aboutsummaryrefslogtreecommitdiffstats
path: root/net/bluetooth/l2cap.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/bluetooth/l2cap.c')
-rw-r--r--net/bluetooth/l2cap.c85
1 files changed, 33 insertions, 52 deletions
diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c
index c791fcda7b2d..675614e38e14 100644
--- a/net/bluetooth/l2cap.c
+++ b/net/bluetooth/l2cap.c
@@ -305,33 +305,44 @@ static void l2cap_chan_del(struct sock *sk, int err)
305 } 305 }
306} 306}
307 307
308/* Service level security */ 308static inline u8 l2cap_get_auth_type(struct sock *sk)
309static inline int l2cap_check_security(struct sock *sk)
310{ 309{
311 struct l2cap_conn *conn = l2cap_pi(sk)->conn; 310 if (sk->sk_type == SOCK_RAW) {
312 __u8 auth_type; 311 switch (l2cap_pi(sk)->sec_level) {
312 case BT_SECURITY_HIGH:
313 return HCI_AT_DEDICATED_BONDING_MITM;
314 case BT_SECURITY_MEDIUM:
315 return HCI_AT_DEDICATED_BONDING;
316 default:
317 return HCI_AT_NO_BONDING;
318 }
319 } else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) {
320 if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW)
321 l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
313 322
314 if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) {
315 if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH) 323 if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)
316 auth_type = HCI_AT_NO_BONDING_MITM; 324 return HCI_AT_NO_BONDING_MITM;
317 else 325 else
318 auth_type = HCI_AT_NO_BONDING; 326 return HCI_AT_NO_BONDING;
319
320 if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW)
321 l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
322 } else { 327 } else {
323 switch (l2cap_pi(sk)->sec_level) { 328 switch (l2cap_pi(sk)->sec_level) {
324 case BT_SECURITY_HIGH: 329 case BT_SECURITY_HIGH:
325 auth_type = HCI_AT_GENERAL_BONDING_MITM; 330 return HCI_AT_GENERAL_BONDING_MITM;
326 break;
327 case BT_SECURITY_MEDIUM: 331 case BT_SECURITY_MEDIUM:
328 auth_type = HCI_AT_GENERAL_BONDING; 332 return HCI_AT_GENERAL_BONDING;
329 break;
330 default: 333 default:
331 auth_type = HCI_AT_NO_BONDING; 334 return HCI_AT_NO_BONDING;
332 break;
333 } 335 }
334 } 336 }
337}
338
339/* Service level security */
340static inline int l2cap_check_security(struct sock *sk)
341{
342 struct l2cap_conn *conn = l2cap_pi(sk)->conn;
343 __u8 auth_type;
344
345 auth_type = l2cap_get_auth_type(sk);
335 346
336 return hci_conn_security(conn->hcon, l2cap_pi(sk)->sec_level, 347 return hci_conn_security(conn->hcon, l2cap_pi(sk)->sec_level,
337 auth_type); 348 auth_type);
@@ -848,6 +859,7 @@ static void __l2cap_sock_close(struct sock *sk, int reason)
848 result = L2CAP_CR_SEC_BLOCK; 859 result = L2CAP_CR_SEC_BLOCK;
849 else 860 else
850 result = L2CAP_CR_BAD_PSM; 861 result = L2CAP_CR_BAD_PSM;
862 sk->sk_state = BT_DISCONN;
851 863
852 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid); 864 rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid);
853 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid); 865 rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid);
@@ -1068,39 +1080,7 @@ static int l2cap_do_connect(struct sock *sk)
1068 1080
1069 err = -ENOMEM; 1081 err = -ENOMEM;
1070 1082
1071 if (sk->sk_type == SOCK_RAW) { 1083 auth_type = l2cap_get_auth_type(sk);
1072 switch (l2cap_pi(sk)->sec_level) {
1073 case BT_SECURITY_HIGH:
1074 auth_type = HCI_AT_DEDICATED_BONDING_MITM;
1075 break;
1076 case BT_SECURITY_MEDIUM:
1077 auth_type = HCI_AT_DEDICATED_BONDING;
1078 break;
1079 default:
1080 auth_type = HCI_AT_NO_BONDING;
1081 break;
1082 }
1083 } else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) {
1084 if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)
1085 auth_type = HCI_AT_NO_BONDING_MITM;
1086 else
1087 auth_type = HCI_AT_NO_BONDING;
1088
1089 if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW)
1090 l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
1091 } else {
1092 switch (l2cap_pi(sk)->sec_level) {
1093 case BT_SECURITY_HIGH:
1094 auth_type = HCI_AT_GENERAL_BONDING_MITM;
1095 break;
1096 case BT_SECURITY_MEDIUM:
1097 auth_type = HCI_AT_GENERAL_BONDING;
1098 break;
1099 default:
1100 auth_type = HCI_AT_NO_BONDING;
1101 break;
1102 }
1103 }
1104 1084
1105 hcon = hci_connect(hdev, ACL_LINK, dst, 1085 hcon = hci_connect(hdev, ACL_LINK, dst,
1106 l2cap_pi(sk)->sec_level, auth_type); 1086 l2cap_pi(sk)->sec_level, auth_type);
@@ -1127,7 +1107,8 @@ static int l2cap_do_connect(struct sock *sk)
1127 if (sk->sk_type != SOCK_SEQPACKET && 1107 if (sk->sk_type != SOCK_SEQPACKET &&
1128 sk->sk_type != SOCK_STREAM) { 1108 sk->sk_type != SOCK_STREAM) {
1129 l2cap_sock_clear_timer(sk); 1109 l2cap_sock_clear_timer(sk);
1130 sk->sk_state = BT_CONNECTED; 1110 if (l2cap_check_security(sk))
1111 sk->sk_state = BT_CONNECTED;
1131 } else 1112 } else
1132 l2cap_do_start(sk); 1113 l2cap_do_start(sk);
1133 } 1114 }
@@ -1893,8 +1874,8 @@ static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct ms
1893 if (pi->mode == L2CAP_MODE_STREAMING) { 1874 if (pi->mode == L2CAP_MODE_STREAMING) {
1894 l2cap_streaming_send(sk); 1875 l2cap_streaming_send(sk);
1895 } else { 1876 } else {
1896 if (pi->conn_state & L2CAP_CONN_REMOTE_BUSY && 1877 if ((pi->conn_state & L2CAP_CONN_REMOTE_BUSY) &&
1897 pi->conn_state && L2CAP_CONN_WAIT_F) { 1878 (pi->conn_state & L2CAP_CONN_WAIT_F)) {
1898 err = len; 1879 err = len;
1899 break; 1880 break;
1900 } 1881 }