Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp690984ybb; Fri, 3 Apr 2020 10:02:01 -0700 (PDT) X-Google-Smtp-Source: APiQypJHWDjx8OlL/OjlLtdTqz9hMTtNSvp58zVt+bMS7tTn1Vl0bMMFk5jgXGe6Bc24zLY8vm1D X-Received: by 2002:a9d:6e8f:: with SMTP id a15mr7572000otr.188.1585933321693; Fri, 03 Apr 2020 10:02:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1585933321; cv=none; d=google.com; s=arc-20160816; b=I0LpXc0ZutTkwRuGLgWxpMkF+uUzJ0lJTnmLtnUzOHu4dHUDF9er9ePO11tOsus8OI tfoai1hWQ+mruysYr71K6j3B+Sa1m6JUxN5EG/3ZFSbWcWocJVbEPPA/EW9zEU/HooH9 USkkq6SfJki2pGD9PK9Yqca3Y3grgxDe/fAy68Su0Cdmwoog3RpHqsQw4d6u9gRoYLJm LkrvdHIFx1Bw95hk08dLgeQPPjt96irg+Gm6NZ0tGIH8ye7ZOOyAxMF8p66JVr4YWnfl btrqOnR2qM9n4v+WRg+bGkK2i/M/p6MqLOxghBIsPB7Cvty26qyU5c2NY7gk1sUkbsc9 XB7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=bwkcnt1Q6kSd3+5sG5/ToGd4WR3anu5TFbYEcqAjXB8=; b=nuLHR5bUgscprMM+U01kLhLernHHcKEeF8+g75VMvS4ymc9cDiZOr6mrokX0WqaeWi a6gZeFWpZy0U+TsNGSSIdvgX3DagAdBsKrUOgMhtZSnbFD/DIftNf/vjZxbK7nR6LAkl qDurWEMyBLJKxv+Njyftqtv7mJ93SNMj9B3B9dTqTHeklipPsuI02HoEBlIA2vCXZWqh wAVBM2+eyyP+DN1q66T8Y7txvNTaDctB4FKZDApEjlz9/VbSQzGAB6tVjlNNK4SelE3X frTWCKmyDYpU+vpoEGoUkHfIW5TLUyGAv56Z9QCEbOaKJei8jEbUuFt5qXspSIzRWkcY S9AQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=q1PSJMZZ; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c26si4704138ooe.30.2020.04.03.10.01.44; Fri, 03 Apr 2020 10:02:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=q1PSJMZZ; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728188AbgDCRBa (ORCPT + 99 others); Fri, 3 Apr 2020 13:01:30 -0400 Received: from mail-lf1-f68.google.com ([209.85.167.68]:39871 "EHLO mail-lf1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728117AbgDCRBa (ORCPT ); Fri, 3 Apr 2020 13:01:30 -0400 Received: by mail-lf1-f68.google.com with SMTP id h6so6397510lfp.6 for ; Fri, 03 Apr 2020 10:01:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=bwkcnt1Q6kSd3+5sG5/ToGd4WR3anu5TFbYEcqAjXB8=; b=q1PSJMZZcW7Urx361aAGycIIB22UiHuMBnOk0HDHpOvzpgVYlHIUaU3WFh7Arzgo8w SiBOFupe8tksrejCh+xp45GuatduGpDGqcoQcC6amyvfcE/V0MYIij/QhpD61XGuROMc sU7ig/VkyB40MER85R7uDH2Uw34KSNz09q5freejrBMSTenDg9yNdZQghMmos8c3IuE2 +glzptGBTPFuP0iSWAUhybFv8n+nYMISiAuRWqM3QibnmGt9+I1kj5+vywnd4mDBNAB4 3Ynzub9B9V7+u0H84JemFafQK8+QxNbKEbCJMXc99BF32a0Z+47/kRt9YEto50D/johB ktAQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=bwkcnt1Q6kSd3+5sG5/ToGd4WR3anu5TFbYEcqAjXB8=; b=fBiihfW7p1l3ERpJTogpmgM+/sENSVG6pjy1cqf+rKHUM3r6FBSoiveWz7XKYO18ws CAFq+Ea81AvtqvONSQM48Lyr6X1by8KYnmyjWJMDPs5F1LMzxH19zBATnBRPgnOom8Z+ a4j2sMDVfudPb8sCpgUjEAuVRQepQCZmMHHwv8U7SL2nY509zN8gWMfmIux3NTUdLdaU 3FmJciSwyaPcs3/QGw5IPNPPrYLj1niNUTxNLPUDBBM7qUHXW4cBqHoNna/S+MEkKojk +5MHnMrvClTrpSu/6LM43Pzf9ffRXJP0pKEsTKtTm7GLyIvec442hg+q9iKC67yrKpAM dn7A== X-Gm-Message-State: AGi0PuaBjBr85tC/6gQRuZBy7QG++AwbBWsuFpCHONQAOTb3EIGRuGhb AfS1JOmdPDdMNpjQDHtgbbBiKwpfBnUKLvNfikjZNO71 X-Received: by 2002:ac2:5e36:: with SMTP id o22mr6141889lfg.142.1585933286004; Fri, 03 Apr 2020 10:01:26 -0700 (PDT) MIME-Version: 1.0 References: <20200402132956.642267-1-marcel@holtmann.org> <1D4E9B3D-5BB6-4153-9982-B16E5E588C06@holtmann.org> In-Reply-To: <1D4E9B3D-5BB6-4153-9982-B16E5E588C06@holtmann.org> From: Alain Michaud Date: Fri, 3 Apr 2020 13:01:14 -0400 Message-ID: Subject: Re: [PATCH 1/2] Bluetooth: Add support for reading security information To: Marcel Holtmann Cc: BlueZ Content-Type: text/plain; charset="UTF-8" Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org Reviewed-by: Alain Michaud On Fri, Apr 3, 2020 at 1:00 PM Marcel Holtmann wrote: > > Hi Alain, > > >> To allow userspace to make correcty security policy decision, the kernel > >> needs to export a few details of the supported security features and > >> encryption key size information. This command exports this information > >> and also allows future extensions if needed. > >> > >> Signed-off-by: Marcel Holtmann > >> --- > >> include/net/bluetooth/mgmt.h | 7 +++++ > >> net/bluetooth/mgmt.c | 53 ++++++++++++++++++++++++++++++++++++ > >> 2 files changed, 60 insertions(+) > >> > >> diff --git a/include/net/bluetooth/mgmt.h b/include/net/bluetooth/mgmt.h > >> index f41cd87550dc..65dd6fd1fff3 100644 > >> --- a/include/net/bluetooth/mgmt.h > >> +++ b/include/net/bluetooth/mgmt.h > >> @@ -674,6 +674,13 @@ struct mgmt_cp_set_blocked_keys { > >> > >> #define MGMT_OP_SET_WIDEBAND_SPEECH 0x0047 > >> > >> +#define MGMT_OP_READ_SECURITY_INFO 0x0048 > >> +#define MGMT_READ_SECURITY_INFO_SIZE 0 > >> +struct mgmt_rp_read_security_info { > >> + __le16 sec_len; > >> + __u8 sec[0]; > >> +} __packed; > >> + > >> #define MGMT_EV_CMD_COMPLETE 0x0001 > >> struct mgmt_ev_cmd_complete { > >> __le16 opcode; > >> diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c > >> index 6552003a170e..7b9eac339c87 100644 > >> --- a/net/bluetooth/mgmt.c > >> +++ b/net/bluetooth/mgmt.c > >> @@ -108,6 +108,7 @@ static const u16 mgmt_commands[] = { > >> MGMT_OP_SET_APPEARANCE, > >> MGMT_OP_SET_BLOCKED_KEYS, > >> MGMT_OP_SET_WIDEBAND_SPEECH, > >> + MGMT_OP_READ_SECURITY_INFO, > >> }; > >> > >> static const u16 mgmt_events[] = { > >> @@ -155,6 +156,7 @@ static const u16 mgmt_untrusted_commands[] = { > >> MGMT_OP_READ_CONFIG_INFO, > >> MGMT_OP_READ_EXT_INDEX_LIST, > >> MGMT_OP_READ_EXT_INFO, > >> + MGMT_OP_READ_SECURITY_INFO, > >> }; > >> > >> static const u16 mgmt_untrusted_events[] = { > >> @@ -3659,6 +3661,55 @@ static int set_wideband_speech(struct sock *sk, struct hci_dev *hdev, > >> return err; > >> } > >> > >> +static int read_security_info(struct sock *sk, struct hci_dev *hdev, > >> + void *data, u16 data_len) > >> +{ > >> + char buf[16]; > >> + struct mgmt_rp_read_security_info *rp = (void *)buf; > >> + u16 sec_len = 0; > >> + u8 flags = 0; > >> + > >> + bt_dev_dbg(hdev, "sock %p", sk); > >> + > >> + memset(&buf, 0, sizeof(buf)); > >> + > >> + hci_dev_lock(hdev); > >> + > >> + /* When the Read Simple Pairing Options command is supported, then > >> + * the remote public key validation is supported. > >> + */ > >> + if (hdev->commands[41] & 0x08) > >> + flags |= 0x01; /* Remote public key validation (BR/EDR) */ > >> + > >> + flags |= 0x02; /* Remote public key validation (LE) */ > >> + > >> + /* When the Read Encryption Key Size command is supported, then the > >> + * encryption key size is enforced. > >> + */ > >> + if (hdev->commands[20] & 0x10) > >> + flags |= 0x04; /* Encryption key size enforcement (BR/EDR) */ > >> + > >> + flags |= 0x08; /* Encryption key size enforcement (LE) */ > >> + > >> + sec_len = eir_append_data(rp->sec, sec_len, 0x01, &flags, 1); > >> + > >> + /* When the Read Simple Pairing Options command is supported, then > >> + * also max encryption key size information is provided. > >> + */ > >> + if (hdev->commands[41] & 0x08) > >> + sec_len = eir_append_le16(rp->sec, sec_len, 0x02, > >> + hdev->max_enc_key_size); > >> + > >> + sec_len = eir_append_le16(rp->sec, sec_len, 0x03, SMP_MAX_ENC_KEY_SIZE); > >> + > >> + rp->sec_len = cpu_to_le16(sec_len); > >> + > >> + hci_dev_unlock(hdev); > >> + > >> + return mgmt_cmd_complete(sk, hdev->id, MGMT_OP_READ_SECURITY_INFO, 0, > >> + rp, sizeof(*rp) + sec_len); > >> +} > >> + > >> static void read_local_oob_data_complete(struct hci_dev *hdev, u8 status, > >> u16 opcode, struct sk_buff *skb) > >> { > >> @@ -7099,6 +7150,8 @@ static const struct hci_mgmt_handler mgmt_handlers[] = { > >> { set_blocked_keys, MGMT_OP_SET_BLOCKED_KEYS_SIZE, > >> HCI_MGMT_VAR_LEN }, > >> { set_wideband_speech, MGMT_SETTING_SIZE }, > >> + { read_security_info, MGMT_READ_SECURITY_INFO_SIZE, > >> + HCI_MGMT_UNTRUSTED }, > >> }; > >> > >> void mgmt_index_added(struct hci_dev *hdev) > >> -- > >> 2.25.1 > >> > > LGTM. > > Can I treat these as Reviewed-by: Alain Michaud ? > > Regards > > Marcel >