From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Johan Hedberg , Marcel Holtmann Subject: [PATCH 3.15 084/139] Bluetooth: Fix authentication check for FIPS security level Date: Sat, 28 Jun 2014 10:47:25 -0700 Message-Id: <20140628174609.267221542@linuxfoundation.org> In-Reply-To: <20140628174605.352098823@linuxfoundation.org> References: <20140628174605.352098823@linuxfoundation.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: 3.15-stable review patch. If anyone has any objections, please let me know. ------------------ From: Johan Hedberg commit 7e3691e13ab51f3491e996e2edaf99b173621288 upstream. When checking whether we need to request authentication or not we should include HCI_SECURITY_FIPS to the levels that always need authentication. This patch fixes check for it in the hci_outgoing_auth_needed() function. Signed-off-by: Johan Hedberg Signed-off-by: Marcel Holtmann Signed-off-by: Greg Kroah-Hartman --- net/bluetooth/hci_event.c | 1 + 1 file changed, 1 insertion(+) --- a/net/bluetooth/hci_event.c +++ b/net/bluetooth/hci_event.c @@ -1342,6 +1342,7 @@ static int hci_outgoing_auth_needed(stru * is requested. */ if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) && + conn->pending_sec_level != BT_SECURITY_FIPS && conn->pending_sec_level != BT_SECURITY_HIGH && conn->pending_sec_level != BT_SECURITY_MEDIUM) return 0;