Commit e0463f50 authored by Jouni Malinen's avatar Jouni Malinen Committed by John W. Linville
Browse files

mac80211: Fix drop-unencrypted for management frames

ADDBA request Action frame was sent out before 4-way handshake was
completed and the initial 802.11w code ended up dropping the frame
even if MFP was not enabled. While the sending of Action frames this
early is not really a good idea (will break with MFP enabled), we
should not break this for the MFP disabled case.

This patch fixes ieee80211_tx_h_select_key() not to drop management
frames if MFP is disabled. If MFP is enabled, Action frames will be
dropped before keys are set per IEEE 802.11w/D7.0. Other robust
management frames (i.e., Deauthentication and Disassociation frames)
are allowed unprotected prior to key configuration.

Signed-off-by: default avatarJouni Malinen <>
Signed-off-by: default avatarJohn W. Linville <>
parent 6cd0b1cb
......@@ -432,7 +432,10 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
tx->key = key;
else if (tx->sdata->drop_unencrypted &&
(tx->skb->protocol != cpu_to_be16(ETH_P_PAE)) &&
!(info->flags & IEEE80211_TX_CTL_INJECTED)) {
!(info->flags & IEEE80211_TX_CTL_INJECTED) &&
(!ieee80211_is_robust_mgmt_frame(hdr) ||
(ieee80211_is_action(hdr->frame_control) &&
tx->sta && test_sta_flags(tx->sta, WLAN_STA_MFP)))) {
return TX_DROP;
} else
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment