]> git.ipfire.org Git - thirdparty/kernel/linux.git/commit
projects / thirdparty / kernel / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5249fcc) | patch
wifi: mac80211: Fix AAD/Nonce computation for management frames with MLO
authorSai Pratyusha Magam <sai.magam@oss.qualcomm.com>
Thu, 26 Feb 2026 04:29:59 +0000 (09:59 +0530)
committerJohannes Berg <johannes.berg@intel.com>
Mon, 2 Mar 2026 08:53:19 +0000 (09:53 +0100)
commita536be923191e2662369ee87e5d7beb50946c71c
treed91479074786679e0dde9c66c8066579288fcb10tree | snapshot
parent5249fcc0efef8c1cf179485773f104d39b636c82commit | diff
wifi: mac80211: Fix AAD/Nonce computation for management frames with MLO

Per IEEE Std 802.11be-2024, 12.5.2.3.3, if the MPDU is an
individually addressed Data frame between an AP MLD and a
non-AP MLD associated with the AP MLD, then A1/A2/A3
will be MLD MAC addresses. Otherwise, Al/A2/A3 will be
over-the-air link MAC addresses.

Currently, during AAD and Nonce computation for software based
encryption/decryption cases, mac80211 directly uses the addresses it
receives in the skb frame header. However, after the first
authentication, management frame addresses for non-AP MLD stations
are translated to MLD addresses from over the air link addresses in
software. This means that the skb header could contain translated MLD
addresses, which when used as is, can lead to incorrect AAD/Nonce
computation.

In the following manner, ensure that the right set of addresses are used:

In the receive path, stash the pre-translated link addresses in
ieee80211_rx_data and use them for the AAD/Nonce computations
when required.

In the transmit path, offload the encryption for a CCMP/GCMP key
to the hwsim driver that can then ensure that encryption and hence
the AAD/Nonce computations are performed on the frame containing the
right set of addresses, i.e, MLD addresses if unicast data frame and
link addresses otherwise.

To do so, register the set key handler in hwsim driver so mac80211 is
aware that it is the driver that would take care of encrypting the
frame. Offload encryption for a CCMP/GCMP key, while keeping the
encryption for WEP/TKIP and MMIE generation for a AES_CMAC or a
AES_GMAC key still at the SW crypto in mac layer

Co-developed-by: Rohan Dutta <quic_drohan@quicinc.com>
Signed-off-by: Rohan Dutta <quic_drohan@quicinc.com>
Signed-off-by: Sai Pratyusha Magam <sai.magam@oss.qualcomm.com>
Link: https://patch.msgid.link/20260226042959.3766157-1-sai.magam@oss.qualcomm.com
[only store and apply link_addrs for unicast non-data
 rather storing always and applying for !unicast_data]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
drivers/net/wireless/virtual/mac80211_hwsim.c diff | blob | blame | history
include/net/mac80211.h diff | blob | blame | history
net/mac80211/ieee80211_i.h diff | blob | blame | history
net/mac80211/rx.c diff | blob | blame | history
net/mac80211/tx.c diff | blob | blame | history
net/mac80211/wpa.c diff | blob | blame | history
A mirror of Linus' kernel repository