linux/net
Marcel Holtmann e7c29cb16c [Bluetooth] Reject L2CAP connections on an insecure ACL link
The Security Mode 4 of the Bluetooth 2.1 specification has strict
authentication and encryption requirements. It is the initiators job
to create a secure ACL link. However in case of malicious devices, the
acceptor has to make sure that the ACL is encrypted before allowing
any kind of L2CAP connection. The only exception here is the PSM 1 for
the service discovery protocol, because that is allowed to run on an
insecure ACL link.

Previously it was enough to reject a L2CAP connection during the
connection setup phase, but with Bluetooth 2.1 it is forbidden to
do any L2CAP protocol exchange on an insecure link (except SDP).

The new hci_conn_check_link_mode() function can be used to check the
integrity of an ACL link. This functions also takes care of the cases
where Security Mode 4 is disabled or one of the devices is based on
an older specification.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2008-09-09 07:19:20 +02:00
..
9p flag parameters: socket and socketpair 2008-07-24 10:47:27 -07:00
802 list_for_each_rcu must die: networking 2008-07-25 10:53:27 -07:00
8021q netdev: Handle ->addr_list_lock just like ->_xmit_lock for lockdep. 2008-07-22 14:16:42 -07:00
appletalk net: convert BUG_TRAP to generic WARN_ON 2008-07-25 21:43:18 -07:00
atm atm: fix const assignment/discard warnings in the ATM networking driver 2008-07-30 16:31:46 -07:00
ax25 AX.25: Fix sysctl registration if !CONFIG_AX25_DAMA_SLAVE 2008-08-05 18:46:57 -07:00
bluetooth [Bluetooth] Reject L2CAP connections on an insecure ACL link 2008-09-09 07:19:20 +02:00
bridge bridge: show offload settings 2008-08-15 19:51:07 -07:00
can
core pkt_sched: Prevent livelock in TX queue running. 2008-08-19 04:00:36 -07:00
dccp dccp: Fix panic caused by too early termination of retransmission mechanism 2008-08-18 21:14:20 -07:00
decnet
econet
ethernet
ieee80211
ipv4 ipv4: mode 0555 in ipv4_skeleton 2008-08-27 02:35:18 -07:00
ipv6 ipv6: sysctl fixes 2008-08-25 15:18:15 -07:00
ipx
irda
iucv
key net: convert BUG_TRAP to generic WARN_ON 2008-07-25 21:43:18 -07:00
lapb
llc
mac80211 mac80211: quiet chatty IBSS merge message 2008-08-26 20:33:34 -04:00
netfilter netfilter: ctnetlink: sleepable allocation with spin lock bh 2008-08-18 21:31:46 -07:00
netlabel
netlink net: convert BUG_TRAP to generic WARN_ON 2008-07-25 21:43:18 -07:00
netrom netdev: Handle ->addr_list_lock just like ->_xmit_lock for lockdep. 2008-07-22 14:16:42 -07:00
packet net: convert BUG_TRAP to generic WARN_ON 2008-07-25 21:43:18 -07:00
rfkill net: rfkill: add missing line break 2008-08-26 20:06:31 -04:00
rose netdev: Handle ->addr_list_lock just like ->_xmit_lock for lockdep. 2008-07-22 14:16:42 -07:00
rxrpc net/rxrpc: Use an IS_ERR test rather than a NULL test 2008-08-13 02:40:48 -07:00
sched pkt_sched: Fix gen_estimator locks 2008-08-27 02:25:17 -07:00
sctp sctp: fix random memory dereference with SCTP_HMAC_IDENT option. 2008-08-27 16:09:49 -07:00
sunrpc Merge branch 'linus' into cpus4096 2008-07-28 21:14:43 +02:00
tipc net/tipc/subscr.c: don't use ___constant_swab32 2008-08-13 02:32:06 -07:00
unix Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6 2008-07-26 20:23:44 -07:00
wanrouter wanmain.c doesn't need syncppp.h 2008-07-23 23:00:36 +02:00
wireless wext: Send name on events 2008-08-13 02:39:56 -07:00
x25
xfrm xfrm: remove unnecessary variable in xfrm_output_resume() 2nd try 2008-08-13 13:35:37 -07:00
compat.c flag parameters: paccept 2008-07-24 10:47:27 -07:00
Kconfig net: Make "networking" one-click deselectable. 2008-07-30 03:27:53 -07:00
Makefile
nonet.c
socket.c SL*B: drop kmem cache argument from constructor 2008-07-26 12:00:07 -07:00
sysctl_net.c missing bits of net-namespace / sysctl 2008-07-27 09:45:34 -07:00
TUNABLE