Bluetooth: Fix missing check for FIPS security level

When checking whether a legacy link key provides at least HIGH security level we also need to check for FIPS level which is one step above HIGH. This patch fixes a missing check in the hci_link_key_request_evt() function. Signed-off-by: N Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: N Marcel Holtmann <marcel@holtmann.org> Cc: stable@vger.kernel.org

Bluetooth: Fix missing check for FIPS security level
When checking whether a legacy link key provides at least HIGH security level we also need to check for FIPS level which is one step above HIGH. This patch fixes a missing check in the hci_link_key_request_evt() function. Signed-off-by: N Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: N Marcel Holtmann <marcel@holtmann.org> Cc: stable@vger.kernel.org
f3fb0b58 · Johan Hedberg · Marcel Holtmann · 79897d20 · f3fb0b58
隐藏空白更改
内联并排

Showing with 2 addition and 1 deletion

net/bluetooth/hci_event.c net/bluetooth/hci_event.c +2 -1

未找到文件。
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -3077,7 +3077,8 @@ static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
 		}

 		if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
-		    conn->pending_sec_level == BT_SECURITY_HIGH) {
+		    (conn->pending_sec_level == BT_SECURITY_HIGH ||
+		     conn->pending_sec_level == BT_SECURITY_FIPS)) {
 			BT_DBG("%s ignoring key unauthenticated for high security",
 			       hdev->name);
 			goto not_found;