1 /* 2 * Copyright 2002-2005, Instant802 Networks, Inc. 3 * Copyright 2005-2006, Devicescape Software, Inc. 4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net> 6 * Copyright 2013-2014 Intel Mobile Communications GmbH 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License version 2 as 10 * published by the Free Software Foundation. 11 */ 12 13 #include <linux/if_ether.h> 14 #include <linux/etherdevice.h> 15 #include <linux/list.h> 16 #include <linux/rcupdate.h> 17 #include <linux/rtnetlink.h> 18 #include <linux/slab.h> 19 #include <linux/export.h> 20 #include <net/mac80211.h> 21 #include <asm/unaligned.h> 22 #include "ieee80211_i.h" 23 #include "driver-ops.h" 24 #include "debugfs_key.h" 25 #include "aes_ccm.h" 26 #include "aes_cmac.h" 27 #include "aes_gmac.h" 28 #include "aes_gcm.h" 29 30 31 /** 32 * DOC: Key handling basics 33 * 34 * Key handling in mac80211 is done based on per-interface (sub_if_data) 35 * keys and per-station keys. Since each station belongs to an interface, 36 * each station key also belongs to that interface. 37 * 38 * Hardware acceleration is done on a best-effort basis for algorithms 39 * that are implemented in software, for each key the hardware is asked 40 * to enable that key for offloading but if it cannot do that the key is 41 * simply kept for software encryption (unless it is for an algorithm 42 * that isn't implemented in software). 43 * There is currently no way of knowing whether a key is handled in SW 44 * or HW except by looking into debugfs. 45 * 46 * All key management is internally protected by a mutex. Within all 47 * other parts of mac80211, key references are, just as STA structure 48 * references, protected by RCU. Note, however, that some things are 49 * unprotected, namely the key->sta dereferences within the hardware 50 * acceleration functions. This means that sta_info_destroy() must 51 * remove the key which waits for an RCU grace period. 52 */ 53 54 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 55 56 static void assert_key_lock(struct ieee80211_local *local) 57 { 58 lockdep_assert_held(&local->key_mtx); 59 } 60 61 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata) 62 { 63 /* 64 * When this count is zero, SKB resizing for allocating tailroom 65 * for IV or MMIC is skipped. But, this check has created two race 66 * cases in xmit path while transiting from zero count to one: 67 * 68 * 1. SKB resize was skipped because no key was added but just before 69 * the xmit key is added and SW encryption kicks off. 70 * 71 * 2. SKB resize was skipped because all the keys were hw planted but 72 * just before xmit one of the key is deleted and SW encryption kicks 73 * off. 74 * 75 * In both the above case SW encryption will find not enough space for 76 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c) 77 * 78 * Solution has been explained at 79 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net 80 */ 81 82 if (!sdata->crypto_tx_tailroom_needed_cnt++) { 83 /* 84 * Flush all XMIT packets currently using HW encryption or no 85 * encryption at all if the count transition is from 0 -> 1. 86 */ 87 synchronize_net(); 88 } 89 } 90 91 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key) 92 { 93 struct ieee80211_sub_if_data *sdata; 94 struct sta_info *sta; 95 int ret = -EOPNOTSUPP; 96 97 might_sleep(); 98 99 if (key->flags & KEY_FLAG_TAINTED) { 100 /* If we get here, it's during resume and the key is 101 * tainted so shouldn't be used/programmed any more. 102 * However, its flags may still indicate that it was 103 * programmed into the device (since we're in resume) 104 * so clear that flag now to avoid trying to remove 105 * it again later. 106 */ 107 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 108 return -EINVAL; 109 } 110 111 if (!key->local->ops->set_key) 112 goto out_unsupported; 113 114 assert_key_lock(key->local); 115 116 sta = key->sta; 117 118 /* 119 * If this is a per-STA GTK, check if it 120 * is supported; if not, return. 121 */ 122 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) && 123 !(key->local->hw.flags & IEEE80211_HW_SUPPORTS_PER_STA_GTK)) 124 goto out_unsupported; 125 126 if (sta && !sta->uploaded) 127 goto out_unsupported; 128 129 sdata = key->sdata; 130 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 131 /* 132 * The driver doesn't know anything about VLAN interfaces. 133 * Hence, don't send GTKs for VLAN interfaces to the driver. 134 */ 135 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) 136 goto out_unsupported; 137 } 138 139 ret = drv_set_key(key->local, SET_KEY, sdata, 140 sta ? &sta->sta : NULL, &key->conf); 141 142 if (!ret) { 143 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; 144 145 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 146 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 147 sdata->crypto_tx_tailroom_needed_cnt--; 148 149 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) && 150 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)); 151 152 return 0; 153 } 154 155 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1) 156 sdata_err(sdata, 157 "failed to set key (%d, %pM) to hardware (%d)\n", 158 key->conf.keyidx, 159 sta ? sta->sta.addr : bcast_addr, ret); 160 161 out_unsupported: 162 switch (key->conf.cipher) { 163 case WLAN_CIPHER_SUITE_WEP40: 164 case WLAN_CIPHER_SUITE_WEP104: 165 case WLAN_CIPHER_SUITE_TKIP: 166 case WLAN_CIPHER_SUITE_CCMP: 167 case WLAN_CIPHER_SUITE_CCMP_256: 168 case WLAN_CIPHER_SUITE_AES_CMAC: 169 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 170 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 171 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 172 case WLAN_CIPHER_SUITE_GCMP: 173 case WLAN_CIPHER_SUITE_GCMP_256: 174 /* all of these we can do in software - if driver can */ 175 if (ret == 1) 176 return 0; 177 if (key->local->hw.flags & IEEE80211_HW_SW_CRYPTO_CONTROL) 178 return -EINVAL; 179 return 0; 180 default: 181 return -EINVAL; 182 } 183 } 184 185 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key) 186 { 187 struct ieee80211_sub_if_data *sdata; 188 struct sta_info *sta; 189 int ret; 190 191 might_sleep(); 192 193 if (!key || !key->local->ops->set_key) 194 return; 195 196 assert_key_lock(key->local); 197 198 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 199 return; 200 201 sta = key->sta; 202 sdata = key->sdata; 203 204 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 205 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 206 increment_tailroom_need_count(sdata); 207 208 ret = drv_set_key(key->local, DISABLE_KEY, sdata, 209 sta ? &sta->sta : NULL, &key->conf); 210 211 if (ret) 212 sdata_err(sdata, 213 "failed to remove key (%d, %pM) from hardware (%d)\n", 214 key->conf.keyidx, 215 sta ? sta->sta.addr : bcast_addr, ret); 216 217 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 218 } 219 220 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, 221 int idx, bool uni, bool multi) 222 { 223 struct ieee80211_key *key = NULL; 224 225 assert_key_lock(sdata->local); 226 227 if (idx >= 0 && idx < NUM_DEFAULT_KEYS) 228 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 229 230 if (uni) { 231 rcu_assign_pointer(sdata->default_unicast_key, key); 232 drv_set_default_unicast_key(sdata->local, sdata, idx); 233 } 234 235 if (multi) 236 rcu_assign_pointer(sdata->default_multicast_key, key); 237 238 ieee80211_debugfs_key_update_default(sdata); 239 } 240 241 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx, 242 bool uni, bool multi) 243 { 244 mutex_lock(&sdata->local->key_mtx); 245 __ieee80211_set_default_key(sdata, idx, uni, multi); 246 mutex_unlock(&sdata->local->key_mtx); 247 } 248 249 static void 250 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx) 251 { 252 struct ieee80211_key *key = NULL; 253 254 assert_key_lock(sdata->local); 255 256 if (idx >= NUM_DEFAULT_KEYS && 257 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) 258 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 259 260 rcu_assign_pointer(sdata->default_mgmt_key, key); 261 262 ieee80211_debugfs_key_update_default(sdata); 263 } 264 265 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, 266 int idx) 267 { 268 mutex_lock(&sdata->local->key_mtx); 269 __ieee80211_set_default_mgmt_key(sdata, idx); 270 mutex_unlock(&sdata->local->key_mtx); 271 } 272 273 274 static void ieee80211_key_replace(struct ieee80211_sub_if_data *sdata, 275 struct sta_info *sta, 276 bool pairwise, 277 struct ieee80211_key *old, 278 struct ieee80211_key *new) 279 { 280 int idx; 281 bool defunikey, defmultikey, defmgmtkey; 282 283 /* caller must provide at least one old/new */ 284 if (WARN_ON(!new && !old)) 285 return; 286 287 if (new) 288 list_add_tail(&new->list, &sdata->key_list); 289 290 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx); 291 292 if (old) 293 idx = old->conf.keyidx; 294 else 295 idx = new->conf.keyidx; 296 297 if (sta) { 298 if (pairwise) { 299 rcu_assign_pointer(sta->ptk[idx], new); 300 sta->ptk_idx = idx; 301 } else { 302 rcu_assign_pointer(sta->gtk[idx], new); 303 sta->gtk_idx = idx; 304 } 305 } else { 306 defunikey = old && 307 old == key_mtx_dereference(sdata->local, 308 sdata->default_unicast_key); 309 defmultikey = old && 310 old == key_mtx_dereference(sdata->local, 311 sdata->default_multicast_key); 312 defmgmtkey = old && 313 old == key_mtx_dereference(sdata->local, 314 sdata->default_mgmt_key); 315 316 if (defunikey && !new) 317 __ieee80211_set_default_key(sdata, -1, true, false); 318 if (defmultikey && !new) 319 __ieee80211_set_default_key(sdata, -1, false, true); 320 if (defmgmtkey && !new) 321 __ieee80211_set_default_mgmt_key(sdata, -1); 322 323 rcu_assign_pointer(sdata->keys[idx], new); 324 if (defunikey && new) 325 __ieee80211_set_default_key(sdata, new->conf.keyidx, 326 true, false); 327 if (defmultikey && new) 328 __ieee80211_set_default_key(sdata, new->conf.keyidx, 329 false, true); 330 if (defmgmtkey && new) 331 __ieee80211_set_default_mgmt_key(sdata, 332 new->conf.keyidx); 333 } 334 335 if (old) 336 list_del(&old->list); 337 } 338 339 struct ieee80211_key * 340 ieee80211_key_alloc(u32 cipher, int idx, size_t key_len, 341 const u8 *key_data, 342 size_t seq_len, const u8 *seq, 343 const struct ieee80211_cipher_scheme *cs) 344 { 345 struct ieee80211_key *key; 346 int i, j, err; 347 348 if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)) 349 return ERR_PTR(-EINVAL); 350 351 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL); 352 if (!key) 353 return ERR_PTR(-ENOMEM); 354 355 /* 356 * Default to software encryption; we'll later upload the 357 * key to the hardware if possible. 358 */ 359 key->conf.flags = 0; 360 key->flags = 0; 361 362 key->conf.cipher = cipher; 363 key->conf.keyidx = idx; 364 key->conf.keylen = key_len; 365 switch (cipher) { 366 case WLAN_CIPHER_SUITE_WEP40: 367 case WLAN_CIPHER_SUITE_WEP104: 368 key->conf.iv_len = IEEE80211_WEP_IV_LEN; 369 key->conf.icv_len = IEEE80211_WEP_ICV_LEN; 370 break; 371 case WLAN_CIPHER_SUITE_TKIP: 372 key->conf.iv_len = IEEE80211_TKIP_IV_LEN; 373 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN; 374 if (seq) { 375 for (i = 0; i < IEEE80211_NUM_TIDS; i++) { 376 key->u.tkip.rx[i].iv32 = 377 get_unaligned_le32(&seq[2]); 378 key->u.tkip.rx[i].iv16 = 379 get_unaligned_le16(seq); 380 } 381 } 382 spin_lock_init(&key->u.tkip.txlock); 383 break; 384 case WLAN_CIPHER_SUITE_CCMP: 385 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN; 386 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN; 387 if (seq) { 388 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 389 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++) 390 key->u.ccmp.rx_pn[i][j] = 391 seq[IEEE80211_CCMP_PN_LEN - j - 1]; 392 } 393 /* 394 * Initialize AES key state here as an optimization so that 395 * it does not need to be initialized for every packet. 396 */ 397 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 398 key_data, key_len, IEEE80211_CCMP_MIC_LEN); 399 if (IS_ERR(key->u.ccmp.tfm)) { 400 err = PTR_ERR(key->u.ccmp.tfm); 401 kfree(key); 402 return ERR_PTR(err); 403 } 404 break; 405 case WLAN_CIPHER_SUITE_CCMP_256: 406 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN; 407 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN; 408 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 409 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++) 410 key->u.ccmp.rx_pn[i][j] = 411 seq[IEEE80211_CCMP_256_PN_LEN - j - 1]; 412 /* Initialize AES key state here as an optimization so that 413 * it does not need to be initialized for every packet. 414 */ 415 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 416 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN); 417 if (IS_ERR(key->u.ccmp.tfm)) { 418 err = PTR_ERR(key->u.ccmp.tfm); 419 kfree(key); 420 return ERR_PTR(err); 421 } 422 break; 423 case WLAN_CIPHER_SUITE_AES_CMAC: 424 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 425 key->conf.iv_len = 0; 426 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC) 427 key->conf.icv_len = sizeof(struct ieee80211_mmie); 428 else 429 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 430 if (seq) 431 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++) 432 key->u.aes_cmac.rx_pn[j] = 433 seq[IEEE80211_CMAC_PN_LEN - j - 1]; 434 /* 435 * Initialize AES key state here as an optimization so that 436 * it does not need to be initialized for every packet. 437 */ 438 key->u.aes_cmac.tfm = 439 ieee80211_aes_cmac_key_setup(key_data, key_len); 440 if (IS_ERR(key->u.aes_cmac.tfm)) { 441 err = PTR_ERR(key->u.aes_cmac.tfm); 442 kfree(key); 443 return ERR_PTR(err); 444 } 445 break; 446 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 447 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 448 key->conf.iv_len = 0; 449 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 450 if (seq) 451 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++) 452 key->u.aes_gmac.rx_pn[j] = 453 seq[IEEE80211_GMAC_PN_LEN - j - 1]; 454 /* Initialize AES key state here as an optimization so that 455 * it does not need to be initialized for every packet. 456 */ 457 key->u.aes_gmac.tfm = 458 ieee80211_aes_gmac_key_setup(key_data, key_len); 459 if (IS_ERR(key->u.aes_gmac.tfm)) { 460 err = PTR_ERR(key->u.aes_gmac.tfm); 461 kfree(key); 462 return ERR_PTR(err); 463 } 464 break; 465 case WLAN_CIPHER_SUITE_GCMP: 466 case WLAN_CIPHER_SUITE_GCMP_256: 467 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN; 468 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN; 469 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 470 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++) 471 key->u.gcmp.rx_pn[i][j] = 472 seq[IEEE80211_GCMP_PN_LEN - j - 1]; 473 /* Initialize AES key state here as an optimization so that 474 * it does not need to be initialized for every packet. 475 */ 476 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data, 477 key_len); 478 if (IS_ERR(key->u.gcmp.tfm)) { 479 err = PTR_ERR(key->u.gcmp.tfm); 480 kfree(key); 481 return ERR_PTR(err); 482 } 483 break; 484 default: 485 if (cs) { 486 size_t len = (seq_len > MAX_PN_LEN) ? 487 MAX_PN_LEN : seq_len; 488 489 key->conf.iv_len = cs->hdr_len; 490 key->conf.icv_len = cs->mic_len; 491 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 492 for (j = 0; j < len; j++) 493 key->u.gen.rx_pn[i][j] = 494 seq[len - j - 1]; 495 } 496 } 497 memcpy(key->conf.key, key_data, key_len); 498 INIT_LIST_HEAD(&key->list); 499 500 return key; 501 } 502 503 static void ieee80211_key_free_common(struct ieee80211_key *key) 504 { 505 switch (key->conf.cipher) { 506 case WLAN_CIPHER_SUITE_CCMP: 507 case WLAN_CIPHER_SUITE_CCMP_256: 508 ieee80211_aes_key_free(key->u.ccmp.tfm); 509 break; 510 case WLAN_CIPHER_SUITE_AES_CMAC: 511 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 512 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm); 513 break; 514 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 515 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 516 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm); 517 break; 518 case WLAN_CIPHER_SUITE_GCMP: 519 case WLAN_CIPHER_SUITE_GCMP_256: 520 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm); 521 break; 522 } 523 kzfree(key); 524 } 525 526 static void __ieee80211_key_destroy(struct ieee80211_key *key, 527 bool delay_tailroom) 528 { 529 if (key->local) 530 ieee80211_key_disable_hw_accel(key); 531 532 if (key->local) { 533 struct ieee80211_sub_if_data *sdata = key->sdata; 534 535 ieee80211_debugfs_key_remove(key); 536 537 if (delay_tailroom) { 538 /* see ieee80211_delayed_tailroom_dec */ 539 sdata->crypto_tx_tailroom_pending_dec++; 540 schedule_delayed_work(&sdata->dec_tailroom_needed_wk, 541 HZ/2); 542 } else { 543 sdata->crypto_tx_tailroom_needed_cnt--; 544 } 545 } 546 547 ieee80211_key_free_common(key); 548 } 549 550 static void ieee80211_key_destroy(struct ieee80211_key *key, 551 bool delay_tailroom) 552 { 553 if (!key) 554 return; 555 556 /* 557 * Synchronize so the TX path can no longer be using 558 * this key before we free/remove it. 559 */ 560 synchronize_net(); 561 562 __ieee80211_key_destroy(key, delay_tailroom); 563 } 564 565 void ieee80211_key_free_unused(struct ieee80211_key *key) 566 { 567 WARN_ON(key->sdata || key->local); 568 ieee80211_key_free_common(key); 569 } 570 571 int ieee80211_key_link(struct ieee80211_key *key, 572 struct ieee80211_sub_if_data *sdata, 573 struct sta_info *sta) 574 { 575 struct ieee80211_local *local = sdata->local; 576 struct ieee80211_key *old_key; 577 int idx, ret; 578 bool pairwise; 579 580 pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE; 581 idx = key->conf.keyidx; 582 key->local = sdata->local; 583 key->sdata = sdata; 584 key->sta = sta; 585 586 mutex_lock(&sdata->local->key_mtx); 587 588 if (sta && pairwise) 589 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]); 590 else if (sta) 591 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]); 592 else 593 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 594 595 increment_tailroom_need_count(sdata); 596 597 ieee80211_key_replace(sdata, sta, pairwise, old_key, key); 598 ieee80211_key_destroy(old_key, true); 599 600 ieee80211_debugfs_key_add(key); 601 602 if (!local->wowlan) { 603 ret = ieee80211_key_enable_hw_accel(key); 604 if (ret) 605 ieee80211_key_free(key, true); 606 } else { 607 ret = 0; 608 } 609 610 mutex_unlock(&sdata->local->key_mtx); 611 612 return ret; 613 } 614 615 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom) 616 { 617 if (!key) 618 return; 619 620 /* 621 * Replace key with nothingness if it was ever used. 622 */ 623 if (key->sdata) 624 ieee80211_key_replace(key->sdata, key->sta, 625 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 626 key, NULL); 627 ieee80211_key_destroy(key, delay_tailroom); 628 } 629 630 void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata) 631 { 632 struct ieee80211_key *key; 633 634 ASSERT_RTNL(); 635 636 if (WARN_ON(!ieee80211_sdata_running(sdata))) 637 return; 638 639 mutex_lock(&sdata->local->key_mtx); 640 641 sdata->crypto_tx_tailroom_needed_cnt = 0; 642 643 list_for_each_entry(key, &sdata->key_list, list) { 644 increment_tailroom_need_count(sdata); 645 ieee80211_key_enable_hw_accel(key); 646 } 647 648 mutex_unlock(&sdata->local->key_mtx); 649 } 650 651 void ieee80211_iter_keys(struct ieee80211_hw *hw, 652 struct ieee80211_vif *vif, 653 void (*iter)(struct ieee80211_hw *hw, 654 struct ieee80211_vif *vif, 655 struct ieee80211_sta *sta, 656 struct ieee80211_key_conf *key, 657 void *data), 658 void *iter_data) 659 { 660 struct ieee80211_local *local = hw_to_local(hw); 661 struct ieee80211_key *key, *tmp; 662 struct ieee80211_sub_if_data *sdata; 663 664 ASSERT_RTNL(); 665 666 mutex_lock(&local->key_mtx); 667 if (vif) { 668 sdata = vif_to_sdata(vif); 669 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) 670 iter(hw, &sdata->vif, 671 key->sta ? &key->sta->sta : NULL, 672 &key->conf, iter_data); 673 } else { 674 list_for_each_entry(sdata, &local->interfaces, list) 675 list_for_each_entry_safe(key, tmp, 676 &sdata->key_list, list) 677 iter(hw, &sdata->vif, 678 key->sta ? &key->sta->sta : NULL, 679 &key->conf, iter_data); 680 } 681 mutex_unlock(&local->key_mtx); 682 } 683 EXPORT_SYMBOL(ieee80211_iter_keys); 684 685 static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata, 686 struct list_head *keys) 687 { 688 struct ieee80211_key *key, *tmp; 689 690 sdata->crypto_tx_tailroom_needed_cnt -= 691 sdata->crypto_tx_tailroom_pending_dec; 692 sdata->crypto_tx_tailroom_pending_dec = 0; 693 694 ieee80211_debugfs_key_remove_mgmt_default(sdata); 695 696 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) { 697 ieee80211_key_replace(key->sdata, key->sta, 698 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 699 key, NULL); 700 list_add_tail(&key->list, keys); 701 } 702 703 ieee80211_debugfs_key_update_default(sdata); 704 } 705 706 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata, 707 bool force_synchronize) 708 { 709 struct ieee80211_local *local = sdata->local; 710 struct ieee80211_sub_if_data *vlan; 711 struct ieee80211_key *key, *tmp; 712 LIST_HEAD(keys); 713 714 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk); 715 716 mutex_lock(&local->key_mtx); 717 718 ieee80211_free_keys_iface(sdata, &keys); 719 720 if (sdata->vif.type == NL80211_IFTYPE_AP) { 721 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 722 ieee80211_free_keys_iface(vlan, &keys); 723 } 724 725 if (!list_empty(&keys) || force_synchronize) 726 synchronize_net(); 727 list_for_each_entry_safe(key, tmp, &keys, list) 728 __ieee80211_key_destroy(key, false); 729 730 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt || 731 sdata->crypto_tx_tailroom_pending_dec); 732 if (sdata->vif.type == NL80211_IFTYPE_AP) { 733 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 734 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt || 735 vlan->crypto_tx_tailroom_pending_dec); 736 } 737 738 mutex_unlock(&local->key_mtx); 739 } 740 741 void ieee80211_free_sta_keys(struct ieee80211_local *local, 742 struct sta_info *sta) 743 { 744 struct ieee80211_key *key; 745 int i; 746 747 mutex_lock(&local->key_mtx); 748 for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) { 749 key = key_mtx_dereference(local, sta->gtk[i]); 750 if (!key) 751 continue; 752 ieee80211_key_replace(key->sdata, key->sta, 753 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 754 key, NULL); 755 __ieee80211_key_destroy(key, true); 756 } 757 758 for (i = 0; i < NUM_DEFAULT_KEYS; i++) { 759 key = key_mtx_dereference(local, sta->ptk[i]); 760 if (!key) 761 continue; 762 ieee80211_key_replace(key->sdata, key->sta, 763 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 764 key, NULL); 765 __ieee80211_key_destroy(key, true); 766 } 767 768 mutex_unlock(&local->key_mtx); 769 } 770 771 void ieee80211_delayed_tailroom_dec(struct work_struct *wk) 772 { 773 struct ieee80211_sub_if_data *sdata; 774 775 sdata = container_of(wk, struct ieee80211_sub_if_data, 776 dec_tailroom_needed_wk.work); 777 778 /* 779 * The reason for the delayed tailroom needed decrementing is to 780 * make roaming faster: during roaming, all keys are first deleted 781 * and then new keys are installed. The first new key causes the 782 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes 783 * the cost of synchronize_net() (which can be slow). Avoid this 784 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on 785 * key removal for a while, so if we roam the value is larger than 786 * zero and no 0->1 transition happens. 787 * 788 * The cost is that if the AP switching was from an AP with keys 789 * to one without, we still allocate tailroom while it would no 790 * longer be needed. However, in the typical (fast) roaming case 791 * within an ESS this usually won't happen. 792 */ 793 794 mutex_lock(&sdata->local->key_mtx); 795 sdata->crypto_tx_tailroom_needed_cnt -= 796 sdata->crypto_tx_tailroom_pending_dec; 797 sdata->crypto_tx_tailroom_pending_dec = 0; 798 mutex_unlock(&sdata->local->key_mtx); 799 } 800 801 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid, 802 const u8 *replay_ctr, gfp_t gfp) 803 { 804 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 805 806 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr); 807 808 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp); 809 } 810 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify); 811 812 void ieee80211_get_key_tx_seq(struct ieee80211_key_conf *keyconf, 813 struct ieee80211_key_seq *seq) 814 { 815 struct ieee80211_key *key; 816 u64 pn64; 817 818 if (WARN_ON(!(keyconf->flags & IEEE80211_KEY_FLAG_GENERATE_IV))) 819 return; 820 821 key = container_of(keyconf, struct ieee80211_key, conf); 822 823 switch (key->conf.cipher) { 824 case WLAN_CIPHER_SUITE_TKIP: 825 seq->tkip.iv32 = key->u.tkip.tx.iv32; 826 seq->tkip.iv16 = key->u.tkip.tx.iv16; 827 break; 828 case WLAN_CIPHER_SUITE_CCMP: 829 case WLAN_CIPHER_SUITE_CCMP_256: 830 pn64 = atomic64_read(&key->u.ccmp.tx_pn); 831 seq->ccmp.pn[5] = pn64; 832 seq->ccmp.pn[4] = pn64 >> 8; 833 seq->ccmp.pn[3] = pn64 >> 16; 834 seq->ccmp.pn[2] = pn64 >> 24; 835 seq->ccmp.pn[1] = pn64 >> 32; 836 seq->ccmp.pn[0] = pn64 >> 40; 837 break; 838 case WLAN_CIPHER_SUITE_AES_CMAC: 839 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 840 pn64 = atomic64_read(&key->u.aes_cmac.tx_pn); 841 seq->ccmp.pn[5] = pn64; 842 seq->ccmp.pn[4] = pn64 >> 8; 843 seq->ccmp.pn[3] = pn64 >> 16; 844 seq->ccmp.pn[2] = pn64 >> 24; 845 seq->ccmp.pn[1] = pn64 >> 32; 846 seq->ccmp.pn[0] = pn64 >> 40; 847 break; 848 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 849 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 850 pn64 = atomic64_read(&key->u.aes_gmac.tx_pn); 851 seq->ccmp.pn[5] = pn64; 852 seq->ccmp.pn[4] = pn64 >> 8; 853 seq->ccmp.pn[3] = pn64 >> 16; 854 seq->ccmp.pn[2] = pn64 >> 24; 855 seq->ccmp.pn[1] = pn64 >> 32; 856 seq->ccmp.pn[0] = pn64 >> 40; 857 break; 858 case WLAN_CIPHER_SUITE_GCMP: 859 case WLAN_CIPHER_SUITE_GCMP_256: 860 pn64 = atomic64_read(&key->u.gcmp.tx_pn); 861 seq->gcmp.pn[5] = pn64; 862 seq->gcmp.pn[4] = pn64 >> 8; 863 seq->gcmp.pn[3] = pn64 >> 16; 864 seq->gcmp.pn[2] = pn64 >> 24; 865 seq->gcmp.pn[1] = pn64 >> 32; 866 seq->gcmp.pn[0] = pn64 >> 40; 867 break; 868 default: 869 WARN_ON(1); 870 } 871 } 872 EXPORT_SYMBOL(ieee80211_get_key_tx_seq); 873 874 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf, 875 int tid, struct ieee80211_key_seq *seq) 876 { 877 struct ieee80211_key *key; 878 const u8 *pn; 879 880 key = container_of(keyconf, struct ieee80211_key, conf); 881 882 switch (key->conf.cipher) { 883 case WLAN_CIPHER_SUITE_TKIP: 884 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 885 return; 886 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32; 887 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16; 888 break; 889 case WLAN_CIPHER_SUITE_CCMP: 890 case WLAN_CIPHER_SUITE_CCMP_256: 891 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 892 return; 893 if (tid < 0) 894 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 895 else 896 pn = key->u.ccmp.rx_pn[tid]; 897 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN); 898 break; 899 case WLAN_CIPHER_SUITE_AES_CMAC: 900 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 901 if (WARN_ON(tid != 0)) 902 return; 903 pn = key->u.aes_cmac.rx_pn; 904 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN); 905 break; 906 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 907 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 908 if (WARN_ON(tid != 0)) 909 return; 910 pn = key->u.aes_gmac.rx_pn; 911 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN); 912 break; 913 case WLAN_CIPHER_SUITE_GCMP: 914 case WLAN_CIPHER_SUITE_GCMP_256: 915 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 916 return; 917 if (tid < 0) 918 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 919 else 920 pn = key->u.gcmp.rx_pn[tid]; 921 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN); 922 break; 923 } 924 } 925 EXPORT_SYMBOL(ieee80211_get_key_rx_seq); 926 927 void ieee80211_set_key_tx_seq(struct ieee80211_key_conf *keyconf, 928 struct ieee80211_key_seq *seq) 929 { 930 struct ieee80211_key *key; 931 u64 pn64; 932 933 key = container_of(keyconf, struct ieee80211_key, conf); 934 935 switch (key->conf.cipher) { 936 case WLAN_CIPHER_SUITE_TKIP: 937 key->u.tkip.tx.iv32 = seq->tkip.iv32; 938 key->u.tkip.tx.iv16 = seq->tkip.iv16; 939 break; 940 case WLAN_CIPHER_SUITE_CCMP: 941 case WLAN_CIPHER_SUITE_CCMP_256: 942 pn64 = (u64)seq->ccmp.pn[5] | 943 ((u64)seq->ccmp.pn[4] << 8) | 944 ((u64)seq->ccmp.pn[3] << 16) | 945 ((u64)seq->ccmp.pn[2] << 24) | 946 ((u64)seq->ccmp.pn[1] << 32) | 947 ((u64)seq->ccmp.pn[0] << 40); 948 atomic64_set(&key->u.ccmp.tx_pn, pn64); 949 break; 950 case WLAN_CIPHER_SUITE_AES_CMAC: 951 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 952 pn64 = (u64)seq->aes_cmac.pn[5] | 953 ((u64)seq->aes_cmac.pn[4] << 8) | 954 ((u64)seq->aes_cmac.pn[3] << 16) | 955 ((u64)seq->aes_cmac.pn[2] << 24) | 956 ((u64)seq->aes_cmac.pn[1] << 32) | 957 ((u64)seq->aes_cmac.pn[0] << 40); 958 atomic64_set(&key->u.aes_cmac.tx_pn, pn64); 959 break; 960 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 961 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 962 pn64 = (u64)seq->aes_gmac.pn[5] | 963 ((u64)seq->aes_gmac.pn[4] << 8) | 964 ((u64)seq->aes_gmac.pn[3] << 16) | 965 ((u64)seq->aes_gmac.pn[2] << 24) | 966 ((u64)seq->aes_gmac.pn[1] << 32) | 967 ((u64)seq->aes_gmac.pn[0] << 40); 968 atomic64_set(&key->u.aes_gmac.tx_pn, pn64); 969 break; 970 case WLAN_CIPHER_SUITE_GCMP: 971 case WLAN_CIPHER_SUITE_GCMP_256: 972 pn64 = (u64)seq->gcmp.pn[5] | 973 ((u64)seq->gcmp.pn[4] << 8) | 974 ((u64)seq->gcmp.pn[3] << 16) | 975 ((u64)seq->gcmp.pn[2] << 24) | 976 ((u64)seq->gcmp.pn[1] << 32) | 977 ((u64)seq->gcmp.pn[0] << 40); 978 atomic64_set(&key->u.gcmp.tx_pn, pn64); 979 break; 980 default: 981 WARN_ON(1); 982 break; 983 } 984 } 985 EXPORT_SYMBOL_GPL(ieee80211_set_key_tx_seq); 986 987 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf, 988 int tid, struct ieee80211_key_seq *seq) 989 { 990 struct ieee80211_key *key; 991 u8 *pn; 992 993 key = container_of(keyconf, struct ieee80211_key, conf); 994 995 switch (key->conf.cipher) { 996 case WLAN_CIPHER_SUITE_TKIP: 997 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 998 return; 999 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32; 1000 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16; 1001 break; 1002 case WLAN_CIPHER_SUITE_CCMP: 1003 case WLAN_CIPHER_SUITE_CCMP_256: 1004 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1005 return; 1006 if (tid < 0) 1007 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 1008 else 1009 pn = key->u.ccmp.rx_pn[tid]; 1010 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN); 1011 break; 1012 case WLAN_CIPHER_SUITE_AES_CMAC: 1013 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1014 if (WARN_ON(tid != 0)) 1015 return; 1016 pn = key->u.aes_cmac.rx_pn; 1017 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN); 1018 break; 1019 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1020 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1021 if (WARN_ON(tid != 0)) 1022 return; 1023 pn = key->u.aes_gmac.rx_pn; 1024 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN); 1025 break; 1026 case WLAN_CIPHER_SUITE_GCMP: 1027 case WLAN_CIPHER_SUITE_GCMP_256: 1028 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1029 return; 1030 if (tid < 0) 1031 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 1032 else 1033 pn = key->u.gcmp.rx_pn[tid]; 1034 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN); 1035 break; 1036 default: 1037 WARN_ON(1); 1038 break; 1039 } 1040 } 1041 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq); 1042 1043 void ieee80211_remove_key(struct ieee80211_key_conf *keyconf) 1044 { 1045 struct ieee80211_key *key; 1046 1047 key = container_of(keyconf, struct ieee80211_key, conf); 1048 1049 assert_key_lock(key->local); 1050 1051 /* 1052 * if key was uploaded, we assume the driver will/has remove(d) 1053 * it, so adjust bookkeeping accordingly 1054 */ 1055 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 1056 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 1057 1058 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 1059 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 1060 increment_tailroom_need_count(key->sdata); 1061 } 1062 1063 ieee80211_key_free(key, false); 1064 } 1065 EXPORT_SYMBOL_GPL(ieee80211_remove_key); 1066 1067 struct ieee80211_key_conf * 1068 ieee80211_gtk_rekey_add(struct ieee80211_vif *vif, 1069 struct ieee80211_key_conf *keyconf) 1070 { 1071 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1072 struct ieee80211_local *local = sdata->local; 1073 struct ieee80211_key *key; 1074 int err; 1075 1076 if (WARN_ON(!local->wowlan)) 1077 return ERR_PTR(-EINVAL); 1078 1079 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION)) 1080 return ERR_PTR(-EINVAL); 1081 1082 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx, 1083 keyconf->keylen, keyconf->key, 1084 0, NULL, NULL); 1085 if (IS_ERR(key)) 1086 return ERR_CAST(key); 1087 1088 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED) 1089 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT; 1090 1091 err = ieee80211_key_link(key, sdata, NULL); 1092 if (err) 1093 return ERR_PTR(err); 1094 1095 return &key->conf; 1096 } 1097 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add); 1098