Bluetooth: Include security level 4 in connections check

This check is only used for RFCOMM connections and most likely no
RFCOMM based profile will require security level 4 secure connection
security policy. In case it ever does make sure that seucrity level 4
is treated as sufficient security level.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>

diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
index 7ef5bffb61aa6d37019b95ec00a16c053361bd2c..801820f122263e0b9b799f7499d5adac84a32763 100644 (file)
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -860,13 +860,17 @@ int hci_conn_check_secure(struct hci_conn *conn, __u8 sec_level)
 {
        BT_DBG("hcon %p", conn);
 
-       if (sec_level != BT_SECURITY_HIGH)
-               return 1; /* Accept if non-secure is required */
+       /* Accept if non-secure or higher security level is required */
+       if (sec_level != BT_SECURITY_HIGH && sec_level != BT_SECURITY_FIPS)
+               return 1;
 
-       if (conn->sec_level == BT_SECURITY_HIGH)
+       /* Accept if secure or higher security level is already present */
+       if (conn->sec_level == BT_SECURITY_HIGH ||
+           conn->sec_level == BT_SECURITY_FIPS)
                return 1;
 
-       return 0; /* Reject not secure link */
+       /* Reject not secure link */
+       return 0;
 }
 EXPORT_SYMBOL(hci_conn_check_secure);