1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright 2002-2005, Instant802 Networks, Inc. 4 * Copyright 2005-2006, Devicescape Software, Inc. 5 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 6 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net> 7 * Copyright 2013-2014 Intel Mobile Communications GmbH 8 * Copyright 2015-2017 Intel Deutschland GmbH 9 * Copyright 2018-2020, 2022 Intel Corporation 10 */ 11 12 #include <linux/if_ether.h> 13 #include <linux/etherdevice.h> 14 #include <linux/list.h> 15 #include <linux/rcupdate.h> 16 #include <linux/rtnetlink.h> 17 #include <linux/slab.h> 18 #include <linux/export.h> 19 #include <net/mac80211.h> 20 #include <crypto/algapi.h> 21 #include <asm/unaligned.h> 22 #include "ieee80211_i.h" 23 #include "driver-ops.h" 24 #include "debugfs_key.h" 25 #include "aes_ccm.h" 26 #include "aes_cmac.h" 27 #include "aes_gmac.h" 28 #include "aes_gcm.h" 29 30 31 /** 32 * DOC: Key handling basics 33 * 34 * Key handling in mac80211 is done based on per-interface (sub_if_data) 35 * keys and per-station keys. Since each station belongs to an interface, 36 * each station key also belongs to that interface. 37 * 38 * Hardware acceleration is done on a best-effort basis for algorithms 39 * that are implemented in software, for each key the hardware is asked 40 * to enable that key for offloading but if it cannot do that the key is 41 * simply kept for software encryption (unless it is for an algorithm 42 * that isn't implemented in software). 43 * There is currently no way of knowing whether a key is handled in SW 44 * or HW except by looking into debugfs. 45 * 46 * All key management is internally protected by a mutex. Within all 47 * other parts of mac80211, key references are, just as STA structure 48 * references, protected by RCU. Note, however, that some things are 49 * unprotected, namely the key->sta dereferences within the hardware 50 * acceleration functions. This means that sta_info_destroy() must 51 * remove the key which waits for an RCU grace period. 52 */ 53 54 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 55 56 static void assert_key_lock(struct ieee80211_local *local) 57 { 58 lockdep_assert_held(&local->key_mtx); 59 } 60 61 static void 62 update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta) 63 { 64 struct ieee80211_sub_if_data *vlan; 65 66 if (sdata->vif.type != NL80211_IFTYPE_AP) 67 return; 68 69 /* crypto_tx_tailroom_needed_cnt is protected by this */ 70 assert_key_lock(sdata->local); 71 72 rcu_read_lock(); 73 74 list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list) 75 vlan->crypto_tx_tailroom_needed_cnt += delta; 76 77 rcu_read_unlock(); 78 } 79 80 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata) 81 { 82 /* 83 * When this count is zero, SKB resizing for allocating tailroom 84 * for IV or MMIC is skipped. But, this check has created two race 85 * cases in xmit path while transiting from zero count to one: 86 * 87 * 1. SKB resize was skipped because no key was added but just before 88 * the xmit key is added and SW encryption kicks off. 89 * 90 * 2. SKB resize was skipped because all the keys were hw planted but 91 * just before xmit one of the key is deleted and SW encryption kicks 92 * off. 93 * 94 * In both the above case SW encryption will find not enough space for 95 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c) 96 * 97 * Solution has been explained at 98 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net 99 */ 100 101 assert_key_lock(sdata->local); 102 103 update_vlan_tailroom_need_count(sdata, 1); 104 105 if (!sdata->crypto_tx_tailroom_needed_cnt++) { 106 /* 107 * Flush all XMIT packets currently using HW encryption or no 108 * encryption at all if the count transition is from 0 -> 1. 109 */ 110 synchronize_net(); 111 } 112 } 113 114 static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata, 115 int delta) 116 { 117 assert_key_lock(sdata->local); 118 119 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta); 120 121 update_vlan_tailroom_need_count(sdata, -delta); 122 sdata->crypto_tx_tailroom_needed_cnt -= delta; 123 } 124 125 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key) 126 { 127 struct ieee80211_sub_if_data *sdata = key->sdata; 128 struct sta_info *sta; 129 int ret = -EOPNOTSUPP; 130 131 might_sleep(); 132 133 if (key->flags & KEY_FLAG_TAINTED) { 134 /* If we get here, it's during resume and the key is 135 * tainted so shouldn't be used/programmed any more. 136 * However, its flags may still indicate that it was 137 * programmed into the device (since we're in resume) 138 * so clear that flag now to avoid trying to remove 139 * it again later. 140 */ 141 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE && 142 !(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 143 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 144 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 145 increment_tailroom_need_count(sdata); 146 147 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 148 return -EINVAL; 149 } 150 151 if (!key->local->ops->set_key) 152 goto out_unsupported; 153 154 assert_key_lock(key->local); 155 156 sta = key->sta; 157 158 /* 159 * If this is a per-STA GTK, check if it 160 * is supported; if not, return. 161 */ 162 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) && 163 !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK)) 164 goto out_unsupported; 165 166 if (sta && !sta->uploaded) 167 goto out_unsupported; 168 169 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 170 /* 171 * The driver doesn't know anything about VLAN interfaces. 172 * Hence, don't send GTKs for VLAN interfaces to the driver. 173 */ 174 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) { 175 ret = 1; 176 goto out_unsupported; 177 } 178 } 179 180 ret = drv_set_key(key->local, SET_KEY, sdata, 181 sta ? &sta->sta : NULL, &key->conf); 182 183 if (!ret) { 184 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; 185 186 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 187 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 188 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 189 decrease_tailroom_need_count(sdata, 1); 190 191 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) && 192 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)); 193 194 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_MIC_SPACE) && 195 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC)); 196 197 return 0; 198 } 199 200 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1) 201 sdata_err(sdata, 202 "failed to set key (%d, %pM) to hardware (%d)\n", 203 key->conf.keyidx, 204 sta ? sta->sta.addr : bcast_addr, ret); 205 206 out_unsupported: 207 switch (key->conf.cipher) { 208 case WLAN_CIPHER_SUITE_WEP40: 209 case WLAN_CIPHER_SUITE_WEP104: 210 case WLAN_CIPHER_SUITE_TKIP: 211 case WLAN_CIPHER_SUITE_CCMP: 212 case WLAN_CIPHER_SUITE_CCMP_256: 213 case WLAN_CIPHER_SUITE_GCMP: 214 case WLAN_CIPHER_SUITE_GCMP_256: 215 case WLAN_CIPHER_SUITE_AES_CMAC: 216 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 217 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 218 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 219 /* all of these we can do in software - if driver can */ 220 if (ret == 1) 221 return 0; 222 if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL)) 223 return -EINVAL; 224 return 0; 225 default: 226 return -EINVAL; 227 } 228 } 229 230 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key) 231 { 232 struct ieee80211_sub_if_data *sdata; 233 struct sta_info *sta; 234 int ret; 235 236 might_sleep(); 237 238 if (!key || !key->local->ops->set_key) 239 return; 240 241 assert_key_lock(key->local); 242 243 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 244 return; 245 246 sta = key->sta; 247 sdata = key->sdata; 248 249 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 250 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 251 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 252 increment_tailroom_need_count(sdata); 253 254 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 255 ret = drv_set_key(key->local, DISABLE_KEY, sdata, 256 sta ? &sta->sta : NULL, &key->conf); 257 258 if (ret) 259 sdata_err(sdata, 260 "failed to remove key (%d, %pM) from hardware (%d)\n", 261 key->conf.keyidx, 262 sta ? sta->sta.addr : bcast_addr, ret); 263 } 264 265 static int _ieee80211_set_tx_key(struct ieee80211_key *key, bool force) 266 { 267 struct sta_info *sta = key->sta; 268 struct ieee80211_local *local = key->local; 269 270 assert_key_lock(local); 271 272 set_sta_flag(sta, WLAN_STA_USES_ENCRYPTION); 273 274 sta->ptk_idx = key->conf.keyidx; 275 276 if (force || !ieee80211_hw_check(&local->hw, AMPDU_KEYBORDER_SUPPORT)) 277 clear_sta_flag(sta, WLAN_STA_BLOCK_BA); 278 ieee80211_check_fast_xmit(sta); 279 280 return 0; 281 } 282 283 int ieee80211_set_tx_key(struct ieee80211_key *key) 284 { 285 return _ieee80211_set_tx_key(key, false); 286 } 287 288 static void ieee80211_pairwise_rekey(struct ieee80211_key *old, 289 struct ieee80211_key *new) 290 { 291 struct ieee80211_local *local = new->local; 292 struct sta_info *sta = new->sta; 293 int i; 294 295 assert_key_lock(local); 296 297 if (new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX) { 298 /* Extended Key ID key install, initial one or rekey */ 299 300 if (sta->ptk_idx != INVALID_PTK_KEYIDX && 301 !ieee80211_hw_check(&local->hw, AMPDU_KEYBORDER_SUPPORT)) { 302 /* Aggregation Sessions with Extended Key ID must not 303 * mix MPDUs with different keyIDs within one A-MPDU. 304 * Tear down running Tx aggregation sessions and block 305 * new Rx/Tx aggregation requests during rekey to 306 * ensure there are no A-MPDUs when the driver is not 307 * supporting A-MPDU key borders. (Blocking Tx only 308 * would be sufficient but WLAN_STA_BLOCK_BA gets the 309 * job done for the few ms we need it.) 310 */ 311 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 312 mutex_lock(&sta->ampdu_mlme.mtx); 313 for (i = 0; i < IEEE80211_NUM_TIDS; i++) 314 ___ieee80211_stop_tx_ba_session(sta, i, 315 AGG_STOP_LOCAL_REQUEST); 316 mutex_unlock(&sta->ampdu_mlme.mtx); 317 } 318 } else if (old) { 319 /* Rekey without Extended Key ID. 320 * Aggregation sessions are OK when running on SW crypto. 321 * A broken remote STA may cause issues not observed with HW 322 * crypto, though. 323 */ 324 if (!(old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 325 return; 326 327 /* Stop Tx till we are on the new key */ 328 old->flags |= KEY_FLAG_TAINTED; 329 ieee80211_clear_fast_xmit(sta); 330 if (ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION)) { 331 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 332 ieee80211_sta_tear_down_BA_sessions(sta, 333 AGG_STOP_LOCAL_REQUEST); 334 } 335 if (!wiphy_ext_feature_isset(local->hw.wiphy, 336 NL80211_EXT_FEATURE_CAN_REPLACE_PTK0)) { 337 pr_warn_ratelimited("Rekeying PTK for STA %pM but driver can't safely do that.", 338 sta->sta.addr); 339 /* Flushing the driver queues *may* help prevent 340 * the clear text leaks and freezes. 341 */ 342 ieee80211_flush_queues(local, old->sdata, false); 343 } 344 } 345 } 346 347 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, 348 int idx, bool uni, bool multi) 349 { 350 struct ieee80211_key *key = NULL; 351 352 assert_key_lock(sdata->local); 353 354 if (idx >= 0 && idx < NUM_DEFAULT_KEYS) 355 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 356 357 if (uni) { 358 rcu_assign_pointer(sdata->default_unicast_key, key); 359 ieee80211_check_fast_xmit_iface(sdata); 360 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN) 361 drv_set_default_unicast_key(sdata->local, sdata, idx); 362 } 363 364 if (multi) 365 rcu_assign_pointer(sdata->default_multicast_key, key); 366 367 ieee80211_debugfs_key_update_default(sdata); 368 } 369 370 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx, 371 bool uni, bool multi) 372 { 373 mutex_lock(&sdata->local->key_mtx); 374 __ieee80211_set_default_key(sdata, idx, uni, multi); 375 mutex_unlock(&sdata->local->key_mtx); 376 } 377 378 static void 379 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx) 380 { 381 struct ieee80211_key *key = NULL; 382 383 assert_key_lock(sdata->local); 384 385 if (idx >= NUM_DEFAULT_KEYS && 386 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) 387 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 388 389 rcu_assign_pointer(sdata->default_mgmt_key, key); 390 391 ieee80211_debugfs_key_update_default(sdata); 392 } 393 394 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, 395 int idx) 396 { 397 mutex_lock(&sdata->local->key_mtx); 398 __ieee80211_set_default_mgmt_key(sdata, idx); 399 mutex_unlock(&sdata->local->key_mtx); 400 } 401 402 static void 403 __ieee80211_set_default_beacon_key(struct ieee80211_sub_if_data *sdata, int idx) 404 { 405 struct ieee80211_key *key = NULL; 406 407 assert_key_lock(sdata->local); 408 409 if (idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS && 410 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS + 411 NUM_DEFAULT_BEACON_KEYS) 412 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 413 414 rcu_assign_pointer(sdata->default_beacon_key, key); 415 416 ieee80211_debugfs_key_update_default(sdata); 417 } 418 419 void ieee80211_set_default_beacon_key(struct ieee80211_sub_if_data *sdata, 420 int idx) 421 { 422 mutex_lock(&sdata->local->key_mtx); 423 __ieee80211_set_default_beacon_key(sdata, idx); 424 mutex_unlock(&sdata->local->key_mtx); 425 } 426 427 static int ieee80211_key_replace(struct ieee80211_sub_if_data *sdata, 428 struct sta_info *sta, 429 bool pairwise, 430 struct ieee80211_key *old, 431 struct ieee80211_key *new) 432 { 433 int idx; 434 int ret = 0; 435 bool defunikey, defmultikey, defmgmtkey, defbeaconkey; 436 bool is_wep; 437 438 /* caller must provide at least one old/new */ 439 if (WARN_ON(!new && !old)) 440 return 0; 441 442 if (new) { 443 idx = new->conf.keyidx; 444 list_add_tail_rcu(&new->list, &sdata->key_list); 445 is_wep = new->conf.cipher == WLAN_CIPHER_SUITE_WEP40 || 446 new->conf.cipher == WLAN_CIPHER_SUITE_WEP104; 447 } else { 448 idx = old->conf.keyidx; 449 is_wep = old->conf.cipher == WLAN_CIPHER_SUITE_WEP40 || 450 old->conf.cipher == WLAN_CIPHER_SUITE_WEP104; 451 } 452 453 if ((is_wep || pairwise) && idx >= NUM_DEFAULT_KEYS) 454 return -EINVAL; 455 456 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx); 457 458 if (new && sta && pairwise) { 459 /* Unicast rekey needs special handling. With Extended Key ID 460 * old is still NULL for the first rekey. 461 */ 462 ieee80211_pairwise_rekey(old, new); 463 } 464 465 if (old) { 466 if (old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 467 ieee80211_key_disable_hw_accel(old); 468 469 if (new) 470 ret = ieee80211_key_enable_hw_accel(new); 471 } 472 } else { 473 if (!new->local->wowlan) 474 ret = ieee80211_key_enable_hw_accel(new); 475 } 476 477 if (ret) 478 return ret; 479 480 if (sta) { 481 if (pairwise) { 482 rcu_assign_pointer(sta->ptk[idx], new); 483 if (new && 484 !(new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX)) 485 _ieee80211_set_tx_key(new, true); 486 } else { 487 rcu_assign_pointer(sta->deflink.gtk[idx], new); 488 } 489 /* Only needed for transition from no key -> key. 490 * Still triggers unnecessary when using Extended Key ID 491 * and installing the second key ID the first time. 492 */ 493 if (new && !old) 494 ieee80211_check_fast_rx(sta); 495 } else { 496 defunikey = old && 497 old == key_mtx_dereference(sdata->local, 498 sdata->default_unicast_key); 499 defmultikey = old && 500 old == key_mtx_dereference(sdata->local, 501 sdata->default_multicast_key); 502 defmgmtkey = old && 503 old == key_mtx_dereference(sdata->local, 504 sdata->default_mgmt_key); 505 defbeaconkey = old && 506 old == key_mtx_dereference(sdata->local, 507 sdata->default_beacon_key); 508 509 if (defunikey && !new) 510 __ieee80211_set_default_key(sdata, -1, true, false); 511 if (defmultikey && !new) 512 __ieee80211_set_default_key(sdata, -1, false, true); 513 if (defmgmtkey && !new) 514 __ieee80211_set_default_mgmt_key(sdata, -1); 515 if (defbeaconkey && !new) 516 __ieee80211_set_default_beacon_key(sdata, -1); 517 518 rcu_assign_pointer(sdata->keys[idx], new); 519 if (defunikey && new) 520 __ieee80211_set_default_key(sdata, new->conf.keyidx, 521 true, false); 522 if (defmultikey && new) 523 __ieee80211_set_default_key(sdata, new->conf.keyidx, 524 false, true); 525 if (defmgmtkey && new) 526 __ieee80211_set_default_mgmt_key(sdata, 527 new->conf.keyidx); 528 if (defbeaconkey && new) 529 __ieee80211_set_default_beacon_key(sdata, 530 new->conf.keyidx); 531 } 532 533 if (old) 534 list_del_rcu(&old->list); 535 536 return 0; 537 } 538 539 struct ieee80211_key * 540 ieee80211_key_alloc(u32 cipher, int idx, size_t key_len, 541 const u8 *key_data, 542 size_t seq_len, const u8 *seq) 543 { 544 struct ieee80211_key *key; 545 int i, j, err; 546 547 if (WARN_ON(idx < 0 || 548 idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS + 549 NUM_DEFAULT_BEACON_KEYS)) 550 return ERR_PTR(-EINVAL); 551 552 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL); 553 if (!key) 554 return ERR_PTR(-ENOMEM); 555 556 /* 557 * Default to software encryption; we'll later upload the 558 * key to the hardware if possible. 559 */ 560 key->conf.flags = 0; 561 key->flags = 0; 562 563 key->conf.cipher = cipher; 564 key->conf.keyidx = idx; 565 key->conf.keylen = key_len; 566 switch (cipher) { 567 case WLAN_CIPHER_SUITE_WEP40: 568 case WLAN_CIPHER_SUITE_WEP104: 569 key->conf.iv_len = IEEE80211_WEP_IV_LEN; 570 key->conf.icv_len = IEEE80211_WEP_ICV_LEN; 571 break; 572 case WLAN_CIPHER_SUITE_TKIP: 573 key->conf.iv_len = IEEE80211_TKIP_IV_LEN; 574 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN; 575 if (seq) { 576 for (i = 0; i < IEEE80211_NUM_TIDS; i++) { 577 key->u.tkip.rx[i].iv32 = 578 get_unaligned_le32(&seq[2]); 579 key->u.tkip.rx[i].iv16 = 580 get_unaligned_le16(seq); 581 } 582 } 583 spin_lock_init(&key->u.tkip.txlock); 584 break; 585 case WLAN_CIPHER_SUITE_CCMP: 586 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN; 587 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN; 588 if (seq) { 589 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 590 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++) 591 key->u.ccmp.rx_pn[i][j] = 592 seq[IEEE80211_CCMP_PN_LEN - j - 1]; 593 } 594 /* 595 * Initialize AES key state here as an optimization so that 596 * it does not need to be initialized for every packet. 597 */ 598 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 599 key_data, key_len, IEEE80211_CCMP_MIC_LEN); 600 if (IS_ERR(key->u.ccmp.tfm)) { 601 err = PTR_ERR(key->u.ccmp.tfm); 602 kfree(key); 603 return ERR_PTR(err); 604 } 605 break; 606 case WLAN_CIPHER_SUITE_CCMP_256: 607 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN; 608 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN; 609 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 610 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++) 611 key->u.ccmp.rx_pn[i][j] = 612 seq[IEEE80211_CCMP_256_PN_LEN - j - 1]; 613 /* Initialize AES key state here as an optimization so that 614 * it does not need to be initialized for every packet. 615 */ 616 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 617 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN); 618 if (IS_ERR(key->u.ccmp.tfm)) { 619 err = PTR_ERR(key->u.ccmp.tfm); 620 kfree(key); 621 return ERR_PTR(err); 622 } 623 break; 624 case WLAN_CIPHER_SUITE_AES_CMAC: 625 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 626 key->conf.iv_len = 0; 627 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC) 628 key->conf.icv_len = sizeof(struct ieee80211_mmie); 629 else 630 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 631 if (seq) 632 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++) 633 key->u.aes_cmac.rx_pn[j] = 634 seq[IEEE80211_CMAC_PN_LEN - j - 1]; 635 /* 636 * Initialize AES key state here as an optimization so that 637 * it does not need to be initialized for every packet. 638 */ 639 key->u.aes_cmac.tfm = 640 ieee80211_aes_cmac_key_setup(key_data, key_len); 641 if (IS_ERR(key->u.aes_cmac.tfm)) { 642 err = PTR_ERR(key->u.aes_cmac.tfm); 643 kfree(key); 644 return ERR_PTR(err); 645 } 646 break; 647 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 648 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 649 key->conf.iv_len = 0; 650 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 651 if (seq) 652 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++) 653 key->u.aes_gmac.rx_pn[j] = 654 seq[IEEE80211_GMAC_PN_LEN - j - 1]; 655 /* Initialize AES key state here as an optimization so that 656 * it does not need to be initialized for every packet. 657 */ 658 key->u.aes_gmac.tfm = 659 ieee80211_aes_gmac_key_setup(key_data, key_len); 660 if (IS_ERR(key->u.aes_gmac.tfm)) { 661 err = PTR_ERR(key->u.aes_gmac.tfm); 662 kfree(key); 663 return ERR_PTR(err); 664 } 665 break; 666 case WLAN_CIPHER_SUITE_GCMP: 667 case WLAN_CIPHER_SUITE_GCMP_256: 668 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN; 669 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN; 670 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 671 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++) 672 key->u.gcmp.rx_pn[i][j] = 673 seq[IEEE80211_GCMP_PN_LEN - j - 1]; 674 /* Initialize AES key state here as an optimization so that 675 * it does not need to be initialized for every packet. 676 */ 677 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data, 678 key_len); 679 if (IS_ERR(key->u.gcmp.tfm)) { 680 err = PTR_ERR(key->u.gcmp.tfm); 681 kfree(key); 682 return ERR_PTR(err); 683 } 684 break; 685 } 686 memcpy(key->conf.key, key_data, key_len); 687 INIT_LIST_HEAD(&key->list); 688 689 return key; 690 } 691 692 static void ieee80211_key_free_common(struct ieee80211_key *key) 693 { 694 switch (key->conf.cipher) { 695 case WLAN_CIPHER_SUITE_CCMP: 696 case WLAN_CIPHER_SUITE_CCMP_256: 697 ieee80211_aes_key_free(key->u.ccmp.tfm); 698 break; 699 case WLAN_CIPHER_SUITE_AES_CMAC: 700 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 701 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm); 702 break; 703 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 704 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 705 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm); 706 break; 707 case WLAN_CIPHER_SUITE_GCMP: 708 case WLAN_CIPHER_SUITE_GCMP_256: 709 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm); 710 break; 711 } 712 kfree_sensitive(key); 713 } 714 715 static void __ieee80211_key_destroy(struct ieee80211_key *key, 716 bool delay_tailroom) 717 { 718 if (key->local) { 719 struct ieee80211_sub_if_data *sdata = key->sdata; 720 721 ieee80211_debugfs_key_remove(key); 722 723 if (delay_tailroom) { 724 /* see ieee80211_delayed_tailroom_dec */ 725 sdata->crypto_tx_tailroom_pending_dec++; 726 schedule_delayed_work(&sdata->dec_tailroom_needed_wk, 727 HZ/2); 728 } else { 729 decrease_tailroom_need_count(sdata, 1); 730 } 731 } 732 733 ieee80211_key_free_common(key); 734 } 735 736 static void ieee80211_key_destroy(struct ieee80211_key *key, 737 bool delay_tailroom) 738 { 739 if (!key) 740 return; 741 742 /* 743 * Synchronize so the TX path and rcu key iterators 744 * can no longer be using this key before we free/remove it. 745 */ 746 synchronize_net(); 747 748 __ieee80211_key_destroy(key, delay_tailroom); 749 } 750 751 void ieee80211_key_free_unused(struct ieee80211_key *key) 752 { 753 WARN_ON(key->sdata || key->local); 754 ieee80211_key_free_common(key); 755 } 756 757 static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata, 758 struct ieee80211_key *old, 759 struct ieee80211_key *new) 760 { 761 u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP]; 762 u8 *tk_old, *tk_new; 763 764 if (!old || new->conf.keylen != old->conf.keylen) 765 return false; 766 767 tk_old = old->conf.key; 768 tk_new = new->conf.key; 769 770 /* 771 * In station mode, don't compare the TX MIC key, as it's never used 772 * and offloaded rekeying may not care to send it to the host. This 773 * is the case in iwlwifi, for example. 774 */ 775 if (sdata->vif.type == NL80211_IFTYPE_STATION && 776 new->conf.cipher == WLAN_CIPHER_SUITE_TKIP && 777 new->conf.keylen == WLAN_KEY_LEN_TKIP && 778 !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) { 779 memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP); 780 memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP); 781 memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8); 782 memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8); 783 tk_old = tkip_old; 784 tk_new = tkip_new; 785 } 786 787 return !crypto_memneq(tk_old, tk_new, new->conf.keylen); 788 } 789 790 int ieee80211_key_link(struct ieee80211_key *key, 791 struct ieee80211_sub_if_data *sdata, 792 struct sta_info *sta) 793 { 794 static atomic_t key_color = ATOMIC_INIT(0); 795 struct ieee80211_key *old_key; 796 int idx = key->conf.keyidx; 797 bool pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE; 798 /* 799 * We want to delay tailroom updates only for station - in that 800 * case it helps roaming speed, but in other cases it hurts and 801 * can cause warnings to appear. 802 */ 803 bool delay_tailroom = sdata->vif.type == NL80211_IFTYPE_STATION; 804 int ret = -EOPNOTSUPP; 805 806 mutex_lock(&sdata->local->key_mtx); 807 808 if (sta && pairwise) { 809 struct ieee80211_key *alt_key; 810 811 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]); 812 alt_key = key_mtx_dereference(sdata->local, sta->ptk[idx ^ 1]); 813 814 /* The rekey code assumes that the old and new key are using 815 * the same cipher. Enforce the assumption for pairwise keys. 816 */ 817 if ((alt_key && alt_key->conf.cipher != key->conf.cipher) || 818 (old_key && old_key->conf.cipher != key->conf.cipher)) 819 goto out; 820 } else if (sta) { 821 old_key = key_mtx_dereference(sdata->local, 822 sta->deflink.gtk[idx]); 823 } else { 824 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 825 } 826 827 /* Non-pairwise keys must also not switch the cipher on rekey */ 828 if (!pairwise) { 829 if (old_key && old_key->conf.cipher != key->conf.cipher) 830 goto out; 831 } 832 833 /* 834 * Silently accept key re-installation without really installing the 835 * new version of the key to avoid nonce reuse or replay issues. 836 */ 837 if (ieee80211_key_identical(sdata, old_key, key)) { 838 ieee80211_key_free_unused(key); 839 ret = 0; 840 goto out; 841 } 842 843 key->local = sdata->local; 844 key->sdata = sdata; 845 key->sta = sta; 846 847 /* 848 * Assign a unique ID to every key so we can easily prevent mixed 849 * key and fragment cache attacks. 850 */ 851 key->color = atomic_inc_return(&key_color); 852 853 increment_tailroom_need_count(sdata); 854 855 ret = ieee80211_key_replace(sdata, sta, pairwise, old_key, key); 856 857 if (!ret) { 858 ieee80211_debugfs_key_add(key); 859 ieee80211_key_destroy(old_key, delay_tailroom); 860 } else { 861 ieee80211_key_free(key, delay_tailroom); 862 } 863 864 out: 865 mutex_unlock(&sdata->local->key_mtx); 866 867 return ret; 868 } 869 870 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom) 871 { 872 if (!key) 873 return; 874 875 /* 876 * Replace key with nothingness if it was ever used. 877 */ 878 if (key->sdata) 879 ieee80211_key_replace(key->sdata, key->sta, 880 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 881 key, NULL); 882 ieee80211_key_destroy(key, delay_tailroom); 883 } 884 885 void ieee80211_reenable_keys(struct ieee80211_sub_if_data *sdata) 886 { 887 struct ieee80211_key *key; 888 struct ieee80211_sub_if_data *vlan; 889 890 lockdep_assert_wiphy(sdata->local->hw.wiphy); 891 892 mutex_lock(&sdata->local->key_mtx); 893 894 sdata->crypto_tx_tailroom_needed_cnt = 0; 895 sdata->crypto_tx_tailroom_pending_dec = 0; 896 897 if (sdata->vif.type == NL80211_IFTYPE_AP) { 898 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) { 899 vlan->crypto_tx_tailroom_needed_cnt = 0; 900 vlan->crypto_tx_tailroom_pending_dec = 0; 901 } 902 } 903 904 if (ieee80211_sdata_running(sdata)) { 905 list_for_each_entry(key, &sdata->key_list, list) { 906 increment_tailroom_need_count(sdata); 907 ieee80211_key_enable_hw_accel(key); 908 } 909 } 910 911 mutex_unlock(&sdata->local->key_mtx); 912 } 913 914 void ieee80211_iter_keys(struct ieee80211_hw *hw, 915 struct ieee80211_vif *vif, 916 void (*iter)(struct ieee80211_hw *hw, 917 struct ieee80211_vif *vif, 918 struct ieee80211_sta *sta, 919 struct ieee80211_key_conf *key, 920 void *data), 921 void *iter_data) 922 { 923 struct ieee80211_local *local = hw_to_local(hw); 924 struct ieee80211_key *key, *tmp; 925 struct ieee80211_sub_if_data *sdata; 926 927 lockdep_assert_wiphy(hw->wiphy); 928 929 mutex_lock(&local->key_mtx); 930 if (vif) { 931 sdata = vif_to_sdata(vif); 932 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) 933 iter(hw, &sdata->vif, 934 key->sta ? &key->sta->sta : NULL, 935 &key->conf, iter_data); 936 } else { 937 list_for_each_entry(sdata, &local->interfaces, list) 938 list_for_each_entry_safe(key, tmp, 939 &sdata->key_list, list) 940 iter(hw, &sdata->vif, 941 key->sta ? &key->sta->sta : NULL, 942 &key->conf, iter_data); 943 } 944 mutex_unlock(&local->key_mtx); 945 } 946 EXPORT_SYMBOL(ieee80211_iter_keys); 947 948 static void 949 _ieee80211_iter_keys_rcu(struct ieee80211_hw *hw, 950 struct ieee80211_sub_if_data *sdata, 951 void (*iter)(struct ieee80211_hw *hw, 952 struct ieee80211_vif *vif, 953 struct ieee80211_sta *sta, 954 struct ieee80211_key_conf *key, 955 void *data), 956 void *iter_data) 957 { 958 struct ieee80211_key *key; 959 960 list_for_each_entry_rcu(key, &sdata->key_list, list) { 961 /* skip keys of station in removal process */ 962 if (key->sta && key->sta->removed) 963 continue; 964 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 965 continue; 966 967 iter(hw, &sdata->vif, 968 key->sta ? &key->sta->sta : NULL, 969 &key->conf, iter_data); 970 } 971 } 972 973 void ieee80211_iter_keys_rcu(struct ieee80211_hw *hw, 974 struct ieee80211_vif *vif, 975 void (*iter)(struct ieee80211_hw *hw, 976 struct ieee80211_vif *vif, 977 struct ieee80211_sta *sta, 978 struct ieee80211_key_conf *key, 979 void *data), 980 void *iter_data) 981 { 982 struct ieee80211_local *local = hw_to_local(hw); 983 struct ieee80211_sub_if_data *sdata; 984 985 if (vif) { 986 sdata = vif_to_sdata(vif); 987 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data); 988 } else { 989 list_for_each_entry_rcu(sdata, &local->interfaces, list) 990 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data); 991 } 992 } 993 EXPORT_SYMBOL(ieee80211_iter_keys_rcu); 994 995 static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata, 996 struct list_head *keys) 997 { 998 struct ieee80211_key *key, *tmp; 999 1000 decrease_tailroom_need_count(sdata, 1001 sdata->crypto_tx_tailroom_pending_dec); 1002 sdata->crypto_tx_tailroom_pending_dec = 0; 1003 1004 ieee80211_debugfs_key_remove_mgmt_default(sdata); 1005 ieee80211_debugfs_key_remove_beacon_default(sdata); 1006 1007 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) { 1008 ieee80211_key_replace(key->sdata, key->sta, 1009 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1010 key, NULL); 1011 list_add_tail(&key->list, keys); 1012 } 1013 1014 ieee80211_debugfs_key_update_default(sdata); 1015 } 1016 1017 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata, 1018 bool force_synchronize) 1019 { 1020 struct ieee80211_local *local = sdata->local; 1021 struct ieee80211_sub_if_data *vlan; 1022 struct ieee80211_sub_if_data *master; 1023 struct ieee80211_key *key, *tmp; 1024 LIST_HEAD(keys); 1025 1026 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk); 1027 1028 mutex_lock(&local->key_mtx); 1029 1030 ieee80211_free_keys_iface(sdata, &keys); 1031 1032 if (sdata->vif.type == NL80211_IFTYPE_AP) { 1033 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 1034 ieee80211_free_keys_iface(vlan, &keys); 1035 } 1036 1037 if (!list_empty(&keys) || force_synchronize) 1038 synchronize_net(); 1039 list_for_each_entry_safe(key, tmp, &keys, list) 1040 __ieee80211_key_destroy(key, false); 1041 1042 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 1043 if (sdata->bss) { 1044 master = container_of(sdata->bss, 1045 struct ieee80211_sub_if_data, 1046 u.ap); 1047 1048 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt != 1049 master->crypto_tx_tailroom_needed_cnt); 1050 } 1051 } else { 1052 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt || 1053 sdata->crypto_tx_tailroom_pending_dec); 1054 } 1055 1056 if (sdata->vif.type == NL80211_IFTYPE_AP) { 1057 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 1058 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt || 1059 vlan->crypto_tx_tailroom_pending_dec); 1060 } 1061 1062 mutex_unlock(&local->key_mtx); 1063 } 1064 1065 void ieee80211_free_sta_keys(struct ieee80211_local *local, 1066 struct sta_info *sta) 1067 { 1068 struct ieee80211_key *key; 1069 int i; 1070 1071 mutex_lock(&local->key_mtx); 1072 for (i = 0; i < ARRAY_SIZE(sta->deflink.gtk); i++) { 1073 key = key_mtx_dereference(local, sta->deflink.gtk[i]); 1074 if (!key) 1075 continue; 1076 ieee80211_key_replace(key->sdata, key->sta, 1077 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1078 key, NULL); 1079 __ieee80211_key_destroy(key, key->sdata->vif.type == 1080 NL80211_IFTYPE_STATION); 1081 } 1082 1083 for (i = 0; i < NUM_DEFAULT_KEYS; i++) { 1084 key = key_mtx_dereference(local, sta->ptk[i]); 1085 if (!key) 1086 continue; 1087 ieee80211_key_replace(key->sdata, key->sta, 1088 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1089 key, NULL); 1090 __ieee80211_key_destroy(key, key->sdata->vif.type == 1091 NL80211_IFTYPE_STATION); 1092 } 1093 1094 mutex_unlock(&local->key_mtx); 1095 } 1096 1097 void ieee80211_delayed_tailroom_dec(struct work_struct *wk) 1098 { 1099 struct ieee80211_sub_if_data *sdata; 1100 1101 sdata = container_of(wk, struct ieee80211_sub_if_data, 1102 dec_tailroom_needed_wk.work); 1103 1104 /* 1105 * The reason for the delayed tailroom needed decrementing is to 1106 * make roaming faster: during roaming, all keys are first deleted 1107 * and then new keys are installed. The first new key causes the 1108 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes 1109 * the cost of synchronize_net() (which can be slow). Avoid this 1110 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on 1111 * key removal for a while, so if we roam the value is larger than 1112 * zero and no 0->1 transition happens. 1113 * 1114 * The cost is that if the AP switching was from an AP with keys 1115 * to one without, we still allocate tailroom while it would no 1116 * longer be needed. However, in the typical (fast) roaming case 1117 * within an ESS this usually won't happen. 1118 */ 1119 1120 mutex_lock(&sdata->local->key_mtx); 1121 decrease_tailroom_need_count(sdata, 1122 sdata->crypto_tx_tailroom_pending_dec); 1123 sdata->crypto_tx_tailroom_pending_dec = 0; 1124 mutex_unlock(&sdata->local->key_mtx); 1125 } 1126 1127 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid, 1128 const u8 *replay_ctr, gfp_t gfp) 1129 { 1130 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1131 1132 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr); 1133 1134 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp); 1135 } 1136 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify); 1137 1138 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf, 1139 int tid, struct ieee80211_key_seq *seq) 1140 { 1141 struct ieee80211_key *key; 1142 const u8 *pn; 1143 1144 key = container_of(keyconf, struct ieee80211_key, conf); 1145 1146 switch (key->conf.cipher) { 1147 case WLAN_CIPHER_SUITE_TKIP: 1148 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 1149 return; 1150 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32; 1151 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16; 1152 break; 1153 case WLAN_CIPHER_SUITE_CCMP: 1154 case WLAN_CIPHER_SUITE_CCMP_256: 1155 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1156 return; 1157 if (tid < 0) 1158 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 1159 else 1160 pn = key->u.ccmp.rx_pn[tid]; 1161 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN); 1162 break; 1163 case WLAN_CIPHER_SUITE_AES_CMAC: 1164 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1165 if (WARN_ON(tid != 0)) 1166 return; 1167 pn = key->u.aes_cmac.rx_pn; 1168 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN); 1169 break; 1170 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1171 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1172 if (WARN_ON(tid != 0)) 1173 return; 1174 pn = key->u.aes_gmac.rx_pn; 1175 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN); 1176 break; 1177 case WLAN_CIPHER_SUITE_GCMP: 1178 case WLAN_CIPHER_SUITE_GCMP_256: 1179 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1180 return; 1181 if (tid < 0) 1182 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 1183 else 1184 pn = key->u.gcmp.rx_pn[tid]; 1185 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN); 1186 break; 1187 } 1188 } 1189 EXPORT_SYMBOL(ieee80211_get_key_rx_seq); 1190 1191 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf, 1192 int tid, struct ieee80211_key_seq *seq) 1193 { 1194 struct ieee80211_key *key; 1195 u8 *pn; 1196 1197 key = container_of(keyconf, struct ieee80211_key, conf); 1198 1199 switch (key->conf.cipher) { 1200 case WLAN_CIPHER_SUITE_TKIP: 1201 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 1202 return; 1203 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32; 1204 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16; 1205 break; 1206 case WLAN_CIPHER_SUITE_CCMP: 1207 case WLAN_CIPHER_SUITE_CCMP_256: 1208 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1209 return; 1210 if (tid < 0) 1211 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 1212 else 1213 pn = key->u.ccmp.rx_pn[tid]; 1214 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN); 1215 break; 1216 case WLAN_CIPHER_SUITE_AES_CMAC: 1217 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1218 if (WARN_ON(tid != 0)) 1219 return; 1220 pn = key->u.aes_cmac.rx_pn; 1221 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN); 1222 break; 1223 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1224 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1225 if (WARN_ON(tid != 0)) 1226 return; 1227 pn = key->u.aes_gmac.rx_pn; 1228 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN); 1229 break; 1230 case WLAN_CIPHER_SUITE_GCMP: 1231 case WLAN_CIPHER_SUITE_GCMP_256: 1232 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1233 return; 1234 if (tid < 0) 1235 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 1236 else 1237 pn = key->u.gcmp.rx_pn[tid]; 1238 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN); 1239 break; 1240 default: 1241 WARN_ON(1); 1242 break; 1243 } 1244 } 1245 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq); 1246 1247 void ieee80211_remove_key(struct ieee80211_key_conf *keyconf) 1248 { 1249 struct ieee80211_key *key; 1250 1251 key = container_of(keyconf, struct ieee80211_key, conf); 1252 1253 assert_key_lock(key->local); 1254 1255 /* 1256 * if key was uploaded, we assume the driver will/has remove(d) 1257 * it, so adjust bookkeeping accordingly 1258 */ 1259 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 1260 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 1261 1262 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 1263 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 1264 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 1265 increment_tailroom_need_count(key->sdata); 1266 } 1267 1268 ieee80211_key_free(key, false); 1269 } 1270 EXPORT_SYMBOL_GPL(ieee80211_remove_key); 1271 1272 struct ieee80211_key_conf * 1273 ieee80211_gtk_rekey_add(struct ieee80211_vif *vif, 1274 struct ieee80211_key_conf *keyconf) 1275 { 1276 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1277 struct ieee80211_local *local = sdata->local; 1278 struct ieee80211_key *key; 1279 int err; 1280 1281 if (WARN_ON(!local->wowlan)) 1282 return ERR_PTR(-EINVAL); 1283 1284 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION)) 1285 return ERR_PTR(-EINVAL); 1286 1287 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx, 1288 keyconf->keylen, keyconf->key, 1289 0, NULL); 1290 if (IS_ERR(key)) 1291 return ERR_CAST(key); 1292 1293 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED) 1294 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT; 1295 1296 err = ieee80211_key_link(key, sdata, NULL); 1297 if (err) 1298 return ERR_PTR(err); 1299 1300 return &key->conf; 1301 } 1302 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add); 1303 1304 void ieee80211_key_mic_failure(struct ieee80211_key_conf *keyconf) 1305 { 1306 struct ieee80211_key *key; 1307 1308 key = container_of(keyconf, struct ieee80211_key, conf); 1309 1310 switch (key->conf.cipher) { 1311 case WLAN_CIPHER_SUITE_AES_CMAC: 1312 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1313 key->u.aes_cmac.icverrors++; 1314 break; 1315 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1316 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1317 key->u.aes_gmac.icverrors++; 1318 break; 1319 default: 1320 /* ignore the others for now, we don't keep counters now */ 1321 break; 1322 } 1323 } 1324 EXPORT_SYMBOL_GPL(ieee80211_key_mic_failure); 1325 1326 void ieee80211_key_replay(struct ieee80211_key_conf *keyconf) 1327 { 1328 struct ieee80211_key *key; 1329 1330 key = container_of(keyconf, struct ieee80211_key, conf); 1331 1332 switch (key->conf.cipher) { 1333 case WLAN_CIPHER_SUITE_CCMP: 1334 case WLAN_CIPHER_SUITE_CCMP_256: 1335 key->u.ccmp.replays++; 1336 break; 1337 case WLAN_CIPHER_SUITE_AES_CMAC: 1338 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1339 key->u.aes_cmac.replays++; 1340 break; 1341 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1342 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1343 key->u.aes_gmac.replays++; 1344 break; 1345 case WLAN_CIPHER_SUITE_GCMP: 1346 case WLAN_CIPHER_SUITE_GCMP_256: 1347 key->u.gcmp.replays++; 1348 break; 1349 } 1350 } 1351 EXPORT_SYMBOL_GPL(ieee80211_key_replay); 1352