aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorMarcel Holtmann <marcel@holtmann.org>2014-03-10 02:38:42 -0400
committerJohan Hedberg <johan.hedberg@intel.com>2014-03-10 08:57:33 -0400
commit53ac6ab612456a13bf0f6bad89c1503616e4de3b (patch)
tree708d42ebd070e008dbb579e8ca8f5194e6ba5006 /net
parent7ee4ea3692f20b87b0e0d3884d5b2d22ec1a2df0 (diff)
Bluetooth: Make LTK and CSRK only persisent when bonding
In case the pairable option has been disabled, the pairing procedure does not create keys for bonding. This means that these generated keys should not be stored persistently. For LTK and CSRK this is important to tell userspace to not store these new keys. They will be available for the lifetime of the device, but after the next power cycle they should not be used anymore. Inform userspace to actually store the keys persistently only if both sides request bonding. Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Diffstat (limited to 'net')
-rw-r--r--net/bluetooth/mgmt.c9
-rw-r--r--net/bluetooth/smp.c16
2 files changed, 17 insertions, 8 deletions
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index 9c7788914b4e..fbcf9d4f130b 100644
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -5005,7 +5005,7 @@ void mgmt_new_link_key(struct hci_dev *hdev, struct link_key *key,
5005 mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL); 5005 mgmt_event(MGMT_EV_NEW_LINK_KEY, hdev, &ev, sizeof(ev), NULL);
5006} 5006}
5007 5007
5008void mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key) 5008void mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key, bool persistent)
5009{ 5009{
5010 struct mgmt_ev_new_long_term_key ev; 5010 struct mgmt_ev_new_long_term_key ev;
5011 5011
@@ -5026,7 +5026,7 @@ void mgmt_new_ltk(struct hci_dev *hdev, struct smp_ltk *key)
5026 (key->bdaddr.b[5] & 0xc0) != 0xc0) 5026 (key->bdaddr.b[5] & 0xc0) != 0xc0)
5027 ev.store_hint = 0x00; 5027 ev.store_hint = 0x00;
5028 else 5028 else
5029 ev.store_hint = 0x01; 5029 ev.store_hint = persistent;
5030 5030
5031 bacpy(&ev.key.addr.bdaddr, &key->bdaddr); 5031 bacpy(&ev.key.addr.bdaddr, &key->bdaddr);
5032 ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type); 5032 ev.key.addr.type = link_to_bdaddr(LE_LINK, key->bdaddr_type);
@@ -5073,7 +5073,8 @@ void mgmt_new_irk(struct hci_dev *hdev, struct smp_irk *irk)
5073 mgmt_event(MGMT_EV_NEW_IRK, hdev, &ev, sizeof(ev), NULL); 5073 mgmt_event(MGMT_EV_NEW_IRK, hdev, &ev, sizeof(ev), NULL);
5074} 5074}
5075 5075
5076void mgmt_new_csrk(struct hci_dev *hdev, struct smp_csrk *csrk) 5076void mgmt_new_csrk(struct hci_dev *hdev, struct smp_csrk *csrk,
5077 bool persistent)
5077{ 5078{
5078 struct mgmt_ev_new_csrk ev; 5079 struct mgmt_ev_new_csrk ev;
5079 5080
@@ -5092,7 +5093,7 @@ void mgmt_new_csrk(struct hci_dev *hdev, struct smp_csrk *csrk)
5092 (csrk->bdaddr.b[5] & 0xc0) != 0xc0) 5093 (csrk->bdaddr.b[5] & 0xc0) != 0xc0)
5093 ev.store_hint = 0x00; 5094 ev.store_hint = 0x00;
5094 else 5095 else
5095 ev.store_hint = 0x01; 5096 ev.store_hint = persistent;
5096 5097
5097 bacpy(&ev.key.addr.bdaddr, &csrk->bdaddr); 5098 bacpy(&ev.key.addr.bdaddr, &csrk->bdaddr);
5098 ev.key.addr.type = link_to_bdaddr(LE_LINK, csrk->bdaddr_type); 5099 ev.key.addr.type = link_to_bdaddr(LE_LINK, csrk->bdaddr_type);
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index fc652592daf6..7f25dda9c770 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -1209,32 +1209,40 @@ static void smp_notify_keys(struct l2cap_conn *conn)
1209 struct smp_chan *smp = conn->smp_chan; 1209 struct smp_chan *smp = conn->smp_chan;
1210 struct hci_conn *hcon = conn->hcon; 1210 struct hci_conn *hcon = conn->hcon;
1211 struct hci_dev *hdev = hcon->hdev; 1211 struct hci_dev *hdev = hcon->hdev;
1212 struct smp_cmd_pairing *req = (void *) &smp->preq[1];
1213 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
1214 bool persistent;
1212 1215
1213 if (smp->remote_irk) 1216 if (smp->remote_irk)
1214 mgmt_new_irk(hdev, smp->remote_irk); 1217 mgmt_new_irk(hdev, smp->remote_irk);
1215 1218
1219 /* The LTKs and CSRKs should be persistent only if both sides
1220 * had the bonding bit set in their authentication requests.
1221 */
1222 persistent = !!((req->auth_req & rsp->auth_req) & SMP_AUTH_BONDING);
1223
1216 if (smp->csrk) { 1224 if (smp->csrk) {
1217 smp->csrk->bdaddr_type = hcon->dst_type; 1225 smp->csrk->bdaddr_type = hcon->dst_type;
1218 bacpy(&smp->csrk->bdaddr, &hcon->dst); 1226 bacpy(&smp->csrk->bdaddr, &hcon->dst);
1219 mgmt_new_csrk(hdev, smp->csrk); 1227 mgmt_new_csrk(hdev, smp->csrk, persistent);
1220 } 1228 }
1221 1229
1222 if (smp->slave_csrk) { 1230 if (smp->slave_csrk) {
1223 smp->slave_csrk->bdaddr_type = hcon->dst_type; 1231 smp->slave_csrk->bdaddr_type = hcon->dst_type;
1224 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst); 1232 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst);
1225 mgmt_new_csrk(hdev, smp->slave_csrk); 1233 mgmt_new_csrk(hdev, smp->slave_csrk, persistent);
1226 } 1234 }
1227 1235
1228 if (smp->ltk) { 1236 if (smp->ltk) {
1229 smp->ltk->bdaddr_type = hcon->dst_type; 1237 smp->ltk->bdaddr_type = hcon->dst_type;
1230 bacpy(&smp->ltk->bdaddr, &hcon->dst); 1238 bacpy(&smp->ltk->bdaddr, &hcon->dst);
1231 mgmt_new_ltk(hdev, smp->ltk); 1239 mgmt_new_ltk(hdev, smp->ltk, persistent);
1232 } 1240 }
1233 1241
1234 if (smp->slave_ltk) { 1242 if (smp->slave_ltk) {
1235 smp->slave_ltk->bdaddr_type = hcon->dst_type; 1243 smp->slave_ltk->bdaddr_type = hcon->dst_type;
1236 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst); 1244 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
1237 mgmt_new_ltk(hdev, smp->slave_ltk); 1245 mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
1238 } 1246 }
1239} 1247}
1240 1248
generated by cgit v1.2.2 (git 2.25.0) at 2024-10-13 07:26:13 -0400