If a master would like to raise the security level, it will send a
pairing request. While the pending security level is set on an incoming
security request (from a slave), it is not set on a pairing request. As
a result, the security level would not be raised on the slave in such
case.

Fix this by setting the pending security when receiving pairing
requests according to the requested authorization.
Signed-off-by: NIdo Yariv <ido@wizery.com>
Acked-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

The major index of the table is actually the remote I/O capabilities, not
the local ones. As a result, devices with different I/O capabilities
could have used wrong or even unsupported generation methods.
Signed-off-by: NIdo Yariv <ido@wizery.com>
CC: Brian Gix <bgix@codeaurora.org>
Acked-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

The MGMT and SMP timeout constants are always used in form of jiffies. So
just include the conversion from msecs in the define itself. This has the
advantage of making the code where the timeout is used more readable.
Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
Signed-off-by: NJohan Hedberg <johan.hedberg@intel.com>

This patch updates the Authentication Failed mgmt event to match the
latest API specification by adding an address type to it.
Signed-off-by: NJohan Hedberg <johan.hedberg@intel.com>
Acked-by: NMarcel Holtmann <marcel@holtmann.org>

This patch upadate the user confirm and user passkey mgmt messages to
match the latest API specification by adding an address type parameter
to them.
Signed-off-by: NJohan Hedberg <johan.hedberg@intel.com>
Acked-by: NMarcel Holtmann <marcel@holtmann.org>

This updates all the users of the older way, that was using the
link_keys list to store the SMP keys, to use the new way.

This includes defining new types for the keys, we have a type for each
combination of STK/LTK and Master/Slave.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Acked-by: NMarcel Holtmann <marcel@holtmann.org>
Signed-off-by: NJohan Hedberg <johan.hedberg@intel.com>

We only should try to free the SMP channel that was created if there
is a pending SMP session.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Acked-by: NMarcel Holtmann <marcel@holtmann.org>
Signed-off-by: NJohan Hedberg <johan.hedberg@intel.com>

This makes clear that this is the size of the key used to
encrypt the link.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Acked-by: NMarcel Holtmann <marcel@holtmann.org>
Signed-off-by: NJohan Hedberg <johan.hedberg@intel.com>

These flags can and will be used for more general purpose values than
just pending state transitions so the more common name "flags" makes
more sense than "pend".
Signed-off-by: NJohan Hedberg <johan.hedberg@intel.com>
Acked-by: NMarcel Holtmann <marcel@holtmann.org>

There's no point in exposing these to user-space (which is what happens
to everything in hdev->flags) so move them to dev_flags instead.
Signed-off-by: NJohan Hedberg <johan.hedberg@intel.com>
Acked-by: NMarcel Holtmann <marcel@holtmann.org>

This patch fixes incorrect address storage while storing
Long Term Key for LE Devices using SMP (Security Manager Protocol).
The address stored should be of remote device and not of source device.
Signed-off-by: NHemant Gupta <hemant.gupta@stericsson.com>
Acked-by: NMarcel Holtmann <marcel@holtmann.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

To achive Man-In-The-Middle (MITM) level security with Low Energy,
we have to enable User Passkey Comparison.  This commit modifies the
hard-coded JUST-WORKS pairing mechanism to support query via the MGMT
interface of Passkey comparison and User Confirmation.
Signed-off-by: NBrian Gix <bgix@codeaurora.org>
Acked-by: Marcel Holtmann<marcel@holtmann.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This one also needs to run in process context
Acked-by: NMarcel Holtmann <marcel@holtmann.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Signed-off-by: NBrian Gix <bgix@codeaurora.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

The blkcipher must be freed to avoid memory leak.
Signed-off-by: NBrian Gix <bgix@codeaurora.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This implement priority based scheduler using skbuffer priority set via
SO_PRIORITY socket option.

It introduces hci_chan_hash (list of HCI Channel/hci_chan) per connection,
each item in this list refer to a L2CAP connection and it is used to
queue the data for transmission.
Signed-off-by: NLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
Acked-by: NMarcel Holtmann <marcel@holtmann.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

For now, only the LTK is properly supported. We are able to receive
and generate the other types of keys, but we are not able to use
them. So it's better not request them to be distributed.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

For slave initiated security, we should set a default security level,
for now BT_SECURITY_MEDIUM.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

When receiving a security request from the remote device we should find
if there is already a LTK associated with the remote device, if found
we should use it to encrypt the link.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Until we support any pairing method (Passkey Entry, OOB) that gives
MITM protection we shouldn't send that we have MITM protection.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

The function crypto_blkcipher_setkey() called by smp_e()
can sleep, so all the crypto work has to be moved to
hci_dev workqueue.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

The objective is to make the core to have as little as possible
information about SMP procedures and logic. Now, all the SMP
specific information is hidden from the core.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Add HCI_CONN_LE_SMP_PEND flag to indicate that SMP is pending
for that connection. This allows to have information that an SMP
procedure is going on for that connection.

We use the HCI_CONN_ENCRYPT_PEND to indicate that encryption
(HCI_LE_Start_Encryption) is pending for that connection.

While a SMP procedure is going on we hold an reference to the
connection, to avoid disconnections.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Each time a SMP command is enqueued, we reset the SMP timer,
this way we follow exactly what the spec mandates:

"The Security Manager Timer shall be reset when an L2CAP SMP command is
queued for transmission." Vol. 3, Part H, Section 3.4
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

In some cases it will be useful having the key size used for
encrypting the link. For example, some profiles may restrict
some operations depending on the key length.

The key size is stored in the key that is passed to userspace
using the pin_length field in the key structure.

For now this field is only valid for LE controllers. 3.0+HS
controllers define the Read Encryption Key Size command, this
field is intended for storing the value returned by that
command.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Now that it's possible that the exchanged key is present in
the link key list, we may be able to estabilish security with
an already existing key, without need to perform any SMP
procedure.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

With this we can use only one place to store all keys, without
need to use a field in the connection structure for this
purpose.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Now when the LTK is received from the remote or generated it is stored,
so it can later be used.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Before implementing SM key distribution, the pairing features
exchange must be better negotiated, taking into account some
features of the host and connection requirements.

If we are in the "not pairable" state, it makes no sense to
exchange any key. This allows for simplification of the key
negociation method.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This adds support for generating and distributing all the keys
specified in the third phase of SMP.

This will make possible to re-establish secure connections, resolve
private addresses and sign commands.

For now, the values generated are random.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

The enable_smp parameter is no longer needed. It can be replaced by
checking lmp_host_le_capable.
Signed-off-by: NAndre Guedes <andre.guedes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

net/bluetooth/smp.c: In function 'smp_e':
net/bluetooth/smp.c:49:21: error: storage size of 'sg' isn't known
net/bluetooth/smp.c:67:2: error: implicit declaration of function 'sg_init_one'
net/bluetooth/smp.c:49:21: warning: unused variable 'sg'

Caused by commit d22ef0bc ("Bluetooth: Add LE SMP Cryptoolbox
functions").  Missing include file, presumably.  This batch has been in
the bluetooth tree since June 14, so it may have been exposed by the
removal of linux/mm.h from netdevice.h ...
Signed-off-by: NStephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

This patch implements a check in smp cmd pairing request and pairing
response to verify if encryption key maximum size is compatible in both
slave and master when SMP Pairing is requested. Keys are also masked to
the correct negotiated size.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NAnderson Briglia <anderson.briglia@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This patch adds support for disconnecting the link when SMP procedure
takes more than 30 seconds.

SMP begins when either the Pairing Request command is sent or the
Pairing Response is received, and it ends when the link is encrypted
(or terminated). Vol 3, Part H Section 3.4.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This patch implements a simple version of the SMP Pairing Features
exchange procedure (Vol. 3 Part H, Section 2.3.5.1).

For now, everything that would cause a Pairing Method different of
Just Works to be chosen is rejected.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Before we are able to do a proper exchange of pairing parameters,
we need a unified way of building pairing requests and responses.

For IO Capability we use the value that was set by userspace,
using the management interface.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

This adds support for resuming the user space traffic when SMP
negotiation is complete.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>

Now that these commands are sent to the controller we can use hcidump
to verify that the correct values are produced.
Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: NGustavo F. Padovan <padovan@profusion.mobi>