-07-01 19:14:12 +0300604 set_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300605 } else {
Johan Hedbergfff34902014-06-10 15:19:50 +0300606 u8 stk[16], auth;
Marcel Holtmannfe39c7b2014-02-27 16:00:28 -0800607 __le64 rand = 0;
608 __le16 ediv = 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300609
Johan Hedberg943a7322014-03-18 12:58:24 +0200610 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
611 smp->prnd);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300612
Johan Hedberge491eaf2014-10-25 21:15:37 +0200613 smp_s1(smp->tfm_aes, smp->tk, smp->prnd, smp->rrnd, stk);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300614
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300615 memset(stk + smp->enc_key_size, 0,
Marcel Holtmannf1560462013-10-13 05:43:25 -0700616 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300617
Johan Hedbergfff34902014-06-10 15:19:50 +0300618 if (hcon->pending_sec_level == BT_SECURITY_HIGH)
619 auth = 1;
620 else
621 auth = 0;
622
Johan Hedberg7d5843b2014-06-16 19:25:15 +0300623 /* Even though there's no _SLAVE suffix this is the
624 * slave STK we're adding for later lookup (the master
625 * STK never needs to be stored).
626 */
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700627 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
Johan Hedberg2ceba532014-06-16 19:25:16 +0300628 SMP_STK, auth, stk, smp->enc_key_size, ediv, rand);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300629 }
630
Johan Hedberg861580a2014-05-20 09:45:51 +0300631 return 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300632}
633
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300634static void smp_notify_keys(struct l2cap_conn *conn)
635{
636 struct l2cap_chan *chan = conn->smp;
637 struct smp_chan *smp = chan->data;
638 struct hci_conn *hcon = conn->hcon;
639 struct hci_dev *hdev = hcon->hdev;
640 struct smp_cmd_pairing *req = (void *) &smp->preq[1];
641 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
642 bool persistent;
643
644 if (smp->remote_irk) {
645 mgmt_new_irk(hdev, smp->remote_irk);
646 /* Now that user space can be considered to know the
647 * identity address track the connection based on it
648 * from now on.
649 */
650 bacpy(&hcon->dst, &smp->remote_irk->bdaddr);
651 hcon->dst_type = smp->remote_irk->addr_type;
Johan Hedbergf3d82d02014-09-05 22:19:50 +0300652 queue_work(hdev->workqueue, &conn->id_addr_update_work);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300653
654 /* When receiving an indentity resolving key for
655 * a remote device that does not use a resolvable
656 * private address, just remove the key so that
657 * it is possible to use the controller white
658 * list for scanning.
659 *
660 * Userspace will have been told to not store
661 * this key at this point. So it is safe to
662 * just remove it.
663 */
664 if (!bacmp(&smp->remote_irk->rpa, BDADDR_ANY)) {
Johan Hedbergadae20c2014-11-13 14:37:48 +0200665 list_del_rcu(&smp->remote_irk->list);
666 kfree_rcu(smp->remote_irk, rcu);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300667 smp->remote_irk = NULL;
668 }
669 }
670
671 /* The LTKs and CSRKs should be persistent only if both sides
672 * had the bonding bit set in their authentication requests.
673 */
674 persistent = !!((req->auth_req & rsp->auth_req) & SMP_AUTH_BONDING);
675
676 if (smp->csrk) {
677 smp->csrk->bdaddr_type = hcon->dst_type;
678 bacpy(&smp->csrk->bdaddr, &hcon->dst);
679 mgmt_new_csrk(hdev, smp->csrk, persistent);
680 }
681
682 if (smp->slave_csrk) {
683 smp->slave_csrk->bdaddr_type = hcon->dst_type;
684 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst);
685 mgmt_new_csrk(hdev, smp->slave_csrk, persistent);
686 }
687
688 if (smp->ltk) {
689 smp->ltk->bdaddr_type = hcon->dst_type;
690 bacpy(&smp->ltk->bdaddr, &hcon->dst);
691 mgmt_new_ltk(hdev, smp->ltk, persistent);
692 }
693
694 if (smp->slave_ltk) {
695 smp->slave_ltk->bdaddr_type = hcon->dst_type;
696 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
697 mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
698 }
699}
700
Johan Hedbergb28b4942014-09-05 22:19:55 +0300701static void smp_allow_key_dist(struct smp_chan *smp)
702{
703 /* Allow the first expected phase 3 PDU. The rest of the PDUs
704 * will be allowed in each PDU handler to ensure we receive
705 * them in the correct order.
706 */
707 if (smp->remote_key_dist & SMP_DIST_ENC_KEY)
708 SMP_ALLOW_CMD(smp, SMP_CMD_ENCRYPT_INFO);
709 else if (smp->remote_key_dist & SMP_DIST_ID_KEY)
710 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
711 else if (smp->remote_key_dist & SMP_DIST_SIGN)
712 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
713}
714
Johan Hedbergd6268e82014-09-05 22:19:51 +0300715static void smp_distribute_keys(struct smp_chan *smp)
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300716{
717 struct smp_cmd_pairing *req, *rsp;
Johan Hedberg86d14072014-08-11 22:06:43 +0300718 struct l2cap_conn *conn = smp->conn;
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300719 struct hci_conn *hcon = conn->hcon;
720 struct hci_dev *hdev = hcon->hdev;
721 __u8 *keydist;
722
723 BT_DBG("conn %p", conn);
724
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300725 rsp = (void *) &smp->prsp[1];
726
727 /* The responder sends its keys first */
Johan Hedbergb28b4942014-09-05 22:19:55 +0300728 if (hcon->out && (smp->remote_key_dist & KEY_DIST_MASK)) {
729 smp_allow_key_dist(smp);
Johan Hedberg86d14072014-08-11 22:06:43 +0300730 return;
Johan Hedbergb28b4942014-09-05 22:19:55 +0300731 }
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300732
733 req = (void *) &smp->preq[1];
734
735 if (hcon->out) {
736 keydist = &rsp->init_key_dist;
737 *keydist &= req->init_key_dist;
738 } else {
739 keydist = &rsp->resp_key_dist;
740 *keydist &= req->resp_key_dist;
741 }
742
743 BT_DBG("keydist 0x%x", *keydist);
744
745 if (*keydist & SMP_DIST_ENC_KEY) {
746 struct smp_cmd_encrypt_info enc;
747 struct smp_cmd_master_ident ident;
748 struct smp_ltk *ltk;
749 u8 authenticated;
750 __le16 ediv;
751 __le64 rand;
752
753 get_random_bytes(enc.ltk, sizeof(enc.ltk));
754 get_random_bytes(&ediv, sizeof(ediv));
755 get_random_bytes(&rand, sizeof(rand));
756
757 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
758
759 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
760 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type,
761 SMP_LTK_SLAVE, authenticated, enc.ltk,
762 smp->enc_key_size, ediv, rand);
763 smp->slave_ltk = ltk;
764
765 ident.ediv = ediv;
766 ident.rand = rand;
767
768 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
769
770 *keydist &= ~SMP_DIST_ENC_KEY;
771 }
772
773 if (*keydist & SMP_DIST_ID_KEY) {
774 struct smp_cmd_ident_addr_info addrinfo;
775 struct smp_cmd_ident_info idinfo;
776
777 memcpy(idinfo.irk, hdev->irk, sizeof(idinfo.irk));
778
779 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
780
781 /* The hci_conn contains the local identity address
782 * after the connection has been established.
783 *
784 * This is true even when the connection has been
785 * established using a resolvable random address.
786 */
787 bacpy(&addrinfo.bdaddr, &hcon->src);
788 addrinfo.addr_type = hcon->src_type;
789
790 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
791 &addrinfo);
792
793 *keydist &= ~SMP_DIST_ID_KEY;
794 }
795
796 if (*keydist & SMP_DIST_SIGN) {
797 struct smp_cmd_sign_info sign;
798 struct smp_csrk *csrk;
799
800 /* Generate a new random key */
801 get_random_bytes(sign.csrk, sizeof(sign.csrk));
802
803 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
804 if (csrk) {
805 csrk->master = 0x00;
806 memcpy(csrk->val, sign.csrk, sizeof(csrk->val));
807 }
808 smp->slave_csrk = csrk;
809
810 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
811
812 *keydist &= ~SMP_DIST_SIGN;
813 }
814
815 /* If there are still keys to be received wait for them */
Johan Hedbergb28b4942014-09-05 22:19:55 +0300816 if (smp->remote_key_dist & KEY_DIST_MASK) {
817 smp_allow_key_dist(smp);
Johan Hedberg86d14072014-08-11 22:06:43 +0300818 return;
Johan Hedbergb28b4942014-09-05 22:19:55 +0300819 }
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300820
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300821 set_bit(SMP_FLAG_COMPLETE, &smp->flags);
822 smp_notify_keys(conn);
823
824 smp_chan_destroy(conn);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300825}
826
Johan Hedbergb68fda62014-08-11 22:06:40 +0300827static void smp_timeout(struct work_struct *work)
828{
829 struct smp_chan *smp = container_of(work, struct smp_chan,
830 security_timer.work);
831 struct l2cap_conn *conn = smp->conn;
832
833 BT_DBG("conn %p", conn);
834
Johan Hedberg1e91c292014-08-18 20:33:29 +0300835 hci_disconnect(conn->hcon, HCI_ERROR_REMOTE_USER_TERM);
Johan Hedbergb68fda62014-08-11 22:06:40 +0300836}
837
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300838static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
839{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300840 struct l2cap_chan *chan = conn->smp;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300841 struct smp_chan *smp;
842
Marcel Holtmannf1560462013-10-13 05:43:25 -0700843 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300844 if (!smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300845 return NULL;
846
Johan Hedberg6a7bd102014-06-27 14:23:03 +0300847 smp->tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
848 if (IS_ERR(smp->tfm_aes)) {
849 BT_ERR("Unable to create ECB crypto context");
850 kfree(smp);
851 return NULL;
852 }
853
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300854 smp->conn = conn;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300855 chan->data = smp;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300856
Johan Hedbergb28b4942014-09-05 22:19:55 +0300857 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_FAIL);
858
Johan Hedbergb68fda62014-08-11 22:06:40 +0300859 INIT_DELAYED_WORK(&smp->security_timer, smp_timeout);
860
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300861 hci_conn_hold(conn->hcon);
862
863 return smp;
864}
865
Brian Gix2b64d152011-12-21 16:12:12 -0800866int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
867{
Johan Hedbergb10e8012014-06-27 14:23:07 +0300868 struct l2cap_conn *conn = hcon->l2cap_data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300869 struct l2cap_chan *chan;
Brian Gix2b64d152011-12-21 16:12:12 -0800870 struct smp_chan *smp;
871 u32 value;
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300872 int err;
Brian Gix2b64d152011-12-21 16:12:12 -0800873
874 BT_DBG("");
875
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300876 if (!conn)
Brian Gix2b64d152011-12-21 16:12:12 -0800877 return -ENOTCONN;
878
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300879 chan = conn->smp;
880 if (!chan)
881 return -ENOTCONN;
882
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300883 l2cap_chan_lock(chan);
884 if (!chan->data) {
885 err = -ENOTCONN;
886 goto unlock;
887 }
888
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300889 smp = chan->data;
Brian Gix2b64d152011-12-21 16:12:12 -0800890
891 switch (mgmt_op) {
892 case MGMT_OP_USER_PASSKEY_REPLY:
893 value = le32_to_cpu(passkey);
Johan Hedberg943a7322014-03-18 12:58:24 +0200894 memset(smp->tk, 0, sizeof(smp->tk));
Brian Gix2b64d152011-12-21 16:12:12 -0800895 BT_DBG("PassKey: %d", value);
Johan Hedberg943a7322014-03-18 12:58:24 +0200896 put_unaligned_le32(value, smp->tk);
Brian Gix2b64d152011-12-21 16:12:12 -0800897 /* Fall Through */
898 case MGMT_OP_USER_CONFIRM_REPLY:
Johan Hedberg4a74d652014-05-20 09:45:50 +0300899 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800900 break;
901 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
902 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
Johan Hedberg84794e12013-11-06 11:24:57 +0200903 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300904 err = 0;
905 goto unlock;
Brian Gix2b64d152011-12-21 16:12:12 -0800906 default:
Johan Hedberg84794e12013-11-06 11:24:57 +0200907 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300908 err = -EOPNOTSUPP;
909 goto unlock;
Brian Gix2b64d152011-12-21 16:12:12 -0800910 }
911
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300912 err = 0;
913
Brian Gix2b64d152011-12-21 16:12:12 -0800914 /* If it is our turn to send Pairing Confirm, do so now */
Johan Hedberg1cc61142014-05-20 09:45:52 +0300915 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) {
916 u8 rsp = smp_confirm(smp);
917 if (rsp)
918 smp_failure(conn, rsp);
919 }
Brian Gix2b64d152011-12-21 16:12:12 -0800920
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300921unlock:
922 l2cap_chan_unlock(chan);
923 return err;
Brian Gix2b64d152011-12-21 16:12:12 -0800924}
925
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300926static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300927{
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300928 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300929 struct l2cap_chan *chan = conn->smp;
Johan Hedbergb3c64102014-07-10 11:02:07 +0300930 struct hci_dev *hdev = conn->hcon->hdev;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300931 struct smp_chan *smp;
Johan Hedbergc7262e72014-06-17 13:07:37 +0300932 u8 key_size, auth, sec_level;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300933 int ret;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300934
935 BT_DBG("conn %p", conn);
936
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200937 if (skb->len < sizeof(*req))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300938 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200939
Johan Hedberg40bef302014-07-16 11:42:27 +0300940 if (conn->hcon->role != HCI_ROLE_SLAVE)
Brian Gix2b64d152011-12-21 16:12:12 -0800941 return SMP_CMD_NOTSUPP;
942
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300943 if (!chan->data)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300944 smp = smp_chan_create(conn);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300945 else
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300946 smp = chan->data;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300947
Andrei Emeltchenkod08fd0e2012-07-19 17:03:43 +0300948 if (!smp)
949 return SMP_UNSPECIFIED;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -0300950
Johan Hedbergc05b9332014-09-10 17:37:42 -0700951 /* We didn't start the pairing, so match remote */
Johan Hedberg0edb14d2014-05-26 13:29:28 +0300952 auth = req->auth_req & AUTH_REQ_MASK(hdev);
Johan Hedbergc05b9332014-09-10 17:37:42 -0700953
Johan Hedbergb6ae8452014-07-30 09:22:22 +0300954 if (!test_bit(HCI_BONDABLE, &hdev->dev_flags) &&
Johan Hedbergc05b9332014-09-10 17:37:42 -0700955 (auth & SMP_AUTH_BONDING))
Johan Hedbergb3c64102014-07-10 11:02:07 +0300956 return SMP_PAIRING_NOTSUPP;
957
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300958 smp->preq[0] = SMP_CMD_PAIRING_REQ;
959 memcpy(&smp->preq[1], req, sizeof(*req));
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300960 skb_pull(skb, sizeof(*req));
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300961
Johan Hedberg5be5e272014-09-10 17:58:54 -0700962 if (conn->hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
Johan Hedberg1afc2a12014-09-10 17:37:44 -0700963 sec_level = BT_SECURITY_MEDIUM;
964 else
965 sec_level = authreq_to_seclevel(auth);
966
Johan Hedbergc7262e72014-06-17 13:07:37 +0300967 if (sec_level > conn->hcon->pending_sec_level)
968 conn->hcon->pending_sec_level = sec_level;
Ido Yarivfdde0a22012-03-05 20:09:38 +0200969
Stephen Hemminger49c922b2014-10-27 21:12:20 -0700970 /* If we need MITM check that it can be achieved */
Johan Hedberg2ed8f652014-06-17 13:07:39 +0300971 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
972 u8 method;
973
974 method = get_auth_method(smp, conn->hcon->io_capability,
975 req->io_capability);
976 if (method == JUST_WORKS || method == JUST_CFM)
977 return SMP_AUTH_REQUIREMENTS;
978 }
979
Brian Gix2b64d152011-12-21 16:12:12 -0800980 build_pairing_cmd(conn, req, &rsp, auth);
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300981
Johan Hedberg65668772014-05-16 11:03:34 +0300982 if (rsp.auth_req & SMP_AUTH_SC)
983 set_bit(SMP_FLAG_SC, &smp->flags);
984
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300985 key_size = min(req->max_key_size, rsp.max_key_size);
986 if (check_enc_key_size(conn, key_size))
987 return SMP_ENC_KEY_SIZE;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300988
Johan Hedberge84a6b12013-12-02 10:49:03 +0200989 get_random_bytes(smp->prnd, sizeof(smp->prnd));
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300990
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300991 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
992 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -0300993
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300994 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
Johan Hedbergb28b4942014-09-05 22:19:55 +0300995 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300996
Brian Gix2b64d152011-12-21 16:12:12 -0800997 /* Request setup of TK */
998 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
999 if (ret)
1000 return SMP_UNSPECIFIED;
1001
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001002 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001003}
1004
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001005static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001006{
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -03001007 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001008 struct l2cap_chan *chan = conn->smp;
1009 struct smp_chan *smp = chan->data;
Johan Hedberg0edb14d2014-05-26 13:29:28 +03001010 struct hci_dev *hdev = conn->hcon->hdev;
Johan Hedberg3a7dbfb2014-09-10 17:37:41 -07001011 u8 key_size, auth;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001012 int ret;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001013
1014 BT_DBG("conn %p", conn);
1015
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001016 if (skb->len < sizeof(*rsp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001017 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001018
Johan Hedberg40bef302014-07-16 11:42:27 +03001019 if (conn->hcon->role != HCI_ROLE_MASTER)
Brian Gix2b64d152011-12-21 16:12:12 -08001020 return SMP_CMD_NOTSUPP;
1021
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -03001022 skb_pull(skb, sizeof(*rsp));
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001023
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001024 req = (void *) &smp->preq[1];
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -03001025
1026 key_size = min(req->max_key_size, rsp->max_key_size);
1027 if (check_enc_key_size(conn, key_size))
1028 return SMP_ENC_KEY_SIZE;
1029
Johan Hedberg0edb14d2014-05-26 13:29:28 +03001030 auth = rsp->auth_req & AUTH_REQ_MASK(hdev);
Johan Hedbergc05b9332014-09-10 17:37:42 -07001031
Johan Hedberg65668772014-05-16 11:03:34 +03001032 if ((req->auth_req & SMP_AUTH_SC) && (auth & SMP_AUTH_SC))
1033 set_bit(SMP_FLAG_SC, &smp->flags);
Johan Hedbergd2eb9e12014-05-16 10:59:06 +03001034 else if (conn->hcon->pending_sec_level > BT_SECURITY_HIGH)
1035 conn->hcon->pending_sec_level = BT_SECURITY_HIGH;
Johan Hedberg65668772014-05-16 11:03:34 +03001036
Stephen Hemminger49c922b2014-10-27 21:12:20 -07001037 /* If we need MITM check that it can be achieved */
Johan Hedberg2ed8f652014-06-17 13:07:39 +03001038 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
1039 u8 method;
1040
1041 method = get_auth_method(smp, req->io_capability,
1042 rsp->io_capability);
1043 if (method == JUST_WORKS || method == JUST_CFM)
1044 return SMP_AUTH_REQUIREMENTS;
1045 }
1046
Johan Hedberge84a6b12013-12-02 10:49:03 +02001047 get_random_bytes(smp->prnd, sizeof(smp->prnd));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001048
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001049 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
1050 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001051
Johan Hedbergfdcc4be2014-03-14 10:53:50 +02001052 /* Update remote key distribution in case the remote cleared
1053 * some bits that we had enabled in our request.
1054 */
1055 smp->remote_key_dist &= rsp->resp_key_dist;
1056
Johan Hedbergc05b9332014-09-10 17:37:42 -07001057 auth |= req->auth_req;
Brian Gix2b64d152011-12-21 16:12:12 -08001058
Johan Hedberg476585e2012-06-06 18:54:15 +08001059 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
Brian Gix2b64d152011-12-21 16:12:12 -08001060 if (ret)
1061 return SMP_UNSPECIFIED;
1062
Johan Hedberg4a74d652014-05-20 09:45:50 +03001063 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -08001064
1065 /* Can't compose response until we have been confirmed */
Johan Hedberg4a74d652014-05-20 09:45:50 +03001066 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
Johan Hedberg1cc61142014-05-20 09:45:52 +03001067 return smp_confirm(smp);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001068
1069 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001070}
1071
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001072static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001073{
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001074 struct l2cap_chan *chan = conn->smp;
1075 struct smp_chan *smp = chan->data;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001076
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001077 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
1078
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001079 if (skb->len < sizeof(smp->pcnf))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001080 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001081
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001082 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
1083 skb_pull(skb, sizeof(smp->pcnf));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001084
Johan Hedbergb28b4942014-09-05 22:19:55 +03001085 if (conn->hcon->out) {
Johan Hedberg943a7322014-03-18 12:58:24 +02001086 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
1087 smp->prnd);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001088 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
1089 return 0;
1090 }
1091
1092 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
Johan Hedberg1cc61142014-05-20 09:45:52 +03001093 return smp_confirm(smp);
Johan Hedberg943a7322014-03-18 12:58:24 +02001094 else
Johan Hedberg4a74d652014-05-20 09:45:50 +03001095 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001096
1097 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001098}
1099
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001100static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001101{
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001102 struct l2cap_chan *chan = conn->smp;
1103 struct smp_chan *smp = chan->data;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001104
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001105 BT_DBG("conn %p", conn);
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001106
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001107 if (skb->len < sizeof(smp->rrnd))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001108 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001109
Johan Hedberg943a7322014-03-18 12:58:24 +02001110 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001111 skb_pull(skb, sizeof(smp->rrnd));
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001112
Johan Hedberg861580a2014-05-20 09:45:51 +03001113 return smp_random(smp);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001114}
1115
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001116static bool smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001117{
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001118 struct smp_ltk *key;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001119 struct hci_conn *hcon = conn->hcon;
1120
Johan Hedberg98a0b842014-01-30 19:40:00 -08001121 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
Johan Hedberge804d252014-07-16 11:42:28 +03001122 hcon->role);
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001123 if (!key)
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001124 return false;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001125
Johan Hedberga6f78332014-09-10 17:37:45 -07001126 if (smp_ltk_sec_level(key) < sec_level)
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001127 return false;
Johan Hedberg4dab7862012-06-07 14:58:37 +08001128
Johan Hedberg51a8efd2012-01-16 06:10:31 +02001129 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001130 return true;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001131
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001132 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
1133 hcon->enc_key_size = key->enc_size;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001134
Johan Hedbergfe59a052014-07-01 19:14:12 +03001135 /* We never store STKs for master role, so clear this flag */
1136 clear_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
1137
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001138 return true;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001139}
Marcel Holtmannf1560462013-10-13 05:43:25 -07001140
Johan Hedberg35dc6f82014-11-13 10:55:18 +02001141bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level,
1142 enum smp_key_pref key_pref)
Johan Hedberg854f4722014-07-01 18:40:20 +03001143{
1144 if (sec_level == BT_SECURITY_LOW)
1145 return true;
1146
Johan Hedberg35dc6f82014-11-13 10:55:18 +02001147 /* If we're encrypted with an STK but the caller prefers using
1148 * LTK claim insufficient security. This way we allow the
1149 * connection to be re-encrypted with an LTK, even if the LTK
1150 * provides the same level of security. Only exception is if we
1151 * don't have an LTK (e.g. because of key distribution bits).
Johan Hedberg9ab65d602014-07-01 19:14:13 +03001152 */
Johan Hedberg35dc6f82014-11-13 10:55:18 +02001153 if (key_pref == SMP_USE_LTK &&
1154 test_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags) &&
Johan Hedbergb2d5e252014-07-14 14:34:55 +03001155 hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
Johan Hedberge804d252014-07-16 11:42:28 +03001156 hcon->role))
Johan Hedberg9ab65d602014-07-01 19:14:13 +03001157 return false;
1158
Johan Hedberg854f4722014-07-01 18:40:20 +03001159 if (hcon->sec_level >= sec_level)
1160 return true;
1161
1162 return false;
1163}
1164
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001165static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001166{
1167 struct smp_cmd_security_req *rp = (void *) skb->data;
1168 struct smp_cmd_pairing cp;
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -03001169 struct hci_conn *hcon = conn->hcon;
Johan Hedberg0edb14d2014-05-26 13:29:28 +03001170 struct hci_dev *hdev = hcon->hdev;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001171 struct smp_chan *smp;
Johan Hedbergc05b9332014-09-10 17:37:42 -07001172 u8 sec_level, auth;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001173
1174 BT_DBG("conn %p", conn);
1175
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001176 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001177 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001178
Johan Hedberg40bef302014-07-16 11:42:27 +03001179 if (hcon->role != HCI_ROLE_MASTER)
Johan Hedberg86ca9ea2013-11-05 11:30:39 +02001180 return SMP_CMD_NOTSUPP;
1181
Johan Hedberg0edb14d2014-05-26 13:29:28 +03001182 auth = rp->auth_req & AUTH_REQ_MASK(hdev);
Johan Hedbergc05b9332014-09-10 17:37:42 -07001183
Johan Hedberg5be5e272014-09-10 17:58:54 -07001184 if (hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
Johan Hedberg1afc2a12014-09-10 17:37:44 -07001185 sec_level = BT_SECURITY_MEDIUM;
1186 else
1187 sec_level = authreq_to_seclevel(auth);
1188
Johan Hedberg35dc6f82014-11-13 10:55:18 +02001189 if (smp_sufficient_security(hcon, sec_level, SMP_USE_LTK))
Johan Hedberg854f4722014-07-01 18:40:20 +03001190 return 0;
1191
Johan Hedbergc7262e72014-06-17 13:07:37 +03001192 if (sec_level > hcon->pending_sec_level)
1193 hcon->pending_sec_level = sec_level;
Vinicius Costa Gomesfeb45eb2011-08-25 20:02:35 -03001194
Johan Hedberg4dab7862012-06-07 14:58:37 +08001195 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001196 return 0;
1197
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001198 smp = smp_chan_create(conn);
Johan Hedbergc29d2442014-06-16 19:25:14 +03001199 if (!smp)
1200 return SMP_UNSPECIFIED;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001201
Johan Hedbergb6ae8452014-07-30 09:22:22 +03001202 if (!test_bit(HCI_BONDABLE, &hcon->hdev->dev_flags) &&
Johan Hedbergc05b9332014-09-10 17:37:42 -07001203 (auth & SMP_AUTH_BONDING))
Johan Hedberg616d55b2014-07-29 14:18:48 +03001204 return SMP_PAIRING_NOTSUPP;
1205
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001206 skb_pull(skb, sizeof(*rp));
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001207
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001208 memset(&cp, 0, sizeof(cp));
Johan Hedbergc05b9332014-09-10 17:37:42 -07001209 build_pairing_cmd(conn, &cp, NULL, auth);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001210
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001211 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1212 memcpy(&smp->preq[1], &cp, sizeof(cp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -03001213
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001214 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001215 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -03001216
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001217 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001218}
1219
Vinicius Costa Gomescc110922012-08-23 21:32:43 -03001220int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001221{
Vinicius Costa Gomescc110922012-08-23 21:32:43 -03001222 struct l2cap_conn *conn = hcon->l2cap_data;
Johan Hedbergc68b7f12014-09-06 06:59:10 +03001223 struct l2cap_chan *chan;
Johan Hedberg0a66cf22014-03-24 14:39:03 +02001224 struct smp_chan *smp;
Brian Gix2b64d152011-12-21 16:12:12 -08001225 __u8 authreq;
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001226 int ret;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001227
Vinicius Costa Gomes3a0259b2011-06-09 18:50:43 -03001228 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
1229
Johan Hedberg0a66cf22014-03-24 14:39:03 +02001230 /* This may be NULL if there's an unexpected disconnection */
1231 if (!conn)
1232 return 1;
1233
Johan Hedbergc68b7f12014-09-06 06:59:10 +03001234 chan = conn->smp;
1235
Johan Hedberg757aee02013-04-24 13:05:32 +03001236 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
Andre Guedes2e65c9d2011-06-30 19:20:56 -03001237 return 1;
1238
Johan Hedberg35dc6f82014-11-13 10:55:18 +02001239 if (smp_sufficient_security(hcon, sec_level, SMP_USE_LTK))
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -03001240 return 1;
1241
Johan Hedbergc7262e72014-06-17 13:07:37 +03001242 if (sec_level > hcon->pending_sec_level)
1243 hcon->pending_sec_level = sec_level;
1244
Johan Hedberg40bef302014-07-16 11:42:27 +03001245 if (hcon->role == HCI_ROLE_MASTER)
Johan Hedbergc7262e72014-06-17 13:07:37 +03001246 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
1247 return 0;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001248
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001249 l2cap_chan_lock(chan);
1250
1251 /* If SMP is already in progress ignore this request */
1252 if (chan->data) {
1253 ret = 0;
1254 goto unlock;
1255 }
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001256
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001257 smp = smp_chan_create(conn);
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001258 if (!smp) {
1259 ret = 1;
1260 goto unlock;
1261 }
Brian Gix2b64d152011-12-21 16:12:12 -08001262
1263 authreq = seclevel_to_authreq(sec_level);
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001264
Johan Hedbergd2eb9e12014-05-16 10:59:06 +03001265 if (test_bit(HCI_SC_ENABLED, &hcon->hdev->dev_flags))
1266 authreq |= SMP_AUTH_SC;
1267
Johan Hedberg79897d22014-06-01 09:45:24 +03001268 /* Require MITM if IO Capability allows or the security level
1269 * requires it.
Johan Hedberg2e233642014-03-18 15:42:30 +02001270 */
Johan Hedberg79897d22014-06-01 09:45:24 +03001271 if (hcon->io_capability != HCI_IO_NO_INPUT_OUTPUT ||
Johan Hedbergc7262e72014-06-17 13:07:37 +03001272 hcon->pending_sec_level > BT_SECURITY_MEDIUM)
Johan Hedberg2e233642014-03-18 15:42:30 +02001273 authreq |= SMP_AUTH_MITM;
1274
Johan Hedberg40bef302014-07-16 11:42:27 +03001275 if (hcon->role == HCI_ROLE_MASTER) {
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001276 struct smp_cmd_pairing cp;
Anderson Brigliaf01ead32011-06-09 18:50:45 -03001277
Brian Gix2b64d152011-12-21 16:12:12 -08001278 build_pairing_cmd(conn, &cp, NULL, authreq);
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001279 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1280 memcpy(&smp->preq[1], &cp, sizeof(cp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -03001281
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001282 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001283 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001284 } else {
1285 struct smp_cmd_security_req cp;
Brian Gix2b64d152011-12-21 16:12:12 -08001286 cp.auth_req = authreq;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001287 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001288 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_REQ);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001289 }
1290
Johan Hedberg4a74d652014-05-20 09:45:50 +03001291 set_bit(SMP_FLAG_INITIATOR, &smp->flags);
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001292 ret = 0;
Johan Hedbergedca7922014-03-24 15:54:11 +02001293
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001294unlock:
1295 l2cap_chan_unlock(chan);
1296 return ret;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001297}
1298
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001299static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
1300{
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001301 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001302 struct l2cap_chan *chan = conn->smp;
1303 struct smp_chan *smp = chan->data;
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001304
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001305 BT_DBG("conn %p", conn);
1306
1307 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001308 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001309
Johan Hedbergb28b4942014-09-05 22:19:55 +03001310 SMP_ALLOW_CMD(smp, SMP_CMD_MASTER_IDENT);
Johan Hedberg6131ddc2014-02-18 10:19:37 +02001311
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001312 skb_pull(skb, sizeof(*rp));
1313
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001314 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001315
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001316 return 0;
1317}
1318
1319static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
1320{
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001321 struct smp_cmd_master_ident *rp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001322 struct l2cap_chan *chan = conn->smp;
1323 struct smp_chan *smp = chan->data;
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001324 struct hci_dev *hdev = conn->hcon->hdev;
1325 struct hci_conn *hcon = conn->hcon;
Johan Hedberg23d0e122014-02-19 14:57:46 +02001326 struct smp_ltk *ltk;
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001327 u8 authenticated;
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001328
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001329 BT_DBG("conn %p", conn);
1330
1331 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001332 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001333
Johan Hedberg9747a9f2014-02-26 23:33:43 +02001334 /* Mark the information as received */
1335 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
1336
Johan Hedbergb28b4942014-09-05 22:19:55 +03001337 if (smp->remote_key_dist & SMP_DIST_ID_KEY)
1338 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
Johan Hedberg196332f2014-09-09 16:21:46 -07001339 else if (smp->remote_key_dist & SMP_DIST_SIGN)
1340 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001341
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001342 skb_pull(skb, sizeof(*rp));
1343
Marcel Holtmannce39fb42013-10-13 02:23:39 -07001344 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
Johan Hedberg2ceba532014-06-16 19:25:16 +03001345 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, SMP_LTK,
Johan Hedberg23d0e122014-02-19 14:57:46 +02001346 authenticated, smp->tk, smp->enc_key_size,
1347 rp->ediv, rp->rand);
1348 smp->ltk = ltk;
Johan Hedbergc6e81e92014-09-05 22:19:54 +03001349 if (!(smp->remote_key_dist & KEY_DIST_MASK))
Johan Hedbergd6268e82014-09-05 22:19:51 +03001350 smp_distribute_keys(smp);
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001351
1352 return 0;
1353}
1354
Johan Hedbergfd349c02014-02-18 10:19:36 +02001355static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
1356{
1357 struct smp_cmd_ident_info *info = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001358 struct l2cap_chan *chan = conn->smp;
1359 struct smp_chan *smp = chan->data;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001360
1361 BT_DBG("");
1362
1363 if (skb->len < sizeof(*info))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001364 return SMP_INVALID_PARAMS;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001365
Johan Hedbergb28b4942014-09-05 22:19:55 +03001366 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_ADDR_INFO);
Johan Hedberg6131ddc2014-02-18 10:19:37 +02001367
Johan Hedbergfd349c02014-02-18 10:19:36 +02001368 skb_pull(skb, sizeof(*info));
1369
1370 memcpy(smp->irk, info->irk, 16);
1371
1372 return 0;
1373}
1374
1375static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
1376 struct sk_buff *skb)
1377{
1378 struct smp_cmd_ident_addr_info *info = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001379 struct l2cap_chan *chan = conn->smp;
1380 struct smp_chan *smp = chan->data;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001381 struct hci_conn *hcon = conn->hcon;
1382 bdaddr_t rpa;
1383
1384 BT_DBG("");
1385
1386 if (skb->len < sizeof(*info))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001387 return SMP_INVALID_PARAMS;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001388
Johan Hedberg9747a9f2014-02-26 23:33:43 +02001389 /* Mark the information as received */
1390 smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
1391
Johan Hedbergb28b4942014-09-05 22:19:55 +03001392 if (smp->remote_key_dist & SMP_DIST_SIGN)
1393 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
1394
Johan Hedbergfd349c02014-02-18 10:19:36 +02001395 skb_pull(skb, sizeof(*info));
1396
Johan Hedberga9a58f82014-02-25 22:24:37 +02001397 /* Strictly speaking the Core Specification (4.1) allows sending
1398 * an empty address which would force us to rely on just the IRK
1399 * as "identity information". However, since such
1400 * implementations are not known of and in order to not over
1401 * complicate our implementation, simply pretend that we never
1402 * received an IRK for such a device.
1403 */
1404 if (!bacmp(&info->bdaddr, BDADDR_ANY)) {
1405 BT_ERR("Ignoring IRK with no identity address");
Johan Hedberg31dd6242014-06-27 14:23:02 +03001406 goto distribute;
Johan Hedberga9a58f82014-02-25 22:24:37 +02001407 }
1408
Johan Hedbergfd349c02014-02-18 10:19:36 +02001409 bacpy(&smp->id_addr, &info->bdaddr);
1410 smp->id_addr_type = info->addr_type;
1411
1412 if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type))
1413 bacpy(&rpa, &hcon->dst);
1414 else
1415 bacpy(&rpa, BDADDR_ANY);
1416
Johan Hedberg23d0e122014-02-19 14:57:46 +02001417 smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
1418 smp->id_addr_type, smp->irk, &rpa);
Johan Hedbergfd349c02014-02-18 10:19:36 +02001419
Johan Hedberg31dd6242014-06-27 14:23:02 +03001420distribute:
Johan Hedbergc6e81e92014-09-05 22:19:54 +03001421 if (!(smp->remote_key_dist & KEY_DIST_MASK))
1422 smp_distribute_keys(smp);
Johan Hedbergfd349c02014-02-18 10:19:36 +02001423
1424 return 0;
1425}
1426
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001427static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb)
1428{
1429 struct smp_cmd_sign_info *rp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001430 struct l2cap_chan *chan = conn->smp;
1431 struct smp_chan *smp = chan->data;
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001432 struct smp_csrk *csrk;
1433
1434 BT_DBG("conn %p", conn);
1435
1436 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001437 return SMP_INVALID_PARAMS;
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001438
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001439 /* Mark the information as received */
1440 smp->remote_key_dist &= ~SMP_DIST_SIGN;
1441
1442 skb_pull(skb, sizeof(*rp));
1443
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001444 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1445 if (csrk) {
1446 csrk->master = 0x01;
1447 memcpy(csrk->val, rp->csrk, sizeof(csrk->val));
1448 }
1449 smp->csrk = csrk;
Johan Hedbergd6268e82014-09-05 22:19:51 +03001450 smp_distribute_keys(smp);
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001451
1452 return 0;
1453}
1454
Johan Hedberg4befb862014-08-11 22:06:38 +03001455static int smp_sig_channel(struct l2cap_chan *chan, struct sk_buff *skb)
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001456{
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001457 struct l2cap_conn *conn = chan->conn;
Marcel Holtmann7b9899d2013-10-03 00:00:57 -07001458 struct hci_conn *hcon = conn->hcon;
Johan Hedbergb28b4942014-09-05 22:19:55 +03001459 struct smp_chan *smp;
Marcel Holtmann92381f52013-10-03 01:23:08 -07001460 __u8 code, reason;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001461 int err = 0;
1462
Marcel Holtmann7b9899d2013-10-03 00:00:57 -07001463 if (hcon->type != LE_LINK) {
1464 kfree_skb(skb);
Johan Hedberg34327112013-10-16 11:37:01 +03001465 return 0;
Marcel Holtmann7b9899d2013-10-03 00:00:57 -07001466 }
1467
Johan Hedberg8ae9b982014-08-11 22:06:39 +03001468 if (skb->len < 1)
Marcel Holtmann92381f52013-10-03 01:23:08 -07001469 return -EILSEQ;
Marcel Holtmann92381f52013-10-03 01:23:08 -07001470
Marcel Holtmann06ae3312013-10-18 03:43:00 -07001471 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
Andre Guedes2e65c9d2011-06-30 19:20:56 -03001472 reason = SMP_PAIRING_NOTSUPP;
1473 goto done;
1474 }
1475
Marcel Holtmann92381f52013-10-03 01:23:08 -07001476 code = skb->data[0];
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001477 skb_pull(skb, sizeof(code));
1478
Johan Hedbergb28b4942014-09-05 22:19:55 +03001479 smp = chan->data;
1480
1481 if (code > SMP_CMD_MAX)
1482 goto drop;
1483
Johan Hedberg24bd0bd2014-09-10 17:37:43 -07001484 if (smp && !test_and_clear_bit(code, &smp->allow_cmd))
Johan Hedbergb28b4942014-09-05 22:19:55 +03001485 goto drop;
1486
1487 /* If we don't have a context the only allowed commands are
1488 * pairing request and security request.
Johan Hedberg8cf9fa12013-01-29 10:44:23 -06001489 */
Johan Hedbergb28b4942014-09-05 22:19:55 +03001490 if (!smp && code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ)
1491 goto drop;
Johan Hedberg8cf9fa12013-01-29 10:44:23 -06001492
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001493 switch (code) {
1494 case SMP_CMD_PAIRING_REQ:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001495 reason = smp_cmd_pairing_req(conn, skb);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001496 break;
1497
1498 case SMP_CMD_PAIRING_FAIL:
Johan Hedberg84794e12013-11-06 11:24:57 +02001499 smp_failure(conn, 0);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001500 err = -EPERM;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001501 break;
1502
1503 case SMP_CMD_PAIRING_RSP:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001504 reason = smp_cmd_pairing_rsp(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001505 break;
1506
1507 case SMP_CMD_SECURITY_REQ:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001508 reason = smp_cmd_security_req(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001509 break;
1510
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001511 case SMP_CMD_PAIRING_CONFIRM:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001512 reason = smp_cmd_pairing_confirm(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001513 break;
1514
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001515 case SMP_CMD_PAIRING_RANDOM:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001516 reason = smp_cmd_pairing_random(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001517 break;
1518
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001519 case SMP_CMD_ENCRYPT_INFO:
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001520 reason = smp_cmd_encrypt_info(conn, skb);
1521 break;
1522
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001523 case SMP_CMD_MASTER_IDENT:
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001524 reason = smp_cmd_master_ident(conn, skb);
1525 break;
1526
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001527 case SMP_CMD_IDENT_INFO:
Johan Hedbergfd349c02014-02-18 10:19:36 +02001528 reason = smp_cmd_ident_info(conn, skb);
1529 break;
1530
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001531 case SMP_CMD_IDENT_ADDR_INFO:
Johan Hedbergfd349c02014-02-18 10:19:36 +02001532 reason = smp_cmd_ident_addr_info(conn, skb);
1533 break;
1534
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001535 case SMP_CMD_SIGN_INFO:
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001536 reason = smp_cmd_sign_info(conn, skb);
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001537 break;
1538
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001539 default:
1540 BT_DBG("Unknown command code 0x%2.2x", code);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001541 reason = SMP_CMD_NOTSUPP;
Vinicius Costa Gomes3a0259b2011-06-09 18:50:43 -03001542 goto done;
1543 }
1544
1545done:
Johan Hedberg9b7b18e2014-08-18 20:33:31 +03001546 if (!err) {
1547 if (reason)
1548 smp_failure(conn, reason);
Johan Hedberg8ae9b982014-08-11 22:06:39 +03001549 kfree_skb(skb);
Johan Hedberg9b7b18e2014-08-18 20:33:31 +03001550 }
1551
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001552 return err;
Johan Hedbergb28b4942014-09-05 22:19:55 +03001553
1554drop:
1555 BT_ERR("%s unexpected SMP command 0x%02x from %pMR", hcon->hdev->name,
1556 code, &hcon->dst);
1557 kfree_skb(skb);
1558 return 0;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001559}
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001560
Johan Hedberg70db83c2014-08-08 09:37:16 +03001561static void smp_teardown_cb(struct l2cap_chan *chan, int err)
1562{
1563 struct l2cap_conn *conn = chan->conn;
1564
1565 BT_DBG("chan %p", chan);
1566
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001567 if (chan->data)
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001568 smp_chan_destroy(conn);
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001569
Johan Hedberg70db83c2014-08-08 09:37:16 +03001570 conn->smp = NULL;
1571 l2cap_chan_put(chan);
1572}
1573
Johan Hedberg44f1a7a2014-08-11 22:06:36 +03001574static void smp_resume_cb(struct l2cap_chan *chan)
1575{
Johan Hedbergb68fda62014-08-11 22:06:40 +03001576 struct smp_chan *smp = chan->data;
Johan Hedberg44f1a7a2014-08-11 22:06:36 +03001577 struct l2cap_conn *conn = chan->conn;
1578 struct hci_conn *hcon = conn->hcon;
1579
1580 BT_DBG("chan %p", chan);
1581
Johan Hedberg86d14072014-08-11 22:06:43 +03001582 if (!smp)
1583 return;
Johan Hedbergb68fda62014-08-11 22:06:40 +03001584
Johan Hedberg84bc0db2014-09-05 22:19:49 +03001585 if (!test_bit(HCI_CONN_ENCRYPT, &hcon->flags))
1586 return;
1587
Johan Hedberg86d14072014-08-11 22:06:43 +03001588 cancel_delayed_work(&smp->security_timer);
1589
Johan Hedbergd6268e82014-09-05 22:19:51 +03001590 smp_distribute_keys(smp);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +03001591}
1592
Johan Hedberg70db83c2014-08-08 09:37:16 +03001593static void smp_ready_cb(struct l2cap_chan *chan)
1594{
1595 struct l2cap_conn *conn = chan->conn;
1596
1597 BT_DBG("chan %p", chan);
1598
1599 conn->smp = chan;
1600 l2cap_chan_hold(chan);
1601}
1602
Johan Hedberg4befb862014-08-11 22:06:38 +03001603static int smp_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
1604{
1605 int err;
1606
1607 BT_DBG("chan %p", chan);
1608
1609 err = smp_sig_channel(chan, skb);
1610 if (err) {
Johan Hedbergb68fda62014-08-11 22:06:40 +03001611 struct smp_chan *smp = chan->data;
Johan Hedberg4befb862014-08-11 22:06:38 +03001612
Johan Hedbergb68fda62014-08-11 22:06:40 +03001613 if (smp)
1614 cancel_delayed_work_sync(&smp->security_timer);
Johan Hedberg4befb862014-08-11 22:06:38 +03001615
Johan Hedberg1e91c292014-08-18 20:33:29 +03001616 hci_disconnect(chan->conn->hcon, HCI_ERROR_AUTH_FAILURE);
Johan Hedberg4befb862014-08-11 22:06:38 +03001617 }
1618
1619 return err;
1620}
1621
Johan Hedberg70db83c2014-08-08 09:37:16 +03001622static struct sk_buff *smp_alloc_skb_cb(struct l2cap_chan *chan,
1623 unsigned long hdr_len,
1624 unsigned long len, int nb)
1625{
1626 struct sk_buff *skb;
1627
1628 skb = bt_skb_alloc(hdr_len + len, GFP_KERNEL);
1629 if (!skb)
1630 return ERR_PTR(-ENOMEM);
1631
1632 skb->priority = HCI_PRIO_MAX;
1633 bt_cb(skb)->chan = chan;
1634
1635 return skb;
1636}
1637
1638static const struct l2cap_ops smp_chan_ops = {
1639 .name = "Security Manager",
1640 .ready = smp_ready_cb,
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001641 .recv = smp_recv_cb,
Johan Hedberg70db83c2014-08-08 09:37:16 +03001642 .alloc_skb = smp_alloc_skb_cb,
1643 .teardown = smp_teardown_cb,
Johan Hedberg44f1a7a2014-08-11 22:06:36 +03001644 .resume = smp_resume_cb,
Johan Hedberg70db83c2014-08-08 09:37:16 +03001645
1646 .new_connection = l2cap_chan_no_new_connection,
Johan Hedberg70db83c2014-08-08 09:37:16 +03001647 .state_change = l2cap_chan_no_state_change,
1648 .close = l2cap_chan_no_close,
1649 .defer = l2cap_chan_no_defer,
1650 .suspend = l2cap_chan_no_suspend,
Johan Hedberg70db83c2014-08-08 09:37:16 +03001651 .set_shutdown = l2cap_chan_no_set_shutdown,
1652 .get_sndtimeo = l2cap_chan_no_get_sndtimeo,
1653 .memcpy_fromiovec = l2cap_chan_no_memcpy_fromiovec,
1654};
1655
1656static inline struct l2cap_chan *smp_new_conn_cb(struct l2cap_chan *pchan)
1657{
1658 struct l2cap_chan *chan;
1659
1660 BT_DBG("pchan %p", pchan);
1661
1662 chan = l2cap_chan_create();
1663 if (!chan)
1664 return NULL;
1665
1666 chan->chan_type = pchan->chan_type;
1667 chan->ops = &smp_chan_ops;
1668 chan->scid = pchan->scid;
1669 chan->dcid = chan->scid;
1670 chan->imtu = pchan->imtu;
1671 chan->omtu = pchan->omtu;
1672 chan->mode = pchan->mode;
1673
Johan Hedbergabe84902014-11-12 22:22:21 +02001674 /* Other L2CAP channels may request SMP routines in order to
1675 * change the security level. This means that the SMP channel
1676 * lock must be considered in its own category to avoid lockdep
1677 * warnings.
1678 */
1679 atomic_set(&chan->nesting, L2CAP_NESTING_SMP);
1680
Johan Hedberg70db83c2014-08-08 09:37:16 +03001681 BT_DBG("created chan %p", chan);
1682
1683 return chan;
1684}
1685
1686static const struct l2cap_ops smp_root_chan_ops = {
1687 .name = "Security Manager Root",
1688 .new_connection = smp_new_conn_cb,
1689
1690 /* None of these are implemented for the root channel */
1691 .close = l2cap_chan_no_close,
1692 .alloc_skb = l2cap_chan_no_alloc_skb,
1693 .recv = l2cap_chan_no_recv,
1694 .state_change = l2cap_chan_no_state_change,
1695 .teardown = l2cap_chan_no_teardown,
1696 .ready = l2cap_chan_no_ready,
1697 .defer = l2cap_chan_no_defer,
1698 .suspend = l2cap_chan_no_suspend,
1699 .resume = l2cap_chan_no_resume,
1700 .set_shutdown = l2cap_chan_no_set_shutdown,
1701 .get_sndtimeo = l2cap_chan_no_get_sndtimeo,
1702 .memcpy_fromiovec = l2cap_chan_no_memcpy_fromiovec,
1703};
1704
Johan Hedberg711eafe2014-08-08 09:32:52 +03001705int smp_register(struct hci_dev *hdev)
1706{
Johan Hedberg70db83c2014-08-08 09:37:16 +03001707 struct l2cap_chan *chan;
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001708 struct crypto_blkcipher *tfm_aes;
Johan Hedberg70db83c2014-08-08 09:37:16 +03001709
Johan Hedberg711eafe2014-08-08 09:32:52 +03001710 BT_DBG("%s", hdev->name);
1711
Johan Hedbergadae20c2014-11-13 14:37:48 +02001712 tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, 0);
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001713 if (IS_ERR(tfm_aes)) {
1714 int err = PTR_ERR(tfm_aes);
Johan Hedberg711eafe2014-08-08 09:32:52 +03001715 BT_ERR("Unable to create crypto context");
Johan Hedberg711eafe2014-08-08 09:32:52 +03001716 return err;
1717 }
1718
Johan Hedberg70db83c2014-08-08 09:37:16 +03001719 chan = l2cap_chan_create();
1720 if (!chan) {
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001721 crypto_free_blkcipher(tfm_aes);
Johan Hedberg70db83c2014-08-08 09:37:16 +03001722 return -ENOMEM;
1723 }
1724
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001725 chan->data = tfm_aes;
1726
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001727 l2cap_add_scid(chan, L2CAP_CID_SMP);
Johan Hedberg70db83c2014-08-08 09:37:16 +03001728
1729 l2cap_chan_set_defaults(chan);
1730
1731 bacpy(&chan->src, &hdev->bdaddr);
1732 chan->src_type = BDADDR_LE_PUBLIC;
1733 chan->state = BT_LISTEN;
1734 chan->mode = L2CAP_MODE_BASIC;
1735 chan->imtu = L2CAP_DEFAULT_MTU;
1736 chan->ops = &smp_root_chan_ops;
1737
Johan Hedbergabe84902014-11-12 22:22:21 +02001738 /* Set correct nesting level for a parent/listening channel */
1739 atomic_set(&chan->nesting, L2CAP_NESTING_PARENT);
1740
Johan Hedberg70db83c2014-08-08 09:37:16 +03001741 hdev->smp_data = chan;
1742
Johan Hedberg711eafe2014-08-08 09:32:52 +03001743 return 0;
1744}
1745
1746void smp_unregister(struct hci_dev *hdev)
1747{
Johan Hedberg70db83c2014-08-08 09:37:16 +03001748 struct l2cap_chan *chan = hdev->smp_data;
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001749 struct crypto_blkcipher *tfm_aes;
Johan Hedberg70db83c2014-08-08 09:37:16 +03001750
1751 if (!chan)
1752 return;
1753
1754 BT_DBG("%s chan %p", hdev->name, chan);
Johan Hedberg711eafe2014-08-08 09:32:52 +03001755
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001756 tfm_aes = chan->data;
1757 if (tfm_aes) {
1758 chan->data = NULL;
1759 crypto_free_blkcipher(tfm_aes);
Johan Hedberg711eafe2014-08-08 09:32:52 +03001760 }
Johan Hedberg70db83c2014-08-08 09:37:16 +03001761
1762 hdev->smp_data = NULL;
1763 l2cap_chan_put(chan);
Johan Hedberg711eafe2014-08-08 09:32:52 +03001764}