Hi,
since there has been various devices that have hardcoded keys and each shipped unit will have the same key, it might be required to have keys blacklist and refrain from pairing / connecting to these.
I would propose to load a blacklist of these keys via mgmt via bluetoothd instead of hardcoding them in the kernel code.
diff --git a/doc/mgmt-api.txt b/doc/mgmt-api.txt
index 0d11aa035649..71b01b38f9f1 100644
--- a/doc/mgmt-api.txt
+++ b/doc/mgmt-api.txt
@@ -3014,6 +3014,38 @@ Set PHY Configuration Command
Invalid Index
+Load Blacklist Keys Command
+===========================
+
+ Command Code: 0x0045
+ Controller Index: <controller id>
+ Command Parameters: Key_Count (2 Octets)
+ Key1 {
+ Key_Type (1 Octet)
+ Value (16 Octets)
+ }
+ Key2 { }
+ ...
+ Return Parameters:
+
+ This command is used to feed the kernel a list of keys that
+ are known to be vulnerable.
+
+ Currently defined Key_Type values are:
+
+ 0x00 Link Key (BR/EDR)
+ 0x01 Long Term Key (LE)
+ 0x02 Identity Resolving Key (LE)
+
+ This command can be used when the controller is not powered.
+
+ This command generates a Command Complete event on success or
+ a Command Status event on failure.
+
+ Possible errors: Invalid Parameters
+ Invalid Index
+
+
Regards
Marcel
