Commit Graph

52 Commits

Author SHA1 Message Date
Gustavo Padovan
cbe461c526 Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth
Conflicts:
	net/bluetooth/hci_event.c
2012-06-11 22:36:42 -03:00
Johan Hedberg
4dab786482 Bluetooth: Fix SMP security elevation from medium to high
If we have an unauthenticated key it is not sufficient to acheive high
security. Therefore, when deciding whether to encrypt the link or
request pairing, it is essential to in addition to checking the
existence of a key to also check whether it is authenticated or not.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-08 03:58:34 -03:00
Johan Hedberg
476585ecf0 Bluetooth: Fix SMP pairing method selection
The tk_request function takes the local IO capability as the second last
parameter and the remote IO capability as the last parameter. They were
previously swapped: when we receive a pairing response
req->io_capability contains the local one and rsp->io_capability the
remote one.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2012-06-08 01:50:15 -03:00
Gustavo Padovan
8c520a5992 Bluetooth: Remove unnecessary headers include
Most of the include were unnecessary or already included by some other
header.
Replace module.h by export.h where possible.

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2012-06-05 06:34:08 +03:00
Andrei Emeltchenko
58115373e7 Bluetooth: Correct ediv in SMP
ediv is already in little endian order.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-05-09 00:41:30 -03:00
Ido Yariv
fdde0a26a2 Bluetooth: Set security level on incoming pairing request
If a master would like to raise the security level, it will send a
pairing request. While the pending security level is set on an incoming
security request (from a slave), it is not set on a pairing request. As
a result, the security level would not be raised on the slave in such
case.

Fix this by setting the pending security when receiving pairing
requests according to the requested authorization.

Signed-off-by: Ido Yariv <ido@wizery.com>
Acked-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2012-03-08 02:26:04 -03:00
Ido Yariv
b3ff53ff00 Bluetooth: Fix access to the STK generation methods matrix
The major index of the table is actually the remote I/O capabilities, not
the local ones. As a result, devices with different I/O capabilities
could have used wrong or even unsupported generation methods.

Signed-off-by: Ido Yariv <ido@wizery.com>
CC: Brian Gix <bgix@codeaurora.org>
Acked-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2012-03-08 02:25:00 -03:00
Gustavo F. Padovan
04124681f1 Bluetooth: fix conding style issues all over the tree
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2012-03-08 02:02:26 -03:00
Marcel Holtmann
17b02e6256 Bluetooth: Update MGMT and SMP timeout constants to use msecs_to_jiffies
The MGMT and SMP timeout constants are always used in form of jiffies. So
just include the conversion from msecs in the define itself. This has the
advantage of making the code where the timeout is used more readable.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-03-02 00:35:57 +02:00
Johan Hedberg
bab73cb684 Bluetooth: Add address type to mgmt_ev_auth_failed
This patch updates the Authentication Failed mgmt event to match the
latest API specification by adding an address type to it.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
2012-02-13 17:01:37 +02:00
Johan Hedberg
272d90df2d Bluetooth: Add address type to user_confirm and user_passkey messages
This patch upadate the user confirm and user passkey mgmt messages to
match the latest API specification by adding an address type parameter
to them.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
2012-02-13 17:01:36 +02:00
Vinicius Costa Gomes
c9839a11c0 Bluetooth: Use the updated key structures for handling LTKs
This updates all the users of the older way, that was using the
link_keys list to store the SMP keys, to use the new way.

This includes defining new types for the keys, we have a type for each
combination of STK/LTK and Master/Slave.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-02-13 17:01:33 +02:00
Vinicius Costa Gomes
f1c09c07cd Bluetooth: Fix invalid memory access when there's no SMP channel
We only should try to free the SMP channel that was created if there
is a pending SMP session.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-02-13 17:01:31 +02:00
Vinicius Costa Gomes
f7aa611a0e Bluetooth: Rename smp_key_size to enc_key_size
This makes clear that this is the size of the key used to
encrypt the link.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2012-02-13 17:01:30 +02:00
Johan Hedberg
51a8efd7d0 Bluetooth: Rename conn->pend to conn->flags
These flags can and will be used for more general purpose values than
just pending state transitions so the more common name "flags" makes
more sense than "pend".

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
2012-02-13 17:01:28 +02:00
Johan Hedberg
a8b2d5c2cf Bluetooth: Move mgmt related flags from hdev->flags to hdev->dev_flags
There's no point in exposing these to user-space (which is what happens
to everything in hdev->flags) so move them to dev_flags instead.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
2012-02-13 17:01:25 +02:00
Hemant Gupta
3573b80c42 Bluetooth: Incorrect address while storing LTK.
This patch fixes incorrect address storage while storing
Long Term Key for LE Devices using SMP (Security Manager Protocol).
The address stored should be of remote device and not of source device.

Signed-off-by: Hemant Gupta <hemant.gupta@stericsson.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-12-23 16:55:06 -02:00
Brian Gix
2b64d153a0 Bluetooth: Add MITM mechanism to LE-SMP
To achive Man-In-The-Middle (MITM) level security with Low Energy,
we have to enable User Passkey Comparison.  This commit modifies the
hard-coded JUST-WORKS pairing mechanism to support query via the MGMT
interface of Passkey comparison and User Confirmation.

Signed-off-by: Brian Gix <bgix@codeaurora.org>
Acked-by: Marcel Holtmann<marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-12-22 14:18:59 -02:00
Gustavo F. Padovan
6c9d42a161 Bluetooth: convert security timer to delayed_work
This one also needs to run in process context

Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-12-20 17:07:03 -02:00
Brian Gix
4f957a7601 Bluetooth: Centralize SMP pairing failure handling
Signed-off-by: Brian Gix <bgix@codeaurora.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-12-01 22:54:37 +09:00
Brian Gix
c8eb969071 Bluetooth: Cleanup blkcipher on SMP termination
The blkcipher must be freed to avoid memory leak.

Signed-off-by: Brian Gix <bgix@codeaurora.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-12-01 22:53:46 +09:00
Luiz Augusto von Dentz
73d80deb7b Bluetooth: prioritizing data over HCI
This implement priority based scheduler using skbuffer priority set via
SO_PRIORITY socket option.

It introduces hci_chan_hash (list of HCI Channel/hci_chan) per connection,
each item in this list refer to a L2CAP connection and it is used to
queue the data for transmission.

Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-11-07 17:24:56 -02:00
Vinicius Costa Gomes
ca10b5ee0c Bluetooth: Remove support for other SMP keys than the LTK
For now, only the LTK is properly supported. We are able to receive
and generate the other types of keys, but we are not able to use
them. So it's better not request them to be distributed.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-09-21 12:59:16 -03:00
Vinicius Costa Gomes
feb45eb596 Bluetooth: Fix not setting a pending security level
For slave initiated security, we should set a default security level,
for now BT_SECURITY_MEDIUM.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-09-21 12:59:15 -03:00
Vinicius Costa Gomes
988c5997d3 Bluetooth: Use the LTK after receiving a LE Security Request
When receiving a security request from the remote device we should find
if there is already a LTK associated with the remote device, if found
we should use it to encrypt the link.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-09-21 12:59:15 -03:00
Vinicius Costa Gomes
0fb4eb6f63 Bluetooth: Fix sending wrong authentication requirements
Until we support any pairing method (Passkey Entry, OOB) that gives
MITM protection we shouldn't send that we have MITM protection.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-09-21 12:59:15 -03:00
Vinicius Costa Gomes
8aab47574a Bluetooth: Move SMP crypto functions to a workqueue
The function crypto_blkcipher_setkey() called by smp_e()
can sleep, so all the crypto work has to be moved to
hci_dev workqueue.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-09-21 12:58:12 -03:00
Vinicius Costa Gomes
1c1def09c4 Bluetooth: Move SMP fields to a separate structure
The objective is to make the core to have as little as possible
information about SMP procedures and logic. Now, all the SMP
specific information is hidden from the core.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-09-21 12:58:12 -03:00
Vinicius Costa Gomes
d26a234548 Bluetooth: Add a flag to indicate that SMP is going on
Add HCI_CONN_LE_SMP_PEND flag to indicate that SMP is pending
for that connection. This allows to have information that an SMP
procedure is going on for that connection.

We use the HCI_CONN_ENCRYPT_PEND to indicate that encryption
(HCI_LE_Start_Encryption) is pending for that connection.

While a SMP procedure is going on we hold an reference to the
connection, to avoid disconnections.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-09-21 12:58:11 -03:00
Vinicius Costa Gomes
e2dcd113d1 Bluetooth: Reset the security timer when a command is queued
Each time a SMP command is enqueued, we reset the SMP timer,
this way we follow exactly what the spec mandates:

"The Security Manager Timer shall be reset when an L2CAP SMP command is
queued for transmission." Vol. 3, Part H, Section 3.4

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-09-21 12:58:10 -03:00
Vinicius Costa Gomes
726b4ffcaa Bluetooth: Add support for storing the key size
In some cases it will be useful having the key size used for
encrypting the link. For example, some profiles may restrict
some operations depending on the key length.

The key size is stored in the key that is passed to userspace
using the pin_length field in the key structure.

For now this field is only valid for LE controllers. 3.0+HS
controllers define the Read Encryption Key Size command, this
field is intended for storing the value returned by that
command.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-07-08 18:39:19 -03:00
Vinicius Costa Gomes
0eb08e3398 Bluetooth: Remove unused field in hci_conn
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-07-08 17:37:22 -03:00
Vinicius Costa Gomes
02bc74556a Bluetooth: Use the stored LTK for restabilishing security
Now that it's possible that the exchanged key is present in
the link key list, we may be able to estabilish security with
an already existing key, without need to perform any SMP
procedure.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-07-08 17:37:18 -03:00
Vinicius Costa Gomes
e7e62c8592 Bluetooth: Use the link key list to temporarily store the STK
With this we can use only one place to store all keys, without
need to use a field in the connection structure for this
purpose.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-07-08 17:37:12 -03:00
Vinicius Costa Gomes
16b908396f Bluetooth: Add support for storing the LTK
Now when the LTK is received from the remote or generated it is stored,
so it can later be used.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-07-08 17:37:07 -03:00
Vinicius Costa Gomes
54790f73a3 Bluetooth: Fix SM pairing parameters negotiation
Before implementing SM key distribution, the pairing features
exchange must be better negotiated, taking into account some
features of the host and connection requirements.

If we are in the "not pairable" state, it makes no sense to
exchange any key. This allows for simplification of the key
negociation method.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-07-08 17:37:02 -03:00
Vinicius Costa Gomes
7034b911af Bluetooth: Add support for SMP phase 3 (key distribution)
This adds support for generating and distributing all the keys
specified in the third phase of SMP.

This will make possible to re-establish secure connections, resolve
private addresses and sign commands.

For now, the values generated are random.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-07-08 17:07:43 -03:00
Andre Guedes
2e65c9d2c5 Bluetooth: Remove enable_smp parameter
The enable_smp parameter is no longer needed. It can be replaced by
checking lmp_host_le_capable.

Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-07-06 19:10:45 -03:00
Stephen Rothwell
f70490e607 Bluetooth: include scatterlist.h where needed
net/bluetooth/smp.c: In function 'smp_e':
net/bluetooth/smp.c:49:21: error: storage size of 'sg' isn't known
net/bluetooth/smp.c:67:2: error: implicit declaration of function 'sg_init_one'
net/bluetooth/smp.c:49:21: warning: unused variable 'sg'

Caused by commit d22ef0bc83 ("Bluetooth: Add LE SMP Cryptoolbox
functions").  Missing include file, presumably.  This batch has been in
the bluetooth tree since June 14, so it may have been exposed by the
removal of linux/mm.h from netdevice.h ...

Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-06-24 15:08:48 -04:00
Vinicius Costa Gomes
3158c50c33 Bluetooth: Add key size checks for SMP
This patch implements a check in smp cmd pairing request and pairing
response to verify if encryption key maximum size is compatible in both
slave and master when SMP Pairing is requested. Keys are also masked to
the correct negotiated size.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-06-14 14:54:10 -03:00
Vinicius Costa Gomes
5d3de7df18 Bluetooth: Add support for SMP timeout
This patch adds support for disconnecting the link when SMP procedure
takes more than 30 seconds.

SMP begins when either the Pairing Request command is sent or the
Pairing Response is received, and it ends when the link is encrypted
(or terminated). Vol 3, Part H Section 3.4.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-06-14 14:54:05 -03:00
Vinicius Costa Gomes
da85e5e5af Bluetooth: Add support for Pairing features exchange
This patch implements a simple version of the SMP Pairing Features
exchange procedure (Vol. 3 Part H, Section 2.3.5.1).

For now, everything that would cause a Pairing Method different of
Just Works to be chosen is rejected.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-06-13 16:05:37 -03:00
Vinicius Costa Gomes
b8e66eacab Bluetooth: Add support for building pairing commands
Before we are able to do a proper exchange of pairing parameters,
we need a unified way of building pairing requests and responses.

For IO Capability we use the value that was set by userspace,
using the management interface.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-06-13 16:05:36 -03:00
Vinicius Costa Gomes
f1cb9af557 Bluetooth: Add support for resuming socket when SMP is finished
This adds support for resuming the user space traffic when SMP
negotiation is complete.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-06-13 16:05:34 -03:00
Vinicius Costa Gomes
9b3d67405b Bluetooth: Remove debug statements
Now that these commands are sent to the controller we can use hcidump
to verify that the correct values are produced.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-06-13 15:48:26 -03:00
Vinicius Costa Gomes
a7a595f675 Bluetooth: Add support for LE Start Encryption
This adds support for starting SMP Phase 2 Encryption, when the initial
SMP negotiation is successful. This adds the LE Start Encryption and LE
Long Term Key Request commands and related events.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-06-13 15:48:25 -03:00
Anderson Briglia
7d24ddcc11 Bluetooth: Add SMP confirmation checks methods
This patch includes support for generating and sending the random value
used to produce the confirmation value.

Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org>
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-06-13 15:48:25 -03:00
Anderson Briglia
f01ead3157 Bluetooth: Add SMP confirmation structs
This patch adds initial support for verifying the confirmation value
that the remote side has sent.

Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org>
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-06-13 15:48:24 -03:00
Anderson Briglia
d22ef0bc83 Bluetooth: Add LE SMP Cryptoolbox functions
This patch implements SMP crypto functions called ah, c1, s1 and e.
It also implements auxiliary functions. All These functions are needed
for SMP keys generation.

Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org>
Signed-off-by: Anderson Lizardo <anderson.lizardo@openbossa.org>
Signed-off-by: Bruna Moreira <bruna.moreira@openbossa.org>
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-06-13 15:48:23 -03:00
Vinicius Costa Gomes
3a0259bb80 Bluetooth: Add support for using the crypto subsystem
This will allow using the crypto subsystem for encrypting data. As SMP
(Security Manager Protocol) is implemented almost entirely on the host
side and the crypto module already implements the needed methods
(AES-128), it makes sense to use it.

There's now a new module option to enable/disable SMP support.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
2011-06-13 15:48:22 -03:00