1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright 2002-2005, Instant802 Networks, Inc. 4 * Copyright 2005-2006, Devicescape Software, Inc. 5 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 6 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net> 7 * Copyright 2013-2014 Intel Mobile Communications GmbH 8 * Copyright 2015-2017 Intel Deutschland GmbH 9 * Copyright 2018-2020, 2022 Intel Corporation 10 */ 11 12 #include <linux/if_ether.h> 13 #include <linux/etherdevice.h> 14 #include <linux/list.h> 15 #include <linux/rcupdate.h> 16 #include <linux/rtnetlink.h> 17 #include <linux/slab.h> 18 #include <linux/export.h> 19 #include <net/mac80211.h> 20 #include <crypto/algapi.h> 21 #include <asm/unaligned.h> 22 #include "ieee80211_i.h" 23 #include "driver-ops.h" 24 #include "debugfs_key.h" 25 #include "aes_ccm.h" 26 #include "aes_cmac.h" 27 #include "aes_gmac.h" 28 #include "aes_gcm.h" 29 30 31 /** 32 * DOC: Key handling basics 33 * 34 * Key handling in mac80211 is done based on per-interface (sub_if_data) 35 * keys and per-station keys. Since each station belongs to an interface, 36 * each station key also belongs to that interface. 37 * 38 * Hardware acceleration is done on a best-effort basis for algorithms 39 * that are implemented in software, for each key the hardware is asked 40 * to enable that key for offloading but if it cannot do that the key is 41 * simply kept for software encryption (unless it is for an algorithm 42 * that isn't implemented in software). 43 * There is currently no way of knowing whether a key is handled in SW 44 * or HW except by looking into debugfs. 45 * 46 * All key management is internally protected by a mutex. Within all 47 * other parts of mac80211, key references are, just as STA structure 48 * references, protected by RCU. Note, however, that some things are 49 * unprotected, namely the key->sta dereferences within the hardware 50 * acceleration functions. This means that sta_info_destroy() must 51 * remove the key which waits for an RCU grace period. 52 */ 53 54 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 55 56 static void assert_key_lock(struct ieee80211_local *local) 57 { 58 lockdep_assert_held(&local->key_mtx); 59 } 60 61 static void 62 update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta) 63 { 64 struct ieee80211_sub_if_data *vlan; 65 66 if (sdata->vif.type != NL80211_IFTYPE_AP) 67 return; 68 69 /* crypto_tx_tailroom_needed_cnt is protected by this */ 70 assert_key_lock(sdata->local); 71 72 rcu_read_lock(); 73 74 list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list) 75 vlan->crypto_tx_tailroom_needed_cnt += delta; 76 77 rcu_read_unlock(); 78 } 79 80 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata) 81 { 82 /* 83 * When this count is zero, SKB resizing for allocating tailroom 84 * for IV or MMIC is skipped. But, this check has created two race 85 * cases in xmit path while transiting from zero count to one: 86 * 87 * 1. SKB resize was skipped because no key was added but just before 88 * the xmit key is added and SW encryption kicks off. 89 * 90 * 2. SKB resize was skipped because all the keys were hw planted but 91 * just before xmit one of the key is deleted and SW encryption kicks 92 * off. 93 * 94 * In both the above case SW encryption will find not enough space for 95 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c) 96 * 97 * Solution has been explained at 98 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net 99 */ 100 101 assert_key_lock(sdata->local); 102 103 update_vlan_tailroom_need_count(sdata, 1); 104 105 if (!sdata->crypto_tx_tailroom_needed_cnt++) { 106 /* 107 * Flush all XMIT packets currently using HW encryption or no 108 * encryption at all if the count transition is from 0 -> 1. 109 */ 110 synchronize_net(); 111 } 112 } 113 114 static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata, 115 int delta) 116 { 117 assert_key_lock(sdata->local); 118 119 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta); 120 121 update_vlan_tailroom_need_count(sdata, -delta); 122 sdata->crypto_tx_tailroom_needed_cnt -= delta; 123 } 124 125 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key) 126 { 127 struct ieee80211_sub_if_data *sdata = key->sdata; 128 struct sta_info *sta; 129 int ret = -EOPNOTSUPP; 130 131 might_sleep(); 132 133 if (key->flags & KEY_FLAG_TAINTED) { 134 /* If we get here, it's during resume and the key is 135 * tainted so shouldn't be used/programmed any more. 136 * However, its flags may still indicate that it was 137 * programmed into the device (since we're in resume) 138 * so clear that flag now to avoid trying to remove 139 * it again later. 140 */ 141 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE && 142 !(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 143 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 144 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 145 increment_tailroom_need_count(sdata); 146 147 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 148 return -EINVAL; 149 } 150 151 if (!key->local->ops->set_key) 152 goto out_unsupported; 153 154 assert_key_lock(key->local); 155 156 sta = key->sta; 157 158 /* 159 * If this is a per-STA GTK, check if it 160 * is supported; if not, return. 161 */ 162 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) && 163 !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK)) 164 goto out_unsupported; 165 166 if (sta && !sta->uploaded) 167 goto out_unsupported; 168 169 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 170 /* 171 * The driver doesn't know anything about VLAN interfaces. 172 * Hence, don't send GTKs for VLAN interfaces to the driver. 173 */ 174 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) { 175 ret = 1; 176 goto out_unsupported; 177 } 178 } 179 180 ret = drv_set_key(key->local, SET_KEY, sdata, 181 sta ? &sta->sta : NULL, &key->conf); 182 183 if (!ret) { 184 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; 185 186 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 187 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 188 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 189 decrease_tailroom_need_count(sdata, 1); 190 191 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) && 192 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)); 193 194 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_MIC_SPACE) && 195 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC)); 196 197 return 0; 198 } 199 200 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1) 201 sdata_err(sdata, 202 "failed to set key (%d, %pM) to hardware (%d)\n", 203 key->conf.keyidx, 204 sta ? sta->sta.addr : bcast_addr, ret); 205 206 out_unsupported: 207 switch (key->conf.cipher) { 208 case WLAN_CIPHER_SUITE_WEP40: 209 case WLAN_CIPHER_SUITE_WEP104: 210 case WLAN_CIPHER_SUITE_TKIP: 211 case WLAN_CIPHER_SUITE_CCMP: 212 case WLAN_CIPHER_SUITE_CCMP_256: 213 case WLAN_CIPHER_SUITE_GCMP: 214 case WLAN_CIPHER_SUITE_GCMP_256: 215 case WLAN_CIPHER_SUITE_AES_CMAC: 216 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 217 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 218 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 219 /* all of these we can do in software - if driver can */ 220 if (ret == 1) 221 return 0; 222 if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL)) 223 return -EINVAL; 224 return 0; 225 default: 226 return -EINVAL; 227 } 228 } 229 230 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key) 231 { 232 struct ieee80211_sub_if_data *sdata; 233 struct sta_info *sta; 234 int ret; 235 236 might_sleep(); 237 238 if (!key || !key->local->ops->set_key) 239 return; 240 241 assert_key_lock(key->local); 242 243 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 244 return; 245 246 sta = key->sta; 247 sdata = key->sdata; 248 249 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 250 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 251 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 252 increment_tailroom_need_count(sdata); 253 254 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 255 ret = drv_set_key(key->local, DISABLE_KEY, sdata, 256 sta ? &sta->sta : NULL, &key->conf); 257 258 if (ret) 259 sdata_err(sdata, 260 "failed to remove key (%d, %pM) from hardware (%d)\n", 261 key->conf.keyidx, 262 sta ? sta->sta.addr : bcast_addr, ret); 263 } 264 265 static int _ieee80211_set_tx_key(struct ieee80211_key *key, bool force) 266 { 267 struct sta_info *sta = key->sta; 268 struct ieee80211_local *local = key->local; 269 270 assert_key_lock(local); 271 272 set_sta_flag(sta, WLAN_STA_USES_ENCRYPTION); 273 274 sta->ptk_idx = key->conf.keyidx; 275 276 if (force || !ieee80211_hw_check(&local->hw, AMPDU_KEYBORDER_SUPPORT)) 277 clear_sta_flag(sta, WLAN_STA_BLOCK_BA); 278 ieee80211_check_fast_xmit(sta); 279 280 return 0; 281 } 282 283 int ieee80211_set_tx_key(struct ieee80211_key *key) 284 { 285 return _ieee80211_set_tx_key(key, false); 286 } 287 288 static void ieee80211_pairwise_rekey(struct ieee80211_key *old, 289 struct ieee80211_key *new) 290 { 291 struct ieee80211_local *local = new->local; 292 struct sta_info *sta = new->sta; 293 int i; 294 295 assert_key_lock(local); 296 297 if (new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX) { 298 /* Extended Key ID key install, initial one or rekey */ 299 300 if (sta->ptk_idx != INVALID_PTK_KEYIDX && 301 !ieee80211_hw_check(&local->hw, AMPDU_KEYBORDER_SUPPORT)) { 302 /* Aggregation Sessions with Extended Key ID must not 303 * mix MPDUs with different keyIDs within one A-MPDU. 304 * Tear down running Tx aggregation sessions and block 305 * new Rx/Tx aggregation requests during rekey to 306 * ensure there are no A-MPDUs when the driver is not 307 * supporting A-MPDU key borders. (Blocking Tx only 308 * would be sufficient but WLAN_STA_BLOCK_BA gets the 309 * job done for the few ms we need it.) 310 */ 311 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 312 mutex_lock(&sta->ampdu_mlme.mtx); 313 for (i = 0; i < IEEE80211_NUM_TIDS; i++) 314 ___ieee80211_stop_tx_ba_session(sta, i, 315 AGG_STOP_LOCAL_REQUEST); 316 mutex_unlock(&sta->ampdu_mlme.mtx); 317 } 318 } else if (old) { 319 /* Rekey without Extended Key ID. 320 * Aggregation sessions are OK when running on SW crypto. 321 * A broken remote STA may cause issues not observed with HW 322 * crypto, though. 323 */ 324 if (!(old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 325 return; 326 327 /* Stop Tx till we are on the new key */ 328 old->flags |= KEY_FLAG_TAINTED; 329 ieee80211_clear_fast_xmit(sta); 330 if (ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION)) { 331 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 332 ieee80211_sta_tear_down_BA_sessions(sta, 333 AGG_STOP_LOCAL_REQUEST); 334 } 335 if (!wiphy_ext_feature_isset(local->hw.wiphy, 336 NL80211_EXT_FEATURE_CAN_REPLACE_PTK0)) { 337 pr_warn_ratelimited("Rekeying PTK for STA %pM but driver can't safely do that.", 338 sta->sta.addr); 339 /* Flushing the driver queues *may* help prevent 340 * the clear text leaks and freezes. 341 */ 342 ieee80211_flush_queues(local, old->sdata, false); 343 } 344 } 345 } 346 347 static void __ieee80211_set_default_key(struct ieee80211_link_data *link, 348 int idx, bool uni, bool multi) 349 { 350 struct ieee80211_sub_if_data *sdata = link->sdata; 351 struct ieee80211_key *key = NULL; 352 353 assert_key_lock(sdata->local); 354 355 if (idx >= 0 && idx < NUM_DEFAULT_KEYS) { 356 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 357 if (!key) 358 key = key_mtx_dereference(sdata->local, link->gtk[idx]); 359 } 360 361 if (uni) { 362 rcu_assign_pointer(sdata->default_unicast_key, key); 363 ieee80211_check_fast_xmit_iface(sdata); 364 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN) 365 drv_set_default_unicast_key(sdata->local, sdata, idx); 366 } 367 368 if (multi) 369 rcu_assign_pointer(link->default_multicast_key, key); 370 371 ieee80211_debugfs_key_update_default(sdata); 372 } 373 374 void ieee80211_set_default_key(struct ieee80211_link_data *link, int idx, 375 bool uni, bool multi) 376 { 377 mutex_lock(&link->sdata->local->key_mtx); 378 __ieee80211_set_default_key(link, idx, uni, multi); 379 mutex_unlock(&link->sdata->local->key_mtx); 380 } 381 382 static void 383 __ieee80211_set_default_mgmt_key(struct ieee80211_link_data *link, int idx) 384 { 385 struct ieee80211_sub_if_data *sdata = link->sdata; 386 struct ieee80211_key *key = NULL; 387 388 assert_key_lock(sdata->local); 389 390 if (idx >= NUM_DEFAULT_KEYS && 391 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) 392 key = key_mtx_dereference(sdata->local, link->gtk[idx]); 393 394 rcu_assign_pointer(link->default_mgmt_key, key); 395 396 ieee80211_debugfs_key_update_default(sdata); 397 } 398 399 void ieee80211_set_default_mgmt_key(struct ieee80211_link_data *link, 400 int idx) 401 { 402 mutex_lock(&link->sdata->local->key_mtx); 403 __ieee80211_set_default_mgmt_key(link, idx); 404 mutex_unlock(&link->sdata->local->key_mtx); 405 } 406 407 static void 408 __ieee80211_set_default_beacon_key(struct ieee80211_link_data *link, int idx) 409 { 410 struct ieee80211_sub_if_data *sdata = link->sdata; 411 struct ieee80211_key *key = NULL; 412 413 assert_key_lock(sdata->local); 414 415 if (idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS && 416 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS + 417 NUM_DEFAULT_BEACON_KEYS) 418 key = key_mtx_dereference(sdata->local, link->gtk[idx]); 419 420 rcu_assign_pointer(link->default_beacon_key, key); 421 422 ieee80211_debugfs_key_update_default(sdata); 423 } 424 425 void ieee80211_set_default_beacon_key(struct ieee80211_link_data *link, 426 int idx) 427 { 428 mutex_lock(&link->sdata->local->key_mtx); 429 __ieee80211_set_default_beacon_key(link, idx); 430 mutex_unlock(&link->sdata->local->key_mtx); 431 } 432 433 static int ieee80211_key_replace(struct ieee80211_sub_if_data *sdata, 434 struct ieee80211_link_data *link, 435 struct sta_info *sta, 436 bool pairwise, 437 struct ieee80211_key *old, 438 struct ieee80211_key *new) 439 { 440 struct link_sta_info *link_sta = sta ? &sta->deflink : NULL; 441 int link_id; 442 int idx; 443 int ret = 0; 444 bool defunikey, defmultikey, defmgmtkey, defbeaconkey; 445 bool is_wep; 446 447 /* caller must provide at least one old/new */ 448 if (WARN_ON(!new && !old)) 449 return 0; 450 451 if (new) { 452 idx = new->conf.keyidx; 453 is_wep = new->conf.cipher == WLAN_CIPHER_SUITE_WEP40 || 454 new->conf.cipher == WLAN_CIPHER_SUITE_WEP104; 455 link_id = new->conf.link_id; 456 } else { 457 idx = old->conf.keyidx; 458 is_wep = old->conf.cipher == WLAN_CIPHER_SUITE_WEP40 || 459 old->conf.cipher == WLAN_CIPHER_SUITE_WEP104; 460 link_id = old->conf.link_id; 461 } 462 463 if (WARN(old && old->conf.link_id != link_id, 464 "old link ID %d doesn't match new link ID %d\n", 465 old->conf.link_id, link_id)) 466 return -EINVAL; 467 468 if (link_id >= 0) { 469 if (!link) { 470 link = sdata_dereference(sdata->link[link_id], sdata); 471 if (!link) 472 return -ENOLINK; 473 } 474 475 if (sta) { 476 link_sta = rcu_dereference_protected(sta->link[link_id], 477 lockdep_is_held(&sta->local->sta_mtx)); 478 if (!link_sta) 479 return -ENOLINK; 480 } 481 } else { 482 link = &sdata->deflink; 483 } 484 485 if ((is_wep || pairwise) && idx >= NUM_DEFAULT_KEYS) 486 return -EINVAL; 487 488 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx); 489 490 if (new && sta && pairwise) { 491 /* Unicast rekey needs special handling. With Extended Key ID 492 * old is still NULL for the first rekey. 493 */ 494 ieee80211_pairwise_rekey(old, new); 495 } 496 497 if (old) { 498 if (old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 499 ieee80211_key_disable_hw_accel(old); 500 501 if (new) 502 ret = ieee80211_key_enable_hw_accel(new); 503 } 504 } else { 505 if (!new->local->wowlan) 506 ret = ieee80211_key_enable_hw_accel(new); 507 } 508 509 if (ret) 510 return ret; 511 512 if (new) 513 list_add_tail_rcu(&new->list, &sdata->key_list); 514 515 if (sta) { 516 if (pairwise) { 517 rcu_assign_pointer(sta->ptk[idx], new); 518 if (new && 519 !(new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX)) 520 _ieee80211_set_tx_key(new, true); 521 } else { 522 rcu_assign_pointer(link_sta->gtk[idx], new); 523 } 524 /* Only needed for transition from no key -> key. 525 * Still triggers unnecessary when using Extended Key ID 526 * and installing the second key ID the first time. 527 */ 528 if (new && !old) 529 ieee80211_check_fast_rx(sta); 530 } else { 531 defunikey = old && 532 old == key_mtx_dereference(sdata->local, 533 sdata->default_unicast_key); 534 defmultikey = old && 535 old == key_mtx_dereference(sdata->local, 536 link->default_multicast_key); 537 defmgmtkey = old && 538 old == key_mtx_dereference(sdata->local, 539 link->default_mgmt_key); 540 defbeaconkey = old && 541 old == key_mtx_dereference(sdata->local, 542 link->default_beacon_key); 543 544 if (defunikey && !new) 545 __ieee80211_set_default_key(link, -1, true, false); 546 if (defmultikey && !new) 547 __ieee80211_set_default_key(link, -1, false, true); 548 if (defmgmtkey && !new) 549 __ieee80211_set_default_mgmt_key(link, -1); 550 if (defbeaconkey && !new) 551 __ieee80211_set_default_beacon_key(link, -1); 552 553 if (is_wep || pairwise) 554 rcu_assign_pointer(sdata->keys[idx], new); 555 else 556 rcu_assign_pointer(link->gtk[idx], new); 557 558 if (defunikey && new) 559 __ieee80211_set_default_key(link, new->conf.keyidx, 560 true, false); 561 if (defmultikey && new) 562 __ieee80211_set_default_key(link, new->conf.keyidx, 563 false, true); 564 if (defmgmtkey && new) 565 __ieee80211_set_default_mgmt_key(link, 566 new->conf.keyidx); 567 if (defbeaconkey && new) 568 __ieee80211_set_default_beacon_key(link, 569 new->conf.keyidx); 570 } 571 572 if (old) 573 list_del_rcu(&old->list); 574 575 return 0; 576 } 577 578 struct ieee80211_key * 579 ieee80211_key_alloc(u32 cipher, int idx, size_t key_len, 580 const u8 *key_data, 581 size_t seq_len, const u8 *seq) 582 { 583 struct ieee80211_key *key; 584 int i, j, err; 585 586 if (WARN_ON(idx < 0 || 587 idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS + 588 NUM_DEFAULT_BEACON_KEYS)) 589 return ERR_PTR(-EINVAL); 590 591 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL); 592 if (!key) 593 return ERR_PTR(-ENOMEM); 594 595 /* 596 * Default to software encryption; we'll later upload the 597 * key to the hardware if possible. 598 */ 599 key->conf.flags = 0; 600 key->flags = 0; 601 602 key->conf.link_id = -1; 603 key->conf.cipher = cipher; 604 key->conf.keyidx = idx; 605 key->conf.keylen = key_len; 606 switch (cipher) { 607 case WLAN_CIPHER_SUITE_WEP40: 608 case WLAN_CIPHER_SUITE_WEP104: 609 key->conf.iv_len = IEEE80211_WEP_IV_LEN; 610 key->conf.icv_len = IEEE80211_WEP_ICV_LEN; 611 break; 612 case WLAN_CIPHER_SUITE_TKIP: 613 key->conf.iv_len = IEEE80211_TKIP_IV_LEN; 614 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN; 615 if (seq) { 616 for (i = 0; i < IEEE80211_NUM_TIDS; i++) { 617 key->u.tkip.rx[i].iv32 = 618 get_unaligned_le32(&seq[2]); 619 key->u.tkip.rx[i].iv16 = 620 get_unaligned_le16(seq); 621 } 622 } 623 spin_lock_init(&key->u.tkip.txlock); 624 break; 625 case WLAN_CIPHER_SUITE_CCMP: 626 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN; 627 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN; 628 if (seq) { 629 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 630 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++) 631 key->u.ccmp.rx_pn[i][j] = 632 seq[IEEE80211_CCMP_PN_LEN - j - 1]; 633 } 634 /* 635 * Initialize AES key state here as an optimization so that 636 * it does not need to be initialized for every packet. 637 */ 638 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 639 key_data, key_len, IEEE80211_CCMP_MIC_LEN); 640 if (IS_ERR(key->u.ccmp.tfm)) { 641 err = PTR_ERR(key->u.ccmp.tfm); 642 kfree(key); 643 return ERR_PTR(err); 644 } 645 break; 646 case WLAN_CIPHER_SUITE_CCMP_256: 647 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN; 648 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN; 649 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 650 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++) 651 key->u.ccmp.rx_pn[i][j] = 652 seq[IEEE80211_CCMP_256_PN_LEN - j - 1]; 653 /* Initialize AES key state here as an optimization so that 654 * it does not need to be initialized for every packet. 655 */ 656 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 657 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN); 658 if (IS_ERR(key->u.ccmp.tfm)) { 659 err = PTR_ERR(key->u.ccmp.tfm); 660 kfree(key); 661 return ERR_PTR(err); 662 } 663 break; 664 case WLAN_CIPHER_SUITE_AES_CMAC: 665 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 666 key->conf.iv_len = 0; 667 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC) 668 key->conf.icv_len = sizeof(struct ieee80211_mmie); 669 else 670 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 671 if (seq) 672 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++) 673 key->u.aes_cmac.rx_pn[j] = 674 seq[IEEE80211_CMAC_PN_LEN - j - 1]; 675 /* 676 * Initialize AES key state here as an optimization so that 677 * it does not need to be initialized for every packet. 678 */ 679 key->u.aes_cmac.tfm = 680 ieee80211_aes_cmac_key_setup(key_data, key_len); 681 if (IS_ERR(key->u.aes_cmac.tfm)) { 682 err = PTR_ERR(key->u.aes_cmac.tfm); 683 kfree(key); 684 return ERR_PTR(err); 685 } 686 break; 687 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 688 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 689 key->conf.iv_len = 0; 690 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 691 if (seq) 692 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++) 693 key->u.aes_gmac.rx_pn[j] = 694 seq[IEEE80211_GMAC_PN_LEN - j - 1]; 695 /* Initialize AES key state here as an optimization so that 696 * it does not need to be initialized for every packet. 697 */ 698 key->u.aes_gmac.tfm = 699 ieee80211_aes_gmac_key_setup(key_data, key_len); 700 if (IS_ERR(key->u.aes_gmac.tfm)) { 701 err = PTR_ERR(key->u.aes_gmac.tfm); 702 kfree(key); 703 return ERR_PTR(err); 704 } 705 break; 706 case WLAN_CIPHER_SUITE_GCMP: 707 case WLAN_CIPHER_SUITE_GCMP_256: 708 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN; 709 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN; 710 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 711 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++) 712 key->u.gcmp.rx_pn[i][j] = 713 seq[IEEE80211_GCMP_PN_LEN - j - 1]; 714 /* Initialize AES key state here as an optimization so that 715 * it does not need to be initialized for every packet. 716 */ 717 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data, 718 key_len); 719 if (IS_ERR(key->u.gcmp.tfm)) { 720 err = PTR_ERR(key->u.gcmp.tfm); 721 kfree(key); 722 return ERR_PTR(err); 723 } 724 break; 725 } 726 memcpy(key->conf.key, key_data, key_len); 727 INIT_LIST_HEAD(&key->list); 728 729 return key; 730 } 731 732 static void ieee80211_key_free_common(struct ieee80211_key *key) 733 { 734 switch (key->conf.cipher) { 735 case WLAN_CIPHER_SUITE_CCMP: 736 case WLAN_CIPHER_SUITE_CCMP_256: 737 ieee80211_aes_key_free(key->u.ccmp.tfm); 738 break; 739 case WLAN_CIPHER_SUITE_AES_CMAC: 740 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 741 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm); 742 break; 743 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 744 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 745 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm); 746 break; 747 case WLAN_CIPHER_SUITE_GCMP: 748 case WLAN_CIPHER_SUITE_GCMP_256: 749 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm); 750 break; 751 } 752 kfree_sensitive(key); 753 } 754 755 static void __ieee80211_key_destroy(struct ieee80211_key *key, 756 bool delay_tailroom) 757 { 758 if (key->local) { 759 struct ieee80211_sub_if_data *sdata = key->sdata; 760 761 ieee80211_debugfs_key_remove(key); 762 763 if (delay_tailroom) { 764 /* see ieee80211_delayed_tailroom_dec */ 765 sdata->crypto_tx_tailroom_pending_dec++; 766 schedule_delayed_work(&sdata->dec_tailroom_needed_wk, 767 HZ/2); 768 } else { 769 decrease_tailroom_need_count(sdata, 1); 770 } 771 } 772 773 ieee80211_key_free_common(key); 774 } 775 776 static void ieee80211_key_destroy(struct ieee80211_key *key, 777 bool delay_tailroom) 778 { 779 if (!key) 780 return; 781 782 /* 783 * Synchronize so the TX path and rcu key iterators 784 * can no longer be using this key before we free/remove it. 785 */ 786 synchronize_net(); 787 788 __ieee80211_key_destroy(key, delay_tailroom); 789 } 790 791 void ieee80211_key_free_unused(struct ieee80211_key *key) 792 { 793 WARN_ON(key->sdata || key->local); 794 ieee80211_key_free_common(key); 795 } 796 797 static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata, 798 struct ieee80211_key *old, 799 struct ieee80211_key *new) 800 { 801 u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP]; 802 u8 *tk_old, *tk_new; 803 804 if (!old || new->conf.keylen != old->conf.keylen) 805 return false; 806 807 tk_old = old->conf.key; 808 tk_new = new->conf.key; 809 810 /* 811 * In station mode, don't compare the TX MIC key, as it's never used 812 * and offloaded rekeying may not care to send it to the host. This 813 * is the case in iwlwifi, for example. 814 */ 815 if (sdata->vif.type == NL80211_IFTYPE_STATION && 816 new->conf.cipher == WLAN_CIPHER_SUITE_TKIP && 817 new->conf.keylen == WLAN_KEY_LEN_TKIP && 818 !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) { 819 memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP); 820 memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP); 821 memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8); 822 memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8); 823 tk_old = tkip_old; 824 tk_new = tkip_new; 825 } 826 827 return !crypto_memneq(tk_old, tk_new, new->conf.keylen); 828 } 829 830 int ieee80211_key_link(struct ieee80211_key *key, 831 struct ieee80211_link_data *link, 832 struct sta_info *sta) 833 { 834 struct ieee80211_sub_if_data *sdata = link->sdata; 835 static atomic_t key_color = ATOMIC_INIT(0); 836 struct ieee80211_key *old_key = NULL; 837 int idx = key->conf.keyidx; 838 bool pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE; 839 /* 840 * We want to delay tailroom updates only for station - in that 841 * case it helps roaming speed, but in other cases it hurts and 842 * can cause warnings to appear. 843 */ 844 bool delay_tailroom = sdata->vif.type == NL80211_IFTYPE_STATION; 845 int ret = -EOPNOTSUPP; 846 847 mutex_lock(&sdata->local->key_mtx); 848 849 if (sta && pairwise) { 850 struct ieee80211_key *alt_key; 851 852 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]); 853 alt_key = key_mtx_dereference(sdata->local, sta->ptk[idx ^ 1]); 854 855 /* The rekey code assumes that the old and new key are using 856 * the same cipher. Enforce the assumption for pairwise keys. 857 */ 858 if ((alt_key && alt_key->conf.cipher != key->conf.cipher) || 859 (old_key && old_key->conf.cipher != key->conf.cipher)) 860 goto out; 861 } else if (sta) { 862 struct link_sta_info *link_sta = &sta->deflink; 863 int link_id = key->conf.link_id; 864 865 if (link_id >= 0) { 866 link_sta = rcu_dereference_protected(sta->link[link_id], 867 lockdep_is_held(&sta->local->sta_mtx)); 868 if (!link_sta) 869 return -ENOLINK; 870 } 871 872 old_key = key_mtx_dereference(sdata->local, link_sta->gtk[idx]); 873 } else { 874 if (idx < NUM_DEFAULT_KEYS) 875 old_key = key_mtx_dereference(sdata->local, 876 sdata->keys[idx]); 877 if (!old_key) 878 old_key = key_mtx_dereference(sdata->local, 879 link->gtk[idx]); 880 } 881 882 /* Non-pairwise keys must also not switch the cipher on rekey */ 883 if (!pairwise) { 884 if (old_key && old_key->conf.cipher != key->conf.cipher) 885 goto out; 886 } 887 888 /* 889 * Silently accept key re-installation without really installing the 890 * new version of the key to avoid nonce reuse or replay issues. 891 */ 892 if (ieee80211_key_identical(sdata, old_key, key)) { 893 ieee80211_key_free_unused(key); 894 ret = 0; 895 goto out; 896 } 897 898 key->local = sdata->local; 899 key->sdata = sdata; 900 key->sta = sta; 901 902 /* 903 * Assign a unique ID to every key so we can easily prevent mixed 904 * key and fragment cache attacks. 905 */ 906 key->color = atomic_inc_return(&key_color); 907 908 increment_tailroom_need_count(sdata); 909 910 ret = ieee80211_key_replace(sdata, link, sta, pairwise, old_key, key); 911 912 if (!ret) { 913 ieee80211_debugfs_key_add(key); 914 ieee80211_key_destroy(old_key, delay_tailroom); 915 } else { 916 ieee80211_key_free(key, delay_tailroom); 917 } 918 919 out: 920 mutex_unlock(&sdata->local->key_mtx); 921 922 return ret; 923 } 924 925 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom) 926 { 927 if (!key) 928 return; 929 930 /* 931 * Replace key with nothingness if it was ever used. 932 */ 933 if (key->sdata) 934 ieee80211_key_replace(key->sdata, NULL, key->sta, 935 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 936 key, NULL); 937 ieee80211_key_destroy(key, delay_tailroom); 938 } 939 940 void ieee80211_reenable_keys(struct ieee80211_sub_if_data *sdata) 941 { 942 struct ieee80211_key *key; 943 struct ieee80211_sub_if_data *vlan; 944 945 lockdep_assert_wiphy(sdata->local->hw.wiphy); 946 947 mutex_lock(&sdata->local->key_mtx); 948 949 sdata->crypto_tx_tailroom_needed_cnt = 0; 950 sdata->crypto_tx_tailroom_pending_dec = 0; 951 952 if (sdata->vif.type == NL80211_IFTYPE_AP) { 953 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) { 954 vlan->crypto_tx_tailroom_needed_cnt = 0; 955 vlan->crypto_tx_tailroom_pending_dec = 0; 956 } 957 } 958 959 if (ieee80211_sdata_running(sdata)) { 960 list_for_each_entry(key, &sdata->key_list, list) { 961 increment_tailroom_need_count(sdata); 962 ieee80211_key_enable_hw_accel(key); 963 } 964 } 965 966 mutex_unlock(&sdata->local->key_mtx); 967 } 968 969 void ieee80211_iter_keys(struct ieee80211_hw *hw, 970 struct ieee80211_vif *vif, 971 void (*iter)(struct ieee80211_hw *hw, 972 struct ieee80211_vif *vif, 973 struct ieee80211_sta *sta, 974 struct ieee80211_key_conf *key, 975 void *data), 976 void *iter_data) 977 { 978 struct ieee80211_local *local = hw_to_local(hw); 979 struct ieee80211_key *key, *tmp; 980 struct ieee80211_sub_if_data *sdata; 981 982 lockdep_assert_wiphy(hw->wiphy); 983 984 mutex_lock(&local->key_mtx); 985 if (vif) { 986 sdata = vif_to_sdata(vif); 987 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) 988 iter(hw, &sdata->vif, 989 key->sta ? &key->sta->sta : NULL, 990 &key->conf, iter_data); 991 } else { 992 list_for_each_entry(sdata, &local->interfaces, list) 993 list_for_each_entry_safe(key, tmp, 994 &sdata->key_list, list) 995 iter(hw, &sdata->vif, 996 key->sta ? &key->sta->sta : NULL, 997 &key->conf, iter_data); 998 } 999 mutex_unlock(&local->key_mtx); 1000 } 1001 EXPORT_SYMBOL(ieee80211_iter_keys); 1002 1003 static void 1004 _ieee80211_iter_keys_rcu(struct ieee80211_hw *hw, 1005 struct ieee80211_sub_if_data *sdata, 1006 void (*iter)(struct ieee80211_hw *hw, 1007 struct ieee80211_vif *vif, 1008 struct ieee80211_sta *sta, 1009 struct ieee80211_key_conf *key, 1010 void *data), 1011 void *iter_data) 1012 { 1013 struct ieee80211_key *key; 1014 1015 list_for_each_entry_rcu(key, &sdata->key_list, list) { 1016 /* skip keys of station in removal process */ 1017 if (key->sta && key->sta->removed) 1018 continue; 1019 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 1020 continue; 1021 1022 iter(hw, &sdata->vif, 1023 key->sta ? &key->sta->sta : NULL, 1024 &key->conf, iter_data); 1025 } 1026 } 1027 1028 void ieee80211_iter_keys_rcu(struct ieee80211_hw *hw, 1029 struct ieee80211_vif *vif, 1030 void (*iter)(struct ieee80211_hw *hw, 1031 struct ieee80211_vif *vif, 1032 struct ieee80211_sta *sta, 1033 struct ieee80211_key_conf *key, 1034 void *data), 1035 void *iter_data) 1036 { 1037 struct ieee80211_local *local = hw_to_local(hw); 1038 struct ieee80211_sub_if_data *sdata; 1039 1040 if (vif) { 1041 sdata = vif_to_sdata(vif); 1042 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data); 1043 } else { 1044 list_for_each_entry_rcu(sdata, &local->interfaces, list) 1045 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data); 1046 } 1047 } 1048 EXPORT_SYMBOL(ieee80211_iter_keys_rcu); 1049 1050 static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata, 1051 struct list_head *keys) 1052 { 1053 struct ieee80211_key *key, *tmp; 1054 1055 decrease_tailroom_need_count(sdata, 1056 sdata->crypto_tx_tailroom_pending_dec); 1057 sdata->crypto_tx_tailroom_pending_dec = 0; 1058 1059 ieee80211_debugfs_key_remove_mgmt_default(sdata); 1060 ieee80211_debugfs_key_remove_beacon_default(sdata); 1061 1062 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) { 1063 ieee80211_key_replace(key->sdata, NULL, key->sta, 1064 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1065 key, NULL); 1066 list_add_tail(&key->list, keys); 1067 } 1068 1069 ieee80211_debugfs_key_update_default(sdata); 1070 } 1071 1072 void ieee80211_remove_link_keys(struct ieee80211_link_data *link, 1073 struct list_head *keys) 1074 { 1075 struct ieee80211_sub_if_data *sdata = link->sdata; 1076 struct ieee80211_local *local = sdata->local; 1077 struct ieee80211_key *key, *tmp; 1078 1079 mutex_lock(&local->key_mtx); 1080 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) { 1081 if (key->conf.link_id != link->link_id) 1082 continue; 1083 ieee80211_key_replace(key->sdata, link, key->sta, 1084 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1085 key, NULL); 1086 list_add_tail(&key->list, keys); 1087 } 1088 mutex_unlock(&local->key_mtx); 1089 } 1090 1091 void ieee80211_free_key_list(struct ieee80211_local *local, 1092 struct list_head *keys) 1093 { 1094 struct ieee80211_key *key, *tmp; 1095 1096 mutex_lock(&local->key_mtx); 1097 list_for_each_entry_safe(key, tmp, keys, list) 1098 __ieee80211_key_destroy(key, false); 1099 mutex_unlock(&local->key_mtx); 1100 } 1101 1102 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata, 1103 bool force_synchronize) 1104 { 1105 struct ieee80211_local *local = sdata->local; 1106 struct ieee80211_sub_if_data *vlan; 1107 struct ieee80211_sub_if_data *master; 1108 struct ieee80211_key *key, *tmp; 1109 LIST_HEAD(keys); 1110 1111 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk); 1112 1113 mutex_lock(&local->key_mtx); 1114 1115 ieee80211_free_keys_iface(sdata, &keys); 1116 1117 if (sdata->vif.type == NL80211_IFTYPE_AP) { 1118 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 1119 ieee80211_free_keys_iface(vlan, &keys); 1120 } 1121 1122 if (!list_empty(&keys) || force_synchronize) 1123 synchronize_net(); 1124 list_for_each_entry_safe(key, tmp, &keys, list) 1125 __ieee80211_key_destroy(key, false); 1126 1127 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 1128 if (sdata->bss) { 1129 master = container_of(sdata->bss, 1130 struct ieee80211_sub_if_data, 1131 u.ap); 1132 1133 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt != 1134 master->crypto_tx_tailroom_needed_cnt); 1135 } 1136 } else { 1137 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt || 1138 sdata->crypto_tx_tailroom_pending_dec); 1139 } 1140 1141 if (sdata->vif.type == NL80211_IFTYPE_AP) { 1142 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 1143 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt || 1144 vlan->crypto_tx_tailroom_pending_dec); 1145 } 1146 1147 mutex_unlock(&local->key_mtx); 1148 } 1149 1150 void ieee80211_free_sta_keys(struct ieee80211_local *local, 1151 struct sta_info *sta) 1152 { 1153 struct ieee80211_key *key; 1154 int i; 1155 1156 mutex_lock(&local->key_mtx); 1157 for (i = 0; i < ARRAY_SIZE(sta->deflink.gtk); i++) { 1158 key = key_mtx_dereference(local, sta->deflink.gtk[i]); 1159 if (!key) 1160 continue; 1161 ieee80211_key_replace(key->sdata, NULL, key->sta, 1162 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1163 key, NULL); 1164 __ieee80211_key_destroy(key, key->sdata->vif.type == 1165 NL80211_IFTYPE_STATION); 1166 } 1167 1168 for (i = 0; i < NUM_DEFAULT_KEYS; i++) { 1169 key = key_mtx_dereference(local, sta->ptk[i]); 1170 if (!key) 1171 continue; 1172 ieee80211_key_replace(key->sdata, NULL, key->sta, 1173 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1174 key, NULL); 1175 __ieee80211_key_destroy(key, key->sdata->vif.type == 1176 NL80211_IFTYPE_STATION); 1177 } 1178 1179 mutex_unlock(&local->key_mtx); 1180 } 1181 1182 void ieee80211_delayed_tailroom_dec(struct work_struct *wk) 1183 { 1184 struct ieee80211_sub_if_data *sdata; 1185 1186 sdata = container_of(wk, struct ieee80211_sub_if_data, 1187 dec_tailroom_needed_wk.work); 1188 1189 /* 1190 * The reason for the delayed tailroom needed decrementing is to 1191 * make roaming faster: during roaming, all keys are first deleted 1192 * and then new keys are installed. The first new key causes the 1193 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes 1194 * the cost of synchronize_net() (which can be slow). Avoid this 1195 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on 1196 * key removal for a while, so if we roam the value is larger than 1197 * zero and no 0->1 transition happens. 1198 * 1199 * The cost is that if the AP switching was from an AP with keys 1200 * to one without, we still allocate tailroom while it would no 1201 * longer be needed. However, in the typical (fast) roaming case 1202 * within an ESS this usually won't happen. 1203 */ 1204 1205 mutex_lock(&sdata->local->key_mtx); 1206 decrease_tailroom_need_count(sdata, 1207 sdata->crypto_tx_tailroom_pending_dec); 1208 sdata->crypto_tx_tailroom_pending_dec = 0; 1209 mutex_unlock(&sdata->local->key_mtx); 1210 } 1211 1212 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid, 1213 const u8 *replay_ctr, gfp_t gfp) 1214 { 1215 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1216 1217 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr); 1218 1219 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp); 1220 } 1221 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify); 1222 1223 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf, 1224 int tid, struct ieee80211_key_seq *seq) 1225 { 1226 struct ieee80211_key *key; 1227 const u8 *pn; 1228 1229 key = container_of(keyconf, struct ieee80211_key, conf); 1230 1231 switch (key->conf.cipher) { 1232 case WLAN_CIPHER_SUITE_TKIP: 1233 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 1234 return; 1235 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32; 1236 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16; 1237 break; 1238 case WLAN_CIPHER_SUITE_CCMP: 1239 case WLAN_CIPHER_SUITE_CCMP_256: 1240 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1241 return; 1242 if (tid < 0) 1243 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 1244 else 1245 pn = key->u.ccmp.rx_pn[tid]; 1246 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN); 1247 break; 1248 case WLAN_CIPHER_SUITE_AES_CMAC: 1249 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1250 if (WARN_ON(tid != 0)) 1251 return; 1252 pn = key->u.aes_cmac.rx_pn; 1253 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN); 1254 break; 1255 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1256 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1257 if (WARN_ON(tid != 0)) 1258 return; 1259 pn = key->u.aes_gmac.rx_pn; 1260 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN); 1261 break; 1262 case WLAN_CIPHER_SUITE_GCMP: 1263 case WLAN_CIPHER_SUITE_GCMP_256: 1264 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1265 return; 1266 if (tid < 0) 1267 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 1268 else 1269 pn = key->u.gcmp.rx_pn[tid]; 1270 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN); 1271 break; 1272 } 1273 } 1274 EXPORT_SYMBOL(ieee80211_get_key_rx_seq); 1275 1276 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf, 1277 int tid, struct ieee80211_key_seq *seq) 1278 { 1279 struct ieee80211_key *key; 1280 u8 *pn; 1281 1282 key = container_of(keyconf, struct ieee80211_key, conf); 1283 1284 switch (key->conf.cipher) { 1285 case WLAN_CIPHER_SUITE_TKIP: 1286 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 1287 return; 1288 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32; 1289 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16; 1290 break; 1291 case WLAN_CIPHER_SUITE_CCMP: 1292 case WLAN_CIPHER_SUITE_CCMP_256: 1293 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1294 return; 1295 if (tid < 0) 1296 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 1297 else 1298 pn = key->u.ccmp.rx_pn[tid]; 1299 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN); 1300 break; 1301 case WLAN_CIPHER_SUITE_AES_CMAC: 1302 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1303 if (WARN_ON(tid != 0)) 1304 return; 1305 pn = key->u.aes_cmac.rx_pn; 1306 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN); 1307 break; 1308 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1309 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1310 if (WARN_ON(tid != 0)) 1311 return; 1312 pn = key->u.aes_gmac.rx_pn; 1313 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN); 1314 break; 1315 case WLAN_CIPHER_SUITE_GCMP: 1316 case WLAN_CIPHER_SUITE_GCMP_256: 1317 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1318 return; 1319 if (tid < 0) 1320 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 1321 else 1322 pn = key->u.gcmp.rx_pn[tid]; 1323 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN); 1324 break; 1325 default: 1326 WARN_ON(1); 1327 break; 1328 } 1329 } 1330 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq); 1331 1332 void ieee80211_remove_key(struct ieee80211_key_conf *keyconf) 1333 { 1334 struct ieee80211_key *key; 1335 1336 key = container_of(keyconf, struct ieee80211_key, conf); 1337 1338 assert_key_lock(key->local); 1339 1340 /* 1341 * if key was uploaded, we assume the driver will/has remove(d) 1342 * it, so adjust bookkeeping accordingly 1343 */ 1344 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 1345 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 1346 1347 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 1348 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 1349 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 1350 increment_tailroom_need_count(key->sdata); 1351 } 1352 1353 ieee80211_key_free(key, false); 1354 } 1355 EXPORT_SYMBOL_GPL(ieee80211_remove_key); 1356 1357 struct ieee80211_key_conf * 1358 ieee80211_gtk_rekey_add(struct ieee80211_vif *vif, 1359 struct ieee80211_key_conf *keyconf) 1360 { 1361 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1362 struct ieee80211_local *local = sdata->local; 1363 struct ieee80211_key *key; 1364 int err; 1365 1366 if (WARN_ON(!local->wowlan)) 1367 return ERR_PTR(-EINVAL); 1368 1369 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION)) 1370 return ERR_PTR(-EINVAL); 1371 1372 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx, 1373 keyconf->keylen, keyconf->key, 1374 0, NULL); 1375 if (IS_ERR(key)) 1376 return ERR_CAST(key); 1377 1378 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED) 1379 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT; 1380 1381 /* FIXME: this function needs to get a link ID */ 1382 err = ieee80211_key_link(key, &sdata->deflink, NULL); 1383 if (err) 1384 return ERR_PTR(err); 1385 1386 return &key->conf; 1387 } 1388 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add); 1389 1390 void ieee80211_key_mic_failure(struct ieee80211_key_conf *keyconf) 1391 { 1392 struct ieee80211_key *key; 1393 1394 key = container_of(keyconf, struct ieee80211_key, conf); 1395 1396 switch (key->conf.cipher) { 1397 case WLAN_CIPHER_SUITE_AES_CMAC: 1398 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1399 key->u.aes_cmac.icverrors++; 1400 break; 1401 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1402 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1403 key->u.aes_gmac.icverrors++; 1404 break; 1405 default: 1406 /* ignore the others for now, we don't keep counters now */ 1407 break; 1408 } 1409 } 1410 EXPORT_SYMBOL_GPL(ieee80211_key_mic_failure); 1411 1412 void ieee80211_key_replay(struct ieee80211_key_conf *keyconf) 1413 { 1414 struct ieee80211_key *key; 1415 1416 key = container_of(keyconf, struct ieee80211_key, conf); 1417 1418 switch (key->conf.cipher) { 1419 case WLAN_CIPHER_SUITE_CCMP: 1420 case WLAN_CIPHER_SUITE_CCMP_256: 1421 key->u.ccmp.replays++; 1422 break; 1423 case WLAN_CIPHER_SUITE_AES_CMAC: 1424 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1425 key->u.aes_cmac.replays++; 1426 break; 1427 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1428 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1429 key->u.aes_gmac.replays++; 1430 break; 1431 case WLAN_CIPHER_SUITE_GCMP: 1432 case WLAN_CIPHER_SUITE_GCMP_256: 1433 key->u.gcmp.replays++; 1434 break; 1435 } 1436 } 1437 EXPORT_SYMBOL_GPL(ieee80211_key_replay); 1438