From e54faf29e07b6cc28a44a4f01d7fbc40905a67d3 Mon Sep 17 00:00:00 2001 From: Johannes Berg Date: Tue, 29 Jan 2013 11:41:38 +0100 Subject: mac80211: allow transmitting deauth with tainted key When we had a connection for WoWLAN and after resume it needed to be disconnected, the previous commit enabled sending a deauth frame to the AP. This frame would not go through on MFP-enabled networks as the key for it is marked tainted before the frame is transmitted. Allow a tainted key to be used for deauth frames. Worst case, we'll use a wrong key because the PTK was rekeyed while suspended, but more likely the PTK is still fine and the taint flag really only applies to the GTK(s). Signed-off-by: Johannes Berg diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c index a2cb6a3..7892b0a 100644 --- a/net/mac80211/tx.c +++ b/net/mac80211/tx.c @@ -594,7 +594,8 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx) break; } - if (unlikely(tx->key && tx->key->flags & KEY_FLAG_TAINTED)) + if (unlikely(tx->key && tx->key->flags & KEY_FLAG_TAINTED && + !ieee80211_is_deauth(hdr->frame_control))) return TX_DROP; if (!skip_hw && tx->key && -- cgit v0.10.2