blob: ef8f96d2c0590ff640799e4923a9e4fd96aa923d [file] [log] [blame]
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
Gustavo Padovan8c520a52012-05-23 04:04:22 -030023#include <linux/crypto.h>
24#include <linux/scatterlist.h>
25#include <crypto/b128ops.h>
26
Anderson Brigliaeb492e02011-06-09 18:50:40 -030027#include <net/bluetooth/bluetooth.h>
28#include <net/bluetooth/hci_core.h>
29#include <net/bluetooth/l2cap.h>
Brian Gix2b64d152011-12-21 16:12:12 -080030#include <net/bluetooth/mgmt.h>
Marcel Holtmannac4b7232013-10-10 14:54:16 -070031
32#include "smp.h"
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030033
Johan Hedbergb28b4942014-09-05 22:19:55 +030034#define SMP_ALLOW_CMD(smp, code) set_bit(code, &smp->allow_cmd)
35#define SMP_DISALLOW_CMD(smp, code) clear_bit(code, &smp->allow_cmd)
36
Marcel Holtmann17b02e62012-03-01 14:32:37 -080037#define SMP_TIMEOUT msecs_to_jiffies(30000)
Vinicius Costa Gomes5d3de7d2011-06-14 13:37:41 -030038
Johan Hedberg065a13e2012-10-11 16:26:06 +020039#define AUTH_REQ_MASK 0x07
Johan Hedberg88d3a8a2014-09-05 22:19:53 +030040#define KEY_DIST_MASK 0x07
Johan Hedberg065a13e2012-10-11 16:26:06 +020041
Johan Hedberg533e35d2014-06-16 19:25:18 +030042enum {
43 SMP_FLAG_TK_VALID,
44 SMP_FLAG_CFM_PENDING,
45 SMP_FLAG_MITM_AUTH,
46 SMP_FLAG_COMPLETE,
47 SMP_FLAG_INITIATOR,
48};
Johan Hedberg4bc58f52014-05-20 09:45:47 +030049
50struct smp_chan {
Johan Hedbergb68fda62014-08-11 22:06:40 +030051 struct l2cap_conn *conn;
52 struct delayed_work security_timer;
Johan Hedbergb28b4942014-09-05 22:19:55 +030053 unsigned long allow_cmd; /* Bitmask of allowed commands */
Johan Hedbergb68fda62014-08-11 22:06:40 +030054
Johan Hedberg4bc58f52014-05-20 09:45:47 +030055 u8 preq[7]; /* SMP Pairing Request */
56 u8 prsp[7]; /* SMP Pairing Response */
57 u8 prnd[16]; /* SMP Pairing Random (local) */
58 u8 rrnd[16]; /* SMP Pairing Random (remote) */
59 u8 pcnf[16]; /* SMP Pairing Confirm */
60 u8 tk[16]; /* SMP Temporary Key */
61 u8 enc_key_size;
62 u8 remote_key_dist;
63 bdaddr_t id_addr;
64 u8 id_addr_type;
65 u8 irk[16];
66 struct smp_csrk *csrk;
67 struct smp_csrk *slave_csrk;
68 struct smp_ltk *ltk;
69 struct smp_ltk *slave_ltk;
70 struct smp_irk *remote_irk;
Johan Hedberg4a74d652014-05-20 09:45:50 +030071 unsigned long flags;
Johan Hedberg6a7bd102014-06-27 14:23:03 +030072
73 struct crypto_blkcipher *tfm_aes;
Johan Hedberg4bc58f52014-05-20 09:45:47 +030074};
75
Johan Hedberg8a2936f2014-06-16 19:25:19 +030076static inline void swap_buf(const u8 *src, u8 *dst, size_t len)
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030077{
Johan Hedberg8a2936f2014-06-16 19:25:19 +030078 size_t i;
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030079
Johan Hedberg8a2936f2014-06-16 19:25:19 +030080 for (i = 0; i < len; i++)
81 dst[len - 1 - i] = src[i];
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030082}
83
84static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
85{
86 struct blkcipher_desc desc;
87 struct scatterlist sg;
Johan Hedberg943a7322014-03-18 12:58:24 +020088 uint8_t tmp[16], data[16];
Johan Hedberg201a5922013-12-02 10:49:04 +020089 int err;
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030090
91 if (tfm == NULL) {
92 BT_ERR("tfm %p", tfm);
93 return -EINVAL;
94 }
95
96 desc.tfm = tfm;
97 desc.flags = 0;
98
Johan Hedberg943a7322014-03-18 12:58:24 +020099 /* The most significant octet of key corresponds to k[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300100 swap_buf(k, tmp, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200101
102 err = crypto_blkcipher_setkey(tfm, tmp, 16);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300103 if (err) {
104 BT_ERR("cipher setkey failed: %d", err);
105 return err;
106 }
107
Johan Hedberg943a7322014-03-18 12:58:24 +0200108 /* Most significant octet of plaintextData corresponds to data[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300109 swap_buf(r, data, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200110
111 sg_init_one(&sg, data, 16);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300112
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300113 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
114 if (err)
115 BT_ERR("Encrypt data error %d", err);
116
Johan Hedberg943a7322014-03-18 12:58:24 +0200117 /* Most significant octet of encryptedData corresponds to data[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300118 swap_buf(data, r, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200119
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300120 return err;
121}
122
Johan Hedberg60478052014-02-18 10:19:31 +0200123static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
124{
Johan Hedberg943a7322014-03-18 12:58:24 +0200125 u8 _res[16];
Johan Hedberg60478052014-02-18 10:19:31 +0200126 int err;
127
128 /* r' = padding || r */
Johan Hedberg943a7322014-03-18 12:58:24 +0200129 memcpy(_res, r, 3);
130 memset(_res + 3, 0, 13);
Johan Hedberg60478052014-02-18 10:19:31 +0200131
Johan Hedberg943a7322014-03-18 12:58:24 +0200132 err = smp_e(tfm, irk, _res);
Johan Hedberg60478052014-02-18 10:19:31 +0200133 if (err) {
134 BT_ERR("Encrypt error");
135 return err;
136 }
137
138 /* The output of the random address function ah is:
139 * ah(h, r) = e(k, r') mod 2^24
140 * The output of the security function e is then truncated to 24 bits
141 * by taking the least significant 24 bits of the output of e as the
142 * result of ah.
143 */
Johan Hedberg943a7322014-03-18 12:58:24 +0200144 memcpy(res, _res, 3);
Johan Hedberg60478052014-02-18 10:19:31 +0200145
146 return 0;
147}
148
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300149bool smp_irk_matches(struct hci_dev *hdev, u8 irk[16], bdaddr_t *bdaddr)
Johan Hedberg60478052014-02-18 10:19:31 +0200150{
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300151 struct l2cap_chan *chan = hdev->smp_data;
152 struct crypto_blkcipher *tfm;
Johan Hedberg60478052014-02-18 10:19:31 +0200153 u8 hash[3];
154 int err;
155
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300156 if (!chan || !chan->data)
157 return false;
158
159 tfm = chan->data;
160
Johan Hedberg60478052014-02-18 10:19:31 +0200161 BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk);
162
163 err = smp_ah(tfm, irk, &bdaddr->b[3], hash);
164 if (err)
165 return false;
166
167 return !memcmp(bdaddr->b, hash, 3);
168}
169
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300170int smp_generate_rpa(struct hci_dev *hdev, u8 irk[16], bdaddr_t *rpa)
Johan Hedbergb1e2b3a2014-02-23 19:42:19 +0200171{
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300172 struct l2cap_chan *chan = hdev->smp_data;
173 struct crypto_blkcipher *tfm;
Johan Hedbergb1e2b3a2014-02-23 19:42:19 +0200174 int err;
175
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300176 if (!chan || !chan->data)
177 return -EOPNOTSUPP;
178
179 tfm = chan->data;
180
Johan Hedbergb1e2b3a2014-02-23 19:42:19 +0200181 get_random_bytes(&rpa->b[3], 3);
182
183 rpa->b[5] &= 0x3f; /* Clear two most significant bits */
184 rpa->b[5] |= 0x40; /* Set second most significant bit */
185
186 err = smp_ah(tfm, irk, &rpa->b[3], rpa->b);
187 if (err < 0)
188 return err;
189
190 BT_DBG("RPA %pMR", rpa);
191
192 return 0;
193}
194
Johan Hedbergec70f362014-06-27 14:23:04 +0300195static int smp_c1(struct smp_chan *smp, u8 k[16], u8 r[16], u8 preq[7],
196 u8 pres[7], u8 _iat, bdaddr_t *ia, u8 _rat, bdaddr_t *ra,
197 u8 res[16])
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300198{
Johan Hedbergec70f362014-06-27 14:23:04 +0300199 struct hci_dev *hdev = smp->conn->hcon->hdev;
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300200 u8 p1[16], p2[16];
201 int err;
202
Johan Hedbergec70f362014-06-27 14:23:04 +0300203 BT_DBG("%s", hdev->name);
204
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300205 memset(p1, 0, 16);
206
207 /* p1 = pres || preq || _rat || _iat */
Johan Hedberg943a7322014-03-18 12:58:24 +0200208 p1[0] = _iat;
209 p1[1] = _rat;
210 memcpy(p1 + 2, preq, 7);
211 memcpy(p1 + 9, pres, 7);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300212
213 /* p2 = padding || ia || ra */
Johan Hedberg943a7322014-03-18 12:58:24 +0200214 memcpy(p2, ra, 6);
215 memcpy(p2 + 6, ia, 6);
216 memset(p2 + 12, 0, 4);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300217
218 /* res = r XOR p1 */
219 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
220
221 /* res = e(k, res) */
Johan Hedbergec70f362014-06-27 14:23:04 +0300222 err = smp_e(smp->tfm_aes, k, res);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300223 if (err) {
224 BT_ERR("Encrypt data error");
225 return err;
226 }
227
228 /* res = res XOR p2 */
229 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
230
231 /* res = e(k, res) */
Johan Hedbergec70f362014-06-27 14:23:04 +0300232 err = smp_e(smp->tfm_aes, k, res);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300233 if (err)
234 BT_ERR("Encrypt data error");
235
236 return err;
237}
238
Johan Hedbergec70f362014-06-27 14:23:04 +0300239static int smp_s1(struct smp_chan *smp, u8 k[16], u8 r1[16], u8 r2[16],
240 u8 _r[16])
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300241{
Johan Hedbergec70f362014-06-27 14:23:04 +0300242 struct hci_dev *hdev = smp->conn->hcon->hdev;
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300243 int err;
244
Johan Hedbergec70f362014-06-27 14:23:04 +0300245 BT_DBG("%s", hdev->name);
246
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300247 /* Just least significant octets from r1 and r2 are considered */
Johan Hedberg943a7322014-03-18 12:58:24 +0200248 memcpy(_r, r2, 8);
249 memcpy(_r + 8, r1, 8);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300250
Johan Hedbergec70f362014-06-27 14:23:04 +0300251 err = smp_e(smp->tfm_aes, k, _r);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300252 if (err)
253 BT_ERR("Encrypt data error");
254
255 return err;
256}
257
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300258static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
259{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300260 struct l2cap_chan *chan = conn->smp;
Johan Hedbergb68fda62014-08-11 22:06:40 +0300261 struct smp_chan *smp;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300262 struct kvec iv[2];
263 struct msghdr msg;
264
265 if (!chan)
266 return;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300267
268 BT_DBG("code 0x%2.2x", code);
269
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300270 iv[0].iov_base = &code;
271 iv[0].iov_len = 1;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300272
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300273 iv[1].iov_base = data;
274 iv[1].iov_len = len;
275
276 memset(&msg, 0, sizeof(msg));
277
278 msg.msg_iov = (struct iovec *) &iv;
279 msg.msg_iovlen = 2;
280
281 l2cap_chan_send(chan, &msg, 1 + len);
Vinicius Costa Gomese2dcd112011-08-19 21:06:50 -0300282
Johan Hedbergb68fda62014-08-11 22:06:40 +0300283 if (!chan->data)
284 return;
285
286 smp = chan->data;
287
288 cancel_delayed_work_sync(&smp->security_timer);
Johan Hedberg1b0921d2014-09-05 22:19:48 +0300289 schedule_delayed_work(&smp->security_timer, SMP_TIMEOUT);
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300290}
291
Brian Gix2b64d152011-12-21 16:12:12 -0800292static __u8 authreq_to_seclevel(__u8 authreq)
293{
294 if (authreq & SMP_AUTH_MITM)
295 return BT_SECURITY_HIGH;
296 else
297 return BT_SECURITY_MEDIUM;
298}
299
300static __u8 seclevel_to_authreq(__u8 sec_level)
301{
302 switch (sec_level) {
303 case BT_SECURITY_HIGH:
304 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
305 case BT_SECURITY_MEDIUM:
306 return SMP_AUTH_BONDING;
307 default:
308 return SMP_AUTH_NONE;
309 }
310}
311
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300312static void build_pairing_cmd(struct l2cap_conn *conn,
Marcel Holtmannf1560462013-10-13 05:43:25 -0700313 struct smp_cmd_pairing *req,
314 struct smp_cmd_pairing *rsp, __u8 authreq)
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300315{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300316 struct l2cap_chan *chan = conn->smp;
317 struct smp_chan *smp = chan->data;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200318 struct hci_conn *hcon = conn->hcon;
319 struct hci_dev *hdev = hcon->hdev;
320 u8 local_dist = 0, remote_dist = 0;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300321
Johan Hedbergb6ae8452014-07-30 09:22:22 +0300322 if (test_bit(HCI_BONDABLE, &conn->hcon->hdev->dev_flags)) {
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -0700323 local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
324 remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300325 authreq |= SMP_AUTH_BONDING;
Brian Gix2b64d152011-12-21 16:12:12 -0800326 } else {
327 authreq &= ~SMP_AUTH_BONDING;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300328 }
329
Johan Hedbergfd349c02014-02-18 10:19:36 +0200330 if (test_bit(HCI_RPA_RESOLVING, &hdev->dev_flags))
331 remote_dist |= SMP_DIST_ID_KEY;
332
Johan Hedberg863efaf2014-02-22 19:06:32 +0200333 if (test_bit(HCI_PRIVACY, &hdev->dev_flags))
334 local_dist |= SMP_DIST_ID_KEY;
335
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300336 if (rsp == NULL) {
337 req->io_capability = conn->hcon->io_capability;
338 req->oob_flag = SMP_OOB_NOT_PRESENT;
339 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200340 req->init_key_dist = local_dist;
341 req->resp_key_dist = remote_dist;
Johan Hedberg065a13e2012-10-11 16:26:06 +0200342 req->auth_req = (authreq & AUTH_REQ_MASK);
Johan Hedbergfd349c02014-02-18 10:19:36 +0200343
344 smp->remote_key_dist = remote_dist;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300345 return;
346 }
347
348 rsp->io_capability = conn->hcon->io_capability;
349 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
350 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200351 rsp->init_key_dist = req->init_key_dist & remote_dist;
352 rsp->resp_key_dist = req->resp_key_dist & local_dist;
Johan Hedberg065a13e2012-10-11 16:26:06 +0200353 rsp->auth_req = (authreq & AUTH_REQ_MASK);
Johan Hedbergfd349c02014-02-18 10:19:36 +0200354
355 smp->remote_key_dist = rsp->init_key_dist;
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300356}
357
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300358static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
359{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300360 struct l2cap_chan *chan = conn->smp;
361 struct smp_chan *smp = chan->data;
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300362
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300363 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
Marcel Holtmannf1560462013-10-13 05:43:25 -0700364 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300365 return SMP_ENC_KEY_SIZE;
366
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300367 smp->enc_key_size = max_key_size;
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300368
369 return 0;
370}
371
Johan Hedberg6f48e262014-08-11 22:06:44 +0300372static void smp_chan_destroy(struct l2cap_conn *conn)
373{
374 struct l2cap_chan *chan = conn->smp;
375 struct smp_chan *smp = chan->data;
376 bool complete;
377
378 BUG_ON(!smp);
379
380 cancel_delayed_work_sync(&smp->security_timer);
Johan Hedberg6f48e262014-08-11 22:06:44 +0300381
Johan Hedberg6f48e262014-08-11 22:06:44 +0300382 complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
383 mgmt_smp_complete(conn->hcon, complete);
384
385 kfree(smp->csrk);
386 kfree(smp->slave_csrk);
387
388 crypto_free_blkcipher(smp->tfm_aes);
389
390 /* If pairing failed clean up any keys we might have */
391 if (!complete) {
392 if (smp->ltk) {
393 list_del(&smp->ltk->list);
394 kfree(smp->ltk);
395 }
396
397 if (smp->slave_ltk) {
398 list_del(&smp->slave_ltk->list);
399 kfree(smp->slave_ltk);
400 }
401
402 if (smp->remote_irk) {
403 list_del(&smp->remote_irk->list);
404 kfree(smp->remote_irk);
405 }
406 }
407
408 chan->data = NULL;
409 kfree(smp);
410 hci_conn_drop(conn->hcon);
411}
412
Johan Hedberg84794e12013-11-06 11:24:57 +0200413static void smp_failure(struct l2cap_conn *conn, u8 reason)
Brian Gix4f957a72011-11-23 08:28:36 -0800414{
Johan Hedbergbab73cb2012-02-09 16:07:29 +0200415 struct hci_conn *hcon = conn->hcon;
Johan Hedbergb68fda62014-08-11 22:06:40 +0300416 struct l2cap_chan *chan = conn->smp;
Johan Hedbergbab73cb2012-02-09 16:07:29 +0200417
Johan Hedberg84794e12013-11-06 11:24:57 +0200418 if (reason)
Brian Gix4f957a72011-11-23 08:28:36 -0800419 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
Marcel Holtmannf1560462013-10-13 05:43:25 -0700420 &reason);
Brian Gix4f957a72011-11-23 08:28:36 -0800421
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700422 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
Johan Hedberge1e930f2014-09-08 17:09:49 -0700423 mgmt_auth_failed(hcon, HCI_ERROR_AUTH_FAILURE);
Vinicius Costa Gomesf1c09c02012-02-01 18:27:56 -0300424
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300425 if (chan->data)
Vinicius Costa Gomesf1c09c02012-02-01 18:27:56 -0300426 smp_chan_destroy(conn);
Brian Gix4f957a72011-11-23 08:28:36 -0800427}
428
Brian Gix2b64d152011-12-21 16:12:12 -0800429#define JUST_WORKS 0x00
430#define JUST_CFM 0x01
431#define REQ_PASSKEY 0x02
432#define CFM_PASSKEY 0x03
433#define REQ_OOB 0x04
434#define OVERLAP 0xFF
435
436static const u8 gen_method[5][5] = {
437 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
438 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
439 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
440 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
441 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
442};
443
Johan Hedberg581370c2014-06-17 13:07:38 +0300444static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
445{
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300446 /* If either side has unknown io_caps, use JUST_CFM (which gets
447 * converted later to JUST_WORKS if we're initiators.
448 */
Johan Hedberg581370c2014-06-17 13:07:38 +0300449 if (local_io > SMP_IO_KEYBOARD_DISPLAY ||
450 remote_io > SMP_IO_KEYBOARD_DISPLAY)
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300451 return JUST_CFM;
Johan Hedberg581370c2014-06-17 13:07:38 +0300452
453 return gen_method[remote_io][local_io];
454}
455
Brian Gix2b64d152011-12-21 16:12:12 -0800456static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
457 u8 local_io, u8 remote_io)
458{
459 struct hci_conn *hcon = conn->hcon;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300460 struct l2cap_chan *chan = conn->smp;
461 struct smp_chan *smp = chan->data;
Brian Gix2b64d152011-12-21 16:12:12 -0800462 u8 method;
463 u32 passkey = 0;
464 int ret = 0;
465
466 /* Initialize key for JUST WORKS */
467 memset(smp->tk, 0, sizeof(smp->tk));
Johan Hedberg4a74d652014-05-20 09:45:50 +0300468 clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800469
470 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
471
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300472 /* If neither side wants MITM, either "just" confirm an incoming
473 * request or use just-works for outgoing ones. The JUST_CFM
474 * will be converted to JUST_WORKS if necessary later in this
475 * function. If either side has MITM look up the method from the
476 * table.
477 */
Johan Hedberg581370c2014-06-17 13:07:38 +0300478 if (!(auth & SMP_AUTH_MITM))
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300479 method = JUST_CFM;
Brian Gix2b64d152011-12-21 16:12:12 -0800480 else
Johan Hedberg581370c2014-06-17 13:07:38 +0300481 method = get_auth_method(smp, local_io, remote_io);
Brian Gix2b64d152011-12-21 16:12:12 -0800482
Johan Hedberga82505c2014-03-24 14:39:07 +0200483 /* Don't confirm locally initiated pairing attempts */
Johan Hedberg4a74d652014-05-20 09:45:50 +0300484 if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags))
Johan Hedberga82505c2014-03-24 14:39:07 +0200485 method = JUST_WORKS;
486
Johan Hedberg02f3e252014-07-16 15:09:13 +0300487 /* Don't bother user space with no IO capabilities */
488 if (method == JUST_CFM && hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
489 method = JUST_WORKS;
490
Brian Gix2b64d152011-12-21 16:12:12 -0800491 /* If Just Works, Continue with Zero TK */
492 if (method == JUST_WORKS) {
Johan Hedberg4a74d652014-05-20 09:45:50 +0300493 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800494 return 0;
495 }
496
497 /* Not Just Works/Confirm results in MITM Authentication */
498 if (method != JUST_CFM)
Johan Hedberg4a74d652014-05-20 09:45:50 +0300499 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800500
501 /* If both devices have Keyoard-Display I/O, the master
502 * Confirms and the slave Enters the passkey.
503 */
504 if (method == OVERLAP) {
Johan Hedberg40bef302014-07-16 11:42:27 +0300505 if (hcon->role == HCI_ROLE_MASTER)
Brian Gix2b64d152011-12-21 16:12:12 -0800506 method = CFM_PASSKEY;
507 else
508 method = REQ_PASSKEY;
509 }
510
Johan Hedberg01ad34d2014-03-19 14:14:53 +0200511 /* Generate random passkey. */
Brian Gix2b64d152011-12-21 16:12:12 -0800512 if (method == CFM_PASSKEY) {
Johan Hedberg943a7322014-03-18 12:58:24 +0200513 memset(smp->tk, 0, sizeof(smp->tk));
Brian Gix2b64d152011-12-21 16:12:12 -0800514 get_random_bytes(&passkey, sizeof(passkey));
515 passkey %= 1000000;
Johan Hedberg943a7322014-03-18 12:58:24 +0200516 put_unaligned_le32(passkey, smp->tk);
Brian Gix2b64d152011-12-21 16:12:12 -0800517 BT_DBG("PassKey: %d", passkey);
Johan Hedberg4a74d652014-05-20 09:45:50 +0300518 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800519 }
520
521 hci_dev_lock(hcon->hdev);
522
523 if (method == REQ_PASSKEY)
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700524 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
Johan Hedberg272d90d2012-02-09 15:26:12 +0200525 hcon->type, hcon->dst_type);
Johan Hedberg4eb65e62014-03-24 14:39:05 +0200526 else if (method == JUST_CFM)
527 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
528 hcon->type, hcon->dst_type,
529 passkey, 1);
Brian Gix2b64d152011-12-21 16:12:12 -0800530 else
Johan Hedberg01ad34d2014-03-19 14:14:53 +0200531 ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst,
Johan Hedberg272d90d2012-02-09 15:26:12 +0200532 hcon->type, hcon->dst_type,
Johan Hedberg39adbff2014-03-20 08:18:14 +0200533 passkey, 0);
Brian Gix2b64d152011-12-21 16:12:12 -0800534
535 hci_dev_unlock(hcon->hdev);
536
537 return ret;
538}
539
Johan Hedberg1cc61142014-05-20 09:45:52 +0300540static u8 smp_confirm(struct smp_chan *smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300541{
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300542 struct l2cap_conn *conn = smp->conn;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300543 struct smp_cmd_pairing_confirm cp;
544 int ret;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300545
546 BT_DBG("conn %p", conn);
547
Johan Hedbergec70f362014-06-27 14:23:04 +0300548 ret = smp_c1(smp, smp->tk, smp->prnd, smp->preq, smp->prsp,
Johan Hedbergb1cd5fd2014-02-28 12:54:17 +0200549 conn->hcon->init_addr_type, &conn->hcon->init_addr,
Johan Hedberg943a7322014-03-18 12:58:24 +0200550 conn->hcon->resp_addr_type, &conn->hcon->resp_addr,
551 cp.confirm_val);
Johan Hedberg1cc61142014-05-20 09:45:52 +0300552 if (ret)
553 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300554
Johan Hedberg4a74d652014-05-20 09:45:50 +0300555 clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800556
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300557 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
558
Johan Hedbergb28b4942014-09-05 22:19:55 +0300559 if (conn->hcon->out)
560 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
561 else
562 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
563
Johan Hedberg1cc61142014-05-20 09:45:52 +0300564 return 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300565}
566
Johan Hedberg861580a2014-05-20 09:45:51 +0300567static u8 smp_random(struct smp_chan *smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300568{
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300569 struct l2cap_conn *conn = smp->conn;
570 struct hci_conn *hcon = conn->hcon;
Johan Hedberg861580a2014-05-20 09:45:51 +0300571 u8 confirm[16];
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300572 int ret;
573
Johan Hedbergec70f362014-06-27 14:23:04 +0300574 if (IS_ERR_OR_NULL(smp->tfm_aes))
Johan Hedberg861580a2014-05-20 09:45:51 +0300575 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300576
577 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
578
Johan Hedbergec70f362014-06-27 14:23:04 +0300579 ret = smp_c1(smp, smp->tk, smp->rrnd, smp->preq, smp->prsp,
Johan Hedbergb1cd5fd2014-02-28 12:54:17 +0200580 hcon->init_addr_type, &hcon->init_addr,
Johan Hedberg943a7322014-03-18 12:58:24 +0200581 hcon->resp_addr_type, &hcon->resp_addr, confirm);
Johan Hedberg861580a2014-05-20 09:45:51 +0300582 if (ret)
583 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300584
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300585 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
586 BT_ERR("Pairing failed (confirmation values mismatch)");
Johan Hedberg861580a2014-05-20 09:45:51 +0300587 return SMP_CONFIRM_FAILED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300588 }
589
590 if (hcon->out) {
Marcel Holtmannfe39c7b2014-02-27 16:00:28 -0800591 u8 stk[16];
592 __le64 rand = 0;
593 __le16 ediv = 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300594
Johan Hedbergec70f362014-06-27 14:23:04 +0300595 smp_s1(smp, smp->tk, smp->rrnd, smp->prnd, stk);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300596
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300597 memset(stk + smp->enc_key_size, 0,
Gustavo F. Padovan04124682012-03-08 01:25:00 -0300598 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300599
Johan Hedberg861580a2014-05-20 09:45:51 +0300600 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
601 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300602
603 hci_le_start_enc(hcon, ediv, rand, stk);
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300604 hcon->enc_key_size = smp->enc_key_size;
Johan Hedbergfe59a052014-07-01 19:14:12 +0300605 set_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300606 } else {
Johan Hedbergfff34902014-06-10 15:19:50 +0300607 u8 stk[16], auth;
Marcel Holtmannfe39c7b2014-02-27 16:00:28 -0800608 __le64 rand = 0;
609 __le16 ediv = 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300610
Johan Hedberg943a7322014-03-18 12:58:24 +0200611 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
612 smp->prnd);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300613
Johan Hedbergec70f362014-06-27 14:23:04 +0300614 smp_s1(smp, smp->tk, smp->prnd, smp->rrnd, stk);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300615
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300616 memset(stk + smp->enc_key_size, 0,
Marcel Holtmannf1560462013-10-13 05:43:25 -0700617 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300618
Johan Hedbergfff34902014-06-10 15:19:50 +0300619 if (hcon->pending_sec_level == BT_SECURITY_HIGH)
620 auth = 1;
621 else
622 auth = 0;
623
Johan Hedberg7d5843b2014-06-16 19:25:15 +0300624 /* Even though there's no _SLAVE suffix this is the
625 * slave STK we're adding for later lookup (the master
626 * STK never needs to be stored).
627 */
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700628 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
Johan Hedberg2ceba532014-06-16 19:25:16 +0300629 SMP_STK, auth, stk, smp->enc_key_size, ediv, rand);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300630 }
631
Johan Hedberg861580a2014-05-20 09:45:51 +0300632 return 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300633}
634
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300635static void smp_notify_keys(struct l2cap_conn *conn)
636{
637 struct l2cap_chan *chan = conn->smp;
638 struct smp_chan *smp = chan->data;
639 struct hci_conn *hcon = conn->hcon;
640 struct hci_dev *hdev = hcon->hdev;
641 struct smp_cmd_pairing *req = (void *) &smp->preq[1];
642 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
643 bool persistent;
644
645 if (smp->remote_irk) {
646 mgmt_new_irk(hdev, smp->remote_irk);
647 /* Now that user space can be considered to know the
648 * identity address track the connection based on it
649 * from now on.
650 */
651 bacpy(&hcon->dst, &smp->remote_irk->bdaddr);
652 hcon->dst_type = smp->remote_irk->addr_type;
Johan Hedbergf3d82d02014-09-05 22:19:50 +0300653 queue_work(hdev->workqueue, &conn->id_addr_update_work);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300654
655 /* When receiving an indentity resolving key for
656 * a remote device that does not use a resolvable
657 * private address, just remove the key so that
658 * it is possible to use the controller white
659 * list for scanning.
660 *
661 * Userspace will have been told to not store
662 * this key at this point. So it is safe to
663 * just remove it.
664 */
665 if (!bacmp(&smp->remote_irk->rpa, BDADDR_ANY)) {
666 list_del(&smp->remote_irk->list);
667 kfree(smp->remote_irk);
668 smp->remote_irk = NULL;
669 }
670 }
671
672 /* The LTKs and CSRKs should be persistent only if both sides
673 * had the bonding bit set in their authentication requests.
674 */
675 persistent = !!((req->auth_req & rsp->auth_req) & SMP_AUTH_BONDING);
676
677 if (smp->csrk) {
678 smp->csrk->bdaddr_type = hcon->dst_type;
679 bacpy(&smp->csrk->bdaddr, &hcon->dst);
680 mgmt_new_csrk(hdev, smp->csrk, persistent);
681 }
682
683 if (smp->slave_csrk) {
684 smp->slave_csrk->bdaddr_type = hcon->dst_type;
685 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst);
686 mgmt_new_csrk(hdev, smp->slave_csrk, persistent);
687 }
688
689 if (smp->ltk) {
690 smp->ltk->bdaddr_type = hcon->dst_type;
691 bacpy(&smp->ltk->bdaddr, &hcon->dst);
692 mgmt_new_ltk(hdev, smp->ltk, persistent);
693 }
694
695 if (smp->slave_ltk) {
696 smp->slave_ltk->bdaddr_type = hcon->dst_type;
697 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
698 mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
699 }
700}
701
Johan Hedbergb28b4942014-09-05 22:19:55 +0300702static void smp_allow_key_dist(struct smp_chan *smp)
703{
704 /* Allow the first expected phase 3 PDU. The rest of the PDUs
705 * will be allowed in each PDU handler to ensure we receive
706 * them in the correct order.
707 */
708 if (smp->remote_key_dist & SMP_DIST_ENC_KEY)
709 SMP_ALLOW_CMD(smp, SMP_CMD_ENCRYPT_INFO);
710 else if (smp->remote_key_dist & SMP_DIST_ID_KEY)
711 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
712 else if (smp->remote_key_dist & SMP_DIST_SIGN)
713 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
714}
715
Johan Hedbergd6268e82014-09-05 22:19:51 +0300716static void smp_distribute_keys(struct smp_chan *smp)
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300717{
718 struct smp_cmd_pairing *req, *rsp;
Johan Hedberg86d14072014-08-11 22:06:43 +0300719 struct l2cap_conn *conn = smp->conn;
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300720 struct hci_conn *hcon = conn->hcon;
721 struct hci_dev *hdev = hcon->hdev;
722 __u8 *keydist;
723
724 BT_DBG("conn %p", conn);
725
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300726 rsp = (void *) &smp->prsp[1];
727
728 /* The responder sends its keys first */
Johan Hedbergb28b4942014-09-05 22:19:55 +0300729 if (hcon->out && (smp->remote_key_dist & KEY_DIST_MASK)) {
730 smp_allow_key_dist(smp);
Johan Hedberg86d14072014-08-11 22:06:43 +0300731 return;
Johan Hedbergb28b4942014-09-05 22:19:55 +0300732 }
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300733
734 req = (void *) &smp->preq[1];
735
736 if (hcon->out) {
737 keydist = &rsp->init_key_dist;
738 *keydist &= req->init_key_dist;
739 } else {
740 keydist = &rsp->resp_key_dist;
741 *keydist &= req->resp_key_dist;
742 }
743
744 BT_DBG("keydist 0x%x", *keydist);
745
746 if (*keydist & SMP_DIST_ENC_KEY) {
747 struct smp_cmd_encrypt_info enc;
748 struct smp_cmd_master_ident ident;
749 struct smp_ltk *ltk;
750 u8 authenticated;
751 __le16 ediv;
752 __le64 rand;
753
754 get_random_bytes(enc.ltk, sizeof(enc.ltk));
755 get_random_bytes(&ediv, sizeof(ediv));
756 get_random_bytes(&rand, sizeof(rand));
757
758 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
759
760 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
761 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type,
762 SMP_LTK_SLAVE, authenticated, enc.ltk,
763 smp->enc_key_size, ediv, rand);
764 smp->slave_ltk = ltk;
765
766 ident.ediv = ediv;
767 ident.rand = rand;
768
769 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
770
771 *keydist &= ~SMP_DIST_ENC_KEY;
772 }
773
774 if (*keydist & SMP_DIST_ID_KEY) {
775 struct smp_cmd_ident_addr_info addrinfo;
776 struct smp_cmd_ident_info idinfo;
777
778 memcpy(idinfo.irk, hdev->irk, sizeof(idinfo.irk));
779
780 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
781
782 /* The hci_conn contains the local identity address
783 * after the connection has been established.
784 *
785 * This is true even when the connection has been
786 * established using a resolvable random address.
787 */
788 bacpy(&addrinfo.bdaddr, &hcon->src);
789 addrinfo.addr_type = hcon->src_type;
790
791 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
792 &addrinfo);
793
794 *keydist &= ~SMP_DIST_ID_KEY;
795 }
796
797 if (*keydist & SMP_DIST_SIGN) {
798 struct smp_cmd_sign_info sign;
799 struct smp_csrk *csrk;
800
801 /* Generate a new random key */
802 get_random_bytes(sign.csrk, sizeof(sign.csrk));
803
804 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
805 if (csrk) {
806 csrk->master = 0x00;
807 memcpy(csrk->val, sign.csrk, sizeof(csrk->val));
808 }
809 smp->slave_csrk = csrk;
810
811 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
812
813 *keydist &= ~SMP_DIST_SIGN;
814 }
815
816 /* If there are still keys to be received wait for them */
Johan Hedbergb28b4942014-09-05 22:19:55 +0300817 if (smp->remote_key_dist & KEY_DIST_MASK) {
818 smp_allow_key_dist(smp);
Johan Hedberg86d14072014-08-11 22:06:43 +0300819 return;
Johan Hedbergb28b4942014-09-05 22:19:55 +0300820 }
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300821
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300822 set_bit(SMP_FLAG_COMPLETE, &smp->flags);
823 smp_notify_keys(conn);
824
825 smp_chan_destroy(conn);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300826}
827
Johan Hedbergb68fda62014-08-11 22:06:40 +0300828static void smp_timeout(struct work_struct *work)
829{
830 struct smp_chan *smp = container_of(work, struct smp_chan,
831 security_timer.work);
832 struct l2cap_conn *conn = smp->conn;
833
834 BT_DBG("conn %p", conn);
835
Johan Hedberg1e91c292014-08-18 20:33:29 +0300836 hci_disconnect(conn->hcon, HCI_ERROR_REMOTE_USER_TERM);
Johan Hedbergb68fda62014-08-11 22:06:40 +0300837}
838
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300839static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
840{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300841 struct l2cap_chan *chan = conn->smp;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300842 struct smp_chan *smp;
843
Marcel Holtmannf1560462013-10-13 05:43:25 -0700844 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300845 if (!smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300846 return NULL;
847
Johan Hedberg6a7bd102014-06-27 14:23:03 +0300848 smp->tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
849 if (IS_ERR(smp->tfm_aes)) {
850 BT_ERR("Unable to create ECB crypto context");
851 kfree(smp);
852 return NULL;
853 }
854
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300855 smp->conn = conn;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300856 chan->data = smp;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300857
Johan Hedbergb28b4942014-09-05 22:19:55 +0300858 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_FAIL);
859
Johan Hedbergb68fda62014-08-11 22:06:40 +0300860 INIT_DELAYED_WORK(&smp->security_timer, smp_timeout);
861
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300862 hci_conn_hold(conn->hcon);
863
864 return smp;
865}
866
Brian Gix2b64d152011-12-21 16:12:12 -0800867int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
868{
Johan Hedbergb10e8012014-06-27 14:23:07 +0300869 struct l2cap_conn *conn = hcon->l2cap_data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300870 struct l2cap_chan *chan;
Brian Gix2b64d152011-12-21 16:12:12 -0800871 struct smp_chan *smp;
872 u32 value;
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300873 int err;
Brian Gix2b64d152011-12-21 16:12:12 -0800874
875 BT_DBG("");
876
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300877 if (!conn)
Brian Gix2b64d152011-12-21 16:12:12 -0800878 return -ENOTCONN;
879
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300880 chan = conn->smp;
881 if (!chan)
882 return -ENOTCONN;
883
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300884 l2cap_chan_lock(chan);
885 if (!chan->data) {
886 err = -ENOTCONN;
887 goto unlock;
888 }
889
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300890 smp = chan->data;
Brian Gix2b64d152011-12-21 16:12:12 -0800891
892 switch (mgmt_op) {
893 case MGMT_OP_USER_PASSKEY_REPLY:
894 value = le32_to_cpu(passkey);
Johan Hedberg943a7322014-03-18 12:58:24 +0200895 memset(smp->tk, 0, sizeof(smp->tk));
Brian Gix2b64d152011-12-21 16:12:12 -0800896 BT_DBG("PassKey: %d", value);
Johan Hedberg943a7322014-03-18 12:58:24 +0200897 put_unaligned_le32(value, smp->tk);
Brian Gix2b64d152011-12-21 16:12:12 -0800898 /* Fall Through */
899 case MGMT_OP_USER_CONFIRM_REPLY:
Johan Hedberg4a74d652014-05-20 09:45:50 +0300900 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800901 break;
902 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
903 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
Johan Hedberg84794e12013-11-06 11:24:57 +0200904 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300905 err = 0;
906 goto unlock;
Brian Gix2b64d152011-12-21 16:12:12 -0800907 default:
Johan Hedberg84794e12013-11-06 11:24:57 +0200908 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300909 err = -EOPNOTSUPP;
910 goto unlock;
Brian Gix2b64d152011-12-21 16:12:12 -0800911 }
912
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300913 err = 0;
914
Brian Gix2b64d152011-12-21 16:12:12 -0800915 /* If it is our turn to send Pairing Confirm, do so now */
Johan Hedberg1cc61142014-05-20 09:45:52 +0300916 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) {
917 u8 rsp = smp_confirm(smp);
918 if (rsp)
919 smp_failure(conn, rsp);
920 }
Brian Gix2b64d152011-12-21 16:12:12 -0800921
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300922unlock:
923 l2cap_chan_unlock(chan);
924 return err;
Brian Gix2b64d152011-12-21 16:12:12 -0800925}
926
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300927static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300928{
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300929 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300930 struct l2cap_chan *chan = conn->smp;
Johan Hedbergb3c64102014-07-10 11:02:07 +0300931 struct hci_dev *hdev = conn->hcon->hdev;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300932 struct smp_chan *smp;
Johan Hedbergc7262e72014-06-17 13:07:37 +0300933 u8 key_size, auth, sec_level;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300934 int ret;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300935
936 BT_DBG("conn %p", conn);
937
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200938 if (skb->len < sizeof(*req))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300939 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200940
Johan Hedberg40bef302014-07-16 11:42:27 +0300941 if (conn->hcon->role != HCI_ROLE_SLAVE)
Brian Gix2b64d152011-12-21 16:12:12 -0800942 return SMP_CMD_NOTSUPP;
943
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300944 if (!chan->data)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300945 smp = smp_chan_create(conn);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300946 else
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300947 smp = chan->data;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300948
Andrei Emeltchenkod08fd0e2012-07-19 17:03:43 +0300949 if (!smp)
950 return SMP_UNSPECIFIED;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -0300951
Johan Hedbergc05b9332014-09-10 17:37:42 -0700952 /* We didn't start the pairing, so match remote */
953 auth = req->auth_req & AUTH_REQ_MASK;
954
Johan Hedbergb6ae8452014-07-30 09:22:22 +0300955 if (!test_bit(HCI_BONDABLE, &hdev->dev_flags) &&
Johan Hedbergc05b9332014-09-10 17:37:42 -0700956 (auth & SMP_AUTH_BONDING))
Johan Hedbergb3c64102014-07-10 11:02:07 +0300957 return SMP_PAIRING_NOTSUPP;
958
Johan Hedbergb28b4942014-09-05 22:19:55 +0300959 SMP_DISALLOW_CMD(smp, SMP_CMD_PAIRING_REQ);
960
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300961 smp->preq[0] = SMP_CMD_PAIRING_REQ;
962 memcpy(&smp->preq[1], req, sizeof(*req));
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300963 skb_pull(skb, sizeof(*req));
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300964
Johan Hedbergc7262e72014-06-17 13:07:37 +0300965 sec_level = authreq_to_seclevel(auth);
966 if (sec_level > conn->hcon->pending_sec_level)
967 conn->hcon->pending_sec_level = sec_level;
Ido Yarivfdde0a22012-03-05 20:09:38 +0200968
Johan Hedberg2ed8f652014-06-17 13:07:39 +0300969 /* If we need MITM check that it can be acheived */
970 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
971 u8 method;
972
973 method = get_auth_method(smp, conn->hcon->io_capability,
974 req->io_capability);
975 if (method == JUST_WORKS || method == JUST_CFM)
976 return SMP_AUTH_REQUIREMENTS;
977 }
978
Brian Gix2b64d152011-12-21 16:12:12 -0800979 build_pairing_cmd(conn, req, &rsp, auth);
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300980
981 key_size = min(req->max_key_size, rsp.max_key_size);
982 if (check_enc_key_size(conn, key_size))
983 return SMP_ENC_KEY_SIZE;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300984
Johan Hedberge84a6b12013-12-02 10:49:03 +0200985 get_random_bytes(smp->prnd, sizeof(smp->prnd));
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300986
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300987 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
988 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -0300989
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300990 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
Johan Hedbergb28b4942014-09-05 22:19:55 +0300991 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300992
Brian Gix2b64d152011-12-21 16:12:12 -0800993 /* Request setup of TK */
994 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
995 if (ret)
996 return SMP_UNSPECIFIED;
997
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300998 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300999}
1000
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001001static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001002{
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -03001003 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001004 struct l2cap_chan *chan = conn->smp;
1005 struct smp_chan *smp = chan->data;
Johan Hedberg3a7dbfb2014-09-10 17:37:41 -07001006 u8 key_size, auth;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001007 int ret;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001008
1009 BT_DBG("conn %p", conn);
1010
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001011 if (skb->len < sizeof(*rsp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001012 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001013
Johan Hedberg40bef302014-07-16 11:42:27 +03001014 if (conn->hcon->role != HCI_ROLE_MASTER)
Brian Gix2b64d152011-12-21 16:12:12 -08001015 return SMP_CMD_NOTSUPP;
1016
Johan Hedbergb28b4942014-09-05 22:19:55 +03001017 SMP_DISALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
1018
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -03001019 skb_pull(skb, sizeof(*rsp));
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001020
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001021 req = (void *) &smp->preq[1];
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -03001022
1023 key_size = min(req->max_key_size, rsp->max_key_size);
1024 if (check_enc_key_size(conn, key_size))
1025 return SMP_ENC_KEY_SIZE;
1026
Johan Hedbergc05b9332014-09-10 17:37:42 -07001027 auth = rsp->auth_req & AUTH_REQ_MASK;
1028
Johan Hedberg2ed8f652014-06-17 13:07:39 +03001029 /* If we need MITM check that it can be acheived */
1030 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
1031 u8 method;
1032
1033 method = get_auth_method(smp, req->io_capability,
1034 rsp->io_capability);
1035 if (method == JUST_WORKS || method == JUST_CFM)
1036 return SMP_AUTH_REQUIREMENTS;
1037 }
1038
Johan Hedberge84a6b12013-12-02 10:49:03 +02001039 get_random_bytes(smp->prnd, sizeof(smp->prnd));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001040
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001041 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
1042 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001043
Johan Hedbergfdcc4be2014-03-14 10:53:50 +02001044 /* Update remote key distribution in case the remote cleared
1045 * some bits that we had enabled in our request.
1046 */
1047 smp->remote_key_dist &= rsp->resp_key_dist;
1048
Johan Hedbergc05b9332014-09-10 17:37:42 -07001049 auth |= req->auth_req;
Brian Gix2b64d152011-12-21 16:12:12 -08001050
Johan Hedberg476585e2012-06-06 18:54:15 +08001051 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
Brian Gix2b64d152011-12-21 16:12:12 -08001052 if (ret)
1053 return SMP_UNSPECIFIED;
1054
Johan Hedberg4a74d652014-05-20 09:45:50 +03001055 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -08001056
1057 /* Can't compose response until we have been confirmed */
Johan Hedberg4a74d652014-05-20 09:45:50 +03001058 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
Johan Hedberg1cc61142014-05-20 09:45:52 +03001059 return smp_confirm(smp);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001060
1061 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001062}
1063
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001064static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001065{
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001066 struct l2cap_chan *chan = conn->smp;
1067 struct smp_chan *smp = chan->data;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001068
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001069 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
1070
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001071 if (skb->len < sizeof(smp->pcnf))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001072 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001073
Johan Hedbergb28b4942014-09-05 22:19:55 +03001074 SMP_DISALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
1075
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001076 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
1077 skb_pull(skb, sizeof(smp->pcnf));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001078
Johan Hedbergb28b4942014-09-05 22:19:55 +03001079 if (conn->hcon->out) {
Johan Hedberg943a7322014-03-18 12:58:24 +02001080 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
1081 smp->prnd);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001082 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
1083 return 0;
1084 }
1085
1086 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
Johan Hedberg1cc61142014-05-20 09:45:52 +03001087 return smp_confirm(smp);
Johan Hedberg943a7322014-03-18 12:58:24 +02001088 else
Johan Hedberg4a74d652014-05-20 09:45:50 +03001089 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001090
1091 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001092}
1093
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001094static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001095{
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001096 struct l2cap_chan *chan = conn->smp;
1097 struct smp_chan *smp = chan->data;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001098
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001099 BT_DBG("conn %p", conn);
Anderson Briglia7d24ddc2011-06-09 18:50:46 -03001100
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001101 if (skb->len < sizeof(smp->rrnd))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001102 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001103
Johan Hedbergb28b4942014-09-05 22:19:55 +03001104 SMP_DISALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
1105
Johan Hedberg943a7322014-03-18 12:58:24 +02001106 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001107 skb_pull(skb, sizeof(smp->rrnd));
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001108
Johan Hedberg861580a2014-05-20 09:45:51 +03001109 return smp_random(smp);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001110}
1111
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001112static bool smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001113{
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001114 struct smp_ltk *key;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001115 struct hci_conn *hcon = conn->hcon;
1116
Johan Hedberg98a0b842014-01-30 19:40:00 -08001117 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
Johan Hedberge804d252014-07-16 11:42:28 +03001118 hcon->role);
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001119 if (!key)
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001120 return false;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001121
Johan Hedberg4dab7862012-06-07 14:58:37 +08001122 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001123 return false;
Johan Hedberg4dab7862012-06-07 14:58:37 +08001124
Johan Hedberg51a8efd2012-01-16 06:10:31 +02001125 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001126 return true;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001127
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001128 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
1129 hcon->enc_key_size = key->enc_size;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001130
Johan Hedbergfe59a052014-07-01 19:14:12 +03001131 /* We never store STKs for master role, so clear this flag */
1132 clear_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
1133
Marcel Holtmannf81cd822014-07-01 10:59:24 +02001134 return true;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001135}
Marcel Holtmannf1560462013-10-13 05:43:25 -07001136
Johan Hedberg854f4722014-07-01 18:40:20 +03001137bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level)
1138{
1139 if (sec_level == BT_SECURITY_LOW)
1140 return true;
1141
Johan Hedberg9ab65d602014-07-01 19:14:13 +03001142 /* If we're encrypted with an STK always claim insufficient
1143 * security. This way we allow the connection to be re-encrypted
1144 * with an LTK, even if the LTK provides the same level of
Johan Hedbergb2d5e252014-07-14 14:34:55 +03001145 * security. Only exception is if we don't have an LTK (e.g.
1146 * because of key distribution bits).
Johan Hedberg9ab65d602014-07-01 19:14:13 +03001147 */
Johan Hedbergb2d5e252014-07-14 14:34:55 +03001148 if (test_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags) &&
1149 hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
Johan Hedberge804d252014-07-16 11:42:28 +03001150 hcon->role))
Johan Hedberg9ab65d602014-07-01 19:14:13 +03001151 return false;
1152
Johan Hedberg854f4722014-07-01 18:40:20 +03001153 if (hcon->sec_level >= sec_level)
1154 return true;
1155
1156 return false;
1157}
1158
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001159static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001160{
1161 struct smp_cmd_security_req *rp = (void *) skb->data;
1162 struct smp_cmd_pairing cp;
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -03001163 struct hci_conn *hcon = conn->hcon;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001164 struct smp_chan *smp;
Johan Hedbergc05b9332014-09-10 17:37:42 -07001165 u8 sec_level, auth;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001166
1167 BT_DBG("conn %p", conn);
1168
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001169 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001170 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001171
Johan Hedberg40bef302014-07-16 11:42:27 +03001172 if (hcon->role != HCI_ROLE_MASTER)
Johan Hedberg86ca9ea2013-11-05 11:30:39 +02001173 return SMP_CMD_NOTSUPP;
1174
Johan Hedbergc05b9332014-09-10 17:37:42 -07001175 auth = rp->auth_req & AUTH_REQ_MASK;
1176
1177 sec_level = authreq_to_seclevel(auth);
Johan Hedberg854f4722014-07-01 18:40:20 +03001178 if (smp_sufficient_security(hcon, sec_level))
1179 return 0;
1180
Johan Hedbergc7262e72014-06-17 13:07:37 +03001181 if (sec_level > hcon->pending_sec_level)
1182 hcon->pending_sec_level = sec_level;
Vinicius Costa Gomesfeb45eb2011-08-25 20:02:35 -03001183
Johan Hedberg4dab7862012-06-07 14:58:37 +08001184 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -03001185 return 0;
1186
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001187 smp = smp_chan_create(conn);
Johan Hedbergc29d2442014-06-16 19:25:14 +03001188 if (!smp)
1189 return SMP_UNSPECIFIED;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001190
Johan Hedbergb6ae8452014-07-30 09:22:22 +03001191 if (!test_bit(HCI_BONDABLE, &hcon->hdev->dev_flags) &&
Johan Hedbergc05b9332014-09-10 17:37:42 -07001192 (auth & SMP_AUTH_BONDING))
Johan Hedberg616d55be42014-07-29 14:18:48 +03001193 return SMP_PAIRING_NOTSUPP;
1194
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001195 skb_pull(skb, sizeof(*rp));
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001196
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001197 memset(&cp, 0, sizeof(cp));
Johan Hedbergc05b9332014-09-10 17:37:42 -07001198 build_pairing_cmd(conn, &cp, NULL, auth);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001199
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001200 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1201 memcpy(&smp->preq[1], &cp, sizeof(cp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -03001202
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001203 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001204 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -03001205
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001206 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001207}
1208
Vinicius Costa Gomescc110922012-08-23 21:32:43 -03001209int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001210{
Vinicius Costa Gomescc110922012-08-23 21:32:43 -03001211 struct l2cap_conn *conn = hcon->l2cap_data;
Johan Hedbergc68b7f12014-09-06 06:59:10 +03001212 struct l2cap_chan *chan;
Johan Hedberg0a66cf22014-03-24 14:39:03 +02001213 struct smp_chan *smp;
Brian Gix2b64d152011-12-21 16:12:12 -08001214 __u8 authreq;
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001215 int ret;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001216
Vinicius Costa Gomes3a0259b2011-06-09 18:50:43 -03001217 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
1218
Johan Hedberg0a66cf22014-03-24 14:39:03 +02001219 /* This may be NULL if there's an unexpected disconnection */
1220 if (!conn)
1221 return 1;
1222
Johan Hedbergc68b7f12014-09-06 06:59:10 +03001223 chan = conn->smp;
1224
Johan Hedberg757aee02013-04-24 13:05:32 +03001225 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
Andre Guedes2e65c9d2011-06-30 19:20:56 -03001226 return 1;
1227
Johan Hedbergad32a2f2013-05-14 18:05:12 +03001228 if (smp_sufficient_security(hcon, sec_level))
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -03001229 return 1;
1230
Johan Hedbergc7262e72014-06-17 13:07:37 +03001231 if (sec_level > hcon->pending_sec_level)
1232 hcon->pending_sec_level = sec_level;
1233
Johan Hedberg40bef302014-07-16 11:42:27 +03001234 if (hcon->role == HCI_ROLE_MASTER)
Johan Hedbergc7262e72014-06-17 13:07:37 +03001235 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
1236 return 0;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001237
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001238 l2cap_chan_lock(chan);
1239
1240 /* If SMP is already in progress ignore this request */
1241 if (chan->data) {
1242 ret = 0;
1243 goto unlock;
1244 }
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001245
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -03001246 smp = smp_chan_create(conn);
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001247 if (!smp) {
1248 ret = 1;
1249 goto unlock;
1250 }
Brian Gix2b64d152011-12-21 16:12:12 -08001251
1252 authreq = seclevel_to_authreq(sec_level);
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001253
Johan Hedberg79897d22014-06-01 09:45:24 +03001254 /* Require MITM if IO Capability allows or the security level
1255 * requires it.
Johan Hedberg2e233642014-03-18 15:42:30 +02001256 */
Johan Hedberg79897d22014-06-01 09:45:24 +03001257 if (hcon->io_capability != HCI_IO_NO_INPUT_OUTPUT ||
Johan Hedbergc7262e72014-06-17 13:07:37 +03001258 hcon->pending_sec_level > BT_SECURITY_MEDIUM)
Johan Hedberg2e233642014-03-18 15:42:30 +02001259 authreq |= SMP_AUTH_MITM;
1260
Johan Hedberg40bef302014-07-16 11:42:27 +03001261 if (hcon->role == HCI_ROLE_MASTER) {
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001262 struct smp_cmd_pairing cp;
Anderson Brigliaf01ead32011-06-09 18:50:45 -03001263
Brian Gix2b64d152011-12-21 16:12:12 -08001264 build_pairing_cmd(conn, &cp, NULL, authreq);
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001265 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1266 memcpy(&smp->preq[1], &cp, sizeof(cp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -03001267
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001268 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001269 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001270 } else {
1271 struct smp_cmd_security_req cp;
Brian Gix2b64d152011-12-21 16:12:12 -08001272 cp.auth_req = authreq;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001273 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001274 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_REQ);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001275 }
1276
Johan Hedberg4a74d652014-05-20 09:45:50 +03001277 set_bit(SMP_FLAG_INITIATOR, &smp->flags);
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001278 ret = 0;
Johan Hedbergedca7922014-03-24 15:54:11 +02001279
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001280unlock:
1281 l2cap_chan_unlock(chan);
1282 return ret;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001283}
1284
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001285static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
1286{
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001287 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001288 struct l2cap_chan *chan = conn->smp;
1289 struct smp_chan *smp = chan->data;
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001290
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001291 BT_DBG("conn %p", conn);
1292
1293 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001294 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001295
Johan Hedbergb28b4942014-09-05 22:19:55 +03001296 SMP_DISALLOW_CMD(smp, SMP_CMD_ENCRYPT_INFO);
1297 SMP_ALLOW_CMD(smp, SMP_CMD_MASTER_IDENT);
Johan Hedberg6131ddc2014-02-18 10:19:37 +02001298
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001299 skb_pull(skb, sizeof(*rp));
1300
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001301 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001302
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001303 return 0;
1304}
1305
1306static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
1307{
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001308 struct smp_cmd_master_ident *rp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001309 struct l2cap_chan *chan = conn->smp;
1310 struct smp_chan *smp = chan->data;
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001311 struct hci_dev *hdev = conn->hcon->hdev;
1312 struct hci_conn *hcon = conn->hcon;
Johan Hedberg23d0e122014-02-19 14:57:46 +02001313 struct smp_ltk *ltk;
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001314 u8 authenticated;
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001315
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001316 BT_DBG("conn %p", conn);
1317
1318 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001319 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001320
Johan Hedberg9747a9f2014-02-26 23:33:43 +02001321 /* Mark the information as received */
1322 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
1323
Johan Hedbergb28b4942014-09-05 22:19:55 +03001324 SMP_DISALLOW_CMD(smp, SMP_CMD_MASTER_IDENT);
1325 if (smp->remote_key_dist & SMP_DIST_ID_KEY)
1326 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
Johan Hedberg196332f2014-09-09 16:21:46 -07001327 else if (smp->remote_key_dist & SMP_DIST_SIGN)
1328 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
Johan Hedbergb28b4942014-09-05 22:19:55 +03001329
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001330 skb_pull(skb, sizeof(*rp));
1331
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001332 hci_dev_lock(hdev);
Marcel Holtmannce39fb42013-10-13 02:23:39 -07001333 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
Johan Hedberg2ceba532014-06-16 19:25:16 +03001334 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, SMP_LTK,
Johan Hedberg23d0e122014-02-19 14:57:46 +02001335 authenticated, smp->tk, smp->enc_key_size,
1336 rp->ediv, rp->rand);
1337 smp->ltk = ltk;
Johan Hedbergc6e81e92014-09-05 22:19:54 +03001338 if (!(smp->remote_key_dist & KEY_DIST_MASK))
Johan Hedbergd6268e82014-09-05 22:19:51 +03001339 smp_distribute_keys(smp);
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001340 hci_dev_unlock(hdev);
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001341
1342 return 0;
1343}
1344
Johan Hedbergfd349c02014-02-18 10:19:36 +02001345static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
1346{
1347 struct smp_cmd_ident_info *info = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001348 struct l2cap_chan *chan = conn->smp;
1349 struct smp_chan *smp = chan->data;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001350
1351 BT_DBG("");
1352
1353 if (skb->len < sizeof(*info))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001354 return SMP_INVALID_PARAMS;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001355
Johan Hedbergb28b4942014-09-05 22:19:55 +03001356 SMP_DISALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
1357 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_ADDR_INFO);
Johan Hedberg6131ddc2014-02-18 10:19:37 +02001358
Johan Hedbergfd349c02014-02-18 10:19:36 +02001359 skb_pull(skb, sizeof(*info));
1360
1361 memcpy(smp->irk, info->irk, 16);
1362
1363 return 0;
1364}
1365
1366static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
1367 struct sk_buff *skb)
1368{
1369 struct smp_cmd_ident_addr_info *info = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001370 struct l2cap_chan *chan = conn->smp;
1371 struct smp_chan *smp = chan->data;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001372 struct hci_conn *hcon = conn->hcon;
1373 bdaddr_t rpa;
1374
1375 BT_DBG("");
1376
1377 if (skb->len < sizeof(*info))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001378 return SMP_INVALID_PARAMS;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001379
Johan Hedberg9747a9f2014-02-26 23:33:43 +02001380 /* Mark the information as received */
1381 smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
1382
Johan Hedbergb28b4942014-09-05 22:19:55 +03001383 SMP_DISALLOW_CMD(smp, SMP_CMD_IDENT_ADDR_INFO);
1384 if (smp->remote_key_dist & SMP_DIST_SIGN)
1385 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
1386
Johan Hedbergfd349c02014-02-18 10:19:36 +02001387 skb_pull(skb, sizeof(*info));
1388
Johan Hedberg31dd6242014-06-27 14:23:02 +03001389 hci_dev_lock(hcon->hdev);
1390
Johan Hedberga9a58f82014-02-25 22:24:37 +02001391 /* Strictly speaking the Core Specification (4.1) allows sending
1392 * an empty address which would force us to rely on just the IRK
1393 * as "identity information". However, since such
1394 * implementations are not known of and in order to not over
1395 * complicate our implementation, simply pretend that we never
1396 * received an IRK for such a device.
1397 */
1398 if (!bacmp(&info->bdaddr, BDADDR_ANY)) {
1399 BT_ERR("Ignoring IRK with no identity address");
Johan Hedberg31dd6242014-06-27 14:23:02 +03001400 goto distribute;
Johan Hedberga9a58f82014-02-25 22:24:37 +02001401 }
1402
Johan Hedbergfd349c02014-02-18 10:19:36 +02001403 bacpy(&smp->id_addr, &info->bdaddr);
1404 smp->id_addr_type = info->addr_type;
1405
1406 if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type))
1407 bacpy(&rpa, &hcon->dst);
1408 else
1409 bacpy(&rpa, BDADDR_ANY);
1410
Johan Hedberg23d0e122014-02-19 14:57:46 +02001411 smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
1412 smp->id_addr_type, smp->irk, &rpa);
Johan Hedbergfd349c02014-02-18 10:19:36 +02001413
Johan Hedberg31dd6242014-06-27 14:23:02 +03001414distribute:
Johan Hedbergc6e81e92014-09-05 22:19:54 +03001415 if (!(smp->remote_key_dist & KEY_DIST_MASK))
1416 smp_distribute_keys(smp);
Johan Hedbergfd349c02014-02-18 10:19:36 +02001417
Johan Hedberg31dd6242014-06-27 14:23:02 +03001418 hci_dev_unlock(hcon->hdev);
1419
Johan Hedbergfd349c02014-02-18 10:19:36 +02001420 return 0;
1421}
1422
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001423static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb)
1424{
1425 struct smp_cmd_sign_info *rp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001426 struct l2cap_chan *chan = conn->smp;
1427 struct smp_chan *smp = chan->data;
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001428 struct hci_dev *hdev = conn->hcon->hdev;
1429 struct smp_csrk *csrk;
1430
1431 BT_DBG("conn %p", conn);
1432
1433 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001434 return SMP_INVALID_PARAMS;
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001435
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001436 /* Mark the information as received */
1437 smp->remote_key_dist &= ~SMP_DIST_SIGN;
1438
Johan Hedbergb28b4942014-09-05 22:19:55 +03001439 SMP_DISALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
1440
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001441 skb_pull(skb, sizeof(*rp));
1442
1443 hci_dev_lock(hdev);
1444 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1445 if (csrk) {
1446 csrk->master = 0x01;
1447 memcpy(csrk->val, rp->csrk, sizeof(csrk->val));
1448 }
1449 smp->csrk = csrk;
Johan Hedbergd6268e82014-09-05 22:19:51 +03001450 smp_distribute_keys(smp);
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001451 hci_dev_unlock(hdev);
1452
1453 return 0;
1454}
1455
Johan Hedberg4befb862014-08-11 22:06:38 +03001456static int smp_sig_channel(struct l2cap_chan *chan, struct sk_buff *skb)
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001457{
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001458 struct l2cap_conn *conn = chan->conn;
Marcel Holtmann7b9899d2013-10-03 00:00:57 -07001459 struct hci_conn *hcon = conn->hcon;
Johan Hedbergb28b4942014-09-05 22:19:55 +03001460 struct smp_chan *smp;
Marcel Holtmann92381f52013-10-03 01:23:08 -07001461 __u8 code, reason;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001462 int err = 0;
1463
Marcel Holtmann7b9899d2013-10-03 00:00:57 -07001464 if (hcon->type != LE_LINK) {
1465 kfree_skb(skb);
Johan Hedberg34327112013-10-16 11:37:01 +03001466 return 0;
Marcel Holtmann7b9899d2013-10-03 00:00:57 -07001467 }
1468
Johan Hedberg8ae9b982014-08-11 22:06:39 +03001469 if (skb->len < 1)
Marcel Holtmann92381f52013-10-03 01:23:08 -07001470 return -EILSEQ;
Marcel Holtmann92381f52013-10-03 01:23:08 -07001471
Marcel Holtmann06ae3312013-10-18 03:43:00 -07001472 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
Andre Guedes2e65c9d2011-06-30 19:20:56 -03001473 reason = SMP_PAIRING_NOTSUPP;
1474 goto done;
1475 }
1476
Marcel Holtmann92381f52013-10-03 01:23:08 -07001477 code = skb->data[0];
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001478 skb_pull(skb, sizeof(code));
1479
Johan Hedbergb28b4942014-09-05 22:19:55 +03001480 smp = chan->data;
1481
1482 if (code > SMP_CMD_MAX)
1483 goto drop;
1484
1485 if (smp && !test_bit(code, &smp->allow_cmd))
1486 goto drop;
1487
1488 /* If we don't have a context the only allowed commands are
1489 * pairing request and security request.
Johan Hedberg8cf9fa12013-01-29 10:44:23 -06001490 */
Johan Hedbergb28b4942014-09-05 22:19:55 +03001491 if (!smp && code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ)
1492 goto drop;
Johan Hedberg8cf9fa12013-01-29 10:44:23 -06001493
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001494 switch (code) {
1495 case SMP_CMD_PAIRING_REQ:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001496 reason = smp_cmd_pairing_req(conn, skb);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001497 break;
1498
1499 case SMP_CMD_PAIRING_FAIL:
Johan Hedberg84794e12013-11-06 11:24:57 +02001500 smp_failure(conn, 0);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001501 err = -EPERM;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001502 break;
1503
1504 case SMP_CMD_PAIRING_RSP:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001505 reason = smp_cmd_pairing_rsp(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001506 break;
1507
1508 case SMP_CMD_SECURITY_REQ:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001509 reason = smp_cmd_security_req(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001510 break;
1511
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001512 case SMP_CMD_PAIRING_CONFIRM:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001513 reason = smp_cmd_pairing_confirm(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001514 break;
1515
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001516 case SMP_CMD_PAIRING_RANDOM:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001517 reason = smp_cmd_pairing_random(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001518 break;
1519
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001520 case SMP_CMD_ENCRYPT_INFO:
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001521 reason = smp_cmd_encrypt_info(conn, skb);
1522 break;
1523
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001524 case SMP_CMD_MASTER_IDENT:
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001525 reason = smp_cmd_master_ident(conn, skb);
1526 break;
1527
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001528 case SMP_CMD_IDENT_INFO:
Johan Hedbergfd349c02014-02-18 10:19:36 +02001529 reason = smp_cmd_ident_info(conn, skb);
1530 break;
1531
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001532 case SMP_CMD_IDENT_ADDR_INFO:
Johan Hedbergfd349c02014-02-18 10:19:36 +02001533 reason = smp_cmd_ident_addr_info(conn, skb);
1534 break;
1535
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001536 case SMP_CMD_SIGN_INFO:
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001537 reason = smp_cmd_sign_info(conn, skb);
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001538 break;
1539
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001540 default:
1541 BT_DBG("Unknown command code 0x%2.2x", code);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001542 reason = SMP_CMD_NOTSUPP;
Vinicius Costa Gomes3a0259b2011-06-09 18:50:43 -03001543 goto done;
1544 }
1545
1546done:
Johan Hedberg9b7b18e2014-08-18 20:33:31 +03001547 if (!err) {
1548 if (reason)
1549 smp_failure(conn, reason);
Johan Hedberg8ae9b982014-08-11 22:06:39 +03001550 kfree_skb(skb);
Johan Hedberg9b7b18e2014-08-18 20:33:31 +03001551 }
1552
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001553 return err;
Johan Hedbergb28b4942014-09-05 22:19:55 +03001554
1555drop:
1556 BT_ERR("%s unexpected SMP command 0x%02x from %pMR", hcon->hdev->name,
1557 code, &hcon->dst);
1558 kfree_skb(skb);
1559 return 0;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001560}
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001561
Johan Hedberg70db83c2014-08-08 09:37:16 +03001562static void smp_teardown_cb(struct l2cap_chan *chan, int err)
1563{
1564 struct l2cap_conn *conn = chan->conn;
1565
1566 BT_DBG("chan %p", chan);
1567
Johan Hedbergfc75cc82014-09-05 22:19:52 +03001568 if (chan->data)
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001569 smp_chan_destroy(conn);
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001570
Johan Hedberg70db83c2014-08-08 09:37:16 +03001571 conn->smp = NULL;
1572 l2cap_chan_put(chan);
1573}
1574
Johan Hedberg44f1a7a2014-08-11 22:06:36 +03001575static void smp_resume_cb(struct l2cap_chan *chan)
1576{
Johan Hedbergb68fda62014-08-11 22:06:40 +03001577 struct smp_chan *smp = chan->data;
Johan Hedberg44f1a7a2014-08-11 22:06:36 +03001578 struct l2cap_conn *conn = chan->conn;
1579 struct hci_conn *hcon = conn->hcon;
1580
1581 BT_DBG("chan %p", chan);
1582
Johan Hedberg86d14072014-08-11 22:06:43 +03001583 if (!smp)
1584 return;
Johan Hedbergb68fda62014-08-11 22:06:40 +03001585
Johan Hedberg84bc0db2014-09-05 22:19:49 +03001586 if (!test_bit(HCI_CONN_ENCRYPT, &hcon->flags))
1587 return;
1588
Johan Hedberg86d14072014-08-11 22:06:43 +03001589 cancel_delayed_work(&smp->security_timer);
1590
Johan Hedbergd6268e82014-09-05 22:19:51 +03001591 smp_distribute_keys(smp);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +03001592}
1593
Johan Hedberg70db83c2014-08-08 09:37:16 +03001594static void smp_ready_cb(struct l2cap_chan *chan)
1595{
1596 struct l2cap_conn *conn = chan->conn;
1597
1598 BT_DBG("chan %p", chan);
1599
1600 conn->smp = chan;
1601 l2cap_chan_hold(chan);
1602}
1603
Johan Hedberg4befb862014-08-11 22:06:38 +03001604static int smp_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
1605{
1606 int err;
1607
1608 BT_DBG("chan %p", chan);
1609
1610 err = smp_sig_channel(chan, skb);
1611 if (err) {
Johan Hedbergb68fda62014-08-11 22:06:40 +03001612 struct smp_chan *smp = chan->data;
Johan Hedberg4befb862014-08-11 22:06:38 +03001613
Johan Hedbergb68fda62014-08-11 22:06:40 +03001614 if (smp)
1615 cancel_delayed_work_sync(&smp->security_timer);
Johan Hedberg4befb862014-08-11 22:06:38 +03001616
Johan Hedberg1e91c292014-08-18 20:33:29 +03001617 hci_disconnect(chan->conn->hcon, HCI_ERROR_AUTH_FAILURE);
Johan Hedberg4befb862014-08-11 22:06:38 +03001618 }
1619
1620 return err;
1621}
1622
Johan Hedberg70db83c2014-08-08 09:37:16 +03001623static struct sk_buff *smp_alloc_skb_cb(struct l2cap_chan *chan,
1624 unsigned long hdr_len,
1625 unsigned long len, int nb)
1626{
1627 struct sk_buff *skb;
1628
1629 skb = bt_skb_alloc(hdr_len + len, GFP_KERNEL);
1630 if (!skb)
1631 return ERR_PTR(-ENOMEM);
1632
1633 skb->priority = HCI_PRIO_MAX;
1634 bt_cb(skb)->chan = chan;
1635
1636 return skb;
1637}
1638
1639static const struct l2cap_ops smp_chan_ops = {
1640 .name = "Security Manager",
1641 .ready = smp_ready_cb,
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001642 .recv = smp_recv_cb,
Johan Hedberg70db83c2014-08-08 09:37:16 +03001643 .alloc_skb = smp_alloc_skb_cb,
1644 .teardown = smp_teardown_cb,
Johan Hedberg44f1a7a2014-08-11 22:06:36 +03001645 .resume = smp_resume_cb,
Johan Hedberg70db83c2014-08-08 09:37:16 +03001646
1647 .new_connection = l2cap_chan_no_new_connection,
Johan Hedberg70db83c2014-08-08 09:37:16 +03001648 .state_change = l2cap_chan_no_state_change,
1649 .close = l2cap_chan_no_close,
1650 .defer = l2cap_chan_no_defer,
1651 .suspend = l2cap_chan_no_suspend,
Johan Hedberg70db83c2014-08-08 09:37:16 +03001652 .set_shutdown = l2cap_chan_no_set_shutdown,
1653 .get_sndtimeo = l2cap_chan_no_get_sndtimeo,
1654 .memcpy_fromiovec = l2cap_chan_no_memcpy_fromiovec,
1655};
1656
1657static inline struct l2cap_chan *smp_new_conn_cb(struct l2cap_chan *pchan)
1658{
1659 struct l2cap_chan *chan;
1660
1661 BT_DBG("pchan %p", pchan);
1662
1663 chan = l2cap_chan_create();
1664 if (!chan)
1665 return NULL;
1666
1667 chan->chan_type = pchan->chan_type;
1668 chan->ops = &smp_chan_ops;
1669 chan->scid = pchan->scid;
1670 chan->dcid = chan->scid;
1671 chan->imtu = pchan->imtu;
1672 chan->omtu = pchan->omtu;
1673 chan->mode = pchan->mode;
1674
1675 BT_DBG("created chan %p", chan);
1676
1677 return chan;
1678}
1679
1680static const struct l2cap_ops smp_root_chan_ops = {
1681 .name = "Security Manager Root",
1682 .new_connection = smp_new_conn_cb,
1683
1684 /* None of these are implemented for the root channel */
1685 .close = l2cap_chan_no_close,
1686 .alloc_skb = l2cap_chan_no_alloc_skb,
1687 .recv = l2cap_chan_no_recv,
1688 .state_change = l2cap_chan_no_state_change,
1689 .teardown = l2cap_chan_no_teardown,
1690 .ready = l2cap_chan_no_ready,
1691 .defer = l2cap_chan_no_defer,
1692 .suspend = l2cap_chan_no_suspend,
1693 .resume = l2cap_chan_no_resume,
1694 .set_shutdown = l2cap_chan_no_set_shutdown,
1695 .get_sndtimeo = l2cap_chan_no_get_sndtimeo,
1696 .memcpy_fromiovec = l2cap_chan_no_memcpy_fromiovec,
1697};
1698
Johan Hedberg711eafe2014-08-08 09:32:52 +03001699int smp_register(struct hci_dev *hdev)
1700{
Johan Hedberg70db83c2014-08-08 09:37:16 +03001701 struct l2cap_chan *chan;
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001702 struct crypto_blkcipher *tfm_aes;
Johan Hedberg70db83c2014-08-08 09:37:16 +03001703
Johan Hedberg711eafe2014-08-08 09:32:52 +03001704 BT_DBG("%s", hdev->name);
1705
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001706 tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
1707 if (IS_ERR(tfm_aes)) {
1708 int err = PTR_ERR(tfm_aes);
Johan Hedberg711eafe2014-08-08 09:32:52 +03001709 BT_ERR("Unable to create crypto context");
Johan Hedberg711eafe2014-08-08 09:32:52 +03001710 return err;
1711 }
1712
Johan Hedberg70db83c2014-08-08 09:37:16 +03001713 chan = l2cap_chan_create();
1714 if (!chan) {
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001715 crypto_free_blkcipher(tfm_aes);
Johan Hedberg70db83c2014-08-08 09:37:16 +03001716 return -ENOMEM;
1717 }
1718
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001719 chan->data = tfm_aes;
1720
Johan Hedberg5d88cc72014-08-08 09:37:18 +03001721 l2cap_add_scid(chan, L2CAP_CID_SMP);
Johan Hedberg70db83c2014-08-08 09:37:16 +03001722
1723 l2cap_chan_set_defaults(chan);
1724
1725 bacpy(&chan->src, &hdev->bdaddr);
1726 chan->src_type = BDADDR_LE_PUBLIC;
1727 chan->state = BT_LISTEN;
1728 chan->mode = L2CAP_MODE_BASIC;
1729 chan->imtu = L2CAP_DEFAULT_MTU;
1730 chan->ops = &smp_root_chan_ops;
1731
1732 hdev->smp_data = chan;
1733
Johan Hedberg711eafe2014-08-08 09:32:52 +03001734 return 0;
1735}
1736
1737void smp_unregister(struct hci_dev *hdev)
1738{
Johan Hedberg70db83c2014-08-08 09:37:16 +03001739 struct l2cap_chan *chan = hdev->smp_data;
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001740 struct crypto_blkcipher *tfm_aes;
Johan Hedberg70db83c2014-08-08 09:37:16 +03001741
1742 if (!chan)
1743 return;
1744
1745 BT_DBG("%s chan %p", hdev->name, chan);
Johan Hedberg711eafe2014-08-08 09:32:52 +03001746
Johan Hedbergdefce9e2014-08-08 09:37:17 +03001747 tfm_aes = chan->data;
1748 if (tfm_aes) {
1749 chan->data = NULL;
1750 crypto_free_blkcipher(tfm_aes);
Johan Hedberg711eafe2014-08-08 09:32:52 +03001751 }
Johan Hedberg70db83c2014-08-08 09:37:16 +03001752
1753 hdev->smp_data = NULL;
1754 l2cap_chan_put(chan);
Johan Hedberg711eafe2014-08-08 09:32:52 +03001755}