From: Johannes Berg <johannes.berg@intel.com>
Date: Tue, 29 Jan 2013 10:41:38 +0000 (+0100)
Subject: mac80211: allow transmitting deauth with tainted key
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=e54faf29e07b6cc28a44a4f01d7fbc40905a67d3;p=linux.git

mac80211: allow transmitting deauth with tainted key

When we had a connection for WoWLAN and after resume it
needed to be disconnected, the previous commit enabled
sending a deauth frame to the AP. This frame would not
go through on MFP-enabled networks as the key for it is
marked tainted before the frame is transmitted.

Allow a tainted key to be used for deauth frames. Worst
case, we'll use a wrong key because the PTK was rekeyed
while suspended, but more likely the PTK is still fine
and the taint flag really only applies to the GTK(s).

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
---

diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index a2cb6a302cc74..7892b0a8873e7 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -594,7 +594,8 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
 			break;
 		}
 
-		if (unlikely(tx->key && tx->key->flags & KEY_FLAG_TAINTED))
+		if (unlikely(tx->key && tx->key->flags & KEY_FLAG_TAINTED &&
+			     !ieee80211_is_deauth(hdr->frame_control)))
 			return TX_DROP;
 
 		if (!skip_hw && tx->key &&