Bluetooth: Handle security level 4 for RFCOMM connections (2c068e0b) · Commits · git / linux-net

include/net/bluetooth/rfcomm.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -295,6 +295,7 @@ struct rfcomm_conninfo {
		#define RFCOMM_LM_TRUSTED 0x0008
		#define RFCOMM_LM_RELIABLE 0x0010
		#define RFCOMM_LM_SECURE 0x0020
		#define RFCOMM_LM_FIPS 0x0040

		#define rfcomm_pi(sk) ((struct rfcomm_pinfo *) sk)

+3 −1

Original line number	Diff line number	Diff line
		@@ -216,6 +216,7 @@ static int rfcomm_check_security(struct rfcomm_dlc *d)

		switch (d->sec_level) {
		case BT_SECURITY_HIGH:
		case BT_SECURITY_FIPS:
		auth_type = HCI_AT_GENERAL_BONDING_MITM;
		break;
		case BT_SECURITY_MEDIUM:
		@@ -2085,7 +2086,8 @@ static void rfcomm_security_cfm(struct hci_conn *conn, u8 status, u8 encrypt)
		set_bit(RFCOMM_SEC_PENDING, &d->flags);
		rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT);
		continue;
		} else if (d->sec_level == BT_SECURITY_HIGH) {
		} else if (d->sec_level == BT_SECURITY_HIGH \|\|
		d->sec_level == BT_SECURITY_FIPS) {
		set_bit(RFCOMM_ENC_DROP, &d->flags);
		continue;
		}

+11 −1

Original line number	Diff line number	Diff line
		@@ -648,6 +648,11 @@ static int rfcomm_sock_setsockopt_old(struct socket *sock, int optname, char __u
		break;
		}

		if (opt & RFCOMM_LM_FIPS) {
		err = -EINVAL;
		break;
		}

		if (opt & RFCOMM_LM_AUTH)
		rfcomm_pi(sk)->sec_level = BT_SECURITY_LOW;
		if (opt & RFCOMM_LM_ENCRYPT)
		@@ -764,6 +769,10 @@ static int rfcomm_sock_getsockopt_old(struct socket *sock, int optname, char __u
		opt = RFCOMM_LM_AUTH \| RFCOMM_LM_ENCRYPT \|
		RFCOMM_LM_SECURE;
		break;
		case BT_SECURITY_FIPS:
		opt = RFCOMM_LM_AUTH \| RFCOMM_LM_ENCRYPT \|
		RFCOMM_LM_SECURE \| RFCOMM_LM_FIPS;
		break;
		default:
		opt = 0;
		break;
		@@ -774,6 +783,7 @@ static int rfcomm_sock_getsockopt_old(struct socket *sock, int optname, char __u

		if (put_user(opt, (u32 __user *) optval))
		err = -EFAULT;

		break;

		case RFCOMM_CONNINFO: