Patch "Bluetooth: Fix missing check for FIPS security level" has been added to the 3.15-stable tree

Fri, 27 Jun 2014 16:55:05 -0700 

This is a note to let you know that I've just added the patch titled

    Bluetooth: Fix missing check for FIPS security level

to the 3.15-stable tree which can be found at:
    
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     bluetooth-fix-missing-check-for-fips-security-level.patch
and it can be found in the queue-3.15 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.


>From f3fb0b58c85666f73139963a7a04d7878f3d22c9 Mon Sep 17 00:00:00 2001
From: Johan Hedberg <[email protected]>
Date: Mon, 2 Jun 2014 10:12:44 +0300
Subject: Bluetooth: Fix missing check for FIPS security level

From: Johan Hedberg <[email protected]>

commit f3fb0b58c85666f73139963a7a04d7878f3d22c9 upstream.

When checking whether a legacy link key provides at least HIGH security
level we also need to check for FIPS level which is one step above HIGH.
This patch fixes a missing check in the hci_link_key_request_evt()
function.

Signed-off-by: Johan Hedberg <[email protected]>
Signed-off-by: Marcel Holtmann <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>

---
 net/bluetooth/hci_event.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -2958,7 +2958,8 @@ static void hci_link_key_request_evt(str
                }
 
                if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
-                   conn->pending_sec_level == BT_SECURITY_HIGH) {
+                   (conn->pending_sec_level == BT_SECURITY_HIGH ||
+                    conn->pending_sec_level == BT_SECURITY_FIPS)) {
                        BT_DBG("%s ignoring key unauthenticated for high 
security",
                               hdev->name);
                        goto not_found;


Patches currently in stable-queue which might be from [email protected] 
are

queue-3.15/bluetooth-fix-authentication-check-for-fips-security-level.patch
queue-3.15/bluetooth-fix-missing-check-for-fips-security-level.patch
queue-3.15/bluetooth-fix-l2cap-deadlock.patch
queue-3.15/bluetooth-fix-requiring-smp-mitm-for-outgoing-connections.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to