1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2002-2009 Sam Leffler, Errno Consulting 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer, 12 * without modification. 13 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 14 * similar to the "NO WARRANTY" disclaimer below ("Disclaimer") and any 15 * redistribution must be conditioned upon including a substantially 16 * similar Disclaimer requirement for further binary redistribution. 17 * 18 * NO WARRANTY 19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 * LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTIBILITY 22 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 23 * THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, 24 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER 27 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 29 * THE POSSIBILITY OF SUCH DAMAGES. 30 */ 31 32 #include <sys/cdefs.h> 33 /* 34 * Driver for the Atheros Wireless LAN controller. 35 * 36 * This software is derived from work of Atsushi Onoe; his contribution 37 * is greatly appreciated. 38 */ 39 40 #include "opt_inet.h" 41 #include "opt_ath.h" 42 #include "opt_wlan.h" 43 44 #include <sys/param.h> 45 #include <sys/systm.h> 46 #include <sys/sysctl.h> 47 #include <sys/mbuf.h> 48 #include <sys/malloc.h> 49 #include <sys/lock.h> 50 #include <sys/mutex.h> 51 #include <sys/kernel.h> 52 #include <sys/socket.h> 53 #include <sys/sockio.h> 54 #include <sys/errno.h> 55 #include <sys/callout.h> 56 #include <sys/bus.h> 57 #include <sys/endian.h> 58 #include <sys/kthread.h> 59 #include <sys/taskqueue.h> 60 #include <sys/priv.h> 61 62 #include <machine/bus.h> 63 64 #include <net/if.h> 65 #include <net/if_var.h> 66 #include <net/if_dl.h> 67 #include <net/if_media.h> 68 #include <net/if_types.h> 69 #include <net/if_arp.h> 70 #include <net/ethernet.h> 71 #include <net/if_llc.h> 72 73 #include <net80211/ieee80211_var.h> 74 75 #include <net/bpf.h> 76 77 #include <dev/ath/if_athvar.h> 78 79 #include <dev/ath/if_ath_debug.h> 80 #include <dev/ath/if_ath_keycache.h> 81 #include <dev/ath/if_ath_misc.h> 82 83 #ifdef ATH_DEBUG 84 static void 85 ath_keyprint(struct ath_softc *sc, const char *tag, u_int ix, 86 const HAL_KEYVAL *hk, const u_int8_t mac[IEEE80211_ADDR_LEN]) 87 { 88 static const char *ciphers[] = { 89 "WEP", 90 "AES-OCB", 91 "AES-CCM", 92 "CKIP", 93 "TKIP", 94 "CLR", 95 }; 96 int i, n; 97 98 printf("%s: [%02u] %-7s ", tag, ix, ciphers[hk->kv_type]); 99 for (i = 0, n = hk->kv_len; i < n; i++) 100 printf("%02x", hk->kv_val[i]); 101 printf(" mac %s", ether_sprintf(mac)); 102 if (hk->kv_type == HAL_CIPHER_TKIP) { 103 printf(" %s ", sc->sc_splitmic ? "mic" : "rxmic"); 104 for (i = 0; i < sizeof(hk->kv_mic); i++) 105 printf("%02x", hk->kv_mic[i]); 106 if (!sc->sc_splitmic) { 107 printf(" txmic "); 108 for (i = 0; i < sizeof(hk->kv_txmic); i++) 109 printf("%02x", hk->kv_txmic[i]); 110 } 111 } 112 printf("\n"); 113 } 114 #endif 115 116 /* 117 * Set a TKIP key into the hardware. This handles the 118 * potential distribution of key state to multiple key 119 * cache slots for TKIP. 120 */ 121 static int 122 ath_keyset_tkip(struct ath_softc *sc, const struct ieee80211_key *k, 123 HAL_KEYVAL *hk, const u_int8_t mac[IEEE80211_ADDR_LEN]) 124 { 125 #define IEEE80211_KEY_XR (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV) 126 static const u_int8_t zerobssid[IEEE80211_ADDR_LEN]; 127 struct ath_hal *ah = sc->sc_ah; 128 129 KASSERT(k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP, 130 ("got a non-TKIP key, cipher %u", k->wk_cipher->ic_cipher)); 131 if ((k->wk_flags & IEEE80211_KEY_XR) == IEEE80211_KEY_XR) { 132 if (sc->sc_splitmic) { 133 /* 134 * TX key goes at first index, RX key at the rx index. 135 * The hal handles the MIC keys at index+64. 136 */ 137 memcpy(hk->kv_mic, 138 ieee80211_crypto_get_key_txmic_data(k), 139 sizeof(hk->kv_mic)); 140 KEYPRINTF(sc, k->wk_keyix, hk, zerobssid); 141 if (!ath_hal_keyset(ah, k->wk_keyix, hk, zerobssid)) 142 return 0; 143 144 memcpy(hk->kv_mic, 145 ieee80211_crypto_get_key_rxmic_data(k), 146 sizeof(hk->kv_mic)); 147 KEYPRINTF(sc, k->wk_keyix+32, hk, mac); 148 /* XXX delete tx key on failure? */ 149 return ath_hal_keyset(ah, k->wk_keyix+32, hk, mac); 150 } else { 151 /* 152 * Room for both TX+RX MIC keys in one key cache 153 * slot, just set key at the first index; the hal 154 * will handle the rest. 155 */ 156 memcpy(hk->kv_mic, 157 ieee80211_crypto_get_key_rxmic_data(k), 158 sizeof(hk->kv_mic)); 159 memcpy(hk->kv_txmic, 160 ieee80211_crypto_get_key_txmic_data(k), 161 sizeof(hk->kv_txmic)); 162 KEYPRINTF(sc, k->wk_keyix, hk, mac); 163 return ath_hal_keyset(ah, k->wk_keyix, hk, mac); 164 } 165 } else if (k->wk_flags & IEEE80211_KEY_XMIT) { 166 if (sc->sc_splitmic) { 167 /* 168 * NB: must pass MIC key in expected location when 169 * the keycache only holds one MIC key per entry. 170 */ 171 memcpy(hk->kv_mic, 172 ieee80211_crypto_get_key_txmic_data(k), 173 sizeof(hk->kv_txmic)); 174 } else 175 memcpy(hk->kv_txmic, 176 ieee80211_crypto_get_key_txmic_data(k), 177 sizeof(hk->kv_txmic)); 178 KEYPRINTF(sc, k->wk_keyix, hk, mac); 179 return ath_hal_keyset(ah, k->wk_keyix, hk, mac); 180 } else if (k->wk_flags & IEEE80211_KEY_RECV) { 181 memcpy(hk->kv_mic, 182 ieee80211_crypto_get_key_rxmic_data(k), 183 sizeof(hk->kv_mic)); 184 KEYPRINTF(sc, k->wk_keyix, hk, mac); 185 return ath_hal_keyset(ah, k->wk_keyix, hk, mac); 186 } 187 return 0; 188 #undef IEEE80211_KEY_XR 189 } 190 191 /* 192 * Set a net80211 key into the hardware. This handles the 193 * potential distribution of key state to multiple key 194 * cache slots for TKIP with hardware MIC support. 195 */ 196 int 197 ath_keyset(struct ath_softc *sc, struct ieee80211vap *vap, 198 const struct ieee80211_key *k, 199 struct ieee80211_node *bss) 200 { 201 static const u_int8_t ciphermap[] = { 202 HAL_CIPHER_WEP, /* IEEE80211_CIPHER_WEP */ 203 HAL_CIPHER_TKIP, /* IEEE80211_CIPHER_TKIP */ 204 HAL_CIPHER_AES_OCB, /* IEEE80211_CIPHER_AES_OCB */ 205 HAL_CIPHER_AES_CCM, /* IEEE80211_CIPHER_AES_CCM */ 206 (u_int8_t) -1, /* 4 is not allocated */ 207 HAL_CIPHER_CKIP, /* IEEE80211_CIPHER_CKIP */ 208 HAL_CIPHER_CLR, /* IEEE80211_CIPHER_NONE */ 209 }; 210 struct ath_hal *ah = sc->sc_ah; 211 const struct ieee80211_cipher *cip = k->wk_cipher; 212 u_int8_t gmac[IEEE80211_ADDR_LEN]; 213 const u_int8_t *mac; 214 HAL_KEYVAL hk; 215 int ret; 216 217 memset(&hk, 0, sizeof(hk)); 218 /* 219 * Software crypto uses a "clear key" so non-crypto 220 * state kept in the key cache are maintained and 221 * so that rx frames have an entry to match. 222 */ 223 if ((k->wk_flags & IEEE80211_KEY_SWCRYPT) == 0) { 224 KASSERT(cip->ic_cipher < nitems(ciphermap), 225 ("invalid cipher type %u", cip->ic_cipher)); 226 hk.kv_type = ciphermap[cip->ic_cipher]; 227 hk.kv_len = ieee80211_crypto_get_key_len(k); 228 memcpy(hk.kv_val, 229 ieee80211_crypto_get_key_data(k), 230 ieee80211_crypto_get_key_len(k)); 231 } else 232 hk.kv_type = HAL_CIPHER_CLR; 233 234 /* 235 * If we're installing a clear cipher key and 236 * the hardware doesn't support that, just succeed. 237 * Leave it up to the net80211 layer to figure it out. 238 */ 239 if (hk.kv_type == HAL_CIPHER_CLR && sc->sc_hasclrkey == 0) { 240 return (1); 241 } 242 243 /* 244 * XXX TODO: check this: 245 * 246 * Group keys on hardware that supports multicast frame 247 * key search should only be done in adhoc/hostap mode, 248 * not STA mode. 249 * 250 * XXX TODO: what about mesh, tdma? 251 */ 252 #if 0 253 if ((vap->iv_opmode == IEEE80211_M_HOSTAP || 254 vap->iv_opmode == IEEE80211_M_IBSS) && 255 #else 256 if ( 257 #endif 258 (k->wk_flags & IEEE80211_KEY_GROUP) && 259 sc->sc_mcastkey) { 260 /* 261 * Group keys on hardware that supports multicast frame 262 * key search use a MAC that is the sender's address with 263 * the multicast bit set instead of the app-specified address. 264 */ 265 IEEE80211_ADDR_COPY(gmac, bss->ni_macaddr); 266 gmac[0] |= 0x01; 267 mac = gmac; 268 } else 269 mac = k->wk_macaddr; 270 271 ATH_LOCK(sc); 272 ath_power_set_power_state(sc, HAL_PM_AWAKE); 273 if (hk.kv_type == HAL_CIPHER_TKIP && 274 (k->wk_flags & IEEE80211_KEY_SWMIC) == 0) { 275 ret = ath_keyset_tkip(sc, k, &hk, mac); 276 } else { 277 KEYPRINTF(sc, k->wk_keyix, &hk, mac); 278 ret = ath_hal_keyset(ah, k->wk_keyix, &hk, mac); 279 } 280 ath_power_restore_power_state(sc); 281 ATH_UNLOCK(sc); 282 283 return (ret); 284 } 285 286 /* 287 * Allocate tx/rx key slots for TKIP. We allocate two slots for 288 * each key, one for decrypt/encrypt and the other for the MIC. 289 */ 290 static u_int16_t 291 key_alloc_2pair(struct ath_softc *sc, 292 ieee80211_keyix *txkeyix, ieee80211_keyix *rxkeyix) 293 { 294 u_int i, keyix; 295 296 KASSERT(sc->sc_splitmic, ("key cache !split")); 297 /* XXX could optimize */ 298 for (i = 0; i < nitems(sc->sc_keymap)/4; i++) { 299 u_int8_t b = sc->sc_keymap[i]; 300 if (b != 0xff) { 301 /* 302 * One or more slots in this byte are free. 303 */ 304 keyix = i*NBBY; 305 while (b & 1) { 306 again: 307 keyix++; 308 b >>= 1; 309 } 310 /* XXX IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV */ 311 if (isset(sc->sc_keymap, keyix+32) || 312 isset(sc->sc_keymap, keyix+64) || 313 isset(sc->sc_keymap, keyix+32+64)) { 314 /* full pair unavailable */ 315 /* XXX statistic */ 316 if (keyix == (i+1)*NBBY) { 317 /* no slots were appropriate, advance */ 318 continue; 319 } 320 goto again; 321 } 322 setbit(sc->sc_keymap, keyix); 323 setbit(sc->sc_keymap, keyix+64); 324 setbit(sc->sc_keymap, keyix+32); 325 setbit(sc->sc_keymap, keyix+32+64); 326 DPRINTF(sc, ATH_DEBUG_KEYCACHE, 327 "%s: key pair %u,%u %u,%u\n", 328 __func__, keyix, keyix+64, 329 keyix+32, keyix+32+64); 330 *txkeyix = keyix; 331 *rxkeyix = keyix+32; 332 return 1; 333 } 334 } 335 DPRINTF(sc, ATH_DEBUG_KEYCACHE, "%s: out of pair space\n", __func__); 336 return 0; 337 } 338 339 /* 340 * Allocate tx/rx key slots for TKIP. We allocate two slots for 341 * each key, one for decrypt/encrypt and the other for the MIC. 342 */ 343 static u_int16_t 344 key_alloc_pair(struct ath_softc *sc, 345 ieee80211_keyix *txkeyix, ieee80211_keyix *rxkeyix) 346 { 347 u_int i, keyix; 348 349 KASSERT(!sc->sc_splitmic, ("key cache split")); 350 /* XXX could optimize */ 351 for (i = 0; i < nitems(sc->sc_keymap)/4; i++) { 352 u_int8_t b = sc->sc_keymap[i]; 353 if (b != 0xff) { 354 /* 355 * One or more slots in this byte are free. 356 */ 357 keyix = i*NBBY; 358 while (b & 1) { 359 again: 360 keyix++; 361 b >>= 1; 362 } 363 if (isset(sc->sc_keymap, keyix+64)) { 364 /* full pair unavailable */ 365 /* XXX statistic */ 366 if (keyix == (i+1)*NBBY) { 367 /* no slots were appropriate, advance */ 368 continue; 369 } 370 goto again; 371 } 372 setbit(sc->sc_keymap, keyix); 373 setbit(sc->sc_keymap, keyix+64); 374 DPRINTF(sc, ATH_DEBUG_KEYCACHE, 375 "%s: key pair %u,%u\n", 376 __func__, keyix, keyix+64); 377 *txkeyix = *rxkeyix = keyix; 378 return 1; 379 } 380 } 381 DPRINTF(sc, ATH_DEBUG_KEYCACHE, "%s: out of pair space\n", __func__); 382 return 0; 383 } 384 385 /* 386 * Allocate a single key cache slot. 387 */ 388 static int 389 key_alloc_single(struct ath_softc *sc, 390 ieee80211_keyix *txkeyix, ieee80211_keyix *rxkeyix) 391 { 392 u_int i, keyix; 393 394 if (sc->sc_hasclrkey == 0) { 395 /* 396 * Map to slot 0 for the AR5210. 397 */ 398 *txkeyix = *rxkeyix = 0; 399 return (1); 400 } 401 402 /* XXX try i,i+32,i+64,i+32+64 to minimize key pair conflicts */ 403 for (i = 0; i < nitems(sc->sc_keymap); i++) { 404 u_int8_t b = sc->sc_keymap[i]; 405 if (b != 0xff) { 406 /* 407 * One or more slots are free. 408 */ 409 keyix = i*NBBY; 410 while (b & 1) 411 keyix++, b >>= 1; 412 setbit(sc->sc_keymap, keyix); 413 DPRINTF(sc, ATH_DEBUG_KEYCACHE, "%s: key %u\n", 414 __func__, keyix); 415 *txkeyix = *rxkeyix = keyix; 416 return 1; 417 } 418 } 419 DPRINTF(sc, ATH_DEBUG_KEYCACHE, "%s: out of space\n", __func__); 420 return 0; 421 } 422 423 /* 424 * Allocate one or more key cache slots for a uniacst key. The 425 * key itself is needed only to identify the cipher. For hardware 426 * TKIP with split cipher+MIC keys we allocate two key cache slot 427 * pairs so that we can setup separate TX and RX MIC keys. Note 428 * that the MIC key for a TKIP key at slot i is assumed by the 429 * hardware to be at slot i+64. This limits TKIP keys to the first 430 * 64 entries. 431 */ 432 int 433 ath_key_alloc(struct ieee80211vap *vap, struct ieee80211_key *k, 434 ieee80211_keyix *keyix, ieee80211_keyix *rxkeyix) 435 { 436 struct ath_softc *sc = vap->iv_ic->ic_softc; 437 438 /* 439 * Group key allocation must be handled specially for 440 * parts that do not support multicast key cache search 441 * functionality. For those parts the key id must match 442 * the h/w key index so lookups find the right key. On 443 * parts w/ the key search facility we install the sender's 444 * mac address (with the high bit set) and let the hardware 445 * find the key w/o using the key id. This is preferred as 446 * it permits us to support multiple users for adhoc and/or 447 * multi-station operation. 448 */ 449 if (k->wk_keyix != IEEE80211_KEYIX_NONE) { 450 /* 451 * Only global keys should have key index assigned. 452 */ 453 if (!ieee80211_is_key_global(vap, k)) { 454 /* should not happen */ 455 DPRINTF(sc, ATH_DEBUG_KEYCACHE, 456 "%s: bogus group key\n", __func__); 457 return 0; 458 } 459 if (vap->iv_opmode != IEEE80211_M_HOSTAP || 460 !(k->wk_flags & IEEE80211_KEY_GROUP) || 461 !sc->sc_mcastkey) { 462 /* 463 * XXX we pre-allocate the global keys so 464 * have no way to check if they've already 465 * been allocated. 466 */ 467 *keyix = *rxkeyix = 468 ieee80211_crypto_get_key_wepidx(vap, k); 469 return 1; 470 } 471 /* 472 * Group key and device supports multicast key search. 473 */ 474 k->wk_keyix = IEEE80211_KEYIX_NONE; 475 } 476 477 /* 478 * We allocate two pair for TKIP when using the h/w to do 479 * the MIC. For everything else, including software crypto, 480 * we allocate a single entry. Note that s/w crypto requires 481 * a pass-through slot on the 5211 and 5212. The 5210 does 482 * not support pass-through cache entries and we map all 483 * those requests to slot 0. 484 */ 485 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) { 486 return key_alloc_single(sc, keyix, rxkeyix); 487 } else if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP && 488 (k->wk_flags & IEEE80211_KEY_SWMIC) == 0) { 489 if (sc->sc_splitmic) 490 return key_alloc_2pair(sc, keyix, rxkeyix); 491 else 492 return key_alloc_pair(sc, keyix, rxkeyix); 493 } else { 494 return key_alloc_single(sc, keyix, rxkeyix); 495 } 496 } 497 498 /* 499 * Delete an entry in the key cache allocated by ath_key_alloc. 500 */ 501 int 502 ath_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k) 503 { 504 struct ath_softc *sc = vap->iv_ic->ic_softc; 505 struct ath_hal *ah = sc->sc_ah; 506 const struct ieee80211_cipher *cip = k->wk_cipher; 507 u_int keyix = k->wk_keyix; 508 509 DPRINTF(sc, ATH_DEBUG_KEYCACHE, "%s: delete key %u\n", __func__, keyix); 510 511 ATH_LOCK(sc); 512 ath_power_set_power_state(sc, HAL_PM_AWAKE); 513 ath_hal_keyreset(ah, keyix); 514 /* 515 * Handle split tx/rx keying required for TKIP with h/w MIC. 516 */ 517 if (cip->ic_cipher == IEEE80211_CIPHER_TKIP && 518 (k->wk_flags & IEEE80211_KEY_SWMIC) == 0 && sc->sc_splitmic) 519 ath_hal_keyreset(ah, keyix+32); /* RX key */ 520 if (keyix >= IEEE80211_WEP_NKID) { 521 /* 522 * Don't touch keymap entries for global keys so 523 * they are never considered for dynamic allocation. 524 */ 525 clrbit(sc->sc_keymap, keyix); 526 if (cip->ic_cipher == IEEE80211_CIPHER_TKIP && 527 (k->wk_flags & IEEE80211_KEY_SWMIC) == 0) { 528 clrbit(sc->sc_keymap, keyix+64); /* TX key MIC */ 529 if (sc->sc_splitmic) { 530 /* +32 for RX key, +32+64 for RX key MIC */ 531 clrbit(sc->sc_keymap, keyix+32); 532 clrbit(sc->sc_keymap, keyix+32+64); 533 } 534 } 535 } 536 ath_power_restore_power_state(sc); 537 ATH_UNLOCK(sc); 538 return 1; 539 } 540 541 /* 542 * Set the key cache contents for the specified key. Key cache 543 * slot(s) must already have been allocated by ath_key_alloc. 544 */ 545 int 546 ath_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k) 547 { 548 struct ath_softc *sc = vap->iv_ic->ic_softc; 549 550 return ath_keyset(sc, vap, k, vap->iv_bss); 551 } 552