]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blob - net/bluetooth/smp.c
projects / mirror_ubuntu-artful-kernel.git / blob
? search:


74a17cf91b26d155450088784b73018d5cd45981
[mirror_ubuntu-artful-kernel.git] / net / bluetooth / smp.c
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21 */
22
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
26
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
31
32 #include "smp.h"
33
34 #define SMP_TIMEOUT msecs_to_jiffies(30000)
35
36 #define AUTH_REQ_MASK 0x07
37
38 static inline void swap128(u8 src[16], u8 dst[16])
39 {
40 int i;
41 for (i = 0; i < 16; i++)
42 dst[15 - i] = src[i];
43 }
44
45 static inline void swap56(u8 src[7], u8 dst[7])
46 {
47 int i;
48 for (i = 0; i < 7; i++)
49 dst[6 - i] = src[i];
50 }
51
52 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
53 {
54 struct blkcipher_desc desc;
55 struct scatterlist sg;
56 int err;
57
58 if (tfm == NULL) {
59 BT_ERR("tfm %p", tfm);
60 return -EINVAL;
61 }
62
63 desc.tfm = tfm;
64 desc.flags = 0;
65
66 err = crypto_blkcipher_setkey(tfm, k, 16);
67 if (err) {
68 BT_ERR("cipher setkey failed: %d", err);
69 return err;
70 }
71
72 sg_init_one(&sg, r, 16);
73
74 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
75 if (err)
76 BT_ERR("Encrypt data error %d", err);
77
78 return err;
79 }
80
81 static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
82 {
83 u8 _res[16], k[16];
84 int err;
85
86 /* r' = padding || r */
87 memset(_res, 0, 13);
88 _res[13] = r[2];
89 _res[14] = r[1];
90 _res[15] = r[0];
91
92 swap128(irk, k);
93 err = smp_e(tfm, k, _res);
94 if (err) {
95 BT_ERR("Encrypt error");
96 return err;
97 }
98
99 /* The output of the random address function ah is:
100 * ah(h, r) = e(k, r') mod 2^24
101 * The output of the security function e is then truncated to 24 bits
102 * by taking the least significant 24 bits of the output of e as the
103 * result of ah.
104 */
105 res[0] = _res[15];
106 res[1] = _res[14];
107 res[2] = _res[13];
108
109 return 0;
110 }
111
112 bool smp_irk_matches(struct crypto_blkcipher *tfm, u8 irk[16],
113 bdaddr_t *bdaddr)
114 {
115 u8 hash[3];
116 int err;
117
118 BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk);
119
120 err = smp_ah(tfm, irk, &bdaddr->b[3], hash);
121 if (err)
122 return false;
123
124 return !memcmp(bdaddr->b, hash, 3);
125 }
126
127 int smp_generate_rpa(struct crypto_blkcipher *tfm, u8 irk[16], bdaddr_t *rpa)
128 {
129 int err;
130
131 get_random_bytes(&rpa->b[3], 3);
132
133 rpa->b[5] &= 0x3f; /* Clear two most significant bits */
134 rpa->b[5] |= 0x40; /* Set second most significant bit */
135
136 err = smp_ah(tfm, irk, &rpa->b[3], rpa->b);
137 if (err < 0)
138 return err;
139
140 BT_DBG("RPA %pMR", rpa);
141
142 return 0;
143 }
144
145 static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
146 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
147 u8 _rat, bdaddr_t *ra, u8 res[16])
148 {
149 u8 p1[16], p2[16];
150 int err;
151
152 memset(p1, 0, 16);
153
154 /* p1 = pres || preq || _rat || _iat */
155 swap56(pres, p1);
156 swap56(preq, p1 + 7);
157 p1[14] = _rat;
158 p1[15] = _iat;
159
160 memset(p2, 0, 16);
161
162 /* p2 = padding || ia || ra */
163 baswap((bdaddr_t *) (p2 + 4), ia);
164 baswap((bdaddr_t *) (p2 + 10), ra);
165
166 /* res = r XOR p1 */
167 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
168
169 /* res = e(k, res) */
170 err = smp_e(tfm, k, res);
171 if (err) {
172 BT_ERR("Encrypt data error");
173 return err;
174 }
175
176 /* res = res XOR p2 */
177 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
178
179 /* res = e(k, res) */
180 err = smp_e(tfm, k, res);
181 if (err)
182 BT_ERR("Encrypt data error");
183
184 return err;
185 }
186
187 static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16], u8 r1[16],
188 u8 r2[16], u8 _r[16])
189 {
190 int err;
191
192 /* Just least significant octets from r1 and r2 are considered */
193 memcpy(_r, r1 + 8, 8);
194 memcpy(_r + 8, r2 + 8, 8);
195
196 err = smp_e(tfm, k, _r);
197 if (err)
198 BT_ERR("Encrypt data error");
199
200 return err;
201 }
202
203 static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
204 u16 dlen, void *data)
205 {
206 struct sk_buff *skb;
207 struct l2cap_hdr *lh;
208 int len;
209
210 len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
211
212 if (len > conn->mtu)
213 return NULL;
214
215 skb = bt_skb_alloc(len, GFP_ATOMIC);
216 if (!skb)
217 return NULL;
218
219 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
220 lh->len = cpu_to_le16(sizeof(code) + dlen);
221 lh->cid = cpu_to_le16(L2CAP_CID_SMP);
222
223 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
224
225 memcpy(skb_put(skb, dlen), data, dlen);
226
227 return skb;
228 }
229
230 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
231 {
232 struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
233
234 BT_DBG("code 0x%2.2x", code);
235
236 if (!skb)
237 return;
238
239 skb->priority = HCI_PRIO_MAX;
240 hci_send_acl(conn->hchan, skb, 0);
241
242 cancel_delayed_work_sync(&conn->security_timer);
243 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
244 }
245
246 static __u8 authreq_to_seclevel(__u8 authreq)
247 {
248 if (authreq & SMP_AUTH_MITM)
249 return BT_SECURITY_HIGH;
250 else
251 return BT_SECURITY_MEDIUM;
252 }
253
254 static __u8 seclevel_to_authreq(__u8 sec_level)
255 {
256 switch (sec_level) {
257 case BT_SECURITY_HIGH:
258 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
259 case BT_SECURITY_MEDIUM:
260 return SMP_AUTH_BONDING;
261 default:
262 return SMP_AUTH_NONE;
263 }
264 }
265
266 static void build_pairing_cmd(struct l2cap_conn *conn,
267 struct smp_cmd_pairing *req,
268 struct smp_cmd_pairing *rsp, __u8 authreq)
269 {
270 struct smp_chan *smp = conn->smp_chan;
271 struct hci_conn *hcon = conn->hcon;
272 struct hci_dev *hdev = hcon->hdev;
273 u8 local_dist = 0, remote_dist = 0;
274
275 if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
276 local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
277 remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
278 authreq |= SMP_AUTH_BONDING;
279 } else {
280 authreq &= ~SMP_AUTH_BONDING;
281 }
282
283 if (test_bit(HCI_RPA_RESOLVING, &hdev->dev_flags))
284 remote_dist |= SMP_DIST_ID_KEY;
285
286 if (test_bit(HCI_PRIVACY, &hdev->dev_flags))
287 local_dist |= SMP_DIST_ID_KEY;
288
289 if (rsp == NULL) {
290 req->io_capability = conn->hcon->io_capability;
291 req->oob_flag = SMP_OOB_NOT_PRESENT;
292 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
293 req->init_key_dist = local_dist;
294 req->resp_key_dist = remote_dist;
295 req->auth_req = (authreq & AUTH_REQ_MASK);
296
297 smp->remote_key_dist = remote_dist;
298 return;
299 }
300
301 rsp->io_capability = conn->hcon->io_capability;
302 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
303 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
304 rsp->init_key_dist = req->init_key_dist & remote_dist;
305 rsp->resp_key_dist = req->resp_key_dist & local_dist;
306 rsp->auth_req = (authreq & AUTH_REQ_MASK);
307
308 smp->remote_key_dist = rsp->init_key_dist;
309 }
310
311 static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
312 {
313 struct smp_chan *smp = conn->smp_chan;
314
315 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
316 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
317 return SMP_ENC_KEY_SIZE;
318
319 smp->enc_key_size = max_key_size;
320
321 return 0;
322 }
323
324 static void smp_failure(struct l2cap_conn *conn, u8 reason)
325 {
326 struct hci_conn *hcon = conn->hcon;
327
328 if (reason)
329 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
330 &reason);
331
332 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
333 mgmt_auth_failed(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type,
334 HCI_ERROR_AUTH_FAILURE);
335
336 cancel_delayed_work_sync(&conn->security_timer);
337
338 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
339 smp_chan_destroy(conn);
340 }
341
342 #define JUST_WORKS 0x00
343 #define JUST_CFM 0x01
344 #define REQ_PASSKEY 0x02
345 #define CFM_PASSKEY 0x03
346 #define REQ_OOB 0x04
347 #define OVERLAP 0xFF
348
349 static const u8 gen_method[5][5] = {
350 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
351 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
352 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
353 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
354 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
355 };
356
357 static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
358 u8 local_io, u8 remote_io)
359 {
360 struct hci_conn *hcon = conn->hcon;
361 struct smp_chan *smp = conn->smp_chan;
362 u8 method;
363 u32 passkey = 0;
364 int ret = 0;
365
366 /* Initialize key for JUST WORKS */
367 memset(smp->tk, 0, sizeof(smp->tk));
368 clear_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
369
370 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
371
372 /* If neither side wants MITM, use JUST WORKS */
373 /* If either side has unknown io_caps, use JUST WORKS */
374 /* Otherwise, look up method from the table */
375 if (!(auth & SMP_AUTH_MITM) ||
376 local_io > SMP_IO_KEYBOARD_DISPLAY ||
377 remote_io > SMP_IO_KEYBOARD_DISPLAY)
378 method = JUST_WORKS;
379 else
380 method = gen_method[remote_io][local_io];
381
382 /* If not bonding, don't ask user to confirm a Zero TK */
383 if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM)
384 method = JUST_WORKS;
385
386 /* If Just Works, Continue with Zero TK */
387 if (method == JUST_WORKS) {
388 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
389 return 0;
390 }
391
392 /* Not Just Works/Confirm results in MITM Authentication */
393 if (method != JUST_CFM)
394 set_bit(SMP_FLAG_MITM_AUTH, &smp->smp_flags);
395
396 /* If both devices have Keyoard-Display I/O, the master
397 * Confirms and the slave Enters the passkey.
398 */
399 if (method == OVERLAP) {
400 if (hcon->link_mode & HCI_LM_MASTER)
401 method = CFM_PASSKEY;
402 else
403 method = REQ_PASSKEY;
404 }
405
406 /* Generate random passkey. Not valid until confirmed. */
407 if (method == CFM_PASSKEY) {
408 u8 key[16];
409
410 memset(key, 0, sizeof(key));
411 get_random_bytes(&passkey, sizeof(passkey));
412 passkey %= 1000000;
413 put_unaligned_le32(passkey, key);
414 swap128(key, smp->tk);
415 BT_DBG("PassKey: %d", passkey);
416 }
417
418 hci_dev_lock(hcon->hdev);
419
420 if (method == REQ_PASSKEY)
421 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
422 hcon->type, hcon->dst_type);
423 else
424 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
425 hcon->type, hcon->dst_type,
426 cpu_to_le32(passkey), 0);
427
428 hci_dev_unlock(hcon->hdev);
429
430 return ret;
431 }
432
433 static void confirm_work(struct work_struct *work)
434 {
435 struct smp_chan *smp = container_of(work, struct smp_chan, confirm);
436 struct l2cap_conn *conn = smp->conn;
437 struct hci_dev *hdev = conn->hcon->hdev;
438 struct crypto_blkcipher *tfm = hdev->tfm_aes;
439 struct smp_cmd_pairing_confirm cp;
440 int ret;
441 u8 res[16], reason;
442
443 BT_DBG("conn %p", conn);
444
445 /* Prevent mutual access to hdev->tfm_aes */
446 hci_dev_lock(hdev);
447
448 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
449 conn->hcon->init_addr_type, &conn->hcon->init_addr,
450 conn->hcon->resp_addr_type, &conn->hcon->resp_addr, res);
451
452 hci_dev_unlock(hdev);
453
454 if (ret) {
455 reason = SMP_UNSPECIFIED;
456 goto error;
457 }
458
459 clear_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
460
461 swap128(res, cp.confirm_val);
462 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
463
464 return;
465
466 error:
467 smp_failure(conn, reason);
468 }
469
470 static void random_work(struct work_struct *work)
471 {
472 struct smp_chan *smp = container_of(work, struct smp_chan, random);
473 struct l2cap_conn *conn = smp->conn;
474 struct hci_conn *hcon = conn->hcon;
475 struct hci_dev *hdev = hcon->hdev;
476 struct crypto_blkcipher *tfm = hdev->tfm_aes;
477 u8 reason, confirm[16], res[16], key[16];
478 int ret;
479
480 if (IS_ERR_OR_NULL(tfm)) {
481 reason = SMP_UNSPECIFIED;
482 goto error;
483 }
484
485 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
486
487 /* Prevent mutual access to hdev->tfm_aes */
488 hci_dev_lock(hdev);
489
490 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
491 hcon->init_addr_type, &hcon->init_addr,
492 hcon->resp_addr_type, &hcon->resp_addr, res);
493
494 hci_dev_unlock(hdev);
495
496 if (ret) {
497 reason = SMP_UNSPECIFIED;
498 goto error;
499 }
500
501 swap128(res, confirm);
502
503 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
504 BT_ERR("Pairing failed (confirmation values mismatch)");
505 reason = SMP_CONFIRM_FAILED;
506 goto error;
507 }
508
509 if (hcon->out) {
510 u8 stk[16];
511 __le64 rand = 0;
512 __le16 ediv = 0;
513
514 smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, key);
515 swap128(key, stk);
516
517 memset(stk + smp->enc_key_size, 0,
518 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
519
520 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags)) {
521 reason = SMP_UNSPECIFIED;
522 goto error;
523 }
524
525 hci_le_start_enc(hcon, ediv, rand, stk);
526 hcon->enc_key_size = smp->enc_key_size;
527 } else {
528 u8 stk[16], r[16];
529 __le64 rand = 0;
530 __le16 ediv = 0;
531
532 swap128(smp->prnd, r);
533 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);
534
535 smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, key);
536 swap128(key, stk);
537
538 memset(stk + smp->enc_key_size, 0,
539 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
540
541 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
542 HCI_SMP_STK_SLAVE, 0, stk, smp->enc_key_size,
543 ediv, rand);
544 }
545
546 return;
547
548 error:
549 smp_failure(conn, reason);
550 }
551
552 static void smp_reencrypt(struct work_struct *work)
553 {
554 struct smp_chan *smp = container_of(work, struct smp_chan,
555 reencrypt.work);
556 struct l2cap_conn *conn = smp->conn;
557 struct hci_conn *hcon = conn->hcon;
558 struct smp_ltk *ltk = smp->ltk;
559
560 BT_DBG("");
561
562 hci_le_start_enc(hcon, ltk->ediv, ltk->rand, ltk->val);
563 hcon->enc_key_size = ltk->enc_size;
564 }
565
566 static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
567 {
568 struct smp_chan *smp;
569
570 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
571 if (!smp)
572 return NULL;
573
574 INIT_WORK(&smp->confirm, confirm_work);
575 INIT_WORK(&smp->random, random_work);
576 INIT_DELAYED_WORK(&smp->reencrypt, smp_reencrypt);
577
578 smp->conn = conn;
579 conn->smp_chan = smp;
580 conn->hcon->smp_conn = conn;
581
582 hci_conn_hold(conn->hcon);
583
584 return smp;
585 }
586
587 void smp_chan_destroy(struct l2cap_conn *conn)
588 {
589 struct smp_chan *smp = conn->smp_chan;
590 bool complete;
591
592 BUG_ON(!smp);
593
594 cancel_delayed_work_sync(&smp->reencrypt);
595
596 complete = test_bit(SMP_FLAG_COMPLETE, &smp->smp_flags);
597 mgmt_smp_complete(conn->hcon, complete);
598
599 kfree(smp->csrk);
600 kfree(smp->slave_csrk);
601
602 /* If pairing failed clean up any keys we might have */
603 if (!complete) {
604 if (smp->ltk) {
605 list_del(&smp->ltk->list);
606 kfree(smp->ltk);
607 }
608
609 if (smp->slave_ltk) {
610 list_del(&smp->slave_ltk->list);
611 kfree(smp->slave_ltk);
612 }
613
614 if (smp->remote_irk) {
615 list_del(&smp->remote_irk->list);
616 kfree(smp->remote_irk);
617 }
618 }
619
620 kfree(smp);
621 conn->smp_chan = NULL;
622 conn->hcon->smp_conn = NULL;
623 hci_conn_drop(conn->hcon);
624 }
625
626 int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
627 {
628 struct l2cap_conn *conn = hcon->smp_conn;
629 struct smp_chan *smp;
630 u32 value;
631 u8 key[16];
632
633 BT_DBG("");
634
635 if (!conn)
636 return -ENOTCONN;
637
638 smp = conn->smp_chan;
639
640 switch (mgmt_op) {
641 case MGMT_OP_USER_PASSKEY_REPLY:
642 value = le32_to_cpu(passkey);
643 memset(key, 0, sizeof(key));
644 BT_DBG("PassKey: %d", value);
645 put_unaligned_le32(value, key);
646 swap128(key, smp->tk);
647 /* Fall Through */
648 case MGMT_OP_USER_CONFIRM_REPLY:
649 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
650 break;
651 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
652 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
653 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
654 return 0;
655 default:
656 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
657 return -EOPNOTSUPP;
658 }
659
660 /* If it is our turn to send Pairing Confirm, do so now */
661 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags))
662 queue_work(hcon->hdev->workqueue, &smp->confirm);
663
664 return 0;
665 }
666
667 static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
668 {
669 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
670 struct smp_chan *smp;
671 u8 key_size;
672 u8 auth = SMP_AUTH_NONE;
673 int ret;
674
675 BT_DBG("conn %p", conn);
676
677 if (skb->len < sizeof(*req))
678 return SMP_UNSPECIFIED;
679
680 if (conn->hcon->link_mode & HCI_LM_MASTER)
681 return SMP_CMD_NOTSUPP;
682
683 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
684 smp = smp_chan_create(conn);
685 else
686 smp = conn->smp_chan;
687
688 if (!smp)
689 return SMP_UNSPECIFIED;
690
691 smp->preq[0] = SMP_CMD_PAIRING_REQ;
692 memcpy(&smp->preq[1], req, sizeof(*req));
693 skb_pull(skb, sizeof(*req));
694
695 /* We didn't start the pairing, so match remote */
696 if (req->auth_req & SMP_AUTH_BONDING)
697 auth = req->auth_req;
698
699 conn->hcon->pending_sec_level = authreq_to_seclevel(auth);
700
701 build_pairing_cmd(conn, req, &rsp, auth);
702
703 key_size = min(req->max_key_size, rsp.max_key_size);
704 if (check_enc_key_size(conn, key_size))
705 return SMP_ENC_KEY_SIZE;
706
707 get_random_bytes(smp->prnd, sizeof(smp->prnd));
708
709 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
710 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
711
712 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
713
714 /* Request setup of TK */
715 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
716 if (ret)
717 return SMP_UNSPECIFIED;
718
719 return 0;
720 }
721
722 static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
723 {
724 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
725 struct smp_chan *smp = conn->smp_chan;
726 struct hci_dev *hdev = conn->hcon->hdev;
727 u8 key_size, auth = SMP_AUTH_NONE;
728 int ret;
729
730 BT_DBG("conn %p", conn);
731
732 if (skb->len < sizeof(*rsp))
733 return SMP_UNSPECIFIED;
734
735 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
736 return SMP_CMD_NOTSUPP;
737
738 skb_pull(skb, sizeof(*rsp));
739
740 req = (void *) &smp->preq[1];
741
742 key_size = min(req->max_key_size, rsp->max_key_size);
743 if (check_enc_key_size(conn, key_size))
744 return SMP_ENC_KEY_SIZE;
745
746 get_random_bytes(smp->prnd, sizeof(smp->prnd));
747
748 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
749 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
750
751 if ((req->auth_req & SMP_AUTH_BONDING) &&
752 (rsp->auth_req & SMP_AUTH_BONDING))
753 auth = SMP_AUTH_BONDING;
754
755 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
756
757 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
758 if (ret)
759 return SMP_UNSPECIFIED;
760
761 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
762
763 /* Can't compose response until we have been confirmed */
764 if (!test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags))
765 return 0;
766
767 queue_work(hdev->workqueue, &smp->confirm);
768
769 return 0;
770 }
771
772 static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
773 {
774 struct smp_chan *smp = conn->smp_chan;
775 struct hci_dev *hdev = conn->hcon->hdev;
776
777 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
778
779 if (skb->len < sizeof(smp->pcnf))
780 return SMP_UNSPECIFIED;
781
782 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
783 skb_pull(skb, sizeof(smp->pcnf));
784
785 if (conn->hcon->out) {
786 u8 random[16];
787
788 swap128(smp->prnd, random);
789 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
790 random);
791 } else if (test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags)) {
792 queue_work(hdev->workqueue, &smp->confirm);
793 } else {
794 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
795 }
796
797 return 0;
798 }
799
800 static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
801 {
802 struct smp_chan *smp = conn->smp_chan;
803 struct hci_dev *hdev = conn->hcon->hdev;
804
805 BT_DBG("conn %p", conn);
806
807 if (skb->len < sizeof(smp->rrnd))
808 return SMP_UNSPECIFIED;
809
810 swap128(skb->data, smp->rrnd);
811 skb_pull(skb, sizeof(smp->rrnd));
812
813 queue_work(hdev->workqueue, &smp->random);
814
815 return 0;
816 }
817
818 static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
819 {
820 struct smp_ltk *key;
821 struct hci_conn *hcon = conn->hcon;
822
823 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
824 hcon->out);
825 if (!key)
826 return 0;
827
828 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
829 return 0;
830
831 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
832 return 1;
833
834 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
835 hcon->enc_key_size = key->enc_size;
836
837 return 1;
838 }
839
840 static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
841 {
842 struct smp_cmd_security_req *rp = (void *) skb->data;
843 struct smp_cmd_pairing cp;
844 struct hci_conn *hcon = conn->hcon;
845 struct smp_chan *smp;
846
847 BT_DBG("conn %p", conn);
848
849 if (skb->len < sizeof(*rp))
850 return SMP_UNSPECIFIED;
851
852 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
853 return SMP_CMD_NOTSUPP;
854
855 hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req);
856
857 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
858 return 0;
859
860 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
861 return 0;
862
863 smp = smp_chan_create(conn);
864
865 skb_pull(skb, sizeof(*rp));
866
867 memset(&cp, 0, sizeof(cp));
868 build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
869
870 smp->preq[0] = SMP_CMD_PAIRING_REQ;
871 memcpy(&smp->preq[1], &cp, sizeof(cp));
872
873 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
874
875 return 0;
876 }
877
878 bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level)
879 {
880 if (sec_level == BT_SECURITY_LOW)
881 return true;
882
883 if (hcon->sec_level >= sec_level)
884 return true;
885
886 return false;
887 }
888
889 int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
890 {
891 struct l2cap_conn *conn = hcon->l2cap_data;
892 struct smp_chan *smp = conn->smp_chan;
893 __u8 authreq;
894
895 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
896
897 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
898 return 1;
899
900 if (smp_sufficient_security(hcon, sec_level))
901 return 1;
902
903 if (hcon->link_mode & HCI_LM_MASTER)
904 if (smp_ltk_encrypt(conn, sec_level))
905 goto done;
906
907 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
908 return 0;
909
910 smp = smp_chan_create(conn);
911 if (!smp)
912 return 1;
913
914 authreq = seclevel_to_authreq(sec_level);
915
916 if (hcon->link_mode & HCI_LM_MASTER) {
917 struct smp_cmd_pairing cp;
918
919 build_pairing_cmd(conn, &cp, NULL, authreq);
920 smp->preq[0] = SMP_CMD_PAIRING_REQ;
921 memcpy(&smp->preq[1], &cp, sizeof(cp));
922
923 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
924 } else {
925 struct smp_cmd_security_req cp;
926 cp.auth_req = authreq;
927 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
928 }
929
930 done:
931 hcon->pending_sec_level = sec_level;
932
933 return 0;
934 }
935
936 static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
937 {
938 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
939 struct smp_chan *smp = conn->smp_chan;
940
941 BT_DBG("conn %p", conn);
942
943 if (skb->len < sizeof(*rp))
944 return SMP_UNSPECIFIED;
945
946 /* Ignore this PDU if it wasn't requested */
947 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
948 return 0;
949
950 skb_pull(skb, sizeof(*rp));
951
952 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
953
954 return 0;
955 }
956
957 static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
958 {
959 struct smp_cmd_master_ident *rp = (void *) skb->data;
960 struct smp_chan *smp = conn->smp_chan;
961 struct hci_dev *hdev = conn->hcon->hdev;
962 struct hci_conn *hcon = conn->hcon;
963 struct smp_ltk *ltk;
964 u8 authenticated;
965
966 BT_DBG("conn %p", conn);
967
968 if (skb->len < sizeof(*rp))
969 return SMP_UNSPECIFIED;
970
971 /* Ignore this PDU if it wasn't requested */
972 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
973 return 0;
974
975 /* Mark the information as received */
976 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
977
978 skb_pull(skb, sizeof(*rp));
979
980 hci_dev_lock(hdev);
981 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
982 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, HCI_SMP_LTK,
983 authenticated, smp->tk, smp->enc_key_size,
984 rp->ediv, rp->rand);
985 smp->ltk = ltk;
986 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
987 smp_distribute_keys(conn);
988 hci_dev_unlock(hdev);
989
990 return 0;
991 }
992
993 static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
994 {
995 struct smp_cmd_ident_info *info = (void *) skb->data;
996 struct smp_chan *smp = conn->smp_chan;
997
998 BT_DBG("");
999
1000 if (skb->len < sizeof(*info))
1001 return SMP_UNSPECIFIED;
1002
1003 /* Ignore this PDU if it wasn't requested */
1004 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1005 return 0;
1006
1007 skb_pull(skb, sizeof(*info));
1008
1009 memcpy(smp->irk, info->irk, 16);
1010
1011 return 0;
1012 }
1013
1014 static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
1015 struct sk_buff *skb)
1016 {
1017 struct smp_cmd_ident_addr_info *info = (void *) skb->data;
1018 struct smp_chan *smp = conn->smp_chan;
1019 struct hci_conn *hcon = conn->hcon;
1020 bdaddr_t rpa;
1021
1022 BT_DBG("");
1023
1024 if (skb->len < sizeof(*info))
1025 return SMP_UNSPECIFIED;
1026
1027 /* Ignore this PDU if it wasn't requested */
1028 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1029 return 0;
1030
1031 /* Mark the information as received */
1032 smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
1033
1034 skb_pull(skb, sizeof(*info));
1035
1036 /* Strictly speaking the Core Specification (4.1) allows sending
1037 * an empty address which would force us to rely on just the IRK
1038 * as "identity information". However, since such
1039 * implementations are not known of and in order to not over
1040 * complicate our implementation, simply pretend that we never
1041 * received an IRK for such a device.
1042 */
1043 if (!bacmp(&info->bdaddr, BDADDR_ANY)) {
1044 BT_ERR("Ignoring IRK with no identity address");
1045 smp_distribute_keys(conn);
1046 return 0;
1047 }
1048
1049 bacpy(&smp->id_addr, &info->bdaddr);
1050 smp->id_addr_type = info->addr_type;
1051
1052 if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type))
1053 bacpy(&rpa, &hcon->dst);
1054 else
1055 bacpy(&rpa, BDADDR_ANY);
1056
1057 smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
1058 smp->id_addr_type, smp->irk, &rpa);
1059
1060 /* Track the connection based on the Identity Address from now on */
1061 bacpy(&hcon->dst, &smp->id_addr);
1062 hcon->dst_type = smp->id_addr_type;
1063
1064 l2cap_conn_update_id_addr(hcon);
1065
1066 smp_distribute_keys(conn);
1067
1068 return 0;
1069 }
1070
1071 static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb)
1072 {
1073 struct smp_cmd_sign_info *rp = (void *) skb->data;
1074 struct smp_chan *smp = conn->smp_chan;
1075 struct hci_dev *hdev = conn->hcon->hdev;
1076 struct smp_csrk *csrk;
1077
1078 BT_DBG("conn %p", conn);
1079
1080 if (skb->len < sizeof(*rp))
1081 return SMP_UNSPECIFIED;
1082
1083 /* Ignore this PDU if it wasn't requested */
1084 if (!(smp->remote_key_dist & SMP_DIST_SIGN))
1085 return 0;
1086
1087 /* Mark the information as received */
1088 smp->remote_key_dist &= ~SMP_DIST_SIGN;
1089
1090 skb_pull(skb, sizeof(*rp));
1091
1092 hci_dev_lock(hdev);
1093 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1094 if (csrk) {
1095 csrk->master = 0x01;
1096 memcpy(csrk->val, rp->csrk, sizeof(csrk->val));
1097 }
1098 smp->csrk = csrk;
1099 if (!(smp->remote_key_dist & SMP_DIST_SIGN))
1100 smp_distribute_keys(conn);
1101 hci_dev_unlock(hdev);
1102
1103 return 0;
1104 }
1105
1106 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
1107 {
1108 struct hci_conn *hcon = conn->hcon;
1109 __u8 code, reason;
1110 int err = 0;
1111
1112 if (hcon->type != LE_LINK) {
1113 kfree_skb(skb);
1114 return 0;
1115 }
1116
1117 if (skb->len < 1) {
1118 kfree_skb(skb);
1119 return -EILSEQ;
1120 }
1121
1122 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
1123 err = -ENOTSUPP;
1124 reason = SMP_PAIRING_NOTSUPP;
1125 goto done;
1126 }
1127
1128 code = skb->data[0];
1129 skb_pull(skb, sizeof(code));
1130
1131 /*
1132 * The SMP context must be initialized for all other PDUs except
1133 * pairing and security requests. If we get any other PDU when
1134 * not initialized simply disconnect (done if this function
1135 * returns an error).
1136 */
1137 if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ &&
1138 !conn->smp_chan) {
1139 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code);
1140 kfree_skb(skb);
1141 return -ENOTSUPP;
1142 }
1143
1144 switch (code) {
1145 case SMP_CMD_PAIRING_REQ:
1146 reason = smp_cmd_pairing_req(conn, skb);
1147 break;
1148
1149 case SMP_CMD_PAIRING_FAIL:
1150 smp_failure(conn, 0);
1151 reason = 0;
1152 err = -EPERM;
1153 break;
1154
1155 case SMP_CMD_PAIRING_RSP:
1156 reason = smp_cmd_pairing_rsp(conn, skb);
1157 break;
1158
1159 case SMP_CMD_SECURITY_REQ:
1160 reason = smp_cmd_security_req(conn, skb);
1161 break;
1162
1163 case SMP_CMD_PAIRING_CONFIRM:
1164 reason = smp_cmd_pairing_confirm(conn, skb);
1165 break;
1166
1167 case SMP_CMD_PAIRING_RANDOM:
1168 reason = smp_cmd_pairing_random(conn, skb);
1169 break;
1170
1171 case SMP_CMD_ENCRYPT_INFO:
1172 reason = smp_cmd_encrypt_info(conn, skb);
1173 break;
1174
1175 case SMP_CMD_MASTER_IDENT:
1176 reason = smp_cmd_master_ident(conn, skb);
1177 break;
1178
1179 case SMP_CMD_IDENT_INFO:
1180 reason = smp_cmd_ident_info(conn, skb);
1181 break;
1182
1183 case SMP_CMD_IDENT_ADDR_INFO:
1184 reason = smp_cmd_ident_addr_info(conn, skb);
1185 break;
1186
1187 case SMP_CMD_SIGN_INFO:
1188 reason = smp_cmd_sign_info(conn, skb);
1189 break;
1190
1191 default:
1192 BT_DBG("Unknown command code 0x%2.2x", code);
1193
1194 reason = SMP_CMD_NOTSUPP;
1195 err = -EOPNOTSUPP;
1196 goto done;
1197 }
1198
1199 done:
1200 if (reason)
1201 smp_failure(conn, reason);
1202
1203 kfree_skb(skb);
1204 return err;
1205 }
1206
1207 static void smp_notify_keys(struct l2cap_conn *conn)
1208 {
1209 struct smp_chan *smp = conn->smp_chan;
1210 struct hci_conn *hcon = conn->hcon;
1211 struct hci_dev *hdev = hcon->hdev;
1212 struct smp_cmd_pairing *req = (void *) &smp->preq[1];
1213 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
1214 bool persistent;
1215
1216 if (smp->remote_irk)
1217 mgmt_new_irk(hdev, smp->remote_irk);
1218
1219 /* The LTKs and CSRKs should be persistent only if both sides
1220 * had the bonding bit set in their authentication requests.
1221 */
1222 persistent = !!((req->auth_req & rsp->auth_req) & SMP_AUTH_BONDING);
1223
1224 if (smp->csrk) {
1225 smp->csrk->bdaddr_type = hcon->dst_type;
1226 bacpy(&smp->csrk->bdaddr, &hcon->dst);
1227 mgmt_new_csrk(hdev, smp->csrk, persistent);
1228 }
1229
1230 if (smp->slave_csrk) {
1231 smp->slave_csrk->bdaddr_type = hcon->dst_type;
1232 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst);
1233 mgmt_new_csrk(hdev, smp->slave_csrk, persistent);
1234 }
1235
1236 if (smp->ltk) {
1237 smp->ltk->bdaddr_type = hcon->dst_type;
1238 bacpy(&smp->ltk->bdaddr, &hcon->dst);
1239 mgmt_new_ltk(hdev, smp->ltk, persistent);
1240 }
1241
1242 if (smp->slave_ltk) {
1243 smp->slave_ltk->bdaddr_type = hcon->dst_type;
1244 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
1245 mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
1246 }
1247 }
1248
1249 int smp_distribute_keys(struct l2cap_conn *conn)
1250 {
1251 struct smp_cmd_pairing *req, *rsp;
1252 struct smp_chan *smp = conn->smp_chan;
1253 struct hci_conn *hcon = conn->hcon;
1254 struct hci_dev *hdev = hcon->hdev;
1255 bool ltk_encrypt;
1256 __u8 *keydist;
1257
1258 BT_DBG("conn %p", conn);
1259
1260 if (!test_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
1261 return 0;
1262
1263 rsp = (void *) &smp->prsp[1];
1264
1265 /* The responder sends its keys first */
1266 if (hcon->out && (smp->remote_key_dist & 0x07))
1267 return 0;
1268
1269 req = (void *) &smp->preq[1];
1270
1271 if (hcon->out) {
1272 keydist = &rsp->init_key_dist;
1273 *keydist &= req->init_key_dist;
1274 } else {
1275 keydist = &rsp->resp_key_dist;
1276 *keydist &= req->resp_key_dist;
1277 }
1278
1279 BT_DBG("keydist 0x%x", *keydist);
1280
1281 if (*keydist & SMP_DIST_ENC_KEY) {
1282 struct smp_cmd_encrypt_info enc;
1283 struct smp_cmd_master_ident ident;
1284 struct smp_ltk *ltk;
1285 u8 authenticated;
1286 __le16 ediv;
1287 __le64 rand;
1288
1289 get_random_bytes(enc.ltk, sizeof(enc.ltk));
1290 get_random_bytes(&ediv, sizeof(ediv));
1291 get_random_bytes(&rand, sizeof(rand));
1292
1293 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
1294
1295 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
1296 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type,
1297 HCI_SMP_LTK_SLAVE, authenticated, enc.ltk,
1298 smp->enc_key_size, ediv, rand);
1299 smp->slave_ltk = ltk;
1300
1301 ident.ediv = ediv;
1302 ident.rand = rand;
1303
1304 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
1305
1306 *keydist &= ~SMP_DIST_ENC_KEY;
1307 }
1308
1309 if (*keydist & SMP_DIST_ID_KEY) {
1310 struct smp_cmd_ident_addr_info addrinfo;
1311 struct smp_cmd_ident_info idinfo;
1312
1313 memcpy(idinfo.irk, hdev->irk, sizeof(idinfo.irk));
1314
1315 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
1316
1317 /* The hci_conn contains the local identity address
1318 * after the connection has been established.
1319 *
1320 * This is true even when the connection has been
1321 * established using a resolvable random address.
1322 */
1323 bacpy(&addrinfo.bdaddr, &hcon->src);
1324 addrinfo.addr_type = hcon->src_type;
1325
1326 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
1327 &addrinfo);
1328
1329 *keydist &= ~SMP_DIST_ID_KEY;
1330 }
1331
1332 if (*keydist & SMP_DIST_SIGN) {
1333 struct smp_cmd_sign_info sign;
1334 struct smp_csrk *csrk;
1335
1336 /* Generate a new random key */
1337 get_random_bytes(sign.csrk, sizeof(sign.csrk));
1338
1339 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1340 if (csrk) {
1341 csrk->master = 0x00;
1342 memcpy(csrk->val, sign.csrk, sizeof(csrk->val));
1343 }
1344 smp->slave_csrk = csrk;
1345
1346 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1347
1348 *keydist &= ~SMP_DIST_SIGN;
1349 }
1350
1351 /* If there are still keys to be received wait for them */
1352 if ((smp->remote_key_dist & 0x07))
1353 return 0;
1354
1355 /* Check if we should try to re-encrypt the link with the LTK.
1356 * SMP_FLAG_LTK_ENCRYPT flag is used to track whether we've
1357 * already tried this (in which case we shouldn't try again).
1358 *
1359 * The request will trigger an encryption key refresh event
1360 * which will cause a call to auth_cfm and eventually lead to
1361 * l2cap_core.c calling this smp_distribute_keys function again
1362 * and thereby completing the process.
1363 */
1364 if (smp->ltk)
1365 ltk_encrypt = !test_and_set_bit(SMP_FLAG_LTK_ENCRYPT,
1366 &smp->smp_flags);
1367 else
1368 ltk_encrypt = false;
1369
1370 /* Re-encrypt the link with LTK if possible */
1371 if (ltk_encrypt && hcon->out) {
1372 queue_delayed_work(hdev->req_workqueue, &smp->reencrypt,
1373 SMP_REENCRYPT_TIMEOUT);
1374 } else {
1375 clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags);
1376 cancel_delayed_work_sync(&conn->security_timer);
1377 set_bit(SMP_FLAG_COMPLETE, &smp->smp_flags);
1378 smp_notify_keys(conn);
1379 smp_chan_destroy(conn);
1380 }
1381
1382 return 0;
1383 }
Ubuntu Artful kernel mirror