From: Johan Hedberg <johan.hedberg@gmail.com>
To: Waldemar.Rymarkiewicz@tieto.com
Cc: hadess@hadess.net, linux-bluetooth@vger.kernel.org,
par-gunnar.p.hjalmdahl@stericsson.com,
joakim.xj.ceder@stericsson.com, arunkr.singh@stericsson.com
Subject: Re: [PATCH] BT_SECURITY_HIGH requires 16 digit pin code
Date: Thu, 2 Sep 2010 16:51:08 +0300 [thread overview]
Message-ID: <20100902135108.GA30759@jh-x301> (raw)
In-Reply-To: <99B09243E1A5DA4898CDD8B7001114480979219655@EXMB04.eu.tieto.com>
Hi Waldek,
On Thu, Sep 02, 2010, Waldemar.Rymarkiewicz@tieto.com wrote:
> I've completed more tests on the patches and didn't faced any problems
> do far. Legacy paring, ssp, sec mode 3, refresh existing keys and
> security upgrading have finished with success. I did the tests for
> bluez as initiator and again when bluez was an acceptor. All tests
> were done against different controllers CSR (1.1, 2.0, 2.1), Broadcom
> (2.0, 2.1), ST-Ericsson (2.1). I also tried different combinations of
> the controllers in the same use case.
>
> So, I'm pretty sure that it will not introduce any regression.
Ok, that's good to hear.
> Aditionally, we plan to bring this to the UPF and it would be
> appreciated if also other would have that possibility for regression
> testing.
I'll be at the UPF too, so this might be possible.
> If it comes to interaction with the agent I would do this in a
> seperate patch which will contain a new property when 16 digit pin
> code is required.
That's fine.
> I attached slightly updated patches.
Thanks. However, the kernel patch and new ioctl will need comments at
least from Marcel. Once we add an ioctl we're stuck with it for quite
some time and have to maintain it, no matter what kind of newer/better
kernel-userspace interfaces we come up with. So the choice of accepting
a new ioctl isn't so easy.
One thing that you'd definitely need to fix in your patches is to keep
at least the same level of support that the current BlueZ has with
kernels that don't have the new ioctl. Right now your patch would make
legacy pairing fail in such cases which is not acceptable. Only with a
major version change (5.x) would it be possible to consider requiring a
newer kernel version in order to have essential functionality in place.
With all this in mind I'd still prefer it if we postpone the feature
addition until the point where we have a more flexible kernel-userspace
API in place and most of the security logic and information on the
kernel side.
Johan
next prev parent reply other threads:[~2010-09-02 13:51 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-08-27 11:45 [PATCH] BT_SECURITY_HIGH requires 16 digit pin code Waldemar Rymarkiewicz
2010-08-27 12:12 ` Bastien Nocera
2010-08-27 12:26 ` Waldemar.Rymarkiewicz
2010-08-27 12:32 ` Bastien Nocera
2010-08-27 12:45 ` Johan Hedberg
2010-08-27 13:32 ` Waldemar.Rymarkiewicz
2010-08-27 20:11 ` Johan Hedberg
2010-09-02 13:27 ` Waldemar.Rymarkiewicz
2010-09-02 13:51 ` Johan Hedberg [this message]
2010-09-02 15:30 ` Waldemar.Rymarkiewicz
2010-09-07 8:57 ` Waldemar.Rymarkiewicz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100902135108.GA30759@jh-x301 \
--to=johan.hedberg@gmail.com \
--cc=Waldemar.Rymarkiewicz@tieto.com \
--cc=arunkr.singh@stericsson.com \
--cc=hadess@hadess.net \
--cc=joakim.xj.ceder@stericsson.com \
--cc=linux-bluetooth@vger.kernel.org \
--cc=par-gunnar.p.hjalmdahl@stericsson.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox