diff options
| author | Johannes Berg <johannes.berg@intel.com> | 2025-07-09 23:37:56 +0300 |
|---|---|---|
| committer | Johannes Berg <johannes.berg@intel.com> | 2025-07-15 11:00:38 +0200 |
| commit | 5241526dede93e6f1011b6b5e905801e24675ece (patch) | |
| tree | 7e0d8a75d55b871d784646d838487ddf0c6fd0f8 /net/mac80211/driver-ops.c | |
| parent | 14450be2332a49445106403492a367412b8c23f4 (diff) | |
wifi: mac80211: don't send keys to driver when fips_enabled
When fips_enabled is set, don't send any keys to the driver
(including possibly WoWLAN KEK/KCK material), assuming that
no device exists with the necessary certifications. If this
turns out to be false in the future, we can add a HW flag.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Miri Korenblit <miriam.rachel.korenblit@intel.com>
Link: https://patch.msgid.link/20250709233537.e5eebc2b19d8.I968ef8c9ffb48d464ada78685bd25d22349fb063@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Diffstat (limited to 'net/mac80211/driver-ops.c')
| -rw-r--r-- | net/mac80211/driver-ops.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/net/mac80211/driver-ops.c b/net/mac80211/driver-ops.c index 35349a7f16cb..ba9fba165926 100644 --- a/net/mac80211/driver-ops.c +++ b/net/mac80211/driver-ops.c @@ -1,7 +1,7 @@ // SPDX-License-Identifier: GPL-2.0-only /* * Copyright 2015 Intel Deutschland GmbH - * Copyright (C) 2022-2024 Intel Corporation + * Copyright (C) 2022-2025 Intel Corporation */ #include <net/mac80211.h> #include "ieee80211_i.h" @@ -515,6 +515,9 @@ int drv_set_key(struct ieee80211_local *local, !(sdata->vif.active_links & BIT(key->link_id)))) return -ENOLINK; + if (fips_enabled) + return -EOPNOTSUPP; + trace_drv_set_key(local, cmd, sdata, sta, key); ret = local->ops->set_key(&local->hw, cmd, &sdata->vif, sta, key); trace_drv_return_int(local, ret); |