Skip to content

Commit

Permalink
Bluetooth: Fix missing check for FIPS security level
Browse files Browse the repository at this point in the history 
When checking whether a legacy link key provides at least HIGH security
level we also need to check for FIPS level which is one step above HIGH.
This patch fixes a missing check in the hci_link_key_request_evt()
function.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Cc: stable@vger.kernel.org
  • Loading branch information
Johan Hedberg authored and Marcel Holtmann committed Jun 2, 2014
1 parent 79897d2 commit f3fb0b5
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion net/bluetooth/hci_event.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3077,7 +3077,8 @@ static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
}

if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
conn->pending_sec_level == BT_SECURITY_HIGH) {
(conn->pending_sec_level == BT_SECURITY_HIGH ||
conn->pending_sec_level == BT_SECURITY_FIPS)) {
BT_DBG("%s ignoring key unauthenticated for high security",
hdev->name);
goto not_found;
Expand Down

0 comments on commit f3fb0b5

Please sign in to comment.