ip: make IP identifiers less predictable

[karo-tx-linux.git] / net / bluetooth / smp.c
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c

index f2829a7932e24162063596d0057b590a8e225aa2..e33a982161c1db063b5cb96f06a10babb5f0b436 100644 (file)
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -385,6 +385,16 @@ static const u8 gen_method[5][5] = {
         { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP     },
  };
  
+static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
+{
+       /* If either side has unknown io_caps, use JUST WORKS */
+       if (local_io > SMP_IO_KEYBOARD_DISPLAY ||
+           remote_io > SMP_IO_KEYBOARD_DISPLAY)
+               return JUST_WORKS;
+
+       return gen_method[remote_io][local_io];
+}
+
  static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
                                                 u8 local_io, u8 remote_io)
  {
@@ -401,14 +411,11 @@ static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
         BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
  
         /* If neither side wants MITM, use JUST WORKS */
-       /* If either side has unknown io_caps, use JUST WORKS */
         /* Otherwise, look up method from the table */
-       if (!(auth & SMP_AUTH_MITM) ||
-           local_io > SMP_IO_KEYBOARD_DISPLAY ||
-           remote_io > SMP_IO_KEYBOARD_DISPLAY)
+       if (!(auth & SMP_AUTH_MITM))
                 method = JUST_WORKS;
         else
-               method = gen_method[remote_io][local_io];
+               method = get_auth_method(smp, local_io, remote_io);
  
         /* If not bonding, don't ask user to confirm a Zero TK */
         if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM)
@@ -669,7 +676,7 @@ static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
  {
         struct smp_cmd_pairing rsp, *req = (void *) skb->data;
         struct smp_chan *smp;
-       u8 key_size, auth;
+       u8 key_size, auth, sec_level;
         int ret;
  
         BT_DBG("conn %p", conn);
@@ -695,7 +702,19 @@ static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
         /* We didn't start the pairing, so match remote */
         auth = req->auth_req;
  
-       conn->hcon->pending_sec_level = authreq_to_seclevel(auth);
+       sec_level = authreq_to_seclevel(auth);
+       if (sec_level > conn->hcon->pending_sec_level)
+               conn->hcon->pending_sec_level = sec_level;
+
+       /* If we need MITM check that it can be acheived */
+       if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
+               u8 method;
+
+               method = get_auth_method(smp, conn->hcon->io_capability,
+                                        req->io_capability);
+               if (method == JUST_WORKS || method == JUST_CFM)
+                       return SMP_AUTH_REQUIREMENTS;
+       }
  
         build_pairing_cmd(conn, req, &rsp, auth);
  
@@ -743,6 +762,16 @@ static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
         if (check_enc_key_size(conn, key_size))
                 return SMP_ENC_KEY_SIZE;
  
+       /* If we need MITM check that it can be acheived */
+       if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
+               u8 method;
+
+               method = get_auth_method(smp, req->io_capability,
+                                        rsp->io_capability);
+               if (method == JUST_WORKS || method == JUST_CFM)
+                       return SMP_AUTH_REQUIREMENTS;
+       }
+
         get_random_bytes(smp->prnd, sizeof(smp->prnd));
  
         smp->prsp[0] = SMP_CMD_PAIRING_RSP;
@@ -838,6 +867,7 @@ static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
         struct smp_cmd_pairing cp;
         struct hci_conn *hcon = conn->hcon;
         struct smp_chan *smp;
+       u8 sec_level;
  
         BT_DBG("conn %p", conn);
  
@@ -847,7 +877,9 @@ static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
         if (!(conn->hcon->link_mode & HCI_LM_MASTER))
                 return SMP_CMD_NOTSUPP;
  
-       hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req);
+       sec_level = authreq_to_seclevel(rp->auth_req);
+       if (sec_level > hcon->pending_sec_level)
+               hcon->pending_sec_level = sec_level;
  
         if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
                 return 0;
@@ -901,9 +933,12 @@ int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
         if (smp_sufficient_security(hcon, sec_level))
                 return 1;
  
+       if (sec_level > hcon->pending_sec_level)
+               hcon->pending_sec_level = sec_level;
+
         if (hcon->link_mode & HCI_LM_MASTER)
-               if (smp_ltk_encrypt(conn, sec_level))
-                       goto done;
+               if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
+                       return 0;
  
         if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
                 return 0;
@@ -918,7 +953,7 @@ int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
          * requires it.
          */
         if (hcon->io_capability != HCI_IO_NO_INPUT_OUTPUT ||
-           sec_level > BT_SECURITY_MEDIUM)
+           hcon->pending_sec_level > BT_SECURITY_MEDIUM)
                 authreq |= SMP_AUTH_MITM;
  
         if (hcon->link_mode & HCI_LM_MASTER) {
@@ -937,9 +972,6 @@ int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
  
         set_bit(SMP_FLAG_INITIATOR, &smp->flags);
  
-done:
-       hcon->pending_sec_level = sec_level;
-
         return 0;
  }