^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) BlueZ - Bluetooth protocol stack for Linux
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) This program is free software; you can redistribute it and/or modify
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) it under the terms of the GNU General Public License version 2 as
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) published by the Free Software Foundation;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) SOFTWARE IS DISCLAIMED.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) #include <linux/debugfs.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) #include <linux/scatterlist.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) #include <linux/crypto.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) #include <crypto/aes.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) #include <crypto/algapi.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) #include <crypto/b128ops.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) #include <crypto/hash.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) #include <crypto/kpp.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) #include <net/bluetooth/bluetooth.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) #include <net/bluetooth/hci_core.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) #include <net/bluetooth/l2cap.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) #include <net/bluetooth/mgmt.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) #include "ecdh_helper.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) #include "smp.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) #define SMP_DEV(hdev) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) ((struct smp_dev *)((struct l2cap_chan *)((hdev)->smp_data))->data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) /* Low-level debug macros to be used for stuff that we don't want
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) * accidentially in dmesg, i.e. the values of the various crypto keys
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) * and the inputs & outputs of crypto functions.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) #ifdef DEBUG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) #define SMP_DBG(fmt, ...) printk(KERN_DEBUG "%s: " fmt, __func__, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) ##__VA_ARGS__)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) #define SMP_DBG(fmt, ...) no_printk(KERN_DEBUG "%s: " fmt, __func__, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) ##__VA_ARGS__)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) #define SMP_ALLOW_CMD(smp, code) set_bit(code, &smp->allow_cmd)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) /* Keys which are not distributed with Secure Connections */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) #define SMP_SC_NO_DIST (SMP_DIST_ENC_KEY | SMP_DIST_LINK_KEY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) #define SMP_TIMEOUT msecs_to_jiffies(30000)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) #define AUTH_REQ_MASK(dev) (hci_dev_test_flag(dev, HCI_SC_ENABLED) ? \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) 0x3f : 0x07)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) #define KEY_DIST_MASK 0x07
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) /* Maximum message length that can be passed to aes_cmac */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) #define CMAC_MSG_MAX 80
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) enum {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) SMP_FLAG_TK_VALID,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) SMP_FLAG_CFM_PENDING,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) SMP_FLAG_MITM_AUTH,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) SMP_FLAG_COMPLETE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) SMP_FLAG_INITIATOR,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) SMP_FLAG_SC,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) SMP_FLAG_REMOTE_PK,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) SMP_FLAG_DEBUG_KEY,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) SMP_FLAG_WAIT_USER,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) SMP_FLAG_DHKEY_PENDING,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) SMP_FLAG_REMOTE_OOB,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) SMP_FLAG_LOCAL_OOB,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) SMP_FLAG_CT2,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) struct smp_dev {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) /* Secure Connections OOB data */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) bool local_oob;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) u8 local_pk[64];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) u8 local_rand[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) bool debug_key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) struct crypto_shash *tfm_cmac;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) struct crypto_kpp *tfm_ecdh;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) struct smp_chan {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) struct l2cap_conn *conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) struct delayed_work security_timer;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) unsigned long allow_cmd; /* Bitmask of allowed commands */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) u8 preq[7]; /* SMP Pairing Request */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) u8 prsp[7]; /* SMP Pairing Response */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) u8 prnd[16]; /* SMP Pairing Random (local) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) u8 rrnd[16]; /* SMP Pairing Random (remote) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) u8 pcnf[16]; /* SMP Pairing Confirm */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) u8 tk[16]; /* SMP Temporary Key */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) u8 rr[16]; /* Remote OOB ra/rb value */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) u8 lr[16]; /* Local OOB ra/rb value */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) u8 enc_key_size;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) u8 remote_key_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) bdaddr_t id_addr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) u8 id_addr_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) u8 irk[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) struct smp_csrk *csrk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) struct smp_csrk *slave_csrk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) struct smp_ltk *ltk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) struct smp_ltk *slave_ltk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) struct smp_irk *remote_irk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) u8 *link_key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) unsigned long flags;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) u8 method;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) u8 passkey_round;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) /* Secure Connections variables */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) u8 local_pk[64];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) u8 remote_pk[64];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) u8 dhkey[32];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) u8 mackey[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) struct crypto_shash *tfm_cmac;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) struct crypto_kpp *tfm_ecdh;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) /* These debug key values are defined in the SMP section of the core
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) * specification. debug_pk is the public debug key and debug_sk the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) * private debug key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) static const u8 debug_pk[64] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) 0xe6, 0x9d, 0x35, 0x0e, 0x48, 0x01, 0x03, 0xcc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) 0xdb, 0xfd, 0xf4, 0xac, 0x11, 0x91, 0xf4, 0xef,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) 0xb9, 0xa5, 0xf9, 0xe9, 0xa7, 0x83, 0x2c, 0x5e,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) 0x2c, 0xbe, 0x97, 0xf2, 0xd2, 0x03, 0xb0, 0x20,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) 0x8b, 0xd2, 0x89, 0x15, 0xd0, 0x8e, 0x1c, 0x74,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) 0x24, 0x30, 0xed, 0x8f, 0xc2, 0x45, 0x63, 0x76,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) 0x5c, 0x15, 0x52, 0x5a, 0xbf, 0x9a, 0x32, 0x63,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) 0x6d, 0xeb, 0x2a, 0x65, 0x49, 0x9c, 0x80, 0xdc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) static const u8 debug_sk[32] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) 0xbd, 0x1a, 0x3c, 0xcd, 0xa6, 0xb8, 0x99, 0x58,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) 0x99, 0xb7, 0x40, 0xeb, 0x7b, 0x60, 0xff, 0x4a,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) 0x50, 0x3f, 0x10, 0xd2, 0xe3, 0xb3, 0xc9, 0x74,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) 0x38, 0x5f, 0xc5, 0xa3, 0xd4, 0xf6, 0x49, 0x3f,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) static inline void swap_buf(const u8 *src, u8 *dst, size_t len)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) size_t i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) for (i = 0; i < len; i++)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) dst[len - 1 - i] = src[i];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) /* The following functions map to the LE SC SMP crypto functions
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) * AES-CMAC, f4, f5, f6, g2 and h6.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) static int aes_cmac(struct crypto_shash *tfm, const u8 k[16], const u8 *m,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) size_t len, u8 mac[16])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) uint8_t tmp[16], mac_msb[16], msg_msb[CMAC_MSG_MAX];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) if (len > CMAC_MSG_MAX)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) return -EFBIG;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) if (!tfm) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) BT_ERR("tfm %p", tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) /* Swap key and message from LSB to MSB */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) swap_buf(k, tmp, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) swap_buf(m, msg_msb, len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) SMP_DBG("msg (len %zu) %*phN", len, (int) len, m);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) SMP_DBG("key %16phN", k);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) err = crypto_shash_setkey(tfm, tmp, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) if (err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) BT_ERR("cipher setkey failed: %d", err);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) err = crypto_shash_tfm_digest(tfm, msg_msb, len, mac_msb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) if (err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) BT_ERR("Hash computation error %d", err);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) swap_buf(mac_msb, mac, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) SMP_DBG("mac %16phN", mac);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) static int smp_f4(struct crypto_shash *tfm_cmac, const u8 u[32],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) const u8 v[32], const u8 x[16], u8 z, u8 res[16])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) u8 m[65];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) SMP_DBG("u %32phN", u);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) SMP_DBG("v %32phN", v);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) SMP_DBG("x %16phN z %02x", x, z);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) m[0] = z;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) memcpy(m + 1, v, 32);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) memcpy(m + 33, u, 32);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) err = aes_cmac(tfm_cmac, x, m, sizeof(m), res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) SMP_DBG("res %16phN", res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) static int smp_f5(struct crypto_shash *tfm_cmac, const u8 w[32],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) const u8 n1[16], const u8 n2[16], const u8 a1[7],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) const u8 a2[7], u8 mackey[16], u8 ltk[16])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) /* The btle, salt and length "magic" values are as defined in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) * the SMP section of the Bluetooth core specification. In ASCII
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) * the btle value ends up being 'btle'. The salt is just a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) * random number whereas length is the value 256 in little
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) * endian format.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) const u8 btle[4] = { 0x65, 0x6c, 0x74, 0x62 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) const u8 salt[16] = { 0xbe, 0x83, 0x60, 0x5a, 0xdb, 0x0b, 0x37, 0x60,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) 0x38, 0xa5, 0xf5, 0xaa, 0x91, 0x83, 0x88, 0x6c };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245) const u8 length[2] = { 0x00, 0x01 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) u8 m[53], t[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249) SMP_DBG("w %32phN", w);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) SMP_DBG("n1 %16phN n2 %16phN", n1, n2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) SMP_DBG("a1 %7phN a2 %7phN", a1, a2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) err = aes_cmac(tfm_cmac, salt, w, 32, t);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257) SMP_DBG("t %16phN", t);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) memcpy(m, length, 2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) memcpy(m + 2, a2, 7);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) memcpy(m + 9, a1, 7);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262) memcpy(m + 16, n2, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263) memcpy(m + 32, n1, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) memcpy(m + 48, btle, 4);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) m[52] = 0; /* Counter */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268) err = aes_cmac(tfm_cmac, t, m, sizeof(m), mackey);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272) SMP_DBG("mackey %16phN", mackey);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274) m[52] = 1; /* Counter */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276) err = aes_cmac(tfm_cmac, t, m, sizeof(m), ltk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280) SMP_DBG("ltk %16phN", ltk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) static int smp_f6(struct crypto_shash *tfm_cmac, const u8 w[16],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286) const u8 n1[16], const u8 n2[16], const u8 r[16],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287) const u8 io_cap[3], const u8 a1[7], const u8 a2[7],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288) u8 res[16])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290) u8 m[65];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293) SMP_DBG("w %16phN", w);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 294) SMP_DBG("n1 %16phN n2 %16phN", n1, n2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 295) SMP_DBG("r %16phN io_cap %3phN a1 %7phN a2 %7phN", r, io_cap, a1, a2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 296)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 297) memcpy(m, a2, 7);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 298) memcpy(m + 7, a1, 7);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 299) memcpy(m + 14, io_cap, 3);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 300) memcpy(m + 17, r, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 301) memcpy(m + 33, n2, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 302) memcpy(m + 49, n1, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 303)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 304) err = aes_cmac(tfm_cmac, w, m, sizeof(m), res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 305) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 306) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 307)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 308) SMP_DBG("res %16phN", res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 309)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 310) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 311) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 312)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 313) static int smp_g2(struct crypto_shash *tfm_cmac, const u8 u[32], const u8 v[32],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 314) const u8 x[16], const u8 y[16], u32 *val)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 315) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 316) u8 m[80], tmp[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 317) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 318)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 319) SMP_DBG("u %32phN", u);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 320) SMP_DBG("v %32phN", v);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 321) SMP_DBG("x %16phN y %16phN", x, y);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 322)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 323) memcpy(m, y, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 324) memcpy(m + 16, v, 32);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 325) memcpy(m + 48, u, 32);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 326)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 327) err = aes_cmac(tfm_cmac, x, m, sizeof(m), tmp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 328) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 329) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 330)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 331) *val = get_unaligned_le32(tmp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 332) *val %= 1000000;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 333)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 334) SMP_DBG("val %06u", *val);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 335)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 336) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 337) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 338)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 339) static int smp_h6(struct crypto_shash *tfm_cmac, const u8 w[16],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 340) const u8 key_id[4], u8 res[16])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 341) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 342) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 343)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 344) SMP_DBG("w %16phN key_id %4phN", w, key_id);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 345)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 346) err = aes_cmac(tfm_cmac, w, key_id, 4, res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 347) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 348) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 349)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 350) SMP_DBG("res %16phN", res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 351)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 352) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 353) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 354)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 355) static int smp_h7(struct crypto_shash *tfm_cmac, const u8 w[16],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 356) const u8 salt[16], u8 res[16])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 357) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 358) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 359)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 360) SMP_DBG("w %16phN salt %16phN", w, salt);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 361)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 362) err = aes_cmac(tfm_cmac, salt, w, 16, res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 363) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 364) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 365)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 366) SMP_DBG("res %16phN", res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 367)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 368) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 369) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 370)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 371) /* The following functions map to the legacy SMP crypto functions e, c1,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 372) * s1 and ah.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 373) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 374)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 375) static int smp_e(const u8 *k, u8 *r)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 376) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 377) struct crypto_aes_ctx ctx;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 378) uint8_t tmp[16], data[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 379) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 380)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 381) SMP_DBG("k %16phN r %16phN", k, r);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 382)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 383) /* The most significant octet of key corresponds to k[0] */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 384) swap_buf(k, tmp, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 385)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 386) err = aes_expandkey(&ctx, tmp, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 387) if (err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 388) BT_ERR("cipher setkey failed: %d", err);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 389) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 390) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 391)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 392) /* Most significant octet of plaintextData corresponds to data[0] */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 393) swap_buf(r, data, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 394)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 395) aes_encrypt(&ctx, data, data);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 396)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 397) /* Most significant octet of encryptedData corresponds to data[0] */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 398) swap_buf(data, r, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 399)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 400) SMP_DBG("r %16phN", r);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 401)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 402) memzero_explicit(&ctx, sizeof (ctx));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 403) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 404) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 405)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 406) static int smp_c1(const u8 k[16],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 407) const u8 r[16], const u8 preq[7], const u8 pres[7], u8 _iat,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 408) const bdaddr_t *ia, u8 _rat, const bdaddr_t *ra, u8 res[16])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 409) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 410) u8 p1[16], p2[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 411) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 412)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 413) SMP_DBG("k %16phN r %16phN", k, r);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 414) SMP_DBG("iat %u ia %6phN rat %u ra %6phN", _iat, ia, _rat, ra);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 415) SMP_DBG("preq %7phN pres %7phN", preq, pres);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 416)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 417) memset(p1, 0, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 418)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 419) /* p1 = pres || preq || _rat || _iat */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 420) p1[0] = _iat;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 421) p1[1] = _rat;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 422) memcpy(p1 + 2, preq, 7);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 423) memcpy(p1 + 9, pres, 7);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 424)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 425) SMP_DBG("p1 %16phN", p1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 426)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 427) /* res = r XOR p1 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 428) u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 429)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 430) /* res = e(k, res) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 431) err = smp_e(k, res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 432) if (err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 433) BT_ERR("Encrypt data error");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 434) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 435) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 436)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 437) /* p2 = padding || ia || ra */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 438) memcpy(p2, ra, 6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 439) memcpy(p2 + 6, ia, 6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 440) memset(p2 + 12, 0, 4);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 441)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 442) SMP_DBG("p2 %16phN", p2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 443)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 444) /* res = res XOR p2 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 445) u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 446)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 447) /* res = e(k, res) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 448) err = smp_e(k, res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 449) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 450) BT_ERR("Encrypt data error");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 451)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 452) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 453) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 454)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 455) static int smp_s1(const u8 k[16],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 456) const u8 r1[16], const u8 r2[16], u8 _r[16])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 457) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 458) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 459)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 460) /* Just least significant octets from r1 and r2 are considered */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 461) memcpy(_r, r2, 8);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 462) memcpy(_r + 8, r1, 8);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 463)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 464) err = smp_e(k, _r);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 465) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 466) BT_ERR("Encrypt data error");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 467)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 468) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 469) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 470)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 471) static int smp_ah(const u8 irk[16], const u8 r[3], u8 res[3])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 472) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 473) u8 _res[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 474) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 475)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 476) /* r' = padding || r */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 477) memcpy(_res, r, 3);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 478) memset(_res + 3, 0, 13);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 479)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 480) err = smp_e(irk, _res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 481) if (err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 482) BT_ERR("Encrypt error");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 483) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 484) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 485)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 486) /* The output of the random address function ah is:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 487) * ah(k, r) = e(k, r') mod 2^24
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 488) * The output of the security function e is then truncated to 24 bits
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 489) * by taking the least significant 24 bits of the output of e as the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 490) * result of ah.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 491) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 492) memcpy(res, _res, 3);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 493)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 494) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 495) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 496)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 497) bool smp_irk_matches(struct hci_dev *hdev, const u8 irk[16],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 498) const bdaddr_t *bdaddr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 499) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 500) struct l2cap_chan *chan = hdev->smp_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 501) u8 hash[3];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 502) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 503)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 504) if (!chan || !chan->data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 505) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 506)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 507) bt_dev_dbg(hdev, "RPA %pMR IRK %*phN", bdaddr, 16, irk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 508)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 509) err = smp_ah(irk, &bdaddr->b[3], hash);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 510) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 511) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 512)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 513) return !crypto_memneq(bdaddr->b, hash, 3);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 514) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 515)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 516) int smp_generate_rpa(struct hci_dev *hdev, const u8 irk[16], bdaddr_t *rpa)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 517) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 518) struct l2cap_chan *chan = hdev->smp_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 519) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 520)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 521) if (!chan || !chan->data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 522) return -EOPNOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 523)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 524) get_random_bytes(&rpa->b[3], 3);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 525)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 526) rpa->b[5] &= 0x3f; /* Clear two most significant bits */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 527) rpa->b[5] |= 0x40; /* Set second most significant bit */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 528)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 529) err = smp_ah(irk, &rpa->b[3], rpa->b);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 530) if (err < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 531) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 532)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 533) bt_dev_dbg(hdev, "RPA %pMR", rpa);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 534)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 535) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 536) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 537)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 538) int smp_generate_oob(struct hci_dev *hdev, u8 hash[16], u8 rand[16])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 539) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 540) struct l2cap_chan *chan = hdev->smp_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 541) struct smp_dev *smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 542) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 543)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 544) if (!chan || !chan->data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 545) return -EOPNOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 546)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 547) smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 548)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 549) if (hci_dev_test_flag(hdev, HCI_USE_DEBUG_KEYS)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 550) bt_dev_dbg(hdev, "Using debug keys");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 551) err = set_ecdh_privkey(smp->tfm_ecdh, debug_sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 552) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 553) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 554) memcpy(smp->local_pk, debug_pk, 64);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 555) smp->debug_key = true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 556) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 557) while (true) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 558) /* Generate key pair for Secure Connections */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 559) err = generate_ecdh_keys(smp->tfm_ecdh, smp->local_pk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 560) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 561) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 562)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 563) /* This is unlikely, but we need to check that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 564) * we didn't accidentially generate a debug key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 565) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 566) if (crypto_memneq(smp->local_pk, debug_pk, 64))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 567) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 568) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 569) smp->debug_key = false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 570) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 571)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 572) SMP_DBG("OOB Public Key X: %32phN", smp->local_pk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 573) SMP_DBG("OOB Public Key Y: %32phN", smp->local_pk + 32);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 574)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 575) get_random_bytes(smp->local_rand, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 576)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 577) err = smp_f4(smp->tfm_cmac, smp->local_pk, smp->local_pk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 578) smp->local_rand, 0, hash);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 579) if (err < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 580) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 581)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 582) memcpy(rand, smp->local_rand, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 583)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 584) smp->local_oob = true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 585)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 586) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 587) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 588)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 589) static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 590) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 591) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 592) struct smp_chan *smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 593) struct kvec iv[2];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 594) struct msghdr msg;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 595)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 596) if (!chan)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 597) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 598)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 599) BT_DBG("code 0x%2.2x", code);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 600)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 601) iv[0].iov_base = &code;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 602) iv[0].iov_len = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 603)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 604) iv[1].iov_base = data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 605) iv[1].iov_len = len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 606)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 607) memset(&msg, 0, sizeof(msg));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 608)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 609) iov_iter_kvec(&msg.msg_iter, WRITE, iv, 2, 1 + len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 610)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 611) l2cap_chan_send(chan, &msg, 1 + len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 612)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 613) if (!chan->data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 614) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 615)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 616) smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 617)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 618) cancel_delayed_work_sync(&smp->security_timer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 619) schedule_delayed_work(&smp->security_timer, SMP_TIMEOUT);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 620) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 621)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 622) static u8 authreq_to_seclevel(u8 authreq)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 623) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 624) if (authreq & SMP_AUTH_MITM) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 625) if (authreq & SMP_AUTH_SC)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 626) return BT_SECURITY_FIPS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 627) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 628) return BT_SECURITY_HIGH;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 629) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 630) return BT_SECURITY_MEDIUM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 631) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 632) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 633)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 634) static __u8 seclevel_to_authreq(__u8 sec_level)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 635) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 636) switch (sec_level) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 637) case BT_SECURITY_FIPS:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 638) case BT_SECURITY_HIGH:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 639) return SMP_AUTH_MITM | SMP_AUTH_BONDING;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 640) case BT_SECURITY_MEDIUM:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 641) return SMP_AUTH_BONDING;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 642) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 643) return SMP_AUTH_NONE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 644) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 645) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 646)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 647) static void build_pairing_cmd(struct l2cap_conn *conn,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 648) struct smp_cmd_pairing *req,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 649) struct smp_cmd_pairing *rsp, __u8 authreq)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 650) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 651) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 652) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 653) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 654) struct hci_dev *hdev = hcon->hdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 655) u8 local_dist = 0, remote_dist = 0, oob_flag = SMP_OOB_NOT_PRESENT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 656)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 657) if (hci_dev_test_flag(hdev, HCI_BONDABLE)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 658) local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 659) remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 660) authreq |= SMP_AUTH_BONDING;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 661) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 662) authreq &= ~SMP_AUTH_BONDING;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 663) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 664)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 665) if (hci_dev_test_flag(hdev, HCI_RPA_RESOLVING))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 666) remote_dist |= SMP_DIST_ID_KEY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 667)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 668) if (hci_dev_test_flag(hdev, HCI_PRIVACY))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 669) local_dist |= SMP_DIST_ID_KEY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 670)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 671) if (hci_dev_test_flag(hdev, HCI_SC_ENABLED) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 672) (authreq & SMP_AUTH_SC)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 673) struct oob_data *oob_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 674) u8 bdaddr_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 675)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 676) if (hci_dev_test_flag(hdev, HCI_SSP_ENABLED)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 677) local_dist |= SMP_DIST_LINK_KEY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 678) remote_dist |= SMP_DIST_LINK_KEY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 679) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 680)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 681) if (hcon->dst_type == ADDR_LE_DEV_PUBLIC)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 682) bdaddr_type = BDADDR_LE_PUBLIC;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 683) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 684) bdaddr_type = BDADDR_LE_RANDOM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 685)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 686) oob_data = hci_find_remote_oob_data(hdev, &hcon->dst,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 687) bdaddr_type);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 688) if (oob_data && oob_data->present) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 689) set_bit(SMP_FLAG_REMOTE_OOB, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 690) oob_flag = SMP_OOB_PRESENT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 691) memcpy(smp->rr, oob_data->rand256, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 692) memcpy(smp->pcnf, oob_data->hash256, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 693) SMP_DBG("OOB Remote Confirmation: %16phN", smp->pcnf);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 694) SMP_DBG("OOB Remote Random: %16phN", smp->rr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 695) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 696)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 697) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 698) authreq &= ~SMP_AUTH_SC;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 699) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 700)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 701) if (rsp == NULL) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 702) req->io_capability = conn->hcon->io_capability;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 703) req->oob_flag = oob_flag;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 704) req->max_key_size = hdev->le_max_key_size;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 705) req->init_key_dist = local_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 706) req->resp_key_dist = remote_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 707) req->auth_req = (authreq & AUTH_REQ_MASK(hdev));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 708)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 709) smp->remote_key_dist = remote_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 710) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 711) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 712)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 713) rsp->io_capability = conn->hcon->io_capability;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 714) rsp->oob_flag = oob_flag;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 715) rsp->max_key_size = hdev->le_max_key_size;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 716) rsp->init_key_dist = req->init_key_dist & remote_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 717) rsp->resp_key_dist = req->resp_key_dist & local_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 718) rsp->auth_req = (authreq & AUTH_REQ_MASK(hdev));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 719)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 720) smp->remote_key_dist = rsp->init_key_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 721) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 722)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 723) static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 724) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 725) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 726) struct hci_dev *hdev = conn->hcon->hdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 727) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 728)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 729) if (conn->hcon->pending_sec_level == BT_SECURITY_FIPS &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 730) max_key_size != SMP_MAX_ENC_KEY_SIZE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 731) return SMP_ENC_KEY_SIZE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 732)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 733) if (max_key_size > hdev->le_max_key_size ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 734) max_key_size < SMP_MIN_ENC_KEY_SIZE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 735) return SMP_ENC_KEY_SIZE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 736)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 737) smp->enc_key_size = max_key_size;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 738)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 739) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 740) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 741)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 742) static void smp_chan_destroy(struct l2cap_conn *conn)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 743) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 744) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 745) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 746) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 747) bool complete;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 748)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 749) BUG_ON(!smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 750)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 751) cancel_delayed_work_sync(&smp->security_timer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 752)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 753) complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 754) mgmt_smp_complete(hcon, complete);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 755)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 756) kfree_sensitive(smp->csrk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 757) kfree_sensitive(smp->slave_csrk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 758) kfree_sensitive(smp->link_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 759)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 760) crypto_free_shash(smp->tfm_cmac);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 761) crypto_free_kpp(smp->tfm_ecdh);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 762)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 763) /* Ensure that we don't leave any debug key around if debug key
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 764) * support hasn't been explicitly enabled.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 765) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 766) if (smp->ltk && smp->ltk->type == SMP_LTK_P256_DEBUG &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 767) !hci_dev_test_flag(hcon->hdev, HCI_KEEP_DEBUG_KEYS)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 768) list_del_rcu(&smp->ltk->list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 769) kfree_rcu(smp->ltk, rcu);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 770) smp->ltk = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 771) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 772)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 773) /* If pairing failed clean up any keys we might have */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 774) if (!complete) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 775) if (smp->ltk) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 776) list_del_rcu(&smp->ltk->list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 777) kfree_rcu(smp->ltk, rcu);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 778) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 779)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 780) if (smp->slave_ltk) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 781) list_del_rcu(&smp->slave_ltk->list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 782) kfree_rcu(smp->slave_ltk, rcu);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 783) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 784)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 785) if (smp->remote_irk) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 786) list_del_rcu(&smp->remote_irk->list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 787) kfree_rcu(smp->remote_irk, rcu);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 788) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 789) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 790)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 791) chan->data = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 792) kfree_sensitive(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 793) hci_conn_drop(hcon);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 794) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 795)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 796) static void smp_failure(struct l2cap_conn *conn, u8 reason)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 797) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 798) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 799) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 800)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 801) if (reason)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 802) smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 803) &reason);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 804)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 805) mgmt_auth_failed(hcon, HCI_ERROR_AUTH_FAILURE);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 806)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 807) if (chan->data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 808) smp_chan_destroy(conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 809) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 810)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 811) #define JUST_WORKS 0x00
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 812) #define JUST_CFM 0x01
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 813) #define REQ_PASSKEY 0x02
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 814) #define CFM_PASSKEY 0x03
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 815) #define REQ_OOB 0x04
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 816) #define DSP_PASSKEY 0x05
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 817) #define OVERLAP 0xFF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 818)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 819) static const u8 gen_method[5][5] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 820) { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 821) { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 822) { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 823) { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 824) { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 825) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 826)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 827) static const u8 sc_method[5][5] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 828) { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 829) { JUST_WORKS, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 830) { DSP_PASSKEY, DSP_PASSKEY, REQ_PASSKEY, JUST_WORKS, DSP_PASSKEY },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 831) { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 832) { DSP_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 833) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 834)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 835) static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 836) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 837) /* If either side has unknown io_caps, use JUST_CFM (which gets
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 838) * converted later to JUST_WORKS if we're initiators.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 839) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 840) if (local_io > SMP_IO_KEYBOARD_DISPLAY ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 841) remote_io > SMP_IO_KEYBOARD_DISPLAY)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 842) return JUST_CFM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 843)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 844) if (test_bit(SMP_FLAG_SC, &smp->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 845) return sc_method[remote_io][local_io];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 846)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 847) return gen_method[remote_io][local_io];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 848) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 849)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 850) static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 851) u8 local_io, u8 remote_io)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 852) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 853) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 854) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 855) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 856) u32 passkey = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 857) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 858)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 859) /* Initialize key for JUST WORKS */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 860) memset(smp->tk, 0, sizeof(smp->tk));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 861) clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 862)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 863) BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 864)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 865) /* If neither side wants MITM, either "just" confirm an incoming
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 866) * request or use just-works for outgoing ones. The JUST_CFM
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 867) * will be converted to JUST_WORKS if necessary later in this
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 868) * function. If either side has MITM look up the method from the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 869) * table.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 870) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 871) if (!(auth & SMP_AUTH_MITM))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 872) smp->method = JUST_CFM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 873) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 874) smp->method = get_auth_method(smp, local_io, remote_io);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 875)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 876) /* Don't confirm locally initiated pairing attempts */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 877) if (smp->method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 878) &smp->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 879) smp->method = JUST_WORKS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 880)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 881) /* Don't bother user space with no IO capabilities */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 882) if (smp->method == JUST_CFM &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 883) hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 884) smp->method = JUST_WORKS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 885)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 886) /* If Just Works, Continue with Zero TK and ask user-space for
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 887) * confirmation */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 888) if (smp->method == JUST_WORKS) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 889) ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 890) hcon->type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 891) hcon->dst_type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 892) passkey, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 893) if (ret)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 894) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 895) set_bit(SMP_FLAG_WAIT_USER, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 896) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 897) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 898)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 899) /* If this function is used for SC -> legacy fallback we
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 900) * can only recover the just-works case.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 901) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 902) if (test_bit(SMP_FLAG_SC, &smp->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 903) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 904)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 905) /* Not Just Works/Confirm results in MITM Authentication */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 906) if (smp->method != JUST_CFM) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 907) set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 908) if (hcon->pending_sec_level < BT_SECURITY_HIGH)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 909) hcon->pending_sec_level = BT_SECURITY_HIGH;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 910) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 911)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 912) /* If both devices have Keyoard-Display I/O, the master
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 913) * Confirms and the slave Enters the passkey.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 914) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 915) if (smp->method == OVERLAP) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 916) if (hcon->role == HCI_ROLE_MASTER)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 917) smp->method = CFM_PASSKEY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 918) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 919) smp->method = REQ_PASSKEY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 920) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 921)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 922) /* Generate random passkey. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 923) if (smp->method == CFM_PASSKEY) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 924) memset(smp->tk, 0, sizeof(smp->tk));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 925) get_random_bytes(&passkey, sizeof(passkey));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 926) passkey %= 1000000;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 927) put_unaligned_le32(passkey, smp->tk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 928) BT_DBG("PassKey: %d", passkey);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 929) set_bit(SMP_FLAG_TK_VALID, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 930) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 931)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 932) if (smp->method == REQ_PASSKEY)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 933) ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 934) hcon->type, hcon->dst_type);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 935) else if (smp->method == JUST_CFM)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 936) ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 937) hcon->type, hcon->dst_type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 938) passkey, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 939) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 940) ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 941) hcon->type, hcon->dst_type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 942) passkey, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 943)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 944) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 945) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 946)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 947) static u8 smp_confirm(struct smp_chan *smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 948) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 949) struct l2cap_conn *conn = smp->conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 950) struct smp_cmd_pairing_confirm cp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 951) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 952)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 953) BT_DBG("conn %p", conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 954)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 955) ret = smp_c1(smp->tk, smp->prnd, smp->preq, smp->prsp,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 956) conn->hcon->init_addr_type, &conn->hcon->init_addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 957) conn->hcon->resp_addr_type, &conn->hcon->resp_addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 958) cp.confirm_val);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 959) if (ret)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 960) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 961)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 962) clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 963)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 964) smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 965)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 966) if (conn->hcon->out)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 967) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 968) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 969) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 970)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 971) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 972) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 973)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 974) static u8 smp_random(struct smp_chan *smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 975) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 976) struct l2cap_conn *conn = smp->conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 977) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 978) u8 confirm[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 979) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 980)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 981) BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 982)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 983) ret = smp_c1(smp->tk, smp->rrnd, smp->preq, smp->prsp,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 984) hcon->init_addr_type, &hcon->init_addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 985) hcon->resp_addr_type, &hcon->resp_addr, confirm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 986) if (ret)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 987) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 988)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 989) if (crypto_memneq(smp->pcnf, confirm, sizeof(smp->pcnf))) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 990) bt_dev_err(hcon->hdev, "pairing failed "
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 991) "(confirmation values mismatch)");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 992) return SMP_CONFIRM_FAILED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 993) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 994)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 995) if (hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 996) u8 stk[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 997) __le64 rand = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 998) __le16 ediv = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 999)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1000) smp_s1(smp->tk, smp->rrnd, smp->prnd, stk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1001)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1002) if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1003) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1004)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1005) hci_le_start_enc(hcon, ediv, rand, stk, smp->enc_key_size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1006) hcon->enc_key_size = smp->enc_key_size;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1007) set_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1008) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1009) u8 stk[16], auth;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1010) __le64 rand = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1011) __le16 ediv = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1012)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1013) smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1014) smp->prnd);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1015)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1016) smp_s1(smp->tk, smp->prnd, smp->rrnd, stk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1017)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1018) if (hcon->pending_sec_level == BT_SECURITY_HIGH)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1019) auth = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1020) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1021) auth = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1022)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1023) /* Even though there's no _SLAVE suffix this is the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1024) * slave STK we're adding for later lookup (the master
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1025) * STK never needs to be stored).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1026) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1027) hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1028) SMP_STK, auth, stk, smp->enc_key_size, ediv, rand);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1029) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1030)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1031) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1032) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1033)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1034) static void smp_notify_keys(struct l2cap_conn *conn)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1035) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1036) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1037) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1038) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1039) struct hci_dev *hdev = hcon->hdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1040) struct smp_cmd_pairing *req = (void *) &smp->preq[1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1041) struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1042) bool persistent;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1043)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1044) if (hcon->type == ACL_LINK) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1045) if (hcon->key_type == HCI_LK_DEBUG_COMBINATION)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1046) persistent = false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1047) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1048) persistent = !test_bit(HCI_CONN_FLUSH_KEY,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1049) &hcon->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1050) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1051) /* The LTKs, IRKs and CSRKs should be persistent only if
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1052) * both sides had the bonding bit set in their
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1053) * authentication requests.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1054) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1055) persistent = !!((req->auth_req & rsp->auth_req) &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1056) SMP_AUTH_BONDING);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1057) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1058)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1059) if (smp->remote_irk) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1060) mgmt_new_irk(hdev, smp->remote_irk, persistent);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1061)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1062) /* Now that user space can be considered to know the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1063) * identity address track the connection based on it
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1064) * from now on (assuming this is an LE link).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1065) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1066) if (hcon->type == LE_LINK) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1067) bacpy(&hcon->dst, &smp->remote_irk->bdaddr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1068) hcon->dst_type = smp->remote_irk->addr_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1069) queue_work(hdev->workqueue, &conn->id_addr_update_work);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1070) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1071) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1072)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1073) if (smp->csrk) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1074) smp->csrk->bdaddr_type = hcon->dst_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1075) bacpy(&smp->csrk->bdaddr, &hcon->dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1076) mgmt_new_csrk(hdev, smp->csrk, persistent);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1077) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1078)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1079) if (smp->slave_csrk) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1080) smp->slave_csrk->bdaddr_type = hcon->dst_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1081) bacpy(&smp->slave_csrk->bdaddr, &hcon->dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1082) mgmt_new_csrk(hdev, smp->slave_csrk, persistent);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1083) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1084)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1085) if (smp->ltk) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1086) smp->ltk->bdaddr_type = hcon->dst_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1087) bacpy(&smp->ltk->bdaddr, &hcon->dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1088) mgmt_new_ltk(hdev, smp->ltk, persistent);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1089) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1090)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1091) if (smp->slave_ltk) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1092) smp->slave_ltk->bdaddr_type = hcon->dst_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1093) bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1094) mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1095) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1096)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1097) if (smp->link_key) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1098) struct link_key *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1099) u8 type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1100)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1101) if (test_bit(SMP_FLAG_DEBUG_KEY, &smp->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1102) type = HCI_LK_DEBUG_COMBINATION;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1103) else if (hcon->sec_level == BT_SECURITY_FIPS)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1104) type = HCI_LK_AUTH_COMBINATION_P256;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1105) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1106) type = HCI_LK_UNAUTH_COMBINATION_P256;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1107)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1108) key = hci_add_link_key(hdev, smp->conn->hcon, &hcon->dst,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1109) smp->link_key, type, 0, &persistent);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1110) if (key) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1111) mgmt_new_link_key(hdev, key, persistent);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1112)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1113) /* Don't keep debug keys around if the relevant
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1114) * flag is not set.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1115) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1116) if (!hci_dev_test_flag(hdev, HCI_KEEP_DEBUG_KEYS) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1117) key->type == HCI_LK_DEBUG_COMBINATION) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1118) list_del_rcu(&key->list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1119) kfree_rcu(key, rcu);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1120) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1121) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1122) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1123) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1124)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1125) static void sc_add_ltk(struct smp_chan *smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1126) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1127) struct hci_conn *hcon = smp->conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1128) u8 key_type, auth;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1129)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1130) if (test_bit(SMP_FLAG_DEBUG_KEY, &smp->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1131) key_type = SMP_LTK_P256_DEBUG;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1132) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1133) key_type = SMP_LTK_P256;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1134)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1135) if (hcon->pending_sec_level == BT_SECURITY_FIPS)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1136) auth = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1137) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1138) auth = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1139)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1140) smp->ltk = hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1141) key_type, auth, smp->tk, smp->enc_key_size,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1142) 0, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1143) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1144)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1145) static void sc_generate_link_key(struct smp_chan *smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1146) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1147) /* From core spec. Spells out in ASCII as 'lebr'. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1148) const u8 lebr[4] = { 0x72, 0x62, 0x65, 0x6c };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1149)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1150) smp->link_key = kzalloc(16, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1151) if (!smp->link_key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1152) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1153)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1154) if (test_bit(SMP_FLAG_CT2, &smp->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1155) /* SALT = 0x000000000000000000000000746D7031 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1156) const u8 salt[16] = { 0x31, 0x70, 0x6d, 0x74 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1157)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1158) if (smp_h7(smp->tfm_cmac, smp->tk, salt, smp->link_key)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1159) kfree_sensitive(smp->link_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1160) smp->link_key = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1161) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1162) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1163) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1164) /* From core spec. Spells out in ASCII as 'tmp1'. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1165) const u8 tmp1[4] = { 0x31, 0x70, 0x6d, 0x74 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1166)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1167) if (smp_h6(smp->tfm_cmac, smp->tk, tmp1, smp->link_key)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1168) kfree_sensitive(smp->link_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1169) smp->link_key = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1170) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1171) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1172) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1173)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1174) if (smp_h6(smp->tfm_cmac, smp->link_key, lebr, smp->link_key)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1175) kfree_sensitive(smp->link_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1176) smp->link_key = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1177) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1178) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1179) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1180)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1181) static void smp_allow_key_dist(struct smp_chan *smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1182) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1183) /* Allow the first expected phase 3 PDU. The rest of the PDUs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1184) * will be allowed in each PDU handler to ensure we receive
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1185) * them in the correct order.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1186) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1187) if (smp->remote_key_dist & SMP_DIST_ENC_KEY)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1188) SMP_ALLOW_CMD(smp, SMP_CMD_ENCRYPT_INFO);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1189) else if (smp->remote_key_dist & SMP_DIST_ID_KEY)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1190) SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1191) else if (smp->remote_key_dist & SMP_DIST_SIGN)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1192) SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1193) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1194)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1195) static void sc_generate_ltk(struct smp_chan *smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1196) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1197) /* From core spec. Spells out in ASCII as 'brle'. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1198) const u8 brle[4] = { 0x65, 0x6c, 0x72, 0x62 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1199) struct hci_conn *hcon = smp->conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1200) struct hci_dev *hdev = hcon->hdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1201) struct link_key *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1202)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1203) key = hci_find_link_key(hdev, &hcon->dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1204) if (!key) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1205) bt_dev_err(hdev, "no Link Key found to generate LTK");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1206) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1207) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1208)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1209) if (key->type == HCI_LK_DEBUG_COMBINATION)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1210) set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1211)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1212) if (test_bit(SMP_FLAG_CT2, &smp->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1213) /* SALT = 0x000000000000000000000000746D7032 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1214) const u8 salt[16] = { 0x32, 0x70, 0x6d, 0x74 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1215)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1216) if (smp_h7(smp->tfm_cmac, key->val, salt, smp->tk))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1217) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1218) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1219) /* From core spec. Spells out in ASCII as 'tmp2'. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1220) const u8 tmp2[4] = { 0x32, 0x70, 0x6d, 0x74 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1221)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1222) if (smp_h6(smp->tfm_cmac, key->val, tmp2, smp->tk))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1223) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1224) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1225)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1226) if (smp_h6(smp->tfm_cmac, smp->tk, brle, smp->tk))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1227) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1228)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1229) sc_add_ltk(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1230) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1231)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1232) static void smp_distribute_keys(struct smp_chan *smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1233) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1234) struct smp_cmd_pairing *req, *rsp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1235) struct l2cap_conn *conn = smp->conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1236) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1237) struct hci_dev *hdev = hcon->hdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1238) __u8 *keydist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1239)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1240) BT_DBG("conn %p", conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1241)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1242) rsp = (void *) &smp->prsp[1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1243)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1244) /* The responder sends its keys first */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1245) if (hcon->out && (smp->remote_key_dist & KEY_DIST_MASK)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1246) smp_allow_key_dist(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1247) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1248) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1249)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1250) req = (void *) &smp->preq[1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1251)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1252) if (hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1253) keydist = &rsp->init_key_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1254) *keydist &= req->init_key_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1255) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1256) keydist = &rsp->resp_key_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1257) *keydist &= req->resp_key_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1258) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1259)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1260) if (test_bit(SMP_FLAG_SC, &smp->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1261) if (hcon->type == LE_LINK && (*keydist & SMP_DIST_LINK_KEY))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1262) sc_generate_link_key(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1263) if (hcon->type == ACL_LINK && (*keydist & SMP_DIST_ENC_KEY))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1264) sc_generate_ltk(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1265)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1266) /* Clear the keys which are generated but not distributed */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1267) *keydist &= ~SMP_SC_NO_DIST;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1268) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1269)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1270) BT_DBG("keydist 0x%x", *keydist);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1271)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1272) if (*keydist & SMP_DIST_ENC_KEY) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1273) struct smp_cmd_encrypt_info enc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1274) struct smp_cmd_master_ident ident;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1275) struct smp_ltk *ltk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1276) u8 authenticated;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1277) __le16 ediv;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1278) __le64 rand;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1279)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1280) /* Make sure we generate only the significant amount of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1281) * bytes based on the encryption key size, and set the rest
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1282) * of the value to zeroes.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1283) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1284) get_random_bytes(enc.ltk, smp->enc_key_size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1285) memset(enc.ltk + smp->enc_key_size, 0,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1286) sizeof(enc.ltk) - smp->enc_key_size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1287)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1288) get_random_bytes(&ediv, sizeof(ediv));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1289) get_random_bytes(&rand, sizeof(rand));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1290)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1291) smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1292)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1293) authenticated = hcon->sec_level == BT_SECURITY_HIGH;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1294) ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1295) SMP_LTK_SLAVE, authenticated, enc.ltk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1296) smp->enc_key_size, ediv, rand);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1297) smp->slave_ltk = ltk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1298)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1299) ident.ediv = ediv;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1300) ident.rand = rand;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1301)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1302) smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1303)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1304) *keydist &= ~SMP_DIST_ENC_KEY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1305) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1306)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1307) if (*keydist & SMP_DIST_ID_KEY) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1308) struct smp_cmd_ident_addr_info addrinfo;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1309) struct smp_cmd_ident_info idinfo;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1310)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1311) memcpy(idinfo.irk, hdev->irk, sizeof(idinfo.irk));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1312)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1313) smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1314)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1315) /* The hci_conn contains the local identity address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1316) * after the connection has been established.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1317) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1318) * This is true even when the connection has been
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1319) * established using a resolvable random address.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1320) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1321) bacpy(&addrinfo.bdaddr, &hcon->src);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1322) addrinfo.addr_type = hcon->src_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1323)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1324) smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1325) &addrinfo);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1326)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1327) *keydist &= ~SMP_DIST_ID_KEY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1328) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1329)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1330) if (*keydist & SMP_DIST_SIGN) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1331) struct smp_cmd_sign_info sign;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1332) struct smp_csrk *csrk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1333)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1334) /* Generate a new random key */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1335) get_random_bytes(sign.csrk, sizeof(sign.csrk));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1336)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1337) csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1338) if (csrk) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1339) if (hcon->sec_level > BT_SECURITY_MEDIUM)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1340) csrk->type = MGMT_CSRK_LOCAL_AUTHENTICATED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1341) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1342) csrk->type = MGMT_CSRK_LOCAL_UNAUTHENTICATED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1343) memcpy(csrk->val, sign.csrk, sizeof(csrk->val));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1344) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1345) smp->slave_csrk = csrk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1346)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1347) smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1348)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1349) *keydist &= ~SMP_DIST_SIGN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1350) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1351)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1352) /* If there are still keys to be received wait for them */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1353) if (smp->remote_key_dist & KEY_DIST_MASK) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1354) smp_allow_key_dist(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1355) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1356) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1357)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1358) set_bit(SMP_FLAG_COMPLETE, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1359) smp_notify_keys(conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1360)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1361) smp_chan_destroy(conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1362) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1363)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1364) static void smp_timeout(struct work_struct *work)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1365) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1366) struct smp_chan *smp = container_of(work, struct smp_chan,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1367) security_timer.work);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1368) struct l2cap_conn *conn = smp->conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1369)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1370) BT_DBG("conn %p", conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1371)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1372) hci_disconnect(conn->hcon, HCI_ERROR_REMOTE_USER_TERM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1373) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1374)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1375) static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1376) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1377) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1378) struct smp_chan *smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1379)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1380) smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1381) if (!smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1382) return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1383)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1384) smp->tfm_cmac = crypto_alloc_shash("cmac(aes)", 0, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1385) if (IS_ERR(smp->tfm_cmac)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1386) BT_ERR("Unable to create CMAC crypto context");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1387) goto zfree_smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1388) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1389)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1390) smp->tfm_ecdh = crypto_alloc_kpp("ecdh", 0, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1391) if (IS_ERR(smp->tfm_ecdh)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1392) BT_ERR("Unable to create ECDH crypto context");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1393) goto free_shash;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1394) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1395)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1396) smp->conn = conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1397) chan->data = smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1398)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1399) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_FAIL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1400)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1401) INIT_DELAYED_WORK(&smp->security_timer, smp_timeout);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1402)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1403) hci_conn_hold(conn->hcon);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1404)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1405) return smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1406)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1407) free_shash:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1408) crypto_free_shash(smp->tfm_cmac);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1409) zfree_smp:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1410) kfree_sensitive(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1411) return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1412) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1413)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1414) static int sc_mackey_and_ltk(struct smp_chan *smp, u8 mackey[16], u8 ltk[16])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1415) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1416) struct hci_conn *hcon = smp->conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1417) u8 *na, *nb, a[7], b[7];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1418)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1419) if (hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1420) na = smp->prnd;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1421) nb = smp->rrnd;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1422) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1423) na = smp->rrnd;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1424) nb = smp->prnd;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1425) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1426)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1427) memcpy(a, &hcon->init_addr, 6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1428) memcpy(b, &hcon->resp_addr, 6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1429) a[6] = hcon->init_addr_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1430) b[6] = hcon->resp_addr_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1431)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1432) return smp_f5(smp->tfm_cmac, smp->dhkey, na, nb, a, b, mackey, ltk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1433) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1434)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1435) static void sc_dhkey_check(struct smp_chan *smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1436) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1437) struct hci_conn *hcon = smp->conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1438) struct smp_cmd_dhkey_check check;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1439) u8 a[7], b[7], *local_addr, *remote_addr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1440) u8 io_cap[3], r[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1441)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1442) memcpy(a, &hcon->init_addr, 6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1443) memcpy(b, &hcon->resp_addr, 6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1444) a[6] = hcon->init_addr_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1445) b[6] = hcon->resp_addr_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1446)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1447) if (hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1448) local_addr = a;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1449) remote_addr = b;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1450) memcpy(io_cap, &smp->preq[1], 3);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1451) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1452) local_addr = b;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1453) remote_addr = a;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1454) memcpy(io_cap, &smp->prsp[1], 3);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1455) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1456)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1457) memset(r, 0, sizeof(r));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1458)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1459) if (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1460) put_unaligned_le32(hcon->passkey_notify, r);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1461)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1462) if (smp->method == REQ_OOB)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1463) memcpy(r, smp->rr, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1464)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1465) smp_f6(smp->tfm_cmac, smp->mackey, smp->prnd, smp->rrnd, r, io_cap,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1466) local_addr, remote_addr, check.e);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1467)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1468) smp_send_cmd(smp->conn, SMP_CMD_DHKEY_CHECK, sizeof(check), &check);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1469) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1470)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1471) static u8 sc_passkey_send_confirm(struct smp_chan *smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1472) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1473) struct l2cap_conn *conn = smp->conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1474) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1475) struct smp_cmd_pairing_confirm cfm;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1476) u8 r;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1477)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1478) r = ((hcon->passkey_notify >> smp->passkey_round) & 0x01);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1479) r |= 0x80;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1480)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1481) get_random_bytes(smp->prnd, sizeof(smp->prnd));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1482)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1483) if (smp_f4(smp->tfm_cmac, smp->local_pk, smp->remote_pk, smp->prnd, r,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1484) cfm.confirm_val))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1485) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1486)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1487) smp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cfm), &cfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1488)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1489) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1490) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1491)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1492) static u8 sc_passkey_round(struct smp_chan *smp, u8 smp_op)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1493) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1494) struct l2cap_conn *conn = smp->conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1495) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1496) struct hci_dev *hdev = hcon->hdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1497) u8 cfm[16], r;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1498)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1499) /* Ignore the PDU if we've already done 20 rounds (0 - 19) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1500) if (smp->passkey_round >= 20)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1501) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1502)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1503) switch (smp_op) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1504) case SMP_CMD_PAIRING_RANDOM:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1505) r = ((hcon->passkey_notify >> smp->passkey_round) & 0x01);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1506) r |= 0x80;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1507)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1508) if (smp_f4(smp->tfm_cmac, smp->remote_pk, smp->local_pk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1509) smp->rrnd, r, cfm))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1510) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1511)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1512) if (crypto_memneq(smp->pcnf, cfm, 16))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1513) return SMP_CONFIRM_FAILED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1514)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1515) smp->passkey_round++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1516)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1517) if (smp->passkey_round == 20) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1518) /* Generate MacKey and LTK */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1519) if (sc_mackey_and_ltk(smp, smp->mackey, smp->tk))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1520) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1521) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1522)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1523) /* The round is only complete when the initiator
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1524) * receives pairing random.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1525) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1526) if (!hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1527) smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1528) sizeof(smp->prnd), smp->prnd);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1529) if (smp->passkey_round == 20)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1530) SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1531) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1532) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1533) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1534) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1535)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1536) /* Start the next round */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1537) if (smp->passkey_round != 20)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1538) return sc_passkey_round(smp, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1539)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1540) /* Passkey rounds are complete - start DHKey Check */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1541) sc_dhkey_check(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1542) SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1543)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1544) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1545)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1546) case SMP_CMD_PAIRING_CONFIRM:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1547) if (test_bit(SMP_FLAG_WAIT_USER, &smp->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1548) set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1549) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1550) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1551)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1552) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1553)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1554) if (hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1555) smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1556) sizeof(smp->prnd), smp->prnd);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1557) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1558) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1559)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1560) return sc_passkey_send_confirm(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1561)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1562) case SMP_CMD_PUBLIC_KEY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1563) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1564) /* Initiating device starts the round */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1565) if (!hcon->out)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1566) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1567)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1568) BT_DBG("%s Starting passkey round %u", hdev->name,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1569) smp->passkey_round + 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1570)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1571) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1572)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1573) return sc_passkey_send_confirm(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1574) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1575)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1576) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1577) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1578)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1579) static int sc_user_reply(struct smp_chan *smp, u16 mgmt_op, __le32 passkey)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1580) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1581) struct l2cap_conn *conn = smp->conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1582) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1583) u8 smp_op;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1584)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1585) clear_bit(SMP_FLAG_WAIT_USER, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1586)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1587) switch (mgmt_op) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1588) case MGMT_OP_USER_PASSKEY_NEG_REPLY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1589) smp_failure(smp->conn, SMP_PASSKEY_ENTRY_FAILED);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1590) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1591) case MGMT_OP_USER_CONFIRM_NEG_REPLY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1592) smp_failure(smp->conn, SMP_NUMERIC_COMP_FAILED);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1593) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1594) case MGMT_OP_USER_PASSKEY_REPLY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1595) hcon->passkey_notify = le32_to_cpu(passkey);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1596) smp->passkey_round = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1597)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1598) if (test_and_clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1599) smp_op = SMP_CMD_PAIRING_CONFIRM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1600) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1601) smp_op = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1602)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1603) if (sc_passkey_round(smp, smp_op))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1604) return -EIO;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1605)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1606) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1607) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1608)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1609) /* Initiator sends DHKey check first */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1610) if (hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1611) sc_dhkey_check(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1612) SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1613) } else if (test_and_clear_bit(SMP_FLAG_DHKEY_PENDING, &smp->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1614) sc_dhkey_check(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1615) sc_add_ltk(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1616) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1617)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1618) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1619) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1620)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1621) int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1622) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1623) struct l2cap_conn *conn = hcon->l2cap_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1624) struct l2cap_chan *chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1625) struct smp_chan *smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1626) u32 value;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1627) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1628)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1629) BT_DBG("");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1630)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1631) if (!conn)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1632) return -ENOTCONN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1633)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1634) chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1635) if (!chan)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1636) return -ENOTCONN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1637)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1638) l2cap_chan_lock(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1639) if (!chan->data) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1640) err = -ENOTCONN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1641) goto unlock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1642) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1643)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1644) smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1645)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1646) if (test_bit(SMP_FLAG_SC, &smp->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1647) err = sc_user_reply(smp, mgmt_op, passkey);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1648) goto unlock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1649) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1650)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1651) switch (mgmt_op) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1652) case MGMT_OP_USER_PASSKEY_REPLY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1653) value = le32_to_cpu(passkey);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1654) memset(smp->tk, 0, sizeof(smp->tk));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1655) BT_DBG("PassKey: %d", value);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1656) put_unaligned_le32(value, smp->tk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1657) fallthrough;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1658) case MGMT_OP_USER_CONFIRM_REPLY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1659) set_bit(SMP_FLAG_TK_VALID, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1660) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1661) case MGMT_OP_USER_PASSKEY_NEG_REPLY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1662) case MGMT_OP_USER_CONFIRM_NEG_REPLY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1663) smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1664) err = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1665) goto unlock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1666) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1667) smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1668) err = -EOPNOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1669) goto unlock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1670) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1671)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1672) err = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1673)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1674) /* If it is our turn to send Pairing Confirm, do so now */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1675) if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1676) u8 rsp = smp_confirm(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1677) if (rsp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1678) smp_failure(conn, rsp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1679) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1680)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1681) unlock:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1682) l2cap_chan_unlock(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1683) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1684) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1685)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1686) static void build_bredr_pairing_cmd(struct smp_chan *smp,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1687) struct smp_cmd_pairing *req,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1688) struct smp_cmd_pairing *rsp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1689) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1690) struct l2cap_conn *conn = smp->conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1691) struct hci_dev *hdev = conn->hcon->hdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1692) u8 local_dist = 0, remote_dist = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1693)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1694) if (hci_dev_test_flag(hdev, HCI_BONDABLE)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1695) local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1696) remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1697) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1698)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1699) if (hci_dev_test_flag(hdev, HCI_RPA_RESOLVING))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1700) remote_dist |= SMP_DIST_ID_KEY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1701)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1702) if (hci_dev_test_flag(hdev, HCI_PRIVACY))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1703) local_dist |= SMP_DIST_ID_KEY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1704)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1705) if (!rsp) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1706) memset(req, 0, sizeof(*req));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1707)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1708) req->auth_req = SMP_AUTH_CT2;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1709) req->init_key_dist = local_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1710) req->resp_key_dist = remote_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1711) req->max_key_size = conn->hcon->enc_key_size;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1712)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1713) smp->remote_key_dist = remote_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1714)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1715) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1716) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1717)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1718) memset(rsp, 0, sizeof(*rsp));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1719)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1720) rsp->auth_req = SMP_AUTH_CT2;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1721) rsp->max_key_size = conn->hcon->enc_key_size;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1722) rsp->init_key_dist = req->init_key_dist & remote_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1723) rsp->resp_key_dist = req->resp_key_dist & local_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1724)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1725) smp->remote_key_dist = rsp->init_key_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1726) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1727)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1728) static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1729) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1730) struct smp_cmd_pairing rsp, *req = (void *) skb->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1731) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1732) struct hci_dev *hdev = conn->hcon->hdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1733) struct smp_chan *smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1734) u8 key_size, auth, sec_level;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1735) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1736)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1737) BT_DBG("conn %p", conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1738)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1739) if (skb->len < sizeof(*req))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1740) return SMP_INVALID_PARAMS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1741)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1742) if (conn->hcon->role != HCI_ROLE_SLAVE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1743) return SMP_CMD_NOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1744)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1745) if (!chan->data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1746) smp = smp_chan_create(conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1747) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1748) smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1749)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1750) if (!smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1751) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1752)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1753) /* We didn't start the pairing, so match remote */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1754) auth = req->auth_req & AUTH_REQ_MASK(hdev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1755)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1756) if (!hci_dev_test_flag(hdev, HCI_BONDABLE) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1757) (auth & SMP_AUTH_BONDING))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1758) return SMP_PAIRING_NOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1759)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1760) if (hci_dev_test_flag(hdev, HCI_SC_ONLY) && !(auth & SMP_AUTH_SC))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1761) return SMP_AUTH_REQUIREMENTS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1762)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1763) smp->preq[0] = SMP_CMD_PAIRING_REQ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1764) memcpy(&smp->preq[1], req, sizeof(*req));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1765) skb_pull(skb, sizeof(*req));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1766)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1767) /* If the remote side's OOB flag is set it means it has
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1768) * successfully received our local OOB data - therefore set the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1769) * flag to indicate that local OOB is in use.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1770) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1771) if (req->oob_flag == SMP_OOB_PRESENT && SMP_DEV(hdev)->local_oob)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1772) set_bit(SMP_FLAG_LOCAL_OOB, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1773)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1774) /* SMP over BR/EDR requires special treatment */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1775) if (conn->hcon->type == ACL_LINK) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1776) /* We must have a BR/EDR SC link */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1777) if (!test_bit(HCI_CONN_AES_CCM, &conn->hcon->flags) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1778) !hci_dev_test_flag(hdev, HCI_FORCE_BREDR_SMP))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1779) return SMP_CROSS_TRANSP_NOT_ALLOWED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1780)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1781) set_bit(SMP_FLAG_SC, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1782)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1783) build_bredr_pairing_cmd(smp, req, &rsp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1784)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1785) if (req->auth_req & SMP_AUTH_CT2)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1786) set_bit(SMP_FLAG_CT2, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1787)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1788) key_size = min(req->max_key_size, rsp.max_key_size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1789) if (check_enc_key_size(conn, key_size))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1790) return SMP_ENC_KEY_SIZE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1791)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1792) /* Clear bits which are generated but not distributed */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1793) smp->remote_key_dist &= ~SMP_SC_NO_DIST;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1794)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1795) smp->prsp[0] = SMP_CMD_PAIRING_RSP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1796) memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1797) smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1798)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1799) smp_distribute_keys(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1800) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1801) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1802)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1803) build_pairing_cmd(conn, req, &rsp, auth);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1804)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1805) if (rsp.auth_req & SMP_AUTH_SC) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1806) set_bit(SMP_FLAG_SC, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1807)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1808) if (rsp.auth_req & SMP_AUTH_CT2)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1809) set_bit(SMP_FLAG_CT2, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1810) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1811)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1812) if (conn->hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1813) sec_level = BT_SECURITY_MEDIUM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1814) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1815) sec_level = authreq_to_seclevel(auth);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1816)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1817) if (sec_level > conn->hcon->pending_sec_level)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1818) conn->hcon->pending_sec_level = sec_level;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1819)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1820) /* If we need MITM check that it can be achieved */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1821) if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1822) u8 method;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1823)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1824) method = get_auth_method(smp, conn->hcon->io_capability,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1825) req->io_capability);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1826) if (method == JUST_WORKS || method == JUST_CFM)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1827) return SMP_AUTH_REQUIREMENTS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1828) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1829)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1830) key_size = min(req->max_key_size, rsp.max_key_size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1831) if (check_enc_key_size(conn, key_size))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1832) return SMP_ENC_KEY_SIZE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1833)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1834) get_random_bytes(smp->prnd, sizeof(smp->prnd));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1835)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1836) smp->prsp[0] = SMP_CMD_PAIRING_RSP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1837) memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1838)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1839) smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1840)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1841) clear_bit(SMP_FLAG_INITIATOR, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1842)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1843) /* Strictly speaking we shouldn't allow Pairing Confirm for the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1844) * SC case, however some implementations incorrectly copy RFU auth
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1845) * req bits from our security request, which may create a false
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1846) * positive SC enablement.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1847) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1848) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1849)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1850) if (test_bit(SMP_FLAG_SC, &smp->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1851) SMP_ALLOW_CMD(smp, SMP_CMD_PUBLIC_KEY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1852) /* Clear bits which are generated but not distributed */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1853) smp->remote_key_dist &= ~SMP_SC_NO_DIST;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1854) /* Wait for Public Key from Initiating Device */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1855) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1856) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1857)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1858) /* Request setup of TK */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1859) ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1860) if (ret)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1861) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1862)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1863) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1864) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1865)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1866) static u8 sc_send_public_key(struct smp_chan *smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1867) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1868) struct hci_dev *hdev = smp->conn->hcon->hdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1869)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1870) bt_dev_dbg(hdev, "");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1871)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1872) if (test_bit(SMP_FLAG_LOCAL_OOB, &smp->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1873) struct l2cap_chan *chan = hdev->smp_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1874) struct smp_dev *smp_dev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1875)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1876) if (!chan || !chan->data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1877) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1878)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1879) smp_dev = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1880)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1881) memcpy(smp->local_pk, smp_dev->local_pk, 64);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1882) memcpy(smp->lr, smp_dev->local_rand, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1883)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1884) if (smp_dev->debug_key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1885) set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1886)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1887) goto done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1888) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1889)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1890) if (hci_dev_test_flag(hdev, HCI_USE_DEBUG_KEYS)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1891) BT_DBG("Using debug keys");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1892) if (set_ecdh_privkey(smp->tfm_ecdh, debug_sk))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1893) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1894) memcpy(smp->local_pk, debug_pk, 64);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1895) set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1896) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1897) while (true) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1898) /* Generate key pair for Secure Connections */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1899) if (generate_ecdh_keys(smp->tfm_ecdh, smp->local_pk))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1900) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1901)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1902) /* This is unlikely, but we need to check that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1903) * we didn't accidentially generate a debug key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1904) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1905) if (crypto_memneq(smp->local_pk, debug_pk, 64))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1906) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1907) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1908) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1909)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1910) done:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1911) SMP_DBG("Local Public Key X: %32phN", smp->local_pk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1912) SMP_DBG("Local Public Key Y: %32phN", smp->local_pk + 32);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1913)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1914) smp_send_cmd(smp->conn, SMP_CMD_PUBLIC_KEY, 64, smp->local_pk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1915)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1916) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1917) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1918)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1919) static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1920) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1921) struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1922) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1923) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1924) struct hci_dev *hdev = conn->hcon->hdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1925) u8 key_size, auth;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1926) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1927)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1928) BT_DBG("conn %p", conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1929)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1930) if (skb->len < sizeof(*rsp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1931) return SMP_INVALID_PARAMS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1932)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1933) if (conn->hcon->role != HCI_ROLE_MASTER)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1934) return SMP_CMD_NOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1935)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1936) skb_pull(skb, sizeof(*rsp));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1937)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1938) req = (void *) &smp->preq[1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1939)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1940) key_size = min(req->max_key_size, rsp->max_key_size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1941) if (check_enc_key_size(conn, key_size))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1942) return SMP_ENC_KEY_SIZE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1943)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1944) auth = rsp->auth_req & AUTH_REQ_MASK(hdev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1945)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1946) if (hci_dev_test_flag(hdev, HCI_SC_ONLY) && !(auth & SMP_AUTH_SC))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1947) return SMP_AUTH_REQUIREMENTS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1948)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1949) /* If the remote side's OOB flag is set it means it has
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1950) * successfully received our local OOB data - therefore set the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1951) * flag to indicate that local OOB is in use.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1952) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1953) if (rsp->oob_flag == SMP_OOB_PRESENT && SMP_DEV(hdev)->local_oob)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1954) set_bit(SMP_FLAG_LOCAL_OOB, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1955)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1956) smp->prsp[0] = SMP_CMD_PAIRING_RSP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1957) memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1958)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1959) /* Update remote key distribution in case the remote cleared
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1960) * some bits that we had enabled in our request.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1961) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1962) smp->remote_key_dist &= rsp->resp_key_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1963)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1964) if ((req->auth_req & SMP_AUTH_CT2) && (auth & SMP_AUTH_CT2))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1965) set_bit(SMP_FLAG_CT2, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1966)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1967) /* For BR/EDR this means we're done and can start phase 3 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1968) if (conn->hcon->type == ACL_LINK) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1969) /* Clear bits which are generated but not distributed */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1970) smp->remote_key_dist &= ~SMP_SC_NO_DIST;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1971) smp_distribute_keys(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1972) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1973) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1974)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1975) if ((req->auth_req & SMP_AUTH_SC) && (auth & SMP_AUTH_SC))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1976) set_bit(SMP_FLAG_SC, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1977) else if (conn->hcon->pending_sec_level > BT_SECURITY_HIGH)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1978) conn->hcon->pending_sec_level = BT_SECURITY_HIGH;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1979)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1980) /* If we need MITM check that it can be achieved */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1981) if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1982) u8 method;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1983)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1984) method = get_auth_method(smp, req->io_capability,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1985) rsp->io_capability);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1986) if (method == JUST_WORKS || method == JUST_CFM)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1987) return SMP_AUTH_REQUIREMENTS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1988) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1989)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1990) get_random_bytes(smp->prnd, sizeof(smp->prnd));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1991)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1992) /* Update remote key distribution in case the remote cleared
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1993) * some bits that we had enabled in our request.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1994) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1995) smp->remote_key_dist &= rsp->resp_key_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1996)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1997) if (test_bit(SMP_FLAG_SC, &smp->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1998) /* Clear bits which are generated but not distributed */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1999) smp->remote_key_dist &= ~SMP_SC_NO_DIST;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2000) SMP_ALLOW_CMD(smp, SMP_CMD_PUBLIC_KEY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2001) return sc_send_public_key(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2002) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2003)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2004) auth |= req->auth_req;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2005)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2006) ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2007) if (ret)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2008) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2009)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2010) set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2011)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2012) /* Can't compose response until we have been confirmed */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2013) if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2014) return smp_confirm(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2015)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2016) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2017) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2018)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2019) static u8 sc_check_confirm(struct smp_chan *smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2020) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2021) struct l2cap_conn *conn = smp->conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2022)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2023) BT_DBG("");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2024)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2025) if (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2026) return sc_passkey_round(smp, SMP_CMD_PAIRING_CONFIRM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2027)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2028) if (conn->hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2029) smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2030) smp->prnd);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2031) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2032) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2033)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2034) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2035) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2036)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2037) /* Work-around for some implementations that incorrectly copy RFU bits
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2038) * from our security request and thereby create the impression that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2039) * we're doing SC when in fact the remote doesn't support it.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2040) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2041) static int fixup_sc_false_positive(struct smp_chan *smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2042) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2043) struct l2cap_conn *conn = smp->conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2044) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2045) struct hci_dev *hdev = hcon->hdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2046) struct smp_cmd_pairing *req, *rsp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2047) u8 auth;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2048)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2049) /* The issue is only observed when we're in slave role */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2050) if (hcon->out)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2051) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2052)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2053) if (hci_dev_test_flag(hdev, HCI_SC_ONLY)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2054) bt_dev_err(hdev, "refusing legacy fallback in SC-only mode");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2055) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2056) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2057)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2058) bt_dev_err(hdev, "trying to fall back to legacy SMP");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2059)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2060) req = (void *) &smp->preq[1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2061) rsp = (void *) &smp->prsp[1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2062)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2063) /* Rebuild key dist flags which may have been cleared for SC */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2064) smp->remote_key_dist = (req->init_key_dist & rsp->resp_key_dist);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2065)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2066) auth = req->auth_req & AUTH_REQ_MASK(hdev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2067)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2068) if (tk_request(conn, 0, auth, rsp->io_capability, req->io_capability)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2069) bt_dev_err(hdev, "failed to fall back to legacy SMP");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2070) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2071) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2072)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2073) clear_bit(SMP_FLAG_SC, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2074)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2075) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2076) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2077)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2078) static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2079) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2080) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2081) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2082)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2083) BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2084)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2085) if (skb->len < sizeof(smp->pcnf))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2086) return SMP_INVALID_PARAMS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2087)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2088) memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2089) skb_pull(skb, sizeof(smp->pcnf));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2090)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2091) if (test_bit(SMP_FLAG_SC, &smp->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2092) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2093)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2094) /* Public Key exchange must happen before any other steps */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2095) if (test_bit(SMP_FLAG_REMOTE_PK, &smp->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2096) return sc_check_confirm(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2097)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2098) BT_ERR("Unexpected SMP Pairing Confirm");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2099)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2100) ret = fixup_sc_false_positive(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2101) if (ret)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2102) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2103) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2104)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2105) if (conn->hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2106) smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2107) smp->prnd);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2108) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2109) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2110) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2111)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2112) if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2113) return smp_confirm(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2114)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2115) set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2116)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2117) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2118) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2119)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2120) static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2121) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2122) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2123) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2124) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2125) u8 *pkax, *pkbx, *na, *nb, confirm_hint;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2126) u32 passkey;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2127) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2128)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2129) BT_DBG("conn %p", conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2130)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2131) if (skb->len < sizeof(smp->rrnd))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2132) return SMP_INVALID_PARAMS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2133)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2134) memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2135) skb_pull(skb, sizeof(smp->rrnd));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2136)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2137) if (!test_bit(SMP_FLAG_SC, &smp->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2138) return smp_random(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2139)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2140) if (hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2141) pkax = smp->local_pk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2142) pkbx = smp->remote_pk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2143) na = smp->prnd;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2144) nb = smp->rrnd;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2145) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2146) pkax = smp->remote_pk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2147) pkbx = smp->local_pk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2148) na = smp->rrnd;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2149) nb = smp->prnd;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2150) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2151)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2152) if (smp->method == REQ_OOB) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2153) if (!hcon->out)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2154) smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2155) sizeof(smp->prnd), smp->prnd);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2156) SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2157) goto mackey_and_ltk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2158) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2159)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2160) /* Passkey entry has special treatment */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2161) if (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2162) return sc_passkey_round(smp, SMP_CMD_PAIRING_RANDOM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2163)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2164) if (hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2165) u8 cfm[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2166)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2167) err = smp_f4(smp->tfm_cmac, smp->remote_pk, smp->local_pk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2168) smp->rrnd, 0, cfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2169) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2170) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2171)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2172) if (crypto_memneq(smp->pcnf, cfm, 16))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2173) return SMP_CONFIRM_FAILED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2174) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2175) smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2176) smp->prnd);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2177) SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2178)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2179) /* Only Just-Works pairing requires extra checks */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2180) if (smp->method != JUST_WORKS)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2181) goto mackey_and_ltk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2182)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2183) /* If there already exists long term key in local host, leave
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2184) * the decision to user space since the remote device could
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2185) * be legitimate or malicious.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2186) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2187) if (hci_find_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2188) hcon->role)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2189) /* Set passkey to 0. The value can be any number since
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2190) * it'll be ignored anyway.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2191) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2192) passkey = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2193) confirm_hint = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2194) goto confirm;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2195) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2196) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2197)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2198) mackey_and_ltk:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2199) /* Generate MacKey and LTK */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2200) err = sc_mackey_and_ltk(smp, smp->mackey, smp->tk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2201) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2202) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2203)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2204) if (smp->method == REQ_OOB) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2205) if (hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2206) sc_dhkey_check(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2207) SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2208) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2209) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2210) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2211)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2212) err = smp_g2(smp->tfm_cmac, pkax, pkbx, na, nb, &passkey);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2213) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2214) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2215)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2216) confirm_hint = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2217)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2218) confirm:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2219) if (smp->method == JUST_WORKS)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2220) confirm_hint = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2221)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2222) err = mgmt_user_confirm_request(hcon->hdev, &hcon->dst, hcon->type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2223) hcon->dst_type, passkey, confirm_hint);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2224) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2225) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2226)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2227) set_bit(SMP_FLAG_WAIT_USER, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2228)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2229) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2230) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2231)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2232) static bool smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2233) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2234) struct smp_ltk *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2235) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2236)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2237) key = hci_find_ltk(hcon->hdev, &hcon->dst, hcon->dst_type, hcon->role);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2238) if (!key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2239) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2240)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2241) if (smp_ltk_sec_level(key) < sec_level)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2242) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2243)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2244) if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2245) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2246)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2247) hci_le_start_enc(hcon, key->ediv, key->rand, key->val, key->enc_size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2248) hcon->enc_key_size = key->enc_size;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2249)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2250) /* We never store STKs for master role, so clear this flag */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2251) clear_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2252)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2253) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2254) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2255)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2256) bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2257) enum smp_key_pref key_pref)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2258) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2259) if (sec_level == BT_SECURITY_LOW)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2260) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2261)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2262) /* If we're encrypted with an STK but the caller prefers using
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2263) * LTK claim insufficient security. This way we allow the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2264) * connection to be re-encrypted with an LTK, even if the LTK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2265) * provides the same level of security. Only exception is if we
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2266) * don't have an LTK (e.g. because of key distribution bits).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2267) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2268) if (key_pref == SMP_USE_LTK &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2269) test_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2270) hci_find_ltk(hcon->hdev, &hcon->dst, hcon->dst_type, hcon->role))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2271) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2272)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2273) if (hcon->sec_level >= sec_level)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2274) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2275)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2276) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2277) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2278)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2279) static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2280) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2281) struct smp_cmd_security_req *rp = (void *) skb->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2282) struct smp_cmd_pairing cp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2283) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2284) struct hci_dev *hdev = hcon->hdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2285) struct smp_chan *smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2286) u8 sec_level, auth;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2287)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2288) BT_DBG("conn %p", conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2289)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2290) if (skb->len < sizeof(*rp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2291) return SMP_INVALID_PARAMS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2292)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2293) if (hcon->role != HCI_ROLE_MASTER)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2294) return SMP_CMD_NOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2295)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2296) auth = rp->auth_req & AUTH_REQ_MASK(hdev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2297)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2298) if (hci_dev_test_flag(hdev, HCI_SC_ONLY) && !(auth & SMP_AUTH_SC))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2299) return SMP_AUTH_REQUIREMENTS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2300)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2301) if (hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2302) sec_level = BT_SECURITY_MEDIUM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2303) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2304) sec_level = authreq_to_seclevel(auth);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2305)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2306) if (smp_sufficient_security(hcon, sec_level, SMP_USE_LTK)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2307) /* If link is already encrypted with sufficient security we
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2308) * still need refresh encryption as per Core Spec 5.0 Vol 3,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2309) * Part H 2.4.6
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2310) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2311) smp_ltk_encrypt(conn, hcon->sec_level);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2312) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2313) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2314)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2315) if (sec_level > hcon->pending_sec_level)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2316) hcon->pending_sec_level = sec_level;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2317)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2318) if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2319) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2320)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2321) smp = smp_chan_create(conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2322) if (!smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2323) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2324)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2325) if (!hci_dev_test_flag(hdev, HCI_BONDABLE) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2326) (auth & SMP_AUTH_BONDING))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2327) return SMP_PAIRING_NOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2328)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2329) skb_pull(skb, sizeof(*rp));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2330)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2331) memset(&cp, 0, sizeof(cp));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2332) build_pairing_cmd(conn, &cp, NULL, auth);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2333)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2334) smp->preq[0] = SMP_CMD_PAIRING_REQ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2335) memcpy(&smp->preq[1], &cp, sizeof(cp));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2336)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2337) smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2338) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2339)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2340) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2341) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2342)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2343) int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2344) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2345) struct l2cap_conn *conn = hcon->l2cap_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2346) struct l2cap_chan *chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2347) struct smp_chan *smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2348) __u8 authreq;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2349) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2350)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2351) BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2352)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2353) /* This may be NULL if there's an unexpected disconnection */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2354) if (!conn)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2355) return 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2356)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2357) if (!hci_dev_test_flag(hcon->hdev, HCI_LE_ENABLED))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2358) return 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2359)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2360) if (smp_sufficient_security(hcon, sec_level, SMP_USE_LTK))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2361) return 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2362)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2363) if (sec_level > hcon->pending_sec_level)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2364) hcon->pending_sec_level = sec_level;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2365)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2366) if (hcon->role == HCI_ROLE_MASTER)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2367) if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2368) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2369)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2370) chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2371) if (!chan) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2372) bt_dev_err(hcon->hdev, "security requested but not available");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2373) return 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2374) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2375)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2376) l2cap_chan_lock(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2377)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2378) /* If SMP is already in progress ignore this request */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2379) if (chan->data) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2380) ret = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2381) goto unlock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2382) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2383)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2384) smp = smp_chan_create(conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2385) if (!smp) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2386) ret = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2387) goto unlock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2388) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2389)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2390) authreq = seclevel_to_authreq(sec_level);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2391)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2392) if (hci_dev_test_flag(hcon->hdev, HCI_SC_ENABLED)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2393) authreq |= SMP_AUTH_SC;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2394) if (hci_dev_test_flag(hcon->hdev, HCI_SSP_ENABLED))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2395) authreq |= SMP_AUTH_CT2;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2396) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2397)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2398) /* Don't attempt to set MITM if setting is overridden by debugfs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2399) * Needed to pass certification test SM/MAS/PKE/BV-01-C
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2400) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2401) if (!hci_dev_test_flag(hcon->hdev, HCI_FORCE_NO_MITM)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2402) /* Require MITM if IO Capability allows or the security level
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2403) * requires it.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2404) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2405) if (hcon->io_capability != HCI_IO_NO_INPUT_OUTPUT ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2406) hcon->pending_sec_level > BT_SECURITY_MEDIUM)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2407) authreq |= SMP_AUTH_MITM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2408) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2409)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2410) if (hcon->role == HCI_ROLE_MASTER) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2411) struct smp_cmd_pairing cp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2412)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2413) build_pairing_cmd(conn, &cp, NULL, authreq);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2414) smp->preq[0] = SMP_CMD_PAIRING_REQ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2415) memcpy(&smp->preq[1], &cp, sizeof(cp));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2416)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2417) smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2418) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2419) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2420) struct smp_cmd_security_req cp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2421) cp.auth_req = authreq;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2422) smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2423) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_REQ);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2424) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2425)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2426) set_bit(SMP_FLAG_INITIATOR, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2427) ret = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2428)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2429) unlock:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2430) l2cap_chan_unlock(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2431) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2432) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2433)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2434) int smp_cancel_and_remove_pairing(struct hci_dev *hdev, bdaddr_t *bdaddr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2435) u8 addr_type)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2436) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2437) struct hci_conn *hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2438) struct l2cap_conn *conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2439) struct l2cap_chan *chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2440) struct smp_chan *smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2441) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2442)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2443) err = hci_remove_ltk(hdev, bdaddr, addr_type);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2444) hci_remove_irk(hdev, bdaddr, addr_type);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2445)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2446) hcon = hci_conn_hash_lookup_le(hdev, bdaddr, addr_type);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2447) if (!hcon)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2448) goto done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2449)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2450) conn = hcon->l2cap_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2451) if (!conn)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2452) goto done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2453)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2454) chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2455) if (!chan)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2456) goto done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2457)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2458) l2cap_chan_lock(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2459)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2460) smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2461) if (smp) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2462) /* Set keys to NULL to make sure smp_failure() does not try to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2463) * remove and free already invalidated rcu list entries. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2464) smp->ltk = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2465) smp->slave_ltk = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2466) smp->remote_irk = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2467)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2468) if (test_bit(SMP_FLAG_COMPLETE, &smp->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2469) smp_failure(conn, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2470) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2471) smp_failure(conn, SMP_UNSPECIFIED);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2472) err = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2473) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2474)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2475) l2cap_chan_unlock(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2476)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2477) done:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2478) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2479) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2480)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2481) static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2482) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2483) struct smp_cmd_encrypt_info *rp = (void *) skb->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2484) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2485) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2486)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2487) BT_DBG("conn %p", conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2488)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2489) if (skb->len < sizeof(*rp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2490) return SMP_INVALID_PARAMS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2491)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2492) /* Pairing is aborted if any blocked keys are distributed */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2493) if (hci_is_blocked_key(conn->hcon->hdev, HCI_BLOCKED_KEY_TYPE_LTK,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2494) rp->ltk)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2495) bt_dev_warn_ratelimited(conn->hcon->hdev,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2496) "LTK blocked for %pMR",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2497) &conn->hcon->dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2498) return SMP_INVALID_PARAMS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2499) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2500)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2501) SMP_ALLOW_CMD(smp, SMP_CMD_MASTER_IDENT);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2502)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2503) skb_pull(skb, sizeof(*rp));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2504)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2505) memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2506)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2507) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2508) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2509)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2510) static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2511) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2512) struct smp_cmd_master_ident *rp = (void *) skb->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2513) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2514) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2515) struct hci_dev *hdev = conn->hcon->hdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2516) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2517) struct smp_ltk *ltk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2518) u8 authenticated;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2519)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2520) BT_DBG("conn %p", conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2521)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2522) if (skb->len < sizeof(*rp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2523) return SMP_INVALID_PARAMS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2524)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2525) /* Mark the information as received */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2526) smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2527)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2528) if (smp->remote_key_dist & SMP_DIST_ID_KEY)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2529) SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2530) else if (smp->remote_key_dist & SMP_DIST_SIGN)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2531) SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2532)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2533) skb_pull(skb, sizeof(*rp));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2534)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2535) authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2536) ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, SMP_LTK,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2537) authenticated, smp->tk, smp->enc_key_size,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2538) rp->ediv, rp->rand);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2539) smp->ltk = ltk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2540) if (!(smp->remote_key_dist & KEY_DIST_MASK))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2541) smp_distribute_keys(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2542)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2543) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2544) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2545)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2546) static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2547) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2548) struct smp_cmd_ident_info *info = (void *) skb->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2549) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2550) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2551)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2552) BT_DBG("");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2553)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2554) if (skb->len < sizeof(*info))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2555) return SMP_INVALID_PARAMS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2556)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2557) /* Pairing is aborted if any blocked keys are distributed */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2558) if (hci_is_blocked_key(conn->hcon->hdev, HCI_BLOCKED_KEY_TYPE_IRK,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2559) info->irk)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2560) bt_dev_warn_ratelimited(conn->hcon->hdev,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2561) "Identity key blocked for %pMR",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2562) &conn->hcon->dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2563) return SMP_INVALID_PARAMS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2564) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2565)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2566) SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_ADDR_INFO);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2567)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2568) skb_pull(skb, sizeof(*info));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2569)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2570) memcpy(smp->irk, info->irk, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2571)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2572) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2573) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2574)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2575) static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2576) struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2577) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2578) struct smp_cmd_ident_addr_info *info = (void *) skb->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2579) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2580) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2581) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2582) bdaddr_t rpa;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2583)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2584) BT_DBG("");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2585)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2586) if (skb->len < sizeof(*info))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2587) return SMP_INVALID_PARAMS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2588)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2589) /* Mark the information as received */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2590) smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2591)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2592) if (smp->remote_key_dist & SMP_DIST_SIGN)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2593) SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2594)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2595) skb_pull(skb, sizeof(*info));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2596)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2597) /* Strictly speaking the Core Specification (4.1) allows sending
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2598) * an empty address which would force us to rely on just the IRK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2599) * as "identity information". However, since such
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2600) * implementations are not known of and in order to not over
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2601) * complicate our implementation, simply pretend that we never
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2602) * received an IRK for such a device.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2603) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2604) * The Identity Address must also be a Static Random or Public
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2605) * Address, which hci_is_identity_address() checks for.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2606) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2607) if (!bacmp(&info->bdaddr, BDADDR_ANY) ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2608) !hci_is_identity_address(&info->bdaddr, info->addr_type)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2609) bt_dev_err(hcon->hdev, "ignoring IRK with no identity address");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2610) goto distribute;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2611) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2612)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2613) /* Drop IRK if peer is using identity address during pairing but is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2614) * providing different address as identity information.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2615) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2616) * Microsoft Surface Precision Mouse is known to have this bug.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2617) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2618) if (hci_is_identity_address(&hcon->dst, hcon->dst_type) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2619) (bacmp(&info->bdaddr, &hcon->dst) ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2620) info->addr_type != hcon->dst_type)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2621) bt_dev_err(hcon->hdev,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2622) "ignoring IRK with invalid identity address");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2623) goto distribute;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2624) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2625)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2626) bacpy(&smp->id_addr, &info->bdaddr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2627) smp->id_addr_type = info->addr_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2628)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2629) if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2630) bacpy(&rpa, &hcon->dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2631) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2632) bacpy(&rpa, BDADDR_ANY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2633)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2634) smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2635) smp->id_addr_type, smp->irk, &rpa);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2636)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2637) distribute:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2638) if (!(smp->remote_key_dist & KEY_DIST_MASK))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2639) smp_distribute_keys(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2640)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2641) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2642) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2643)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2644) static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2645) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2646) struct smp_cmd_sign_info *rp = (void *) skb->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2647) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2648) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2649) struct smp_csrk *csrk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2650)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2651) BT_DBG("conn %p", conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2652)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2653) if (skb->len < sizeof(*rp))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2654) return SMP_INVALID_PARAMS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2655)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2656) /* Mark the information as received */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2657) smp->remote_key_dist &= ~SMP_DIST_SIGN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2658)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2659) skb_pull(skb, sizeof(*rp));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2660)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2661) csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2662) if (csrk) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2663) if (conn->hcon->sec_level > BT_SECURITY_MEDIUM)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2664) csrk->type = MGMT_CSRK_REMOTE_AUTHENTICATED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2665) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2666) csrk->type = MGMT_CSRK_REMOTE_UNAUTHENTICATED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2667) memcpy(csrk->val, rp->csrk, sizeof(csrk->val));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2668) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2669) smp->csrk = csrk;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2670) smp_distribute_keys(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2671)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2672) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2673) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2674)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2675) static u8 sc_select_method(struct smp_chan *smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2676) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2677) struct l2cap_conn *conn = smp->conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2678) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2679) struct smp_cmd_pairing *local, *remote;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2680) u8 local_mitm, remote_mitm, local_io, remote_io, method;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2681)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2682) if (test_bit(SMP_FLAG_REMOTE_OOB, &smp->flags) ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2683) test_bit(SMP_FLAG_LOCAL_OOB, &smp->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2684) return REQ_OOB;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2685)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2686) /* The preq/prsp contain the raw Pairing Request/Response PDUs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2687) * which are needed as inputs to some crypto functions. To get
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2688) * the "struct smp_cmd_pairing" from them we need to skip the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2689) * first byte which contains the opcode.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2690) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2691) if (hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2692) local = (void *) &smp->preq[1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2693) remote = (void *) &smp->prsp[1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2694) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2695) local = (void *) &smp->prsp[1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2696) remote = (void *) &smp->preq[1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2697) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2698)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2699) local_io = local->io_capability;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2700) remote_io = remote->io_capability;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2701)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2702) local_mitm = (local->auth_req & SMP_AUTH_MITM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2703) remote_mitm = (remote->auth_req & SMP_AUTH_MITM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2704)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2705) /* If either side wants MITM, look up the method from the table,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2706) * otherwise use JUST WORKS.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2707) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2708) if (local_mitm || remote_mitm)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2709) method = get_auth_method(smp, local_io, remote_io);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2710) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2711) method = JUST_WORKS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2712)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2713) /* Don't confirm locally initiated pairing attempts */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2714) if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2715) method = JUST_WORKS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2716)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2717) return method;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2718) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2719)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2720) static int smp_cmd_public_key(struct l2cap_conn *conn, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2721) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2722) struct smp_cmd_public_key *key = (void *) skb->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2723) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2724) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2725) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2726) struct hci_dev *hdev = hcon->hdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2727) struct crypto_kpp *tfm_ecdh;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2728) struct smp_cmd_pairing_confirm cfm;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2729) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2730)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2731) BT_DBG("conn %p", conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2732)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2733) if (skb->len < sizeof(*key))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2734) return SMP_INVALID_PARAMS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2735)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2736) /* Check if remote and local public keys are the same and debug key is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2737) * not in use.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2738) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2739) if (!test_bit(SMP_FLAG_DEBUG_KEY, &smp->flags) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2740) !crypto_memneq(key, smp->local_pk, 64)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2741) bt_dev_err(hdev, "Remote and local public keys are identical");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2742) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2743) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2744)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2745) memcpy(smp->remote_pk, key, 64);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2746)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2747) if (test_bit(SMP_FLAG_REMOTE_OOB, &smp->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2748) err = smp_f4(smp->tfm_cmac, smp->remote_pk, smp->remote_pk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2749) smp->rr, 0, cfm.confirm_val);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2750) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2751) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2752)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2753) if (crypto_memneq(cfm.confirm_val, smp->pcnf, 16))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2754) return SMP_CONFIRM_FAILED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2755) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2756)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2757) /* Non-initiating device sends its public key after receiving
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2758) * the key from the initiating device.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2759) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2760) if (!hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2761) err = sc_send_public_key(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2762) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2763) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2764) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2765)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2766) SMP_DBG("Remote Public Key X: %32phN", smp->remote_pk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2767) SMP_DBG("Remote Public Key Y: %32phN", smp->remote_pk + 32);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2768)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2769) /* Compute the shared secret on the same crypto tfm on which the private
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2770) * key was set/generated.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2771) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2772) if (test_bit(SMP_FLAG_LOCAL_OOB, &smp->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2773) struct l2cap_chan *hchan = hdev->smp_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2774) struct smp_dev *smp_dev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2775)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2776) if (!hchan || !hchan->data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2777) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2778)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2779) smp_dev = hchan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2780)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2781) tfm_ecdh = smp_dev->tfm_ecdh;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2782) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2783) tfm_ecdh = smp->tfm_ecdh;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2784) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2785)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2786) if (compute_ecdh_secret(tfm_ecdh, smp->remote_pk, smp->dhkey))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2787) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2788)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2789) SMP_DBG("DHKey %32phN", smp->dhkey);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2790)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2791) set_bit(SMP_FLAG_REMOTE_PK, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2792)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2793) smp->method = sc_select_method(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2794)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2795) BT_DBG("%s selected method 0x%02x", hdev->name, smp->method);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2796)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2797) /* JUST_WORKS and JUST_CFM result in an unauthenticated key */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2798) if (smp->method == JUST_WORKS || smp->method == JUST_CFM)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2799) hcon->pending_sec_level = BT_SECURITY_MEDIUM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2800) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2801) hcon->pending_sec_level = BT_SECURITY_FIPS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2802)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2803) if (!crypto_memneq(debug_pk, smp->remote_pk, 64))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2804) set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2805)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2806) if (smp->method == DSP_PASSKEY) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2807) get_random_bytes(&hcon->passkey_notify,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2808) sizeof(hcon->passkey_notify));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2809) hcon->passkey_notify %= 1000000;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2810) hcon->passkey_entered = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2811) smp->passkey_round = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2812) if (mgmt_user_passkey_notify(hdev, &hcon->dst, hcon->type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2813) hcon->dst_type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2814) hcon->passkey_notify,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2815) hcon->passkey_entered))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2816) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2817) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2818) return sc_passkey_round(smp, SMP_CMD_PUBLIC_KEY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2819) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2820)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2821) if (smp->method == REQ_OOB) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2822) if (hcon->out)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2823) smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2824) sizeof(smp->prnd), smp->prnd);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2825)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2826) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2827)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2828) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2829) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2830)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2831) if (hcon->out)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2832) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2833)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2834) if (smp->method == REQ_PASSKEY) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2835) if (mgmt_user_passkey_request(hdev, &hcon->dst, hcon->type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2836) hcon->dst_type))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2837) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2838) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2839) set_bit(SMP_FLAG_WAIT_USER, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2840) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2841) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2842)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2843) /* The Initiating device waits for the non-initiating device to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2844) * send the confirm value.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2845) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2846) if (conn->hcon->out)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2847) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2848)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2849) err = smp_f4(smp->tfm_cmac, smp->local_pk, smp->remote_pk, smp->prnd,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2850) 0, cfm.confirm_val);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2851) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2852) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2853)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2854) smp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cfm), &cfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2855) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2856)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2857) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2858) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2859)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2860) static int smp_cmd_dhkey_check(struct l2cap_conn *conn, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2861) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2862) struct smp_cmd_dhkey_check *check = (void *) skb->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2863) struct l2cap_chan *chan = conn->smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2864) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2865) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2866) u8 a[7], b[7], *local_addr, *remote_addr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2867) u8 io_cap[3], r[16], e[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2868) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2869)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2870) BT_DBG("conn %p", conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2871)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2872) if (skb->len < sizeof(*check))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2873) return SMP_INVALID_PARAMS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2874)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2875) memcpy(a, &hcon->init_addr, 6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2876) memcpy(b, &hcon->resp_addr, 6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2877) a[6] = hcon->init_addr_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2878) b[6] = hcon->resp_addr_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2879)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2880) if (hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2881) local_addr = a;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2882) remote_addr = b;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2883) memcpy(io_cap, &smp->prsp[1], 3);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2884) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2885) local_addr = b;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2886) remote_addr = a;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2887) memcpy(io_cap, &smp->preq[1], 3);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2888) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2889)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2890) memset(r, 0, sizeof(r));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2891)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2892) if (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2893) put_unaligned_le32(hcon->passkey_notify, r);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2894) else if (smp->method == REQ_OOB)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2895) memcpy(r, smp->lr, 16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2896)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2897) err = smp_f6(smp->tfm_cmac, smp->mackey, smp->rrnd, smp->prnd, r,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2898) io_cap, remote_addr, local_addr, e);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2899) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2900) return SMP_UNSPECIFIED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2901)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2902) if (crypto_memneq(check->e, e, 16))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2903) return SMP_DHKEY_CHECK_FAILED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2904)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2905) if (!hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2906) if (test_bit(SMP_FLAG_WAIT_USER, &smp->flags)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2907) set_bit(SMP_FLAG_DHKEY_PENDING, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2908) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2909) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2910)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2911) /* Slave sends DHKey check as response to master */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2912) sc_dhkey_check(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2913) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2914)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2915) sc_add_ltk(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2916)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2917) if (hcon->out) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2918) hci_le_start_enc(hcon, 0, 0, smp->tk, smp->enc_key_size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2919) hcon->enc_key_size = smp->enc_key_size;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2920) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2921)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2922) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2923) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2924)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2925) static int smp_cmd_keypress_notify(struct l2cap_conn *conn,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2926) struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2927) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2928) struct smp_cmd_keypress_notify *kp = (void *) skb->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2929)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2930) BT_DBG("value 0x%02x", kp->value);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2931)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2932) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2933) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2934)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2935) static int smp_sig_channel(struct l2cap_chan *chan, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2936) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2937) struct l2cap_conn *conn = chan->conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2938) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2939) struct smp_chan *smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2940) __u8 code, reason;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2941) int err = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2942)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2943) if (skb->len < 1)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2944) return -EILSEQ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2945)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2946) if (!hci_dev_test_flag(hcon->hdev, HCI_LE_ENABLED)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2947) reason = SMP_PAIRING_NOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2948) goto done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2949) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2950)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2951) code = skb->data[0];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2952) skb_pull(skb, sizeof(code));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2953)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2954) smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2955)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2956) if (code > SMP_CMD_MAX)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2957) goto drop;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2958)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2959) if (smp && !test_and_clear_bit(code, &smp->allow_cmd))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2960) goto drop;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2961)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2962) /* If we don't have a context the only allowed commands are
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2963) * pairing request and security request.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2964) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2965) if (!smp && code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2966) goto drop;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2967)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2968) switch (code) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2969) case SMP_CMD_PAIRING_REQ:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2970) reason = smp_cmd_pairing_req(conn, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2971) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2972)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2973) case SMP_CMD_PAIRING_FAIL:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2974) smp_failure(conn, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2975) err = -EPERM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2976) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2977)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2978) case SMP_CMD_PAIRING_RSP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2979) reason = smp_cmd_pairing_rsp(conn, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2980) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2981)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2982) case SMP_CMD_SECURITY_REQ:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2983) reason = smp_cmd_security_req(conn, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2984) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2985)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2986) case SMP_CMD_PAIRING_CONFIRM:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2987) reason = smp_cmd_pairing_confirm(conn, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2988) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2989)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2990) case SMP_CMD_PAIRING_RANDOM:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2991) reason = smp_cmd_pairing_random(conn, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2992) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2993)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2994) case SMP_CMD_ENCRYPT_INFO:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2995) reason = smp_cmd_encrypt_info(conn, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2996) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2997)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2998) case SMP_CMD_MASTER_IDENT:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2999) reason = smp_cmd_master_ident(conn, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3000) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3001)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3002) case SMP_CMD_IDENT_INFO:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3003) reason = smp_cmd_ident_info(conn, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3004) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3005)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3006) case SMP_CMD_IDENT_ADDR_INFO:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3007) reason = smp_cmd_ident_addr_info(conn, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3008) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3009)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3010) case SMP_CMD_SIGN_INFO:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3011) reason = smp_cmd_sign_info(conn, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3012) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3013)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3014) case SMP_CMD_PUBLIC_KEY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3015) reason = smp_cmd_public_key(conn, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3016) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3017)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3018) case SMP_CMD_DHKEY_CHECK:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3019) reason = smp_cmd_dhkey_check(conn, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3020) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3021)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3022) case SMP_CMD_KEYPRESS_NOTIFY:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3023) reason = smp_cmd_keypress_notify(conn, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3024) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3025)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3026) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3027) BT_DBG("Unknown command code 0x%2.2x", code);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3028) reason = SMP_CMD_NOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3029) goto done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3030) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3031)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3032) done:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3033) if (!err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3034) if (reason)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3035) smp_failure(conn, reason);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3036) kfree_skb(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3037) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3038)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3039) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3040)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3041) drop:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3042) bt_dev_err(hcon->hdev, "unexpected SMP command 0x%02x from %pMR",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3043) code, &hcon->dst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3044) kfree_skb(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3045) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3046) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3047)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3048) static void smp_teardown_cb(struct l2cap_chan *chan, int err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3049) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3050) struct l2cap_conn *conn = chan->conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3051)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3052) BT_DBG("chan %p", chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3053)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3054) if (chan->data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3055) smp_chan_destroy(conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3056)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3057) conn->smp = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3058) l2cap_chan_put(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3059) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3060)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3061) static void bredr_pairing(struct l2cap_chan *chan)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3062) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3063) struct l2cap_conn *conn = chan->conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3064) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3065) struct hci_dev *hdev = hcon->hdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3066) struct smp_cmd_pairing req;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3067) struct smp_chan *smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3068)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3069) BT_DBG("chan %p", chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3070)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3071) /* Only new pairings are interesting */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3072) if (!test_bit(HCI_CONN_NEW_LINK_KEY, &hcon->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3073) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3074)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3075) /* Don't bother if we're not encrypted */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3076) if (!test_bit(HCI_CONN_ENCRYPT, &hcon->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3077) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3078)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3079) /* Only master may initiate SMP over BR/EDR */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3080) if (hcon->role != HCI_ROLE_MASTER)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3081) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3082)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3083) /* Secure Connections support must be enabled */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3084) if (!hci_dev_test_flag(hdev, HCI_SC_ENABLED))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3085) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3086)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3087) /* BR/EDR must use Secure Connections for SMP */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3088) if (!test_bit(HCI_CONN_AES_CCM, &hcon->flags) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3089) !hci_dev_test_flag(hdev, HCI_FORCE_BREDR_SMP))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3090) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3091)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3092) /* If our LE support is not enabled don't do anything */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3093) if (!hci_dev_test_flag(hdev, HCI_LE_ENABLED))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3094) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3095)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3096) /* Don't bother if remote LE support is not enabled */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3097) if (!lmp_host_le_capable(hcon))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3098) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3099)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3100) /* Remote must support SMP fixed chan for BR/EDR */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3101) if (!(conn->remote_fixed_chan & L2CAP_FC_SMP_BREDR))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3102) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3103)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3104) /* Don't bother if SMP is already ongoing */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3105) if (chan->data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3106) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3107)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3108) smp = smp_chan_create(conn);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3109) if (!smp) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3110) bt_dev_err(hdev, "unable to create SMP context for BR/EDR");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3111) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3112) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3113)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3114) set_bit(SMP_FLAG_SC, &smp->flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3115)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3116) BT_DBG("%s starting SMP over BR/EDR", hdev->name);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3117)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3118) /* Prepare and send the BR/EDR SMP Pairing Request */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3119) build_bredr_pairing_cmd(smp, &req, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3120)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3121) smp->preq[0] = SMP_CMD_PAIRING_REQ;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3122) memcpy(&smp->preq[1], &req, sizeof(req));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3123)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3124) smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(req), &req);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3125) SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3126) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3127)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3128) static void smp_resume_cb(struct l2cap_chan *chan)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3129) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3130) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3131) struct l2cap_conn *conn = chan->conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3132) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3133)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3134) BT_DBG("chan %p", chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3135)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3136) if (hcon->type == ACL_LINK) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3137) bredr_pairing(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3138) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3139) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3140)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3141) if (!smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3142) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3143)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3144) if (!test_bit(HCI_CONN_ENCRYPT, &hcon->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3145) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3146)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3147) cancel_delayed_work(&smp->security_timer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3148)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3149) smp_distribute_keys(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3150) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3151)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3152) static void smp_ready_cb(struct l2cap_chan *chan)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3153) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3154) struct l2cap_conn *conn = chan->conn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3155) struct hci_conn *hcon = conn->hcon;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3156)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3157) BT_DBG("chan %p", chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3158)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3159) /* No need to call l2cap_chan_hold() here since we already own
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3160) * the reference taken in smp_new_conn_cb(). This is just the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3161) * first time that we tie it to a specific pointer. The code in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3162) * l2cap_core.c ensures that there's no risk this function wont
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3163) * get called if smp_new_conn_cb was previously called.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3164) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3165) conn->smp = chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3166)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3167) if (hcon->type == ACL_LINK && test_bit(HCI_CONN_ENCRYPT, &hcon->flags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3168) bredr_pairing(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3169) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3170)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3171) static int smp_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3172) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3173) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3174)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3175) BT_DBG("chan %p", chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3176)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3177) err = smp_sig_channel(chan, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3178) if (err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3179) struct smp_chan *smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3180)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3181) if (smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3182) cancel_delayed_work_sync(&smp->security_timer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3183)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3184) hci_disconnect(chan->conn->hcon, HCI_ERROR_AUTH_FAILURE);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3185) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3186)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3187) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3188) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3189)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3190) static struct sk_buff *smp_alloc_skb_cb(struct l2cap_chan *chan,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3191) unsigned long hdr_len,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3192) unsigned long len, int nb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3193) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3194) struct sk_buff *skb;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3195)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3196) skb = bt_skb_alloc(hdr_len + len, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3197) if (!skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3198) return ERR_PTR(-ENOMEM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3199)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3200) skb->priority = HCI_PRIO_MAX;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3201) bt_cb(skb)->l2cap.chan = chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3202)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3203) return skb;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3204) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3205)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3206) static const struct l2cap_ops smp_chan_ops = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3207) .name = "Security Manager",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3208) .ready = smp_ready_cb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3209) .recv = smp_recv_cb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3210) .alloc_skb = smp_alloc_skb_cb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3211) .teardown = smp_teardown_cb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3212) .resume = smp_resume_cb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3213)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3214) .new_connection = l2cap_chan_no_new_connection,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3215) .state_change = l2cap_chan_no_state_change,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3216) .close = l2cap_chan_no_close,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3217) .defer = l2cap_chan_no_defer,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3218) .suspend = l2cap_chan_no_suspend,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3219) .set_shutdown = l2cap_chan_no_set_shutdown,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3220) .get_sndtimeo = l2cap_chan_no_get_sndtimeo,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3221) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3222)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3223) static inline struct l2cap_chan *smp_new_conn_cb(struct l2cap_chan *pchan)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3224) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3225) struct l2cap_chan *chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3226)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3227) BT_DBG("pchan %p", pchan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3228)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3229) chan = l2cap_chan_create();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3230) if (!chan)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3231) return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3232)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3233) chan->chan_type = pchan->chan_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3234) chan->ops = &smp_chan_ops;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3235) chan->scid = pchan->scid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3236) chan->dcid = chan->scid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3237) chan->imtu = pchan->imtu;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3238) chan->omtu = pchan->omtu;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3239) chan->mode = pchan->mode;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3240)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3241) /* Other L2CAP channels may request SMP routines in order to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3242) * change the security level. This means that the SMP channel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3243) * lock must be considered in its own category to avoid lockdep
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3244) * warnings.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3245) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3246) atomic_set(&chan->nesting, L2CAP_NESTING_SMP);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3247)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3248) BT_DBG("created chan %p", chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3249)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3250) return chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3251) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3252)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3253) static const struct l2cap_ops smp_root_chan_ops = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3254) .name = "Security Manager Root",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3255) .new_connection = smp_new_conn_cb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3256)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3257) /* None of these are implemented for the root channel */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3258) .close = l2cap_chan_no_close,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3259) .alloc_skb = l2cap_chan_no_alloc_skb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3260) .recv = l2cap_chan_no_recv,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3261) .state_change = l2cap_chan_no_state_change,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3262) .teardown = l2cap_chan_no_teardown,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3263) .ready = l2cap_chan_no_ready,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3264) .defer = l2cap_chan_no_defer,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3265) .suspend = l2cap_chan_no_suspend,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3266) .resume = l2cap_chan_no_resume,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3267) .set_shutdown = l2cap_chan_no_set_shutdown,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3268) .get_sndtimeo = l2cap_chan_no_get_sndtimeo,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3269) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3270)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3271) static struct l2cap_chan *smp_add_cid(struct hci_dev *hdev, u16 cid)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3272) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3273) struct l2cap_chan *chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3274) struct smp_dev *smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3275) struct crypto_shash *tfm_cmac;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3276) struct crypto_kpp *tfm_ecdh;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3277)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3278) if (cid == L2CAP_CID_SMP_BREDR) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3279) smp = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3280) goto create_chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3281) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3282)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3283) smp = kzalloc(sizeof(*smp), GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3284) if (!smp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3285) return ERR_PTR(-ENOMEM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3286)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3287) tfm_cmac = crypto_alloc_shash("cmac(aes)", 0, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3288) if (IS_ERR(tfm_cmac)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3289) BT_ERR("Unable to create CMAC crypto context");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3290) kfree_sensitive(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3291) return ERR_CAST(tfm_cmac);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3292) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3293)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3294) tfm_ecdh = crypto_alloc_kpp("ecdh", 0, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3295) if (IS_ERR(tfm_ecdh)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3296) BT_ERR("Unable to create ECDH crypto context");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3297) crypto_free_shash(tfm_cmac);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3298) kfree_sensitive(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3299) return ERR_CAST(tfm_ecdh);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3300) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3301)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3302) smp->local_oob = false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3303) smp->tfm_cmac = tfm_cmac;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3304) smp->tfm_ecdh = tfm_ecdh;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3305)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3306) create_chan:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3307) chan = l2cap_chan_create();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3308) if (!chan) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3309) if (smp) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3310) crypto_free_shash(smp->tfm_cmac);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3311) crypto_free_kpp(smp->tfm_ecdh);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3312) kfree_sensitive(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3313) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3314) return ERR_PTR(-ENOMEM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3315) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3316)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3317) chan->data = smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3318)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3319) l2cap_add_scid(chan, cid);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3320)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3321) l2cap_chan_set_defaults(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3322)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3323) if (cid == L2CAP_CID_SMP) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3324) u8 bdaddr_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3325)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3326) hci_copy_identity_address(hdev, &chan->src, &bdaddr_type);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3327)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3328) if (bdaddr_type == ADDR_LE_DEV_PUBLIC)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3329) chan->src_type = BDADDR_LE_PUBLIC;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3330) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3331) chan->src_type = BDADDR_LE_RANDOM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3332) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3333) bacpy(&chan->src, &hdev->bdaddr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3334) chan->src_type = BDADDR_BREDR;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3335) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3336)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3337) chan->state = BT_LISTEN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3338) chan->mode = L2CAP_MODE_BASIC;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3339) chan->imtu = L2CAP_DEFAULT_MTU;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3340) chan->ops = &smp_root_chan_ops;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3341)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3342) /* Set correct nesting level for a parent/listening channel */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3343) atomic_set(&chan->nesting, L2CAP_NESTING_PARENT);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3344)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3345) return chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3346) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3347)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3348) static void smp_del_chan(struct l2cap_chan *chan)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3349) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3350) struct smp_dev *smp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3351)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3352) BT_DBG("chan %p", chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3353)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3354) smp = chan->data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3355) if (smp) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3356) chan->data = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3357) crypto_free_shash(smp->tfm_cmac);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3358) crypto_free_kpp(smp->tfm_ecdh);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3359) kfree_sensitive(smp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3360) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3361)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3362) l2cap_chan_put(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3363) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3364)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3365) static ssize_t force_bredr_smp_read(struct file *file,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3366) char __user *user_buf,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3367) size_t count, loff_t *ppos)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3368) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3369) struct hci_dev *hdev = file->private_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3370) char buf[3];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3371)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3372) buf[0] = hci_dev_test_flag(hdev, HCI_FORCE_BREDR_SMP) ? 'Y': 'N';
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3373) buf[1] = '\n';
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3374) buf[2] = '\0';
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3375) return simple_read_from_buffer(user_buf, count, ppos, buf, 2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3376) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3377)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3378) static ssize_t force_bredr_smp_write(struct file *file,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3379) const char __user *user_buf,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3380) size_t count, loff_t *ppos)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3381) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3382) struct hci_dev *hdev = file->private_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3383) bool enable;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3384) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3385)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3386) err = kstrtobool_from_user(user_buf, count, &enable);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3387) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3388) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3389)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3390) if (enable == hci_dev_test_flag(hdev, HCI_FORCE_BREDR_SMP))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3391) return -EALREADY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3392)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3393) if (enable) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3394) struct l2cap_chan *chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3395)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3396) chan = smp_add_cid(hdev, L2CAP_CID_SMP_BREDR);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3397) if (IS_ERR(chan))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3398) return PTR_ERR(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3399)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3400) hdev->smp_bredr_data = chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3401) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3402) struct l2cap_chan *chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3403)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3404) chan = hdev->smp_bredr_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3405) hdev->smp_bredr_data = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3406) smp_del_chan(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3407) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3408)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3409) hci_dev_change_flag(hdev, HCI_FORCE_BREDR_SMP);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3410)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3411) return count;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3412) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3413)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3414) static const struct file_operations force_bredr_smp_fops = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3415) .open = simple_open,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3416) .read = force_bredr_smp_read,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3417) .write = force_bredr_smp_write,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3418) .llseek = default_llseek,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3419) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3420)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3421) int smp_register(struct hci_dev *hdev)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3422) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3423) struct l2cap_chan *chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3424)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3425) BT_DBG("%s", hdev->name);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3426)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3427) /* If the controller does not support Low Energy operation, then
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3428) * there is also no need to register any SMP channel.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3429) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3430) if (!lmp_le_capable(hdev))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3431) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3432)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3433) if (WARN_ON(hdev->smp_data)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3434) chan = hdev->smp_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3435) hdev->smp_data = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3436) smp_del_chan(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3437) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3438)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3439) chan = smp_add_cid(hdev, L2CAP_CID_SMP);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3440) if (IS_ERR(chan))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3441) return PTR_ERR(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3442)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3443) hdev->smp_data = chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3444)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3445) /* If the controller does not support BR/EDR Secure Connections
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3446) * feature, then the BR/EDR SMP channel shall not be present.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3447) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3448) * To test this with Bluetooth 4.0 controllers, create a debugfs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3449) * switch that allows forcing BR/EDR SMP support and accepting
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3450) * cross-transport pairing on non-AES encrypted connections.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3451) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3452) if (!lmp_sc_capable(hdev)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3453) debugfs_create_file("force_bredr_smp", 0644, hdev->debugfs,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3454) hdev, &force_bredr_smp_fops);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3455)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3456) /* Flag can be already set here (due to power toggle) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3457) if (!hci_dev_test_flag(hdev, HCI_FORCE_BREDR_SMP))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3458) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3459) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3460)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3461) if (WARN_ON(hdev->smp_bredr_data)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3462) chan = hdev->smp_bredr_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3463) hdev->smp_bredr_data = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3464) smp_del_chan(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3465) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3466)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3467) chan = smp_add_cid(hdev, L2CAP_CID_SMP_BREDR);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3468) if (IS_ERR(chan)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3469) int err = PTR_ERR(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3470) chan = hdev->smp_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3471) hdev->smp_data = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3472) smp_del_chan(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3473) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3474) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3475)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3476) hdev->smp_bredr_data = chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3477)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3478) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3479) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3480)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3481) void smp_unregister(struct hci_dev *hdev)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3482) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3483) struct l2cap_chan *chan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3484)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3485) if (hdev->smp_bredr_data) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3486) chan = hdev->smp_bredr_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3487) hdev->smp_bredr_data = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3488) smp_del_chan(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3489) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3490)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3491) if (hdev->smp_data) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3492) chan = hdev->smp_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3493) hdev->smp_data = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3494) smp_del_chan(chan);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3495) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3496) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3497)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3498) #if IS_ENABLED(CONFIG_BT_SELFTEST_SMP)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3499)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3500) static int __init test_debug_key(struct crypto_kpp *tfm_ecdh)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3501) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3502) u8 pk[64];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3503) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3504)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3505) err = set_ecdh_privkey(tfm_ecdh, debug_sk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3506) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3507) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3508)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3509) err = generate_ecdh_public_key(tfm_ecdh, pk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3510) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3511) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3512)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3513) if (crypto_memneq(pk, debug_pk, 64))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3514) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3515)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3516) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3517) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3518)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3519) static int __init test_ah(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3520) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3521) const u8 irk[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3522) 0x9b, 0x7d, 0x39, 0x0a, 0xa6, 0x10, 0x10, 0x34,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3523) 0x05, 0xad, 0xc8, 0x57, 0xa3, 0x34, 0x02, 0xec };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3524) const u8 r[3] = { 0x94, 0x81, 0x70 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3525) const u8 exp[3] = { 0xaa, 0xfb, 0x0d };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3526) u8 res[3];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3527) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3528)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3529) err = smp_ah(irk, r, res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3530) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3531) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3532)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3533) if (crypto_memneq(res, exp, 3))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3534) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3535)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3536) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3537) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3538)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3539) static int __init test_c1(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3540) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3541) const u8 k[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3542) 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3543) 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3544) const u8 r[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3545) 0xe0, 0x2e, 0x70, 0xc6, 0x4e, 0x27, 0x88, 0x63,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3546) 0x0e, 0x6f, 0xad, 0x56, 0x21, 0xd5, 0x83, 0x57 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3547) const u8 preq[7] = { 0x01, 0x01, 0x00, 0x00, 0x10, 0x07, 0x07 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3548) const u8 pres[7] = { 0x02, 0x03, 0x00, 0x00, 0x08, 0x00, 0x05 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3549) const u8 _iat = 0x01;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3550) const u8 _rat = 0x00;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3551) const bdaddr_t ra = { { 0xb6, 0xb5, 0xb4, 0xb3, 0xb2, 0xb1 } };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3552) const bdaddr_t ia = { { 0xa6, 0xa5, 0xa4, 0xa3, 0xa2, 0xa1 } };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3553) const u8 exp[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3554) 0x86, 0x3b, 0xf1, 0xbe, 0xc5, 0x4d, 0xa7, 0xd2,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3555) 0xea, 0x88, 0x89, 0x87, 0xef, 0x3f, 0x1e, 0x1e };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3556) u8 res[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3557) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3558)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3559) err = smp_c1(k, r, preq, pres, _iat, &ia, _rat, &ra, res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3560) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3561) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3562)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3563) if (crypto_memneq(res, exp, 16))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3564) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3565)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3566) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3567) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3568)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3569) static int __init test_s1(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3570) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3571) const u8 k[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3572) 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3573) 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3574) const u8 r1[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3575) 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3576) const u8 r2[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3577) 0x00, 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3578) const u8 exp[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3579) 0x62, 0xa0, 0x6d, 0x79, 0xae, 0x16, 0x42, 0x5b,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3580) 0x9b, 0xf4, 0xb0, 0xe8, 0xf0, 0xe1, 0x1f, 0x9a };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3581) u8 res[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3582) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3583)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3584) err = smp_s1(k, r1, r2, res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3585) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3586) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3587)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3588) if (crypto_memneq(res, exp, 16))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3589) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3590)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3591) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3592) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3593)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3594) static int __init test_f4(struct crypto_shash *tfm_cmac)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3595) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3596) const u8 u[32] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3597) 0xe6, 0x9d, 0x35, 0x0e, 0x48, 0x01, 0x03, 0xcc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3598) 0xdb, 0xfd, 0xf4, 0xac, 0x11, 0x91, 0xf4, 0xef,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3599) 0xb9, 0xa5, 0xf9, 0xe9, 0xa7, 0x83, 0x2c, 0x5e,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3600) 0x2c, 0xbe, 0x97, 0xf2, 0xd2, 0x03, 0xb0, 0x20 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3601) const u8 v[32] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3602) 0xfd, 0xc5, 0x7f, 0xf4, 0x49, 0xdd, 0x4f, 0x6b,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3603) 0xfb, 0x7c, 0x9d, 0xf1, 0xc2, 0x9a, 0xcb, 0x59,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3604) 0x2a, 0xe7, 0xd4, 0xee, 0xfb, 0xfc, 0x0a, 0x90,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3605) 0x9a, 0xbb, 0xf6, 0x32, 0x3d, 0x8b, 0x18, 0x55 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3606) const u8 x[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3607) 0xab, 0xae, 0x2b, 0x71, 0xec, 0xb2, 0xff, 0xff,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3608) 0x3e, 0x73, 0x77, 0xd1, 0x54, 0x84, 0xcb, 0xd5 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3609) const u8 z = 0x00;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3610) const u8 exp[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3611) 0x2d, 0x87, 0x74, 0xa9, 0xbe, 0xa1, 0xed, 0xf1,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3612) 0x1c, 0xbd, 0xa9, 0x07, 0xf1, 0x16, 0xc9, 0xf2 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3613) u8 res[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3614) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3615)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3616) err = smp_f4(tfm_cmac, u, v, x, z, res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3617) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3618) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3619)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3620) if (crypto_memneq(res, exp, 16))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3621) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3622)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3623) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3624) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3625)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3626) static int __init test_f5(struct crypto_shash *tfm_cmac)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3627) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3628) const u8 w[32] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3629) 0x98, 0xa6, 0xbf, 0x73, 0xf3, 0x34, 0x8d, 0x86,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3630) 0xf1, 0x66, 0xf8, 0xb4, 0x13, 0x6b, 0x79, 0x99,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3631) 0x9b, 0x7d, 0x39, 0x0a, 0xa6, 0x10, 0x10, 0x34,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3632) 0x05, 0xad, 0xc8, 0x57, 0xa3, 0x34, 0x02, 0xec };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3633) const u8 n1[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3634) 0xab, 0xae, 0x2b, 0x71, 0xec, 0xb2, 0xff, 0xff,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3635) 0x3e, 0x73, 0x77, 0xd1, 0x54, 0x84, 0xcb, 0xd5 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3636) const u8 n2[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3637) 0xcf, 0xc4, 0x3d, 0xff, 0xf7, 0x83, 0x65, 0x21,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3638) 0x6e, 0x5f, 0xa7, 0x25, 0xcc, 0xe7, 0xe8, 0xa6 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3639) const u8 a1[7] = { 0xce, 0xbf, 0x37, 0x37, 0x12, 0x56, 0x00 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3640) const u8 a2[7] = { 0xc1, 0xcf, 0x2d, 0x70, 0x13, 0xa7, 0x00 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3641) const u8 exp_ltk[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3642) 0x38, 0x0a, 0x75, 0x94, 0xb5, 0x22, 0x05, 0x98,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3643) 0x23, 0xcd, 0xd7, 0x69, 0x11, 0x79, 0x86, 0x69 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3644) const u8 exp_mackey[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3645) 0x20, 0x6e, 0x63, 0xce, 0x20, 0x6a, 0x3f, 0xfd,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3646) 0x02, 0x4a, 0x08, 0xa1, 0x76, 0xf1, 0x65, 0x29 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3647) u8 mackey[16], ltk[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3648) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3649)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3650) err = smp_f5(tfm_cmac, w, n1, n2, a1, a2, mackey, ltk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3651) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3652) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3653)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3654) if (crypto_memneq(mackey, exp_mackey, 16))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3655) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3656)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3657) if (crypto_memneq(ltk, exp_ltk, 16))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3658) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3659)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3660) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3661) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3662)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3663) static int __init test_f6(struct crypto_shash *tfm_cmac)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3664) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3665) const u8 w[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3666) 0x20, 0x6e, 0x63, 0xce, 0x20, 0x6a, 0x3f, 0xfd,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3667) 0x02, 0x4a, 0x08, 0xa1, 0x76, 0xf1, 0x65, 0x29 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3668) const u8 n1[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3669) 0xab, 0xae, 0x2b, 0x71, 0xec, 0xb2, 0xff, 0xff,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3670) 0x3e, 0x73, 0x77, 0xd1, 0x54, 0x84, 0xcb, 0xd5 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3671) const u8 n2[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3672) 0xcf, 0xc4, 0x3d, 0xff, 0xf7, 0x83, 0x65, 0x21,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3673) 0x6e, 0x5f, 0xa7, 0x25, 0xcc, 0xe7, 0xe8, 0xa6 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3674) const u8 r[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3675) 0xc8, 0x0f, 0x2d, 0x0c, 0xd2, 0x42, 0xda, 0x08,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3676) 0x54, 0xbb, 0x53, 0xb4, 0x3b, 0x34, 0xa3, 0x12 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3677) const u8 io_cap[3] = { 0x02, 0x01, 0x01 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3678) const u8 a1[7] = { 0xce, 0xbf, 0x37, 0x37, 0x12, 0x56, 0x00 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3679) const u8 a2[7] = { 0xc1, 0xcf, 0x2d, 0x70, 0x13, 0xa7, 0x00 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3680) const u8 exp[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3681) 0x61, 0x8f, 0x95, 0xda, 0x09, 0x0b, 0x6c, 0xd2,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3682) 0xc5, 0xe8, 0xd0, 0x9c, 0x98, 0x73, 0xc4, 0xe3 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3683) u8 res[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3684) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3685)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3686) err = smp_f6(tfm_cmac, w, n1, n2, r, io_cap, a1, a2, res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3687) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3688) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3689)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3690) if (crypto_memneq(res, exp, 16))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3691) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3692)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3693) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3694) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3695)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3696) static int __init test_g2(struct crypto_shash *tfm_cmac)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3697) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3698) const u8 u[32] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3699) 0xe6, 0x9d, 0x35, 0x0e, 0x48, 0x01, 0x03, 0xcc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3700) 0xdb, 0xfd, 0xf4, 0xac, 0x11, 0x91, 0xf4, 0xef,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3701) 0xb9, 0xa5, 0xf9, 0xe9, 0xa7, 0x83, 0x2c, 0x5e,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3702) 0x2c, 0xbe, 0x97, 0xf2, 0xd2, 0x03, 0xb0, 0x20 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3703) const u8 v[32] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3704) 0xfd, 0xc5, 0x7f, 0xf4, 0x49, 0xdd, 0x4f, 0x6b,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3705) 0xfb, 0x7c, 0x9d, 0xf1, 0xc2, 0x9a, 0xcb, 0x59,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3706) 0x2a, 0xe7, 0xd4, 0xee, 0xfb, 0xfc, 0x0a, 0x90,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3707) 0x9a, 0xbb, 0xf6, 0x32, 0x3d, 0x8b, 0x18, 0x55 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3708) const u8 x[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3709) 0xab, 0xae, 0x2b, 0x71, 0xec, 0xb2, 0xff, 0xff,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3710) 0x3e, 0x73, 0x77, 0xd1, 0x54, 0x84, 0xcb, 0xd5 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3711) const u8 y[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3712) 0xcf, 0xc4, 0x3d, 0xff, 0xf7, 0x83, 0x65, 0x21,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3713) 0x6e, 0x5f, 0xa7, 0x25, 0xcc, 0xe7, 0xe8, 0xa6 };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3714) const u32 exp_val = 0x2f9ed5ba % 1000000;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3715) u32 val;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3716) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3717)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3718) err = smp_g2(tfm_cmac, u, v, x, y, &val);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3719) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3720) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3721)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3722) if (val != exp_val)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3723) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3724)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3725) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3726) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3727)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3728) static int __init test_h6(struct crypto_shash *tfm_cmac)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3729) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3730) const u8 w[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3731) 0x9b, 0x7d, 0x39, 0x0a, 0xa6, 0x10, 0x10, 0x34,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3732) 0x05, 0xad, 0xc8, 0x57, 0xa3, 0x34, 0x02, 0xec };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3733) const u8 key_id[4] = { 0x72, 0x62, 0x65, 0x6c };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3734) const u8 exp[16] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3735) 0x99, 0x63, 0xb1, 0x80, 0xe2, 0xa9, 0xd3, 0xe8,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3736) 0x1c, 0xc9, 0x6d, 0xe7, 0x02, 0xe1, 0x9a, 0x2d };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3737) u8 res[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3738) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3739)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3740) err = smp_h6(tfm_cmac, w, key_id, res);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3741) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3742) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3743)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3744) if (crypto_memneq(res, exp, 16))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3745) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3746)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3747) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3748) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3749)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3750) static char test_smp_buffer[32];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3751)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3752) static ssize_t test_smp_read(struct file *file, char __user *user_buf,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3753) size_t count, loff_t *ppos)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3754) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3755) return simple_read_from_buffer(user_buf, count, ppos, test_smp_buffer,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3756) strlen(test_smp_buffer));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3757) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3758)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3759) static const struct file_operations test_smp_fops = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3760) .open = simple_open,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3761) .read = test_smp_read,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3762) .llseek = default_llseek,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3763) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3764)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3765) static int __init run_selftests(struct crypto_shash *tfm_cmac,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3766) struct crypto_kpp *tfm_ecdh)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3767) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3768) ktime_t calltime, delta, rettime;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3769) unsigned long long duration;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3770) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3771)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3772) calltime = ktime_get();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3773)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3774) err = test_debug_key(tfm_ecdh);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3775) if (err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3776) BT_ERR("debug_key test failed");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3777) goto done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3778) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3779)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3780) err = test_ah();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3781) if (err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3782) BT_ERR("smp_ah test failed");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3783) goto done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3784) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3785)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3786) err = test_c1();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3787) if (err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3788) BT_ERR("smp_c1 test failed");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3789) goto done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3790) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3791)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3792) err = test_s1();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3793) if (err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3794) BT_ERR("smp_s1 test failed");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3795) goto done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3796) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3797)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3798) err = test_f4(tfm_cmac);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3799) if (err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3800) BT_ERR("smp_f4 test failed");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3801) goto done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3802) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3803)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3804) err = test_f5(tfm_cmac);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3805) if (err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3806) BT_ERR("smp_f5 test failed");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3807) goto done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3808) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3809)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3810) err = test_f6(tfm_cmac);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3811) if (err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3812) BT_ERR("smp_f6 test failed");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3813) goto done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3814) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3815)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3816) err = test_g2(tfm_cmac);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3817) if (err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3818) BT_ERR("smp_g2 test failed");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3819) goto done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3820) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3821)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3822) err = test_h6(tfm_cmac);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3823) if (err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3824) BT_ERR("smp_h6 test failed");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3825) goto done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3826) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3827)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3828) rettime = ktime_get();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3829) delta = ktime_sub(rettime, calltime);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3830) duration = (unsigned long long) ktime_to_ns(delta) >> 10;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3831)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3832) BT_INFO("SMP test passed in %llu usecs", duration);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3833)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3834) done:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3835) if (!err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3836) snprintf(test_smp_buffer, sizeof(test_smp_buffer),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3837) "PASS (%llu usecs)\n", duration);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3838) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3839) snprintf(test_smp_buffer, sizeof(test_smp_buffer), "FAIL\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3840)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3841) debugfs_create_file("selftest_smp", 0444, bt_debugfs, NULL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3842) &test_smp_fops);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3843)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3844) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3845) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3846)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3847) int __init bt_selftest_smp(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3848) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3849) struct crypto_shash *tfm_cmac;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3850) struct crypto_kpp *tfm_ecdh;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3851) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3852)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3853) tfm_cmac = crypto_alloc_shash("cmac(aes)", 0, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3854) if (IS_ERR(tfm_cmac)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3855) BT_ERR("Unable to create CMAC crypto context");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3856) return PTR_ERR(tfm_cmac);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3857) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3858)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3859) tfm_ecdh = crypto_alloc_kpp("ecdh", 0, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3860) if (IS_ERR(tfm_ecdh)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3861) BT_ERR("Unable to create ECDH crypto context");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3862) crypto_free_shash(tfm_cmac);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3863) return PTR_ERR(tfm_ecdh);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3864) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3865)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3866) err = run_selftests(tfm_cmac, tfm_ecdh);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3867)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3868) crypto_free_shash(tfm_cmac);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3869) crypto_free_kpp(tfm_ecdh);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3870)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3871) return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3872) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3873)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3874) #endif
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags