diff options
| author | Johan Hedberg <johan.hedberg@nokia.com> | 2011-01-19 01:36:50 -0500 |
|---|---|---|
| committer | Gustavo F. Padovan <padovan@profusion.mobi> | 2011-01-19 11:40:43 -0500 |
| commit | 8556edd32f01c50a3c99e44dc2c3b1252ea59605 (patch) | |
| tree | b0e9d426b7a17ad201c782d4e0c09fbddfe81730 /net | |
| parent | 65cf686ee102b7eb0477a4bab82ff227071a0258 (diff) | |
Bluetooth: Create a unified auth_type evaluation function
The logic for determining the needed auth_type for an L2CAP socket is
rather complicated and has so far been duplicated in
l2cap_check_security as well as l2cap_do_connect. Additionally the
l2cap_check_security code was completely missing the handling of
SOCK_RAW type sockets. This patch creates a unified function for the
evaluation and makes l2cap_do_connect and l2cap_check_security use that
function.
Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Diffstat (limited to 'net')
| -rw-r--r-- | net/bluetooth/l2cap.c | 77 |
1 files changed, 28 insertions, 49 deletions
diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c index 4fd88eb0a464..ae227bf25563 100644 --- a/net/bluetooth/l2cap.c +++ b/net/bluetooth/l2cap.c | |||
| @@ -305,33 +305,44 @@ static void l2cap_chan_del(struct sock *sk, int err) | |||
| 305 | } | 305 | } |
| 306 | } | 306 | } |
| 307 | 307 | ||
| 308 | /* Service level security */ | 308 | static inline u8 l2cap_get_auth_type(struct sock *sk) |
| 309 | static inline int l2cap_check_security(struct sock *sk) | ||
| 310 | { | 309 | { |
| 311 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | 310 | if (sk->sk_type == SOCK_RAW) { |
| 312 | __u8 auth_type; | 311 | switch (l2cap_pi(sk)->sec_level) { |
| 312 | case BT_SECURITY_HIGH: | ||
| 313 | return HCI_AT_DEDICATED_BONDING_MITM; | ||
| 314 | case BT_SECURITY_MEDIUM: | ||
| 315 | return HCI_AT_DEDICATED_BONDING; | ||
| 316 | default: | ||
| 317 | return HCI_AT_NO_BONDING; | ||
| 318 | } | ||
| 319 | } else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) { | ||
| 320 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW) | ||
| 321 | l2cap_pi(sk)->sec_level = BT_SECURITY_SDP; | ||
| 313 | 322 | ||
| 314 | if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) { | ||
| 315 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH) | 323 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH) |
| 316 | auth_type = HCI_AT_NO_BONDING_MITM; | 324 | return HCI_AT_NO_BONDING_MITM; |
| 317 | else | 325 | else |
| 318 | auth_type = HCI_AT_NO_BONDING; | 326 | return HCI_AT_NO_BONDING; |
| 319 | |||
| 320 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW) | ||
| 321 | l2cap_pi(sk)->sec_level = BT_SECURITY_SDP; | ||
| 322 | } else { | 327 | } else { |
| 323 | switch (l2cap_pi(sk)->sec_level) { | 328 | switch (l2cap_pi(sk)->sec_level) { |
| 324 | case BT_SECURITY_HIGH: | 329 | case BT_SECURITY_HIGH: |
| 325 | auth_type = HCI_AT_GENERAL_BONDING_MITM; | 330 | return HCI_AT_GENERAL_BONDING_MITM; |
| 326 | break; | ||
| 327 | case BT_SECURITY_MEDIUM: | 331 | case BT_SECURITY_MEDIUM: |
| 328 | auth_type = HCI_AT_GENERAL_BONDING; | 332 | return HCI_AT_GENERAL_BONDING; |
| 329 | break; | ||
| 330 | default: | 333 | default: |
| 331 | auth_type = HCI_AT_NO_BONDING; | 334 | return HCI_AT_NO_BONDING; |
| 332 | break; | ||
| 333 | } | 335 | } |
| 334 | } | 336 | } |
| 337 | } | ||
| 338 | |||
| 339 | /* Service level security */ | ||
| 340 | static inline int l2cap_check_security(struct sock *sk) | ||
| 341 | { | ||
| 342 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | ||
| 343 | __u8 auth_type; | ||
| 344 | |||
| 345 | auth_type = l2cap_get_auth_type(sk); | ||
| 335 | 346 | ||
| 336 | return hci_conn_security(conn->hcon, l2cap_pi(sk)->sec_level, | 347 | return hci_conn_security(conn->hcon, l2cap_pi(sk)->sec_level, |
| 337 | auth_type); | 348 | auth_type); |
| @@ -1068,39 +1079,7 @@ static int l2cap_do_connect(struct sock *sk) | |||
| 1068 | 1079 | ||
| 1069 | err = -ENOMEM; | 1080 | err = -ENOMEM; |
| 1070 | 1081 | ||
| 1071 | if (sk->sk_type == SOCK_RAW) { | 1082 | auth_type = l2cap_get_auth_type(sk); |
| 1072 | switch (l2cap_pi(sk)->sec_level) { | ||
| 1073 | case BT_SECURITY_HIGH: | ||
| 1074 | auth_type = HCI_AT_DEDICATED_BONDING_MITM; | ||
| 1075 | break; | ||
| 1076 | case BT_SECURITY_MEDIUM: | ||
| 1077 | auth_type = HCI_AT_DEDICATED_BONDING; | ||
| 1078 | break; | ||
| 1079 | default: | ||
| 1080 | auth_type = HCI_AT_NO_BONDING; | ||
| 1081 | break; | ||
| 1082 | } | ||
| 1083 | } else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) { | ||
| 1084 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH) | ||
| 1085 | auth_type = HCI_AT_NO_BONDING_MITM; | ||
| 1086 | else | ||
| 1087 | auth_type = HCI_AT_NO_BONDING; | ||
| 1088 | |||
| 1089 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW) | ||
| 1090 | l2cap_pi(sk)->sec_level = BT_SECURITY_SDP; | ||
| 1091 | } else { | ||
| 1092 | switch (l2cap_pi(sk)->sec_level) { | ||
| 1093 | case BT_SECURITY_HIGH: | ||
| 1094 | auth_type = HCI_AT_GENERAL_BONDING_MITM; | ||
| 1095 | break; | ||
| 1096 | case BT_SECURITY_MEDIUM: | ||
| 1097 | auth_type = HCI_AT_GENERAL_BONDING; | ||
| 1098 | break; | ||
| 1099 | default: | ||
| 1100 | auth_type = HCI_AT_NO_BONDING; | ||
| 1101 | break; | ||
| 1102 | } | ||
| 1103 | } | ||
| 1104 | 1083 | ||
| 1105 | hcon = hci_connect(hdev, ACL_LINK, dst, | 1084 | hcon = hci_connect(hdev, ACL_LINK, dst, |
| 1106 | l2cap_pi(sk)->sec_level, auth_type); | 1085 | l2cap_pi(sk)->sec_level, auth_type); |