Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f3fb0b58 authored by Johan Hedberg's avatar Johan Hedberg Committed by Marcel Holtmann
Browse files

Bluetooth: Fix missing check for FIPS security level 



When checking whether a legacy link key provides at least HIGH security
level we also need to check for FIPS level which is one step above HIGH.
This patch fixes a missing check in the hci_link_key_request_evt()
function.

Signed-off-by: default avatarJohan Hedberg <johan.hedberg@intel.com>
Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
Cc: stable@vger.kernel.org
parent 79897d20

net/bluetooth/hci_event.c

+2 −1
Original line number Diff line number Diff line
@@ -3077,7 +3077,8 @@ static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb) 
		}



		if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&

		    conn->pending_sec_level == BT_SECURITY_HIGH) {

		    (conn->pending_sec_level == BT_SECURITY_HIGH ||

		     conn->pending_sec_level == BT_SECURITY_FIPS)) {

			BT_DBG("%s ignoring key unauthenticated for high security",

			       hdev->name);

			goto not_found;