xref: /openbmc/linux/net/mac80211/key.c (revision f7777dcc)
1 /*
2  * Copyright 2002-2005, Instant802 Networks, Inc.
3  * Copyright 2005-2006, Devicescape Software, Inc.
4  * Copyright 2006-2007	Jiri Benc <jbenc@suse.cz>
5  * Copyright 2007-2008	Johannes Berg <johannes@sipsolutions.net>
6  *
7  * This program is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License version 2 as
9  * published by the Free Software Foundation.
10  */
11 
12 #include <linux/if_ether.h>
13 #include <linux/etherdevice.h>
14 #include <linux/list.h>
15 #include <linux/rcupdate.h>
16 #include <linux/rtnetlink.h>
17 #include <linux/slab.h>
18 #include <linux/export.h>
19 #include <net/mac80211.h>
20 #include <asm/unaligned.h>
21 #include "ieee80211_i.h"
22 #include "driver-ops.h"
23 #include "debugfs_key.h"
24 #include "aes_ccm.h"
25 #include "aes_cmac.h"
26 
27 
28 /**
29  * DOC: Key handling basics
30  *
31  * Key handling in mac80211 is done based on per-interface (sub_if_data)
32  * keys and per-station keys. Since each station belongs to an interface,
33  * each station key also belongs to that interface.
34  *
35  * Hardware acceleration is done on a best-effort basis for algorithms
36  * that are implemented in software,  for each key the hardware is asked
37  * to enable that key for offloading but if it cannot do that the key is
38  * simply kept for software encryption (unless it is for an algorithm
39  * that isn't implemented in software).
40  * There is currently no way of knowing whether a key is handled in SW
41  * or HW except by looking into debugfs.
42  *
43  * All key management is internally protected by a mutex. Within all
44  * other parts of mac80211, key references are, just as STA structure
45  * references, protected by RCU. Note, however, that some things are
46  * unprotected, namely the key->sta dereferences within the hardware
47  * acceleration functions. This means that sta_info_destroy() must
48  * remove the key which waits for an RCU grace period.
49  */
50 
51 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
52 
53 static void assert_key_lock(struct ieee80211_local *local)
54 {
55 	lockdep_assert_held(&local->key_mtx);
56 }
57 
58 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
59 {
60 	/*
61 	 * When this count is zero, SKB resizing for allocating tailroom
62 	 * for IV or MMIC is skipped. But, this check has created two race
63 	 * cases in xmit path while transiting from zero count to one:
64 	 *
65 	 * 1. SKB resize was skipped because no key was added but just before
66 	 * the xmit key is added and SW encryption kicks off.
67 	 *
68 	 * 2. SKB resize was skipped because all the keys were hw planted but
69 	 * just before xmit one of the key is deleted and SW encryption kicks
70 	 * off.
71 	 *
72 	 * In both the above case SW encryption will find not enough space for
73 	 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
74 	 *
75 	 * Solution has been explained at
76 	 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
77 	 */
78 
79 	if (!sdata->crypto_tx_tailroom_needed_cnt++) {
80 		/*
81 		 * Flush all XMIT packets currently using HW encryption or no
82 		 * encryption at all if the count transition is from 0 -> 1.
83 		 */
84 		synchronize_net();
85 	}
86 }
87 
88 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
89 {
90 	struct ieee80211_sub_if_data *sdata;
91 	struct sta_info *sta;
92 	int ret;
93 
94 	might_sleep();
95 
96 	if (key->flags & KEY_FLAG_TAINTED)
97 		return -EINVAL;
98 
99 	if (!key->local->ops->set_key)
100 		goto out_unsupported;
101 
102 	assert_key_lock(key->local);
103 
104 	sta = key->sta;
105 
106 	/*
107 	 * If this is a per-STA GTK, check if it
108 	 * is supported; if not, return.
109 	 */
110 	if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) &&
111 	    !(key->local->hw.flags & IEEE80211_HW_SUPPORTS_PER_STA_GTK))
112 		goto out_unsupported;
113 
114 	if (sta && !sta->uploaded)
115 		goto out_unsupported;
116 
117 	sdata = key->sdata;
118 	if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
119 		/*
120 		 * The driver doesn't know anything about VLAN interfaces.
121 		 * Hence, don't send GTKs for VLAN interfaces to the driver.
122 		 */
123 		if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE))
124 			goto out_unsupported;
125 	}
126 
127 	ret = drv_set_key(key->local, SET_KEY, sdata,
128 			  sta ? &sta->sta : NULL, &key->conf);
129 
130 	if (!ret) {
131 		key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
132 
133 		if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
134 		      (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) ||
135 		      (key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)))
136 			sdata->crypto_tx_tailroom_needed_cnt--;
137 
138 		WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
139 			(key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV));
140 
141 		return 0;
142 	}
143 
144 	if (ret != -ENOSPC && ret != -EOPNOTSUPP)
145 		sdata_err(sdata,
146 			  "failed to set key (%d, %pM) to hardware (%d)\n",
147 			  key->conf.keyidx,
148 			  sta ? sta->sta.addr : bcast_addr, ret);
149 
150  out_unsupported:
151 	switch (key->conf.cipher) {
152 	case WLAN_CIPHER_SUITE_WEP40:
153 	case WLAN_CIPHER_SUITE_WEP104:
154 	case WLAN_CIPHER_SUITE_TKIP:
155 	case WLAN_CIPHER_SUITE_CCMP:
156 	case WLAN_CIPHER_SUITE_AES_CMAC:
157 		/* all of these we can do in software */
158 		return 0;
159 	default:
160 		return -EINVAL;
161 	}
162 }
163 
164 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
165 {
166 	struct ieee80211_sub_if_data *sdata;
167 	struct sta_info *sta;
168 	int ret;
169 
170 	might_sleep();
171 
172 	if (!key || !key->local->ops->set_key)
173 		return;
174 
175 	assert_key_lock(key->local);
176 
177 	if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
178 		return;
179 
180 	sta = key->sta;
181 	sdata = key->sdata;
182 
183 	if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
184 	      (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) ||
185 	      (key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)))
186 		increment_tailroom_need_count(sdata);
187 
188 	ret = drv_set_key(key->local, DISABLE_KEY, sdata,
189 			  sta ? &sta->sta : NULL, &key->conf);
190 
191 	if (ret)
192 		sdata_err(sdata,
193 			  "failed to remove key (%d, %pM) from hardware (%d)\n",
194 			  key->conf.keyidx,
195 			  sta ? sta->sta.addr : bcast_addr, ret);
196 
197 	key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
198 }
199 
200 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
201 					int idx, bool uni, bool multi)
202 {
203 	struct ieee80211_key *key = NULL;
204 
205 	assert_key_lock(sdata->local);
206 
207 	if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
208 		key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
209 
210 	if (uni) {
211 		rcu_assign_pointer(sdata->default_unicast_key, key);
212 		drv_set_default_unicast_key(sdata->local, sdata, idx);
213 	}
214 
215 	if (multi)
216 		rcu_assign_pointer(sdata->default_multicast_key, key);
217 
218 	ieee80211_debugfs_key_update_default(sdata);
219 }
220 
221 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
222 			       bool uni, bool multi)
223 {
224 	mutex_lock(&sdata->local->key_mtx);
225 	__ieee80211_set_default_key(sdata, idx, uni, multi);
226 	mutex_unlock(&sdata->local->key_mtx);
227 }
228 
229 static void
230 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
231 {
232 	struct ieee80211_key *key = NULL;
233 
234 	assert_key_lock(sdata->local);
235 
236 	if (idx >= NUM_DEFAULT_KEYS &&
237 	    idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
238 		key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
239 
240 	rcu_assign_pointer(sdata->default_mgmt_key, key);
241 
242 	ieee80211_debugfs_key_update_default(sdata);
243 }
244 
245 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
246 				    int idx)
247 {
248 	mutex_lock(&sdata->local->key_mtx);
249 	__ieee80211_set_default_mgmt_key(sdata, idx);
250 	mutex_unlock(&sdata->local->key_mtx);
251 }
252 
253 
254 static void ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
255 				  struct sta_info *sta,
256 				  bool pairwise,
257 				  struct ieee80211_key *old,
258 				  struct ieee80211_key *new)
259 {
260 	int idx;
261 	bool defunikey, defmultikey, defmgmtkey;
262 
263 	if (new)
264 		list_add_tail(&new->list, &sdata->key_list);
265 
266 	if (sta && pairwise) {
267 		rcu_assign_pointer(sta->ptk, new);
268 	} else if (sta) {
269 		if (old)
270 			idx = old->conf.keyidx;
271 		else
272 			idx = new->conf.keyidx;
273 		rcu_assign_pointer(sta->gtk[idx], new);
274 	} else {
275 		WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
276 
277 		if (old)
278 			idx = old->conf.keyidx;
279 		else
280 			idx = new->conf.keyidx;
281 
282 		defunikey = old &&
283 			old == key_mtx_dereference(sdata->local,
284 						sdata->default_unicast_key);
285 		defmultikey = old &&
286 			old == key_mtx_dereference(sdata->local,
287 						sdata->default_multicast_key);
288 		defmgmtkey = old &&
289 			old == key_mtx_dereference(sdata->local,
290 						sdata->default_mgmt_key);
291 
292 		if (defunikey && !new)
293 			__ieee80211_set_default_key(sdata, -1, true, false);
294 		if (defmultikey && !new)
295 			__ieee80211_set_default_key(sdata, -1, false, true);
296 		if (defmgmtkey && !new)
297 			__ieee80211_set_default_mgmt_key(sdata, -1);
298 
299 		rcu_assign_pointer(sdata->keys[idx], new);
300 		if (defunikey && new)
301 			__ieee80211_set_default_key(sdata, new->conf.keyidx,
302 						    true, false);
303 		if (defmultikey && new)
304 			__ieee80211_set_default_key(sdata, new->conf.keyidx,
305 						    false, true);
306 		if (defmgmtkey && new)
307 			__ieee80211_set_default_mgmt_key(sdata,
308 							 new->conf.keyidx);
309 	}
310 
311 	if (old)
312 		list_del(&old->list);
313 }
314 
315 struct ieee80211_key *ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
316 					  const u8 *key_data,
317 					  size_t seq_len, const u8 *seq)
318 {
319 	struct ieee80211_key *key;
320 	int i, j, err;
321 
322 	BUG_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS);
323 
324 	key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
325 	if (!key)
326 		return ERR_PTR(-ENOMEM);
327 
328 	/*
329 	 * Default to software encryption; we'll later upload the
330 	 * key to the hardware if possible.
331 	 */
332 	key->conf.flags = 0;
333 	key->flags = 0;
334 
335 	key->conf.cipher = cipher;
336 	key->conf.keyidx = idx;
337 	key->conf.keylen = key_len;
338 	switch (cipher) {
339 	case WLAN_CIPHER_SUITE_WEP40:
340 	case WLAN_CIPHER_SUITE_WEP104:
341 		key->conf.iv_len = IEEE80211_WEP_IV_LEN;
342 		key->conf.icv_len = IEEE80211_WEP_ICV_LEN;
343 		break;
344 	case WLAN_CIPHER_SUITE_TKIP:
345 		key->conf.iv_len = IEEE80211_TKIP_IV_LEN;
346 		key->conf.icv_len = IEEE80211_TKIP_ICV_LEN;
347 		if (seq) {
348 			for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
349 				key->u.tkip.rx[i].iv32 =
350 					get_unaligned_le32(&seq[2]);
351 				key->u.tkip.rx[i].iv16 =
352 					get_unaligned_le16(seq);
353 			}
354 		}
355 		spin_lock_init(&key->u.tkip.txlock);
356 		break;
357 	case WLAN_CIPHER_SUITE_CCMP:
358 		key->conf.iv_len = IEEE80211_CCMP_HDR_LEN;
359 		key->conf.icv_len = IEEE80211_CCMP_MIC_LEN;
360 		if (seq) {
361 			for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
362 				for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++)
363 					key->u.ccmp.rx_pn[i][j] =
364 						seq[IEEE80211_CCMP_PN_LEN - j - 1];
365 		}
366 		/*
367 		 * Initialize AES key state here as an optimization so that
368 		 * it does not need to be initialized for every packet.
369 		 */
370 		key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(key_data);
371 		if (IS_ERR(key->u.ccmp.tfm)) {
372 			err = PTR_ERR(key->u.ccmp.tfm);
373 			kfree(key);
374 			return ERR_PTR(err);
375 		}
376 		break;
377 	case WLAN_CIPHER_SUITE_AES_CMAC:
378 		key->conf.iv_len = 0;
379 		key->conf.icv_len = sizeof(struct ieee80211_mmie);
380 		if (seq)
381 			for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
382 				key->u.aes_cmac.rx_pn[j] =
383 					seq[IEEE80211_CMAC_PN_LEN - j - 1];
384 		/*
385 		 * Initialize AES key state here as an optimization so that
386 		 * it does not need to be initialized for every packet.
387 		 */
388 		key->u.aes_cmac.tfm =
389 			ieee80211_aes_cmac_key_setup(key_data);
390 		if (IS_ERR(key->u.aes_cmac.tfm)) {
391 			err = PTR_ERR(key->u.aes_cmac.tfm);
392 			kfree(key);
393 			return ERR_PTR(err);
394 		}
395 		break;
396 	}
397 	memcpy(key->conf.key, key_data, key_len);
398 	INIT_LIST_HEAD(&key->list);
399 
400 	return key;
401 }
402 
403 static void ieee80211_key_free_common(struct ieee80211_key *key)
404 {
405 	if (key->conf.cipher == WLAN_CIPHER_SUITE_CCMP)
406 		ieee80211_aes_key_free(key->u.ccmp.tfm);
407 	if (key->conf.cipher == WLAN_CIPHER_SUITE_AES_CMAC)
408 		ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
409 	kfree(key);
410 }
411 
412 static void __ieee80211_key_destroy(struct ieee80211_key *key,
413 				    bool delay_tailroom)
414 {
415 	if (key->local)
416 		ieee80211_key_disable_hw_accel(key);
417 
418 	if (key->local) {
419 		struct ieee80211_sub_if_data *sdata = key->sdata;
420 
421 		ieee80211_debugfs_key_remove(key);
422 
423 		if (delay_tailroom) {
424 			/* see ieee80211_delayed_tailroom_dec */
425 			sdata->crypto_tx_tailroom_pending_dec++;
426 			schedule_delayed_work(&sdata->dec_tailroom_needed_wk,
427 					      HZ/2);
428 		} else {
429 			sdata->crypto_tx_tailroom_needed_cnt--;
430 		}
431 	}
432 
433 	ieee80211_key_free_common(key);
434 }
435 
436 static void ieee80211_key_destroy(struct ieee80211_key *key,
437 				  bool delay_tailroom)
438 {
439 	if (!key)
440 		return;
441 
442 	/*
443 	 * Synchronize so the TX path can no longer be using
444 	 * this key before we free/remove it.
445 	 */
446 	synchronize_net();
447 
448 	__ieee80211_key_destroy(key, delay_tailroom);
449 }
450 
451 void ieee80211_key_free_unused(struct ieee80211_key *key)
452 {
453 	WARN_ON(key->sdata || key->local);
454 	ieee80211_key_free_common(key);
455 }
456 
457 int ieee80211_key_link(struct ieee80211_key *key,
458 		       struct ieee80211_sub_if_data *sdata,
459 		       struct sta_info *sta)
460 {
461 	struct ieee80211_local *local = sdata->local;
462 	struct ieee80211_key *old_key;
463 	int idx, ret;
464 	bool pairwise;
465 
466 	BUG_ON(!sdata);
467 	BUG_ON(!key);
468 
469 	pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
470 	idx = key->conf.keyidx;
471 	key->local = sdata->local;
472 	key->sdata = sdata;
473 	key->sta = sta;
474 
475 	mutex_lock(&sdata->local->key_mtx);
476 
477 	if (sta && pairwise)
478 		old_key = key_mtx_dereference(sdata->local, sta->ptk);
479 	else if (sta)
480 		old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]);
481 	else
482 		old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
483 
484 	increment_tailroom_need_count(sdata);
485 
486 	ieee80211_key_replace(sdata, sta, pairwise, old_key, key);
487 	ieee80211_key_destroy(old_key, true);
488 
489 	ieee80211_debugfs_key_add(key);
490 
491 	if (!local->wowlan) {
492 		ret = ieee80211_key_enable_hw_accel(key);
493 		if (ret)
494 			ieee80211_key_free(key, true);
495 	} else {
496 		ret = 0;
497 	}
498 
499 	mutex_unlock(&sdata->local->key_mtx);
500 
501 	return ret;
502 }
503 
504 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom)
505 {
506 	if (!key)
507 		return;
508 
509 	/*
510 	 * Replace key with nothingness if it was ever used.
511 	 */
512 	if (key->sdata)
513 		ieee80211_key_replace(key->sdata, key->sta,
514 				key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
515 				key, NULL);
516 	ieee80211_key_destroy(key, delay_tailroom);
517 }
518 
519 void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata)
520 {
521 	struct ieee80211_key *key;
522 
523 	ASSERT_RTNL();
524 
525 	if (WARN_ON(!ieee80211_sdata_running(sdata)))
526 		return;
527 
528 	mutex_lock(&sdata->local->key_mtx);
529 
530 	sdata->crypto_tx_tailroom_needed_cnt = 0;
531 
532 	list_for_each_entry(key, &sdata->key_list, list) {
533 		increment_tailroom_need_count(sdata);
534 		ieee80211_key_enable_hw_accel(key);
535 	}
536 
537 	mutex_unlock(&sdata->local->key_mtx);
538 }
539 
540 void ieee80211_iter_keys(struct ieee80211_hw *hw,
541 			 struct ieee80211_vif *vif,
542 			 void (*iter)(struct ieee80211_hw *hw,
543 				      struct ieee80211_vif *vif,
544 				      struct ieee80211_sta *sta,
545 				      struct ieee80211_key_conf *key,
546 				      void *data),
547 			 void *iter_data)
548 {
549 	struct ieee80211_local *local = hw_to_local(hw);
550 	struct ieee80211_key *key, *tmp;
551 	struct ieee80211_sub_if_data *sdata;
552 
553 	ASSERT_RTNL();
554 
555 	mutex_lock(&local->key_mtx);
556 	if (vif) {
557 		sdata = vif_to_sdata(vif);
558 		list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
559 			iter(hw, &sdata->vif,
560 			     key->sta ? &key->sta->sta : NULL,
561 			     &key->conf, iter_data);
562 	} else {
563 		list_for_each_entry(sdata, &local->interfaces, list)
564 			list_for_each_entry_safe(key, tmp,
565 						 &sdata->key_list, list)
566 				iter(hw, &sdata->vif,
567 				     key->sta ? &key->sta->sta : NULL,
568 				     &key->conf, iter_data);
569 	}
570 	mutex_unlock(&local->key_mtx);
571 }
572 EXPORT_SYMBOL(ieee80211_iter_keys);
573 
574 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata)
575 {
576 	struct ieee80211_key *key, *tmp;
577 	LIST_HEAD(keys);
578 
579 	cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk);
580 
581 	mutex_lock(&sdata->local->key_mtx);
582 
583 	sdata->crypto_tx_tailroom_needed_cnt -=
584 		sdata->crypto_tx_tailroom_pending_dec;
585 	sdata->crypto_tx_tailroom_pending_dec = 0;
586 
587 	ieee80211_debugfs_key_remove_mgmt_default(sdata);
588 
589 	list_for_each_entry_safe(key, tmp, &sdata->key_list, list) {
590 		ieee80211_key_replace(key->sdata, key->sta,
591 				key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
592 				key, NULL);
593 		list_add_tail(&key->list, &keys);
594 	}
595 
596 	ieee80211_debugfs_key_update_default(sdata);
597 
598 	if (!list_empty(&keys)) {
599 		synchronize_net();
600 		list_for_each_entry_safe(key, tmp, &keys, list)
601 			__ieee80211_key_destroy(key, false);
602 	}
603 
604 	WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
605 		     sdata->crypto_tx_tailroom_pending_dec);
606 
607 	mutex_unlock(&sdata->local->key_mtx);
608 }
609 
610 void ieee80211_free_sta_keys(struct ieee80211_local *local,
611 			     struct sta_info *sta)
612 {
613 	struct ieee80211_key *key, *tmp;
614 	LIST_HEAD(keys);
615 	int i;
616 
617 	mutex_lock(&local->key_mtx);
618 	for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
619 		key = key_mtx_dereference(local, sta->gtk[i]);
620 		if (!key)
621 			continue;
622 		ieee80211_key_replace(key->sdata, key->sta,
623 				key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
624 				key, NULL);
625 		list_add(&key->list, &keys);
626 	}
627 
628 	key = key_mtx_dereference(local, sta->ptk);
629 	if (key) {
630 		ieee80211_key_replace(key->sdata, key->sta,
631 				key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
632 				key, NULL);
633 		list_add(&key->list, &keys);
634 	}
635 
636 	/*
637 	 * NB: the station code relies on this being
638 	 * done even if there aren't any keys
639 	 */
640 	synchronize_net();
641 
642 	list_for_each_entry_safe(key, tmp, &keys, list)
643 		__ieee80211_key_destroy(key, true);
644 
645 	mutex_unlock(&local->key_mtx);
646 }
647 
648 void ieee80211_delayed_tailroom_dec(struct work_struct *wk)
649 {
650 	struct ieee80211_sub_if_data *sdata;
651 
652 	sdata = container_of(wk, struct ieee80211_sub_if_data,
653 			     dec_tailroom_needed_wk.work);
654 
655 	/*
656 	 * The reason for the delayed tailroom needed decrementing is to
657 	 * make roaming faster: during roaming, all keys are first deleted
658 	 * and then new keys are installed. The first new key causes the
659 	 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes
660 	 * the cost of synchronize_net() (which can be slow). Avoid this
661 	 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on
662 	 * key removal for a while, so if we roam the value is larger than
663 	 * zero and no 0->1 transition happens.
664 	 *
665 	 * The cost is that if the AP switching was from an AP with keys
666 	 * to one without, we still allocate tailroom while it would no
667 	 * longer be needed. However, in the typical (fast) roaming case
668 	 * within an ESS this usually won't happen.
669 	 */
670 
671 	mutex_lock(&sdata->local->key_mtx);
672 	sdata->crypto_tx_tailroom_needed_cnt -=
673 		sdata->crypto_tx_tailroom_pending_dec;
674 	sdata->crypto_tx_tailroom_pending_dec = 0;
675 	mutex_unlock(&sdata->local->key_mtx);
676 }
677 
678 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid,
679 				const u8 *replay_ctr, gfp_t gfp)
680 {
681 	struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
682 
683 	trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr);
684 
685 	cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp);
686 }
687 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify);
688 
689 void ieee80211_get_key_tx_seq(struct ieee80211_key_conf *keyconf,
690 			      struct ieee80211_key_seq *seq)
691 {
692 	struct ieee80211_key *key;
693 	u64 pn64;
694 
695 	if (WARN_ON(!(keyconf->flags & IEEE80211_KEY_FLAG_GENERATE_IV)))
696 		return;
697 
698 	key = container_of(keyconf, struct ieee80211_key, conf);
699 
700 	switch (key->conf.cipher) {
701 	case WLAN_CIPHER_SUITE_TKIP:
702 		seq->tkip.iv32 = key->u.tkip.tx.iv32;
703 		seq->tkip.iv16 = key->u.tkip.tx.iv16;
704 		break;
705 	case WLAN_CIPHER_SUITE_CCMP:
706 		pn64 = atomic64_read(&key->u.ccmp.tx_pn);
707 		seq->ccmp.pn[5] = pn64;
708 		seq->ccmp.pn[4] = pn64 >> 8;
709 		seq->ccmp.pn[3] = pn64 >> 16;
710 		seq->ccmp.pn[2] = pn64 >> 24;
711 		seq->ccmp.pn[1] = pn64 >> 32;
712 		seq->ccmp.pn[0] = pn64 >> 40;
713 		break;
714 	case WLAN_CIPHER_SUITE_AES_CMAC:
715 		pn64 = atomic64_read(&key->u.aes_cmac.tx_pn);
716 		seq->ccmp.pn[5] = pn64;
717 		seq->ccmp.pn[4] = pn64 >> 8;
718 		seq->ccmp.pn[3] = pn64 >> 16;
719 		seq->ccmp.pn[2] = pn64 >> 24;
720 		seq->ccmp.pn[1] = pn64 >> 32;
721 		seq->ccmp.pn[0] = pn64 >> 40;
722 		break;
723 	default:
724 		WARN_ON(1);
725 	}
726 }
727 EXPORT_SYMBOL(ieee80211_get_key_tx_seq);
728 
729 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
730 			      int tid, struct ieee80211_key_seq *seq)
731 {
732 	struct ieee80211_key *key;
733 	const u8 *pn;
734 
735 	key = container_of(keyconf, struct ieee80211_key, conf);
736 
737 	switch (key->conf.cipher) {
738 	case WLAN_CIPHER_SUITE_TKIP:
739 		if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
740 			return;
741 		seq->tkip.iv32 = key->u.tkip.rx[tid].iv32;
742 		seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
743 		break;
744 	case WLAN_CIPHER_SUITE_CCMP:
745 		if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
746 			return;
747 		if (tid < 0)
748 			pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
749 		else
750 			pn = key->u.ccmp.rx_pn[tid];
751 		memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
752 		break;
753 	case WLAN_CIPHER_SUITE_AES_CMAC:
754 		if (WARN_ON(tid != 0))
755 			return;
756 		pn = key->u.aes_cmac.rx_pn;
757 		memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
758 		break;
759 	}
760 }
761 EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
762 
763 void ieee80211_set_key_tx_seq(struct ieee80211_key_conf *keyconf,
764 			      struct ieee80211_key_seq *seq)
765 {
766 	struct ieee80211_key *key;
767 	u64 pn64;
768 
769 	key = container_of(keyconf, struct ieee80211_key, conf);
770 
771 	switch (key->conf.cipher) {
772 	case WLAN_CIPHER_SUITE_TKIP:
773 		key->u.tkip.tx.iv32 = seq->tkip.iv32;
774 		key->u.tkip.tx.iv16 = seq->tkip.iv16;
775 		break;
776 	case WLAN_CIPHER_SUITE_CCMP:
777 		pn64 = (u64)seq->ccmp.pn[5] |
778 		       ((u64)seq->ccmp.pn[4] << 8) |
779 		       ((u64)seq->ccmp.pn[3] << 16) |
780 		       ((u64)seq->ccmp.pn[2] << 24) |
781 		       ((u64)seq->ccmp.pn[1] << 32) |
782 		       ((u64)seq->ccmp.pn[0] << 40);
783 		atomic64_set(&key->u.ccmp.tx_pn, pn64);
784 		break;
785 	case WLAN_CIPHER_SUITE_AES_CMAC:
786 		pn64 = (u64)seq->aes_cmac.pn[5] |
787 		       ((u64)seq->aes_cmac.pn[4] << 8) |
788 		       ((u64)seq->aes_cmac.pn[3] << 16) |
789 		       ((u64)seq->aes_cmac.pn[2] << 24) |
790 		       ((u64)seq->aes_cmac.pn[1] << 32) |
791 		       ((u64)seq->aes_cmac.pn[0] << 40);
792 		atomic64_set(&key->u.aes_cmac.tx_pn, pn64);
793 		break;
794 	default:
795 		WARN_ON(1);
796 		break;
797 	}
798 }
799 EXPORT_SYMBOL_GPL(ieee80211_set_key_tx_seq);
800 
801 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
802 			      int tid, struct ieee80211_key_seq *seq)
803 {
804 	struct ieee80211_key *key;
805 	u8 *pn;
806 
807 	key = container_of(keyconf, struct ieee80211_key, conf);
808 
809 	switch (key->conf.cipher) {
810 	case WLAN_CIPHER_SUITE_TKIP:
811 		if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
812 			return;
813 		key->u.tkip.rx[tid].iv32 = seq->tkip.iv32;
814 		key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
815 		break;
816 	case WLAN_CIPHER_SUITE_CCMP:
817 		if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
818 			return;
819 		if (tid < 0)
820 			pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
821 		else
822 			pn = key->u.ccmp.rx_pn[tid];
823 		memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
824 		break;
825 	case WLAN_CIPHER_SUITE_AES_CMAC:
826 		if (WARN_ON(tid != 0))
827 			return;
828 		pn = key->u.aes_cmac.rx_pn;
829 		memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
830 		break;
831 	default:
832 		WARN_ON(1);
833 		break;
834 	}
835 }
836 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq);
837 
838 void ieee80211_remove_key(struct ieee80211_key_conf *keyconf)
839 {
840 	struct ieee80211_key *key;
841 
842 	key = container_of(keyconf, struct ieee80211_key, conf);
843 
844 	assert_key_lock(key->local);
845 
846 	/*
847 	 * if key was uploaded, we assume the driver will/has remove(d)
848 	 * it, so adjust bookkeeping accordingly
849 	 */
850 	if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
851 		key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
852 
853 		if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
854 		      (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) ||
855 		      (key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)))
856 			increment_tailroom_need_count(key->sdata);
857 	}
858 
859 	ieee80211_key_free(key, false);
860 }
861 EXPORT_SYMBOL_GPL(ieee80211_remove_key);
862 
863 struct ieee80211_key_conf *
864 ieee80211_gtk_rekey_add(struct ieee80211_vif *vif,
865 			struct ieee80211_key_conf *keyconf)
866 {
867 	struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
868 	struct ieee80211_local *local = sdata->local;
869 	struct ieee80211_key *key;
870 	int err;
871 
872 	if (WARN_ON(!local->wowlan))
873 		return ERR_PTR(-EINVAL);
874 
875 	if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
876 		return ERR_PTR(-EINVAL);
877 
878 	key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx,
879 				  keyconf->keylen, keyconf->key,
880 				  0, NULL);
881 	if (IS_ERR(key))
882 		return ERR_PTR(PTR_ERR(key));
883 
884 	if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
885 		key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
886 
887 	err = ieee80211_key_link(key, sdata, NULL);
888 	if (err)
889 		return ERR_PTR(err);
890 
891 	return &key->conf;
892 }
893 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add);
894