Patch "Bluetooth: Fix authentication check for FIPS security level" has been added to the 3.15-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is a note to let you know that I've just added the patch titled

    Bluetooth: Fix authentication check for FIPS security level

to the 3.15-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     bluetooth-fix-authentication-check-for-fips-security-level.patch
and it can be found in the queue-3.15 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From 7e3691e13ab51f3491e996e2edaf99b173621288 Mon Sep 17 00:00:00 2001
From: Johan Hedberg <johan.hedberg@xxxxxxxxx>
Date: Fri, 30 May 2014 14:45:19 +0300
Subject: Bluetooth: Fix authentication check for FIPS security level

From: Johan Hedberg <johan.hedberg@xxxxxxxxx>

commit 7e3691e13ab51f3491e996e2edaf99b173621288 upstream.

When checking whether we need to request authentication or not we should
include HCI_SECURITY_FIPS to the levels that always need authentication.
This patch fixes check for it in the hci_outgoing_auth_needed()
function.

Signed-off-by: Johan Hedberg <johan.hedberg@xxxxxxxxx>
Signed-off-by: Marcel Holtmann <marcel@xxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
 net/bluetooth/hci_event.c |    1 +
 1 file changed, 1 insertion(+)

--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -1342,6 +1342,7 @@ static int hci_outgoing_auth_needed(stru
 	 * is requested.
 	 */
 	if (!hci_conn_ssp_enabled(conn) && !(conn->auth_type & 0x01) &&
+	    conn->pending_sec_level != BT_SECURITY_FIPS &&
 	    conn->pending_sec_level != BT_SECURITY_HIGH &&
 	    conn->pending_sec_level != BT_SECURITY_MEDIUM)
 		return 0;


Patches currently in stable-queue which might be from johan.hedberg@xxxxxxxxx are

queue-3.15/bluetooth-fix-authentication-check-for-fips-security-level.patch
queue-3.15/bluetooth-fix-missing-check-for-fips-security-level.patch
queue-3.15/bluetooth-fix-l2cap-deadlock.patch
queue-3.15/bluetooth-fix-requiring-smp-mitm-for-outgoing-connections.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]