2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
34 #define SMP_ALLOW_CMD(smp, code) set_bit(code, &smp->allow_cmd)
36 #define SMP_TIMEOUT msecs_to_jiffies(30000)
38 #define AUTH_REQ_MASK 0x07
39 #define KEY_DIST_MASK 0x07
50 struct l2cap_conn *conn;
51 struct delayed_work security_timer;
52 unsigned long allow_cmd; /* Bitmask of allowed commands */
54 u8 preq[7]; /* SMP Pairing Request */
55 u8 prsp[7]; /* SMP Pairing Response */
56 u8 prnd[16]; /* SMP Pairing Random (local) */
57 u8 rrnd[16]; /* SMP Pairing Random (remote) */
58 u8 pcnf[16]; /* SMP Pairing Confirm */
59 u8 tk[16]; /* SMP Temporary Key */
65 struct smp_csrk *csrk;
66 struct smp_csrk *slave_csrk;
68 struct smp_ltk *slave_ltk;
69 struct smp_irk *remote_irk;
72 struct crypto_blkcipher *tfm_aes;
75 static inline void swap_buf(const u8 *src, u8 *dst, size_t len)
79 for (i = 0; i < len; i++)
80 dst[len - 1 - i] = src[i];
83 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
85 struct blkcipher_desc desc;
86 struct scatterlist sg;
87 uint8_t tmp[16], data[16];
91 BT_ERR("tfm %p", tfm);
98 /* The most significant octet of key corresponds to k[0] */
101 err = crypto_blkcipher_setkey(tfm, tmp, 16);
103 BT_ERR("cipher setkey failed: %d", err);
107 /* Most significant octet of plaintextData corresponds to data[0] */
108 swap_buf(r, data, 16);
110 sg_init_one(&sg, data, 16);
112 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
114 BT_ERR("Encrypt data error %d", err);
116 /* Most significant octet of encryptedData corresponds to data[0] */
117 swap_buf(data, r, 16);
122 static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
127 /* r' = padding || r */
129 memset(_res + 3, 0, 13);
131 err = smp_e(tfm, irk, _res);
133 BT_ERR("Encrypt error");
137 /* The output of the random address function ah is:
138 * ah(h, r) = e(k, r') mod 2^24
139 * The output of the security function e is then truncated to 24 bits
140 * by taking the least significant 24 bits of the output of e as the
143 memcpy(res, _res, 3);
148 bool smp_irk_matches(struct hci_dev *hdev, u8 irk[16], bdaddr_t *bdaddr)
150 struct l2cap_chan *chan = hdev->smp_data;
151 struct crypto_blkcipher *tfm;
155 if (!chan || !chan->data)
160 BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk);
162 err = smp_ah(tfm, irk, &bdaddr->b[3], hash);
166 return !memcmp(bdaddr->b, hash, 3);
169 int smp_generate_rpa(struct hci_dev *hdev, u8 irk[16], bdaddr_t *rpa)
171 struct l2cap_chan *chan = hdev->smp_data;
172 struct crypto_blkcipher *tfm;
175 if (!chan || !chan->data)
180 get_random_bytes(&rpa->b[3], 3);
182 rpa->b[5] &= 0x3f; /* Clear two most significant bits */
183 rpa->b[5] |= 0x40; /* Set second most significant bit */
185 err = smp_ah(tfm, irk, &rpa->b[3], rpa->b);
189 BT_DBG("RPA %pMR", rpa);
194 static int smp_c1(struct crypto_blkcipher *tfm_aes, u8 k[16], u8 r[16],
195 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia, u8 _rat,
196 bdaddr_t *ra, u8 res[16])
203 /* p1 = pres || preq || _rat || _iat */
206 memcpy(p1 + 2, preq, 7);
207 memcpy(p1 + 9, pres, 7);
209 /* p2 = padding || ia || ra */
211 memcpy(p2 + 6, ia, 6);
212 memset(p2 + 12, 0, 4);
215 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
217 /* res = e(k, res) */
218 err = smp_e(tfm_aes, k, res);
220 BT_ERR("Encrypt data error");
224 /* res = res XOR p2 */
225 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
227 /* res = e(k, res) */
228 err = smp_e(tfm_aes, k, res);
230 BT_ERR("Encrypt data error");
235 static int smp_s1(struct crypto_blkcipher *tfm_aes, u8 k[16], u8 r1[16],
236 u8 r2[16], u8 _r[16])
240 /* Just least significant octets from r1 and r2 are considered */
242 memcpy(_r + 8, r1, 8);
244 err = smp_e(tfm_aes, k, _r);
246 BT_ERR("Encrypt data error");
251 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
253 struct l2cap_chan *chan = conn->smp;
254 struct smp_chan *smp;
261 BT_DBG("code 0x%2.2x", code);
263 iv[0].iov_base = &code;
266 iv[1].iov_base = data;
269 memset(&msg, 0, sizeof(msg));
271 msg.msg_iov = (struct iovec *) &iv;
274 l2cap_chan_send(chan, &msg, 1 + len);
281 cancel_delayed_work_sync(&smp->security_timer);
282 schedule_delayed_work(&smp->security_timer, SMP_TIMEOUT);
285 static __u8 authreq_to_seclevel(__u8 authreq)
287 if (authreq & SMP_AUTH_MITM)
288 return BT_SECURITY_HIGH;
290 return BT_SECURITY_MEDIUM;
293 static __u8 seclevel_to_authreq(__u8 sec_level)
296 case BT_SECURITY_HIGH:
297 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
298 case BT_SECURITY_MEDIUM:
299 return SMP_AUTH_BONDING;
301 return SMP_AUTH_NONE;
305 static void build_pairing_cmd(struct l2cap_conn *conn,
306 struct smp_cmd_pairing *req,
307 struct smp_cmd_pairing *rsp, __u8 authreq)
309 struct l2cap_chan *chan = conn->smp;
310 struct smp_chan *smp = chan->data;
311 struct hci_conn *hcon = conn->hcon;
312 struct hci_dev *hdev = hcon->hdev;
313 u8 local_dist = 0, remote_dist = 0;
315 if (test_bit(HCI_BONDABLE, &conn->hcon->hdev->dev_flags)) {
316 local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
317 remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
318 authreq |= SMP_AUTH_BONDING;
320 authreq &= ~SMP_AUTH_BONDING;
323 if (test_bit(HCI_RPA_RESOLVING, &hdev->dev_flags))
324 remote_dist |= SMP_DIST_ID_KEY;
326 if (test_bit(HCI_PRIVACY, &hdev->dev_flags))
327 local_dist |= SMP_DIST_ID_KEY;
330 req->io_capability = conn->hcon->io_capability;
331 req->oob_flag = SMP_OOB_NOT_PRESENT;
332 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
333 req->init_key_dist = local_dist;
334 req->resp_key_dist = remote_dist;
335 req->auth_req = (authreq & AUTH_REQ_MASK);
337 smp->remote_key_dist = remote_dist;
341 rsp->io_capability = conn->hcon->io_capability;
342 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
343 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
344 rsp->init_key_dist = req->init_key_dist & remote_dist;
345 rsp->resp_key_dist = req->resp_key_dist & local_dist;
346 rsp->auth_req = (authreq & AUTH_REQ_MASK);
348 smp->remote_key_dist = rsp->init_key_dist;
351 static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
353 struct l2cap_chan *chan = conn->smp;
354 struct smp_chan *smp = chan->data;
356 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
357 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
358 return SMP_ENC_KEY_SIZE;
360 smp->enc_key_size = max_key_size;
365 static void smp_chan_destroy(struct l2cap_conn *conn)
367 struct l2cap_chan *chan = conn->smp;
368 struct smp_chan *smp = chan->data;
373 cancel_delayed_work_sync(&smp->security_timer);
375 complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
376 mgmt_smp_complete(conn->hcon, complete);
379 kfree(smp->slave_csrk);
381 crypto_free_blkcipher(smp->tfm_aes);
383 /* If pairing failed clean up any keys we might have */
386 list_del(&smp->ltk->list);
390 if (smp->slave_ltk) {
391 list_del(&smp->slave_ltk->list);
392 kfree(smp->slave_ltk);
395 if (smp->remote_irk) {
396 list_del(&smp->remote_irk->list);
397 kfree(smp->remote_irk);
403 hci_conn_drop(conn->hcon);
406 static void smp_failure(struct l2cap_conn *conn, u8 reason)
408 struct hci_conn *hcon = conn->hcon;
409 struct l2cap_chan *chan = conn->smp;
412 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
415 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
416 mgmt_auth_failed(hcon, HCI_ERROR_AUTH_FAILURE);
419 smp_chan_destroy(conn);
422 #define JUST_WORKS 0x00
423 #define JUST_CFM 0x01
424 #define REQ_PASSKEY 0x02
425 #define CFM_PASSKEY 0x03
429 static const u8 gen_method[5][5] = {
430 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
431 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
432 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
433 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
434 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
437 static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
439 /* If either side has unknown io_caps, use JUST_CFM (which gets
440 * converted later to JUST_WORKS if we're initiators.
442 if (local_io > SMP_IO_KEYBOARD_DISPLAY ||
443 remote_io > SMP_IO_KEYBOARD_DISPLAY)
446 return gen_method[remote_io][local_io];
449 static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
450 u8 local_io, u8 remote_io)
452 struct hci_conn *hcon = conn->hcon;
453 struct l2cap_chan *chan = conn->smp;
454 struct smp_chan *smp = chan->data;
459 /* Initialize key for JUST WORKS */
460 memset(smp->tk, 0, sizeof(smp->tk));
461 clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
463 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
465 /* If neither side wants MITM, either "just" confirm an incoming
466 * request or use just-works for outgoing ones. The JUST_CFM
467 * will be converted to JUST_WORKS if necessary later in this
468 * function. If either side has MITM look up the method from the
471 if (!(auth & SMP_AUTH_MITM))
474 method = get_auth_method(smp, local_io, remote_io);
476 /* Don't confirm locally initiated pairing attempts */
477 if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags))
480 /* Don't bother user space with no IO capabilities */
481 if (method == JUST_CFM && hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
484 /* If Just Works, Continue with Zero TK */
485 if (method == JUST_WORKS) {
486 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
490 /* Not Just Works/Confirm results in MITM Authentication */
491 if (method != JUST_CFM) {
492 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
493 if (hcon->pending_sec_level < BT_SECURITY_HIGH)
494 hcon->pending_sec_level = BT_SECURITY_HIGH;
497 /* If both devices have Keyoard-Display I/O, the master
498 * Confirms and the slave Enters the passkey.
500 if (method == OVERLAP) {
501 if (hcon->role == HCI_ROLE_MASTER)
502 method = CFM_PASSKEY;
504 method = REQ_PASSKEY;
507 /* Generate random passkey. */
508 if (method == CFM_PASSKEY) {
509 memset(smp->tk, 0, sizeof(smp->tk));
510 get_random_bytes(&passkey, sizeof(passkey));
512 put_unaligned_le32(passkey, smp->tk);
513 BT_DBG("PassKey: %d", passkey);
514 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
517 hci_dev_lock(hcon->hdev);
519 if (method == REQ_PASSKEY)
520 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
521 hcon->type, hcon->dst_type);
522 else if (method == JUST_CFM)
523 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
524 hcon->type, hcon->dst_type,
527 ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst,
528 hcon->type, hcon->dst_type,
531 hci_dev_unlock(hcon->hdev);
536 static u8 smp_confirm(struct smp_chan *smp)
538 struct l2cap_conn *conn = smp->conn;
539 struct smp_cmd_pairing_confirm cp;
542 BT_DBG("conn %p", conn);
544 ret = smp_c1(smp->tfm_aes, smp->tk, smp->prnd, smp->preq, smp->prsp,
545 conn->hcon->init_addr_type, &conn->hcon->init_addr,
546 conn->hcon->resp_addr_type, &conn->hcon->resp_addr,
549 return SMP_UNSPECIFIED;
551 clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
553 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
556 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
558 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
563 static u8 smp_random(struct smp_chan *smp)
565 struct l2cap_conn *conn = smp->conn;
566 struct hci_conn *hcon = conn->hcon;
570 if (IS_ERR_OR_NULL(smp->tfm_aes))
571 return SMP_UNSPECIFIED;
573 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
575 ret = smp_c1(smp->tfm_aes, smp->tk, smp->rrnd, smp->preq, smp->prsp,
576 hcon->init_addr_type, &hcon->init_addr,
577 hcon->resp_addr_type, &hcon->resp_addr, confirm);
579 return SMP_UNSPECIFIED;
581 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
582 BT_ERR("Pairing failed (confirmation values mismatch)");
583 return SMP_CONFIRM_FAILED;
591 smp_s1(smp->tfm_aes, smp->tk, smp->rrnd, smp->prnd, stk);
593 memset(stk + smp->enc_key_size, 0,
594 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
596 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
597 return SMP_UNSPECIFIED;
599 hci_le_start_enc(hcon, ediv, rand, stk);
600 hcon->enc_key_size = smp->enc_key_size;
601 set_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
607 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
610 smp_s1(smp->tfm_aes, smp->tk, smp->prnd, smp->rrnd, stk);
612 memset(stk + smp->enc_key_size, 0,
613 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
615 if (hcon->pending_sec_level == BT_SECURITY_HIGH)
620 /* Even though there's no _SLAVE suffix this is the
621 * slave STK we're adding for later lookup (the master
622 * STK never needs to be stored).
624 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
625 SMP_STK, auth, stk, smp->enc_key_size, ediv, rand);
631 static void smp_notify_keys(struct l2cap_conn *conn)
633 struct l2cap_chan *chan = conn->smp;
634 struct smp_chan *smp = chan->data;
635 struct hci_conn *hcon = conn->hcon;
636 struct hci_dev *hdev = hcon->hdev;
637 struct smp_cmd_pairing *req = (void *) &smp->preq[1];
638 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
641 if (smp->remote_irk) {
642 mgmt_new_irk(hdev, smp->remote_irk);
643 /* Now that user space can be considered to know the
644 * identity address track the connection based on it
647 bacpy(&hcon->dst, &smp->remote_irk->bdaddr);
648 hcon->dst_type = smp->remote_irk->addr_type;
649 queue_work(hdev->workqueue, &conn->id_addr_update_work);
651 /* When receiving an indentity resolving key for
652 * a remote device that does not use a resolvable
653 * private address, just remove the key so that
654 * it is possible to use the controller white
657 * Userspace will have been told to not store
658 * this key at this point. So it is safe to
661 if (!bacmp(&smp->remote_irk->rpa, BDADDR_ANY)) {
662 list_del(&smp->remote_irk->list);
663 kfree(smp->remote_irk);
664 smp->remote_irk = NULL;
668 /* The LTKs and CSRKs should be persistent only if both sides
669 * had the bonding bit set in their authentication requests.
671 persistent = !!((req->auth_req & rsp->auth_req) & SMP_AUTH_BONDING);
674 smp->csrk->bdaddr_type = hcon->dst_type;
675 bacpy(&smp->csrk->bdaddr, &hcon->dst);
676 mgmt_new_csrk(hdev, smp->csrk, persistent);
679 if (smp->slave_csrk) {
680 smp->slave_csrk->bdaddr_type = hcon->dst_type;
681 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst);
682 mgmt_new_csrk(hdev, smp->slave_csrk, persistent);
686 smp->ltk->bdaddr_type = hcon->dst_type;
687 bacpy(&smp->ltk->bdaddr, &hcon->dst);
688 mgmt_new_ltk(hdev, smp->ltk, persistent);
691 if (smp->slave_ltk) {
692 smp->slave_ltk->bdaddr_type = hcon->dst_type;
693 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
694 mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
698 static void smp_allow_key_dist(struct smp_chan *smp)
700 /* Allow the first expected phase 3 PDU. The rest of the PDUs
701 * will be allowed in each PDU handler to ensure we receive
702 * them in the correct order.
704 if (smp->remote_key_dist & SMP_DIST_ENC_KEY)
705 SMP_ALLOW_CMD(smp, SMP_CMD_ENCRYPT_INFO);
706 else if (smp->remote_key_dist & SMP_DIST_ID_KEY)
707 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
708 else if (smp->remote_key_dist & SMP_DIST_SIGN)
709 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
712 static void smp_distribute_keys(struct smp_chan *smp)
714 struct smp_cmd_pairing *req, *rsp;
715 struct l2cap_conn *conn = smp->conn;
716 struct hci_conn *hcon = conn->hcon;
717 struct hci_dev *hdev = hcon->hdev;
720 BT_DBG("conn %p", conn);
722 rsp = (void *) &smp->prsp[1];
724 /* The responder sends its keys first */
725 if (hcon->out && (smp->remote_key_dist & KEY_DIST_MASK)) {
726 smp_allow_key_dist(smp);
730 req = (void *) &smp->preq[1];
733 keydist = &rsp->init_key_dist;
734 *keydist &= req->init_key_dist;
736 keydist = &rsp->resp_key_dist;
737 *keydist &= req->resp_key_dist;
740 BT_DBG("keydist 0x%x", *keydist);
742 if (*keydist & SMP_DIST_ENC_KEY) {
743 struct smp_cmd_encrypt_info enc;
744 struct smp_cmd_master_ident ident;
750 get_random_bytes(enc.ltk, sizeof(enc.ltk));
751 get_random_bytes(&ediv, sizeof(ediv));
752 get_random_bytes(&rand, sizeof(rand));
754 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
756 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
757 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type,
758 SMP_LTK_SLAVE, authenticated, enc.ltk,
759 smp->enc_key_size, ediv, rand);
760 smp->slave_ltk = ltk;
765 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
767 *keydist &= ~SMP_DIST_ENC_KEY;
770 if (*keydist & SMP_DIST_ID_KEY) {
771 struct smp_cmd_ident_addr_info addrinfo;
772 struct smp_cmd_ident_info idinfo;
774 memcpy(idinfo.irk, hdev->irk, sizeof(idinfo.irk));
776 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
778 /* The hci_conn contains the local identity address
779 * after the connection has been established.
781 * This is true even when the connection has been
782 * established using a resolvable random address.
784 bacpy(&addrinfo.bdaddr, &hcon->src);
785 addrinfo.addr_type = hcon->src_type;
787 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
790 *keydist &= ~SMP_DIST_ID_KEY;
793 if (*keydist & SMP_DIST_SIGN) {
794 struct smp_cmd_sign_info sign;
795 struct smp_csrk *csrk;
797 /* Generate a new random key */
798 get_random_bytes(sign.csrk, sizeof(sign.csrk));
800 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
803 memcpy(csrk->val, sign.csrk, sizeof(csrk->val));
805 smp->slave_csrk = csrk;
807 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
809 *keydist &= ~SMP_DIST_SIGN;
812 /* If there are still keys to be received wait for them */
813 if (smp->remote_key_dist & KEY_DIST_MASK) {
814 smp_allow_key_dist(smp);
818 set_bit(SMP_FLAG_COMPLETE, &smp->flags);
819 smp_notify_keys(conn);
821 smp_chan_destroy(conn);
824 static void smp_timeout(struct work_struct *work)
826 struct smp_chan *smp = container_of(work, struct smp_chan,
827 security_timer.work);
828 struct l2cap_conn *conn = smp->conn;
830 BT_DBG("conn %p", conn);
832 hci_disconnect(conn->hcon, HCI_ERROR_REMOTE_USER_TERM);
835 static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
837 struct l2cap_chan *chan = conn->smp;
838 struct smp_chan *smp;
840 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
844 smp->tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
845 if (IS_ERR(smp->tfm_aes)) {
846 BT_ERR("Unable to create ECB crypto context");
854 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_FAIL);
856 INIT_DELAYED_WORK(&smp->security_timer, smp_timeout);
858 hci_conn_hold(conn->hcon);
863 int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
865 struct l2cap_conn *conn = hcon->l2cap_data;
866 struct l2cap_chan *chan;
867 struct smp_chan *smp;
880 l2cap_chan_lock(chan);
889 case MGMT_OP_USER_PASSKEY_REPLY:
890 value = le32_to_cpu(passkey);
891 memset(smp->tk, 0, sizeof(smp->tk));
892 BT_DBG("PassKey: %d", value);
893 put_unaligned_le32(value, smp->tk);
895 case MGMT_OP_USER_CONFIRM_REPLY:
896 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
898 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
899 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
900 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
904 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
911 /* If it is our turn to send Pairing Confirm, do so now */
912 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) {
913 u8 rsp = smp_confirm(smp);
915 smp_failure(conn, rsp);
919 l2cap_chan_unlock(chan);
923 static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
925 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
926 struct l2cap_chan *chan = conn->smp;
927 struct hci_dev *hdev = conn->hcon->hdev;
928 struct smp_chan *smp;
929 u8 key_size, auth, sec_level;
932 BT_DBG("conn %p", conn);
934 if (skb->len < sizeof(*req))
935 return SMP_INVALID_PARAMS;
937 if (conn->hcon->role != HCI_ROLE_SLAVE)
938 return SMP_CMD_NOTSUPP;
941 smp = smp_chan_create(conn);
946 return SMP_UNSPECIFIED;
948 /* We didn't start the pairing, so match remote */
949 auth = req->auth_req & AUTH_REQ_MASK;
951 if (!test_bit(HCI_BONDABLE, &hdev->dev_flags) &&
952 (auth & SMP_AUTH_BONDING))
953 return SMP_PAIRING_NOTSUPP;
955 smp->preq[0] = SMP_CMD_PAIRING_REQ;
956 memcpy(&smp->preq[1], req, sizeof(*req));
957 skb_pull(skb, sizeof(*req));
959 if (conn->hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
960 sec_level = BT_SECURITY_MEDIUM;
962 sec_level = authreq_to_seclevel(auth);
964 if (sec_level > conn->hcon->pending_sec_level)
965 conn->hcon->pending_sec_level = sec_level;
967 /* If we need MITM check that it can be acheived */
968 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
971 method = get_auth_method(smp, conn->hcon->io_capability,
973 if (method == JUST_WORKS || method == JUST_CFM)
974 return SMP_AUTH_REQUIREMENTS;
977 build_pairing_cmd(conn, req, &rsp, auth);
979 key_size = min(req->max_key_size, rsp.max_key_size);
980 if (check_enc_key_size(conn, key_size))
981 return SMP_ENC_KEY_SIZE;
983 get_random_bytes(smp->prnd, sizeof(smp->prnd));
985 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
986 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
988 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
989 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
991 /* Request setup of TK */
992 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
994 return SMP_UNSPECIFIED;
999 static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
1001 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
1002 struct l2cap_chan *chan = conn->smp;
1003 struct smp_chan *smp = chan->data;
1007 BT_DBG("conn %p", conn);
1009 if (skb->len < sizeof(*rsp))
1010 return SMP_INVALID_PARAMS;
1012 if (conn->hcon->role != HCI_ROLE_MASTER)
1013 return SMP_CMD_NOTSUPP;
1015 skb_pull(skb, sizeof(*rsp));
1017 req = (void *) &smp->preq[1];
1019 key_size = min(req->max_key_size, rsp->max_key_size);
1020 if (check_enc_key_size(conn, key_size))
1021 return SMP_ENC_KEY_SIZE;
1023 auth = rsp->auth_req & AUTH_REQ_MASK;
1025 /* If we need MITM check that it can be acheived */
1026 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
1029 method = get_auth_method(smp, req->io_capability,
1030 rsp->io_capability);
1031 if (method == JUST_WORKS || method == JUST_CFM)
1032 return SMP_AUTH_REQUIREMENTS;
1035 get_random_bytes(smp->prnd, sizeof(smp->prnd));
1037 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
1038 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
1040 /* Update remote key distribution in case the remote cleared
1041 * some bits that we had enabled in our request.
1043 smp->remote_key_dist &= rsp->resp_key_dist;
1045 auth |= req->auth_req;
1047 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
1049 return SMP_UNSPECIFIED;
1051 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
1053 /* Can't compose response until we have been confirmed */
1054 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
1055 return smp_confirm(smp);
1060 static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
1062 struct l2cap_chan *chan = conn->smp;
1063 struct smp_chan *smp = chan->data;
1065 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
1067 if (skb->len < sizeof(smp->pcnf))
1068 return SMP_INVALID_PARAMS;
1070 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
1071 skb_pull(skb, sizeof(smp->pcnf));
1073 if (conn->hcon->out) {
1074 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
1076 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
1080 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
1081 return smp_confirm(smp);
1083 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
1088 static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
1090 struct l2cap_chan *chan = conn->smp;
1091 struct smp_chan *smp = chan->data;
1093 BT_DBG("conn %p", conn);
1095 if (skb->len < sizeof(smp->rrnd))
1096 return SMP_INVALID_PARAMS;
1098 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
1099 skb_pull(skb, sizeof(smp->rrnd));
1101 return smp_random(smp);
1104 static bool smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
1106 struct smp_ltk *key;
1107 struct hci_conn *hcon = conn->hcon;
1109 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
1114 if (smp_ltk_sec_level(key) < sec_level)
1117 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
1120 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
1121 hcon->enc_key_size = key->enc_size;
1123 /* We never store STKs for master role, so clear this flag */
1124 clear_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
1129 bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level)
1131 if (sec_level == BT_SECURITY_LOW)
1134 /* If we're encrypted with an STK always claim insufficient
1135 * security. This way we allow the connection to be re-encrypted
1136 * with an LTK, even if the LTK provides the same level of
1137 * security. Only exception is if we don't have an LTK (e.g.
1138 * because of key distribution bits).
1140 if (test_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags) &&
1141 hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
1145 if (hcon->sec_level >= sec_level)
1151 static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
1153 struct smp_cmd_security_req *rp = (void *) skb->data;
1154 struct smp_cmd_pairing cp;
1155 struct hci_conn *hcon = conn->hcon;
1156 struct smp_chan *smp;
1159 BT_DBG("conn %p", conn);
1161 if (skb->len < sizeof(*rp))
1162 return SMP_INVALID_PARAMS;
1164 if (hcon->role != HCI_ROLE_MASTER)
1165 return SMP_CMD_NOTSUPP;
1167 auth = rp->auth_req & AUTH_REQ_MASK;
1169 if (hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
1170 sec_level = BT_SECURITY_MEDIUM;
1172 sec_level = authreq_to_seclevel(auth);
1174 if (smp_sufficient_security(hcon, sec_level))
1177 if (sec_level > hcon->pending_sec_level)
1178 hcon->pending_sec_level = sec_level;
1180 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
1183 smp = smp_chan_create(conn);
1185 return SMP_UNSPECIFIED;
1187 if (!test_bit(HCI_BONDABLE, &hcon->hdev->dev_flags) &&
1188 (auth & SMP_AUTH_BONDING))
1189 return SMP_PAIRING_NOTSUPP;
1191 skb_pull(skb, sizeof(*rp));
1193 memset(&cp, 0, sizeof(cp));
1194 build_pairing_cmd(conn, &cp, NULL, auth);
1196 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1197 memcpy(&smp->preq[1], &cp, sizeof(cp));
1199 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
1200 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
1205 int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
1207 struct l2cap_conn *conn = hcon->l2cap_data;
1208 struct l2cap_chan *chan;
1209 struct smp_chan *smp;
1213 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
1215 /* This may be NULL if there's an unexpected disconnection */
1221 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
1224 if (smp_sufficient_security(hcon, sec_level))
1227 if (sec_level > hcon->pending_sec_level)
1228 hcon->pending_sec_level = sec_level;
1230 if (hcon->role == HCI_ROLE_MASTER)
1231 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
1234 l2cap_chan_lock(chan);
1236 /* If SMP is already in progress ignore this request */
1242 smp = smp_chan_create(conn);
1248 authreq = seclevel_to_authreq(sec_level);
1250 /* Require MITM if IO Capability allows or the security level
1253 if (hcon->io_capability != HCI_IO_NO_INPUT_OUTPUT ||
1254 hcon->pending_sec_level > BT_SECURITY_MEDIUM)
1255 authreq |= SMP_AUTH_MITM;
1257 if (hcon->role == HCI_ROLE_MASTER) {
1258 struct smp_cmd_pairing cp;
1260 build_pairing_cmd(conn, &cp, NULL, authreq);
1261 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1262 memcpy(&smp->preq[1], &cp, sizeof(cp));
1264 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
1265 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
1267 struct smp_cmd_security_req cp;
1268 cp.auth_req = authreq;
1269 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
1270 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_REQ);
1273 set_bit(SMP_FLAG_INITIATOR, &smp->flags);
1277 l2cap_chan_unlock(chan);
1281 static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
1283 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
1284 struct l2cap_chan *chan = conn->smp;
1285 struct smp_chan *smp = chan->data;
1287 BT_DBG("conn %p", conn);
1289 if (skb->len < sizeof(*rp))
1290 return SMP_INVALID_PARAMS;
1292 SMP_ALLOW_CMD(smp, SMP_CMD_MASTER_IDENT);
1294 skb_pull(skb, sizeof(*rp));
1296 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
1301 static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
1303 struct smp_cmd_master_ident *rp = (void *) skb->data;
1304 struct l2cap_chan *chan = conn->smp;
1305 struct smp_chan *smp = chan->data;
1306 struct hci_dev *hdev = conn->hcon->hdev;
1307 struct hci_conn *hcon = conn->hcon;
1308 struct smp_ltk *ltk;
1311 BT_DBG("conn %p", conn);
1313 if (skb->len < sizeof(*rp))
1314 return SMP_INVALID_PARAMS;
1316 /* Mark the information as received */
1317 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
1319 if (smp->remote_key_dist & SMP_DIST_ID_KEY)
1320 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
1321 else if (smp->remote_key_dist & SMP_DIST_SIGN)
1322 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
1324 skb_pull(skb, sizeof(*rp));
1327 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
1328 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, SMP_LTK,
1329 authenticated, smp->tk, smp->enc_key_size,
1330 rp->ediv, rp->rand);
1332 if (!(smp->remote_key_dist & KEY_DIST_MASK))
1333 smp_distribute_keys(smp);
1334 hci_dev_unlock(hdev);
1339 static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
1341 struct smp_cmd_ident_info *info = (void *) skb->data;
1342 struct l2cap_chan *chan = conn->smp;
1343 struct smp_chan *smp = chan->data;
1347 if (skb->len < sizeof(*info))
1348 return SMP_INVALID_PARAMS;
1350 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_ADDR_INFO);
1352 skb_pull(skb, sizeof(*info));
1354 memcpy(smp->irk, info->irk, 16);
1359 static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
1360 struct sk_buff *skb)
1362 struct smp_cmd_ident_addr_info *info = (void *) skb->data;
1363 struct l2cap_chan *chan = conn->smp;
1364 struct smp_chan *smp = chan->data;
1365 struct hci_conn *hcon = conn->hcon;
1370 if (skb->len < sizeof(*info))
1371 return SMP_INVALID_PARAMS;
1373 /* Mark the information as received */
1374 smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
1376 if (smp->remote_key_dist & SMP_DIST_SIGN)
1377 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
1379 skb_pull(skb, sizeof(*info));
1381 hci_dev_lock(hcon->hdev);
1383 /* Strictly speaking the Core Specification (4.1) allows sending
1384 * an empty address which would force us to rely on just the IRK
1385 * as "identity information". However, since such
1386 * implementations are not known of and in order to not over
1387 * complicate our implementation, simply pretend that we never
1388 * received an IRK for such a device.
1390 if (!bacmp(&info->bdaddr, BDADDR_ANY)) {
1391 BT_ERR("Ignoring IRK with no identity address");
1395 bacpy(&smp->id_addr, &info->bdaddr);
1396 smp->id_addr_type = info->addr_type;
1398 if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type))
1399 bacpy(&rpa, &hcon->dst);
1401 bacpy(&rpa, BDADDR_ANY);
1403 smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
1404 smp->id_addr_type, smp->irk, &rpa);
1407 if (!(smp->remote_key_dist & KEY_DIST_MASK))
1408 smp_distribute_keys(smp);
1410 hci_dev_unlock(hcon->hdev);
1415 static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb)
1417 struct smp_cmd_sign_info *rp = (void *) skb->data;
1418 struct l2cap_chan *chan = conn->smp;
1419 struct smp_chan *smp = chan->data;
1420 struct hci_dev *hdev = conn->hcon->hdev;
1421 struct smp_csrk *csrk;
1423 BT_DBG("conn %p", conn);
1425 if (skb->len < sizeof(*rp))
1426 return SMP_INVALID_PARAMS;
1428 /* Mark the information as received */
1429 smp->remote_key_dist &= ~SMP_DIST_SIGN;
1431 skb_pull(skb, sizeof(*rp));
1434 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1436 csrk->master = 0x01;
1437 memcpy(csrk->val, rp->csrk, sizeof(csrk->val));
1440 smp_distribute_keys(smp);
1441 hci_dev_unlock(hdev);
1446 static int smp_sig_channel(struct l2cap_chan *chan, struct sk_buff *skb)
1448 struct l2cap_conn *conn = chan->conn;
1449 struct hci_conn *hcon = conn->hcon;
1450 struct smp_chan *smp;
1454 if (hcon->type != LE_LINK) {
1462 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
1463 reason = SMP_PAIRING_NOTSUPP;
1467 code = skb->data[0];
1468 skb_pull(skb, sizeof(code));
1472 if (code > SMP_CMD_MAX)
1475 if (smp && !test_and_clear_bit(code, &smp->allow_cmd))
1478 /* If we don't have a context the only allowed commands are
1479 * pairing request and security request.
1481 if (!smp && code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ)
1485 case SMP_CMD_PAIRING_REQ:
1486 reason = smp_cmd_pairing_req(conn, skb);
1489 case SMP_CMD_PAIRING_FAIL:
1490 smp_failure(conn, 0);
1494 case SMP_CMD_PAIRING_RSP:
1495 reason = smp_cmd_pairing_rsp(conn, skb);
1498 case SMP_CMD_SECURITY_REQ:
1499 reason = smp_cmd_security_req(conn, skb);
1502 case SMP_CMD_PAIRING_CONFIRM:
1503 reason = smp_cmd_pairing_confirm(conn, skb);
1506 case SMP_CMD_PAIRING_RANDOM:
1507 reason = smp_cmd_pairing_random(conn, skb);
1510 case SMP_CMD_ENCRYPT_INFO:
1511 reason = smp_cmd_encrypt_info(conn, skb);
1514 case SMP_CMD_MASTER_IDENT:
1515 reason = smp_cmd_master_ident(conn, skb);
1518 case SMP_CMD_IDENT_INFO:
1519 reason = smp_cmd_ident_info(conn, skb);
1522 case SMP_CMD_IDENT_ADDR_INFO:
1523 reason = smp_cmd_ident_addr_info(conn, skb);
1526 case SMP_CMD_SIGN_INFO:
1527 reason = smp_cmd_sign_info(conn, skb);
1531 BT_DBG("Unknown command code 0x%2.2x", code);
1532 reason = SMP_CMD_NOTSUPP;
1539 smp_failure(conn, reason);
1546 BT_ERR("%s unexpected SMP command 0x%02x from %pMR", hcon->hdev->name,
1552 static void smp_teardown_cb(struct l2cap_chan *chan, int err)
1554 struct l2cap_conn *conn = chan->conn;
1556 BT_DBG("chan %p", chan);
1559 smp_chan_destroy(conn);
1562 l2cap_chan_put(chan);
1565 static void smp_resume_cb(struct l2cap_chan *chan)
1567 struct smp_chan *smp = chan->data;
1568 struct l2cap_conn *conn = chan->conn;
1569 struct hci_conn *hcon = conn->hcon;
1571 BT_DBG("chan %p", chan);
1576 if (!test_bit(HCI_CONN_ENCRYPT, &hcon->flags))
1579 cancel_delayed_work(&smp->security_timer);
1581 smp_distribute_keys(smp);
1584 static void smp_ready_cb(struct l2cap_chan *chan)
1586 struct l2cap_conn *conn = chan->conn;
1588 BT_DBG("chan %p", chan);
1591 l2cap_chan_hold(chan);
1594 static int smp_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
1598 BT_DBG("chan %p", chan);
1600 err = smp_sig_channel(chan, skb);
1602 struct smp_chan *smp = chan->data;
1605 cancel_delayed_work_sync(&smp->security_timer);
1607 hci_disconnect(chan->conn->hcon, HCI_ERROR_AUTH_FAILURE);
1613 static struct sk_buff *smp_alloc_skb_cb(struct l2cap_chan *chan,
1614 unsigned long hdr_len,
1615 unsigned long len, int nb)
1617 struct sk_buff *skb;
1619 skb = bt_skb_alloc(hdr_len + len, GFP_KERNEL);
1621 return ERR_PTR(-ENOMEM);
1623 skb->priority = HCI_PRIO_MAX;
1624 bt_cb(skb)->chan = chan;
1629 static const struct l2cap_ops smp_chan_ops = {
1630 .name = "Security Manager",
1631 .ready = smp_ready_cb,
1632 .recv = smp_recv_cb,
1633 .alloc_skb = smp_alloc_skb_cb,
1634 .teardown = smp_teardown_cb,
1635 .resume = smp_resume_cb,
1637 .new_connection = l2cap_chan_no_new_connection,
1638 .state_change = l2cap_chan_no_state_change,
1639 .close = l2cap_chan_no_close,
1640 .defer = l2cap_chan_no_defer,
1641 .suspend = l2cap_chan_no_suspend,
1642 .set_shutdown = l2cap_chan_no_set_shutdown,
1643 .get_sndtimeo = l2cap_chan_no_get_sndtimeo,
1644 .memcpy_fromiovec = l2cap_chan_no_memcpy_fromiovec,
1647 static inline struct l2cap_chan *smp_new_conn_cb(struct l2cap_chan *pchan)
1649 struct l2cap_chan *chan;
1651 BT_DBG("pchan %p", pchan);
1653 chan = l2cap_chan_create();
1657 chan->chan_type = pchan->chan_type;
1658 chan->ops = &smp_chan_ops;
1659 chan->scid = pchan->scid;
1660 chan->dcid = chan->scid;
1661 chan->imtu = pchan->imtu;
1662 chan->omtu = pchan->omtu;
1663 chan->mode = pchan->mode;
1665 BT_DBG("created chan %p", chan);
1670 static const struct l2cap_ops smp_root_chan_ops = {
1671 .name = "Security Manager Root",
1672 .new_connection = smp_new_conn_cb,
1674 /* None of these are implemented for the root channel */
1675 .close = l2cap_chan_no_close,
1676 .alloc_skb = l2cap_chan_no_alloc_skb,
1677 .recv = l2cap_chan_no_recv,
1678 .state_change = l2cap_chan_no_state_change,
1679 .teardown = l2cap_chan_no_teardown,
1680 .ready = l2cap_chan_no_ready,
1681 .defer = l2cap_chan_no_defer,
1682 .suspend = l2cap_chan_no_suspend,
1683 .resume = l2cap_chan_no_resume,
1684 .set_shutdown = l2cap_chan_no_set_shutdown,
1685 .get_sndtimeo = l2cap_chan_no_get_sndtimeo,
1686 .memcpy_fromiovec = l2cap_chan_no_memcpy_fromiovec,
1689 int smp_register(struct hci_dev *hdev)
1691 struct l2cap_chan *chan;
1692 struct crypto_blkcipher *tfm_aes;
1694 BT_DBG("%s", hdev->name);
1696 tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
1697 if (IS_ERR(tfm_aes)) {
1698 int err = PTR_ERR(tfm_aes);
1699 BT_ERR("Unable to create crypto context");
1703 chan = l2cap_chan_create();
1705 crypto_free_blkcipher(tfm_aes);
1709 chan->data = tfm_aes;
1711 l2cap_add_scid(chan, L2CAP_CID_SMP);
1713 l2cap_chan_set_defaults(chan);
1715 bacpy(&chan->src, &hdev->bdaddr);
1716 chan->src_type = BDADDR_LE_PUBLIC;
1717 chan->state = BT_LISTEN;
1718 chan->mode = L2CAP_MODE_BASIC;
1719 chan->imtu = L2CAP_DEFAULT_MTU;
1720 chan->ops = &smp_root_chan_ops;
1722 hdev->smp_data = chan;
1727 void smp_unregister(struct hci_dev *hdev)
1729 struct l2cap_chan *chan = hdev->smp_data;
1730 struct crypto_blkcipher *tfm_aes;
1735 BT_DBG("%s chan %p", hdev->name, chan);
1737 tfm_aes = chan->data;
1740 crypto_free_blkcipher(tfm_aes);
1743 hdev->smp_data = NULL;
1744 l2cap_chan_put(chan);
git.openpandora.org / pandora-kernel.git / blob