ERTM timeouts are defined in milliseconds, but need to be converted
to jiffies when passed to mod_timer().
Signed-off-by: NMat Martineau <mathewm@codeaurora.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Signed-off-by: NMat Martineau <mathewm@codeaurora.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Recent changes to hci_core.c use crypto interfaces, so select CRYPTO
to make sure that those interfaces are present.

Fixes these build errors when CRYPTO is not enabled:

net/built-in.o: In function `hci_register_dev':
(.text+0x4cf86): undefined reference to `crypto_alloc_base'
net/built-in.o: In function `hci_unregister_dev':
(.text+0x4f912): undefined reference to `crypto_destroy_tfm'
Signed-off-by: NRandy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

net/bluetooth/smp.c: In function 'smp_e':
net/bluetooth/smp.c:49:21: error: storage size of 'sg' isn't known
net/bluetooth/smp.c:67:2: error: implicit declaration of function 'sg_init_one'
net/bluetooth/smp.c:49:21: warning: unused variable 'sg'

Caused by commit d22ef0bc ("Bluetooth: Add LE SMP Cryptoolbox
functions").  Missing include file, presumably.  This batch has been in
the bluetooth tree since June 14, so it may have been exposed by the
removal of linux/mm.h from netdevice.h ...
Signed-off-by: NStephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

When the connection is ready we should set the connection
to CONNECTED so userspace can use it.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

We already have access to the chan, we don't have to access the
socket to get its imtu.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

We should not try to do any other type of configuration for
LE links when they become ready.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

There was no unlock call on the errors path
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Instead of setting bits manually we use set_bit, test_bit, etc.
Also remove L2CAP_ prefix from macros.
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Instead of making the bit operations manually, we now use set_bit,
test_bit, etc.
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Management interface commands for blocking and unblocking devices.
Signed-off-by: NAntti Julku <antti.julku@nokia.com>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Move blacklisting functions to hci_core.c, so that they can
be used by both management interface and hci socket interface.
Signed-off-by: NAntti Julku <antti.julku@nokia.com>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

In hci_conn_security ( which is used during L2CAP connection
establishment ) test for HCI_CONN_ENCRYPT_PEND state also
sets this state, which is bogus and leads to connection time-out
on L2CAP sockets in certain situations (especially when
using non-ssp devices )
Signed-off-by: NIlia Kolomisnky <iliak@ti.com>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This patch implements a check in smp cmd pairing request and pairing
response to verify if encryption key maximum size is compatible in both
slave and master when SMP Pairing is requested. Keys are also masked to
the correct negotiated size.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NAnderson Briglia <anderson.briglia@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This patch adds support for disconnecting the link when SMP procedure
takes more than 30 seconds.

SMP begins when either the Pairing Request command is sent or the
Pairing Response is received, and it ends when the link is encrypted
(or terminated). Vol 3, Part H Section 3.4.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

When authentication completes we shouldn't blindly accept any pending
L2CAP connect requests. If the socket has the defer_setup feature
enabled it should still wait for user space acceptance of the connect
request. The issue only happens for non-SSP connections since with SSP
the L2CAP Connect request may not be sent for non-SDP PSMs before
authentication has completed successfully.
Signed-off-by: NJohan Hedberg <johan.hedberg@intel.com>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

The "dc" variable is initialized but not passed to hci_send_cmd().
Signed-off-by: NAnderson Lizardo <anderson.lizardo@openbossa.org>
Signed-off-by: NBruna Moreira <bruna.moreira@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This patch implements a simple version of the SMP Pairing Features
exchange procedure (Vol. 3 Part H, Section 2.3.5.1).

For now, everything that would cause a Pairing Method different of
Just Works to be chosen is rejected.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Before we are able to do a proper exchange of pairing parameters,
we need a unified way of building pairing requests and responses.

For IO Capability we use the value that was set by userspace,
using the management interface.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

As the default security level (BT_SECURITY_SDP) doesn't make sense for
LE links, initialize LE links with something that makes sense.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This adds support for resuming the user space traffic when SMP
negotiation is complete.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Now that these commands are sent to the controller we can use hcidump
to verify that the correct values are produced.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This adds support for starting SMP Phase 2 Encryption, when the initial
SMP negotiation is successful. This adds the LE Start Encryption and LE
Long Term Key Request commands and related events.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This patch includes support for generating and sending the random value
used to produce the confirmation value.
Signed-off-by: NAnderson Briglia <anderson.briglia@openbossa.org>
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This patch adds initial support for verifying the confirmation value
that the remote side has sent.
Signed-off-by: NAnderson Briglia <anderson.briglia@openbossa.org>
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This patch implements SMP crypto functions called ah, c1, s1 and e.
It also implements auxiliary functions. All These functions are needed
for SMP keys generation.
Signed-off-by: NAnderson Briglia <anderson.briglia@openbossa.org>
Signed-off-by: NAnderson Lizardo <anderson.lizardo@openbossa.org>
Signed-off-by: NBruna Moreira <bruna.moreira@openbossa.org>
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This will allow using the crypto subsystem for encrypting data. As SMP
(Security Manager Protocol) is implemented almost entirely on the host
side and the crypto module already implements the needed methods
(AES-128), it makes sense to use it.

There's now a new module option to enable/disable SMP support.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NAnderson Briglia <anderson.briglia@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This implementation only exchanges SMP messages between the Host and the
Remote. No keys are being generated. TK and STK generation will be
provided in further patches.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Start SMP procedure for LE connections. This modification intercepts
l2cap received frames and call proper SMP functions to start the SMP
procedure. By now, no keys are being used.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NAnderson Briglia <anderson.briglia@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

These simple commands will allow the SMP procedure to be started
and terminated with a not supported error. This is the first step
toward something useful.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NAnderson Briglia <anderson.briglia@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Otherwise the wrong error can be returned.
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

ERTM use the generic L2CAP timer functions to keep a reference to the
channel. This is useful for avoiding crashes.
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

We now plan to use l2cap_set_timer and l2cap_clear_timer in ERTM timers.
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

struct l2cap_chan has now its own refcnt that is compatible with the
socket refcnt, i.e., we won't see sk_refcnt = 0 and chan->refcnt > 0.
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Now socket state is tracked by struct sock and channel state is tracked by
chan->state. At this point both says the same, but this is going to change
when we add AMP Support for example.
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

close() calls l2cap_sock_kill() on l2cap_sock.c
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This abstracts the call to sock_queue_recv_skb() into
l2cap_chan_ops->recv().
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Add an abstraction layer between L2CAP core and its users (only
l2cap_sock.c now). The first function implemented is new_connection() that
replaces calls to l2cap_sock_alloc() in l2cap_core.c
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

As a first step to remove l2cap_sock_alloc() and l2cap_sock_init() from
l2cap_core.c
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

With older userspace versions (using hciops) it might not have the
key type to check if the key has sufficient security for any security
level so it is necessary to check the return of hci_conn_auth to make
sure the connection is authenticated
Signed-off-by: NLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
Acked-by: NJohan Hedberg <johan.hedberg@intel.com>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>