Bluetooth: controller: implementing state check for ENC reply API

erbr-ot · carlescufi · commit 025b9745d3d7 · 2022-04-27T10:09:03.000+02:00
Now checking that encryption procedure is in correct state to accept
a reply from host.

Signed-off-by: Erik Brockhoff &lt;erbr@oticon.com&gt;
diff --git a/subsys/bluetooth/controller/ll_sw/ull_llcp.c b/subsys/bluetooth/controller/ll_sw/ull_llcp.c
@@ -838,27 +838,31 @@ uint8_t ull_cp_data_length_update(struct ll_conn *conn, uint16_t max_tx_octets,
 #endif /* CONFIG_BT_CTLR_DATA_LENGTH */
 
 #if defined(CONFIG_BT_CTLR_LE_ENC)
-void ull_cp_ltk_req_reply(struct ll_conn *conn, const uint8_t ltk[16])
+uint8_t ull_cp_ltk_req_reply(struct ll_conn *conn, const uint8_t ltk[16])
 {
-	/* TODO(thoh): Call rp_enc to query if LTK request reply is allowed */
 	struct proc_ctx *ctx;
 
 	ctx = llcp_rr_peek(conn);
-	if (ctx && (ctx->proc == PROC_ENCRYPTION_START || ctx->proc == PROC_ENCRYPTION_PAUSE)) {
+	if (ctx && (ctx->proc == PROC_ENCRYPTION_START || ctx->proc == PROC_ENCRYPTION_PAUSE) &&
+	    llcp_rp_enc_ltk_req_reply_allowed(conn, ctx)) {
 		memcpy(ctx->data.enc.ltk, ltk, sizeof(ctx->data.enc.ltk));
 		llcp_rp_enc_ltk_req_reply(conn, ctx);
+		return BT_HCI_ERR_SUCCESS;
 	}
+	return BT_HCI_ERR_CMD_DISALLOWED;
 }
 
-void ull_cp_ltk_req_neq_reply(struct ll_conn *conn)
+uint8_t ull_cp_ltk_req_neq_reply(struct ll_conn *conn)
 {
-	/* TODO(thoh): Call rp_enc to query if LTK negative request reply is allowed */
 	struct proc_ctx *ctx;
 
 	ctx = llcp_rr_peek(conn);
-	if (ctx && (ctx->proc == PROC_ENCRYPTION_START || ctx->proc == PROC_ENCRYPTION_PAUSE)) {
+	if (ctx && (ctx->proc == PROC_ENCRYPTION_START || ctx->proc == PROC_ENCRYPTION_PAUSE) &&
+	    llcp_rp_enc_ltk_req_reply_allowed(conn, ctx)) {
 		llcp_rp_enc_ltk_req_neg_reply(conn, ctx);
+		return BT_HCI_ERR_SUCCESS;
 	}
+	return BT_HCI_ERR_CMD_DISALLOWED;
 }
 #endif /* CONFIG_BT_CTLR_LE_ENC */
 
diff --git a/subsys/bluetooth/controller/ll_sw/ull_llcp.h b/subsys/bluetooth/controller/ll_sw/ull_llcp.h
@@ -102,11 +102,11 @@ uint8_t ull_cp_encryption_paused(struct ll_conn *conn);
 
 /**
  */
-void ull_cp_ltk_req_reply(struct ll_conn *conn, const uint8_t ltk[16]);
+uint8_t ull_cp_ltk_req_reply(struct ll_conn *conn, const uint8_t ltk[16]);
 
 /**
  */
-void ull_cp_ltk_req_neq_reply(struct ll_conn *conn);
+uint8_t ull_cp_ltk_req_neq_reply(struct ll_conn *conn);
 
 /**
  * @brief Initiate a PHY Update Procedure.
diff --git a/subsys/bluetooth/controller/ll_sw/ull_llcp_enc.c b/subsys/bluetooth/controller/ll_sw/ull_llcp_enc.c
@@ -1200,6 +1200,11 @@ void llcp_rp_enc_ltk_req_neg_reply(struct ll_conn *conn, struct proc_ctx *ctx)
 	rp_enc_execute_fsm(conn, ctx, RP_ENC_EVT_LTK_REQ_NEG_REPLY, NULL);
 }
 
+bool llcp_rp_enc_ltk_req_reply_allowed(struct ll_conn *conn, struct proc_ctx *ctx)
+{
+	return (ctx->state == RP_ENC_STATE_WAIT_LTK_REPLY);
+}
+
 void llcp_rp_enc_run(struct ll_conn *conn, struct proc_ctx *ctx, void *param)
 {
 	rp_enc_execute_fsm(conn, ctx, RP_ENC_EVT_RUN, param);
diff --git a/subsys/bluetooth/controller/ll_sw/ull_llcp_internal.h b/subsys/bluetooth/controller/ll_sw/ull_llcp_internal.h
@@ -391,7 +391,9 @@ void llcp_rp_enc_rx(struct ll_conn *conn, struct proc_ctx *ctx, struct node_rx_p
 void llcp_rp_enc_init_proc(struct proc_ctx *ctx);
 void llcp_rp_enc_ltk_req_reply(struct ll_conn *conn, struct proc_ctx *ctx);
 void llcp_rp_enc_ltk_req_neg_reply(struct ll_conn *conn, struct proc_ctx *ctx);
+bool llcp_rp_enc_ltk_req_reply_allowed(struct ll_conn *conn, struct proc_ctx *ctx);
 void llcp_rp_enc_run(struct ll_conn *conn, struct proc_ctx *ctx, void *param);
+
 #endif /* CONFIG_BT_CTLR_LE_ENC */
 
 #if defined(CONFIG_BT_CTLR_PHY)
diff --git a/subsys/bluetooth/controller/ll_sw/ull_peripheral.c b/subsys/bluetooth/controller/ll_sw/ull_peripheral.c
@@ -612,22 +612,10 @@ uint8_t ll_start_enc_req_send(uint16_t handle, uint8_t error_code,
 		conn->llcp.encryption.state = LLCP_ENC_STATE_INPROG;
 	}
 #else /* CONFIG_BT_LL_SW_LLCP_LEGACY */
-	/*
-	 * TODO: add info to the conn-structure
-	 * - refresh
-	 * - no procedure in progress
-	 * - procedure type
-	 * and use that info to decide if the cmd is allowed
-	 * or if we should terminate the connection
-	 * see BT 5.2 Vol. 6 part B chapter 5.1.3
-	 * see also ull_periph.c line 395-439
-	 *
-	 * TODO: the ull_cp_ltx_req* functions should return success/fail status
-	 */
 	if (error_code) {
-		ull_cp_ltk_req_neq_reply(conn);
+		return ull_cp_ltk_req_neq_reply(conn);
 	} else {
-		ull_cp_ltk_req_reply(conn, ltk);
+		return ull_cp_ltk_req_reply(conn, ltk);
 	}
 #endif /* CONFIG_BT_LL_SW_LLCP_LEGACY */
 

Original file line number	Diff line number	Diff line change
`@@ -838,27 +838,31 @@ uint8_t ull_cp_data_length_update(struct ll_conn *conn, uint16_t max_tx_octets,`
`838`	`838`	`#endif /* CONFIG_BT_CTLR_DATA_LENGTH */`
`839`	`839`
`840`	`840`	`#if defined(CONFIG_BT_CTLR_LE_ENC)`
`841`		`-void ull_cp_ltk_req_reply(struct ll_conn *conn, const uint8_t ltk[16])`
	`841`	`+uint8_t ull_cp_ltk_req_reply(struct ll_conn *conn, const uint8_t ltk[16])`
`842`	`842`	`{`
`843`		`- /* TODO(thoh): Call rp_enc to query if LTK request reply is allowed */`
`844`	`843`	`struct proc_ctx *ctx;`
`845`	`844`
`846`	`845`	`ctx = llcp_rr_peek(conn);`
`847`		`- if (ctx && (ctx->proc == PROC_ENCRYPTION_START \|\| ctx->proc == PROC_ENCRYPTION_PAUSE)) {`
	`846`	`+ if (ctx && (ctx->proc == PROC_ENCRYPTION_START \|\| ctx->proc == PROC_ENCRYPTION_PAUSE) &&`
	`847`	`+ llcp_rp_enc_ltk_req_reply_allowed(conn, ctx)) {`
`848`	`848`	`memcpy(ctx->data.enc.ltk, ltk, sizeof(ctx->data.enc.ltk));`
`849`	`849`	`llcp_rp_enc_ltk_req_reply(conn, ctx);`
	`850`	`+ return BT_HCI_ERR_SUCCESS;`
`850`	`851`	`}`
	`852`	`+ return BT_HCI_ERR_CMD_DISALLOWED;`
`851`	`853`	`}`
`852`	`854`
`853`		`-void ull_cp_ltk_req_neq_reply(struct ll_conn *conn)`
	`855`	`+uint8_t ull_cp_ltk_req_neq_reply(struct ll_conn *conn)`
`854`	`856`	`{`
`855`		`- /* TODO(thoh): Call rp_enc to query if LTK negative request reply is allowed */`
`856`	`857`	`struct proc_ctx *ctx;`
`857`	`858`
`858`	`859`	`ctx = llcp_rr_peek(conn);`
`859`		`- if (ctx && (ctx->proc == PROC_ENCRYPTION_START \|\| ctx->proc == PROC_ENCRYPTION_PAUSE)) {`
	`860`	`+ if (ctx && (ctx->proc == PROC_ENCRYPTION_START \|\| ctx->proc == PROC_ENCRYPTION_PAUSE) &&`
	`861`	`+ llcp_rp_enc_ltk_req_reply_allowed(conn, ctx)) {`
`860`	`862`	`llcp_rp_enc_ltk_req_neg_reply(conn, ctx);`
	`863`	`+ return BT_HCI_ERR_SUCCESS;`
`861`	`864`	`}`
	`865`	`+ return BT_HCI_ERR_CMD_DISALLOWED;`
`862`	`866`	`}`
`863`	`867`	`#endif /* CONFIG_BT_CTLR_LE_ENC */`
`864`	`868`
Original file line number	Diff line number	Diff line change
`@@ -1200,6 +1200,11 @@ void llcp_rp_enc_ltk_req_neg_reply(struct ll_conn conn, struct proc_ctx ctx)`
`1200`	`1200`	`rp_enc_execute_fsm(conn, ctx, RP_ENC_EVT_LTK_REQ_NEG_REPLY, NULL);`
`1201`	`1201`	`}`
`1202`	`1202`
	`1203`	`+bool llcp_rp_enc_ltk_req_reply_allowed(struct ll_conn conn, struct proc_ctx ctx)`
	`1204`	`+{`
	`1205`	`+ return (ctx->state == RP_ENC_STATE_WAIT_LTK_REPLY);`
	`1206`	`+}`
	`1207`	`+`
`1203`	`1208`	`void llcp_rp_enc_run(struct ll_conn conn, struct proc_ctx ctx, void *param)`
`1204`	`1209`	`{`
`1205`	`1210`	`rp_enc_execute_fsm(conn, ctx, RP_ENC_EVT_RUN, param);`