| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 9 Jun 2014 16:33:02 +0300 From: Johan Hedberg <johan.hedberg@...el.com> To: Jiri Slaby <jslaby@...e.cz> Cc: stable@...r.kernel.org, linux-kernel@...r.kernel.org, Marcel Holtmann <marcel@...tmann.org> Subject: Re: [PATCH 3.12 064/146] Bluetooth: Fix redundant encryption request for reauthentication Hi, On Mon, Jun 09, 2014, Jiri Slaby wrote: > 3.12-stable review patch. If anyone has any objections, please let me know. > > =============== > > commit 09da1f3463eb81d59685df723b1c5950b7570340 upstream. > > When we're performing reauthentication (in order to elevate the > security level from an unauthenticated key to an authenticated one) we > do not need to issue any encryption command once authentication > completes. Since the trigger for the encryption HCI command is the > ENCRYPT_PEND flag this flag should not be set in this scenario. > Instead, the REAUTH_PEND flag takes care of all necessary steps for > reauthentication. > > Signed-off-by: Johan Hedberg <johan.hedberg@...el.com> > Signed-off-by: Marcel Holtmann <marcel@...tmann.org> > Signed-off-by: Jiri Slaby <jslaby@...e.cz> > --- > net/bluetooth/hci_conn.c | 9 ++++++--- > 1 file changed, 6 insertions(+), 3 deletions(-) This one seems to be causing a regression, so it's probably best to keep it out of stable trees for now: https://bugzilla.kernel.org/show_bug.cgi?id=77541 Johan -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists