288 ieee802_1x_kay_get_participant(struct ieee802_1x_kay *kay, const u8 *ckn,  in ieee802_1x_kay_get_participant()  argument
293 	dl_list_for_each(participant, &kay->participant_list,  in ieee802_1x_kay_get_participant()
311 ieee802_1x_kay_get_principal_participant(struct ieee802_1x_kay *kay)  in ieee802_1x_kay_get_principal_participant()  argument
315 	dl_list_for_each(participant, &kay->participant_list,  in ieee802_1x_kay_get_principal_participant()
555 static void ieee802_1x_delete_receive_sa(struct ieee802_1x_kay *kay,  in ieee802_1x_delete_receive_sa()  argument
558 	secy_disable_receive_sa(kay, sa);  in ieee802_1x_delete_receive_sa()
559 	secy_delete_receive_sa(kay, sa);  in ieee802_1x_delete_receive_sa()
576 		ieee802_1x_delete_receive_sa(participant->kay, psa);  in ieee802_1x_kay_deinit_receive_sc()
579 	secy_delete_receive_sc(participant->kay, psc);  in ieee802_1x_kay_deinit_receive_sc()
635 	if (secy_create_receive_sc(participant->kay, rxsc)) {  in ieee802_1x_kay_create_live_peer()
699 	if (secy_create_receive_sc(participant->kay, rxsc)) {  in ieee802_1x_kay_move_live_peer()
748 	struct ieee802_1x_kay *kay = participant->kay;  in ieee802_1x_mka_encode_basic_body()  local
754 	body->version = kay->mka_version;  in ieee802_1x_mka_encode_basic_body()
755 	body->priority = kay->actor_priority;  in ieee802_1x_mka_encode_basic_body()
763 	body->macsec_desired = kay->macsec_desired;  in ieee802_1x_mka_encode_basic_body()
764 	body->macsec_capability = kay->macsec_capable;  in ieee802_1x_mka_encode_basic_body()
767 	os_memcpy(body->actor_sci.addr, kay->actor_sci.addr,  in ieee802_1x_mka_encode_basic_body()
768 		  sizeof(kay->actor_sci.addr));  in ieee802_1x_mka_encode_basic_body()
769 	body->actor_sci.port = kay->actor_sci.port;  in ieee802_1x_mka_encode_basic_body()
774 	os_memcpy(body->algo_agility, kay->algo_agility,  in ieee802_1x_mka_encode_basic_body()
800 ieee802_1x_mka_decode_basic_body(struct ieee802_1x_kay *kay, const u8 *mka_msg,  in ieee802_1x_mka_decode_basic_body()  argument
816 	if (kay->is_obliged_key_server && body->key_server) {  in ieee802_1x_mka_decode_basic_body()
829 	participant = ieee802_1x_kay_get_participant(kay, body->ckn, ckn_len);  in ieee802_1x_mka_decode_basic_body()
1237 	if (participant->kay->macsec_desired && participant->advised_desired)  in ieee802_1x_mka_get_sak_use_length()
1275 			secy_get_transmit_next_pn(principal->kay, txsa);  in ieee802_1x_mka_get_lpn()
1296 	struct ieee802_1x_kay *kay = participant->kay;  in ieee802_1x_mka_encode_sak_use_body()  local
1317 	body->delay_protect = kay->mka_hello_time <= MKA_BOUNDED_HELLO_TIME;  in ieee802_1x_mka_encode_sak_use_body()
1329 			if (llpn > kay->pn_exhaustion) {  in ieee802_1x_mka_encode_sak_use_body()
1335 			if (olpn > kay->pn_exhaustion) {  in ieee802_1x_mka_encode_sak_use_body()
1344 	body->ptx = !kay->macsec_protect;  in ieee802_1x_mka_encode_sak_use_body()
1345 	body->prx = kay->macsec_validate != Strict;  in ieee802_1x_mka_encode_sak_use_body()
1370 		kay->tx_enable = true;  in ieee802_1x_mka_encode_sak_use_body()
1371 		kay->port_enable = true;  in ieee802_1x_mka_encode_sak_use_body()
1374 		kay->rx_enable = true;  in ieee802_1x_mka_encode_sak_use_body()
1396 	struct ieee802_1x_kay *kay = participant->kay;  in ieee802_1x_mka_decode_sak_use_body()  local
1510 			ieee802_1x_cp_set_allreceiving(kay->cp, true);  in ieee802_1x_mka_decode_sak_use_body()
1511 			ieee802_1x_cp_sm_step(kay->cp);  in ieee802_1x_mka_decode_sak_use_body()
1515 			ieee802_1x_cp_set_servertransmitting(kay->cp, true);  in ieee802_1x_mka_decode_sak_use_body()
1516 			ieee802_1x_cp_sm_step(kay->cp);  in ieee802_1x_mka_decode_sak_use_body()
1526 	if (participant->is_key_server && lpn > kay->pn_exhaustion) {  in ieee802_1x_mka_decode_sak_use_body()
1554 			secy_get_receive_lowest_pn(participant->kay, rxsa);  in ieee802_1x_mka_decode_sak_use_body()
1557 				secy_set_receive_lowest_pn(participant->kay,  in ieee802_1x_mka_decode_sak_use_body()
1598 	unsigned int cs_index = participant->kay->macsec_csindex;  in ieee802_1x_mka_get_dist_sak_length()
1645 	cs_index = participant->kay->macsec_csindex;  in ieee802_1x_mka_encode_dist_sak_body()
1700 	struct ieee802_1x_kay *kay = participant->kay;  in ieee802_1x_mka_decode_dist_sak_body()  local
1721 	if (!kay->macsec_desired ||  in ieee802_1x_mka_decode_dist_sak_body()
1722 	    kay->macsec_capable == MACSEC_CAP_NOT_IMPLEMENTED) {  in ieee802_1x_mka_decode_dist_sak_body()
1735 	if (!sci_equal(&kay->key_server_sci, &peer->sci)) {  in ieee802_1x_mka_decode_dist_sak_body()
1741 		kay->authenticated = true;  in ieee802_1x_mka_decode_dist_sak_body()
1742 		kay->secured = false;  in ieee802_1x_mka_decode_dist_sak_body()
1743 		kay->failed = false;  in ieee802_1x_mka_decode_dist_sak_body()
1745 		ieee802_1x_cp_connect_authenticated(kay->cp);  in ieee802_1x_mka_decode_dist_sak_body()
1746 		ieee802_1x_cp_sm_step(kay->cp);  in ieee802_1x_mka_decode_dist_sak_body()
1753 	kay->authenticated = false;  in ieee802_1x_mka_decode_dist_sak_body()
1754 	kay->secured = true;  in ieee802_1x_mka_decode_dist_sak_body()
1755 	kay->failed = false;  in ieee802_1x_mka_decode_dist_sak_body()
1756 	ieee802_1x_cp_connect_secure(kay->cp);  in ieee802_1x_mka_decode_dist_sak_body()
1757 	ieee802_1x_cp_sm_step(kay->cp);  in ieee802_1x_mka_decode_dist_sak_body()
1775 		kay->macsec_csindex = DEFAULT_CS_INDEX;  in ieee802_1x_mka_decode_dist_sak_body()
1776 		cs = &cipher_suite_tbl[kay->macsec_csindex];  in ieee802_1x_mka_decode_dist_sak_body()
1789 		kay->macsec_csindex = idx;  in ieee802_1x_mka_decode_dist_sak_body()
1826 	ieee802_1x_cp_set_ciphersuite(kay->cp, cs->id);  in ieee802_1x_mka_decode_dist_sak_body()
1827 	ieee802_1x_cp_sm_step(kay->cp);  in ieee802_1x_mka_decode_dist_sak_body()
1828 	ieee802_1x_cp_set_offset(kay->cp, body->confid_offset);  in ieee802_1x_mka_decode_dist_sak_body()
1829 	ieee802_1x_cp_sm_step(kay->cp);  in ieee802_1x_mka_decode_dist_sak_body()
1830 	ieee802_1x_cp_set_distributedki(kay->cp, &sa_key->key_identifier);  in ieee802_1x_mka_decode_dist_sak_body()
1831 	ieee802_1x_cp_set_distributedan(kay->cp, body->dan);  in ieee802_1x_mka_decode_dist_sak_body()
1832 	ieee802_1x_cp_signal_newsak(kay->cp);  in ieee802_1x_mka_decode_dist_sak_body()
1833 	ieee802_1x_cp_sm_step(kay->cp);  in ieee802_1x_mka_decode_dist_sak_body()
1835 	kay->rcvd_keys++;  in ieee802_1x_mka_decode_dist_sak_body()
1873 	if (mka_alg_tbl[participant->kay->mka_algindex].icv_len !=  in ieee802_1x_mka_get_icv_length()
1878 	length += mka_alg_tbl[participant->kay->mka_algindex].icv_len;  in ieee802_1x_mka_get_icv_length()
1896 	if (mka_alg_tbl[participant->kay->mka_algindex].icv_len !=  in ieee802_1x_mka_encode_icv_body()
1905 	if (mka_alg_tbl[participant->kay->mka_algindex].icv_hash(  in ieee802_1x_mka_encode_icv_body()
1950 		    < mka_alg_tbl[participant->kay->mka_algindex].icv_len)  in ieee802_1x_mka_decode_icv_body()
2139 	struct ieee802_1x_kay *kay = participant->kay;  in ieee802_1x_kay_generate_new_sak()  local
2165 	if ((time(NULL) - kay->dist_time) < MKA_LIFE_TIME / 1000) {  in ieee802_1x_kay_generate_new_sak()
2171 	cs = &cipher_suite_tbl[kay->macsec_csindex];  in ieee802_1x_kay_generate_new_sak()
2179 	ctx_len = key_len + sizeof(kay->dist_kn);  in ieee802_1x_kay_generate_new_sak()
2202 	os_memcpy(context + ctx_offset, &kay->dist_kn, sizeof(kay->dist_kn));  in ieee802_1x_kay_generate_new_sak()
2230 	sa_key->key_identifier.kn = kay->dist_kn;  in ieee802_1x_kay_generate_new_sak()
2232 	sa_key->confidentiality_offset = kay->macsec_confidentiality;  in ieee802_1x_kay_generate_new_sak()
2233 	sa_key->an = kay->dist_an;  in ieee802_1x_kay_generate_new_sak()
2241 	ieee802_1x_cp_set_ciphersuite(kay->cp, cs->id);  in ieee802_1x_kay_generate_new_sak()
2242 	ieee802_1x_cp_sm_step(kay->cp);  in ieee802_1x_kay_generate_new_sak()
2243 	ieee802_1x_cp_set_offset(kay->cp, kay->macsec_confidentiality);  in ieee802_1x_kay_generate_new_sak()
2244 	ieee802_1x_cp_sm_step(kay->cp);  in ieee802_1x_kay_generate_new_sak()
2245 	ieee802_1x_cp_set_distributedki(kay->cp, &sa_key->key_identifier);  in ieee802_1x_kay_generate_new_sak()
2246 	ieee802_1x_cp_set_distributedan(kay->cp, sa_key->an);  in ieee802_1x_kay_generate_new_sak()
2247 	ieee802_1x_cp_signal_newsak(kay->cp);  in ieee802_1x_kay_generate_new_sak()
2248 	ieee802_1x_cp_sm_step(kay->cp);  in ieee802_1x_kay_generate_new_sak()
2254 	kay->dist_kn++;  in ieee802_1x_kay_generate_new_sak()
2255 	kay->dist_an++;  in ieee802_1x_kay_generate_new_sak()
2256 	if (kay->dist_an > 3)  in ieee802_1x_kay_generate_new_sak()
2257 		kay->dist_an = 0;  in ieee802_1x_kay_generate_new_sak()
2259 	kay->dist_time = time(NULL);  in ieee802_1x_kay_generate_new_sak()
2291 	struct ieee802_1x_kay *kay = participant->kay;  in ieee802_1x_kay_elect_key_server()  local
2298 		ieee802_1x_cp_set_electedself(kay->cp, true);  in ieee802_1x_kay_elect_key_server()
2322 		tmp.key_server_priority = kay->actor_priority;  in ieee802_1x_kay_elect_key_server()
2323 		os_memcpy(&tmp.sci, &kay->actor_sci, sizeof(tmp.sci));  in ieee802_1x_kay_elect_key_server()
2337 		ieee802_1x_cp_set_electedself(kay->cp, true);  in ieee802_1x_kay_elect_key_server()
2338 		if (!sci_equal(&kay->key_server_sci, &kay->actor_sci)) {  in ieee802_1x_kay_elect_key_server()
2339 			ieee802_1x_cp_signal_chgdserver(kay->cp);  in ieee802_1x_kay_elect_key_server()
2340 			ieee802_1x_cp_sm_step(kay->cp);  in ieee802_1x_kay_elect_key_server()
2350 		os_memcpy(&kay->key_server_sci, &kay->actor_sci,  in ieee802_1x_kay_elect_key_server()
2351 			  sizeof(kay->key_server_sci));  in ieee802_1x_kay_elect_key_server()
2352 		kay->key_server_priority = kay->actor_priority;  in ieee802_1x_kay_elect_key_server()
2357 		ieee802_1x_cp_set_electedself(kay->cp, false);  in ieee802_1x_kay_elect_key_server()
2358 		if (!sci_equal(&kay->key_server_sci, &key_server->sci)) {  in ieee802_1x_kay_elect_key_server()
2359 			ieee802_1x_cp_signal_chgdserver(kay->cp);  in ieee802_1x_kay_elect_key_server()
2360 			ieee802_1x_cp_sm_step(kay->cp);  in ieee802_1x_kay_elect_key_server()
2367 		os_memcpy(&kay->key_server_sci, &key_server->sci,  in ieee802_1x_kay_elect_key_server()
2368 			  sizeof(kay->key_server_sci));  in ieee802_1x_kay_elect_key_server()
2369 		kay->key_server_priority = key_server->key_server_priority;  in ieee802_1x_kay_elect_key_server()
2390 	struct ieee802_1x_kay *kay = participant->kay;  in ieee802_1x_kay_decide_macsec_use()  local
2399 	if (!kay->macsec_desired) {  in ieee802_1x_kay_decide_macsec_use()
2403 	if (kay->macsec_capable == MACSEC_CAP_NOT_IMPLEMENTED) {  in ieee802_1x_kay_decide_macsec_use()
2407 	less_capability = kay->macsec_capable;  in ieee802_1x_kay_decide_macsec_use()
2427 		kay->authenticated = false;  in ieee802_1x_kay_decide_macsec_use()
2428 		kay->secured = true;  in ieee802_1x_kay_decide_macsec_use()
2429 		kay->failed = false;  in ieee802_1x_kay_decide_macsec_use()
2430 		ieee802_1x_cp_connect_secure(kay->cp);  in ieee802_1x_kay_decide_macsec_use()
2431 		ieee802_1x_cp_sm_step(kay->cp);  in ieee802_1x_kay_decide_macsec_use()
2436 		kay->authenticated = true;  in ieee802_1x_kay_decide_macsec_use()
2437 		kay->secured = false;  in ieee802_1x_kay_decide_macsec_use()
2438 		kay->failed = false;  in ieee802_1x_kay_decide_macsec_use()
2439 		kay->ltx_kn = 0;  in ieee802_1x_kay_decide_macsec_use()
2440 		kay->ltx_an = 0;  in ieee802_1x_kay_decide_macsec_use()
2441 		kay->lrx_kn = 0;  in ieee802_1x_kay_decide_macsec_use()
2442 		kay->lrx_an = 0;  in ieee802_1x_kay_decide_macsec_use()
2443 		kay->otx_kn = 0;  in ieee802_1x_kay_decide_macsec_use()
2444 		kay->otx_an = 0;  in ieee802_1x_kay_decide_macsec_use()
2445 		kay->orx_kn = 0;  in ieee802_1x_kay_decide_macsec_use()
2446 		kay->orx_an = 0;  in ieee802_1x_kay_decide_macsec_use()
2447 		ieee802_1x_cp_connect_authenticated(kay->cp);  in ieee802_1x_kay_decide_macsec_use()
2448 		ieee802_1x_cp_sm_step(kay->cp);  in ieee802_1x_kay_decide_macsec_use()
2472 	os_memcpy(ether_hdr->src, participant->kay->actor_sci.addr,  in ieee802_1x_kay_encode_mkpdu()
2509 	struct ieee802_1x_kay *kay = participant->kay;  in ieee802_1x_participant_send_mkpdu()  local
2514 		   kay->if_name);  in ieee802_1x_participant_send_mkpdu()
2534 	l2_packet_send(kay->l2_mka, NULL, 0, wpabuf_head(buf), wpabuf_len(buf));  in ieee802_1x_participant_send_mkpdu()
2537 	kay->active = true;  in ieee802_1x_participant_send_mkpdu()
2546 static void ieee802_1x_delete_transmit_sa(struct ieee802_1x_kay *kay,  in ieee802_1x_delete_transmit_sa()  argument
2549 	secy_disable_transmit_sa(kay, sa);  in ieee802_1x_delete_transmit_sa()
2550 	secy_delete_transmit_sa(kay, sa);  in ieee802_1x_delete_transmit_sa()
2561 	struct ieee802_1x_kay *kay;  in ieee802_1x_participant_timer()  local
2570 	kay = participant->kay;  in ieee802_1x_participant_timer()
2572 		   kay->if_name);  in ieee802_1x_participant_timer()
2642 			kay->authenticated = false;  in ieee802_1x_participant_timer()
2643 			kay->secured = false;  in ieee802_1x_participant_timer()
2644 			kay->failed = false;  in ieee802_1x_participant_timer()
2645 			kay->ltx_kn = 0;  in ieee802_1x_participant_timer()
2646 			kay->ltx_an = 0;  in ieee802_1x_participant_timer()
2647 			kay->lrx_kn = 0;  in ieee802_1x_participant_timer()
2648 			kay->lrx_an = 0;  in ieee802_1x_participant_timer()
2649 			kay->otx_kn = 0;  in ieee802_1x_participant_timer()
2650 			kay->otx_an = 0;  in ieee802_1x_participant_timer()
2651 			kay->orx_kn = 0;  in ieee802_1x_participant_timer()
2652 			kay->orx_an = 0;  in ieee802_1x_participant_timer()
2656 				ieee802_1x_delete_transmit_sa(kay, txsa);  in ieee802_1x_participant_timer()
2659 			ieee802_1x_cp_connect_pending(kay->cp);  in ieee802_1x_participant_timer()
2660 			ieee802_1x_cp_sm_step(kay->cp);  in ieee802_1x_participant_timer()
2690 	eloop_register_timeout(kay->mka_hello_time / 1000, 0,  in ieee802_1x_participant_timer()
2697 	kay->authenticated = false;  in ieee802_1x_participant_timer()
2698 	kay->secured = false;  in ieee802_1x_participant_timer()
2699 	kay->failed = true;  in ieee802_1x_participant_timer()
2700 	ieee802_1x_kay_delete_mka(kay, &participant->ckn);  in ieee802_1x_participant_timer()
2800 		ieee802_1x_delete_transmit_sa(participant->kay, psa);  in ieee802_1x_kay_deinit_transmit_sc()
2802 	secy_delete_transmit_sc(participant->kay, psc);  in ieee802_1x_kay_deinit_transmit_sc()
2811 int ieee802_1x_kay_set_latest_sa_attr(struct ieee802_1x_kay *kay,  in ieee802_1x_kay_set_latest_sa_attr()  argument
2817 	principal = ieee802_1x_kay_get_principal_participant(kay);  in ieee802_1x_kay_set_latest_sa_attr()
2830 		kay->ltx_kn = 0;  in ieee802_1x_kay_set_latest_sa_attr()
2831 		kay->lrx_kn = 0;  in ieee802_1x_kay_set_latest_sa_attr()
2833 		kay->ltx_kn = lki->kn;  in ieee802_1x_kay_set_latest_sa_attr()
2834 		kay->lrx_kn = lki->kn;  in ieee802_1x_kay_set_latest_sa_attr()
2836 	kay->ltx_an = lan;  in ieee802_1x_kay_set_latest_sa_attr()
2837 	kay->lrx_an = lan;  in ieee802_1x_kay_set_latest_sa_attr()
2846 int ieee802_1x_kay_set_old_sa_attr(struct ieee802_1x_kay *kay,  in ieee802_1x_kay_set_old_sa_attr()  argument
2852 	principal = ieee802_1x_kay_get_principal_participant(kay);  in ieee802_1x_kay_set_old_sa_attr()
2866 		kay->otx_kn = 0;  in ieee802_1x_kay_set_old_sa_attr()
2867 		kay->orx_kn = 0;  in ieee802_1x_kay_set_old_sa_attr()
2869 		kay->otx_kn = oki->kn;  in ieee802_1x_kay_set_old_sa_attr()
2870 		kay->orx_kn = oki->kn;  in ieee802_1x_kay_set_old_sa_attr()
2872 	kay->otx_an = oan;  in ieee802_1x_kay_set_old_sa_attr()
2873 	kay->orx_an = oan;  in ieee802_1x_kay_set_old_sa_attr()
2908 int ieee802_1x_kay_create_sas(struct ieee802_1x_kay *kay,  in ieee802_1x_kay_create_sas()  argument
2917 	principal = ieee802_1x_kay_get_principal_participant(kay);  in ieee802_1x_kay_create_sas()
2940 			ieee802_1x_delete_receive_sa(kay, rxsa);  in ieee802_1x_kay_create_sas()
2947 		secy_create_receive_sa(kay, rxsa);  in ieee802_1x_kay_create_sas()
2952 		ieee802_1x_delete_transmit_sa(kay, txsa);  in ieee802_1x_kay_create_sas()
2961 	secy_create_transmit_sa(kay, txsa);  in ieee802_1x_kay_create_sas()
2972 int ieee802_1x_kay_delete_sas(struct ieee802_1x_kay *kay,  in ieee802_1x_kay_delete_sas()  argument
2982 	principal = ieee802_1x_kay_get_principal_participant(kay);  in ieee802_1x_kay_delete_sas()
2990 			ieee802_1x_delete_transmit_sa(kay, txsa);  in ieee802_1x_kay_delete_sas()
2998 				ieee802_1x_delete_receive_sa(kay, rxsa);  in ieee802_1x_kay_delete_sas()
3021 int ieee802_1x_kay_enable_tx_sas(struct ieee802_1x_kay *kay,  in ieee802_1x_kay_enable_tx_sas()  argument
3027 	principal = ieee802_1x_kay_get_principal_participant(kay);  in ieee802_1x_kay_enable_tx_sas()
3035 			secy_enable_transmit_sa(kay, txsa);  in ieee802_1x_kay_enable_tx_sas()
3037 				principal->kay->cp, true);  in ieee802_1x_kay_enable_tx_sas()
3038 			ieee802_1x_cp_sm_step(principal->kay->cp);  in ieee802_1x_kay_enable_tx_sas()
3049 int ieee802_1x_kay_enable_rx_sas(struct ieee802_1x_kay *kay,  in ieee802_1x_kay_enable_rx_sas()  argument
3056 	principal = ieee802_1x_kay_get_principal_participant(kay);  in ieee802_1x_kay_enable_rx_sas()
3065 				secy_enable_receive_sa(kay, rxsa);  in ieee802_1x_kay_enable_rx_sas()
3067 					principal->kay->cp, true);  in ieee802_1x_kay_enable_rx_sas()
3068 				ieee802_1x_cp_sm_step(principal->kay->cp);  in ieee802_1x_kay_enable_rx_sas()
3080 int ieee802_1x_kay_enable_new_info(struct ieee802_1x_kay *kay)  in ieee802_1x_kay_enable_new_info()  argument
3084 	principal = ieee802_1x_kay_get_principal_participant(kay);  in ieee802_1x_kay_enable_new_info()
3102 static int ieee802_1x_kay_mkpdu_validity_check(struct ieee802_1x_kay *kay,  in ieee802_1x_kay_mkpdu_validity_check()  argument
3184 	participant = ieee802_1x_kay_get_participant(kay, body->ckn, ckn_len);  in ieee802_1x_kay_mkpdu_validity_check()
3205 	if (len < mka_alg_tbl[kay->mka_algindex].icv_len ||  in ieee802_1x_kay_mkpdu_validity_check()
3206 	    mka_alg_tbl[kay->mka_algindex].icv_hash(  in ieee802_1x_kay_mkpdu_validity_check()
3208 		    buf, len - mka_alg_tbl[kay->mka_algindex].icv_len, icv)) {  in ieee802_1x_kay_mkpdu_validity_check()
3221 		    msg_icv, mka_alg_tbl[kay->mka_algindex].icv_len);  in ieee802_1x_kay_mkpdu_validity_check()
3223 			    mka_alg_tbl[kay->mka_algindex].icv_len) != 0) {  in ieee802_1x_kay_mkpdu_validity_check()
3227 			    icv, mka_alg_tbl[kay->mka_algindex].icv_len);  in ieee802_1x_kay_mkpdu_validity_check()
3238 static int ieee802_1x_kay_decode_mkpdu(struct ieee802_1x_kay *kay,  in ieee802_1x_kay_decode_mkpdu()  argument
3255 		   kay->if_name);  in ieee802_1x_kay_decode_mkpdu()
3256 	if (ieee802_1x_kay_mkpdu_validity_check(kay, buf, len))  in ieee802_1x_kay_decode_mkpdu()
3263 	participant = ieee802_1x_mka_decode_basic_body(kay, pos, left_len);  in ieee802_1x_kay_decode_mkpdu()
3427 	kay->active = true;  in ieee802_1x_kay_decode_mkpdu()
3439 	struct ieee802_1x_kay *kay = ctx;  in kay_l2_receive()  local
3481 	if (dl_list_empty(&kay->participant_list)) {  in kay_l2_receive()
3487 	ieee802_1x_kay_decode_mkpdu(kay, buf, len);  in kay_l2_receive()
3500 	struct ieee802_1x_kay *kay;  in ieee802_1x_kay_init()  local
3505 	kay = os_zalloc(sizeof(*kay));  in ieee802_1x_kay_init()
3506 	if (!kay) {  in ieee802_1x_kay_init()
3512 	kay->ctx = ctx;  in ieee802_1x_kay_init()
3514 	kay->enable = true;  in ieee802_1x_kay_init()
3515 	kay->active = false;  in ieee802_1x_kay_init()
3517 	kay->authenticated = false;  in ieee802_1x_kay_init()
3518 	kay->secured = false;  in ieee802_1x_kay_init()
3519 	kay->failed = false;  in ieee802_1x_kay_init()
3520 	kay->policy = policy;  in ieee802_1x_kay_init()
3522 	os_strlcpy(kay->if_name, ifname, IFNAMSIZ);  in ieee802_1x_kay_init()
3523 	os_memcpy(kay->actor_sci.addr, addr, ETH_ALEN);  in ieee802_1x_kay_init()
3524 	kay->actor_sci.port = host_to_be16(port ? port : 0x0001);  in ieee802_1x_kay_init()
3526 		   sci_txt(&kay->actor_sci));  in ieee802_1x_kay_init()
3527 	kay->actor_priority = priority;  in ieee802_1x_kay_init()
3530 	kay->dist_kn = 1;  in ieee802_1x_kay_init()
3531 	kay->dist_an = 0;  in ieee802_1x_kay_init()
3532 	kay->dist_time = 0;  in ieee802_1x_kay_init()
3534 	kay->pn_exhaustion = PENDING_PN_EXHAUSTION;  in ieee802_1x_kay_init()
3535 	kay->macsec_csindex = macsec_csindex;  in ieee802_1x_kay_init()
3536 	kay->mka_algindex = DEFAULT_MKA_ALG_INDEX;  in ieee802_1x_kay_init()
3537 	kay->mka_version = MKA_VERSION_ID;  in ieee802_1x_kay_init()
3539 	os_memcpy(kay->algo_agility, mka_algo_agility,  in ieee802_1x_kay_init()
3540 		  sizeof(kay->algo_agility));  in ieee802_1x_kay_init()
3542 	dl_list_init(&kay->participant_list);  in ieee802_1x_kay_init()
3545 	    secy_get_capability(kay, &kay->macsec_capable) < 0)  in ieee802_1x_kay_init()
3549 	    kay->macsec_capable == MACSEC_CAP_NOT_IMPLEMENTED) {  in ieee802_1x_kay_init()
3550 		kay->macsec_capable = MACSEC_CAP_NOT_IMPLEMENTED;  in ieee802_1x_kay_init()
3551 		kay->macsec_desired = false;  in ieee802_1x_kay_init()
3552 		kay->macsec_protect = false;  in ieee802_1x_kay_init()
3553 		kay->macsec_encrypt = false;  in ieee802_1x_kay_init()
3554 		kay->macsec_validate = Disabled;  in ieee802_1x_kay_init()
3555 		kay->macsec_replay_protect = false;  in ieee802_1x_kay_init()
3556 		kay->macsec_replay_window = 0;  in ieee802_1x_kay_init()
3557 		kay->macsec_offload = 0;  in ieee802_1x_kay_init()
3558 		kay->macsec_confidentiality = CONFIDENTIALITY_NONE;  in ieee802_1x_kay_init()
3559 		kay->mka_hello_time = MKA_HELLO_TIME;  in ieee802_1x_kay_init()
3561 		kay->macsec_desired = true;  in ieee802_1x_kay_init()
3562 		kay->macsec_protect = true;  in ieee802_1x_kay_init()
3563 		if (kay->macsec_capable >= MACSEC_CAP_INTEG_AND_CONF &&  in ieee802_1x_kay_init()
3565 			kay->macsec_encrypt = true;  in ieee802_1x_kay_init()
3566 			kay->macsec_confidentiality = CONFIDENTIALITY_OFFSET_0;  in ieee802_1x_kay_init()
3568 			kay->macsec_encrypt = false;  in ieee802_1x_kay_init()
3569 			kay->macsec_confidentiality = CONFIDENTIALITY_NONE;  in ieee802_1x_kay_init()
3571 		kay->macsec_validate = Strict;  in ieee802_1x_kay_init()
3572 		kay->macsec_replay_protect = macsec_replay_protect;  in ieee802_1x_kay_init()
3573 		kay->macsec_replay_window = macsec_replay_window;  in ieee802_1x_kay_init()
3574 		kay->macsec_offload = macsec_offload;  in ieee802_1x_kay_init()
3575 		kay->mka_hello_time = MKA_HELLO_TIME;  in ieee802_1x_kay_init()
3581 	if (secy_init_macsec(kay) < 0) {  in ieee802_1x_kay_init()
3589 	kay->cp = ieee802_1x_cp_sm_init(kay);  in ieee802_1x_kay_init()
3590 	if (kay->cp == NULL)  in ieee802_1x_kay_init()
3594 		ieee802_1x_cp_connect_authenticated(kay->cp);  in ieee802_1x_kay_init()
3595 		ieee802_1x_cp_sm_step(kay->cp);  in ieee802_1x_kay_init()
3597 		kay->l2_mka = l2_packet_init(kay->if_name, NULL, ETH_P_PAE,  in ieee802_1x_kay_init()
3598 					     kay_l2_receive, kay, 1);  in ieee802_1x_kay_init()
3599 		if (kay->l2_mka == NULL) {  in ieee802_1x_kay_init()
3606 	return kay;  in ieee802_1x_kay_init()
3609 	ieee802_1x_kay_deinit(kay);  in ieee802_1x_kay_init()
3618 ieee802_1x_kay_deinit(struct ieee802_1x_kay *kay)  in ieee802_1x_kay_deinit()  argument
3622 	if (!kay)  in ieee802_1x_kay_deinit()
3627 	while (!dl_list_empty(&kay->participant_list)) {  in ieee802_1x_kay_deinit()
3628 		participant = dl_list_entry(kay->participant_list.next,  in ieee802_1x_kay_deinit()
3631 		ieee802_1x_kay_delete_mka(kay, &participant->ckn);  in ieee802_1x_kay_deinit()
3634 	ieee802_1x_cp_sm_deinit(kay->cp);  in ieee802_1x_kay_deinit()
3635 	secy_deinit_macsec(kay);  in ieee802_1x_kay_deinit()
3637 	if (kay->l2_mka) {  in ieee802_1x_kay_deinit()
3638 		l2_packet_deinit(kay->l2_mka);  in ieee802_1x_kay_deinit()
3639 		kay->l2_mka = NULL;  in ieee802_1x_kay_deinit()
3642 	os_free(kay->ctx);  in ieee802_1x_kay_deinit()
3643 	os_free(kay);  in ieee802_1x_kay_deinit()
3664 ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay,  in ieee802_1x_kay_create_mka()  argument
3674 		   kay->if_name, mode_txt(mode), yes_no(is_authenticator));  in ieee802_1x_kay_create_mka()
3676 	if (!kay || !ckn || !cak) {  in ieee802_1x_kay_create_mka()
3690 	if (!kay->enable) {  in ieee802_1x_kay_create_mka()
3720 			os_memcpy(&kay->key_server_sci, &kay->actor_sci,  in ieee802_1x_kay_create_mka()
3721 				  sizeof(kay->key_server_sci));  in ieee802_1x_kay_create_mka()
3722 			kay->key_server_priority = kay->actor_priority;  in ieee802_1x_kay_create_mka()
3754 	participant->kay = kay;  in ieee802_1x_kay_create_mka()
3771 	participant->txsc = ieee802_1x_kay_init_transmit_sc(&kay->actor_sci);  in ieee802_1x_kay_create_mka()
3772 	secy_cp_control_protect_frames(kay, kay->macsec_protect);  in ieee802_1x_kay_create_mka()
3773 	secy_cp_control_replay(kay, kay->macsec_replay_protect,  in ieee802_1x_kay_create_mka()
3774 			       kay->macsec_replay_window);  in ieee802_1x_kay_create_mka()
3775 	secy_cp_control_offload(kay, kay->macsec_offload);  in ieee802_1x_kay_create_mka()
3776 	if (secy_create_transmit_sc(kay, participant->txsc))  in ieee802_1x_kay_create_mka()
3781 	if (mka_alg_tbl[kay->mka_algindex].kek_trfm(participant->cak.key,  in ieee802_1x_kay_create_mka()
3795 	if (mka_alg_tbl[kay->mka_algindex].ick_trfm(participant->cak.key,  in ieee802_1x_kay_create_mka()
3807 	dl_list_add(&kay->participant_list, &participant->list);  in ieee802_1x_kay_create_mka()
3809 	usecs = os_random() % (kay->mka_hello_time * 1000);  in ieee802_1x_kay_create_mka()
3837 ieee802_1x_kay_delete_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn)  in ieee802_1x_kay_delete_mka()  argument
3844 	if (!kay || !ckn)  in ieee802_1x_kay_delete_mka()
3850 	participant = ieee802_1x_kay_get_participant(kay, ckn->name, ckn->len);  in ieee802_1x_kay_delete_mka()
3900 void ieee802_1x_kay_mka_participate(struct ieee802_1x_kay *kay,  in ieee802_1x_kay_mka_participate()  argument
3905 	if (!kay || !ckn)  in ieee802_1x_kay_mka_participate()
3908 	participant = ieee802_1x_kay_get_participant(kay, ckn->name, ckn->len);  in ieee802_1x_kay_mka_participate()
3920 ieee802_1x_kay_new_sak(struct ieee802_1x_kay *kay)  in ieee802_1x_kay_new_sak()  argument
3924 	if (!kay)  in ieee802_1x_kay_new_sak()
3927 	participant = ieee802_1x_kay_get_principal_participant(kay);  in ieee802_1x_kay_new_sak()
3942 ieee802_1x_kay_change_cipher_suite(struct ieee802_1x_kay *kay,  in ieee802_1x_kay_change_cipher_suite()  argument
3948 	if (!kay)  in ieee802_1x_kay_change_cipher_suite()
3956 	if (kay->macsec_csindex == cs_index)  in ieee802_1x_kay_change_cipher_suite()
3960 		kay->macsec_desired = false;  in ieee802_1x_kay_change_cipher_suite()
3962 	kay->macsec_csindex = cs_index;  in ieee802_1x_kay_change_cipher_suite()
3963 	kay->macsec_capable = cipher_suite_tbl[kay->macsec_csindex].capable;  in ieee802_1x_kay_change_cipher_suite()
3965 	if (secy_get_capability(kay, &secy_cap) < 0)  in ieee802_1x_kay_change_cipher_suite()
3968 	if (kay->macsec_capable > secy_cap)  in ieee802_1x_kay_change_cipher_suite()
3969 		kay->macsec_capable = secy_cap;  in ieee802_1x_kay_change_cipher_suite()
3971 	participant = ieee802_1x_kay_get_principal_participant(kay);  in ieee802_1x_kay_change_cipher_suite()
3995 int ieee802_1x_kay_get_status(struct ieee802_1x_kay *kay, char *buf,  in ieee802_1x_kay_get_status()  argument
4002 	if (!kay)  in ieee802_1x_kay_get_status()
4019 			  kay->active ? "Active" : "Not-Active",  in ieee802_1x_kay_get_status()
4020 			  kay->authenticated ? "Yes" : "No",  in ieee802_1x_kay_get_status()
4021 			  kay->secured ? "Yes" : "No",  in ieee802_1x_kay_get_status()
4022 			  kay->failed ? "Yes" : "No",  in ieee802_1x_kay_get_status()
4023 			  kay->actor_priority,  in ieee802_1x_kay_get_status()
4024 			  kay->key_server_priority,  in ieee802_1x_kay_get_status()
4025 			  kay->is_key_server ? "Yes" : "No",  in ieee802_1x_kay_get_status()
4026 			  kay->dist_kn - 1,  in ieee802_1x_kay_get_status()
4027 			  kay->rcvd_keys,  in ieee802_1x_kay_get_status()
4028 			  kay->mka_hello_time);  in ieee802_1x_kay_get_status()
4034 			  "actor_sci=%s\n", sci_txt(&kay->actor_sci));  in ieee802_1x_kay_get_status()
4040 			  "key_server_sci=%s\n", sci_txt(&kay->key_server_sci));  in ieee802_1x_kay_get_status()
4046 	dl_list_for_each(p, &kay->participant_list,  in ieee802_1x_kay_get_status()
4137 int ieee802_1x_kay_get_mib(struct ieee802_1x_kay *kay, char *buf,  in ieee802_1x_kay_get_mib()  argument
4144 	if (!kay)  in ieee802_1x_kay_get_mib()
4150 	dl_list_for_each(p, &kay->participant_list,  in ieee802_1x_kay_get_mib()