git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Kavita Kavita <kavita.kavita@oss.qualcomm.com>
	Wed, 14 Jan 2026 11:18:59 +0000 (16:48 +0530)
committer	Johannes Berg <johannes.berg@intel.com>
	Wed, 14 Jan 2026 13:55:38 +0000 (14:55 +0100)
commit	3d2515fdd336b2c785f0568c3b015920261cca10
tree	ac9755ad251e2849a2c6b42e0835b086101ce11f	tree
parent	0e7e509963d5952980e3fdba7f8bf22dec8eda12	commit \| diff

wifi: mac80211: add support for encryption/decryption of (Re)Association frames

Currently, mac80211 does not encrypt or decrypt (Re)Association frames
(Request and Response) because temporal keys are not yet available at
that stage.

With extensions from IEEE P802.11bi, e.g. EPPKE, temporal keys can be
established before association. This enables the encryption and
decryption of (Re)Association Request/Response frames.

Add support to unset the IEEE80211_TX_INTFL_DONT_ENCRYPT flag when
the peer is marked as an Enhanced Privacy Protection (EPP) peer and
encryption keys are available for the connection in non-AP STA mode,
allowing secure transmission of (Re)Association Request frames.

Drop unprotected (Re)Association Request/Response frames received from
an EPP peer.

Co-developed-by: Sai Pratyusha Magam <quic_smagam@quicinc.com>
Signed-off-by: Sai Pratyusha Magam <quic_smagam@quicinc.com>
Signed-off-by: Kavita Kavita <kavita.kavita@oss.qualcomm.com>
Link: https://patch.msgid.link/20260114111900.2196941-9-kavita.kavita@oss.qualcomm.com
[remove useless parentheses]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>

net/mac80211/ieee80211_i.h		diff \| blob \| blame \| history
net/mac80211/mlme.c		diff \| blob \| blame \| history
net/mac80211/rx.c		diff \| blob \| blame \| history
net/mac80211/tx.c		diff \| blob \| blame \| history
net/mac80211/wpa.c		diff \| blob \| blame \| history