1 /* 2 * Copyright 2002-2005, Instant802 Networks, Inc. 3 * Copyright 2005-2006, Devicescape Software, Inc. 4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net> 6 * Copyright 2013-2014 Intel Mobile Communications GmbH 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License version 2 as 10 * published by the Free Software Foundation. 11 */ 12 13 #include <linux/if_ether.h> 14 #include <linux/etherdevice.h> 15 #include <linux/list.h> 16 #include <linux/rcupdate.h> 17 #include <linux/rtnetlink.h> 18 #include <linux/slab.h> 19 #include <linux/export.h> 20 #include <net/mac80211.h> 21 #include <asm/unaligned.h> 22 #include "ieee80211_i.h" 23 #include "driver-ops.h" 24 #include "debugfs_key.h" 25 #include "aes_ccm.h" 26 #include "aes_cmac.h" 27 #include "aes_gmac.h" 28 #include "aes_gcm.h" 29 30 31 /** 32 * DOC: Key handling basics 33 * 34 * Key handling in mac80211 is done based on per-interface (sub_if_data) 35 * keys and per-station keys. Since each station belongs to an interface, 36 * each station key also belongs to that interface. 37 * 38 * Hardware acceleration is done on a best-effort basis for algorithms 39 * that are implemented in software, for each key the hardware is asked 40 * to enable that key for offloading but if it cannot do that the key is 41 * simply kept for software encryption (unless it is for an algorithm 42 * that isn't implemented in software). 43 * There is currently no way of knowing whether a key is handled in SW 44 * or HW except by looking into debugfs. 45 * 46 * All key management is internally protected by a mutex. Within all 47 * other parts of mac80211, key references are, just as STA structure 48 * references, protected by RCU. Note, however, that some things are 49 * unprotected, namely the key->sta dereferences within the hardware 50 * acceleration functions. This means that sta_info_destroy() must 51 * remove the key which waits for an RCU grace period. 52 */ 53 54 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 55 56 static void assert_key_lock(struct ieee80211_local *local) 57 { 58 lockdep_assert_held(&local->key_mtx); 59 } 60 61 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata) 62 { 63 /* 64 * When this count is zero, SKB resizing for allocating tailroom 65 * for IV or MMIC is skipped. But, this check has created two race 66 * cases in xmit path while transiting from zero count to one: 67 * 68 * 1. SKB resize was skipped because no key was added but just before 69 * the xmit key is added and SW encryption kicks off. 70 * 71 * 2. SKB resize was skipped because all the keys were hw planted but 72 * just before xmit one of the key is deleted and SW encryption kicks 73 * off. 74 * 75 * In both the above case SW encryption will find not enough space for 76 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c) 77 * 78 * Solution has been explained at 79 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net 80 */ 81 82 if (!sdata->crypto_tx_tailroom_needed_cnt++) { 83 /* 84 * Flush all XMIT packets currently using HW encryption or no 85 * encryption at all if the count transition is from 0 -> 1. 86 */ 87 synchronize_net(); 88 } 89 } 90 91 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key) 92 { 93 struct ieee80211_sub_if_data *sdata; 94 struct sta_info *sta; 95 int ret = -EOPNOTSUPP; 96 97 might_sleep(); 98 99 if (key->flags & KEY_FLAG_TAINTED) { 100 /* If we get here, it's during resume and the key is 101 * tainted so shouldn't be used/programmed any more. 102 * However, its flags may still indicate that it was 103 * programmed into the device (since we're in resume) 104 * so clear that flag now to avoid trying to remove 105 * it again later. 106 */ 107 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 108 return -EINVAL; 109 } 110 111 if (!key->local->ops->set_key) 112 goto out_unsupported; 113 114 assert_key_lock(key->local); 115 116 sta = key->sta; 117 118 /* 119 * If this is a per-STA GTK, check if it 120 * is supported; if not, return. 121 */ 122 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) && 123 !(key->local->hw.flags & IEEE80211_HW_SUPPORTS_PER_STA_GTK)) 124 goto out_unsupported; 125 126 if (sta && !sta->uploaded) 127 goto out_unsupported; 128 129 sdata = key->sdata; 130 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 131 /* 132 * The driver doesn't know anything about VLAN interfaces. 133 * Hence, don't send GTKs for VLAN interfaces to the driver. 134 */ 135 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) 136 goto out_unsupported; 137 } 138 139 ret = drv_set_key(key->local, SET_KEY, sdata, 140 sta ? &sta->sta : NULL, &key->conf); 141 142 if (!ret) { 143 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; 144 145 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 146 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 147 sdata->crypto_tx_tailroom_needed_cnt--; 148 149 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) && 150 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)); 151 152 return 0; 153 } 154 155 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1) 156 sdata_err(sdata, 157 "failed to set key (%d, %pM) to hardware (%d)\n", 158 key->conf.keyidx, 159 sta ? sta->sta.addr : bcast_addr, ret); 160 161 out_unsupported: 162 switch (key->conf.cipher) { 163 case WLAN_CIPHER_SUITE_WEP40: 164 case WLAN_CIPHER_SUITE_WEP104: 165 case WLAN_CIPHER_SUITE_TKIP: 166 case WLAN_CIPHER_SUITE_CCMP: 167 case WLAN_CIPHER_SUITE_CCMP_256: 168 case WLAN_CIPHER_SUITE_AES_CMAC: 169 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 170 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 171 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 172 case WLAN_CIPHER_SUITE_GCMP: 173 case WLAN_CIPHER_SUITE_GCMP_256: 174 /* all of these we can do in software - if driver can */ 175 if (ret == 1) 176 return 0; 177 if (key->local->hw.flags & IEEE80211_HW_SW_CRYPTO_CONTROL) 178 return -EINVAL; 179 return 0; 180 default: 181 return -EINVAL; 182 } 183 } 184 185 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key) 186 { 187 struct ieee80211_sub_if_data *sdata; 188 struct sta_info *sta; 189 int ret; 190 191 might_sleep(); 192 193 if (!key || !key->local->ops->set_key) 194 return; 195 196 assert_key_lock(key->local); 197 198 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 199 return; 200 201 sta = key->sta; 202 sdata = key->sdata; 203 204 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 205 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 206 increment_tailroom_need_count(sdata); 207 208 ret = drv_set_key(key->local, DISABLE_KEY, sdata, 209 sta ? &sta->sta : NULL, &key->conf); 210 211 if (ret) 212 sdata_err(sdata, 213 "failed to remove key (%d, %pM) from hardware (%d)\n", 214 key->conf.keyidx, 215 sta ? sta->sta.addr : bcast_addr, ret); 216 217 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 218 } 219 220 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, 221 int idx, bool uni, bool multi) 222 { 223 struct ieee80211_key *key = NULL; 224 225 assert_key_lock(sdata->local); 226 227 if (idx >= 0 && idx < NUM_DEFAULT_KEYS) 228 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 229 230 if (uni) { 231 rcu_assign_pointer(sdata->default_unicast_key, key); 232 drv_set_default_unicast_key(sdata->local, sdata, idx); 233 } 234 235 if (multi) 236 rcu_assign_pointer(sdata->default_multicast_key, key); 237 238 ieee80211_debugfs_key_update_default(sdata); 239 } 240 241 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx, 242 bool uni, bool multi) 243 { 244 mutex_lock(&sdata->local->key_mtx); 245 __ieee80211_set_default_key(sdata, idx, uni, multi); 246 mutex_unlock(&sdata->local->key_mtx); 247 } 248 249 static void 250 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx) 251 { 252 struct ieee80211_key *key = NULL; 253 254 assert_key_lock(sdata->local); 255 256 if (idx >= NUM_DEFAULT_KEYS && 257 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) 258 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 259 260 rcu_assign_pointer(sdata->default_mgmt_key, key); 261 262 ieee80211_debugfs_key_update_default(sdata); 263 } 264 265 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, 266 int idx) 267 { 268 mutex_lock(&sdata->local->key_mtx); 269 __ieee80211_set_default_mgmt_key(sdata, idx); 270 mutex_unlock(&sdata->local->key_mtx); 271 } 272 273 274 static void ieee80211_key_replace(struct ieee80211_sub_if_data *sdata, 275 struct sta_info *sta, 276 bool pairwise, 277 struct ieee80211_key *old, 278 struct ieee80211_key *new) 279 { 280 int idx; 281 bool defunikey, defmultikey, defmgmtkey; 282 283 /* caller must provide at least one old/new */ 284 if (WARN_ON(!new && !old)) 285 return; 286 287 if (new) 288 list_add_tail(&new->list, &sdata->key_list); 289 290 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx); 291 292 if (old) 293 idx = old->conf.keyidx; 294 else 295 idx = new->conf.keyidx; 296 297 if (sta) { 298 if (pairwise) { 299 rcu_assign_pointer(sta->ptk[idx], new); 300 sta->ptk_idx = idx; 301 } else { 302 rcu_assign_pointer(sta->gtk[idx], new); 303 sta->gtk_idx = idx; 304 } 305 } else { 306 defunikey = old && 307 old == key_mtx_dereference(sdata->local, 308 sdata->default_unicast_key); 309 defmultikey = old && 310 old == key_mtx_dereference(sdata->local, 311 sdata->default_multicast_key); 312 defmgmtkey = old && 313 old == key_mtx_dereference(sdata->local, 314 sdata->default_mgmt_key); 315 316 if (defunikey && !new) 317 __ieee80211_set_default_key(sdata, -1, true, false); 318 if (defmultikey && !new) 319 __ieee80211_set_default_key(sdata, -1, false, true); 320 if (defmgmtkey && !new) 321 __ieee80211_set_default_mgmt_key(sdata, -1); 322 323 rcu_assign_pointer(sdata->keys[idx], new); 324 if (defunikey && new) 325 __ieee80211_set_default_key(sdata, new->conf.keyidx, 326 true, false); 327 if (defmultikey && new) 328 __ieee80211_set_default_key(sdata, new->conf.keyidx, 329 false, true); 330 if (defmgmtkey && new) 331 __ieee80211_set_default_mgmt_key(sdata, 332 new->conf.keyidx); 333 } 334 335 if (old) 336 list_del(&old->list); 337 } 338 339 struct ieee80211_key * 340 ieee80211_key_alloc(u32 cipher, int idx, size_t key_len, 341 const u8 *key_data, 342 size_t seq_len, const u8 *seq, 343 const struct ieee80211_cipher_scheme *cs) 344 { 345 struct ieee80211_key *key; 346 int i, j, err; 347 348 if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)) 349 return ERR_PTR(-EINVAL); 350 351 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL); 352 if (!key) 353 return ERR_PTR(-ENOMEM); 354 355 /* 356 * Default to software encryption; we'll later upload the 357 * key to the hardware if possible. 358 */ 359 key->conf.flags = 0; 360 key->flags = 0; 361 362 key->conf.cipher = cipher; 363 key->conf.keyidx = idx; 364 key->conf.keylen = key_len; 365 switch (cipher) { 366 case WLAN_CIPHER_SUITE_WEP40: 367 case WLAN_CIPHER_SUITE_WEP104: 368 key->conf.iv_len = IEEE80211_WEP_IV_LEN; 369 key->conf.icv_len = IEEE80211_WEP_ICV_LEN; 370 break; 371 case WLAN_CIPHER_SUITE_TKIP: 372 key->conf.iv_len = IEEE80211_TKIP_IV_LEN; 373 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN; 374 if (seq) { 375 for (i = 0; i < IEEE80211_NUM_TIDS; i++) { 376 key->u.tkip.rx[i].iv32 = 377 get_unaligned_le32(&seq[2]); 378 key->u.tkip.rx[i].iv16 = 379 get_unaligned_le16(seq); 380 } 381 } 382 spin_lock_init(&key->u.tkip.txlock); 383 break; 384 case WLAN_CIPHER_SUITE_CCMP: 385 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN; 386 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN; 387 if (seq) { 388 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 389 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++) 390 key->u.ccmp.rx_pn[i][j] = 391 seq[IEEE80211_CCMP_PN_LEN - j - 1]; 392 } 393 /* 394 * Initialize AES key state here as an optimization so that 395 * it does not need to be initialized for every packet. 396 */ 397 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 398 key_data, key_len, IEEE80211_CCMP_MIC_LEN); 399 if (IS_ERR(key->u.ccmp.tfm)) { 400 err = PTR_ERR(key->u.ccmp.tfm); 401 kfree(key); 402 return ERR_PTR(err); 403 } 404 break; 405 case WLAN_CIPHER_SUITE_CCMP_256: 406 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN; 407 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN; 408 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 409 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++) 410 key->u.ccmp.rx_pn[i][j] = 411 seq[IEEE80211_CCMP_256_PN_LEN - j - 1]; 412 /* Initialize AES key state here as an optimization so that 413 * it does not need to be initialized for every packet. 414 */ 415 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 416 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN); 417 if (IS_ERR(key->u.ccmp.tfm)) { 418 err = PTR_ERR(key->u.ccmp.tfm); 419 kfree(key); 420 return ERR_PTR(err); 421 } 422 break; 423 case WLAN_CIPHER_SUITE_AES_CMAC: 424 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 425 key->conf.iv_len = 0; 426 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC) 427 key->conf.icv_len = sizeof(struct ieee80211_mmie); 428 else 429 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 430 if (seq) 431 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++) 432 key->u.aes_cmac.rx_pn[j] = 433 seq[IEEE80211_CMAC_PN_LEN - j - 1]; 434 /* 435 * Initialize AES key state here as an optimization so that 436 * it does not need to be initialized for every packet. 437 */ 438 key->u.aes_cmac.tfm = 439 ieee80211_aes_cmac_key_setup(key_data, key_len); 440 if (IS_ERR(key->u.aes_cmac.tfm)) { 441 err = PTR_ERR(key->u.aes_cmac.tfm); 442 kfree(key); 443 return ERR_PTR(err); 444 } 445 break; 446 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 447 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 448 key->conf.iv_len = 0; 449 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 450 if (seq) 451 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++) 452 key->u.aes_gmac.rx_pn[j] = 453 seq[IEEE80211_GMAC_PN_LEN - j - 1]; 454 /* Initialize AES key state here as an optimization so that 455 * it does not need to be initialized for every packet. 456 */ 457 key->u.aes_gmac.tfm = 458 ieee80211_aes_gmac_key_setup(key_data, key_len); 459 if (IS_ERR(key->u.aes_gmac.tfm)) { 460 err = PTR_ERR(key->u.aes_gmac.tfm); 461 kfree(key); 462 return ERR_PTR(err); 463 } 464 break; 465 case WLAN_CIPHER_SUITE_GCMP: 466 case WLAN_CIPHER_SUITE_GCMP_256: 467 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN; 468 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN; 469 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 470 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++) 471 key->u.gcmp.rx_pn[i][j] = 472 seq[IEEE80211_GCMP_PN_LEN - j - 1]; 473 /* Initialize AES key state here as an optimization so that 474 * it does not need to be initialized for every packet. 475 */ 476 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data, 477 key_len); 478 if (IS_ERR(key->u.gcmp.tfm)) { 479 err = PTR_ERR(key->u.gcmp.tfm); 480 kfree(key); 481 return ERR_PTR(err); 482 } 483 break; 484 default: 485 if (cs) { 486 size_t len = (seq_len > MAX_PN_LEN) ? 487 MAX_PN_LEN : seq_len; 488 489 key->conf.iv_len = cs->hdr_len; 490 key->conf.icv_len = cs->mic_len; 491 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 492 for (j = 0; j < len; j++) 493 key->u.gen.rx_pn[i][j] = 494 seq[len - j - 1]; 495 key->flags |= KEY_FLAG_CIPHER_SCHEME; 496 } 497 } 498 memcpy(key->conf.key, key_data, key_len); 499 INIT_LIST_HEAD(&key->list); 500 501 return key; 502 } 503 504 static void ieee80211_key_free_common(struct ieee80211_key *key) 505 { 506 switch (key->conf.cipher) { 507 case WLAN_CIPHER_SUITE_CCMP: 508 case WLAN_CIPHER_SUITE_CCMP_256: 509 ieee80211_aes_key_free(key->u.ccmp.tfm); 510 break; 511 case WLAN_CIPHER_SUITE_AES_CMAC: 512 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 513 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm); 514 break; 515 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 516 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 517 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm); 518 break; 519 case WLAN_CIPHER_SUITE_GCMP: 520 case WLAN_CIPHER_SUITE_GCMP_256: 521 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm); 522 break; 523 } 524 kzfree(key); 525 } 526 527 static void __ieee80211_key_destroy(struct ieee80211_key *key, 528 bool delay_tailroom) 529 { 530 if (key->local) 531 ieee80211_key_disable_hw_accel(key); 532 533 if (key->local) { 534 struct ieee80211_sub_if_data *sdata = key->sdata; 535 536 ieee80211_debugfs_key_remove(key); 537 538 if (delay_tailroom) { 539 /* see ieee80211_delayed_tailroom_dec */ 540 sdata->crypto_tx_tailroom_pending_dec++; 541 schedule_delayed_work(&sdata->dec_tailroom_needed_wk, 542 HZ/2); 543 } else { 544 sdata->crypto_tx_tailroom_needed_cnt--; 545 } 546 } 547 548 ieee80211_key_free_common(key); 549 } 550 551 static void ieee80211_key_destroy(struct ieee80211_key *key, 552 bool delay_tailroom) 553 { 554 if (!key) 555 return; 556 557 /* 558 * Synchronize so the TX path can no longer be using 559 * this key before we free/remove it. 560 */ 561 synchronize_net(); 562 563 __ieee80211_key_destroy(key, delay_tailroom); 564 } 565 566 void ieee80211_key_free_unused(struct ieee80211_key *key) 567 { 568 WARN_ON(key->sdata || key->local); 569 ieee80211_key_free_common(key); 570 } 571 572 int ieee80211_key_link(struct ieee80211_key *key, 573 struct ieee80211_sub_if_data *sdata, 574 struct sta_info *sta) 575 { 576 struct ieee80211_local *local = sdata->local; 577 struct ieee80211_key *old_key; 578 int idx, ret; 579 bool pairwise; 580 581 pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE; 582 idx = key->conf.keyidx; 583 key->local = sdata->local; 584 key->sdata = sdata; 585 key->sta = sta; 586 587 mutex_lock(&sdata->local->key_mtx); 588 589 if (sta && pairwise) 590 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]); 591 else if (sta) 592 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]); 593 else 594 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 595 596 increment_tailroom_need_count(sdata); 597 598 ieee80211_key_replace(sdata, sta, pairwise, old_key, key); 599 ieee80211_key_destroy(old_key, true); 600 601 ieee80211_debugfs_key_add(key); 602 603 if (!local->wowlan) { 604 ret = ieee80211_key_enable_hw_accel(key); 605 if (ret) 606 ieee80211_key_free(key, true); 607 } else { 608 ret = 0; 609 } 610 611 mutex_unlock(&sdata->local->key_mtx); 612 613 return ret; 614 } 615 616 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom) 617 { 618 if (!key) 619 return; 620 621 /* 622 * Replace key with nothingness if it was ever used. 623 */ 624 if (key->sdata) 625 ieee80211_key_replace(key->sdata, key->sta, 626 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 627 key, NULL); 628 ieee80211_key_destroy(key, delay_tailroom); 629 } 630 631 void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata) 632 { 633 struct ieee80211_key *key; 634 635 ASSERT_RTNL(); 636 637 if (WARN_ON(!ieee80211_sdata_running(sdata))) 638 return; 639 640 mutex_lock(&sdata->local->key_mtx); 641 642 sdata->crypto_tx_tailroom_needed_cnt = 0; 643 644 list_for_each_entry(key, &sdata->key_list, list) { 645 increment_tailroom_need_count(sdata); 646 ieee80211_key_enable_hw_accel(key); 647 } 648 649 mutex_unlock(&sdata->local->key_mtx); 650 } 651 652 void ieee80211_iter_keys(struct ieee80211_hw *hw, 653 struct ieee80211_vif *vif, 654 void (*iter)(struct ieee80211_hw *hw, 655 struct ieee80211_vif *vif, 656 struct ieee80211_sta *sta, 657 struct ieee80211_key_conf *key, 658 void *data), 659 void *iter_data) 660 { 661 struct ieee80211_local *local = hw_to_local(hw); 662 struct ieee80211_key *key, *tmp; 663 struct ieee80211_sub_if_data *sdata; 664 665 ASSERT_RTNL(); 666 667 mutex_lock(&local->key_mtx); 668 if (vif) { 669 sdata = vif_to_sdata(vif); 670 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) 671 iter(hw, &sdata->vif, 672 key->sta ? &key->sta->sta : NULL, 673 &key->conf, iter_data); 674 } else { 675 list_for_each_entry(sdata, &local->interfaces, list) 676 list_for_each_entry_safe(key, tmp, 677 &sdata->key_list, list) 678 iter(hw, &sdata->vif, 679 key->sta ? &key->sta->sta : NULL, 680 &key->conf, iter_data); 681 } 682 mutex_unlock(&local->key_mtx); 683 } 684 EXPORT_SYMBOL(ieee80211_iter_keys); 685 686 static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata, 687 struct list_head *keys) 688 { 689 struct ieee80211_key *key, *tmp; 690 691 sdata->crypto_tx_tailroom_needed_cnt -= 692 sdata->crypto_tx_tailroom_pending_dec; 693 sdata->crypto_tx_tailroom_pending_dec = 0; 694 695 ieee80211_debugfs_key_remove_mgmt_default(sdata); 696 697 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) { 698 ieee80211_key_replace(key->sdata, key->sta, 699 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 700 key, NULL); 701 list_add_tail(&key->list, keys); 702 } 703 704 ieee80211_debugfs_key_update_default(sdata); 705 } 706 707 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata, 708 bool force_synchronize) 709 { 710 struct ieee80211_local *local = sdata->local; 711 struct ieee80211_sub_if_data *vlan; 712 struct ieee80211_key *key, *tmp; 713 LIST_HEAD(keys); 714 715 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk); 716 717 mutex_lock(&local->key_mtx); 718 719 ieee80211_free_keys_iface(sdata, &keys); 720 721 if (sdata->vif.type == NL80211_IFTYPE_AP) { 722 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 723 ieee80211_free_keys_iface(vlan, &keys); 724 } 725 726 if (!list_empty(&keys) || force_synchronize) 727 synchronize_net(); 728 list_for_each_entry_safe(key, tmp, &keys, list) 729 __ieee80211_key_destroy(key, false); 730 731 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt || 732 sdata->crypto_tx_tailroom_pending_dec); 733 if (sdata->vif.type == NL80211_IFTYPE_AP) { 734 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 735 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt || 736 vlan->crypto_tx_tailroom_pending_dec); 737 } 738 739 mutex_unlock(&local->key_mtx); 740 } 741 742 void ieee80211_free_sta_keys(struct ieee80211_local *local, 743 struct sta_info *sta) 744 { 745 struct ieee80211_key *key; 746 int i; 747 748 mutex_lock(&local->key_mtx); 749 for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) { 750 key = key_mtx_dereference(local, sta->gtk[i]); 751 if (!key) 752 continue; 753 ieee80211_key_replace(key->sdata, key->sta, 754 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 755 key, NULL); 756 __ieee80211_key_destroy(key, true); 757 } 758 759 for (i = 0; i < NUM_DEFAULT_KEYS; i++) { 760 key = key_mtx_dereference(local, sta->ptk[i]); 761 if (!key) 762 continue; 763 ieee80211_key_replace(key->sdata, key->sta, 764 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 765 key, NULL); 766 __ieee80211_key_destroy(key, true); 767 } 768 769 mutex_unlock(&local->key_mtx); 770 } 771 772 void ieee80211_delayed_tailroom_dec(struct work_struct *wk) 773 { 774 struct ieee80211_sub_if_data *sdata; 775 776 sdata = container_of(wk, struct ieee80211_sub_if_data, 777 dec_tailroom_needed_wk.work); 778 779 /* 780 * The reason for the delayed tailroom needed decrementing is to 781 * make roaming faster: during roaming, all keys are first deleted 782 * and then new keys are installed. The first new key causes the 783 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes 784 * the cost of synchronize_net() (which can be slow). Avoid this 785 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on 786 * key removal for a while, so if we roam the value is larger than 787 * zero and no 0->1 transition happens. 788 * 789 * The cost is that if the AP switching was from an AP with keys 790 * to one without, we still allocate tailroom while it would no 791 * longer be needed. However, in the typical (fast) roaming case 792 * within an ESS this usually won't happen. 793 */ 794 795 mutex_lock(&sdata->local->key_mtx); 796 sdata->crypto_tx_tailroom_needed_cnt -= 797 sdata->crypto_tx_tailroom_pending_dec; 798 sdata->crypto_tx_tailroom_pending_dec = 0; 799 mutex_unlock(&sdata->local->key_mtx); 800 } 801 802 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid, 803 const u8 *replay_ctr, gfp_t gfp) 804 { 805 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 806 807 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr); 808 809 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp); 810 } 811 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify); 812 813 void ieee80211_get_key_tx_seq(struct ieee80211_key_conf *keyconf, 814 struct ieee80211_key_seq *seq) 815 { 816 struct ieee80211_key *key; 817 u64 pn64; 818 819 if (WARN_ON(!(keyconf->flags & IEEE80211_KEY_FLAG_GENERATE_IV))) 820 return; 821 822 key = container_of(keyconf, struct ieee80211_key, conf); 823 824 switch (key->conf.cipher) { 825 case WLAN_CIPHER_SUITE_TKIP: 826 seq->tkip.iv32 = key->u.tkip.tx.iv32; 827 seq->tkip.iv16 = key->u.tkip.tx.iv16; 828 break; 829 case WLAN_CIPHER_SUITE_CCMP: 830 case WLAN_CIPHER_SUITE_CCMP_256: 831 pn64 = atomic64_read(&key->u.ccmp.tx_pn); 832 seq->ccmp.pn[5] = pn64; 833 seq->ccmp.pn[4] = pn64 >> 8; 834 seq->ccmp.pn[3] = pn64 >> 16; 835 seq->ccmp.pn[2] = pn64 >> 24; 836 seq->ccmp.pn[1] = pn64 >> 32; 837 seq->ccmp.pn[0] = pn64 >> 40; 838 break; 839 case WLAN_CIPHER_SUITE_AES_CMAC: 840 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 841 pn64 = atomic64_read(&key->u.aes_cmac.tx_pn); 842 seq->ccmp.pn[5] = pn64; 843 seq->ccmp.pn[4] = pn64 >> 8; 844 seq->ccmp.pn[3] = pn64 >> 16; 845 seq->ccmp.pn[2] = pn64 >> 24; 846 seq->ccmp.pn[1] = pn64 >> 32; 847 seq->ccmp.pn[0] = pn64 >> 40; 848 break; 849 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 850 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 851 pn64 = atomic64_read(&key->u.aes_gmac.tx_pn); 852 seq->ccmp.pn[5] = pn64; 853 seq->ccmp.pn[4] = pn64 >> 8; 854 seq->ccmp.pn[3] = pn64 >> 16; 855 seq->ccmp.pn[2] = pn64 >> 24; 856 seq->ccmp.pn[1] = pn64 >> 32; 857 seq->ccmp.pn[0] = pn64 >> 40; 858 break; 859 case WLAN_CIPHER_SUITE_GCMP: 860 case WLAN_CIPHER_SUITE_GCMP_256: 861 pn64 = atomic64_read(&key->u.gcmp.tx_pn); 862 seq->gcmp.pn[5] = pn64; 863 seq->gcmp.pn[4] = pn64 >> 8; 864 seq->gcmp.pn[3] = pn64 >> 16; 865 seq->gcmp.pn[2] = pn64 >> 24; 866 seq->gcmp.pn[1] = pn64 >> 32; 867 seq->gcmp.pn[0] = pn64 >> 40; 868 break; 869 default: 870 WARN_ON(1); 871 } 872 } 873 EXPORT_SYMBOL(ieee80211_get_key_tx_seq); 874 875 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf, 876 int tid, struct ieee80211_key_seq *seq) 877 { 878 struct ieee80211_key *key; 879 const u8 *pn; 880 881 key = container_of(keyconf, struct ieee80211_key, conf); 882 883 switch (key->conf.cipher) { 884 case WLAN_CIPHER_SUITE_TKIP: 885 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 886 return; 887 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32; 888 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16; 889 break; 890 case WLAN_CIPHER_SUITE_CCMP: 891 case WLAN_CIPHER_SUITE_CCMP_256: 892 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 893 return; 894 if (tid < 0) 895 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 896 else 897 pn = key->u.ccmp.rx_pn[tid]; 898 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN); 899 break; 900 case WLAN_CIPHER_SUITE_AES_CMAC: 901 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 902 if (WARN_ON(tid != 0)) 903 return; 904 pn = key->u.aes_cmac.rx_pn; 905 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN); 906 break; 907 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 908 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 909 if (WARN_ON(tid != 0)) 910 return; 911 pn = key->u.aes_gmac.rx_pn; 912 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN); 913 break; 914 case WLAN_CIPHER_SUITE_GCMP: 915 case WLAN_CIPHER_SUITE_GCMP_256: 916 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 917 return; 918 if (tid < 0) 919 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 920 else 921 pn = key->u.gcmp.rx_pn[tid]; 922 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN); 923 break; 924 } 925 } 926 EXPORT_SYMBOL(ieee80211_get_key_rx_seq); 927 928 void ieee80211_set_key_tx_seq(struct ieee80211_key_conf *keyconf, 929 struct ieee80211_key_seq *seq) 930 { 931 struct ieee80211_key *key; 932 u64 pn64; 933 934 key = container_of(keyconf, struct ieee80211_key, conf); 935 936 switch (key->conf.cipher) { 937 case WLAN_CIPHER_SUITE_TKIP: 938 key->u.tkip.tx.iv32 = seq->tkip.iv32; 939 key->u.tkip.tx.iv16 = seq->tkip.iv16; 940 break; 941 case WLAN_CIPHER_SUITE_CCMP: 942 case WLAN_CIPHER_SUITE_CCMP_256: 943 pn64 = (u64)seq->ccmp.pn[5] | 944 ((u64)seq->ccmp.pn[4] << 8) | 945 ((u64)seq->ccmp.pn[3] << 16) | 946 ((u64)seq->ccmp.pn[2] << 24) | 947 ((u64)seq->ccmp.pn[1] << 32) | 948 ((u64)seq->ccmp.pn[0] << 40); 949 atomic64_set(&key->u.ccmp.tx_pn, pn64); 950 break; 951 case WLAN_CIPHER_SUITE_AES_CMAC: 952 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 953 pn64 = (u64)seq->aes_cmac.pn[5] | 954 ((u64)seq->aes_cmac.pn[4] << 8) | 955 ((u64)seq->aes_cmac.pn[3] << 16) | 956 ((u64)seq->aes_cmac.pn[2] << 24) | 957 ((u64)seq->aes_cmac.pn[1] << 32) | 958 ((u64)seq->aes_cmac.pn[0] << 40); 959 atomic64_set(&key->u.aes_cmac.tx_pn, pn64); 960 break; 961 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 962 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 963 pn64 = (u64)seq->aes_gmac.pn[5] | 964 ((u64)seq->aes_gmac.pn[4] << 8) | 965 ((u64)seq->aes_gmac.pn[3] << 16) | 966 ((u64)seq->aes_gmac.pn[2] << 24) | 967 ((u64)seq->aes_gmac.pn[1] << 32) | 968 ((u64)seq->aes_gmac.pn[0] << 40); 969 atomic64_set(&key->u.aes_gmac.tx_pn, pn64); 970 break; 971 case WLAN_CIPHER_SUITE_GCMP: 972 case WLAN_CIPHER_SUITE_GCMP_256: 973 pn64 = (u64)seq->gcmp.pn[5] | 974 ((u64)seq->gcmp.pn[4] << 8) | 975 ((u64)seq->gcmp.pn[3] << 16) | 976 ((u64)seq->gcmp.pn[2] << 24) | 977 ((u64)seq->gcmp.pn[1] << 32) | 978 ((u64)seq->gcmp.pn[0] << 40); 979 atomic64_set(&key->u.gcmp.tx_pn, pn64); 980 break; 981 default: 982 WARN_ON(1); 983 break; 984 } 985 } 986 EXPORT_SYMBOL_GPL(ieee80211_set_key_tx_seq); 987 988 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf, 989 int tid, struct ieee80211_key_seq *seq) 990 { 991 struct ieee80211_key *key; 992 u8 *pn; 993 994 key = container_of(keyconf, struct ieee80211_key, conf); 995 996 switch (key->conf.cipher) { 997 case WLAN_CIPHER_SUITE_TKIP: 998 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 999 return; 1000 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32; 1001 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16; 1002 break; 1003 case WLAN_CIPHER_SUITE_CCMP: 1004 case WLAN_CIPHER_SUITE_CCMP_256: 1005 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1006 return; 1007 if (tid < 0) 1008 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 1009 else 1010 pn = key->u.ccmp.rx_pn[tid]; 1011 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN); 1012 break; 1013 case WLAN_CIPHER_SUITE_AES_CMAC: 1014 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1015 if (WARN_ON(tid != 0)) 1016 return; 1017 pn = key->u.aes_cmac.rx_pn; 1018 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN); 1019 break; 1020 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1021 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1022 if (WARN_ON(tid != 0)) 1023 return; 1024 pn = key->u.aes_gmac.rx_pn; 1025 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN); 1026 break; 1027 case WLAN_CIPHER_SUITE_GCMP: 1028 case WLAN_CIPHER_SUITE_GCMP_256: 1029 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1030 return; 1031 if (tid < 0) 1032 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 1033 else 1034 pn = key->u.gcmp.rx_pn[tid]; 1035 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN); 1036 break; 1037 default: 1038 WARN_ON(1); 1039 break; 1040 } 1041 } 1042 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq); 1043 1044 void ieee80211_remove_key(struct ieee80211_key_conf *keyconf) 1045 { 1046 struct ieee80211_key *key; 1047 1048 key = container_of(keyconf, struct ieee80211_key, conf); 1049 1050 assert_key_lock(key->local); 1051 1052 /* 1053 * if key was uploaded, we assume the driver will/has remove(d) 1054 * it, so adjust bookkeeping accordingly 1055 */ 1056 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 1057 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 1058 1059 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 1060 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 1061 increment_tailroom_need_count(key->sdata); 1062 } 1063 1064 ieee80211_key_free(key, false); 1065 } 1066 EXPORT_SYMBOL_GPL(ieee80211_remove_key); 1067 1068 struct ieee80211_key_conf * 1069 ieee80211_gtk_rekey_add(struct ieee80211_vif *vif, 1070 struct ieee80211_key_conf *keyconf) 1071 { 1072 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1073 struct ieee80211_local *local = sdata->local; 1074 struct ieee80211_key *key; 1075 int err; 1076 1077 if (WARN_ON(!local->wowlan)) 1078 return ERR_PTR(-EINVAL); 1079 1080 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION)) 1081 return ERR_PTR(-EINVAL); 1082 1083 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx, 1084 keyconf->keylen, keyconf->key, 1085 0, NULL, NULL); 1086 if (IS_ERR(key)) 1087 return ERR_CAST(key); 1088 1089 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED) 1090 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT; 1091 1092 err = ieee80211_key_link(key, sdata, NULL); 1093 if (err) 1094 return ERR_PTR(err); 1095 1096 return &key->conf; 1097 } 1098 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add); 1099