From: Alfonso Acosta <fons@spotify.com>
To: Marcel Holtmann <marcel@holtmann.org>
Cc: linux-bluetooth@vger.kernel.org
Subject: Re: [PATCH v3] Bluetooth: Add HCI_AUTO_CONN_DIRECT_REPORT_IND
Date: Mon, 29 Sep 2014 16:49:39 +0200 [thread overview]
Message-ID: <CAHF=Y4pkXTvcN6YQTH6DPboeav7BCa8T0HUSfOHfag+W9GJ8fQ@mail.gmail.com> (raw)
In-Reply-To: <1D7AEE8B-51DB-4A6D-8EBA-3EC81760224E@holtmann.org>
>
> if it can not store its LTK, then why doesn't it use a key hierarchy (as =
defined in the Bluetooth specification) so that it can restore its keys aft=
er reboot. If it remembers its Bluetooth address, then it could clearly rem=
ember a single master key.
>
> But seriously, if you can remember your BD_ADDR, then you might want to r=
emember your LTK as well. Just a hint here.
Thanks for the hint, I wasn't familiar with "key hierarchies".
> So the encryption trigger is not done by the kernel. It is actually done =
by userspace when you have an existing LTK. The kernel will auto-conect the=
device with low security and then userspace will move it to medium securit=
y in case we have an LTK. It will also move it to medium security for all H=
ID devices since that is mandatory.
>
[...]
> Having the advertising data in Device Connected event will actually allow=
you to do exactly what you want. It would allow you to utilize Unpair Devi=
ce (with Disconnect 0x00) and Pair Device to recreate the bonding. All with=
out ever disconnecting the link.
>
> The important piece of detail is that the security elevation from low to =
medium does not happen when the device is detected as initial powered on. S=
o instead of security elevation, you do a re-bonding which will give you th=
e encrypted link HID requires and also the new LTK.
Oh, I see. I was wrongly assuming that the encryption elevation was
also done in the kernel without userspace involvement. Then, adding
the contents of the ADV_IND report to the "Device Connected event"
should indeed be good enough. I will try it out and send a patch if it
works.
> So before trying to redefine the Add Device command semantics, I would cl=
early go for adding the advertising data to Device Connected event and see =
if that gets you where you need to go.
Will do, thanks!
--=20
Alfonso Acosta
Embedded Systems Engineer at Spotify
Birger Jarlsgatan 61, Stockholm, Sweden
http://www.spotify.com
next prev parent reply other threads:[~2014-09-29 14:49 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-26 15:54 [PATCH v3] Bluetooth: Add HCI_AUTO_CONN_DIRECT_REPORT_IND Alfonso Acosta
2014-09-29 8:37 ` Marcel Holtmann
2014-09-29 10:59 ` Alfonso Acosta
2014-09-29 11:34 ` Marcel Holtmann
2014-09-29 13:33 ` Alfonso Acosta
2014-09-29 14:29 ` Marcel Holtmann
2014-09-29 14:49 ` Alfonso Acosta [this message]
2014-09-29 14:54 ` Marcel Holtmann
2014-10-03 8:37 ` Alfonso Acosta
2014-10-03 9:55 ` Marcel Holtmann
2014-10-09 1:01 ` Alfonso Acosta
2014-09-29 14:35 ` Johan Hedberg
2014-09-29 15:25 ` Alfonso Acosta
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAHF=Y4pkXTvcN6YQTH6DPboeav7BCa8T0HUSfOHfag+W9GJ8fQ@mail.gmail.com' \
--to=fons@spotify.com \
--cc=linux-bluetooth@vger.kernel.org \
--cc=marcel@holtmann.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.