diff options
Diffstat (limited to 'net/bluetooth/l2cap.c')
-rw-r--r-- | net/bluetooth/l2cap.c | 85 |
1 files changed, 33 insertions, 52 deletions
diff --git a/net/bluetooth/l2cap.c b/net/bluetooth/l2cap.c index c791fcda7b2d..675614e38e14 100644 --- a/net/bluetooth/l2cap.c +++ b/net/bluetooth/l2cap.c | |||
@@ -305,33 +305,44 @@ static void l2cap_chan_del(struct sock *sk, int err) | |||
305 | } | 305 | } |
306 | } | 306 | } |
307 | 307 | ||
308 | /* Service level security */ | 308 | static inline u8 l2cap_get_auth_type(struct sock *sk) |
309 | static inline int l2cap_check_security(struct sock *sk) | ||
310 | { | 309 | { |
311 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | 310 | if (sk->sk_type == SOCK_RAW) { |
312 | __u8 auth_type; | 311 | switch (l2cap_pi(sk)->sec_level) { |
312 | case BT_SECURITY_HIGH: | ||
313 | return HCI_AT_DEDICATED_BONDING_MITM; | ||
314 | case BT_SECURITY_MEDIUM: | ||
315 | return HCI_AT_DEDICATED_BONDING; | ||
316 | default: | ||
317 | return HCI_AT_NO_BONDING; | ||
318 | } | ||
319 | } else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) { | ||
320 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW) | ||
321 | l2cap_pi(sk)->sec_level = BT_SECURITY_SDP; | ||
313 | 322 | ||
314 | if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) { | ||
315 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH) | 323 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH) |
316 | auth_type = HCI_AT_NO_BONDING_MITM; | 324 | return HCI_AT_NO_BONDING_MITM; |
317 | else | 325 | else |
318 | auth_type = HCI_AT_NO_BONDING; | 326 | return HCI_AT_NO_BONDING; |
319 | |||
320 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW) | ||
321 | l2cap_pi(sk)->sec_level = BT_SECURITY_SDP; | ||
322 | } else { | 327 | } else { |
323 | switch (l2cap_pi(sk)->sec_level) { | 328 | switch (l2cap_pi(sk)->sec_level) { |
324 | case BT_SECURITY_HIGH: | 329 | case BT_SECURITY_HIGH: |
325 | auth_type = HCI_AT_GENERAL_BONDING_MITM; | 330 | return HCI_AT_GENERAL_BONDING_MITM; |
326 | break; | ||
327 | case BT_SECURITY_MEDIUM: | 331 | case BT_SECURITY_MEDIUM: |
328 | auth_type = HCI_AT_GENERAL_BONDING; | 332 | return HCI_AT_GENERAL_BONDING; |
329 | break; | ||
330 | default: | 333 | default: |
331 | auth_type = HCI_AT_NO_BONDING; | 334 | return HCI_AT_NO_BONDING; |
332 | break; | ||
333 | } | 335 | } |
334 | } | 336 | } |
337 | } | ||
338 | |||
339 | /* Service level security */ | ||
340 | static inline int l2cap_check_security(struct sock *sk) | ||
341 | { | ||
342 | struct l2cap_conn *conn = l2cap_pi(sk)->conn; | ||
343 | __u8 auth_type; | ||
344 | |||
345 | auth_type = l2cap_get_auth_type(sk); | ||
335 | 346 | ||
336 | return hci_conn_security(conn->hcon, l2cap_pi(sk)->sec_level, | 347 | return hci_conn_security(conn->hcon, l2cap_pi(sk)->sec_level, |
337 | auth_type); | 348 | auth_type); |
@@ -848,6 +859,7 @@ static void __l2cap_sock_close(struct sock *sk, int reason) | |||
848 | result = L2CAP_CR_SEC_BLOCK; | 859 | result = L2CAP_CR_SEC_BLOCK; |
849 | else | 860 | else |
850 | result = L2CAP_CR_BAD_PSM; | 861 | result = L2CAP_CR_BAD_PSM; |
862 | sk->sk_state = BT_DISCONN; | ||
851 | 863 | ||
852 | rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid); | 864 | rsp.scid = cpu_to_le16(l2cap_pi(sk)->dcid); |
853 | rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid); | 865 | rsp.dcid = cpu_to_le16(l2cap_pi(sk)->scid); |
@@ -1068,39 +1080,7 @@ static int l2cap_do_connect(struct sock *sk) | |||
1068 | 1080 | ||
1069 | err = -ENOMEM; | 1081 | err = -ENOMEM; |
1070 | 1082 | ||
1071 | if (sk->sk_type == SOCK_RAW) { | 1083 | auth_type = l2cap_get_auth_type(sk); |
1072 | switch (l2cap_pi(sk)->sec_level) { | ||
1073 | case BT_SECURITY_HIGH: | ||
1074 | auth_type = HCI_AT_DEDICATED_BONDING_MITM; | ||
1075 | break; | ||
1076 | case BT_SECURITY_MEDIUM: | ||
1077 | auth_type = HCI_AT_DEDICATED_BONDING; | ||
1078 | break; | ||
1079 | default: | ||
1080 | auth_type = HCI_AT_NO_BONDING; | ||
1081 | break; | ||
1082 | } | ||
1083 | } else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) { | ||
1084 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH) | ||
1085 | auth_type = HCI_AT_NO_BONDING_MITM; | ||
1086 | else | ||
1087 | auth_type = HCI_AT_NO_BONDING; | ||
1088 | |||
1089 | if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW) | ||
1090 | l2cap_pi(sk)->sec_level = BT_SECURITY_SDP; | ||
1091 | } else { | ||
1092 | switch (l2cap_pi(sk)->sec_level) { | ||
1093 | case BT_SECURITY_HIGH: | ||
1094 | auth_type = HCI_AT_GENERAL_BONDING_MITM; | ||
1095 | break; | ||
1096 | case BT_SECURITY_MEDIUM: | ||
1097 | auth_type = HCI_AT_GENERAL_BONDING; | ||
1098 | break; | ||
1099 | default: | ||
1100 | auth_type = HCI_AT_NO_BONDING; | ||
1101 | break; | ||
1102 | } | ||
1103 | } | ||
1104 | 1084 | ||
1105 | hcon = hci_connect(hdev, ACL_LINK, dst, | 1085 | hcon = hci_connect(hdev, ACL_LINK, dst, |
1106 | l2cap_pi(sk)->sec_level, auth_type); | 1086 | l2cap_pi(sk)->sec_level, auth_type); |
@@ -1127,7 +1107,8 @@ static int l2cap_do_connect(struct sock *sk) | |||
1127 | if (sk->sk_type != SOCK_SEQPACKET && | 1107 | if (sk->sk_type != SOCK_SEQPACKET && |
1128 | sk->sk_type != SOCK_STREAM) { | 1108 | sk->sk_type != SOCK_STREAM) { |
1129 | l2cap_sock_clear_timer(sk); | 1109 | l2cap_sock_clear_timer(sk); |
1130 | sk->sk_state = BT_CONNECTED; | 1110 | if (l2cap_check_security(sk)) |
1111 | sk->sk_state = BT_CONNECTED; | ||
1131 | } else | 1112 | } else |
1132 | l2cap_do_start(sk); | 1113 | l2cap_do_start(sk); |
1133 | } | 1114 | } |
@@ -1893,8 +1874,8 @@ static int l2cap_sock_sendmsg(struct kiocb *iocb, struct socket *sock, struct ms | |||
1893 | if (pi->mode == L2CAP_MODE_STREAMING) { | 1874 | if (pi->mode == L2CAP_MODE_STREAMING) { |
1894 | l2cap_streaming_send(sk); | 1875 | l2cap_streaming_send(sk); |
1895 | } else { | 1876 | } else { |
1896 | if (pi->conn_state & L2CAP_CONN_REMOTE_BUSY && | 1877 | if ((pi->conn_state & L2CAP_CONN_REMOTE_BUSY) && |
1897 | pi->conn_state && L2CAP_CONN_WAIT_F) { | 1878 | (pi->conn_state & L2CAP_CONN_WAIT_F)) { |
1898 | err = len; | 1879 | err = len; |
1899 | break; | 1880 | break; |
1900 | } | 1881 | } |