#include <net/bluetooth/hci_core.h>
#include <net/bluetooth/l2cap.h>
-#define VERSION "2.11"
+#define VERSION "2.12"
static u32 l2cap_feat_mask = 0x0000;
bh_lock_sock(sk);
- if (sk->sk_state == BT_CONNECT &&
- (l2cap_pi(sk)->link_mode & (L2CAP_LM_AUTH |
- L2CAP_LM_ENCRYPT | L2CAP_LM_SECURE)))
+ if (sk->sk_state == BT_CONNECTED || sk->sk_state == BT_CONFIG)
+ reason = ECONNREFUSED;
+ else if (sk->sk_state == BT_CONNECT &&
+ l2cap_pi(sk)->sec_level != BT_SECURITY_SDP)
reason = ECONNREFUSED;
else
reason = ETIMEDOUT;
}
/* Service level security */
-static inline int l2cap_check_link_mode(struct sock *sk)
+static inline int l2cap_check_security(struct sock *sk)
{
struct l2cap_conn *conn = l2cap_pi(sk)->conn;
+ __u8 auth_type;
- if (l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE)
- return hci_conn_security(conn->hcon, BT_SECURITY_HIGH);
-
- if (l2cap_pi(sk)->link_mode & L2CAP_LM_ENCRYPT)
- return hci_conn_security(conn->hcon, BT_SECURITY_MEDIUM);
-
- if (l2cap_pi(sk)->link_mode & L2CAP_LM_AUTH)
- return hci_conn_security(conn->hcon, BT_SECURITY_LOW);
-
- if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001))
- return hci_conn_security(conn->hcon, BT_SECURITY_SDP);
+ switch (l2cap_pi(sk)->sec_level) {
+ case BT_SECURITY_HIGH:
+ auth_type = HCI_AT_GENERAL_BONDING_MITM;
+ break;
+ case BT_SECURITY_MEDIUM:
+ auth_type = HCI_AT_GENERAL_BONDING;
+ break;
+ default:
+ auth_type = HCI_AT_NO_BONDING;
+ break;
+ }
- return 1;
+ return hci_conn_security(conn->hcon, l2cap_pi(sk)->sec_level,
+ auth_type);
}
static inline u8 l2cap_get_ident(struct l2cap_conn *conn)
struct l2cap_conn *conn = l2cap_pi(sk)->conn;
if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) {
- if (l2cap_check_link_mode(sk)) {
+ if (!(conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE))
+ return;
+
+ if (l2cap_check_security(sk)) {
struct l2cap_conn_req req;
req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
req.psm = l2cap_pi(sk)->psm;
}
if (sk->sk_state == BT_CONNECT) {
- if (l2cap_check_link_mode(sk)) {
+ if (l2cap_check_security(sk)) {
struct l2cap_conn_req req;
req.scid = cpu_to_le16(l2cap_pi(sk)->scid);
req.psm = l2cap_pi(sk)->psm;
rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
- if (l2cap_check_link_mode(sk)) {
+ if (l2cap_check_security(sk)) {
if (bt_sk(sk)->defer_setup) {
struct sock *parent = bt_sk(sk)->parent;
rsp.result = cpu_to_le16(L2CAP_CR_PEND);
read_lock(&l->lock);
for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
- if (l2cap_pi(sk)->link_mode & L2CAP_LM_RELIABLE)
+ if (l2cap_pi(sk)->force_reliable)
sk->sk_err = err;
}
conn->info_ident = 0;
+ conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE;
+
l2cap_conn_start(conn);
}
pi->imtu = l2cap_pi(parent)->imtu;
pi->omtu = l2cap_pi(parent)->omtu;
- pi->link_mode = l2cap_pi(parent)->link_mode;
+ pi->sec_level = l2cap_pi(parent)->sec_level;
+ pi->role_switch = l2cap_pi(parent)->role_switch;
+ pi->force_reliable = l2cap_pi(parent)->force_reliable;
} else {
pi->imtu = L2CAP_DEFAULT_MTU;
pi->omtu = 0;
- pi->link_mode = 0;
+ pi->sec_level = BT_SECURITY_LOW;
+ pi->role_switch = 0;
+ pi->force_reliable = 0;
}
/* Default config options */
l2cap_pi(sk)->psm = la->l2_psm;
l2cap_pi(sk)->sport = la->l2_psm;
sk->sk_state = BT_BOUND;
+
+ if (btohs(la->l2_psm) == 0x0001)
+ l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
}
write_unlock_bh(&l2cap_sk_list.lock);
struct l2cap_conn *conn;
struct hci_conn *hcon;
struct hci_dev *hdev;
- __u8 sec_level;
__u8 auth_type;
int err = 0;
err = -ENOMEM;
- if (l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE)
- sec_level = BT_SECURITY_HIGH;
- else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001))
- sec_level = BT_SECURITY_SDP;
- else if (l2cap_pi(sk)->link_mode & L2CAP_LM_ENCRYPT)
- sec_level = BT_SECURITY_MEDIUM;
- else
- sec_level = BT_SECURITY_LOW;
-
if (sk->sk_type == SOCK_RAW) {
- if (l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE)
+ switch (l2cap_pi(sk)->sec_level) {
+ case BT_SECURITY_HIGH:
auth_type = HCI_AT_DEDICATED_BONDING_MITM;
- else if (l2cap_pi(sk)->link_mode & L2CAP_LM_ENCRYPT)
+ break;
+ case BT_SECURITY_MEDIUM:
auth_type = HCI_AT_DEDICATED_BONDING;
- else
+ break;
+ default:
auth_type = HCI_AT_NO_BONDING;
+ break;
+ }
} else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) {
- if (l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE)
+ if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)
auth_type = HCI_AT_NO_BONDING_MITM;
else
auth_type = HCI_AT_NO_BONDING;
} else {
- if (l2cap_pi(sk)->link_mode & L2CAP_LM_SECURE)
+ switch (l2cap_pi(sk)->sec_level) {
+ case BT_SECURITY_HIGH:
auth_type = HCI_AT_GENERAL_BONDING_MITM;
- else if (l2cap_pi(sk)->link_mode & L2CAP_LM_ENCRYPT)
+ break;
+ case BT_SECURITY_MEDIUM:
auth_type = HCI_AT_GENERAL_BONDING;
- else
+ break;
+ default:
auth_type = HCI_AT_NO_BONDING;
+ break;
+ }
}
- hcon = hci_connect(hdev, ACL_LINK, dst, sec_level, auth_type);
+ hcon = hci_connect(hdev, ACL_LINK, dst,
+ l2cap_pi(sk)->sec_level, auth_type);
if (!hcon)
goto done;
break;
}
- l2cap_pi(sk)->link_mode = opt;
+ if (opt & L2CAP_LM_AUTH)
+ l2cap_pi(sk)->sec_level = BT_SECURITY_LOW;
+ if (opt & L2CAP_LM_ENCRYPT)
+ l2cap_pi(sk)->sec_level = BT_SECURITY_MEDIUM;
+ if (opt & L2CAP_LM_SECURE)
+ l2cap_pi(sk)->sec_level = BT_SECURITY_HIGH;
+
+ l2cap_pi(sk)->role_switch = (opt & L2CAP_LM_MASTER);
+ l2cap_pi(sk)->force_reliable = (opt & L2CAP_LM_RELIABLE);
break;
default:
static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, int optlen)
{
struct sock *sk = sock->sk;
- int err = 0;
+ struct bt_security sec;
+ int len, err = 0;
u32 opt;
BT_DBG("sk %p", sk);
if (level == SOL_L2CAP)
return l2cap_sock_setsockopt_old(sock, optname, optval, optlen);
+ if (level != SOL_BLUETOOTH)
+ return -ENOPROTOOPT;
+
lock_sock(sk);
switch (optname) {
+ case BT_SECURITY:
+ if (sk->sk_type != SOCK_SEQPACKET) {
+ err = -EINVAL;
+ break;
+ }
+
+ sec.level = BT_SECURITY_LOW;
+
+ len = min_t(unsigned int, sizeof(sec), optlen);
+ if (copy_from_user((char *) &sec, optval, len)) {
+ err = -EFAULT;
+ break;
+ }
+
+ if (sec.level < BT_SECURITY_LOW ||
+ sec.level > BT_SECURITY_HIGH) {
+ err = -EINVAL;
+ break;
+ }
+
+ l2cap_pi(sk)->sec_level = sec.level;
+ break;
+
case BT_DEFER_SETUP:
if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
err = -EINVAL;
struct l2cap_options opts;
struct l2cap_conninfo cinfo;
int len, err = 0;
+ u32 opt;
BT_DBG("sk %p", sk);
break;
case L2CAP_LM:
- if (put_user(l2cap_pi(sk)->link_mode, (u32 __user *) optval))
+ switch (l2cap_pi(sk)->sec_level) {
+ case BT_SECURITY_LOW:
+ opt = L2CAP_LM_AUTH;
+ break;
+ case BT_SECURITY_MEDIUM:
+ opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT;
+ break;
+ case BT_SECURITY_HIGH:
+ opt = L2CAP_LM_AUTH | L2CAP_LM_ENCRYPT |
+ L2CAP_LM_SECURE;
+ break;
+ default:
+ opt = 0;
+ break;
+ }
+
+ if (l2cap_pi(sk)->role_switch)
+ opt |= L2CAP_LM_MASTER;
+
+ if (l2cap_pi(sk)->force_reliable)
+ opt |= L2CAP_LM_RELIABLE;
+
+ if (put_user(opt, (u32 __user *) optval))
err = -EFAULT;
break;
static int l2cap_sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen)
{
struct sock *sk = sock->sk;
+ struct bt_security sec;
int len, err = 0;
BT_DBG("sk %p", sk);
if (level == SOL_L2CAP)
return l2cap_sock_getsockopt_old(sock, optname, optval, optlen);
+ if (level != SOL_BLUETOOTH)
+ return -ENOPROTOOPT;
+
if (get_user(len, optlen))
return -EFAULT;
lock_sock(sk);
switch (optname) {
+ case BT_SECURITY:
+ if (sk->sk_type != SOCK_SEQPACKET) {
+ err = -EINVAL;
+ break;
+ }
+
+ sec.level = l2cap_pi(sk)->sec_level;
+
+ len = min_t(unsigned int, len, sizeof(sec));
+ if (copy_to_user(optval, (char *) &sec, len))
+ err = -EFAULT;
+
+ break;
+
case BT_DEFER_SETUP:
if (sk->sk_state != BT_BOUND && sk->sk_state != BT_LISTEN) {
err = -EINVAL;
cmd->ident == conn->info_ident) {
conn->info_ident = 0;
del_timer(&conn->info_timer);
+
+ conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE;
+
l2cap_conn_start(conn);
}
l2cap_pi(sk)->ident = cmd->ident;
- if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) {
- if (l2cap_check_link_mode(sk)) {
+ if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE) {
+ if (l2cap_check_security(sk)) {
if (bt_sk(sk)->defer_setup) {
sk->sk_state = BT_CONNECT2;
result = L2CAP_CR_PEND;
del_timer(&conn->info_timer);
- if (type == L2CAP_IT_FEAT_MASK)
+ if (type == L2CAP_IT_FEAT_MASK) {
conn->feat_mask = get_unaligned_le32(rsp->data);
- l2cap_conn_start(conn);
+ conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE;
+
+ l2cap_conn_start(conn);
+ }
return 0;
}
continue;
if (!bacmp(&bt_sk(sk)->src, &hdev->bdaddr)) {
- lm1 |= (HCI_LM_ACCEPT | l2cap_pi(sk)->link_mode);
+ lm1 |= HCI_LM_ACCEPT;
+ if (l2cap_pi(sk)->role_switch)
+ lm1 |= HCI_LM_MASTER;
exact++;
- } else if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY))
- lm2 |= (HCI_LM_ACCEPT | l2cap_pi(sk)->link_mode);
+ } else if (!bacmp(&bt_sk(sk)->src, BDADDR_ANY)) {
+ lm2 |= HCI_LM_ACCEPT;
+ if (l2cap_pi(sk)->role_switch)
+ lm2 |= HCI_LM_MASTER;
+ }
}
read_unlock(&l2cap_sk_list.lock);
return 0;
}
+static inline void l2cap_check_encryption(struct sock *sk, u8 encrypt)
+{
+ if (sk->sk_type != SOCK_SEQPACKET)
+ return;
+
+ if (encrypt == 0x00) {
+ if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM) {
+ l2cap_sock_clear_timer(sk);
+ l2cap_sock_set_timer(sk, HZ * 5);
+ } else if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)
+ __l2cap_sock_close(sk, ECONNREFUSED);
+ } else {
+ if (l2cap_pi(sk)->sec_level == BT_SECURITY_MEDIUM)
+ l2cap_sock_clear_timer(sk);
+ }
+}
+
static int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
{
struct l2cap_chan_list *l;
read_lock(&l->lock);
for (sk = l->head; sk; sk = l2cap_pi(sk)->next_c) {
- struct l2cap_pinfo *pi = l2cap_pi(sk);
-
bh_lock_sock(sk);
- if (!status && encrypt == 0x00 &&
- (pi->link_mode & L2CAP_LM_SECURE) &&
- (sk->sk_state == BT_CONNECTED ||
+ if (!status && (sk->sk_state == BT_CONNECTED ||
sk->sk_state == BT_CONFIG)) {
- __l2cap_sock_close(sk, ECONNREFUSED);
+ l2cap_check_encryption(sk, encrypt);
bh_unlock_sock(sk);
continue;
}
sk_for_each(sk, node, &l2cap_sk_list.head) {
struct l2cap_pinfo *pi = l2cap_pi(sk);
- str += sprintf(str, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d 0x%x\n",
+ str += sprintf(str, "%s %s %d %d 0x%4.4x 0x%4.4x %d %d %d\n",
batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst),
sk->sk_state, btohs(pi->psm), pi->scid, pi->dcid,
- pi->imtu, pi->omtu, pi->link_mode);
+ pi->imtu, pi->omtu, pi->sec_level);
}
read_unlock_bh(&l2cap_sk_list.lock);
git.openpandora.org / pandora-kernel.git / blobdiff