Commit e54faf29 authored by Johannes Berg's avatar Johannes Berg
Browse files

mac80211: allow transmitting deauth with tainted key 



When we had a connection for WoWLAN and after resume it
needed to be disconnected, the previous commit enabled
sending a deauth frame to the AP. This frame would not
go through on MFP-enabled networks as the key for it is
marked tainted before the frame is transmitted.

Allow a tainted key to be used for deauth frames. Worst
case, we'll use a wrong key because the PTK was rekeyed
while suspended, but more likely the PTK is still fine
and the taint flag really only applies to the GTK(s).

Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
parent 2ca813ad

net/mac80211/tx.c

+2 −1
Original line number Diff line number Diff line
@@ -594,7 +594,8 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx) 
			break;

		}



		if (unlikely(tx->key && tx->key->flags & KEY_FLAG_TAINTED))

		if (unlikely(tx->key && tx->key->flags & KEY_FLAG_TAINTED &&

			     !ieee80211_is_deauth(hdr->frame_control)))

			return TX_DROP;



		if (!skip_hw && tx->key &&

CRA Git | Maintained and supported by SUSTech CRA and CCSE