Re: [PATCH cover letter] Bluetooth: Revert: Fix L2CAP connection ...

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Gustavo Padovan <padovan@profusion.mobi>
To: Arkadiusz.Lichwa@tieto.com
Cc: linux-bluetooth@vger.kernel.org, iliak@ti.com,
	ulrik.lauren@stericsson.com, peter@hurleysoftware.com
Subject: Re: [PATCH cover letter] Bluetooth: Revert: Fix L2CAP connection ...
Date: Fri, 2 Dec 2011 21:53:46 +0900	[thread overview]
Message-ID: <20111202125346.GI2570@joana> (raw)
In-Reply-To: <BF2CDDEFEC2D1E42A67A8AE0508897EC3E9238C49C@EXMB02.eu.tieto.com>

Hi Arek,

* Arkadiusz.Lichwa@tieto.com <Arkadiusz.Lichwa@tieto.com> [2011-11-22 15:27:17 +0200]:

> Hi Gustavo
> 
> >-----Original Message-----
> >From: Gustavo F. Padovan [mailto:pao@profusion.mobi] On Behalf Of Gustavo
> >Padovan
> >Sent: Monday, November 07, 2011 7:54 PM
> >To: Lichwa Arkadiusz
> >Cc: linux-bluetooth@vger.kernel.org; iliak@ti.com; ulrik.lauren@stericsson.com
> >Subject: Re: [PATCH cover letter] Bluetooth: Revert: Fix L2CAP connection ...
> >
> >
> >* Arkadiusz.Lichwa@tieto.com <Arkadiusz.Lichwa@tieto.com> [2011-11-07
> >12:06:32 +0200]:
> >
> >>
> >> >From: Gustavo F. Padovan [mailto:pao@profusion.mobi] On Behalf Of Gustavo
> >> >Padovan
> >> >Sent: Friday, November 04, 2011 6:18 PM
> >> >To: Lichwa Arkadiusz
> >> >Cc: linux-bluetooth@vger.kernel.org; iliak@ti.com; ulrik.lauren@stericsson.com
> >> >Subject: Re: [PATCH cover letter] Bluetooth: Revert: Fix L2CAP connection ...
> >> >
> >> >Hi Arek,
> >> >
> >> >* Arkadiusz.Lichwa@tieto.com <Arkadiusz.Lichwa@tieto.com> [2011-11-02
> >> >09:53:10 +0200]:
> >> >
> >> >>
> >> >> Hi Gustavo
> >> >>
> >> >> >From: Gustavo F. Padovan [mailto:pao@profusion.mobi] On Behalf Of
> >Gustavo
> >> >> >Padovan
> >> >> >Sent: Monday, October 31, 2011 8:01 PM
> >> >> >To: Lichwa Arkadiusz
> >> >> >Cc: linux-bluetooth@vger.kernel.org; iliak@ti.com;
> >ulrik.lauren@stericsson.com
> >> >> >Subject: Re: [PATCH cover letter] Bluetooth: Revert: Fix L2CAP connection ...
> >> >> >
> >> >> >Hi Arek,
> >> >> >
> >> >> >* Arek Lichwa <arkadiusz.lichwa@tieto.com> [2011-10-26 11:23:21 +0200]:
> >> >> >
> >> >> >> Hi
> >> >> >>
> >> >> >> We found during testing problem when setting rfcomm (SPP) channel
> >between
> >> >> >> two 2.1 devices.
> >> >> >> The test case always failed mostly saying security block on l2cap level
> >> >> >> but sometimes the fail root cause was 'Command not understood' on l2cap
> >> >> >> as well.
> >> >> >> Analyzing security block issue, I found that there's unencrypted link when
> >> >> >> l2cap command 'connection request' is sent to remote.
> >> >> >> The second issue with 'command not understood' has turn out to be related
> >to
> >> >> >> expiration of l2cap timer and its implications.
> >> >> >>
> >> >> >> Solution that I found to fix the problem seems to be related to old commit
> >> >> >> 330605423ca6eafafb8dcc27502bce1c585d1b06 made by Ilia Kolomisnky.
> >> >When
> >> >> >there's
> >> >> >> authentication ongoing, 'encryption pending' should be turn on, otherwise
> >> >> >> there're situations when link stays unencrypted.
> >> >> >> The issue with timer expiration is related to Andrzej Kaczmarek's patch
> >> >> >> sent to community a couple days ago (~ 2011/10/20).
> >> >> >> This patch actually recalculates (repairs) timer values on l2cap which were
> >> >> >> wrongly converted before.
> >> >> >> With this patch the expiration issue disappears during the test case
> >> >> >> I've made, otherwise just reverting
> >> >> >330605423ca6eafafb8dcc27502bce1c585d1b06
> >> >> >> is not enough, since timer issue blocks very often passing the test case.
> >> >> >
> >> >> >Are you saying that Andrzej's patch together with revert of 330605423 fixes
> >> >> >the problem? and are you sure that we are not creating any new regression?
> >> >> >
> >> >> >	Gustavo
> >> >>
> >> >> Yes, that's right, it fixes.
> >> >> About potencial new regression, I don't think so since previous code before Ilia
> >> >made change was stable and verified. Did you asked Ilia about regression report
> >> >that time?
> >> >
> >> >So did you test this in many different cases? with and without SSP, in all
> >> >security levels, with and without MITM protection and so on?
> >>
> >> Hi Gustavo,
> >>
> >> Should't such scenarios to be run/verified on bluez community's
> >> common security regression test framework/set ?
> >> Looks like now everyone (I hope) verify against his own and it's not trustable.
> >>
> >> To your questions, yes, I did, do you belive me ? :)
> >
> >Ok, I'm applying this one to the bluetooth tree (aka linux 3.2). Thanks.
> >
> >Also I verified the need of this patch while developing the security patches I
> >just sent to the mailing list, it only works if I revert this patch.
> >
> >	Gustavo
> 
> Looks like the patch got to be reverted. 
> More thorough / manual tests showed the problem on setting up subsequent
> l2cap channels with legacy devices.

What goes wrong? security block? Why does it happen?

	Gustavo

next prev parent reply	other threads:[~2011-12-02 12:53 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-10-26  9:23 [PATCH cover letter] Bluetooth: Revert: Fix L2CAP connection Arek Lichwa
2011-10-26  9:23 ` [PATCH] Bluetooth: Revert: Fix L2CAP connection establishment Arek Lichwa
2011-10-31 16:00   ` Arkadiusz.Lichwa
2011-11-01  8:58     ` Ilia, Kolominsky
2011-11-02  7:44       ` Arkadiusz.Lichwa
2011-11-02 13:19         ` Ilia, Kolominsky
2011-10-31 19:01 ` [PATCH cover letter] Bluetooth: Revert: Fix L2CAP connection Gustavo Padovan
2011-11-02  7:53   ` Arkadiusz.Lichwa
2011-11-04 17:18     ` Gustavo Padovan
2011-11-07 10:06       ` Arkadiusz.Lichwa
2011-11-07 18:54         ` Gustavo Padovan
2011-11-22 13:27           ` Arkadiusz.Lichwa
2011-12-02 12:53             ` Gustavo Padovan [this message]
2011-12-11  5:16   ` [REGRESSION] 3.2.0-rc3 Bluetooth L2CAP Linux to Linux rfcomm fails David Fries
2011-12-19  0:36     ` Gustavo Padovan
2011-12-20  2:58       ` David Fries

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20111202125346.GI2570@joana \
    --to=padovan@profusion.mobi \
    --cc=Arkadiusz.Lichwa@tieto.com \
    --cc=iliak@ti.com \
    --cc=linux-bluetooth@vger.kernel.org \
    --cc=peter@hurleysoftware.com \
    --cc=ulrik.lauren@stericsson.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.