aboutsummaryrefslogtreecommitdiffstats
path: root/net/bluetooth/smp.c
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2015-06-24 19:49:49 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2015-06-24 19:49:49 -0400
commite0456717e483bb8a9431b80a5bdc99a928b9b003 (patch)
tree5eb5add2bafd1f20326d70f5cb3b711d00a40b10 /net/bluetooth/smp.c
parent98ec21a01896751b673b6c731ca8881daa8b2c6d (diff)
parent1ea2d020ba477cb7011a7174e8501a9e04a325d4 (diff)
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
Pull networking updates from David Miller: 1) Add TX fast path in mac80211, from Johannes Berg. 2) Add TSO/GRO support to ibmveth, from Thomas Falcon 3) Move away from cached routes in ipv6, just like ipv4, from Martin KaFai Lau. 4) Lots of new rhashtable tests, from Thomas Graf. 5) Run ingress qdisc lockless, from Alexei Starovoitov. 6) Allow servers to fetch TCP packet headers for SYN packets of new connections, for fingerprinting. From Eric Dumazet. 7) Add mode parameter to pktgen, for testing receive. From Alexei Starovoitov. 8) Cache access optimizations via simplifications of build_skb(), from Alexander Duyck. 9) Move page frag allocator under mm/, also from Alexander. 10) Add xmit_more support to hv_netvsc, from KY Srinivasan. 11) Add a counter guard in case we try to perform endless reclassify loops in the packet scheduler. 12) Extern flow dissector to be programmable and use it in new "Flower" classifier. From Jiri Pirko. 13) AF_PACKET fanout rollover fixes, performance improvements, and new statistics. From Willem de Bruijn. 14) Add netdev driver for GENEVE tunnels, from John W Linville. 15) Add ingress netfilter hooks and filtering, from Pablo Neira Ayuso. 16) Fix handling of epoll edge triggers in TCP, from Eric Dumazet. 17) Add an ECN retry fallback for the initial TCP handshake, from Daniel Borkmann. 18) Add tail call support to BPF, from Alexei Starovoitov. 19) Add several pktgen helper scripts, from Jesper Dangaard Brouer. 20) Add zerocopy support to AF_UNIX, from Hannes Frederic Sowa. 21) Favor even port numbers for allocation to connect() requests, and odd port numbers for bind(0), in an effort to help avoid ip_local_port_range exhaustion. From Eric Dumazet. 22) Add Cavium ThunderX driver, from Sunil Goutham. 23) Allow bpf programs to access skb_iif and dev->ifindex SKB metadata, from Alexei Starovoitov. 24) Add support for T6 chips in cxgb4vf driver, from Hariprasad Shenai. 25) Double TCP Small Queues default to 256K to accomodate situations like the XEN driver and wireless aggregation. From Wei Liu. 26) Add more entropy inputs to flow dissector, from Tom Herbert. 27) Add CDG congestion control algorithm to TCP, from Kenneth Klette Jonassen. 28) Convert ipset over to RCU locking, from Jozsef Kadlecsik. 29) Track and act upon link status of ipv4 route nexthops, from Andy Gospodarek. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (1670 commits) bridge: vlan: flush the dynamically learned entries on port vlan delete bridge: multicast: add a comment to br_port_state_selection about blocking state net: inet_diag: export IPV6_V6ONLY sockopt stmmac: troubleshoot unexpected bits in des0 & des1 net: ipv4 sysctl option to ignore routes when nexthop link is down net: track link-status of ipv4 nexthops net: switchdev: ignore unsupported bridge flags net: Cavium: Fix MAC address setting in shutdown state drivers: net: xgene: fix for ACPI support without ACPI ip: report the original address of ICMP messages net/mlx5e: Prefetch skb data on RX net/mlx5e: Pop cq outside mlx5e_get_cqe net/mlx5e: Remove mlx5e_cq.sqrq back-pointer net/mlx5e: Remove extra spaces net/mlx5e: Avoid TX CQE generation if more xmit packets expected net/mlx5e: Avoid redundant dev_kfree_skb() upon NOP completion net/mlx5e: Remove re-assignment of wq type in mlx5e_enable_rq() net/mlx5e: Use skb_shinfo(skb)->gso_segs rather than counting them net/mlx5e: Static mapping of netdev priv resources to/from netdev TX queues net/mlx4_en: Use HW counters for rx/tx bytes/packets in PF device ...
Diffstat (limited to 'net/bluetooth/smp.c')
-rw-r--r--net/bluetooth/smp.c158
1 files changed, 135 insertions, 23 deletions
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 1ab3dc9c8f99..3d0f7d2a0616 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -33,6 +33,9 @@
33#include "ecc.h" 33#include "ecc.h"
34#include "smp.h" 34#include "smp.h"
35 35
36#define SMP_DEV(hdev) \
37 ((struct smp_dev *)((struct l2cap_chan *)((hdev)->smp_data))->data)
38
36/* Low-level debug macros to be used for stuff that we don't want 39/* Low-level debug macros to be used for stuff that we don't want
37 * accidentially in dmesg, i.e. the values of the various crypto keys 40 * accidentially in dmesg, i.e. the values of the various crypto keys
38 * and the inputs & outputs of crypto functions. 41 * and the inputs & outputs of crypto functions.
@@ -81,6 +84,9 @@ struct smp_dev {
81 u8 local_rand[16]; 84 u8 local_rand[16];
82 bool debug_key; 85 bool debug_key;
83 86
87 u8 min_key_size;
88 u8 max_key_size;
89
84 struct crypto_blkcipher *tfm_aes; 90 struct crypto_blkcipher *tfm_aes;
85 struct crypto_hash *tfm_cmac; 91 struct crypto_hash *tfm_cmac;
86}; 92};
@@ -371,6 +377,8 @@ static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
371 uint8_t tmp[16], data[16]; 377 uint8_t tmp[16], data[16];
372 int err; 378 int err;
373 379
380 SMP_DBG("k %16phN r %16phN", k, r);
381
374 if (!tfm) { 382 if (!tfm) {
375 BT_ERR("tfm %p", tfm); 383 BT_ERR("tfm %p", tfm);
376 return -EINVAL; 384 return -EINVAL;
@@ -400,6 +408,8 @@ static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
400 /* Most significant octet of encryptedData corresponds to data[0] */ 408 /* Most significant octet of encryptedData corresponds to data[0] */
401 swap_buf(data, r, 16); 409 swap_buf(data, r, 16);
402 410
411 SMP_DBG("r %16phN", r);
412
403 return err; 413 return err;
404} 414}
405 415
@@ -410,6 +420,10 @@ static int smp_c1(struct crypto_blkcipher *tfm_aes, const u8 k[16],
410 u8 p1[16], p2[16]; 420 u8 p1[16], p2[16];
411 int err; 421 int err;
412 422
423 SMP_DBG("k %16phN r %16phN", k, r);
424 SMP_DBG("iat %u ia %6phN rat %u ra %6phN", _iat, ia, _rat, ra);
425 SMP_DBG("preq %7phN pres %7phN", preq, pres);
426
413 memset(p1, 0, 16); 427 memset(p1, 0, 16);
414 428
415 /* p1 = pres || preq || _rat || _iat */ 429 /* p1 = pres || preq || _rat || _iat */
@@ -418,10 +432,7 @@ static int smp_c1(struct crypto_blkcipher *tfm_aes, const u8 k[16],
418 memcpy(p1 + 2, preq, 7); 432 memcpy(p1 + 2, preq, 7);
419 memcpy(p1 + 9, pres, 7); 433 memcpy(p1 + 9, pres, 7);
420 434
421 /* p2 = padding || ia || ra */ 435 SMP_DBG("p1 %16phN", p1);
422 memcpy(p2, ra, 6);
423 memcpy(p2 + 6, ia, 6);
424 memset(p2 + 12, 0, 4);
425 436
426 /* res = r XOR p1 */ 437 /* res = r XOR p1 */
427 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1); 438 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
@@ -433,6 +444,13 @@ static int smp_c1(struct crypto_blkcipher *tfm_aes, const u8 k[16],
433 return err; 444 return err;
434 } 445 }
435 446
447 /* p2 = padding || ia || ra */
448 memcpy(p2, ra, 6);
449 memcpy(p2 + 6, ia, 6);
450 memset(p2 + 12, 0, 4);
451
452 SMP_DBG("p2 %16phN", p2);
453
436 /* res = res XOR p2 */ 454 /* res = res XOR p2 */
437 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2); 455 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
438 456
@@ -696,7 +714,7 @@ static void build_pairing_cmd(struct l2cap_conn *conn,
696 if (rsp == NULL) { 714 if (rsp == NULL) {
697 req->io_capability = conn->hcon->io_capability; 715 req->io_capability = conn->hcon->io_capability;
698 req->oob_flag = oob_flag; 716 req->oob_flag = oob_flag;
699 req->max_key_size = SMP_MAX_ENC_KEY_SIZE; 717 req->max_key_size = SMP_DEV(hdev)->max_key_size;
700 req->init_key_dist = local_dist; 718 req->init_key_dist = local_dist;
701 req->resp_key_dist = remote_dist; 719 req->resp_key_dist = remote_dist;
702 req->auth_req = (authreq & AUTH_REQ_MASK(hdev)); 720 req->auth_req = (authreq & AUTH_REQ_MASK(hdev));
@@ -707,7 +725,7 @@ static void build_pairing_cmd(struct l2cap_conn *conn,
707 725
708 rsp->io_capability = conn->hcon->io_capability; 726 rsp->io_capability = conn->hcon->io_capability;
709 rsp->oob_flag = oob_flag; 727 rsp->oob_flag = oob_flag;
710 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE; 728 rsp->max_key_size = SMP_DEV(hdev)->max_key_size;
711 rsp->init_key_dist = req->init_key_dist & remote_dist; 729 rsp->init_key_dist = req->init_key_dist & remote_dist;
712 rsp->resp_key_dist = req->resp_key_dist & local_dist; 730 rsp->resp_key_dist = req->resp_key_dist & local_dist;
713 rsp->auth_req = (authreq & AUTH_REQ_MASK(hdev)); 731 rsp->auth_req = (authreq & AUTH_REQ_MASK(hdev));
@@ -718,10 +736,11 @@ static void build_pairing_cmd(struct l2cap_conn *conn,
718static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size) 736static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
719{ 737{
720 struct l2cap_chan *chan = conn->smp; 738 struct l2cap_chan *chan = conn->smp;
739 struct hci_dev *hdev = conn->hcon->hdev;
721 struct smp_chan *smp = chan->data; 740 struct smp_chan *smp = chan->data;
722 741
723 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) || 742 if (max_key_size > SMP_DEV(hdev)->max_key_size ||
724 (max_key_size < SMP_MIN_ENC_KEY_SIZE)) 743 max_key_size < SMP_MIN_ENC_KEY_SIZE)
725 return SMP_ENC_KEY_SIZE; 744 return SMP_ENC_KEY_SIZE;
726 745
727 smp->enc_key_size = max_key_size; 746 smp->enc_key_size = max_key_size;
@@ -985,13 +1004,10 @@ static u8 smp_random(struct smp_chan *smp)
985 1004
986 smp_s1(smp->tfm_aes, smp->tk, smp->rrnd, smp->prnd, stk); 1005 smp_s1(smp->tfm_aes, smp->tk, smp->rrnd, smp->prnd, stk);
987 1006
988 memset(stk + smp->enc_key_size, 0,
989 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
990
991 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags)) 1007 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
992 return SMP_UNSPECIFIED; 1008 return SMP_UNSPECIFIED;
993 1009
994 hci_le_start_enc(hcon, ediv, rand, stk); 1010 hci_le_start_enc(hcon, ediv, rand, stk, smp->enc_key_size);
995 hcon->enc_key_size = smp->enc_key_size; 1011 hcon->enc_key_size = smp->enc_key_size;
996 set_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags); 1012 set_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
997 } else { 1013 } else {
@@ -1004,9 +1020,6 @@ static u8 smp_random(struct smp_chan *smp)
1004 1020
1005 smp_s1(smp->tfm_aes, smp->tk, smp->prnd, smp->rrnd, stk); 1021 smp_s1(smp->tfm_aes, smp->tk, smp->prnd, smp->rrnd, stk);
1006 1022
1007 memset(stk + smp->enc_key_size, 0,
1008 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
1009
1010 if (hcon->pending_sec_level == BT_SECURITY_HIGH) 1023 if (hcon->pending_sec_level == BT_SECURITY_HIGH)
1011 auth = 1; 1024 auth = 1;
1012 else 1025 else
@@ -1144,9 +1157,6 @@ static void sc_add_ltk(struct smp_chan *smp)
1144 else 1157 else
1145 auth = 0; 1158 auth = 0;
1146 1159
1147 memset(smp->tk + smp->enc_key_size, 0,
1148 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
1149
1150 smp->ltk = hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type, 1160 smp->ltk = hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
1151 key_type, auth, smp->tk, smp->enc_key_size, 1161 key_type, auth, smp->tk, smp->enc_key_size,
1152 0, 0); 1162 0, 0);
@@ -1268,7 +1278,14 @@ static void smp_distribute_keys(struct smp_chan *smp)
1268 __le16 ediv; 1278 __le16 ediv;
1269 __le64 rand; 1279 __le64 rand;
1270 1280
1271 get_random_bytes(enc.ltk, sizeof(enc.ltk)); 1281 /* Make sure we generate only the significant amount of
1282 * bytes based on the encryption key size, and set the rest
1283 * of the value to zeroes.
1284 */
1285 get_random_bytes(enc.ltk, smp->enc_key_size);
1286 memset(enc.ltk + smp->enc_key_size, 0,
1287 sizeof(enc.ltk) - smp->enc_key_size);
1288
1272 get_random_bytes(&ediv, sizeof(ediv)); 1289 get_random_bytes(&ediv, sizeof(ediv));
1273 get_random_bytes(&rand, sizeof(rand)); 1290 get_random_bytes(&rand, sizeof(rand));
1274 1291
@@ -1688,7 +1705,7 @@ static void build_bredr_pairing_cmd(struct smp_chan *smp,
1688 1705
1689 req->init_key_dist = local_dist; 1706 req->init_key_dist = local_dist;
1690 req->resp_key_dist = remote_dist; 1707 req->resp_key_dist = remote_dist;
1691 req->max_key_size = SMP_MAX_ENC_KEY_SIZE; 1708 req->max_key_size = conn->hcon->enc_key_size;
1692 1709
1693 smp->remote_key_dist = remote_dist; 1710 smp->remote_key_dist = remote_dist;
1694 1711
@@ -1697,7 +1714,7 @@ static void build_bredr_pairing_cmd(struct smp_chan *smp,
1697 1714
1698 memset(rsp, 0, sizeof(*rsp)); 1715 memset(rsp, 0, sizeof(*rsp));
1699 1716
1700 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE; 1717 rsp->max_key_size = conn->hcon->enc_key_size;
1701 rsp->init_key_dist = req->init_key_dist & remote_dist; 1718 rsp->init_key_dist = req->init_key_dist & remote_dist;
1702 rsp->resp_key_dist = req->resp_key_dist & local_dist; 1719 rsp->resp_key_dist = req->resp_key_dist & local_dist;
1703 1720
@@ -2190,7 +2207,7 @@ static bool smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
2190 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags)) 2207 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
2191 return true; 2208 return true;
2192 2209
2193 hci_le_start_enc(hcon, key->ediv, key->rand, key->val); 2210 hci_le_start_enc(hcon, key->ediv, key->rand, key->val, key->enc_size);
2194 hcon->enc_key_size = key->enc_size; 2211 hcon->enc_key_size = key->enc_size;
2195 2212
2196 /* We never store STKs for master role, so clear this flag */ 2213 /* We never store STKs for master role, so clear this flag */
@@ -2738,7 +2755,7 @@ static int smp_cmd_dhkey_check(struct l2cap_conn *conn, struct sk_buff *skb)
2738 sc_add_ltk(smp); 2755 sc_add_ltk(smp);
2739 2756
2740 if (hcon->out) { 2757 if (hcon->out) {
2741 hci_le_start_enc(hcon, 0, 0, smp->tk); 2758 hci_le_start_enc(hcon, 0, 0, smp->tk, smp->enc_key_size);
2742 hcon->enc_key_size = smp->enc_key_size; 2759 hcon->enc_key_size = smp->enc_key_size;
2743 } 2760 }
2744 2761
@@ -3120,6 +3137,8 @@ static struct l2cap_chan *smp_add_cid(struct hci_dev *hdev, u16 cid)
3120 3137
3121 smp->tfm_aes = tfm_aes; 3138 smp->tfm_aes = tfm_aes;
3122 smp->tfm_cmac = tfm_cmac; 3139 smp->tfm_cmac = tfm_cmac;
3140 smp->min_key_size = SMP_MIN_ENC_KEY_SIZE;
3141 smp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
3123 3142
3124create_chan: 3143create_chan:
3125 chan = l2cap_chan_create(); 3144 chan = l2cap_chan_create();
@@ -3242,6 +3261,94 @@ static const struct file_operations force_bredr_smp_fops = {
3242 .llseek = default_llseek, 3261 .llseek = default_llseek,
3243}; 3262};
3244 3263
3264static ssize_t le_min_key_size_read(struct file *file,
3265 char __user *user_buf,
3266 size_t count, loff_t *ppos)
3267{
3268 struct hci_dev *hdev = file->private_data;
3269 char buf[4];
3270
3271 snprintf(buf, sizeof(buf), "%2u\n", SMP_DEV(hdev)->min_key_size);
3272
3273 return simple_read_from_buffer(user_buf, count, ppos, buf, strlen(buf));
3274}
3275
3276static ssize_t le_min_key_size_write(struct file *file,
3277 const char __user *user_buf,
3278 size_t count, loff_t *ppos)
3279{
3280 struct hci_dev *hdev = file->private_data;
3281 char buf[32];
3282 size_t buf_size = min(count, (sizeof(buf) - 1));
3283 u8 key_size;
3284
3285 if (copy_from_user(buf, user_buf, buf_size))
3286 return -EFAULT;
3287
3288 buf[buf_size] = '\0';
3289
3290 sscanf(buf, "%hhu", &key_size);
3291
3292 if (key_size > SMP_DEV(hdev)->max_key_size ||
3293 key_size < SMP_MIN_ENC_KEY_SIZE)
3294 return -EINVAL;
3295
3296 SMP_DEV(hdev)->min_key_size = key_size;
3297
3298 return count;
3299}
3300
3301static const struct file_operations le_min_key_size_fops = {
3302 .open = simple_open,
3303 .read = le_min_key_size_read,
3304 .write = le_min_key_size_write,
3305 .llseek = default_llseek,
3306};
3307
3308static ssize_t le_max_key_size_read(struct file *file,
3309 char __user *user_buf,
3310 size_t count, loff_t *ppos)
3311{
3312 struct hci_dev *hdev = file->private_data;
3313 char buf[4];
3314
3315 snprintf(buf, sizeof(buf), "%2u\n", SMP_DEV(hdev)->max_key_size);
3316
3317 return simple_read_from_buffer(user_buf, count, ppos, buf, strlen(buf));
3318}
3319
3320static ssize_t le_max_key_size_write(struct file *file,
3321 const char __user *user_buf,
3322 size_t count, loff_t *ppos)
3323{
3324 struct hci_dev *hdev = file->private_data;
3325 char buf[32];
3326 size_t buf_size = min(count, (sizeof(buf) - 1));
3327 u8 key_size;
3328
3329 if (copy_from_user(buf, user_buf, buf_size))
3330 return -EFAULT;
3331
3332 buf[buf_size] = '\0';
3333
3334 sscanf(buf, "%hhu", &key_size);
3335
3336 if (key_size > SMP_MAX_ENC_KEY_SIZE ||
3337 key_size < SMP_DEV(hdev)->min_key_size)
3338 return -EINVAL;
3339
3340 SMP_DEV(hdev)->max_key_size = key_size;
3341
3342 return count;
3343}
3344
3345static const struct file_operations le_max_key_size_fops = {
3346 .open = simple_open,
3347 .read = le_max_key_size_read,
3348 .write = le_max_key_size_write,
3349 .llseek = default_llseek,
3350};
3351
3245int smp_register(struct hci_dev *hdev) 3352int smp_register(struct hci_dev *hdev)
3246{ 3353{
3247 struct l2cap_chan *chan; 3354 struct l2cap_chan *chan;
@@ -3266,6 +3373,11 @@ int smp_register(struct hci_dev *hdev)
3266 3373
3267 hdev->smp_data = chan; 3374 hdev->smp_data = chan;
3268 3375
3376 debugfs_create_file("le_min_key_size", 0644, hdev->debugfs, hdev,
3377 &le_min_key_size_fops);
3378 debugfs_create_file("le_max_key_size", 0644, hdev->debugfs, hdev,
3379 &le_max_key_size_fops);
3380
3269 /* If the controller does not support BR/EDR Secure Connections 3381 /* If the controller does not support BR/EDR Secure Connections
3270 * feature, then the BR/EDR SMP channel shall not be present. 3382 * feature, then the BR/EDR SMP channel shall not be present.
3271 * 3383 *
generated by cgit v1.2.2 (git 2.25.0) at 2025-02-24 07:50:45 -0500