tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom
kernel / net / bluetooth / smp.c
at v3.14-rc3 1032 lines 24 kB view raw
1/* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies). 4 5 This program is free software; you can redistribute it and/or modify 6 it under the terms of the GNU General Public License version 2 as 7 published by the Free Software Foundation; 8 9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 20 SOFTWARE IS DISCLAIMED. 21*/ 22 23#include <linux/crypto.h> 24#include <linux/scatterlist.h> 25#include <crypto/b128ops.h> 26 27#include <net/bluetooth/bluetooth.h> 28#include <net/bluetooth/hci_core.h> 29#include <net/bluetooth/l2cap.h> 30#include <net/bluetooth/mgmt.h> 31 32#include "smp.h" 33 34#define SMP_TIMEOUT msecs_to_jiffies(30000) 35 36#define AUTH_REQ_MASK 0x07 37 38static inline void swap128(u8 src[16], u8 dst[16]) 39{ 40 int i; 41 for (i = 0; i < 16; i++) 42 dst[15 - i] = src[i]; 43} 44 45static inline void swap56(u8 src[7], u8 dst[7]) 46{ 47 int i; 48 for (i = 0; i < 7; i++) 49 dst[6 - i] = src[i]; 50} 51 52static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r) 53{ 54 struct blkcipher_desc desc; 55 struct scatterlist sg; 56 int err; 57 58 if (tfm == NULL) { 59 BT_ERR("tfm %p", tfm); 60 return -EINVAL; 61 } 62 63 desc.tfm = tfm; 64 desc.flags = 0; 65 66 err = crypto_blkcipher_setkey(tfm, k, 16); 67 if (err) { 68 BT_ERR("cipher setkey failed: %d", err); 69 return err; 70 } 71 72 sg_init_one(&sg, r, 16); 73 74 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16); 75 if (err) 76 BT_ERR("Encrypt data error %d", err); 77 78 return err; 79} 80 81static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16], 82 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia, 83 u8 _rat, bdaddr_t *ra, u8 res[16]) 84{ 85 u8 p1[16], p2[16]; 86 int err; 87 88 memset(p1, 0, 16); 89 90 /* p1 = pres || preq || _rat || _iat */ 91 swap56(pres, p1); 92 swap56(preq, p1 + 7); 93 p1[14] = _rat; 94 p1[15] = _iat; 95 96 memset(p2, 0, 16); 97 98 /* p2 = padding || ia || ra */ 99 baswap((bdaddr_t *) (p2 + 4), ia); 100 baswap((bdaddr_t *) (p2 + 10), ra); 101 102 /* res = r XOR p1 */ 103 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1); 104 105 /* res = e(k, res) */ 106 err = smp_e(tfm, k, res); 107 if (err) { 108 BT_ERR("Encrypt data error"); 109 return err; 110 } 111 112 /* res = res XOR p2 */ 113 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2); 114 115 /* res = e(k, res) */ 116 err = smp_e(tfm, k, res); 117 if (err) 118 BT_ERR("Encrypt data error"); 119 120 return err; 121} 122 123static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16], u8 r1[16], 124 u8 r2[16], u8 _r[16]) 125{ 126 int err; 127 128 /* Just least significant octets from r1 and r2 are considered */ 129 memcpy(_r, r1 + 8, 8); 130 memcpy(_r + 8, r2 + 8, 8); 131 132 err = smp_e(tfm, k, _r); 133 if (err) 134 BT_ERR("Encrypt data error"); 135 136 return err; 137} 138 139static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code, 140 u16 dlen, void *data) 141{ 142 struct sk_buff *skb; 143 struct l2cap_hdr *lh; 144 int len; 145 146 len = L2CAP_HDR_SIZE + sizeof(code) + dlen; 147 148 if (len > conn->mtu) 149 return NULL; 150 151 skb = bt_skb_alloc(len, GFP_ATOMIC); 152 if (!skb) 153 return NULL; 154 155 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); 156 lh->len = cpu_to_le16(sizeof(code) + dlen); 157 lh->cid = __constant_cpu_to_le16(L2CAP_CID_SMP); 158 159 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code)); 160 161 memcpy(skb_put(skb, dlen), data, dlen); 162 163 return skb; 164} 165 166static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data) 167{ 168 struct sk_buff *skb = smp_build_cmd(conn, code, len, data); 169 170 BT_DBG("code 0x%2.2x", code); 171 172 if (!skb) 173 return; 174 175 skb->priority = HCI_PRIO_MAX; 176 hci_send_acl(conn->hchan, skb, 0); 177 178 cancel_delayed_work_sync(&conn->security_timer); 179 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT); 180} 181 182static __u8 authreq_to_seclevel(__u8 authreq) 183{ 184 if (authreq & SMP_AUTH_MITM) 185 return BT_SECURITY_HIGH; 186 else 187 return BT_SECURITY_MEDIUM; 188} 189 190static __u8 seclevel_to_authreq(__u8 sec_level) 191{ 192 switch (sec_level) { 193 case BT_SECURITY_HIGH: 194 return SMP_AUTH_MITM | SMP_AUTH_BONDING; 195 case BT_SECURITY_MEDIUM: 196 return SMP_AUTH_BONDING; 197 default: 198 return SMP_AUTH_NONE; 199 } 200} 201 202static void build_pairing_cmd(struct l2cap_conn *conn, 203 struct smp_cmd_pairing *req, 204 struct smp_cmd_pairing *rsp, __u8 authreq) 205{ 206 u8 dist_keys = 0; 207 208 if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) { 209 dist_keys = SMP_DIST_ENC_KEY; 210 authreq |= SMP_AUTH_BONDING; 211 } else { 212 authreq &= ~SMP_AUTH_BONDING; 213 } 214 215 if (rsp == NULL) { 216 req->io_capability = conn->hcon->io_capability; 217 req->oob_flag = SMP_OOB_NOT_PRESENT; 218 req->max_key_size = SMP_MAX_ENC_KEY_SIZE; 219 req->init_key_dist = 0; 220 req->resp_key_dist = dist_keys; 221 req->auth_req = (authreq & AUTH_REQ_MASK); 222 return; 223 } 224 225 rsp->io_capability = conn->hcon->io_capability; 226 rsp->oob_flag = SMP_OOB_NOT_PRESENT; 227 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE; 228 rsp->init_key_dist = 0; 229 rsp->resp_key_dist = req->resp_key_dist & dist_keys; 230 rsp->auth_req = (authreq & AUTH_REQ_MASK); 231} 232 233static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size) 234{ 235 struct smp_chan *smp = conn->smp_chan; 236 237 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) || 238 (max_key_size < SMP_MIN_ENC_KEY_SIZE)) 239 return SMP_ENC_KEY_SIZE; 240 241 smp->enc_key_size = max_key_size; 242 243 return 0; 244} 245 246static void smp_failure(struct l2cap_conn *conn, u8 reason) 247{ 248 struct hci_conn *hcon = conn->hcon; 249 250 if (reason) 251 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason), 252 &reason); 253 254 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags); 255 mgmt_auth_failed(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type, 256 HCI_ERROR_AUTH_FAILURE); 257 258 cancel_delayed_work_sync(&conn->security_timer); 259 260 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags)) 261 smp_chan_destroy(conn); 262} 263 264#define JUST_WORKS 0x00 265#define JUST_CFM 0x01 266#define REQ_PASSKEY 0x02 267#define CFM_PASSKEY 0x03 268#define REQ_OOB 0x04 269#define OVERLAP 0xFF 270 271static const u8 gen_method[5][5] = { 272 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY }, 273 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY }, 274 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY }, 275 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM }, 276 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP }, 277}; 278 279static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth, 280 u8 local_io, u8 remote_io) 281{ 282 struct hci_conn *hcon = conn->hcon; 283 struct smp_chan *smp = conn->smp_chan; 284 u8 method; 285 u32 passkey = 0; 286 int ret = 0; 287 288 /* Initialize key for JUST WORKS */ 289 memset(smp->tk, 0, sizeof(smp->tk)); 290 clear_bit(SMP_FLAG_TK_VALID, &smp->smp_flags); 291 292 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io); 293 294 /* If neither side wants MITM, use JUST WORKS */ 295 /* If either side has unknown io_caps, use JUST WORKS */ 296 /* Otherwise, look up method from the table */ 297 if (!(auth & SMP_AUTH_MITM) || 298 local_io > SMP_IO_KEYBOARD_DISPLAY || 299 remote_io > SMP_IO_KEYBOARD_DISPLAY) 300 method = JUST_WORKS; 301 else 302 method = gen_method[remote_io][local_io]; 303 304 /* If not bonding, don't ask user to confirm a Zero TK */ 305 if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM) 306 method = JUST_WORKS; 307 308 /* If Just Works, Continue with Zero TK */ 309 if (method == JUST_WORKS) { 310 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags); 311 return 0; 312 } 313 314 /* Not Just Works/Confirm results in MITM Authentication */ 315 if (method != JUST_CFM) 316 set_bit(SMP_FLAG_MITM_AUTH, &smp->smp_flags); 317 318 /* If both devices have Keyoard-Display I/O, the master 319 * Confirms and the slave Enters the passkey. 320 */ 321 if (method == OVERLAP) { 322 if (hcon->link_mode & HCI_LM_MASTER) 323 method = CFM_PASSKEY; 324 else 325 method = REQ_PASSKEY; 326 } 327 328 /* Generate random passkey. Not valid until confirmed. */ 329 if (method == CFM_PASSKEY) { 330 u8 key[16]; 331 332 memset(key, 0, sizeof(key)); 333 get_random_bytes(&passkey, sizeof(passkey)); 334 passkey %= 1000000; 335 put_unaligned_le32(passkey, key); 336 swap128(key, smp->tk); 337 BT_DBG("PassKey: %d", passkey); 338 } 339 340 hci_dev_lock(hcon->hdev); 341 342 if (method == REQ_PASSKEY) 343 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst, 344 hcon->type, hcon->dst_type); 345 else 346 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst, 347 hcon->type, hcon->dst_type, 348 cpu_to_le32(passkey), 0); 349 350 hci_dev_unlock(hcon->hdev); 351 352 return ret; 353} 354 355static void confirm_work(struct work_struct *work) 356{ 357 struct smp_chan *smp = container_of(work, struct smp_chan, confirm); 358 struct l2cap_conn *conn = smp->conn; 359 struct crypto_blkcipher *tfm; 360 struct smp_cmd_pairing_confirm cp; 361 int ret; 362 u8 res[16], reason; 363 364 BT_DBG("conn %p", conn); 365 366 tfm = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC); 367 if (IS_ERR(tfm)) { 368 reason = SMP_UNSPECIFIED; 369 goto error; 370 } 371 372 smp->tfm = tfm; 373 374 if (conn->hcon->out) 375 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp, 376 conn->hcon->src_type, &conn->hcon->src, 377 conn->hcon->dst_type, &conn->hcon->dst, res); 378 else 379 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp, 380 conn->hcon->dst_type, &conn->hcon->dst, 381 conn->hcon->src_type, &conn->hcon->src, res); 382 if (ret) { 383 reason = SMP_UNSPECIFIED; 384 goto error; 385 } 386 387 clear_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags); 388 389 swap128(res, cp.confirm_val); 390 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp); 391 392 return; 393 394error: 395 smp_failure(conn, reason); 396} 397 398static void random_work(struct work_struct *work) 399{ 400 struct smp_chan *smp = container_of(work, struct smp_chan, random); 401 struct l2cap_conn *conn = smp->conn; 402 struct hci_conn *hcon = conn->hcon; 403 struct crypto_blkcipher *tfm = smp->tfm; 404 u8 reason, confirm[16], res[16], key[16]; 405 int ret; 406 407 if (IS_ERR_OR_NULL(tfm)) { 408 reason = SMP_UNSPECIFIED; 409 goto error; 410 } 411 412 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave"); 413 414 if (hcon->out) 415 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp, 416 hcon->src_type, &hcon->src, 417 hcon->dst_type, &hcon->dst, res); 418 else 419 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp, 420 hcon->dst_type, &hcon->dst, 421 hcon->src_type, &hcon->src, res); 422 if (ret) { 423 reason = SMP_UNSPECIFIED; 424 goto error; 425 } 426 427 swap128(res, confirm); 428 429 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) { 430 BT_ERR("Pairing failed (confirmation values mismatch)"); 431 reason = SMP_CONFIRM_FAILED; 432 goto error; 433 } 434 435 if (hcon->out) { 436 u8 stk[16], rand[8]; 437 __le16 ediv; 438 439 memset(rand, 0, sizeof(rand)); 440 ediv = 0; 441 442 smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, key); 443 swap128(key, stk); 444 445 memset(stk + smp->enc_key_size, 0, 446 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size); 447 448 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags)) { 449 reason = SMP_UNSPECIFIED; 450 goto error; 451 } 452 453 hci_le_start_enc(hcon, ediv, rand, stk); 454 hcon->enc_key_size = smp->enc_key_size; 455 } else { 456 u8 stk[16], r[16], rand[8]; 457 __le16 ediv; 458 459 memset(rand, 0, sizeof(rand)); 460 ediv = 0; 461 462 swap128(smp->prnd, r); 463 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r); 464 465 smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, key); 466 swap128(key, stk); 467 468 memset(stk + smp->enc_key_size, 0, 469 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size); 470 471 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type, 472 HCI_SMP_STK_SLAVE, 0, 0, stk, smp->enc_key_size, 473 ediv, rand); 474 } 475 476 return; 477 478error: 479 smp_failure(conn, reason); 480} 481 482static struct smp_chan *smp_chan_create(struct l2cap_conn *conn) 483{ 484 struct smp_chan *smp; 485 486 smp = kzalloc(sizeof(*smp), GFP_ATOMIC); 487 if (!smp) 488 return NULL; 489 490 INIT_WORK(&smp->confirm, confirm_work); 491 INIT_WORK(&smp->random, random_work); 492 493 smp->conn = conn; 494 conn->smp_chan = smp; 495 conn->hcon->smp_conn = conn; 496 497 hci_conn_hold(conn->hcon); 498 499 return smp; 500} 501 502void smp_chan_destroy(struct l2cap_conn *conn) 503{ 504 struct smp_chan *smp = conn->smp_chan; 505 506 BUG_ON(!smp); 507 508 if (smp->tfm) 509 crypto_free_blkcipher(smp->tfm); 510 511 kfree(smp); 512 conn->smp_chan = NULL; 513 conn->hcon->smp_conn = NULL; 514 hci_conn_drop(conn->hcon); 515} 516 517int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey) 518{ 519 struct l2cap_conn *conn = hcon->smp_conn; 520 struct smp_chan *smp; 521 u32 value; 522 u8 key[16]; 523 524 BT_DBG(""); 525 526 if (!conn) 527 return -ENOTCONN; 528 529 smp = conn->smp_chan; 530 531 switch (mgmt_op) { 532 case MGMT_OP_USER_PASSKEY_REPLY: 533 value = le32_to_cpu(passkey); 534 memset(key, 0, sizeof(key)); 535 BT_DBG("PassKey: %d", value); 536 put_unaligned_le32(value, key); 537 swap128(key, smp->tk); 538 /* Fall Through */ 539 case MGMT_OP_USER_CONFIRM_REPLY: 540 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags); 541 break; 542 case MGMT_OP_USER_PASSKEY_NEG_REPLY: 543 case MGMT_OP_USER_CONFIRM_NEG_REPLY: 544 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED); 545 return 0; 546 default: 547 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED); 548 return -EOPNOTSUPP; 549 } 550 551 /* If it is our turn to send Pairing Confirm, do so now */ 552 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags)) 553 queue_work(hcon->hdev->workqueue, &smp->confirm); 554 555 return 0; 556} 557 558static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb) 559{ 560 struct smp_cmd_pairing rsp, *req = (void *) skb->data; 561 struct smp_chan *smp; 562 u8 key_size; 563 u8 auth = SMP_AUTH_NONE; 564 int ret; 565 566 BT_DBG("conn %p", conn); 567 568 if (conn->hcon->link_mode & HCI_LM_MASTER) 569 return SMP_CMD_NOTSUPP; 570 571 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags)) 572 smp = smp_chan_create(conn); 573 else 574 smp = conn->smp_chan; 575 576 if (!smp) 577 return SMP_UNSPECIFIED; 578 579 smp->preq[0] = SMP_CMD_PAIRING_REQ; 580 memcpy(&smp->preq[1], req, sizeof(*req)); 581 skb_pull(skb, sizeof(*req)); 582 583 /* We didn't start the pairing, so match remote */ 584 if (req->auth_req & SMP_AUTH_BONDING) 585 auth = req->auth_req; 586 587 conn->hcon->pending_sec_level = authreq_to_seclevel(auth); 588 589 build_pairing_cmd(conn, req, &rsp, auth); 590 591 key_size = min(req->max_key_size, rsp.max_key_size); 592 if (check_enc_key_size(conn, key_size)) 593 return SMP_ENC_KEY_SIZE; 594 595 get_random_bytes(smp->prnd, sizeof(smp->prnd)); 596 597 smp->prsp[0] = SMP_CMD_PAIRING_RSP; 598 memcpy(&smp->prsp[1], &rsp, sizeof(rsp)); 599 600 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp); 601 602 /* Request setup of TK */ 603 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability); 604 if (ret) 605 return SMP_UNSPECIFIED; 606 607 return 0; 608} 609 610static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb) 611{ 612 struct smp_cmd_pairing *req, *rsp = (void *) skb->data; 613 struct smp_chan *smp = conn->smp_chan; 614 struct hci_dev *hdev = conn->hcon->hdev; 615 u8 key_size, auth = SMP_AUTH_NONE; 616 int ret; 617 618 BT_DBG("conn %p", conn); 619 620 if (!(conn->hcon->link_mode & HCI_LM_MASTER)) 621 return SMP_CMD_NOTSUPP; 622 623 skb_pull(skb, sizeof(*rsp)); 624 625 req = (void *) &smp->preq[1]; 626 627 key_size = min(req->max_key_size, rsp->max_key_size); 628 if (check_enc_key_size(conn, key_size)) 629 return SMP_ENC_KEY_SIZE; 630 631 get_random_bytes(smp->prnd, sizeof(smp->prnd)); 632 633 smp->prsp[0] = SMP_CMD_PAIRING_RSP; 634 memcpy(&smp->prsp[1], rsp, sizeof(*rsp)); 635 636 if ((req->auth_req & SMP_AUTH_BONDING) && 637 (rsp->auth_req & SMP_AUTH_BONDING)) 638 auth = SMP_AUTH_BONDING; 639 640 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM; 641 642 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability); 643 if (ret) 644 return SMP_UNSPECIFIED; 645 646 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags); 647 648 /* Can't compose response until we have been confirmed */ 649 if (!test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags)) 650 return 0; 651 652 queue_work(hdev->workqueue, &smp->confirm); 653 654 return 0; 655} 656 657static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb) 658{ 659 struct smp_chan *smp = conn->smp_chan; 660 struct hci_dev *hdev = conn->hcon->hdev; 661 662 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave"); 663 664 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf)); 665 skb_pull(skb, sizeof(smp->pcnf)); 666 667 if (conn->hcon->out) { 668 u8 random[16]; 669 670 swap128(smp->prnd, random); 671 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random), 672 random); 673 } else if (test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags)) { 674 queue_work(hdev->workqueue, &smp->confirm); 675 } else { 676 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags); 677 } 678 679 return 0; 680} 681 682static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb) 683{ 684 struct smp_chan *smp = conn->smp_chan; 685 struct hci_dev *hdev = conn->hcon->hdev; 686 687 BT_DBG("conn %p", conn); 688 689 swap128(skb->data, smp->rrnd); 690 skb_pull(skb, sizeof(smp->rrnd)); 691 692 queue_work(hdev->workqueue, &smp->random); 693 694 return 0; 695} 696 697static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level) 698{ 699 struct smp_ltk *key; 700 struct hci_conn *hcon = conn->hcon; 701 702 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type); 703 if (!key) 704 return 0; 705 706 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated) 707 return 0; 708 709 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags)) 710 return 1; 711 712 hci_le_start_enc(hcon, key->ediv, key->rand, key->val); 713 hcon->enc_key_size = key->enc_size; 714 715 return 1; 716} 717 718static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb) 719{ 720 struct smp_cmd_security_req *rp = (void *) skb->data; 721 struct smp_cmd_pairing cp; 722 struct hci_conn *hcon = conn->hcon; 723 struct smp_chan *smp; 724 725 BT_DBG("conn %p", conn); 726 727 if (!(conn->hcon->link_mode & HCI_LM_MASTER)) 728 return SMP_CMD_NOTSUPP; 729 730 hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req); 731 732 if (smp_ltk_encrypt(conn, hcon->pending_sec_level)) 733 return 0; 734 735 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags)) 736 return 0; 737 738 smp = smp_chan_create(conn); 739 740 skb_pull(skb, sizeof(*rp)); 741 742 memset(&cp, 0, sizeof(cp)); 743 build_pairing_cmd(conn, &cp, NULL, rp->auth_req); 744 745 smp->preq[0] = SMP_CMD_PAIRING_REQ; 746 memcpy(&smp->preq[1], &cp, sizeof(cp)); 747 748 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp); 749 750 return 0; 751} 752 753bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level) 754{ 755 if (sec_level == BT_SECURITY_LOW) 756 return true; 757 758 if (hcon->sec_level >= sec_level) 759 return true; 760 761 return false; 762} 763 764int smp_conn_security(struct hci_conn *hcon, __u8 sec_level) 765{ 766 struct l2cap_conn *conn = hcon->l2cap_data; 767 struct smp_chan *smp = conn->smp_chan; 768 __u8 authreq; 769 770 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level); 771 772 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) 773 return 1; 774 775 if (smp_sufficient_security(hcon, sec_level)) 776 return 1; 777 778 if (hcon->link_mode & HCI_LM_MASTER) 779 if (smp_ltk_encrypt(conn, sec_level)) 780 goto done; 781 782 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags)) 783 return 0; 784 785 smp = smp_chan_create(conn); 786 if (!smp) 787 return 1; 788 789 authreq = seclevel_to_authreq(sec_level); 790 791 if (hcon->link_mode & HCI_LM_MASTER) { 792 struct smp_cmd_pairing cp; 793 794 build_pairing_cmd(conn, &cp, NULL, authreq); 795 smp->preq[0] = SMP_CMD_PAIRING_REQ; 796 memcpy(&smp->preq[1], &cp, sizeof(cp)); 797 798 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp); 799 } else { 800 struct smp_cmd_security_req cp; 801 cp.auth_req = authreq; 802 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp); 803 } 804 805done: 806 hcon->pending_sec_level = sec_level; 807 808 return 0; 809} 810 811static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb) 812{ 813 struct smp_cmd_encrypt_info *rp = (void *) skb->data; 814 struct smp_chan *smp = conn->smp_chan; 815 816 skb_pull(skb, sizeof(*rp)); 817 818 memcpy(smp->tk, rp->ltk, sizeof(smp->tk)); 819 820 return 0; 821} 822 823static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb) 824{ 825 struct smp_cmd_master_ident *rp = (void *) skb->data; 826 struct smp_chan *smp = conn->smp_chan; 827 struct hci_dev *hdev = conn->hcon->hdev; 828 struct hci_conn *hcon = conn->hcon; 829 u8 authenticated; 830 831 skb_pull(skb, sizeof(*rp)); 832 833 hci_dev_lock(hdev); 834 authenticated = (hcon->sec_level == BT_SECURITY_HIGH); 835 hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, HCI_SMP_LTK, 1, 836 authenticated, smp->tk, smp->enc_key_size, 837 rp->ediv, rp->rand); 838 smp_distribute_keys(conn, 1); 839 hci_dev_unlock(hdev); 840 841 return 0; 842} 843 844int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb) 845{ 846 struct hci_conn *hcon = conn->hcon; 847 __u8 code, reason; 848 int err = 0; 849 850 if (hcon->type != LE_LINK) { 851 kfree_skb(skb); 852 return 0; 853 } 854 855 if (skb->len < 1) { 856 kfree_skb(skb); 857 return -EILSEQ; 858 } 859 860 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) { 861 err = -ENOTSUPP; 862 reason = SMP_PAIRING_NOTSUPP; 863 goto done; 864 } 865 866 code = skb->data[0]; 867 skb_pull(skb, sizeof(code)); 868 869 /* 870 * The SMP context must be initialized for all other PDUs except 871 * pairing and security requests. If we get any other PDU when 872 * not initialized simply disconnect (done if this function 873 * returns an error). 874 */ 875 if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ && 876 !conn->smp_chan) { 877 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code); 878 kfree_skb(skb); 879 return -ENOTSUPP; 880 } 881 882 switch (code) { 883 case SMP_CMD_PAIRING_REQ: 884 reason = smp_cmd_pairing_req(conn, skb); 885 break; 886 887 case SMP_CMD_PAIRING_FAIL: 888 smp_failure(conn, 0); 889 reason = 0; 890 err = -EPERM; 891 break; 892 893 case SMP_CMD_PAIRING_RSP: 894 reason = smp_cmd_pairing_rsp(conn, skb); 895 break; 896 897 case SMP_CMD_SECURITY_REQ: 898 reason = smp_cmd_security_req(conn, skb); 899 break; 900 901 case SMP_CMD_PAIRING_CONFIRM: 902 reason = smp_cmd_pairing_confirm(conn, skb); 903 break; 904 905 case SMP_CMD_PAIRING_RANDOM: 906 reason = smp_cmd_pairing_random(conn, skb); 907 break; 908 909 case SMP_CMD_ENCRYPT_INFO: 910 reason = smp_cmd_encrypt_info(conn, skb); 911 break; 912 913 case SMP_CMD_MASTER_IDENT: 914 reason = smp_cmd_master_ident(conn, skb); 915 break; 916 917 case SMP_CMD_IDENT_INFO: 918 case SMP_CMD_IDENT_ADDR_INFO: 919 case SMP_CMD_SIGN_INFO: 920 /* Just ignored */ 921 reason = 0; 922 break; 923 924 default: 925 BT_DBG("Unknown command code 0x%2.2x", code); 926 927 reason = SMP_CMD_NOTSUPP; 928 err = -EOPNOTSUPP; 929 goto done; 930 } 931 932done: 933 if (reason) 934 smp_failure(conn, reason); 935 936 kfree_skb(skb); 937 return err; 938} 939 940int smp_distribute_keys(struct l2cap_conn *conn, __u8 force) 941{ 942 struct smp_cmd_pairing *req, *rsp; 943 struct smp_chan *smp = conn->smp_chan; 944 __u8 *keydist; 945 946 BT_DBG("conn %p force %d", conn, force); 947 948 if (!test_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags)) 949 return 0; 950 951 rsp = (void *) &smp->prsp[1]; 952 953 /* The responder sends its keys first */ 954 if (!force && conn->hcon->out && (rsp->resp_key_dist & 0x07)) 955 return 0; 956 957 req = (void *) &smp->preq[1]; 958 959 if (conn->hcon->out) { 960 keydist = &rsp->init_key_dist; 961 *keydist &= req->init_key_dist; 962 } else { 963 keydist = &rsp->resp_key_dist; 964 *keydist &= req->resp_key_dist; 965 } 966 967 968 BT_DBG("keydist 0x%x", *keydist); 969 970 if (*keydist & SMP_DIST_ENC_KEY) { 971 struct smp_cmd_encrypt_info enc; 972 struct smp_cmd_master_ident ident; 973 struct hci_conn *hcon = conn->hcon; 974 u8 authenticated; 975 __le16 ediv; 976 977 get_random_bytes(enc.ltk, sizeof(enc.ltk)); 978 get_random_bytes(&ediv, sizeof(ediv)); 979 get_random_bytes(ident.rand, sizeof(ident.rand)); 980 981 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc); 982 983 authenticated = hcon->sec_level == BT_SECURITY_HIGH; 984 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type, 985 HCI_SMP_LTK_SLAVE, 1, authenticated, 986 enc.ltk, smp->enc_key_size, ediv, ident.rand); 987 988 ident.ediv = ediv; 989 990 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident); 991 992 *keydist &= ~SMP_DIST_ENC_KEY; 993 } 994 995 if (*keydist & SMP_DIST_ID_KEY) { 996 struct smp_cmd_ident_addr_info addrinfo; 997 struct smp_cmd_ident_info idinfo; 998 999 /* Send a dummy key */ 1000 get_random_bytes(idinfo.irk, sizeof(idinfo.irk)); 1001 1002 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo); 1003 1004 /* Just public address */ 1005 memset(&addrinfo, 0, sizeof(addrinfo)); 1006 bacpy(&addrinfo.bdaddr, &conn->hcon->src); 1007 1008 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo), 1009 &addrinfo); 1010 1011 *keydist &= ~SMP_DIST_ID_KEY; 1012 } 1013 1014 if (*keydist & SMP_DIST_SIGN) { 1015 struct smp_cmd_sign_info sign; 1016 1017 /* Send a dummy key */ 1018 get_random_bytes(sign.csrk, sizeof(sign.csrk)); 1019 1020 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign); 1021 1022 *keydist &= ~SMP_DIST_SIGN; 1023 } 1024 1025 if (conn->hcon->out || force) { 1026 clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags); 1027 cancel_delayed_work_sync(&conn->security_timer); 1028 smp_chan_destroy(conn); 1029 } 1030 1031 return 0; 1032}