blob: 3b63c7f09dd5edc28ac774e34422e00cc01856ce [file] [log] [blame]
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
Gustavo Padovan8c520a52012-05-23 04:04:22 -030023#include <linux/crypto.h>
24#include <linux/scatterlist.h>
25#include <crypto/b128ops.h>
26
Anderson Brigliaeb492e02011-06-09 18:50:40 -030027#include <net/bluetooth/bluetooth.h>
28#include <net/bluetooth/hci_core.h>
29#include <net/bluetooth/l2cap.h>
Brian Gix2b64d152011-12-21 16:12:12 -080030#include <net/bluetooth/mgmt.h>
Marcel Holtmannac4b7232013-10-10 14:54:16 -070031
32#include "smp.h"
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030033
Johan Hedbergb28b4942014-09-05 22:19:55 +030034#define SMP_ALLOW_CMD(smp, code) set_bit(code, &smp->allow_cmd)
Johan Hedbergb28b4942014-09-05 22:19:55 +030035
Marcel Holtmann17b02e62012-03-01 14:32:37 -080036#define SMP_TIMEOUT msecs_to_jiffies(30000)
Vinicius Costa Gomes5d3de7d2011-06-14 13:37:41 -030037
Johan Hedberg065a13e2012-10-11 16:26:06 +020038#define AUTH_REQ_MASK 0x07
Johan Hedberg88d3a8a2014-09-05 22:19:53 +030039#define KEY_DIST_MASK 0x07
Johan Hedberg065a13e2012-10-11 16:26:06 +020040
Johan Hedberg533e35d2014-06-16 19:25:18 +030041enum {
42 SMP_FLAG_TK_VALID,
43 SMP_FLAG_CFM_PENDING,
44 SMP_FLAG_MITM_AUTH,
45 SMP_FLAG_COMPLETE,
46 SMP_FLAG_INITIATOR,
47};
Johan Hedberg4bc58f52014-05-20 09:45:47 +030048
49struct smp_chan {
Johan Hedbergb68fda62014-08-11 22:06:40 +030050 struct l2cap_conn *conn;
51 struct delayed_work security_timer;
Johan Hedbergb28b4942014-09-05 22:19:55 +030052 unsigned long allow_cmd; /* Bitmask of allowed commands */
Johan Hedbergb68fda62014-08-11 22:06:40 +030053
Johan Hedberg4bc58f52014-05-20 09:45:47 +030054 u8 preq[7]; /* SMP Pairing Request */
55 u8 prsp[7]; /* SMP Pairing Response */
56 u8 prnd[16]; /* SMP Pairing Random (local) */
57 u8 rrnd[16]; /* SMP Pairing Random (remote) */
58 u8 pcnf[16]; /* SMP Pairing Confirm */
59 u8 tk[16]; /* SMP Temporary Key */
60 u8 enc_key_size;
61 u8 remote_key_dist;
62 bdaddr_t id_addr;
63 u8 id_addr_type;
64 u8 irk[16];
65 struct smp_csrk *csrk;
66 struct smp_csrk *slave_csrk;
67 struct smp_ltk *ltk;
68 struct smp_ltk *slave_ltk;
69 struct smp_irk *remote_irk;
Johan Hedberg4a74d652014-05-20 09:45:50 +030070 unsigned long flags;
Johan Hedberg6a7bd102014-06-27 14:23:03 +030071
72 struct crypto_blkcipher *tfm_aes;
Johan Hedberg4bc58f52014-05-20 09:45:47 +030073};
74
Johan Hedberg8a2936f2014-06-16 19:25:19 +030075static inline void swap_buf(const u8 *src, u8 *dst, size_t len)
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030076{
Johan Hedberg8a2936f2014-06-16 19:25:19 +030077 size_t i;
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030078
Johan Hedberg8a2936f2014-06-16 19:25:19 +030079 for (i = 0; i < len; i++)
80 dst[len - 1 - i] = src[i];
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030081}
82
83static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
84{
85 struct blkcipher_desc desc;
86 struct scatterlist sg;
Johan Hedberg943a7322014-03-18 12:58:24 +020087 uint8_t tmp[16], data[16];
Johan Hedberg201a5922013-12-02 10:49:04 +020088 int err;
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030089
90 if (tfm == NULL) {
91 BT_ERR("tfm %p", tfm);
92 return -EINVAL;
93 }
94
95 desc.tfm = tfm;
96 desc.flags = 0;
97
Johan Hedberg943a7322014-03-18 12:58:24 +020098 /* The most significant octet of key corresponds to k[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +030099 swap_buf(k, tmp, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200100
101 err = crypto_blkcipher_setkey(tfm, tmp, 16);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300102 if (err) {
103 BT_ERR("cipher setkey failed: %d", err);
104 return err;
105 }
106
Johan Hedberg943a7322014-03-18 12:58:24 +0200107 /* Most significant octet of plaintextData corresponds to data[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300108 swap_buf(r, data, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200109
110 sg_init_one(&sg, data, 16);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300111
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300112 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
113 if (err)
114 BT_ERR("Encrypt data error %d", err);
115
Johan Hedberg943a7322014-03-18 12:58:24 +0200116 /* Most significant octet of encryptedData corresponds to data[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300117 swap_buf(data, r, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200118
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300119 return err;
120}
121
Johan Hedberg60478052014-02-18 10:19:31 +0200122static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
123{
Johan Hedberg943a7322014-03-18 12:58:24 +0200124 u8 _res[16];
Johan Hedberg60478052014-02-18 10:19:31 +0200125 int err;
126
127 /* r' = padding || r */
Johan Hedberg943a7322014-03-18 12:58:24 +0200128 memcpy(_res, r, 3);
129 memset(_res + 3, 0, 13);
Johan Hedberg60478052014-02-18 10:19:31 +0200130
Johan Hedberg943a7322014-03-18 12:58:24 +0200131 err = smp_e(tfm, irk, _res);
Johan Hedberg60478052014-02-18 10:19:31 +0200132 if (err) {
133 BT_ERR("Encrypt error");
134 return err;
135 }
136
137 /* The output of the random address function ah is:
138 * ah(h, r) = e(k, r') mod 2^24
139 * The output of the security function e is then truncated to 24 bits
140 * by taking the least significant 24 bits of the output of e as the
141 * result of ah.
142 */
Johan Hedberg943a7322014-03-18 12:58:24 +0200143 memcpy(res, _res, 3);
Johan Hedberg60478052014-02-18 10:19:31 +0200144
145 return 0;
146}
147
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300148bool smp_irk_matches(struct hci_dev *hdev, u8 irk[16], bdaddr_t *bdaddr)
Johan Hedberg60478052014-02-18 10:19:31 +0200149{
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300150 struct l2cap_chan *chan = hdev->smp_data;
151 struct crypto_blkcipher *tfm;
Johan Hedberg60478052014-02-18 10:19:31 +0200152 u8 hash[3];
153 int err;
154
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300155 if (!chan || !chan->data)
156 return false;
157
158 tfm = chan->data;
159
Johan Hedberg60478052014-02-18 10:19:31 +0200160 BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk);
161
162 err = smp_ah(tfm, irk, &bdaddr->b[3], hash);
163 if (err)
164 return false;
165
166 return !memcmp(bdaddr->b, hash, 3);
167}
168
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300169int smp_generate_rpa(struct hci_dev *hdev, u8 irk[16], bdaddr_t *rpa)
Johan Hedbergb1e2b3a2014-02-23 19:42:19 +0200170{
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300171 struct l2cap_chan *chan = hdev->smp_data;
172 struct crypto_blkcipher *tfm;
Johan Hedbergb1e2b3a2014-02-23 19:42:19 +0200173 int err;
174
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300175 if (!chan || !chan->data)
176 return -EOPNOTSUPP;
177
178 tfm = chan->data;
179
Johan Hedbergb1e2b3a2014-02-23 19:42:19 +0200180 get_random_bytes(&rpa->b[3], 3);
181
182 rpa->b[5] &= 0x3f; /* Clear two most significant bits */
183 rpa->b[5] |= 0x40; /* Set second most significant bit */
184
185 err = smp_ah(tfm, irk, &rpa->b[3], rpa->b);
186 if (err < 0)
187 return err;
188
189 BT_DBG("RPA %pMR", rpa);
190
191 return 0;
192}
193
Johan Hedberge491eaf2014-10-25 21:15:37 +0200194static int smp_c1(struct crypto_blkcipher *tfm_aes, u8 k[16], u8 r[16],
195 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia, u8 _rat,
196 bdaddr_t *ra, u8 res[16])
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300197{
198 u8 p1[16], p2[16];
199 int err;
200
201 memset(p1, 0, 16);
202
203 /* p1 = pres || preq || _rat || _iat */
Johan Hedberg943a7322014-03-18 12:58:24 +0200204 p1[0] = _iat;
205 p1[1] = _rat;
206 memcpy(p1 + 2, preq, 7);
207 memcpy(p1 + 9, pres, 7);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300208
209 /* p2 = padding || ia || ra */
Johan Hedberg943a7322014-03-18 12:58:24 +0200210 memcpy(p2, ra, 6);
211 memcpy(p2 + 6, ia, 6);
212 memset(p2 + 12, 0, 4);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300213
214 /* res = r XOR p1 */
215 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
216
217 /* res = e(k, res) */
Johan Hedberge491eaf2014-10-25 21:15:37 +0200218 err = smp_e(tfm_aes, k, res);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300219 if (err) {
220 BT_ERR("Encrypt data error");
221 return err;
222 }
223
224 /* res = res XOR p2 */
225 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
226
227 /* res = e(k, res) */
Johan Hedberge491eaf2014-10-25 21:15:37 +0200228 err = smp_e(tfm_aes, k, res);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300229 if (err)
230 BT_ERR("Encrypt data error");
231
232 return err;
233}
234
Johan Hedberge491eaf2014-10-25 21:15:37 +0200235static int smp_s1(struct crypto_blkcipher *tfm_aes, u8 k[16], u8 r1[16],
236 u8 r2[16], u8 _r[16])
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300237{
238 int err;
239
240 /* Just least significant octets from r1 and r2 are considered */
Johan Hedberg943a7322014-03-18 12:58:24 +0200241 memcpy(_r, r2, 8);
242 memcpy(_r + 8, r1, 8);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300243
Johan Hedberge491eaf2014-10-25 21:15:37 +0200244 err = smp_e(tfm_aes, k, _r);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300245 if (err)
246 BT_ERR("Encrypt data error");
247
248 return err;
249}
250
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300251static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
252{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300253 struct l2cap_chan *chan = conn->smp;
Johan Hedbergb68fda62014-08-11 22:06:40 +0300254 struct smp_chan *smp;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300255 struct kvec iv[2];
256 struct msghdr msg;
257
258 if (!chan)
259 return;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300260
261 BT_DBG("code 0x%2.2x", code);
262
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300263 iv[0].iov_base = &code;
264 iv[0].iov_len = 1;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300265
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300266 iv[1].iov_base = data;
267 iv[1].iov_len = len;
268
269 memset(&msg, 0, sizeof(msg));
270
271 msg.msg_iov = (struct iovec *) &iv;
272 msg.msg_iovlen = 2;
273
274 l2cap_chan_send(chan, &msg, 1 + len);
Vinicius Costa Gomese2dcd112011-08-19 21:06:50 -0300275
Johan Hedbergb68fda62014-08-11 22:06:40 +0300276 if (!chan->data)
277 return;
278
279 smp = chan->data;
280
281 cancel_delayed_work_sync(&smp->security_timer);
Johan Hedberg1b0921d2014-09-05 22:19:48 +0300282 schedule_delayed_work(&smp->security_timer, SMP_TIMEOUT);
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300283}
284
Brian Gix2b64d152011-12-21 16:12:12 -0800285static __u8 authreq_to_seclevel(__u8 authreq)
286{
287 if (authreq & SMP_AUTH_MITM)
288 return BT_SECURITY_HIGH;
289 else
290 return BT_SECURITY_MEDIUM;
291}
292
293static __u8 seclevel_to_authreq(__u8 sec_level)
294{
295 switch (sec_level) {
296 case BT_SECURITY_HIGH:
297 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
298 case BT_SECURITY_MEDIUM:
299 return SMP_AUTH_BONDING;
300 default:
301 return SMP_AUTH_NONE;
302 }
303}
304
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300305static void build_pairing_cmd(struct l2cap_conn *conn,
Marcel Holtmannf1560462013-10-13 05:43:25 -0700306 struct smp_cmd_pairing *req,
307 struct smp_cmd_pairing *rsp, __u8 authreq)
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300308{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300309 struct l2cap_chan *chan = conn->smp;
310 struct smp_chan *smp = chan->data;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200311 struct hci_conn *hcon = conn->hcon;
312 struct hci_dev *hdev = hcon->hdev;
313 u8 local_dist = 0, remote_dist = 0;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300314
Johan Hedbergb6ae8452014-07-30 09:22:22 +0300315 if (test_bit(HCI_BONDABLE, &conn->hcon->hdev->dev_flags)) {
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -0700316 local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
317 remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300318 authreq |= SMP_AUTH_BONDING;
Brian Gix2b64d152011-12-21 16:12:12 -0800319 } else {
320 authreq &= ~SMP_AUTH_BONDING;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300321 }
322
Johan Hedbergfd349c02014-02-18 10:19:36 +0200323 if (test_bit(HCI_RPA_RESOLVING, &hdev->dev_flags))
324 remote_dist |= SMP_DIST_ID_KEY;
325
Johan Hedberg863efaf2014-02-22 19:06:32 +0200326 if (test_bit(HCI_PRIVACY, &hdev->dev_flags))
327 local_dist |= SMP_DIST_ID_KEY;
328
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300329 if (rsp == NULL) {
330 req->io_capability = conn->hcon->io_capability;
331 req->oob_flag = SMP_OOB_NOT_PRESENT;
332 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200333 req->init_key_dist = local_dist;
334 req->resp_key_dist = remote_dist;
Johan Hedberg065a13e2012-10-11 16:26:06 +0200335 req->auth_req = (authreq & AUTH_REQ_MASK);
Johan Hedbergfd349c02014-02-18 10:19:36 +0200336
337 smp->remote_key_dist = remote_dist;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300338 return;
339 }
340
341 rsp->io_capability = conn->hcon->io_capability;
342 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
343 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200344 rsp->init_key_dist = req->init_key_dist & remote_dist;
345 rsp->resp_key_dist = req->resp_key_dist & local_dist;
Johan Hedberg065a13e2012-10-11 16:26:06 +0200346 rsp->auth_req = (authreq & AUTH_REQ_MASK);
Johan Hedbergfd349c02014-02-18 10:19:36 +0200347
348 smp->remote_key_dist = rsp->init_key_dist;
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300349}
350
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300351static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
352{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300353 struct l2cap_chan *chan = conn->smp;
354 struct smp_chan *smp = chan->data;
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300355
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300356 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
Marcel Holtmannf1560462013-10-13 05:43:25 -0700357 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300358 return SMP_ENC_KEY_SIZE;
359
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300360 smp->enc_key_size = max_key_size;
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300361
362 return 0;
363}
364
Johan Hedberg6f48e262014-08-11 22:06:44 +0300365static void smp_chan_destroy(struct l2cap_conn *conn)
366{
367 struct l2cap_chan *chan = conn->smp;
368 struct smp_chan *smp = chan->data;
369 bool complete;
370
371 BUG_ON(!smp);
372
373 cancel_delayed_work_sync(&smp->security_timer);
Johan Hedberg6f48e262014-08-11 22:06:44 +0300374
Johan Hedberg6f48e262014-08-11 22:06:44 +0300375 complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
376 mgmt_smp_complete(conn->hcon, complete);
377
378 kfree(smp->csrk);
379 kfree(smp->slave_csrk);
380
381 crypto_free_blkcipher(smp->tfm_aes);
382
383 /* If pairing failed clean up any keys we might have */
384 if (!complete) {
385 if (smp->ltk) {
386 list_del(&smp->ltk->list);
387 kfree(smp->ltk);
388 }
389
390 if (smp->slave_ltk) {
391 list_del(&smp->slave_ltk->list);
392 kfree(smp->slave_ltk);
393 }
394
395 if (smp->remote_irk) {
396 list_del(&smp->remote_irk->list);
397 kfree(smp->remote_irk);
398 }
399 }
400
401 chan->data = NULL;
402 kfree(smp);
403 hci_conn_drop(conn->hcon);
404}
405
Johan Hedberg84794e12013-11-06 11:24:57 +0200406static void smp_failure(struct l2cap_conn *conn, u8 reason)
Brian Gix4f957a72011-11-23 08:28:36 -0800407{
Johan Hedbergbab73cb2012-02-09 16:07:29 +0200408 struct hci_conn *hcon = conn->hcon;
Johan Hedbergb68fda62014-08-11 22:06:40 +0300409 struct l2cap_chan *chan = conn->smp;
Johan Hedbergbab73cb2012-02-09 16:07:29 +0200410
Johan Hedberg84794e12013-11-06 11:24:57 +0200411 if (reason)
Brian Gix4f957a72011-11-23 08:28:36 -0800412 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
Marcel Holtmannf1560462013-10-13 05:43:25 -0700413 &reason);
Brian Gix4f957a72011-11-23 08:28:36 -0800414
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700415 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
Johan Hedberge1e930f2014-09-08 17:09:49 -0700416 mgmt_auth_failed(hcon, HCI_ERROR_AUTH_FAILURE);
Vinicius Costa Gomesf1c09c02012-02-01 18:27:56 -0300417
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300418 if (chan->data)
Vinicius Costa Gomesf1c09c02012-02-01 18:27:56 -0300419 smp_chan_destroy(conn);
Brian Gix4f957a72011-11-23 08:28:36 -0800420}
421
Brian Gix2b64d152011-12-21 16:12:12 -0800422#define JUST_WORKS 0x00
423#define JUST_CFM 0x01
424#define REQ_PASSKEY 0x02
425#define CFM_PASSKEY 0x03
426#define REQ_OOB 0x04
427#define OVERLAP 0xFF
428
429static const u8 gen_method[5][5] = {
430 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
431 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
432 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
433 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
434 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
435};
436
Johan Hedberg581370c2014-06-17 13:07:38 +0300437static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
438{
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300439 /* If either side has unknown io_caps, use JUST_CFM (which gets
440 * converted later to JUST_WORKS if we're initiators.
441 */
Johan Hedberg581370c2014-06-17 13:07:38 +0300442 if (local_io > SMP_IO_KEYBOARD_DISPLAY ||
443 remote_io > SMP_IO_KEYBOARD_DISPLAY)
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300444 return JUST_CFM;
Johan Hedberg581370c2014-06-17 13:07:38 +0300445
446 return gen_method[remote_io][local_io];
447}
448
Brian Gix2b64d152011-12-21 16:12:12 -0800449static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
450 u8 local_io, u8 remote_io)
451{
452 struct hci_conn *hcon = conn->hcon;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300453 struct l2cap_chan *chan = conn->smp;
454 struct smp_chan *smp = chan->data;
Brian Gix2b64d152011-12-21 16:12:12 -0800455 u8 method;
456 u32 passkey = 0;
457 int ret = 0;
458
459 /* Initialize key for JUST WORKS */
460 memset(smp->tk, 0, sizeof(smp->tk));
Johan Hedberg4a74d652014-05-20 09:45:50 +0300461 clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800462
463 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
464
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300465 /* If neither side wants MITM, either "just" confirm an incoming
466 * request or use just-works for outgoing ones. The JUST_CFM
467 * will be converted to JUST_WORKS if necessary later in this
468 * function. If either side has MITM look up the method from the
469 * table.
470 */
Johan Hedberg581370c2014-06-17 13:07:38 +0300471 if (!(auth & SMP_AUTH_MITM))
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300472 method = JUST_CFM;
Brian Gix2b64d152011-12-21 16:12:12 -0800473 else
Johan Hedberg581370c2014-06-17 13:07:38 +0300474 method = get_auth_method(smp, local_io, remote_io);
Brian Gix2b64d152011-12-21 16:12:12 -0800475
Johan Hedberga82505c2014-03-24 14:39:07 +0200476 /* Don't confirm locally initiated pairing attempts */
Johan Hedberg4a74d652014-05-20 09:45:50 +0300477 if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags))
Johan Hedberga82505c2014-03-24 14:39:07 +0200478 method = JUST_WORKS;
479
Johan Hedberg02f3e252014-07-16 15:09:13 +0300480 /* Don't bother user space with no IO capabilities */
481 if (method == JUST_CFM && hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
482 method = JUST_WORKS;
483
Brian Gix2b64d152011-12-21 16:12:12 -0800484 /* If Just Works, Continue with Zero TK */
485 if (method == JUST_WORKS) {
Johan Hedberg4a74d652014-05-20 09:45:50 +0300486 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800487 return 0;
488 }
489
490 /* Not Just Works/Confirm results in MITM Authentication */
Johan Hedberg5eb596f2014-09-18 11:26:32 +0300491 if (method != JUST_CFM) {
Johan Hedberg4a74d652014-05-20 09:45:50 +0300492 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
Johan Hedberg5eb596f2014-09-18 11:26:32 +0300493 if (hcon->pending_sec_level < BT_SECURITY_HIGH)
494 hcon->pending_sec_level = BT_SECURITY_HIGH;
495 }
Brian Gix2b64d152011-12-21 16:12:12 -0800496
497 /* If both devices have Keyoard-Display I/O, the master
498 * Confirms and the slave Enters the passkey.
499 */
500 if (method == OVERLAP) {
Johan Hedberg40bef302014-07-16 11:42:27 +0300501 if (hcon->role == HCI_ROLE_MASTER)
Brian Gix2b64d152011-12-21 16:12:12 -0800502 method = CFM_PASSKEY;
503 else
504 method = REQ_PASSKEY;
505 }
506
Johan Hedberg01ad34d2014-03-19 14:14:53 +0200507 /* Generate random passkey. */
Brian Gix2b64d152011-12-21 16:12:12 -0800508 if (method == CFM_PASSKEY) {
Johan Hedberg943a7322014-03-18 12:58:24 +0200509 memset(smp->tk, 0, sizeof(smp->tk));
Brian Gix2b64d152011-12-21 16:12:12 -0800510 get_random_bytes(&passkey, sizeof(passkey));
511 passkey %= 1000000;
Johan Hedberg943a7322014-03-18 12:58:24 +0200512 put_unaligned_le32(passkey, smp->tk);
Brian Gix2b64d152011-12-21 16:12:12 -0800513 BT_DBG("PassKey: %d", passkey);
Johan Hedberg4a74d652014-05-20 09:45:50 +0300514 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800515 }
516
Brian Gix2b64d152011-12-21 16:12:12 -0800517 if (method == REQ_PASSKEY)
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700518 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
Johan Hedberg272d90d2012-02-09 15:26:12 +0200519 hcon->type, hcon->dst_type);
Johan Hedberg4eb65e62014-03-24 14:39:05 +0200520 else if (method == JUST_CFM)
521 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
522 hcon->type, hcon->dst_type,
523 passkey, 1);
Brian Gix2b64d152011-12-21 16:12:12 -0800524 else
Johan Hedberg01ad34d2014-03-19 14:14:53 +0200525 ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst,
Johan Hedberg272d90d2012-02-09 15:26:12 +0200526 hcon->type, hcon->dst_type,
Johan Hedberg39adbff2014-03-20 08:18:14 +0200527 passkey, 0);
Brian Gix2b64d152011-12-21 16:12:12 -0800528
Brian Gix2b64d152011-12-21 16:12:12 -0800529 return ret;
530}
531
Johan Hedberg1cc61142014-05-20 09:45:52 +0300532static u8 smp_confirm(struct smp_chan *smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300533{
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300534 struct l2cap_conn *conn = smp->conn;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300535 struct smp_cmd_pairing_confirm cp;
536 int ret;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300537
538 BT_DBG("conn %p", conn);
539
Johan Hedberge491eaf2014-10-25 21:15:37 +0200540 ret = smp_c1(smp->tfm_aes, smp->tk, smp->prnd, smp->preq, smp->prsp,
Johan Hedbergb1cd5fd2014-02-28 12:54:17 +0200541 conn->hcon->init_addr_type, &conn->hcon->init_addr,
Johan Hedberg943a7322014-03-18 12:58:24 +0200542 conn->hcon->resp_addr_type, &conn->hcon->resp_addr,
543 cp.confirm_val);
Johan Hedberg1cc61142014-05-20 09:45:52 +0300544 if (ret)
545 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300546
Johan Hedberg4a74d652014-05-20 09:45:50 +0300547 clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800548
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300549 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
550
Johan Hedbergb28b4942014-09-05 22:19:55 +0300551 if (conn->hcon->out)
552 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
553 else
554 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
555
Johan Hedberg1cc61142014-05-20 09:45:52 +0300556 return 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300557}
558
Johan Hedberg861580a2014-05-20 09:45:51 +0300559static u8 smp_random(struct smp_chan *smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300560{
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300561 struct l2cap_conn *conn = smp->conn;
562 struct hci_conn *hcon = conn->hcon;
Johan Hedberg861580a2014-05-20 09:45:51 +0300563 u8 confirm[16];
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300564 int ret;
565
Johan Hedbergec70f362014-06-27 14:23:04 +0300566 if (IS_ERR_OR_NULL(smp->tfm_aes))
Johan Hedberg861580a2014-05-20 09:45:51 +0300567 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300568
569 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
570
Johan Hedberge491eaf2014-10-25 21:15:37 +0200571 ret = smp_c1(smp->tfm_aes, smp->tk, smp->rrnd, smp->preq, smp->prsp,
Johan Hedbergb1cd5fd2014-02-28 12:54:17 +0200572 hcon->init_addr_type, &hcon->init_addr,
Johan Hedberg943a7322014-03-18 12:58:24 +0200573 hcon->resp_addr_type, &hcon->resp_addr, confirm);
Johan Hedberg861580a2014-05-20 09:45:51 +0300574 if (ret)
575 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300576
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300577 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
578 BT_ERR("Pairing failed (confirmation values mismatch)");
Johan Hedberg861580a2014-05-20 09:45:51 +0300579 return SMP_CONFIRM_FAILED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300580 }
581
582 if (hcon->out) {
Marcel Holtmannfe39c7b2014-02-27 16:00:28 -0800583 u8 stk[16];
584 __le64 rand = 0;
585 __le16 ediv = 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300586
Johan Hedberge491eaf2014-10-25 21:15:37 +0200587 smp_s1(smp->tfm_aes, smp->tk, smp->rrnd, smp->prnd, stk);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300588
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300589 memset(stk + smp->enc_key_size, 0,
Gustavo F. Padovan04124682012-03-08 01:25:00 -0300590 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300591
Johan Hedberg861580a2014-05-20 09:45:51 +0300592 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
593 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300594
595 hci_le_start_enc(hcon, ediv, rand, stk);
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300596 hcon->enc_key_size = smp->enc_key_size;
Johan Hedbergfe59a052014-07-01 19:14:12 +0300597 set_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300598 } else {
Johan Hedbergfff34902014-06-10 15:19:50 +0300599 u8 stk[16], auth;
Marcel Holtmannfe39c7b2014-02-27 16:00:28 -0800600 __le64 rand = 0;
601 __le16 ediv = 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300602
Johan Hedberg943a7322014-03-18 12:58:24 +0200603 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
604 smp->prnd);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300605
Johan Hedberge491eaf2014-10-25 21:15:37 +0200606 smp_s1(smp->tfm_aes, smp->tk, smp->prnd, smp->rrnd, stk);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300607
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300608 memset(stk + smp->enc_key_size, 0,
Marcel Holtmannf1560462013-10-13 05:43:25 -0700609 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300610
Johan Hedbergfff34902014-06-10 15:19:50 +0300611 if (hcon->pending_sec_level == BT_SECURITY_HIGH)
612 auth = 1;
613 else
614 auth = 0;
615
Johan Hedberg7d5843b2014-06-16 19:25:15 +0300616 /* Even though there's no _SLAVE suffix this is the
617 * slave STK we're adding for later lookup (the master
618 * STK never needs to be stored).
619 */
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700620 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
Johan Hedberg2ceba532014-06-16 19:25:16 +0300621 SMP_STK, auth, stk, smp->enc_key_size, ediv, rand);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300622 }
623
Johan Hedberg861580a2014-05-20 09:45:51 +0300624 return 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300625}
626
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300627static void smp_notify_keys(struct l2cap_conn *conn)
628{
629 struct l2cap_chan *chan = conn->smp;
630 struct smp_chan *smp = chan->data;
631 struct hci_conn *hcon = conn->hcon;
632 struct hci_dev *hdev = hcon->hdev;
633 struct smp_cmd_pairing *req = (void *) &smp->preq[1];
634 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
635 bool persistent;
636
637 if (smp->remote_irk) {
638 mgmt_new_irk(hdev, smp->remote_irk);
639 /* Now that user space can be considered to know the
640 * identity address track the connection based on it
641 * from now on.
642 */
643 bacpy(&hcon->dst, &smp->remote_irk->bdaddr);
644 hcon->dst_type = smp->remote_irk->addr_type;
Johan Hedbergf3d82d02014-09-05 22:19:50 +0300645 queue_work(hdev->workqueue, &conn->id_addr_update_work);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300646
647 /* When receiving an indentity resolving key for
648 * a remote device that does not use a resolvable
649 * private address, just remove the key so that
650 * it is possible to use the controller white
651 * list for scanning.
652 *
653 * Userspace will have been told to not store
654 * this key at this point. So it is safe to
655 * just remove it.
656 */
657 if (!bacmp(&smp->remote_irk->rpa, BDADDR_ANY)) {
658 list_del(&smp->remote_irk->list);
659 kfree(smp->remote_irk);
660 smp->remote_irk = NULL;
661 }
662 }
663
664 /* The LTKs and CSRKs should be persistent only if both sides
665 * had the bonding bit set in their authentication requests.
666 */
667 persistent = !!((req->auth_req & rsp->auth_req) & SMP_AUTH_BONDING);
668
669 if (smp->csrk) {
670 smp->csrk->bdaddr_type = hcon->dst_type;
671 bacpy(&smp->csrk->bdaddr, &hcon->dst);
672 mgmt_new_csrk(hdev, smp->csrk, persistent);
673 }
674
675 if (smp->slave_csrk) {
676 smp->slave_csrk->bdaddr_type = hcon->dst_type;
677 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst);
678 mgmt_new_csrk(hdev, smp->slave_csrk, persistent);
679 }
680
681 if (smp->ltk) {
682 smp->ltk->bdaddr_type = hcon->dst_type;
683 bacpy(&smp->ltk->bdaddr, &hcon->dst);
684 mgmt_new_ltk(hdev, smp->ltk, persistent);
685 }
686
687 if (smp->slave_ltk) {
688 smp->slave_ltk->bdaddr_type = hcon->dst_type;
689 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
690 mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
691 }
692}
693
Johan Hedbergb28b4942014-09-05 22:19:55 +0300694static void smp_allow_key_dist(struct smp_chan *smp)
695{
696 /* Allow the first expected phase 3 PDU. The rest of the PDUs
697 * will be allowed in each PDU handler to ensure we receive
698 * them in the correct order.
699 */
700 if (smp->remote_key_dist & SMP_DIST_ENC_KEY)
701 SMP_ALLOW_CMD(smp, SMP_CMD_ENCRYPT_INFO);
702 else if (smp->remote_key_dist & SMP_DIST_ID_KEY)
703 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
704 else if (smp->remote_key_dist & SMP_DIST_SIGN)
705 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
706}
707
Johan Hedbergd6268e82014-09-05 22:19:51 +0300708static void smp_distribute_keys(struct smp_chan *smp)
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300709{
710 struct smp_cmd_pairing *req, *rsp;
Johan Hedberg86d14072014-08-11 22:06:43 +0300711 struct l2cap_conn *conn = smp->conn;
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300712 struct hci_conn *hcon = conn->hcon;
713 struct hci_dev *hdev = hcon->hdev;
714 __u8 *keydist;
715
716 BT_DBG("conn %p", conn);
717
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300718 rsp = (void *) &smp->prsp[1];
719
720 /* The responder sends its keys first */
Johan Hedbergb28b4942014-09-05 22:19:55 +0300721 if (hcon->out && (smp->remote_key_dist & KEY_DIST_MASK)) {
722 smp_allow_key_dist(smp);
Johan Hedberg86d14072014-08-11 22:06:43 +0300723 return;
Johan Hedbergb28b4942014-09-05 22:19:55 +0300724 }
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300725
726 req = (void *) &smp->preq[1];
727
728 if (hcon->out) {
729 keydist = &rsp->init_key_dist;
730 *keydist &= req->init_key_dist;
731 } else {
732 keydist = &rsp->resp_key_dist;
733 *keydist &= req->resp_key_dist;
734 }
735
736 BT_DBG("keydist 0x%x", *keydist);
737
738 if (*keydist & SMP_DIST_ENC_KEY) {
739 struct smp_cmd_encrypt_info enc;
740 struct smp_cmd_master_ident ident;
741 struct smp_ltk *ltk;
742 u8 authenticated;
743 __le16 ediv;
744 __le64 rand;
745
746 get_random_bytes(enc.ltk, sizeof(enc.ltk));
747 get_random_bytes(&ediv, sizeof(ediv));
748 get_random_bytes(&rand, sizeof(rand));
749
750 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
751
752 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
753 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type,
754 SMP_LTK_SLAVE, authenticated, enc.ltk,
755 smp->enc_key_size, ediv, rand);
756 smp->slave_ltk = ltk;
757
758 ident.ediv = ediv;
759 ident.rand = rand;
760
761 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
762
763 *keydist &= ~SMP_DIST_ENC_KEY;
764 }
765
766 if (*keydist & SMP_DIST_ID_KEY) {
767 struct smp_cmd_ident_addr_info addrinfo;
768 struct smp_cmd_ident_info idinfo;
769
770 memcpy(idinfo.irk, hdev->irk, sizeof(idinfo.irk));
771
772 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
773
774 /* The hci_conn contains the local identity address
775 * after the connection has been established.
776 *
777 * This is true even when the connection has been
778 * established using a resolvable random address.
779 */
780 bacpy(&addrinfo.bdaddr, &hcon->src);
781 addrinfo.addr_type = hcon->src_type;
782
783 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
784 &addrinfo);
785
786 *keydist &= ~SMP_DIST_ID_KEY;
787 }
788
789 if (*keydist & SMP_DIST_SIGN) {
790 struct smp_cmd_sign_info sign;
791 struct smp_csrk *csrk;
792
793 /* Generate a new random key */
794 get_random_bytes(sign.csrk, sizeof(sign.csrk));
795
796 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
797 if (csrk) {
798 csrk->master = 0x00;
799 memcpy(csrk->val, sign.csrk, sizeof(csrk->val));
800 }
801 smp->slave_csrk = csrk;
802
803 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
804
805 *keydist &= ~SMP_DIST_SIGN;
806 }
807
808 /* If there are still keys to be received wait for them */
Johan Hedbergb28b4942014-09-05 22:19:55 +0300809 if (smp->remote_key_dist & KEY_DIST_MASK) {
810 smp_allow_key_dist(smp);
Johan Hedberg86d14072014-08-11 22:06:43 +0300811 return;
Johan Hedbergb28b4942014-09-05 22:19:55 +0300812 }
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300813
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300814 set_bit(SMP_FLAG_COMPLETE, &smp->flags);
815 smp_notify_keys(conn);
816
817 smp_chan_destroy(conn);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300818}
819
Johan Hedbergb68fda62014-08-11 22:06:40 +0300820static void smp_timeout(struct work_struct *work)
821{
822 struct smp_chan *smp = container_of(work, struct smp_chan,
823 security_timer.work);
824 struct l2cap_conn *conn = smp->conn;
825
826 BT_DBG("conn %p", conn);
827
Johan Hedberg1e91c292014-08-18 20:33:29 +0300828 hci_disconnect(conn->hcon, HCI_ERROR_REMOTE_USER_TERM);
Johan Hedbergb68fda62014-08-11 22:06:40 +0300829}
830
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300831static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
832{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300833 struct l2cap_chan *chan = conn->smp;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300834 struct smp_chan *smp;
835
Marcel Holtmannf1560462013-10-13 05:43:25 -0700836 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300837 if (!smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300838 return NULL;
839
Johan Hedberg6a7bd102014-06-27 14:23:03 +0300840 smp->tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
841 if (IS_ERR(smp->tfm_aes)) {
842 BT_ERR("Unable to create ECB crypto context");
843 kfree(smp);
844 return NULL;
845 }
846
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300847 smp->conn = conn;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300848 chan->data = smp;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300849
Johan Hedbergb28b4942014-09-05 22:19:55 +0300850 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_FAIL);
851
Johan Hedbergb68fda62014-08-11 22:06:40 +0300852 INIT_DELAYED_WORK(&smp->security_timer, smp_timeout);
853
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300854 hci_conn_hold(conn->hcon);
855
856 return smp;
857}
858
Brian Gix2b64d152011-12-21 16:12:12 -0800859int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
860{
Johan Hedbergb10e8012014-06-27 14:23:07 +0300861 struct l2cap_conn *conn = hcon->l2cap_data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300862 struct l2cap_chan *chan;
Brian Gix2b64d152011-12-21 16:12:12 -0800863 struct smp_chan *smp;
864 u32 value;
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300865 int err;
Brian Gix2b64d152011-12-21 16:12:12 -0800866
867 BT_DBG("");
868
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300869 if (!conn)
Brian Gix2b64d152011-12-21 16:12:12 -0800870 return -ENOTCONN;
871
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300872 chan = conn->smp;
873 if (!chan)
874 return -ENOTCONN;
875
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300876 l2cap_chan_lock(chan);
877 if (!chan->data) {
878 err = -ENOTCONN;
879 goto unlock;
880 }
881
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300882 smp = chan->data;
Brian Gix2b64d152011-12-21 16:12:12 -0800883
884 switch (mgmt_op) {
885 case MGMT_OP_USER_PASSKEY_REPLY:
886 value = le32_to_cpu(passkey);
Johan Hedberg943a7322014-03-18 12:58:24 +0200887 memset(smp->tk, 0, sizeof(smp->tk));
Brian Gix2b64d152011-12-21 16:12:12 -0800888 BT_DBG("PassKey: %d", value);
Johan Hedberg943a7322014-03-18 12:58:24 +0200889 put_unaligned_le32(value, smp->tk);
Brian Gix2b64d152011-12-21 16:12:12 -0800890 /* Fall Through */
891 case MGMT_OP_USER_CONFIRM_REPLY:
Johan Hedberg4a74d652014-05-20 09:45:50 +0300892 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800893 break;
894 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
895 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
Johan Hedberg84794e12013-11-06 11:24:57 +0200896 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300897 err = 0;
898 goto unlock;
Brian Gix2b64d152011-12-21 16:12:12 -0800899 default:
Johan Hedberg84794e12013-11-06 11:24:57 +0200900 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300901 err = -EOPNOTSUPP;
902 goto unlock;
Brian Gix2b64d152011-12-21 16:12:12 -0800903 }
904
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300905 err = 0;
906
Brian Gix2b64d152011-12-21 16:12:12 -0800907 /* If it is our turn to send Pairing Confirm, do so now */
Johan Hedberg1cc61142014-05-20 09:45:52 +0300908 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) {
909 u8 rsp = smp_confirm(smp);
910 if (rsp)
911 smp_failure(conn, rsp);
912 }
Brian Gix2b64d152011-12-21 16:12:12 -0800913
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300914unlock:
915 l2cap_chan_unlock(chan);
916 return err;
Brian Gix2b64d152011-12-21 16:12:12 -0800917}
918
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300919static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300920{
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300921 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300922 struct l2cap_chan *chan = conn->smp;
Johan Hedbergb3c64102014-07-10 11:02:07 +0300923 struct hci_dev *hdev = conn->hcon->hdev;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300924 struct smp_chan *smp;
Johan Hedbergc7262e72014-06-17 13:07:37 +0300925 u8 key_size, auth, sec_level;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300926 int ret;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300927
928 BT_DBG("conn %p", conn);
929
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200930 if (skb->len < sizeof(*req))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300931 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200932
Johan Hedberg40bef302014-07-16 11:42:27 +0300933 if (conn->hcon->role != HCI_ROLE_SLAVE)
Brian Gix2b64d152011-12-21 16:12:12 -0800934 return SMP_CMD_NOTSUPP;
935
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300936 if (!chan->data)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300937 smp = smp_chan_create(conn);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300938 else
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300939 smp = chan->data;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300940
Andrei Emeltchenkod08fd0e2012-07-19 17:03:43 +0300941 if (!smp)
942 return SMP_UNSPECIFIED;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -0300943
Johan Hedbergc05b9332014-09-10 17:37:42 -0700944 /* We didn't start the pairing, so match remote */
945 auth = req->auth_req & AUTH_REQ_MASK;
946
Johan Hedbergb6ae8452014-07-30 09:22:22 +0300947 if (!test_bit(HCI_BONDABLE, &hdev->dev_flags) &&
Johan Hedbergc05b9332014-09-10 17:37:42 -0700948 (auth & SMP_AUTH_BONDING))
Johan Hedbergb3c64102014-07-10 11:02:07 +0300949 return SMP_PAIRING_NOTSUPP;
950
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300951 smp->preq[0] = SMP_CMD_PAIRING_REQ;
952 memcpy(&smp->preq[1], req, sizeof(*req));
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300953 skb_pull(skb, sizeof(*req));
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300954
Johan Hedberg5be5e272014-09-10 17:58:54 -0700955 if (conn->hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
Johan Hedberg1afc2a12014-09-10 17:37:44 -0700956 sec_level = BT_SECURITY_MEDIUM;
957 else
958 sec_level = authreq_to_seclevel(auth);
959
Johan Hedbergc7262e72014-06-17 13:07:37 +0300960 if (sec_level > conn->hcon->pending_sec_level)
961 conn->hcon->pending_sec_level = sec_level;
Ido Yarivfdde0a22012-03-05 20:09:38 +0200962
Stephen Hemminger49c922b2014-10-27 21:12:20 -0700963 /* If we need MITM check that it can be achieved */
Johan Hedberg2ed8f652014-06-17 13:07:39 +0300964 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
965 u8 method;
966
967 method = get_auth_method(smp, conn->hcon->io_capability,
968 req->io_capability);
969 if (method == JUST_WORKS || method == JUST_CFM)
970 return SMP_AUTH_REQUIREMENTS;
971 }
972
Brian Gix2b64d152011-12-21 16:12:12 -0800973 build_pairing_cmd(conn, req, &rsp, auth);
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300974
975 key_size = min(req->max_key_size, rsp.max_key_size);
976 if (check_enc_key_size(conn, key_size))
977 return SMP_ENC_KEY_SIZE;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300978
Johan Hedberge84a6b12013-12-02 10:49:03 +0200979 get_random_bytes(smp->prnd, sizeof(smp->prnd));
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300980
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300981 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
982 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -0300983
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300984 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
Johan Hedbergb28b4942014-09-05 22:19:55 +0300985 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300986
Brian Gix2b64d152011-12-21 16:12:12 -0800987 /* Request setup of TK */
988 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
989 if (ret)
990 return SMP_UNSPECIFIED;
991
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300992 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300993}
994
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300995static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300996{
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300997 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300998 struct l2cap_chan *chan = conn->smp;
999 struct smp_chan *smp = chan->data;
Johan Hedberg3a7dbfb2014-09-10 17:37:41 -07001000 u8 key_size, auth;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001001 int ret;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001002
1003 BT_DBG("conn %p", conn);
1004
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001005 if (skb->len < sizeof(*rsp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001006 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001007
Johan Hedberg40bef302014-07-16 11:42:27 +03001008 if (conn->hcon->role != HCI_ROLE_MASTER)
Brian Gix2b64d152011-12-21 16:12:12 -08001009 return SMP_CMD_NOTSUPP;
1010
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -03001011 skb_pull(skb, sizeof(*rsp));
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001012
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001013 req = (void *) &smp->preq[1];
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -03001014
1015 key_size = min(req->max_key_size, rsp->max_key_size);
1016 if (check_enc_key_size(conn, key_size))
1017 return SMP_ENC_KEY_SIZE;
1018
Johan Hedbergc05b9332014-09-10 17:37:42 -07001019 auth = rsp->auth_req & AUTH_REQ_MASK;
1020
Stephen Hemminger49c922b2014-10-27 21:12:20 -07001021 /* If we need MITM check that it can be achieved */
Johan Hedberg2ed8f652014-06-17 13:07:39 +03001022 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
1023 u8 method;
1024
1025 method = get_auth_method(smp, req->io_capability,
1026 rsp->io_capability);
1027 if (method == JUST_WORKS || method == JUST_CFM)
1028 return SMP_AUTH_REQUIREMENTS;
1029 }
1030
Johan Hedberge84a6b12013-12-02 10:49:03 +02001031 get_random_bytes(smp->prnd, sizeof(smp->prnd));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001032
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001033 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
1034 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001035
Johan Hedbergfdcc4be2014-03-14 10:53:50 +02001036 /* Update remote key distribution in case the remote cleared
1037 * some bits that we had enabled in our request.
1038 */
1039 smp->remote_key_dist &= rsp->resp_key_dist;
1040
Johan Hedbergc05b9332014-09-10 17:37:42 -07001041 auth |= req->auth_req;
Brian Gix2b64d152011-12-21 16:12:12 -08001042
Johan Hedberg476585e2012-06-06 18:54:15 +08001043 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
Brian Gix2b64d152011-12-21 16:12:12 -08001044 if (ret)
1045 return SMP_UNSPECIFIED;
1046
Johan Hedberg4a74d652014-05-20 09:45:50 +03001047 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -08001048
1049 /* Can't compose response until we have been confirmed */
Johan Hedberg4a74d652014-05-20 09:45:50 +03001050 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
Johan Hedberg1cc61142014-05-20 09:45:52 +03001051 return smp_confirm(smp);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001052
1053 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001054}
1055
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001056static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001057{
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001058 struct l2cap_chan *chan = conn->smp;
1059 struct smp_chan *smp = chan->data;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001060
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001061 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
1062
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001063 if (skb->len < sizeof(smp->pcnf))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001064 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001065
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001066 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
1067 skb_pull(skb, sizeof(smp->pcnf));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001068
Johan Hedbergb28b4942014-09-05 22:19:55 +03001069 if (conn->hcon->out) {
Johan Hedberg943a7322014-03-18 12:58:24 +02001070 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
1071 smp->prnd);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001072 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
1073 return 0;
1074 }
1075
1076 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
Johan Hedberg1cc61142014-05-20 09:45:52 +03001077 return smp_confirm(smp);
Johan Hedberg943a7322014-03-18 12:58:24 +02001078 else
Johan Hedberg4a74d652014-05-20 09:45:50 +03001079 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001080
1081 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001082}
1083
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001084static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001085{
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001086 struct l2cap_chan *chan = conn->smp;
1087 struct smp_chan *smp = chan->data;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001088
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001089 BT_DBG("conn %p", conn);
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001090
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001091 if (skb->len < sizeof(smp->rrnd))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001092 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001093
Johan Hedberg943a7322014-03-18 12:58:24 +02001094 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001095 skb_pull(skb, sizeof(smp->rrnd));
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001096
Johan Hedberg861580a2014-05-20 09:45:51 +03001097 return smp_random(smp);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001098}
1099
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001100static bool smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001101{
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001102 struct smp_ltk *key;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001103 struct hci_conn *hcon = conn->hcon;
1104
Johan Hedberg98a0b842014-01-30 19:40:00 -08001105 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
Johan Hedberge804d252014-07-16 11:42:28 +03001106 hcon->role);
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001107 if (!key)
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001108 return false;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001109
Johan Hedberga6f78332014-09-10 17:37:45 -07001110 if (smp_ltk_sec_level(key) < sec_level)
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001111 return false;
Johan Hedberg4dab7862012-06-07 14:58:37 +08001112
Johan Hedberg51a8efd2012-01-16 06:10:31 +02001113 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001114 return true;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001115
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001116 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
1117 hcon->enc_key_size = key->enc_size;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001118
Johan Hedbergfe59a052014-07-01 19:14:12 +03001119 /* We never store STKs for master role, so clear this flag */
1120 clear_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
1121
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001122 return true;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001123}
Marcel Holtmannf1560462013-10-13 05:43:25 -07001124
Johan Hedberg854f4722014-07-01 18:40:20 +03001125bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level)
1126{
1127 if (sec_level == BT_SECURITY_LOW)
1128 return true;
1129
Johan Hedberg9ab65d602014-07-01 19:14:13 +03001130 /* If we're encrypted with an STK always claim insufficient
1131 * security. This way we allow the connection to be re-encrypted
1132 * with an LTK, even if the LTK provides the same level of
Johan Hedbergb2d5e252014-07-14 14:34:55 +03001133 * security. Only exception is if we don't have an LTK (e.g.
1134 * because of key distribution bits).
Johan Hedberg9ab65d602014-07-01 19:14:13 +03001135 */
Johan Hedbergb2d5e252014-07-14 14:34:55 +03001136 if (test_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags) &&
1137 hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
Johan Hedberge804d252014-07-16 11:42:28 +03001138 hcon->role))
Johan Hedberg9ab65d602014-07-01 19:14:13 +03001139 return false;
1140
Johan Hedberg854f4722014-07-01 18:40:20 +03001141 if (hcon->sec_level >= sec_level)
1142 return true;
1143
1144 return false;
1145}
1146
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001147static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001148{
1149 struct smp_cmd_security_req *rp = (void *) skb->data;
1150 struct smp_cmd_pairing cp;
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -03001151 struct hci_conn *hcon = conn->hcon;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001152 struct smp_chan *smp;
Johan Hedbergc05b9332014-09-10 17:37:42 -07001153 u8 sec_level, auth;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001154
1155 BT_DBG("conn %p", conn);
1156
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001157 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001158 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001159
Johan Hedberg40bef302014-07-16 11:42:27 +03001160 if (hcon->role != HCI_ROLE_MASTER)
Johan Hedberg86ca9ea2013-11-05 11:30:39 +02001161 return SMP_CMD_NOTSUPP;
1162
Johan Hedbergc05b9332014-09-10 17:37:42 -07001163 auth = rp->auth_req & AUTH_REQ_MASK;
1164
Johan Hedberg5be5e272014-09-10 17:58:54 -07001165 if (hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
Johan Hedberg1afc2a12014-09-10 17:37:44 -07001166 sec_level = BT_SECURITY_MEDIUM;
1167 else
1168 sec_level = authreq_to_seclevel(auth);
1169
Johan Hedberg854f4722014-07-01 18:40:20 +03001170 if (smp_sufficient_security(hcon, sec_level))
1171 return 0;
1172
Johan Hedbergc7262e72014-06-17 13:07:37 +03001173 if (sec_level > hcon->pending_sec_level)
1174 hcon->pending_sec_level = sec_level;
Vinicius Costa Gomesfeb45eb2011-08-25 20:02:35 -03001175
Johan Hedberg4dab7862012-06-07 14:58:37 +08001176 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001177 return 0;
1178
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001179 smp = smp_chan_create(conn);
Johan Hedbergc29d2442014-06-16 19:25:14 +03001180 if (!smp)
1181 return SMP_UNSPECIFIED;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001182
Johan Hedbergb6ae8452014-07-30 09:22:22 +03001183 if (!test_bit(HCI_BONDABLE, &hcon->hdev->dev_flags) &&
Johan Hedbergc05b9332014-09-10 17:37:42 -07001184 (auth & SMP_AUTH_BONDING))
Johan Hedberg616d55be42014-07-29 14:18:48 +03001185 return SMP_PAIRING_NOTSUPP;
1186
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001187 skb_pull(skb, sizeof(*rp));
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001188
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001189 memset(&cp, 0, sizeof(cp));
Johan Hedbergc05b9332014-09-10 17:37:42 -07001190 build_pairing_cmd(conn, &cp, NULL, auth);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001191
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001192 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1193 memcpy(&smp->preq[1], &cp, sizeof(cp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -03001194
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001195 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001196 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -03001197
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001198 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001199}
1200
Vinicius Costa Gomescc110922012-08-23 21:32:43 -03001201int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001202{
Vinicius Costa Gomescc110922012-08-23 21:32:43 -03001203 struct l2cap_conn *conn = hcon->l2cap_data;
Johan Hedbergc68b7f12014-09-06 06:59:10 +03001204 struct l2cap_chan *chan;
Johan Hedberg0a66cf22014-03-24 14:39:03 +02001205 struct smp_chan *smp;
Brian Gix2b64d152011-12-21 16:12:12 -08001206 __u8 authreq;
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001207 int ret;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001208
Vinicius Costa Gomes3a0259b2011-06-09 18:50:43 -03001209 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
1210
Johan Hedberg0a66cf22014-03-24 14:39:03 +02001211 /* This may be NULL if there's an unexpected disconnection */
1212 if (!conn)
1213 return 1;
1214
Johan Hedbergc68b7f12014-09-06 06:59:10 +03001215 chan = conn->smp;
1216
Johan Hedberg757aee02013-04-24 13:05:32 +03001217 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
Andre Guedes2e65c9d2011-06-30 19:20:56 -03001218 return 1;
1219
Johan Hedbergad32a2f2013-05-14 18:05:12 +03001220 if (smp_sufficient_security(hcon, sec_level))
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -03001221 return 1;
1222
Johan Hedbergc7262e72014-06-17 13:07:37 +03001223 if (sec_level > hcon->pending_sec_level)
1224 hcon->pending_sec_level = sec_level;
1225
Johan Hedberg40bef302014-07-16 11:42:27 +03001226 if (hcon->role == HCI_ROLE_MASTER)
Johan Hedbergc7262e72014-06-17 13:07:37 +03001227 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
1228 return 0;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001229
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001230 l2cap_chan_lock(chan);
1231
1232 /* If SMP is already in progress ignore this request */
1233 if (chan->data) {
1234 ret = 0;
1235 goto unlock;
1236 }
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001237
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001238 smp = smp_chan_create(conn);
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001239 if (!smp) {
1240 ret = 1;
1241 goto unlock;
1242 }
Brian Gix2b64d152011-12-21 16:12:12 -08001243
1244 authreq = seclevel_to_authreq(sec_level);
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001245
Johan Hedberg79897d22014-06-01 09:45:24 +03001246 /* Require MITM if IO Capability allows or the security level
1247 * requires it.
Johan Hedberg2e233642014-03-18 15:42:30 +02001248 */
Johan Hedberg79897d22014-06-01 09:45:24 +03001249 if (hcon->io_capability != HCI_IO_NO_INPUT_OUTPUT ||
Johan Hedbergc7262e72014-06-17 13:07:37 +03001250 hcon->pending_sec_level > BT_SECURITY_MEDIUM)
Johan Hedberg2e233642014-03-18 15:42:30 +02001251 authreq |= SMP_AUTH_MITM;
1252
Johan Hedberg40bef302014-07-16 11:42:27 +03001253 if (hcon->role == HCI_ROLE_MASTER) {
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001254 struct smp_cmd_pairing cp;
Anderson Brigliaf01ead32011-06-09 18:50:45 -03001255
Brian Gix2b64d152011-12-21 16:12:12 -08001256 build_pairing_cmd(conn, &cp, NULL, authreq);
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001257 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1258 memcpy(&smp->preq[1], &cp, sizeof(cp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -03001259
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001260 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001261 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001262 } else {
1263 struct smp_cmd_security_req cp;
Brian Gix2b64d152011-12-21 16:12:12 -08001264 cp.auth_req = authreq;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001265 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001266 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_REQ);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001267 }
1268
Johan Hedberg4a74d652014-05-20 09:45:50 +03001269 set_bit(SMP_FLAG_INITIATOR, &smp->flags);
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001270 ret = 0;
Johan Hedbergedca7922014-03-24 15:54:11 +02001271
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001272unlock:
1273 l2cap_chan_unlock(chan);
1274 return ret;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001275}
1276
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001277static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
1278{
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001279 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001280 struct l2cap_chan *chan = conn->smp;
1281 struct smp_chan *smp = chan->data;
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001282
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001283 BT_DBG("conn %p", conn);
1284
1285 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001286 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001287
Johan Hedbergb28b4942014-09-05 22:19:55 +03001288 SMP_ALLOW_CMD(smp, SMP_CMD_MASTER_IDENT);
Johan Hedberg6131ddc2014-02-18 10:19:37 +02001289
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001290 skb_pull(skb, sizeof(*rp));
1291
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001292 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001293
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001294 return 0;
1295}
1296
1297static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
1298{
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001299 struct smp_cmd_master_ident *rp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001300 struct l2cap_chan *chan = conn->smp;
1301 struct smp_chan *smp = chan->data;
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001302 struct hci_dev *hdev = conn->hcon->hdev;
1303 struct hci_conn *hcon = conn->hcon;
Johan Hedberg23d0e122014-02-19 14:57:46 +02001304 struct smp_ltk *ltk;
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001305 u8 authenticated;
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001306
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001307 BT_DBG("conn %p", conn);
1308
1309 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001310 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001311
Johan Hedberg9747a9f2014-02-26 23:33:43 +02001312 /* Mark the information as received */
1313 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
1314
Johan Hedbergb28b4942014-09-05 22:19:55 +03001315 if (smp->remote_key_dist & SMP_DIST_ID_KEY)
1316 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
Johan Hedberg196332f2014-09-09 16:21:46 -07001317 else if (smp->remote_key_dist & SMP_DIST_SIGN)
1318 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001319
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001320 skb_pull(skb, sizeof(*rp));
1321
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001322 hci_dev_lock(hdev);
Marcel Holtmannce39fb42013-10-13 02:23:39 -07001323 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
Johan Hedberg2ceba532014-06-16 19:25:16 +03001324 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, SMP_LTK,
Johan Hedberg23d0e122014-02-19 14:57:46 +02001325 authenticated, smp->tk, smp->enc_key_size,
1326 rp->ediv, rp->rand);
1327 smp->ltk = ltk;
Johan Hedbergc6e81e92014-09-05 22:19:54 +03001328 if (!(smp->remote_key_dist & KEY_DIST_MASK))
Johan Hedbergd6268e82014-09-05 22:19:51 +03001329 smp_distribute_keys(smp);
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001330 hci_dev_unlock(hdev);
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001331
1332 return 0;
1333}
1334
Johan Hedbergfd349c02014-02-18 10:19:36 +02001335static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
1336{
1337 struct smp_cmd_ident_info *info = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001338 struct l2cap_chan *chan = conn->smp;
1339 struct smp_chan *smp = chan->data;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001340
1341 BT_DBG("");
1342
1343 if (skb->len < sizeof(*info))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001344 return SMP_INVALID_PARAMS;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001345
Johan Hedbergb28b4942014-09-05 22:19:55 +03001346 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_ADDR_INFO);
Johan Hedberg6131ddc2014-02-18 10:19:37 +02001347
Johan Hedbergfd349c02014-02-18 10:19:36 +02001348 skb_pull(skb, sizeof(*info));
1349
1350 memcpy(smp->irk, info->irk, 16);
1351
1352 return 0;
1353}
1354
1355static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
1356 struct sk_buff *skb)
1357{
1358 struct smp_cmd_ident_addr_info *info = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001359 struct l2cap_chan *chan = conn->smp;
1360 struct smp_chan *smp = chan->data;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001361 struct hci_conn *hcon = conn->hcon;
1362 bdaddr_t rpa;
1363
1364 BT_DBG("");
1365
1366 if (skb->len < sizeof(*info))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001367 return SMP_INVALID_PARAMS;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001368
Johan Hedberg9747a9f2014-02-26 23:33:43 +02001369 /* Mark the information as received */
1370 smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
1371
Johan Hedbergb28b4942014-09-05 22:19:55 +03001372 if (smp->remote_key_dist & SMP_DIST_SIGN)
1373 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
1374
Johan Hedbergfd349c02014-02-18 10:19:36 +02001375 skb_pull(skb, sizeof(*info));
1376
Johan Hedberg31dd6242014-06-27 14:23:02 +03001377 hci_dev_lock(hcon->hdev);
1378
Johan Hedberga9a58f82014-02-25 22:24:37 +02001379 /* Strictly speaking the Core Specification (4.1) allows sending
1380 * an empty address which would force us to rely on just the IRK
1381 * as "identity information". However, since such
1382 * implementations are not known of and in order to not over
1383 * complicate our implementation, simply pretend that we never
1384 * received an IRK for such a device.
1385 */
1386 if (!bacmp(&info->bdaddr, BDADDR_ANY)) {
1387 BT_ERR("Ignoring IRK with no identity address");
Johan Hedberg31dd6242014-06-27 14:23:02 +03001388 goto distribute;
Johan Hedberga9a58f82014-02-25 22:24:37 +02001389 }
1390
Johan Hedbergfd349c02014-02-18 10:19:36 +02001391 bacpy(&smp->id_addr, &info->bdaddr);
1392 smp->id_addr_type = info->addr_type;
1393
1394 if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type))
1395 bacpy(&rpa, &hcon->dst);
1396 else
1397 bacpy(&rpa, BDADDR_ANY);
1398
Johan Hedberg23d0e122014-02-19 14:57:46 +02001399 smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
1400 smp->id_addr_type, smp->irk, &rpa);
Johan Hedbergfd349c02014-02-18 10:19:36 +02001401
Johan Hedberg31dd6242014-06-27 14:23:02 +03001402distribute:
Johan Hedbergc6e81e92014-09-05 22:19:54 +03001403 if (!(smp->remote_key_dist & KEY_DIST_MASK))
1404 smp_distribute_keys(smp);
Johan Hedbergfd349c02014-02-18 10:19:36 +02001405
Johan Hedberg31dd6242014-06-27 14:23:02 +03001406 hci_dev_unlock(hcon->hdev);
1407
Johan Hedbergfd349c02014-02-18 10:19:36 +02001408 return 0;
1409}
1410
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001411static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb)
1412{
1413 struct smp_cmd_sign_info *rp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001414 struct l2cap_chan *chan = conn->smp;
1415 struct smp_chan *smp = chan->data;
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001416 struct hci_dev *hdev = conn->hcon->hdev;
1417 struct smp_csrk *csrk;
1418
1419 BT_DBG("conn %p", conn);
1420
1421 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001422 return SMP_INVALID_PARAMS;
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001423
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001424 /* Mark the information as received */
1425 smp->remote_key_dist &= ~SMP_DIST_SIGN;
1426
1427 skb_pull(skb, sizeof(*rp));
1428
1429 hci_dev_lock(hdev);
1430 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1431 if (csrk) {
1432 csrk->master = 0x01;
1433 memcpy(csrk->val, rp->csrk, sizeof(csrk->val));
1434 }
1435 smp->csrk = csrk;
Johan Hedbergd6268e82014-09-05 22:19:51 +03001436 smp_distribute_keys(smp);
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001437 hci_dev_unlock(hdev);
1438
1439 return 0;
1440}
1441
Johan Hedberg4befb862014-08-11 22:06:38 +03001442static int smp_sig_channel(struct l2cap_chan *chan, struct sk_buff *skb)
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001443{
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001444 struct l2cap_conn *conn = chan->conn;
Marcel Holtmann7b9899d2013-10-03 00:00:57 -07001445 struct hci_conn *hcon = conn->hcon;
Johan Hedbergb28b4942014-09-05 22:19:55 +03001446 struct smp_chan *smp;
Marcel Holtmann92381f52013-10-03 01:23:08 -07001447 __u8 code, reason;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001448 int err = 0;
1449
Marcel Holtmann7b9899d2013-10-03 00:00:57 -07001450 if (hcon->type != LE_LINK) {
1451 kfree_skb(skb);
Johan Hedberg34327112013-10-16 11:37:01 +03001452 return 0;
Marcel Holtmann7b9899d2013-10-03 00:00:57 -07001453 }
1454
Johan Hedberg8ae9b982014-08-11 22:06:39 +03001455 if (skb->len < 1)
Marcel Holtmann92381f52013-10-03 01:23:08 -07001456 return -EILSEQ;
Marcel Holtmann92381f52013-10-03 01:23:08 -07001457
Marcel Holtmann06ae3312013-10-18 03:43:00 -07001458 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
Andre Guedes2e65c9d2011-06-30 19:20:56 -03001459 reason = SMP_PAIRING_NOTSUPP;
1460 goto done;
1461 }
1462
Marcel Holtmann92381f52013-10-03 01:23:08 -07001463 code = skb->data[0];
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001464 skb_pull(skb, sizeof(code));
1465
Johan Hedbergb28b4942014-09-05 22:19:55 +03001466 smp = chan->data;
1467
1468 if (code > SMP_CMD_MAX)
1469 goto drop;
1470
Johan Hedberg24bd0bd2014-09-10 17:37:43 -07001471 if (smp && !test_and_clear_bit(code, &smp->allow_cmd))
Johan Hedbergb28b4942014-09-05 22:19:55 +03001472 goto drop;
1473
1474 /* If we don't have a context the only allowed commands are
1475 * pairing request and security request.
Johan Hedberg8cf9fa12013-01-29 10:44:23 -06001476 */
Johan Hedbergb28b4942014-09-05 22:19:55 +03001477 if (!smp && code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ)
1478 goto drop;
Johan Hedberg8cf9fa12013-01-29 10:44:23 -06001479
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001480 switch (code) {
1481 case SMP_CMD_PAIRING_REQ:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001482 reason = smp_cmd_pairing_req(conn, skb);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001483 break;
1484
1485 case SMP_CMD_PAIRING_FAIL:
Johan Hedberg84794e12013-11-06 11:24:57 +02001486 smp_failure(conn, 0);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001487 err = -EPERM;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001488 break;
1489
1490 case SMP_CMD_PAIRING_RSP:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001491 reason = smp_cmd_pairing_rsp(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001492 break;
1493
1494 case SMP_CMD_SECURITY_REQ:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001495 reason = smp_cmd_security_req(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001496 break;
1497
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001498 case SMP_CMD_PAIRING_CONFIRM:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001499 reason = smp_cmd_pairing_confirm(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001500 break;
1501
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001502 case SMP_CMD_PAIRING_RANDOM:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001503 reason = smp_cmd_pairing_random(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001504 break;
1505
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001506 case SMP_CMD_ENCRYPT_INFO:
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001507 reason = smp_cmd_encrypt_info(conn, skb);
1508 break;
1509
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001510 case SMP_CMD_MASTER_IDENT:
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001511 reason = smp_cmd_master_ident(conn, skb);
1512 break;
1513
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001514 case SMP_CMD_IDENT_INFO:
Johan Hedbergfd349c02014-02-18 10:19:36 +02001515 reason = smp_cmd_ident_info(conn, skb);
1516 break;
1517
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001518 case SMP_CMD_IDENT_ADDR_INFO:
Johan Hedbergfd349c02014-02-18 10:19:36 +02001519 reason = smp_cmd_ident_addr_info(conn, skb);
1520 break;
1521
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001522 case SMP_CMD_SIGN_INFO:
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001523 reason = smp_cmd_sign_info(conn, skb);
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001524 break;
1525
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001526 default:
1527 BT_DBG("Unknown command code 0x%2.2x", code);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001528 reason = SMP_CMD_NOTSUPP;
Vinicius Costa Gomes3a0259b2011-06-09 18:50:43 -03001529 goto done;
1530 }
1531
1532done:
Johan Hedberg9b7b18e2014-08-18 20:33:31 +03001533 if (!err) {
1534 if (reason)
1535 smp_failure(conn, reason);
Johan Hedberg8ae9b982014-08-11 22:06:39 +03001536 kfree_skb(skb);
Johan Hedberg9b7b18e2014-08-18 20:33:31 +03001537 }
1538
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001539 return err;
Johan Hedbergb28b4942014-09-05 22:19:55 +03001540
1541drop:
1542 BT_ERR("%s unexpected SMP command 0x%02x from %pMR", hcon->hdev->name,
1543 code, &hcon->dst);
1544 kfree_skb(skb);
1545 return 0;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001546}
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001547
Johan Hedberg70db83c2014-08-08 09:37:16 +03001548static void smp_teardown_cb(struct l2cap_chan *chan, int err)
1549{
1550 struct l2cap_conn *conn = chan->conn;
1551
1552 BT_DBG("chan %p", chan);
1553
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001554 if (chan->data)
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001555 smp_chan_destroy(conn);
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001556
Johan Hedberg70db83c2014-08-08 09:37:16 +03001557 conn->smp = NULL;
1558 l2cap_chan_put(chan);
1559}
1560
Johan Hedberg44f1a7a2014-08-11 22:06:36 +03001561static void smp_resume_cb(struct l2cap_chan *chan)
1562{
Johan Hedbergb68fda62014-08-11 22:06:40 +03001563 struct smp_chan *smp = chan->data;
Johan Hedberg44f1a7a2014-08-11 22:06:36 +03001564 struct l2cap_conn *conn = chan->conn;
1565 struct hci_conn *hcon = conn->hcon;
1566
1567 BT_DBG("chan %p", chan);
1568
Johan Hedberg86d14072014-08-11 22:06:43 +03001569 if (!smp)
1570 return;
Johan Hedbergb68fda62014-08-11 22:06:40 +03001571
Johan Hedberg84bc0db2014-09-05 22:19:49 +03001572 if (!test_bit(HCI_CONN_ENCRYPT, &hcon->flags))
1573 return;
1574
Johan Hedberg86d14072014-08-11 22:06:43 +03001575 cancel_delayed_work(&smp->security_timer);
1576
Johan Hedbergd6268e82014-09-05 22:19:51 +03001577 smp_distribute_keys(smp);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +03001578}
1579
Johan Hedberg70db83c2014-08-08 09:37:16 +03001580static void smp_ready_cb(struct l2cap_chan *chan)
1581{
1582 struct l2cap_conn *conn = chan->conn;
1583
1584 BT_DBG("chan %p", chan);
1585
1586 conn->smp = chan;
1587 l2cap_chan_hold(chan);
1588}
1589
Johan Hedberg4befb862014-08-11 22:06:38 +03001590static int smp_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
1591{
1592 int err;
1593
1594 BT_DBG("chan %p", chan);
1595
1596 err = smp_sig_channel(chan, skb);
1597 if (err) {
Johan Hedbergb68fda62014-08-11 22:06:40 +03001598 struct smp_chan *smp = chan->data;
Johan Hedberg4befb862014-08-11 22:06:38 +03001599
Johan Hedbergb68fda62014-08-11 22:06:40 +03001600 if (smp)
1601 cancel_delayed_work_sync(&smp->security_timer);
Johan Hedberg4befb862014-08-11 22:06:38 +03001602
Johan Hedberg1e91c292014-08-18 20:33:29 +03001603 hci_disconnect(chan->conn->hcon, HCI_ERROR_AUTH_FAILURE);
Johan Hedberg4befb862014-08-11 22:06:38 +03001604 }
1605
1606 return err;
1607}
1608
Johan Hedberg70db83c2014-08-08 09:37:16 +03001609static struct sk_buff *smp_alloc_skb_cb(struct l2cap_chan *chan,
1610 unsigned long hdr_len,
1611 unsigned long len, int nb)
1612{
1613 struct sk_buff *skb;
1614
1615 skb = bt_skb_alloc(hdr_len + len, GFP_KERNEL);
1616 if (!skb)
1617 return ERR_PTR(-ENOMEM);
1618
1619 skb->priority = HCI_PRIO_MAX;
1620 bt_cb(skb)->chan = chan;
1621
1622 return skb;
1623}
1624
1625static const struct l2cap_ops smp_chan_ops = {
1626 .name = "Security Manager",
1627 .ready = smp_ready_cb,
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001628 .recv = smp_recv_cb,
Johan Hedberg70db83c2014-08-08 09:37:16 +03001629 .alloc_skb = smp_alloc_skb_cb,
1630 .teardown = smp_teardown_cb,
Johan Hedberg44f1a7a2014-08-11 22:06:36 +03001631 .resume = smp_resume_cb,
Johan Hedberg70db83c2014-08-08 09:37:16 +03001632
1633 .new_connection = l2cap_chan_no_new_connection,
Johan Hedberg70db83c2014-08-08 09:37:16 +03001634 .state_change = l2cap_chan_no_state_change,
1635 .close = l2cap_chan_no_close,
1636 .defer = l2cap_chan_no_defer,
1637 .suspend = l2cap_chan_no_suspend,
Johan Hedberg70db83c2014-08-08 09:37:16 +03001638 .set_shutdown = l2cap_chan_no_set_shutdown,
1639 .get_sndtimeo = l2cap_chan_no_get_sndtimeo,
1640 .memcpy_fromiovec = l2cap_chan_no_memcpy_fromiovec,
1641};
1642
1643static inline struct l2cap_chan *smp_new_conn_cb(struct l2cap_chan *pchan)
1644{
1645 struct l2cap_chan *chan;
1646
1647 BT_DBG("pchan %p", pchan);
1648
1649 chan = l2cap_chan_create();
1650 if (!chan)
1651 return NULL;
1652
1653 chan->chan_type = pchan->chan_type;
1654 chan->ops = &smp_chan_ops;
1655 chan->scid = pchan->scid;
1656 chan->dcid = chan->scid;
1657 chan->imtu = pchan->imtu;
1658 chan->omtu = pchan->omtu;
1659 chan->mode = pchan->mode;
1660
Johan Hedbergabe84902014-11-12 22:22:21 +02001661 /* Other L2CAP channels may request SMP routines in order to
1662 * change the security level. This means that the SMP channel
1663 * lock must be considered in its own category to avoid lockdep
1664 * warnings.
1665 */
1666 atomic_set(&chan->nesting, L2CAP_NESTING_SMP);
1667
Johan Hedberg70db83c2014-08-08 09:37:16 +03001668 BT_DBG("created chan %p", chan);
1669
1670 return chan;
1671}
1672
1673static const struct l2cap_ops smp_root_chan_ops = {
1674 .name = "Security Manager Root",
1675 .new_connection = smp_new_conn_cb,
1676
1677 /* None of these are implemented for the root channel */
1678 .close = l2cap_chan_no_close,
1679 .alloc_skb = l2cap_chan_no_alloc_skb,
1680 .recv = l2cap_chan_no_recv,
1681 .state_change = l2cap_chan_no_state_change,
1682 .teardown = l2cap_chan_no_teardown,
1683 .ready = l2cap_chan_no_ready,
1684 .defer = l2cap_chan_no_defer,
1685 .suspend = l2cap_chan_no_suspend,
1686 .resume = l2cap_chan_no_resume,
1687 .set_shutdown = l2cap_chan_no_set_shutdown,
1688 .get_sndtimeo = l2cap_chan_no_get_sndtimeo,
1689 .memcpy_fromiovec = l2cap_chan_no_memcpy_fromiovec,
1690};
1691
Johan Hedberg711eafe2014-08-08 09:32:52 +03001692int smp_register(struct hci_dev *hdev)
1693{
Johan Hedberg70db83c2014-08-08 09:37:16 +03001694 struct l2cap_chan *chan;
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001695 struct crypto_blkcipher *tfm_aes;
Johan Hedberg70db83c2014-08-08 09:37:16 +03001696
Johan Hedberg711eafe2014-08-08 09:32:52 +03001697 BT_DBG("%s", hdev->name);
1698
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001699 tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
1700 if (IS_ERR(tfm_aes)) {
1701 int err = PTR_ERR(tfm_aes);
Johan Hedberg711eafe2014-08-08 09:32:52 +03001702 BT_ERR("Unable to create crypto context");
Johan Hedberg711eafe2014-08-08 09:32:52 +03001703 return err;
1704 }
1705
Johan Hedberg70db83c2014-08-08 09:37:16 +03001706 chan = l2cap_chan_create();
1707 if (!chan) {
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001708 crypto_free_blkcipher(tfm_aes);
Johan Hedberg70db83c2014-08-08 09:37:16 +03001709 return -ENOMEM;
1710 }
1711
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001712 chan->data = tfm_aes;
1713
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001714 l2cap_add_scid(chan, L2CAP_CID_SMP);
Johan Hedberg70db83c2014-08-08 09:37:16 +03001715
1716 l2cap_chan_set_defaults(chan);
1717
1718 bacpy(&chan->src, &hdev->bdaddr);
1719 chan->src_type = BDADDR_LE_PUBLIC;
1720 chan->state = BT_LISTEN;
1721 chan->mode = L2CAP_MODE_BASIC;
1722 chan->imtu = L2CAP_DEFAULT_MTU;
1723 chan->ops = &smp_root_chan_ops;
1724
Johan Hedbergabe84902014-11-12 22:22:21 +02001725 /* Set correct nesting level for a parent/listening channel */
1726 atomic_set(&chan->nesting, L2CAP_NESTING_PARENT);
1727
Johan Hedberg70db83c2014-08-08 09:37:16 +03001728 hdev->smp_data = chan;
1729
Johan Hedberg711eafe2014-08-08 09:32:52 +03001730 return 0;
1731}
1732
1733void smp_unregister(struct hci_dev *hdev)
1734{
Johan Hedberg70db83c2014-08-08 09:37:16 +03001735 struct l2cap_chan *chan = hdev->smp_data;
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001736 struct crypto_blkcipher *tfm_aes;
Johan Hedberg70db83c2014-08-08 09:37:16 +03001737
1738 if (!chan)
1739 return;
1740
1741 BT_DBG("%s chan %p", hdev->name, chan);
Johan Hedberg711eafe2014-08-08 09:32:52 +03001742
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001743 tfm_aes = chan->data;
1744 if (tfm_aes) {
1745 chan->data = NULL;
1746 crypto_free_blkcipher(tfm_aes);
Johan Hedberg711eafe2014-08-08 09:32:52 +03001747 }
Johan Hedberg70db83c2014-08-08 09:37:16 +03001748
1749 hdev->smp_data = NULL;
1750 l2cap_chan_put(chan);
Johan Hedberg711eafe2014-08-08 09:32:52 +03001751}