1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright 2002-2005, Instant802 Networks, Inc. 4 * Copyright 2005-2006, Devicescape Software, Inc. 5 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 6 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net> 7 * Copyright 2013-2014 Intel Mobile Communications GmbH 8 * Copyright 2015-2017 Intel Deutschland GmbH 9 * Copyright 2018-2020, 2022-2023 Intel Corporation 10 */ 11 12 #include <crypto/utils.h> 13 #include <linux/if_ether.h> 14 #include <linux/etherdevice.h> 15 #include <linux/list.h> 16 #include <linux/rcupdate.h> 17 #include <linux/rtnetlink.h> 18 #include <linux/slab.h> 19 #include <linux/export.h> 20 #include <net/mac80211.h> 21 #include <asm/unaligned.h> 22 #include "ieee80211_i.h" 23 #include "driver-ops.h" 24 #include "debugfs_key.h" 25 #include "aes_ccm.h" 26 #include "aes_cmac.h" 27 #include "aes_gmac.h" 28 #include "aes_gcm.h" 29 30 31 /** 32 * DOC: Key handling basics 33 * 34 * Key handling in mac80211 is done based on per-interface (sub_if_data) 35 * keys and per-station keys. Since each station belongs to an interface, 36 * each station key also belongs to that interface. 37 * 38 * Hardware acceleration is done on a best-effort basis for algorithms 39 * that are implemented in software, for each key the hardware is asked 40 * to enable that key for offloading but if it cannot do that the key is 41 * simply kept for software encryption (unless it is for an algorithm 42 * that isn't implemented in software). 43 * There is currently no way of knowing whether a key is handled in SW 44 * or HW except by looking into debugfs. 45 * 46 * All key management is internally protected by a mutex. Within all 47 * other parts of mac80211, key references are, just as STA structure 48 * references, protected by RCU. Note, however, that some things are 49 * unprotected, namely the key->sta dereferences within the hardware 50 * acceleration functions. This means that sta_info_destroy() must 51 * remove the key which waits for an RCU grace period. 52 */ 53 54 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 55 assert_key_lock(struct ieee80211_local * local)56 static void assert_key_lock(struct ieee80211_local *local) 57 { 58 lockdep_assert_held(&local->key_mtx); 59 } 60 61 static void update_vlan_tailroom_need_count(struct ieee80211_sub_if_data * sdata,int delta)62 update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta) 63 { 64 struct ieee80211_sub_if_data *vlan; 65 66 if (sdata->vif.type != NL80211_IFTYPE_AP) 67 return; 68 69 /* crypto_tx_tailroom_needed_cnt is protected by this */ 70 assert_key_lock(sdata->local); 71 72 rcu_read_lock(); 73 74 list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list) 75 vlan->crypto_tx_tailroom_needed_cnt += delta; 76 77 rcu_read_unlock(); 78 } 79 increment_tailroom_need_count(struct ieee80211_sub_if_data * sdata)80 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata) 81 { 82 /* 83 * When this count is zero, SKB resizing for allocating tailroom 84 * for IV or MMIC is skipped. But, this check has created two race 85 * cases in xmit path while transiting from zero count to one: 86 * 87 * 1. SKB resize was skipped because no key was added but just before 88 * the xmit key is added and SW encryption kicks off. 89 * 90 * 2. SKB resize was skipped because all the keys were hw planted but 91 * just before xmit one of the key is deleted and SW encryption kicks 92 * off. 93 * 94 * In both the above case SW encryption will find not enough space for 95 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c) 96 * 97 * Solution has been explained at 98 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net 99 */ 100 101 assert_key_lock(sdata->local); 102 103 update_vlan_tailroom_need_count(sdata, 1); 104 105 if (!sdata->crypto_tx_tailroom_needed_cnt++) { 106 /* 107 * Flush all XMIT packets currently using HW encryption or no 108 * encryption at all if the count transition is from 0 -> 1. 109 */ 110 synchronize_net(); 111 } 112 } 113 decrease_tailroom_need_count(struct ieee80211_sub_if_data * sdata,int delta)114 static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata, 115 int delta) 116 { 117 assert_key_lock(sdata->local); 118 119 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta); 120 121 update_vlan_tailroom_need_count(sdata, -delta); 122 sdata->crypto_tx_tailroom_needed_cnt -= delta; 123 } 124 ieee80211_key_enable_hw_accel(struct ieee80211_key * key)125 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key) 126 { 127 struct ieee80211_sub_if_data *sdata = key->sdata; 128 struct sta_info *sta; 129 int ret = -EOPNOTSUPP; 130 131 might_sleep(); 132 133 if (key->flags & KEY_FLAG_TAINTED) { 134 /* If we get here, it's during resume and the key is 135 * tainted so shouldn't be used/programmed any more. 136 * However, its flags may still indicate that it was 137 * programmed into the device (since we're in resume) 138 * so clear that flag now to avoid trying to remove 139 * it again later. 140 */ 141 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE && 142 !(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 143 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 144 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 145 increment_tailroom_need_count(sdata); 146 147 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 148 return -EINVAL; 149 } 150 151 if (!key->local->ops->set_key) 152 goto out_unsupported; 153 154 assert_key_lock(key->local); 155 156 sta = key->sta; 157 158 /* 159 * If this is a per-STA GTK, check if it 160 * is supported; if not, return. 161 */ 162 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) && 163 !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK)) 164 goto out_unsupported; 165 166 if (sta && !sta->uploaded) 167 goto out_unsupported; 168 169 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 170 /* 171 * The driver doesn't know anything about VLAN interfaces. 172 * Hence, don't send GTKs for VLAN interfaces to the driver. 173 */ 174 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) { 175 ret = 1; 176 goto out_unsupported; 177 } 178 } 179 180 if (key->conf.link_id >= 0 && sdata->vif.active_links && 181 !(sdata->vif.active_links & BIT(key->conf.link_id))) 182 return 0; 183 184 ret = drv_set_key(key->local, SET_KEY, sdata, 185 sta ? &sta->sta : NULL, &key->conf); 186 187 if (!ret) { 188 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; 189 190 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 191 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 192 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 193 decrease_tailroom_need_count(sdata, 1); 194 195 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) && 196 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)); 197 198 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_MIC_SPACE) && 199 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC)); 200 201 return 0; 202 } 203 204 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1) 205 sdata_err(sdata, 206 "failed to set key (%d, %pM) to hardware (%d)\n", 207 key->conf.keyidx, 208 sta ? sta->sta.addr : bcast_addr, ret); 209 210 out_unsupported: 211 switch (key->conf.cipher) { 212 case WLAN_CIPHER_SUITE_WEP40: 213 case WLAN_CIPHER_SUITE_WEP104: 214 case WLAN_CIPHER_SUITE_TKIP: 215 case WLAN_CIPHER_SUITE_CCMP: 216 case WLAN_CIPHER_SUITE_CCMP_256: 217 case WLAN_CIPHER_SUITE_GCMP: 218 case WLAN_CIPHER_SUITE_GCMP_256: 219 case WLAN_CIPHER_SUITE_AES_CMAC: 220 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 221 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 222 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 223 /* all of these we can do in software - if driver can */ 224 if (ret == 1) 225 return 0; 226 if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL)) 227 return -EINVAL; 228 return 0; 229 default: 230 return -EINVAL; 231 } 232 } 233 ieee80211_key_disable_hw_accel(struct ieee80211_key * key)234 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key) 235 { 236 struct ieee80211_sub_if_data *sdata; 237 struct sta_info *sta; 238 int ret; 239 240 might_sleep(); 241 242 if (!key || !key->local->ops->set_key) 243 return; 244 245 assert_key_lock(key->local); 246 247 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 248 return; 249 250 sta = key->sta; 251 sdata = key->sdata; 252 253 if (key->conf.link_id >= 0 && sdata->vif.active_links && 254 !(sdata->vif.active_links & BIT(key->conf.link_id))) 255 return; 256 257 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 258 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 259 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 260 increment_tailroom_need_count(sdata); 261 262 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 263 ret = drv_set_key(key->local, DISABLE_KEY, sdata, 264 sta ? &sta->sta : NULL, &key->conf); 265 266 if (ret) 267 sdata_err(sdata, 268 "failed to remove key (%d, %pM) from hardware (%d)\n", 269 key->conf.keyidx, 270 sta ? sta->sta.addr : bcast_addr, ret); 271 } 272 _ieee80211_set_tx_key(struct ieee80211_key * key,bool force)273 static int _ieee80211_set_tx_key(struct ieee80211_key *key, bool force) 274 { 275 struct sta_info *sta = key->sta; 276 struct ieee80211_local *local = key->local; 277 278 assert_key_lock(local); 279 280 set_sta_flag(sta, WLAN_STA_USES_ENCRYPTION); 281 282 sta->ptk_idx = key->conf.keyidx; 283 284 if (force || !ieee80211_hw_check(&local->hw, AMPDU_KEYBORDER_SUPPORT)) 285 clear_sta_flag(sta, WLAN_STA_BLOCK_BA); 286 ieee80211_check_fast_xmit(sta); 287 288 return 0; 289 } 290 ieee80211_set_tx_key(struct ieee80211_key * key)291 int ieee80211_set_tx_key(struct ieee80211_key *key) 292 { 293 return _ieee80211_set_tx_key(key, false); 294 } 295 ieee80211_pairwise_rekey(struct ieee80211_key * old,struct ieee80211_key * new)296 static void ieee80211_pairwise_rekey(struct ieee80211_key *old, 297 struct ieee80211_key *new) 298 { 299 struct ieee80211_local *local = new->local; 300 struct sta_info *sta = new->sta; 301 int i; 302 303 assert_key_lock(local); 304 305 if (new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX) { 306 /* Extended Key ID key install, initial one or rekey */ 307 308 if (sta->ptk_idx != INVALID_PTK_KEYIDX && 309 !ieee80211_hw_check(&local->hw, AMPDU_KEYBORDER_SUPPORT)) { 310 /* Aggregation Sessions with Extended Key ID must not 311 * mix MPDUs with different keyIDs within one A-MPDU. 312 * Tear down running Tx aggregation sessions and block 313 * new Rx/Tx aggregation requests during rekey to 314 * ensure there are no A-MPDUs when the driver is not 315 * supporting A-MPDU key borders. (Blocking Tx only 316 * would be sufficient but WLAN_STA_BLOCK_BA gets the 317 * job done for the few ms we need it.) 318 */ 319 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 320 mutex_lock(&sta->ampdu_mlme.mtx); 321 for (i = 0; i < IEEE80211_NUM_TIDS; i++) 322 ___ieee80211_stop_tx_ba_session(sta, i, 323 AGG_STOP_LOCAL_REQUEST); 324 mutex_unlock(&sta->ampdu_mlme.mtx); 325 } 326 } else if (old) { 327 /* Rekey without Extended Key ID. 328 * Aggregation sessions are OK when running on SW crypto. 329 * A broken remote STA may cause issues not observed with HW 330 * crypto, though. 331 */ 332 if (!(old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 333 return; 334 335 /* Stop Tx till we are on the new key */ 336 old->flags |= KEY_FLAG_TAINTED; 337 ieee80211_clear_fast_xmit(sta); 338 if (ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION)) { 339 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 340 ieee80211_sta_tear_down_BA_sessions(sta, 341 AGG_STOP_LOCAL_REQUEST); 342 } 343 if (!wiphy_ext_feature_isset(local->hw.wiphy, 344 NL80211_EXT_FEATURE_CAN_REPLACE_PTK0)) { 345 pr_warn_ratelimited("Rekeying PTK for STA %pM but driver can't safely do that.", 346 sta->sta.addr); 347 /* Flushing the driver queues *may* help prevent 348 * the clear text leaks and freezes. 349 */ 350 ieee80211_flush_queues(local, old->sdata, false); 351 } 352 } 353 } 354 __ieee80211_set_default_key(struct ieee80211_link_data * link,int idx,bool uni,bool multi)355 static void __ieee80211_set_default_key(struct ieee80211_link_data *link, 356 int idx, bool uni, bool multi) 357 { 358 struct ieee80211_sub_if_data *sdata = link->sdata; 359 struct ieee80211_key *key = NULL; 360 361 assert_key_lock(sdata->local); 362 363 if (idx >= 0 && idx < NUM_DEFAULT_KEYS) { 364 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 365 if (!key) 366 key = key_mtx_dereference(sdata->local, link->gtk[idx]); 367 } 368 369 if (uni) { 370 rcu_assign_pointer(sdata->default_unicast_key, key); 371 ieee80211_check_fast_xmit_iface(sdata); 372 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN) 373 drv_set_default_unicast_key(sdata->local, sdata, idx); 374 } 375 376 if (multi) 377 rcu_assign_pointer(link->default_multicast_key, key); 378 379 ieee80211_debugfs_key_update_default(sdata); 380 } 381 ieee80211_set_default_key(struct ieee80211_link_data * link,int idx,bool uni,bool multi)382 void ieee80211_set_default_key(struct ieee80211_link_data *link, int idx, 383 bool uni, bool multi) 384 { 385 mutex_lock(&link->sdata->local->key_mtx); 386 __ieee80211_set_default_key(link, idx, uni, multi); 387 mutex_unlock(&link->sdata->local->key_mtx); 388 } 389 390 static void __ieee80211_set_default_mgmt_key(struct ieee80211_link_data * link,int idx)391 __ieee80211_set_default_mgmt_key(struct ieee80211_link_data *link, int idx) 392 { 393 struct ieee80211_sub_if_data *sdata = link->sdata; 394 struct ieee80211_key *key = NULL; 395 396 assert_key_lock(sdata->local); 397 398 if (idx >= NUM_DEFAULT_KEYS && 399 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) 400 key = key_mtx_dereference(sdata->local, link->gtk[idx]); 401 402 rcu_assign_pointer(link->default_mgmt_key, key); 403 404 ieee80211_debugfs_key_update_default(sdata); 405 } 406 ieee80211_set_default_mgmt_key(struct ieee80211_link_data * link,int idx)407 void ieee80211_set_default_mgmt_key(struct ieee80211_link_data *link, 408 int idx) 409 { 410 mutex_lock(&link->sdata->local->key_mtx); 411 __ieee80211_set_default_mgmt_key(link, idx); 412 mutex_unlock(&link->sdata->local->key_mtx); 413 } 414 415 static void __ieee80211_set_default_beacon_key(struct ieee80211_link_data * link,int idx)416 __ieee80211_set_default_beacon_key(struct ieee80211_link_data *link, int idx) 417 { 418 struct ieee80211_sub_if_data *sdata = link->sdata; 419 struct ieee80211_key *key = NULL; 420 421 assert_key_lock(sdata->local); 422 423 if (idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS && 424 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS + 425 NUM_DEFAULT_BEACON_KEYS) 426 key = key_mtx_dereference(sdata->local, link->gtk[idx]); 427 428 rcu_assign_pointer(link->default_beacon_key, key); 429 430 ieee80211_debugfs_key_update_default(sdata); 431 } 432 ieee80211_set_default_beacon_key(struct ieee80211_link_data * link,int idx)433 void ieee80211_set_default_beacon_key(struct ieee80211_link_data *link, 434 int idx) 435 { 436 mutex_lock(&link->sdata->local->key_mtx); 437 __ieee80211_set_default_beacon_key(link, idx); 438 mutex_unlock(&link->sdata->local->key_mtx); 439 } 440 ieee80211_key_replace(struct ieee80211_sub_if_data * sdata,struct ieee80211_link_data * link,struct sta_info * sta,bool pairwise,struct ieee80211_key * old,struct ieee80211_key * new)441 static int ieee80211_key_replace(struct ieee80211_sub_if_data *sdata, 442 struct ieee80211_link_data *link, 443 struct sta_info *sta, 444 bool pairwise, 445 struct ieee80211_key *old, 446 struct ieee80211_key *new) 447 { 448 struct link_sta_info *link_sta = sta ? &sta->deflink : NULL; 449 int link_id; 450 int idx; 451 int ret = 0; 452 bool defunikey, defmultikey, defmgmtkey, defbeaconkey; 453 bool is_wep; 454 455 /* caller must provide at least one old/new */ 456 if (WARN_ON(!new && !old)) 457 return 0; 458 459 if (new) { 460 idx = new->conf.keyidx; 461 is_wep = new->conf.cipher == WLAN_CIPHER_SUITE_WEP40 || 462 new->conf.cipher == WLAN_CIPHER_SUITE_WEP104; 463 link_id = new->conf.link_id; 464 } else { 465 idx = old->conf.keyidx; 466 is_wep = old->conf.cipher == WLAN_CIPHER_SUITE_WEP40 || 467 old->conf.cipher == WLAN_CIPHER_SUITE_WEP104; 468 link_id = old->conf.link_id; 469 } 470 471 if (WARN(old && old->conf.link_id != link_id, 472 "old link ID %d doesn't match new link ID %d\n", 473 old->conf.link_id, link_id)) 474 return -EINVAL; 475 476 if (link_id >= 0) { 477 if (!link) { 478 link = sdata_dereference(sdata->link[link_id], sdata); 479 if (!link) 480 return -ENOLINK; 481 } 482 483 if (sta) { 484 link_sta = rcu_dereference_protected(sta->link[link_id], 485 lockdep_is_held(&sta->local->sta_mtx)); 486 if (!link_sta) 487 return -ENOLINK; 488 } 489 } else { 490 link = &sdata->deflink; 491 } 492 493 if ((is_wep || pairwise) && idx >= NUM_DEFAULT_KEYS) 494 return -EINVAL; 495 496 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx); 497 498 if (new && sta && pairwise) { 499 /* Unicast rekey needs special handling. With Extended Key ID 500 * old is still NULL for the first rekey. 501 */ 502 ieee80211_pairwise_rekey(old, new); 503 } 504 505 if (old) { 506 if (old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 507 ieee80211_key_disable_hw_accel(old); 508 509 if (new) 510 ret = ieee80211_key_enable_hw_accel(new); 511 } 512 } else { 513 if (!new->local->wowlan) { 514 ret = ieee80211_key_enable_hw_accel(new); 515 } else { 516 assert_key_lock(new->local); 517 new->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; 518 } 519 } 520 521 if (ret) 522 return ret; 523 524 if (new) 525 list_add_tail_rcu(&new->list, &sdata->key_list); 526 527 if (sta) { 528 if (pairwise) { 529 rcu_assign_pointer(sta->ptk[idx], new); 530 if (new && 531 !(new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX)) 532 _ieee80211_set_tx_key(new, true); 533 } else { 534 rcu_assign_pointer(link_sta->gtk[idx], new); 535 } 536 /* Only needed for transition from no key -> key. 537 * Still triggers unnecessary when using Extended Key ID 538 * and installing the second key ID the first time. 539 */ 540 if (new && !old) 541 ieee80211_check_fast_rx(sta); 542 } else { 543 defunikey = old && 544 old == key_mtx_dereference(sdata->local, 545 sdata->default_unicast_key); 546 defmultikey = old && 547 old == key_mtx_dereference(sdata->local, 548 link->default_multicast_key); 549 defmgmtkey = old && 550 old == key_mtx_dereference(sdata->local, 551 link->default_mgmt_key); 552 defbeaconkey = old && 553 old == key_mtx_dereference(sdata->local, 554 link->default_beacon_key); 555 556 if (defunikey && !new) 557 __ieee80211_set_default_key(link, -1, true, false); 558 if (defmultikey && !new) 559 __ieee80211_set_default_key(link, -1, false, true); 560 if (defmgmtkey && !new) 561 __ieee80211_set_default_mgmt_key(link, -1); 562 if (defbeaconkey && !new) 563 __ieee80211_set_default_beacon_key(link, -1); 564 565 if (is_wep || pairwise) 566 rcu_assign_pointer(sdata->keys[idx], new); 567 else 568 rcu_assign_pointer(link->gtk[idx], new); 569 570 if (defunikey && new) 571 __ieee80211_set_default_key(link, new->conf.keyidx, 572 true, false); 573 if (defmultikey && new) 574 __ieee80211_set_default_key(link, new->conf.keyidx, 575 false, true); 576 if (defmgmtkey && new) 577 __ieee80211_set_default_mgmt_key(link, 578 new->conf.keyidx); 579 if (defbeaconkey && new) 580 __ieee80211_set_default_beacon_key(link, 581 new->conf.keyidx); 582 } 583 584 if (old) 585 list_del_rcu(&old->list); 586 587 return 0; 588 } 589 590 struct ieee80211_key * ieee80211_key_alloc(u32 cipher,int idx,size_t key_len,const u8 * key_data,size_t seq_len,const u8 * seq)591 ieee80211_key_alloc(u32 cipher, int idx, size_t key_len, 592 const u8 *key_data, 593 size_t seq_len, const u8 *seq) 594 { 595 struct ieee80211_key *key; 596 int i, j, err; 597 598 if (WARN_ON(idx < 0 || 599 idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS + 600 NUM_DEFAULT_BEACON_KEYS)) 601 return ERR_PTR(-EINVAL); 602 603 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL); 604 if (!key) 605 return ERR_PTR(-ENOMEM); 606 607 /* 608 * Default to software encryption; we'll later upload the 609 * key to the hardware if possible. 610 */ 611 key->conf.flags = 0; 612 key->flags = 0; 613 614 key->conf.link_id = -1; 615 key->conf.cipher = cipher; 616 key->conf.keyidx = idx; 617 key->conf.keylen = key_len; 618 switch (cipher) { 619 case WLAN_CIPHER_SUITE_WEP40: 620 case WLAN_CIPHER_SUITE_WEP104: 621 key->conf.iv_len = IEEE80211_WEP_IV_LEN; 622 key->conf.icv_len = IEEE80211_WEP_ICV_LEN; 623 break; 624 case WLAN_CIPHER_SUITE_TKIP: 625 key->conf.iv_len = IEEE80211_TKIP_IV_LEN; 626 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN; 627 if (seq) { 628 for (i = 0; i < IEEE80211_NUM_TIDS; i++) { 629 key->u.tkip.rx[i].iv32 = 630 get_unaligned_le32(&seq[2]); 631 key->u.tkip.rx[i].iv16 = 632 get_unaligned_le16(seq); 633 } 634 } 635 spin_lock_init(&key->u.tkip.txlock); 636 break; 637 case WLAN_CIPHER_SUITE_CCMP: 638 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN; 639 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN; 640 if (seq) { 641 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 642 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++) 643 key->u.ccmp.rx_pn[i][j] = 644 seq[IEEE80211_CCMP_PN_LEN - j - 1]; 645 } 646 /* 647 * Initialize AES key state here as an optimization so that 648 * it does not need to be initialized for every packet. 649 */ 650 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 651 key_data, key_len, IEEE80211_CCMP_MIC_LEN); 652 if (IS_ERR(key->u.ccmp.tfm)) { 653 err = PTR_ERR(key->u.ccmp.tfm); 654 kfree(key); 655 return ERR_PTR(err); 656 } 657 break; 658 case WLAN_CIPHER_SUITE_CCMP_256: 659 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN; 660 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN; 661 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 662 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++) 663 key->u.ccmp.rx_pn[i][j] = 664 seq[IEEE80211_CCMP_256_PN_LEN - j - 1]; 665 /* Initialize AES key state here as an optimization so that 666 * it does not need to be initialized for every packet. 667 */ 668 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 669 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN); 670 if (IS_ERR(key->u.ccmp.tfm)) { 671 err = PTR_ERR(key->u.ccmp.tfm); 672 kfree(key); 673 return ERR_PTR(err); 674 } 675 break; 676 case WLAN_CIPHER_SUITE_AES_CMAC: 677 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 678 key->conf.iv_len = 0; 679 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC) 680 key->conf.icv_len = sizeof(struct ieee80211_mmie); 681 else 682 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 683 if (seq) 684 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++) 685 key->u.aes_cmac.rx_pn[j] = 686 seq[IEEE80211_CMAC_PN_LEN - j - 1]; 687 /* 688 * Initialize AES key state here as an optimization so that 689 * it does not need to be initialized for every packet. 690 */ 691 key->u.aes_cmac.tfm = 692 ieee80211_aes_cmac_key_setup(key_data, key_len); 693 if (IS_ERR(key->u.aes_cmac.tfm)) { 694 err = PTR_ERR(key->u.aes_cmac.tfm); 695 kfree(key); 696 return ERR_PTR(err); 697 } 698 break; 699 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 700 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 701 key->conf.iv_len = 0; 702 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 703 if (seq) 704 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++) 705 key->u.aes_gmac.rx_pn[j] = 706 seq[IEEE80211_GMAC_PN_LEN - j - 1]; 707 /* Initialize AES key state here as an optimization so that 708 * it does not need to be initialized for every packet. 709 */ 710 key->u.aes_gmac.tfm = 711 ieee80211_aes_gmac_key_setup(key_data, key_len); 712 if (IS_ERR(key->u.aes_gmac.tfm)) { 713 err = PTR_ERR(key->u.aes_gmac.tfm); 714 kfree(key); 715 return ERR_PTR(err); 716 } 717 break; 718 case WLAN_CIPHER_SUITE_GCMP: 719 case WLAN_CIPHER_SUITE_GCMP_256: 720 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN; 721 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN; 722 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 723 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++) 724 key->u.gcmp.rx_pn[i][j] = 725 seq[IEEE80211_GCMP_PN_LEN - j - 1]; 726 /* Initialize AES key state here as an optimization so that 727 * it does not need to be initialized for every packet. 728 */ 729 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data, 730 key_len); 731 if (IS_ERR(key->u.gcmp.tfm)) { 732 err = PTR_ERR(key->u.gcmp.tfm); 733 kfree(key); 734 return ERR_PTR(err); 735 } 736 break; 737 } 738 memcpy(key->conf.key, key_data, key_len); 739 INIT_LIST_HEAD(&key->list); 740 741 return key; 742 } 743 ieee80211_key_free_common(struct ieee80211_key * key)744 static void ieee80211_key_free_common(struct ieee80211_key *key) 745 { 746 switch (key->conf.cipher) { 747 case WLAN_CIPHER_SUITE_CCMP: 748 case WLAN_CIPHER_SUITE_CCMP_256: 749 ieee80211_aes_key_free(key->u.ccmp.tfm); 750 break; 751 case WLAN_CIPHER_SUITE_AES_CMAC: 752 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 753 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm); 754 break; 755 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 756 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 757 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm); 758 break; 759 case WLAN_CIPHER_SUITE_GCMP: 760 case WLAN_CIPHER_SUITE_GCMP_256: 761 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm); 762 break; 763 } 764 kfree_sensitive(key); 765 } 766 __ieee80211_key_destroy(struct ieee80211_key * key,bool delay_tailroom)767 static void __ieee80211_key_destroy(struct ieee80211_key *key, 768 bool delay_tailroom) 769 { 770 if (key->local) { 771 struct ieee80211_sub_if_data *sdata = key->sdata; 772 773 ieee80211_debugfs_key_remove(key); 774 775 if (delay_tailroom) { 776 /* see ieee80211_delayed_tailroom_dec */ 777 sdata->crypto_tx_tailroom_pending_dec++; 778 schedule_delayed_work(&sdata->dec_tailroom_needed_wk, 779 HZ/2); 780 } else { 781 decrease_tailroom_need_count(sdata, 1); 782 } 783 } 784 785 ieee80211_key_free_common(key); 786 } 787 ieee80211_key_destroy(struct ieee80211_key * key,bool delay_tailroom)788 static void ieee80211_key_destroy(struct ieee80211_key *key, 789 bool delay_tailroom) 790 { 791 if (!key) 792 return; 793 794 /* 795 * Synchronize so the TX path and rcu key iterators 796 * can no longer be using this key before we free/remove it. 797 */ 798 synchronize_net(); 799 800 __ieee80211_key_destroy(key, delay_tailroom); 801 } 802 ieee80211_key_free_unused(struct ieee80211_key * key)803 void ieee80211_key_free_unused(struct ieee80211_key *key) 804 { 805 if (!key) 806 return; 807 808 WARN_ON(key->sdata || key->local); 809 ieee80211_key_free_common(key); 810 } 811 ieee80211_key_identical(struct ieee80211_sub_if_data * sdata,struct ieee80211_key * old,struct ieee80211_key * new)812 static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata, 813 struct ieee80211_key *old, 814 struct ieee80211_key *new) 815 { 816 u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP]; 817 u8 *tk_old, *tk_new; 818 819 if (!old || new->conf.keylen != old->conf.keylen) 820 return false; 821 822 tk_old = old->conf.key; 823 tk_new = new->conf.key; 824 825 /* 826 * In station mode, don't compare the TX MIC key, as it's never used 827 * and offloaded rekeying may not care to send it to the host. This 828 * is the case in iwlwifi, for example. 829 */ 830 if (sdata->vif.type == NL80211_IFTYPE_STATION && 831 new->conf.cipher == WLAN_CIPHER_SUITE_TKIP && 832 new->conf.keylen == WLAN_KEY_LEN_TKIP && 833 !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) { 834 memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP); 835 memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP); 836 memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8); 837 memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8); 838 tk_old = tkip_old; 839 tk_new = tkip_new; 840 } 841 842 return !crypto_memneq(tk_old, tk_new, new->conf.keylen); 843 } 844 ieee80211_key_link(struct ieee80211_key * key,struct ieee80211_link_data * link,struct sta_info * sta)845 int ieee80211_key_link(struct ieee80211_key *key, 846 struct ieee80211_link_data *link, 847 struct sta_info *sta) 848 { 849 struct ieee80211_sub_if_data *sdata = link->sdata; 850 static atomic_t key_color = ATOMIC_INIT(0); 851 struct ieee80211_key *old_key = NULL; 852 int idx = key->conf.keyidx; 853 bool pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE; 854 /* 855 * We want to delay tailroom updates only for station - in that 856 * case it helps roaming speed, but in other cases it hurts and 857 * can cause warnings to appear. 858 */ 859 bool delay_tailroom = sdata->vif.type == NL80211_IFTYPE_STATION; 860 int ret; 861 862 mutex_lock(&sdata->local->key_mtx); 863 864 if (sta && pairwise) { 865 struct ieee80211_key *alt_key; 866 867 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]); 868 alt_key = key_mtx_dereference(sdata->local, sta->ptk[idx ^ 1]); 869 870 /* The rekey code assumes that the old and new key are using 871 * the same cipher. Enforce the assumption for pairwise keys. 872 */ 873 if ((alt_key && alt_key->conf.cipher != key->conf.cipher) || 874 (old_key && old_key->conf.cipher != key->conf.cipher)) { 875 ret = -EOPNOTSUPP; 876 goto out; 877 } 878 } else if (sta) { 879 struct link_sta_info *link_sta = &sta->deflink; 880 int link_id = key->conf.link_id; 881 882 if (link_id >= 0) { 883 link_sta = rcu_dereference_protected(sta->link[link_id], 884 lockdep_is_held(&sta->local->sta_mtx)); 885 if (!link_sta) { 886 ret = -ENOLINK; 887 goto out; 888 } 889 } 890 891 old_key = key_mtx_dereference(sdata->local, link_sta->gtk[idx]); 892 } else { 893 if (idx < NUM_DEFAULT_KEYS) 894 old_key = key_mtx_dereference(sdata->local, 895 sdata->keys[idx]); 896 if (!old_key) 897 old_key = key_mtx_dereference(sdata->local, 898 link->gtk[idx]); 899 } 900 901 /* Non-pairwise keys must also not switch the cipher on rekey */ 902 if (!pairwise) { 903 if (old_key && old_key->conf.cipher != key->conf.cipher) { 904 ret = -EOPNOTSUPP; 905 goto out; 906 } 907 } 908 909 /* 910 * Silently accept key re-installation without really installing the 911 * new version of the key to avoid nonce reuse or replay issues. 912 */ 913 if (ieee80211_key_identical(sdata, old_key, key)) { 914 ret = -EALREADY; 915 goto out; 916 } 917 918 key->local = sdata->local; 919 key->sdata = sdata; 920 key->sta = sta; 921 922 /* 923 * Assign a unique ID to every key so we can easily prevent mixed 924 * key and fragment cache attacks. 925 */ 926 key->color = atomic_inc_return(&key_color); 927 928 increment_tailroom_need_count(sdata); 929 930 ret = ieee80211_key_replace(sdata, link, sta, pairwise, old_key, key); 931 932 if (!ret) { 933 ieee80211_debugfs_key_add(key); 934 ieee80211_key_destroy(old_key, delay_tailroom); 935 } else { 936 ieee80211_key_free(key, delay_tailroom); 937 } 938 939 key = NULL; 940 941 out: 942 ieee80211_key_free_unused(key); 943 mutex_unlock(&sdata->local->key_mtx); 944 945 return ret; 946 } 947 ieee80211_key_free(struct ieee80211_key * key,bool delay_tailroom)948 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom) 949 { 950 if (!key) 951 return; 952 953 /* 954 * Replace key with nothingness if it was ever used. 955 */ 956 if (key->sdata) 957 ieee80211_key_replace(key->sdata, NULL, key->sta, 958 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 959 key, NULL); 960 ieee80211_key_destroy(key, delay_tailroom); 961 } 962 ieee80211_reenable_keys(struct ieee80211_sub_if_data * sdata)963 void ieee80211_reenable_keys(struct ieee80211_sub_if_data *sdata) 964 { 965 struct ieee80211_key *key; 966 struct ieee80211_sub_if_data *vlan; 967 968 lockdep_assert_wiphy(sdata->local->hw.wiphy); 969 970 mutex_lock(&sdata->local->key_mtx); 971 972 sdata->crypto_tx_tailroom_needed_cnt = 0; 973 sdata->crypto_tx_tailroom_pending_dec = 0; 974 975 if (sdata->vif.type == NL80211_IFTYPE_AP) { 976 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) { 977 vlan->crypto_tx_tailroom_needed_cnt = 0; 978 vlan->crypto_tx_tailroom_pending_dec = 0; 979 } 980 } 981 982 if (ieee80211_sdata_running(sdata)) { 983 list_for_each_entry(key, &sdata->key_list, list) { 984 increment_tailroom_need_count(sdata); 985 ieee80211_key_enable_hw_accel(key); 986 } 987 } 988 989 mutex_unlock(&sdata->local->key_mtx); 990 } 991 992 static void ieee80211_key_iter(struct ieee80211_hw * hw,struct ieee80211_vif * vif,struct ieee80211_key * key,void (* iter)(struct ieee80211_hw * hw,struct ieee80211_vif * vif,struct ieee80211_sta * sta,struct ieee80211_key_conf * key,void * data),void * iter_data)993 ieee80211_key_iter(struct ieee80211_hw *hw, 994 struct ieee80211_vif *vif, 995 struct ieee80211_key *key, 996 void (*iter)(struct ieee80211_hw *hw, 997 struct ieee80211_vif *vif, 998 struct ieee80211_sta *sta, 999 struct ieee80211_key_conf *key, 1000 void *data), 1001 void *iter_data) 1002 { 1003 /* skip keys of station in removal process */ 1004 if (key->sta && key->sta->removed) 1005 return; 1006 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 1007 return; 1008 iter(hw, vif, key->sta ? &key->sta->sta : NULL, 1009 &key->conf, iter_data); 1010 } 1011 ieee80211_iter_keys(struct ieee80211_hw * hw,struct ieee80211_vif * vif,void (* iter)(struct ieee80211_hw * hw,struct ieee80211_vif * vif,struct ieee80211_sta * sta,struct ieee80211_key_conf * key,void * data),void * iter_data)1012 void ieee80211_iter_keys(struct ieee80211_hw *hw, 1013 struct ieee80211_vif *vif, 1014 void (*iter)(struct ieee80211_hw *hw, 1015 struct ieee80211_vif *vif, 1016 struct ieee80211_sta *sta, 1017 struct ieee80211_key_conf *key, 1018 void *data), 1019 void *iter_data) 1020 { 1021 struct ieee80211_local *local = hw_to_local(hw); 1022 struct ieee80211_key *key, *tmp; 1023 struct ieee80211_sub_if_data *sdata; 1024 1025 lockdep_assert_wiphy(hw->wiphy); 1026 1027 mutex_lock(&local->key_mtx); 1028 if (vif) { 1029 sdata = vif_to_sdata(vif); 1030 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) 1031 ieee80211_key_iter(hw, vif, key, iter, iter_data); 1032 } else { 1033 list_for_each_entry(sdata, &local->interfaces, list) 1034 list_for_each_entry_safe(key, tmp, 1035 &sdata->key_list, list) 1036 ieee80211_key_iter(hw, &sdata->vif, key, 1037 iter, iter_data); 1038 } 1039 mutex_unlock(&local->key_mtx); 1040 } 1041 EXPORT_SYMBOL(ieee80211_iter_keys); 1042 1043 static void _ieee80211_iter_keys_rcu(struct ieee80211_hw * hw,struct ieee80211_sub_if_data * sdata,void (* iter)(struct ieee80211_hw * hw,struct ieee80211_vif * vif,struct ieee80211_sta * sta,struct ieee80211_key_conf * key,void * data),void * iter_data)1044 _ieee80211_iter_keys_rcu(struct ieee80211_hw *hw, 1045 struct ieee80211_sub_if_data *sdata, 1046 void (*iter)(struct ieee80211_hw *hw, 1047 struct ieee80211_vif *vif, 1048 struct ieee80211_sta *sta, 1049 struct ieee80211_key_conf *key, 1050 void *data), 1051 void *iter_data) 1052 { 1053 struct ieee80211_key *key; 1054 1055 list_for_each_entry_rcu(key, &sdata->key_list, list) 1056 ieee80211_key_iter(hw, &sdata->vif, key, iter, iter_data); 1057 } 1058 ieee80211_iter_keys_rcu(struct ieee80211_hw * hw,struct ieee80211_vif * vif,void (* iter)(struct ieee80211_hw * hw,struct ieee80211_vif * vif,struct ieee80211_sta * sta,struct ieee80211_key_conf * key,void * data),void * iter_data)1059 void ieee80211_iter_keys_rcu(struct ieee80211_hw *hw, 1060 struct ieee80211_vif *vif, 1061 void (*iter)(struct ieee80211_hw *hw, 1062 struct ieee80211_vif *vif, 1063 struct ieee80211_sta *sta, 1064 struct ieee80211_key_conf *key, 1065 void *data), 1066 void *iter_data) 1067 { 1068 struct ieee80211_local *local = hw_to_local(hw); 1069 struct ieee80211_sub_if_data *sdata; 1070 1071 if (vif) { 1072 sdata = vif_to_sdata(vif); 1073 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data); 1074 } else { 1075 list_for_each_entry_rcu(sdata, &local->interfaces, list) 1076 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data); 1077 } 1078 } 1079 EXPORT_SYMBOL(ieee80211_iter_keys_rcu); 1080 ieee80211_free_keys_iface(struct ieee80211_sub_if_data * sdata,struct list_head * keys)1081 static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata, 1082 struct list_head *keys) 1083 { 1084 struct ieee80211_key *key, *tmp; 1085 1086 decrease_tailroom_need_count(sdata, 1087 sdata->crypto_tx_tailroom_pending_dec); 1088 sdata->crypto_tx_tailroom_pending_dec = 0; 1089 1090 ieee80211_debugfs_key_remove_mgmt_default(sdata); 1091 ieee80211_debugfs_key_remove_beacon_default(sdata); 1092 1093 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) { 1094 ieee80211_key_replace(key->sdata, NULL, key->sta, 1095 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1096 key, NULL); 1097 list_add_tail(&key->list, keys); 1098 } 1099 1100 ieee80211_debugfs_key_update_default(sdata); 1101 } 1102 ieee80211_remove_link_keys(struct ieee80211_link_data * link,struct list_head * keys)1103 void ieee80211_remove_link_keys(struct ieee80211_link_data *link, 1104 struct list_head *keys) 1105 { 1106 struct ieee80211_sub_if_data *sdata = link->sdata; 1107 struct ieee80211_local *local = sdata->local; 1108 struct ieee80211_key *key, *tmp; 1109 1110 mutex_lock(&local->key_mtx); 1111 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) { 1112 if (key->conf.link_id != link->link_id) 1113 continue; 1114 ieee80211_key_replace(key->sdata, link, key->sta, 1115 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1116 key, NULL); 1117 list_add_tail(&key->list, keys); 1118 } 1119 mutex_unlock(&local->key_mtx); 1120 } 1121 ieee80211_free_key_list(struct ieee80211_local * local,struct list_head * keys)1122 void ieee80211_free_key_list(struct ieee80211_local *local, 1123 struct list_head *keys) 1124 { 1125 struct ieee80211_key *key, *tmp; 1126 1127 mutex_lock(&local->key_mtx); 1128 list_for_each_entry_safe(key, tmp, keys, list) 1129 __ieee80211_key_destroy(key, false); 1130 mutex_unlock(&local->key_mtx); 1131 } 1132 ieee80211_free_keys(struct ieee80211_sub_if_data * sdata,bool force_synchronize)1133 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata, 1134 bool force_synchronize) 1135 { 1136 struct ieee80211_local *local = sdata->local; 1137 struct ieee80211_sub_if_data *vlan; 1138 struct ieee80211_sub_if_data *master; 1139 struct ieee80211_key *key, *tmp; 1140 LIST_HEAD(keys); 1141 1142 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk); 1143 1144 mutex_lock(&local->key_mtx); 1145 1146 ieee80211_free_keys_iface(sdata, &keys); 1147 1148 if (sdata->vif.type == NL80211_IFTYPE_AP) { 1149 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 1150 ieee80211_free_keys_iface(vlan, &keys); 1151 } 1152 1153 if (!list_empty(&keys) || force_synchronize) 1154 synchronize_net(); 1155 list_for_each_entry_safe(key, tmp, &keys, list) 1156 __ieee80211_key_destroy(key, false); 1157 1158 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 1159 if (sdata->bss) { 1160 master = container_of(sdata->bss, 1161 struct ieee80211_sub_if_data, 1162 u.ap); 1163 1164 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt != 1165 master->crypto_tx_tailroom_needed_cnt); 1166 } 1167 } else { 1168 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt || 1169 sdata->crypto_tx_tailroom_pending_dec); 1170 } 1171 1172 if (sdata->vif.type == NL80211_IFTYPE_AP) { 1173 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 1174 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt || 1175 vlan->crypto_tx_tailroom_pending_dec); 1176 } 1177 1178 mutex_unlock(&local->key_mtx); 1179 } 1180 ieee80211_free_sta_keys(struct ieee80211_local * local,struct sta_info * sta)1181 void ieee80211_free_sta_keys(struct ieee80211_local *local, 1182 struct sta_info *sta) 1183 { 1184 struct ieee80211_key *key; 1185 int i; 1186 1187 mutex_lock(&local->key_mtx); 1188 for (i = 0; i < ARRAY_SIZE(sta->deflink.gtk); i++) { 1189 key = key_mtx_dereference(local, sta->deflink.gtk[i]); 1190 if (!key) 1191 continue; 1192 ieee80211_key_replace(key->sdata, NULL, key->sta, 1193 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1194 key, NULL); 1195 __ieee80211_key_destroy(key, key->sdata->vif.type == 1196 NL80211_IFTYPE_STATION); 1197 } 1198 1199 for (i = 0; i < NUM_DEFAULT_KEYS; i++) { 1200 key = key_mtx_dereference(local, sta->ptk[i]); 1201 if (!key) 1202 continue; 1203 ieee80211_key_replace(key->sdata, NULL, key->sta, 1204 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1205 key, NULL); 1206 __ieee80211_key_destroy(key, key->sdata->vif.type == 1207 NL80211_IFTYPE_STATION); 1208 } 1209 1210 mutex_unlock(&local->key_mtx); 1211 } 1212 ieee80211_delayed_tailroom_dec(struct work_struct * wk)1213 void ieee80211_delayed_tailroom_dec(struct work_struct *wk) 1214 { 1215 struct ieee80211_sub_if_data *sdata; 1216 1217 sdata = container_of(wk, struct ieee80211_sub_if_data, 1218 dec_tailroom_needed_wk.work); 1219 1220 /* 1221 * The reason for the delayed tailroom needed decrementing is to 1222 * make roaming faster: during roaming, all keys are first deleted 1223 * and then new keys are installed. The first new key causes the 1224 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes 1225 * the cost of synchronize_net() (which can be slow). Avoid this 1226 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on 1227 * key removal for a while, so if we roam the value is larger than 1228 * zero and no 0->1 transition happens. 1229 * 1230 * The cost is that if the AP switching was from an AP with keys 1231 * to one without, we still allocate tailroom while it would no 1232 * longer be needed. However, in the typical (fast) roaming case 1233 * within an ESS this usually won't happen. 1234 */ 1235 1236 mutex_lock(&sdata->local->key_mtx); 1237 decrease_tailroom_need_count(sdata, 1238 sdata->crypto_tx_tailroom_pending_dec); 1239 sdata->crypto_tx_tailroom_pending_dec = 0; 1240 mutex_unlock(&sdata->local->key_mtx); 1241 } 1242 ieee80211_gtk_rekey_notify(struct ieee80211_vif * vif,const u8 * bssid,const u8 * replay_ctr,gfp_t gfp)1243 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid, 1244 const u8 *replay_ctr, gfp_t gfp) 1245 { 1246 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1247 1248 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr); 1249 1250 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp); 1251 } 1252 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify); 1253 ieee80211_get_key_rx_seq(struct ieee80211_key_conf * keyconf,int tid,struct ieee80211_key_seq * seq)1254 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf, 1255 int tid, struct ieee80211_key_seq *seq) 1256 { 1257 struct ieee80211_key *key; 1258 const u8 *pn; 1259 1260 key = container_of(keyconf, struct ieee80211_key, conf); 1261 1262 switch (key->conf.cipher) { 1263 case WLAN_CIPHER_SUITE_TKIP: 1264 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 1265 return; 1266 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32; 1267 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16; 1268 break; 1269 case WLAN_CIPHER_SUITE_CCMP: 1270 case WLAN_CIPHER_SUITE_CCMP_256: 1271 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1272 return; 1273 if (tid < 0) 1274 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 1275 else 1276 pn = key->u.ccmp.rx_pn[tid]; 1277 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN); 1278 break; 1279 case WLAN_CIPHER_SUITE_AES_CMAC: 1280 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1281 if (WARN_ON(tid != 0)) 1282 return; 1283 pn = key->u.aes_cmac.rx_pn; 1284 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN); 1285 break; 1286 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1287 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1288 if (WARN_ON(tid != 0)) 1289 return; 1290 pn = key->u.aes_gmac.rx_pn; 1291 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN); 1292 break; 1293 case WLAN_CIPHER_SUITE_GCMP: 1294 case WLAN_CIPHER_SUITE_GCMP_256: 1295 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1296 return; 1297 if (tid < 0) 1298 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 1299 else 1300 pn = key->u.gcmp.rx_pn[tid]; 1301 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN); 1302 break; 1303 } 1304 } 1305 EXPORT_SYMBOL(ieee80211_get_key_rx_seq); 1306 ieee80211_set_key_rx_seq(struct ieee80211_key_conf * keyconf,int tid,struct ieee80211_key_seq * seq)1307 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf, 1308 int tid, struct ieee80211_key_seq *seq) 1309 { 1310 struct ieee80211_key *key; 1311 u8 *pn; 1312 1313 key = container_of(keyconf, struct ieee80211_key, conf); 1314 1315 switch (key->conf.cipher) { 1316 case WLAN_CIPHER_SUITE_TKIP: 1317 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 1318 return; 1319 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32; 1320 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16; 1321 break; 1322 case WLAN_CIPHER_SUITE_CCMP: 1323 case WLAN_CIPHER_SUITE_CCMP_256: 1324 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1325 return; 1326 if (tid < 0) 1327 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 1328 else 1329 pn = key->u.ccmp.rx_pn[tid]; 1330 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN); 1331 break; 1332 case WLAN_CIPHER_SUITE_AES_CMAC: 1333 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1334 if (WARN_ON(tid != 0)) 1335 return; 1336 pn = key->u.aes_cmac.rx_pn; 1337 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN); 1338 break; 1339 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1340 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1341 if (WARN_ON(tid != 0)) 1342 return; 1343 pn = key->u.aes_gmac.rx_pn; 1344 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN); 1345 break; 1346 case WLAN_CIPHER_SUITE_GCMP: 1347 case WLAN_CIPHER_SUITE_GCMP_256: 1348 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1349 return; 1350 if (tid < 0) 1351 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 1352 else 1353 pn = key->u.gcmp.rx_pn[tid]; 1354 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN); 1355 break; 1356 default: 1357 WARN_ON(1); 1358 break; 1359 } 1360 } 1361 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq); 1362 ieee80211_remove_key(struct ieee80211_key_conf * keyconf)1363 void ieee80211_remove_key(struct ieee80211_key_conf *keyconf) 1364 { 1365 struct ieee80211_key *key; 1366 1367 key = container_of(keyconf, struct ieee80211_key, conf); 1368 1369 assert_key_lock(key->local); 1370 1371 /* 1372 * if key was uploaded, we assume the driver will/has remove(d) 1373 * it, so adjust bookkeeping accordingly 1374 */ 1375 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 1376 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 1377 1378 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 1379 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 1380 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 1381 increment_tailroom_need_count(key->sdata); 1382 } 1383 1384 ieee80211_key_free(key, false); 1385 } 1386 EXPORT_SYMBOL_GPL(ieee80211_remove_key); 1387 1388 struct ieee80211_key_conf * ieee80211_gtk_rekey_add(struct ieee80211_vif * vif,struct ieee80211_key_conf * keyconf)1389 ieee80211_gtk_rekey_add(struct ieee80211_vif *vif, 1390 struct ieee80211_key_conf *keyconf) 1391 { 1392 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1393 struct ieee80211_local *local = sdata->local; 1394 struct ieee80211_key *key; 1395 int err; 1396 1397 if (WARN_ON(!local->wowlan)) 1398 return ERR_PTR(-EINVAL); 1399 1400 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION)) 1401 return ERR_PTR(-EINVAL); 1402 1403 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx, 1404 keyconf->keylen, keyconf->key, 1405 0, NULL); 1406 if (IS_ERR(key)) 1407 return ERR_CAST(key); 1408 1409 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED) 1410 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT; 1411 1412 /* FIXME: this function needs to get a link ID */ 1413 err = ieee80211_key_link(key, &sdata->deflink, NULL); 1414 if (err) 1415 return ERR_PTR(err); 1416 1417 return &key->conf; 1418 } 1419 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add); 1420 ieee80211_key_mic_failure(struct ieee80211_key_conf * keyconf)1421 void ieee80211_key_mic_failure(struct ieee80211_key_conf *keyconf) 1422 { 1423 struct ieee80211_key *key; 1424 1425 key = container_of(keyconf, struct ieee80211_key, conf); 1426 1427 switch (key->conf.cipher) { 1428 case WLAN_CIPHER_SUITE_AES_CMAC: 1429 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1430 key->u.aes_cmac.icverrors++; 1431 break; 1432 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1433 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1434 key->u.aes_gmac.icverrors++; 1435 break; 1436 default: 1437 /* ignore the others for now, we don't keep counters now */ 1438 break; 1439 } 1440 } 1441 EXPORT_SYMBOL_GPL(ieee80211_key_mic_failure); 1442 ieee80211_key_replay(struct ieee80211_key_conf * keyconf)1443 void ieee80211_key_replay(struct ieee80211_key_conf *keyconf) 1444 { 1445 struct ieee80211_key *key; 1446 1447 key = container_of(keyconf, struct ieee80211_key, conf); 1448 1449 switch (key->conf.cipher) { 1450 case WLAN_CIPHER_SUITE_CCMP: 1451 case WLAN_CIPHER_SUITE_CCMP_256: 1452 key->u.ccmp.replays++; 1453 break; 1454 case WLAN_CIPHER_SUITE_AES_CMAC: 1455 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1456 key->u.aes_cmac.replays++; 1457 break; 1458 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1459 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1460 key->u.aes_gmac.replays++; 1461 break; 1462 case WLAN_CIPHER_SUITE_GCMP: 1463 case WLAN_CIPHER_SUITE_GCMP_256: 1464 key->u.gcmp.replays++; 1465 break; 1466 } 1467 } 1468 EXPORT_SYMBOL_GPL(ieee80211_key_replay); 1469 ieee80211_key_switch_links(struct ieee80211_sub_if_data * sdata,unsigned long del_links_mask,unsigned long add_links_mask)1470 int ieee80211_key_switch_links(struct ieee80211_sub_if_data *sdata, 1471 unsigned long del_links_mask, 1472 unsigned long add_links_mask) 1473 { 1474 struct ieee80211_key *key; 1475 int ret; 1476 1477 list_for_each_entry(key, &sdata->key_list, list) { 1478 if (key->conf.link_id < 0 || 1479 !(del_links_mask & BIT(key->conf.link_id))) 1480 continue; 1481 1482 /* shouldn't happen for per-link keys */ 1483 WARN_ON(key->sta); 1484 1485 ieee80211_key_disable_hw_accel(key); 1486 } 1487 1488 list_for_each_entry(key, &sdata->key_list, list) { 1489 if (key->conf.link_id < 0 || 1490 !(add_links_mask & BIT(key->conf.link_id))) 1491 continue; 1492 1493 /* shouldn't happen for per-link keys */ 1494 WARN_ON(key->sta); 1495 1496 ret = ieee80211_key_enable_hw_accel(key); 1497 if (ret) 1498 return ret; 1499 } 1500 1501 return 0; 1502 } 1503