1 /* 2 * Copyright 2002-2005, Instant802 Networks, Inc. 3 * Copyright 2005-2006, Devicescape Software, Inc. 4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net> 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License version 2 as 9 * published by the Free Software Foundation. 10 */ 11 12 #include <linux/if_ether.h> 13 #include <linux/etherdevice.h> 14 #include <linux/list.h> 15 #include <linux/rcupdate.h> 16 #include <linux/rtnetlink.h> 17 #include <linux/slab.h> 18 #include <linux/export.h> 19 #include <net/mac80211.h> 20 #include <asm/unaligned.h> 21 #include "ieee80211_i.h" 22 #include "driver-ops.h" 23 #include "debugfs_key.h" 24 #include "aes_ccm.h" 25 #include "aes_cmac.h" 26 27 28 /** 29 * DOC: Key handling basics 30 * 31 * Key handling in mac80211 is done based on per-interface (sub_if_data) 32 * keys and per-station keys. Since each station belongs to an interface, 33 * each station key also belongs to that interface. 34 * 35 * Hardware acceleration is done on a best-effort basis for algorithms 36 * that are implemented in software, for each key the hardware is asked 37 * to enable that key for offloading but if it cannot do that the key is 38 * simply kept for software encryption (unless it is for an algorithm 39 * that isn't implemented in software). 40 * There is currently no way of knowing whether a key is handled in SW 41 * or HW except by looking into debugfs. 42 * 43 * All key management is internally protected by a mutex. Within all 44 * other parts of mac80211, key references are, just as STA structure 45 * references, protected by RCU. Note, however, that some things are 46 * unprotected, namely the key->sta dereferences within the hardware 47 * acceleration functions. This means that sta_info_destroy() must 48 * remove the key which waits for an RCU grace period. 49 */ 50 51 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 52 53 static void assert_key_lock(struct ieee80211_local *local) 54 { 55 lockdep_assert_held(&local->key_mtx); 56 } 57 58 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata) 59 { 60 /* 61 * When this count is zero, SKB resizing for allocating tailroom 62 * for IV or MMIC is skipped. But, this check has created two race 63 * cases in xmit path while transiting from zero count to one: 64 * 65 * 1. SKB resize was skipped because no key was added but just before 66 * the xmit key is added and SW encryption kicks off. 67 * 68 * 2. SKB resize was skipped because all the keys were hw planted but 69 * just before xmit one of the key is deleted and SW encryption kicks 70 * off. 71 * 72 * In both the above case SW encryption will find not enough space for 73 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c) 74 * 75 * Solution has been explained at 76 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net 77 */ 78 79 if (!sdata->crypto_tx_tailroom_needed_cnt++) { 80 /* 81 * Flush all XMIT packets currently using HW encryption or no 82 * encryption at all if the count transition is from 0 -> 1. 83 */ 84 synchronize_net(); 85 } 86 } 87 88 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key) 89 { 90 struct ieee80211_sub_if_data *sdata; 91 struct sta_info *sta; 92 int ret; 93 94 might_sleep(); 95 96 if (key->flags & KEY_FLAG_TAINTED) 97 return -EINVAL; 98 99 if (!key->local->ops->set_key) 100 goto out_unsupported; 101 102 assert_key_lock(key->local); 103 104 sta = key->sta; 105 106 /* 107 * If this is a per-STA GTK, check if it 108 * is supported; if not, return. 109 */ 110 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) && 111 !(key->local->hw.flags & IEEE80211_HW_SUPPORTS_PER_STA_GTK)) 112 goto out_unsupported; 113 114 if (sta && !sta->uploaded) 115 goto out_unsupported; 116 117 sdata = key->sdata; 118 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 119 /* 120 * The driver doesn't know anything about VLAN interfaces. 121 * Hence, don't send GTKs for VLAN interfaces to the driver. 122 */ 123 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) 124 goto out_unsupported; 125 } 126 127 ret = drv_set_key(key->local, SET_KEY, sdata, 128 sta ? &sta->sta : NULL, &key->conf); 129 130 if (!ret) { 131 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; 132 133 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 134 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) || 135 (key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE))) 136 sdata->crypto_tx_tailroom_needed_cnt--; 137 138 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) && 139 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)); 140 141 return 0; 142 } 143 144 if (ret != -ENOSPC && ret != -EOPNOTSUPP) 145 sdata_err(sdata, 146 "failed to set key (%d, %pM) to hardware (%d)\n", 147 key->conf.keyidx, 148 sta ? sta->sta.addr : bcast_addr, ret); 149 150 out_unsupported: 151 switch (key->conf.cipher) { 152 case WLAN_CIPHER_SUITE_WEP40: 153 case WLAN_CIPHER_SUITE_WEP104: 154 case WLAN_CIPHER_SUITE_TKIP: 155 case WLAN_CIPHER_SUITE_CCMP: 156 case WLAN_CIPHER_SUITE_AES_CMAC: 157 /* all of these we can do in software */ 158 return 0; 159 default: 160 return -EINVAL; 161 } 162 } 163 164 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key) 165 { 166 struct ieee80211_sub_if_data *sdata; 167 struct sta_info *sta; 168 int ret; 169 170 might_sleep(); 171 172 if (!key || !key->local->ops->set_key) 173 return; 174 175 assert_key_lock(key->local); 176 177 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 178 return; 179 180 sta = key->sta; 181 sdata = key->sdata; 182 183 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 184 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) || 185 (key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE))) 186 increment_tailroom_need_count(sdata); 187 188 ret = drv_set_key(key->local, DISABLE_KEY, sdata, 189 sta ? &sta->sta : NULL, &key->conf); 190 191 if (ret) 192 sdata_err(sdata, 193 "failed to remove key (%d, %pM) from hardware (%d)\n", 194 key->conf.keyidx, 195 sta ? sta->sta.addr : bcast_addr, ret); 196 197 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 198 } 199 200 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, 201 int idx, bool uni, bool multi) 202 { 203 struct ieee80211_key *key = NULL; 204 205 assert_key_lock(sdata->local); 206 207 if (idx >= 0 && idx < NUM_DEFAULT_KEYS) 208 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 209 210 if (uni) { 211 rcu_assign_pointer(sdata->default_unicast_key, key); 212 drv_set_default_unicast_key(sdata->local, sdata, idx); 213 } 214 215 if (multi) 216 rcu_assign_pointer(sdata->default_multicast_key, key); 217 218 ieee80211_debugfs_key_update_default(sdata); 219 } 220 221 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx, 222 bool uni, bool multi) 223 { 224 mutex_lock(&sdata->local->key_mtx); 225 __ieee80211_set_default_key(sdata, idx, uni, multi); 226 mutex_unlock(&sdata->local->key_mtx); 227 } 228 229 static void 230 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx) 231 { 232 struct ieee80211_key *key = NULL; 233 234 assert_key_lock(sdata->local); 235 236 if (idx >= NUM_DEFAULT_KEYS && 237 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) 238 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 239 240 rcu_assign_pointer(sdata->default_mgmt_key, key); 241 242 ieee80211_debugfs_key_update_default(sdata); 243 } 244 245 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, 246 int idx) 247 { 248 mutex_lock(&sdata->local->key_mtx); 249 __ieee80211_set_default_mgmt_key(sdata, idx); 250 mutex_unlock(&sdata->local->key_mtx); 251 } 252 253 254 static void ieee80211_key_replace(struct ieee80211_sub_if_data *sdata, 255 struct sta_info *sta, 256 bool pairwise, 257 struct ieee80211_key *old, 258 struct ieee80211_key *new) 259 { 260 int idx; 261 bool defunikey, defmultikey, defmgmtkey; 262 263 if (new) 264 list_add_tail(&new->list, &sdata->key_list); 265 266 if (sta && pairwise) { 267 rcu_assign_pointer(sta->ptk, new); 268 } else if (sta) { 269 if (old) 270 idx = old->conf.keyidx; 271 else 272 idx = new->conf.keyidx; 273 rcu_assign_pointer(sta->gtk[idx], new); 274 } else { 275 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx); 276 277 if (old) 278 idx = old->conf.keyidx; 279 else 280 idx = new->conf.keyidx; 281 282 defunikey = old && 283 old == key_mtx_dereference(sdata->local, 284 sdata->default_unicast_key); 285 defmultikey = old && 286 old == key_mtx_dereference(sdata->local, 287 sdata->default_multicast_key); 288 defmgmtkey = old && 289 old == key_mtx_dereference(sdata->local, 290 sdata->default_mgmt_key); 291 292 if (defunikey && !new) 293 __ieee80211_set_default_key(sdata, -1, true, false); 294 if (defmultikey && !new) 295 __ieee80211_set_default_key(sdata, -1, false, true); 296 if (defmgmtkey && !new) 297 __ieee80211_set_default_mgmt_key(sdata, -1); 298 299 rcu_assign_pointer(sdata->keys[idx], new); 300 if (defunikey && new) 301 __ieee80211_set_default_key(sdata, new->conf.keyidx, 302 true, false); 303 if (defmultikey && new) 304 __ieee80211_set_default_key(sdata, new->conf.keyidx, 305 false, true); 306 if (defmgmtkey && new) 307 __ieee80211_set_default_mgmt_key(sdata, 308 new->conf.keyidx); 309 } 310 311 if (old) 312 list_del(&old->list); 313 } 314 315 struct ieee80211_key *ieee80211_key_alloc(u32 cipher, int idx, size_t key_len, 316 const u8 *key_data, 317 size_t seq_len, const u8 *seq) 318 { 319 struct ieee80211_key *key; 320 int i, j, err; 321 322 BUG_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS); 323 324 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL); 325 if (!key) 326 return ERR_PTR(-ENOMEM); 327 328 /* 329 * Default to software encryption; we'll later upload the 330 * key to the hardware if possible. 331 */ 332 key->conf.flags = 0; 333 key->flags = 0; 334 335 key->conf.cipher = cipher; 336 key->conf.keyidx = idx; 337 key->conf.keylen = key_len; 338 switch (cipher) { 339 case WLAN_CIPHER_SUITE_WEP40: 340 case WLAN_CIPHER_SUITE_WEP104: 341 key->conf.iv_len = IEEE80211_WEP_IV_LEN; 342 key->conf.icv_len = IEEE80211_WEP_ICV_LEN; 343 break; 344 case WLAN_CIPHER_SUITE_TKIP: 345 key->conf.iv_len = IEEE80211_TKIP_IV_LEN; 346 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN; 347 if (seq) { 348 for (i = 0; i < IEEE80211_NUM_TIDS; i++) { 349 key->u.tkip.rx[i].iv32 = 350 get_unaligned_le32(&seq[2]); 351 key->u.tkip.rx[i].iv16 = 352 get_unaligned_le16(seq); 353 } 354 } 355 spin_lock_init(&key->u.tkip.txlock); 356 break; 357 case WLAN_CIPHER_SUITE_CCMP: 358 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN; 359 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN; 360 if (seq) { 361 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 362 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++) 363 key->u.ccmp.rx_pn[i][j] = 364 seq[IEEE80211_CCMP_PN_LEN - j - 1]; 365 } 366 /* 367 * Initialize AES key state here as an optimization so that 368 * it does not need to be initialized for every packet. 369 */ 370 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(key_data); 371 if (IS_ERR(key->u.ccmp.tfm)) { 372 err = PTR_ERR(key->u.ccmp.tfm); 373 kfree(key); 374 return ERR_PTR(err); 375 } 376 break; 377 case WLAN_CIPHER_SUITE_AES_CMAC: 378 key->conf.iv_len = 0; 379 key->conf.icv_len = sizeof(struct ieee80211_mmie); 380 if (seq) 381 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++) 382 key->u.aes_cmac.rx_pn[j] = 383 seq[IEEE80211_CMAC_PN_LEN - j - 1]; 384 /* 385 * Initialize AES key state here as an optimization so that 386 * it does not need to be initialized for every packet. 387 */ 388 key->u.aes_cmac.tfm = 389 ieee80211_aes_cmac_key_setup(key_data); 390 if (IS_ERR(key->u.aes_cmac.tfm)) { 391 err = PTR_ERR(key->u.aes_cmac.tfm); 392 kfree(key); 393 return ERR_PTR(err); 394 } 395 break; 396 } 397 memcpy(key->conf.key, key_data, key_len); 398 INIT_LIST_HEAD(&key->list); 399 400 return key; 401 } 402 403 static void ieee80211_key_free_common(struct ieee80211_key *key) 404 { 405 if (key->conf.cipher == WLAN_CIPHER_SUITE_CCMP) 406 ieee80211_aes_key_free(key->u.ccmp.tfm); 407 if (key->conf.cipher == WLAN_CIPHER_SUITE_AES_CMAC) 408 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm); 409 kfree(key); 410 } 411 412 static void __ieee80211_key_destroy(struct ieee80211_key *key, 413 bool delay_tailroom) 414 { 415 if (key->local) 416 ieee80211_key_disable_hw_accel(key); 417 418 if (key->local) { 419 struct ieee80211_sub_if_data *sdata = key->sdata; 420 421 ieee80211_debugfs_key_remove(key); 422 423 if (delay_tailroom) { 424 /* see ieee80211_delayed_tailroom_dec */ 425 sdata->crypto_tx_tailroom_pending_dec++; 426 schedule_delayed_work(&sdata->dec_tailroom_needed_wk, 427 HZ/2); 428 } else { 429 sdata->crypto_tx_tailroom_needed_cnt--; 430 } 431 } 432 433 ieee80211_key_free_common(key); 434 } 435 436 static void ieee80211_key_destroy(struct ieee80211_key *key, 437 bool delay_tailroom) 438 { 439 if (!key) 440 return; 441 442 /* 443 * Synchronize so the TX path can no longer be using 444 * this key before we free/remove it. 445 */ 446 synchronize_net(); 447 448 __ieee80211_key_destroy(key, delay_tailroom); 449 } 450 451 void ieee80211_key_free_unused(struct ieee80211_key *key) 452 { 453 WARN_ON(key->sdata || key->local); 454 ieee80211_key_free_common(key); 455 } 456 457 int ieee80211_key_link(struct ieee80211_key *key, 458 struct ieee80211_sub_if_data *sdata, 459 struct sta_info *sta) 460 { 461 struct ieee80211_local *local = sdata->local; 462 struct ieee80211_key *old_key; 463 int idx, ret; 464 bool pairwise; 465 466 BUG_ON(!sdata); 467 BUG_ON(!key); 468 469 pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE; 470 idx = key->conf.keyidx; 471 key->local = sdata->local; 472 key->sdata = sdata; 473 key->sta = sta; 474 475 mutex_lock(&sdata->local->key_mtx); 476 477 if (sta && pairwise) 478 old_key = key_mtx_dereference(sdata->local, sta->ptk); 479 else if (sta) 480 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]); 481 else 482 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 483 484 increment_tailroom_need_count(sdata); 485 486 ieee80211_key_replace(sdata, sta, pairwise, old_key, key); 487 ieee80211_key_destroy(old_key, true); 488 489 ieee80211_debugfs_key_add(key); 490 491 if (!local->wowlan) { 492 ret = ieee80211_key_enable_hw_accel(key); 493 if (ret) 494 ieee80211_key_free(key, true); 495 } else { 496 ret = 0; 497 } 498 499 mutex_unlock(&sdata->local->key_mtx); 500 501 return ret; 502 } 503 504 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom) 505 { 506 if (!key) 507 return; 508 509 /* 510 * Replace key with nothingness if it was ever used. 511 */ 512 if (key->sdata) 513 ieee80211_key_replace(key->sdata, key->sta, 514 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 515 key, NULL); 516 ieee80211_key_destroy(key, delay_tailroom); 517 } 518 519 void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata) 520 { 521 struct ieee80211_key *key; 522 523 ASSERT_RTNL(); 524 525 if (WARN_ON(!ieee80211_sdata_running(sdata))) 526 return; 527 528 mutex_lock(&sdata->local->key_mtx); 529 530 sdata->crypto_tx_tailroom_needed_cnt = 0; 531 532 list_for_each_entry(key, &sdata->key_list, list) { 533 increment_tailroom_need_count(sdata); 534 ieee80211_key_enable_hw_accel(key); 535 } 536 537 mutex_unlock(&sdata->local->key_mtx); 538 } 539 540 void ieee80211_iter_keys(struct ieee80211_hw *hw, 541 struct ieee80211_vif *vif, 542 void (*iter)(struct ieee80211_hw *hw, 543 struct ieee80211_vif *vif, 544 struct ieee80211_sta *sta, 545 struct ieee80211_key_conf *key, 546 void *data), 547 void *iter_data) 548 { 549 struct ieee80211_local *local = hw_to_local(hw); 550 struct ieee80211_key *key, *tmp; 551 struct ieee80211_sub_if_data *sdata; 552 553 ASSERT_RTNL(); 554 555 mutex_lock(&local->key_mtx); 556 if (vif) { 557 sdata = vif_to_sdata(vif); 558 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) 559 iter(hw, &sdata->vif, 560 key->sta ? &key->sta->sta : NULL, 561 &key->conf, iter_data); 562 } else { 563 list_for_each_entry(sdata, &local->interfaces, list) 564 list_for_each_entry_safe(key, tmp, 565 &sdata->key_list, list) 566 iter(hw, &sdata->vif, 567 key->sta ? &key->sta->sta : NULL, 568 &key->conf, iter_data); 569 } 570 mutex_unlock(&local->key_mtx); 571 } 572 EXPORT_SYMBOL(ieee80211_iter_keys); 573 574 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata) 575 { 576 struct ieee80211_key *key, *tmp; 577 LIST_HEAD(keys); 578 579 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk); 580 581 mutex_lock(&sdata->local->key_mtx); 582 583 sdata->crypto_tx_tailroom_needed_cnt -= 584 sdata->crypto_tx_tailroom_pending_dec; 585 sdata->crypto_tx_tailroom_pending_dec = 0; 586 587 ieee80211_debugfs_key_remove_mgmt_default(sdata); 588 589 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) { 590 ieee80211_key_replace(key->sdata, key->sta, 591 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 592 key, NULL); 593 list_add_tail(&key->list, &keys); 594 } 595 596 ieee80211_debugfs_key_update_default(sdata); 597 598 if (!list_empty(&keys)) { 599 synchronize_net(); 600 list_for_each_entry_safe(key, tmp, &keys, list) 601 __ieee80211_key_destroy(key, false); 602 } 603 604 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt || 605 sdata->crypto_tx_tailroom_pending_dec); 606 607 mutex_unlock(&sdata->local->key_mtx); 608 } 609 610 void ieee80211_free_sta_keys(struct ieee80211_local *local, 611 struct sta_info *sta) 612 { 613 struct ieee80211_key *key, *tmp; 614 LIST_HEAD(keys); 615 int i; 616 617 mutex_lock(&local->key_mtx); 618 for (i = 0; i < NUM_DEFAULT_KEYS; i++) { 619 key = key_mtx_dereference(local, sta->gtk[i]); 620 if (!key) 621 continue; 622 ieee80211_key_replace(key->sdata, key->sta, 623 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 624 key, NULL); 625 list_add(&key->list, &keys); 626 } 627 628 key = key_mtx_dereference(local, sta->ptk); 629 if (key) { 630 ieee80211_key_replace(key->sdata, key->sta, 631 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 632 key, NULL); 633 list_add(&key->list, &keys); 634 } 635 636 /* 637 * NB: the station code relies on this being 638 * done even if there aren't any keys 639 */ 640 synchronize_net(); 641 642 list_for_each_entry_safe(key, tmp, &keys, list) 643 __ieee80211_key_destroy(key, true); 644 645 mutex_unlock(&local->key_mtx); 646 } 647 648 void ieee80211_delayed_tailroom_dec(struct work_struct *wk) 649 { 650 struct ieee80211_sub_if_data *sdata; 651 652 sdata = container_of(wk, struct ieee80211_sub_if_data, 653 dec_tailroom_needed_wk.work); 654 655 /* 656 * The reason for the delayed tailroom needed decrementing is to 657 * make roaming faster: during roaming, all keys are first deleted 658 * and then new keys are installed. The first new key causes the 659 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes 660 * the cost of synchronize_net() (which can be slow). Avoid this 661 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on 662 * key removal for a while, so if we roam the value is larger than 663 * zero and no 0->1 transition happens. 664 * 665 * The cost is that if the AP switching was from an AP with keys 666 * to one without, we still allocate tailroom while it would no 667 * longer be needed. However, in the typical (fast) roaming case 668 * within an ESS this usually won't happen. 669 */ 670 671 mutex_lock(&sdata->local->key_mtx); 672 sdata->crypto_tx_tailroom_needed_cnt -= 673 sdata->crypto_tx_tailroom_pending_dec; 674 sdata->crypto_tx_tailroom_pending_dec = 0; 675 mutex_unlock(&sdata->local->key_mtx); 676 } 677 678 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid, 679 const u8 *replay_ctr, gfp_t gfp) 680 { 681 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 682 683 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr); 684 685 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp); 686 } 687 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify); 688 689 void ieee80211_get_key_tx_seq(struct ieee80211_key_conf *keyconf, 690 struct ieee80211_key_seq *seq) 691 { 692 struct ieee80211_key *key; 693 u64 pn64; 694 695 if (WARN_ON(!(keyconf->flags & IEEE80211_KEY_FLAG_GENERATE_IV))) 696 return; 697 698 key = container_of(keyconf, struct ieee80211_key, conf); 699 700 switch (key->conf.cipher) { 701 case WLAN_CIPHER_SUITE_TKIP: 702 seq->tkip.iv32 = key->u.tkip.tx.iv32; 703 seq->tkip.iv16 = key->u.tkip.tx.iv16; 704 break; 705 case WLAN_CIPHER_SUITE_CCMP: 706 pn64 = atomic64_read(&key->u.ccmp.tx_pn); 707 seq->ccmp.pn[5] = pn64; 708 seq->ccmp.pn[4] = pn64 >> 8; 709 seq->ccmp.pn[3] = pn64 >> 16; 710 seq->ccmp.pn[2] = pn64 >> 24; 711 seq->ccmp.pn[1] = pn64 >> 32; 712 seq->ccmp.pn[0] = pn64 >> 40; 713 break; 714 case WLAN_CIPHER_SUITE_AES_CMAC: 715 pn64 = atomic64_read(&key->u.aes_cmac.tx_pn); 716 seq->ccmp.pn[5] = pn64; 717 seq->ccmp.pn[4] = pn64 >> 8; 718 seq->ccmp.pn[3] = pn64 >> 16; 719 seq->ccmp.pn[2] = pn64 >> 24; 720 seq->ccmp.pn[1] = pn64 >> 32; 721 seq->ccmp.pn[0] = pn64 >> 40; 722 break; 723 default: 724 WARN_ON(1); 725 } 726 } 727 EXPORT_SYMBOL(ieee80211_get_key_tx_seq); 728 729 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf, 730 int tid, struct ieee80211_key_seq *seq) 731 { 732 struct ieee80211_key *key; 733 const u8 *pn; 734 735 key = container_of(keyconf, struct ieee80211_key, conf); 736 737 switch (key->conf.cipher) { 738 case WLAN_CIPHER_SUITE_TKIP: 739 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 740 return; 741 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32; 742 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16; 743 break; 744 case WLAN_CIPHER_SUITE_CCMP: 745 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 746 return; 747 if (tid < 0) 748 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 749 else 750 pn = key->u.ccmp.rx_pn[tid]; 751 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN); 752 break; 753 case WLAN_CIPHER_SUITE_AES_CMAC: 754 if (WARN_ON(tid != 0)) 755 return; 756 pn = key->u.aes_cmac.rx_pn; 757 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN); 758 break; 759 } 760 } 761 EXPORT_SYMBOL(ieee80211_get_key_rx_seq); 762 763 void ieee80211_set_key_tx_seq(struct ieee80211_key_conf *keyconf, 764 struct ieee80211_key_seq *seq) 765 { 766 struct ieee80211_key *key; 767 u64 pn64; 768 769 key = container_of(keyconf, struct ieee80211_key, conf); 770 771 switch (key->conf.cipher) { 772 case WLAN_CIPHER_SUITE_TKIP: 773 key->u.tkip.tx.iv32 = seq->tkip.iv32; 774 key->u.tkip.tx.iv16 = seq->tkip.iv16; 775 break; 776 case WLAN_CIPHER_SUITE_CCMP: 777 pn64 = (u64)seq->ccmp.pn[5] | 778 ((u64)seq->ccmp.pn[4] << 8) | 779 ((u64)seq->ccmp.pn[3] << 16) | 780 ((u64)seq->ccmp.pn[2] << 24) | 781 ((u64)seq->ccmp.pn[1] << 32) | 782 ((u64)seq->ccmp.pn[0] << 40); 783 atomic64_set(&key->u.ccmp.tx_pn, pn64); 784 break; 785 case WLAN_CIPHER_SUITE_AES_CMAC: 786 pn64 = (u64)seq->aes_cmac.pn[5] | 787 ((u64)seq->aes_cmac.pn[4] << 8) | 788 ((u64)seq->aes_cmac.pn[3] << 16) | 789 ((u64)seq->aes_cmac.pn[2] << 24) | 790 ((u64)seq->aes_cmac.pn[1] << 32) | 791 ((u64)seq->aes_cmac.pn[0] << 40); 792 atomic64_set(&key->u.aes_cmac.tx_pn, pn64); 793 break; 794 default: 795 WARN_ON(1); 796 break; 797 } 798 } 799 EXPORT_SYMBOL_GPL(ieee80211_set_key_tx_seq); 800 801 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf, 802 int tid, struct ieee80211_key_seq *seq) 803 { 804 struct ieee80211_key *key; 805 u8 *pn; 806 807 key = container_of(keyconf, struct ieee80211_key, conf); 808 809 switch (key->conf.cipher) { 810 case WLAN_CIPHER_SUITE_TKIP: 811 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 812 return; 813 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32; 814 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16; 815 break; 816 case WLAN_CIPHER_SUITE_CCMP: 817 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 818 return; 819 if (tid < 0) 820 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 821 else 822 pn = key->u.ccmp.rx_pn[tid]; 823 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN); 824 break; 825 case WLAN_CIPHER_SUITE_AES_CMAC: 826 if (WARN_ON(tid != 0)) 827 return; 828 pn = key->u.aes_cmac.rx_pn; 829 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN); 830 break; 831 default: 832 WARN_ON(1); 833 break; 834 } 835 } 836 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq); 837 838 void ieee80211_remove_key(struct ieee80211_key_conf *keyconf) 839 { 840 struct ieee80211_key *key; 841 842 key = container_of(keyconf, struct ieee80211_key, conf); 843 844 assert_key_lock(key->local); 845 846 /* 847 * if key was uploaded, we assume the driver will/has remove(d) 848 * it, so adjust bookkeeping accordingly 849 */ 850 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 851 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 852 853 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 854 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) || 855 (key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE))) 856 increment_tailroom_need_count(key->sdata); 857 } 858 859 ieee80211_key_free(key, false); 860 } 861 EXPORT_SYMBOL_GPL(ieee80211_remove_key); 862 863 struct ieee80211_key_conf * 864 ieee80211_gtk_rekey_add(struct ieee80211_vif *vif, 865 struct ieee80211_key_conf *keyconf) 866 { 867 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 868 struct ieee80211_local *local = sdata->local; 869 struct ieee80211_key *key; 870 int err; 871 872 if (WARN_ON(!local->wowlan)) 873 return ERR_PTR(-EINVAL); 874 875 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION)) 876 return ERR_PTR(-EINVAL); 877 878 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx, 879 keyconf->keylen, keyconf->key, 880 0, NULL); 881 if (IS_ERR(key)) 882 return ERR_PTR(PTR_ERR(key)); 883 884 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED) 885 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT; 886 887 err = ieee80211_key_link(key, sdata, NULL); 888 if (err) 889 return ERR_PTR(err); 890 891 return &key->conf; 892 } 893 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add); 894