From: Marcel Holtmann <marcel@holtmann.org>
Date: Sat, 1 Feb 2014 19:32:25 +0000 (-0800)
Subject: Bluetooth: Include security level 4 in connections check
X-Git-Tag: v3.15-rc1~113^2~159^2^2~130^2~79
X-Git-Url: https://openfabrics.org/gitweb/?a=commitdiff_plain;h=9cb2e030e6a0787f5c216702e6e78dd85ffe04c4;p=~emulex%2Finfiniband.git

Bluetooth: Include security level 4 in connections check

This check is only used for RFCOMM connections and most likely no
RFCOMM based profile will require security level 4 secure connection
security policy. In case it ever does make sure that seucrity level 4
is treated as sufficient security level.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
---

diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
index 7ef5bffb61a..801820f1222 100644
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -860,13 +860,17 @@ int hci_conn_check_secure(struct hci_conn *conn, __u8 sec_level)
 {
 	BT_DBG("hcon %p", conn);
 
-	if (sec_level != BT_SECURITY_HIGH)
-		return 1; /* Accept if non-secure is required */
+	/* Accept if non-secure or higher security level is required */
+	if (sec_level != BT_SECURITY_HIGH && sec_level != BT_SECURITY_FIPS)
+		return 1;
 
-	if (conn->sec_level == BT_SECURITY_HIGH)
+	/* Accept if secure or higher security level is already present */
+	if (conn->sec_level == BT_SECURITY_HIGH ||
+	    conn->sec_level == BT_SECURITY_FIPS)
 		return 1;
 
-	return 0; /* Reject not secure link */
+	/* Reject not secure link */
+	return 0;
 }
 EXPORT_SYMBOL(hci_conn_check_secure);