1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Key management related functions. 4 * 5 * Copyright (c) 2017-2020, Silicon Laboratories, Inc. 6 * Copyright (c) 2010, ST-Ericsson 7 */ 8 #include <linux/etherdevice.h> 9 #include <net/mac80211.h> 10 11 #include "key.h" 12 #include "wfx.h" 13 #include "hif_tx_mib.h" 14 15 static int wfx_alloc_key(struct wfx_dev *wdev) 16 { 17 int idx; 18 19 idx = ffs(~wdev->key_map) - 1; 20 if (idx < 0 || idx >= MAX_KEY_ENTRIES) 21 return -1; 22 23 wdev->key_map |= BIT(idx); 24 return idx; 25 } 26 27 static void wfx_free_key(struct wfx_dev *wdev, int idx) 28 { 29 WARN(!(wdev->key_map & BIT(idx)), "inconsistent key allocation"); 30 wdev->key_map &= ~BIT(idx); 31 } 32 33 static u8 fill_wep_pair(struct wfx_hif_wep_pairwise_key *msg, 34 struct ieee80211_key_conf *key, u8 *peer_addr) 35 { 36 WARN(key->keylen > sizeof(msg->key_data), "inconsistent data"); 37 msg->key_length = key->keylen; 38 memcpy(msg->key_data, key->key, key->keylen); 39 ether_addr_copy(msg->peer_address, peer_addr); 40 return HIF_KEY_TYPE_WEP_PAIRWISE; 41 } 42 43 static u8 fill_wep_group(struct wfx_hif_wep_group_key *msg, 44 struct ieee80211_key_conf *key) 45 { 46 WARN(key->keylen > sizeof(msg->key_data), "inconsistent data"); 47 msg->key_id = key->keyidx; 48 msg->key_length = key->keylen; 49 memcpy(msg->key_data, key->key, key->keylen); 50 return HIF_KEY_TYPE_WEP_DEFAULT; 51 } 52 53 static u8 fill_tkip_pair(struct wfx_hif_tkip_pairwise_key *msg, 54 struct ieee80211_key_conf *key, u8 *peer_addr) 55 { 56 u8 *keybuf = key->key; 57 58 WARN(key->keylen != sizeof(msg->tkip_key_data) + sizeof(msg->tx_mic_key) + 59 sizeof(msg->rx_mic_key), "inconsistent data"); 60 memcpy(msg->tkip_key_data, keybuf, sizeof(msg->tkip_key_data)); 61 keybuf += sizeof(msg->tkip_key_data); 62 memcpy(msg->tx_mic_key, keybuf, sizeof(msg->tx_mic_key)); 63 keybuf += sizeof(msg->tx_mic_key); 64 memcpy(msg->rx_mic_key, keybuf, sizeof(msg->rx_mic_key)); 65 ether_addr_copy(msg->peer_address, peer_addr); 66 return HIF_KEY_TYPE_TKIP_PAIRWISE; 67 } 68 69 static u8 fill_tkip_group(struct wfx_hif_tkip_group_key *msg, struct ieee80211_key_conf *key, 70 struct ieee80211_key_seq *seq, enum nl80211_iftype iftype) 71 { 72 u8 *keybuf = key->key; 73 74 WARN(key->keylen != sizeof(msg->tkip_key_data) + 2 * sizeof(msg->rx_mic_key), 75 "inconsistent data"); 76 msg->key_id = key->keyidx; 77 memcpy(msg->rx_sequence_counter, &seq->tkip.iv16, sizeof(seq->tkip.iv16)); 78 memcpy(msg->rx_sequence_counter + sizeof(u16), &seq->tkip.iv32, sizeof(seq->tkip.iv32)); 79 memcpy(msg->tkip_key_data, keybuf, sizeof(msg->tkip_key_data)); 80 keybuf += sizeof(msg->tkip_key_data); 81 if (iftype == NL80211_IFTYPE_AP) 82 /* Use Tx MIC Key */ 83 memcpy(msg->rx_mic_key, keybuf + 0, sizeof(msg->rx_mic_key)); 84 else 85 /* Use Rx MIC Key */ 86 memcpy(msg->rx_mic_key, keybuf + 8, sizeof(msg->rx_mic_key)); 87 return HIF_KEY_TYPE_TKIP_GROUP; 88 } 89 90 static u8 fill_ccmp_pair(struct wfx_hif_aes_pairwise_key *msg, 91 struct ieee80211_key_conf *key, u8 *peer_addr) 92 { 93 WARN(key->keylen != sizeof(msg->aes_key_data), "inconsistent data"); 94 ether_addr_copy(msg->peer_address, peer_addr); 95 memcpy(msg->aes_key_data, key->key, key->keylen); 96 return HIF_KEY_TYPE_AES_PAIRWISE; 97 } 98 99 static u8 fill_ccmp_group(struct wfx_hif_aes_group_key *msg, 100 struct ieee80211_key_conf *key, struct ieee80211_key_seq *seq) 101 { 102 WARN(key->keylen != sizeof(msg->aes_key_data), "inconsistent data"); 103 memcpy(msg->aes_key_data, key->key, key->keylen); 104 memcpy(msg->rx_sequence_counter, seq->ccmp.pn, sizeof(seq->ccmp.pn)); 105 memreverse(msg->rx_sequence_counter, sizeof(seq->ccmp.pn)); 106 msg->key_id = key->keyidx; 107 return HIF_KEY_TYPE_AES_GROUP; 108 } 109 110 static u8 fill_sms4_pair(struct wfx_hif_wapi_pairwise_key *msg, 111 struct ieee80211_key_conf *key, u8 *peer_addr) 112 { 113 u8 *keybuf = key->key; 114 115 WARN(key->keylen != sizeof(msg->wapi_key_data) + sizeof(msg->mic_key_data), 116 "inconsistent data"); 117 ether_addr_copy(msg->peer_address, peer_addr); 118 memcpy(msg->wapi_key_data, keybuf, sizeof(msg->wapi_key_data)); 119 keybuf += sizeof(msg->wapi_key_data); 120 memcpy(msg->mic_key_data, keybuf, sizeof(msg->mic_key_data)); 121 msg->key_id = key->keyidx; 122 return HIF_KEY_TYPE_WAPI_PAIRWISE; 123 } 124 125 static u8 fill_sms4_group(struct wfx_hif_wapi_group_key *msg, 126 struct ieee80211_key_conf *key) 127 { 128 u8 *keybuf = key->key; 129 130 WARN(key->keylen != sizeof(msg->wapi_key_data) + sizeof(msg->mic_key_data), 131 "inconsistent data"); 132 memcpy(msg->wapi_key_data, keybuf, sizeof(msg->wapi_key_data)); 133 keybuf += sizeof(msg->wapi_key_data); 134 memcpy(msg->mic_key_data, keybuf, sizeof(msg->mic_key_data)); 135 msg->key_id = key->keyidx; 136 return HIF_KEY_TYPE_WAPI_GROUP; 137 } 138 139 static u8 fill_aes_cmac_group(struct wfx_hif_igtk_group_key *msg, 140 struct ieee80211_key_conf *key, struct ieee80211_key_seq *seq) 141 { 142 WARN(key->keylen != sizeof(msg->igtk_key_data), "inconsistent data"); 143 memcpy(msg->igtk_key_data, key->key, key->keylen); 144 memcpy(msg->ipn, seq->aes_cmac.pn, sizeof(seq->aes_cmac.pn)); 145 memreverse(msg->ipn, sizeof(seq->aes_cmac.pn)); 146 msg->key_id = key->keyidx; 147 return HIF_KEY_TYPE_IGTK_GROUP; 148 } 149 150 static int wfx_add_key(struct wfx_vif *wvif, struct ieee80211_sta *sta, 151 struct ieee80211_key_conf *key) 152 { 153 int ret; 154 struct wfx_hif_req_add_key k = { }; 155 struct ieee80211_key_seq seq; 156 struct wfx_dev *wdev = wvif->wdev; 157 int idx = wfx_alloc_key(wvif->wdev); 158 bool pairwise = key->flags & IEEE80211_KEY_FLAG_PAIRWISE; 159 struct ieee80211_vif *vif = wvif_to_vif(wvif); 160 161 WARN(key->flags & IEEE80211_KEY_FLAG_PAIRWISE && !sta, "inconsistent data"); 162 ieee80211_get_key_rx_seq(key, 0, &seq); 163 if (idx < 0) 164 return -EINVAL; 165 k.int_id = wvif->id; 166 k.entry_index = idx; 167 if (key->cipher == WLAN_CIPHER_SUITE_WEP40 || 168 key->cipher == WLAN_CIPHER_SUITE_WEP104) { 169 if (pairwise) 170 k.type = fill_wep_pair(&k.key.wep_pairwise_key, key, sta->addr); 171 else 172 k.type = fill_wep_group(&k.key.wep_group_key, key); 173 } else if (key->cipher == WLAN_CIPHER_SUITE_TKIP) { 174 if (pairwise) 175 k.type = fill_tkip_pair(&k.key.tkip_pairwise_key, key, sta->addr); 176 else 177 k.type = fill_tkip_group(&k.key.tkip_group_key, key, &seq, 178 vif->type); 179 } else if (key->cipher == WLAN_CIPHER_SUITE_CCMP) { 180 if (pairwise) 181 k.type = fill_ccmp_pair(&k.key.aes_pairwise_key, key, sta->addr); 182 else 183 k.type = fill_ccmp_group(&k.key.aes_group_key, key, &seq); 184 } else if (key->cipher == WLAN_CIPHER_SUITE_SMS4) { 185 if (pairwise) 186 k.type = fill_sms4_pair(&k.key.wapi_pairwise_key, key, sta->addr); 187 else 188 k.type = fill_sms4_group(&k.key.wapi_group_key, key); 189 } else if (key->cipher == WLAN_CIPHER_SUITE_AES_CMAC) { 190 k.type = fill_aes_cmac_group(&k.key.igtk_group_key, key, &seq); 191 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIE; 192 } else { 193 dev_warn(wdev->dev, "unsupported key type %d\n", key->cipher); 194 wfx_free_key(wdev, idx); 195 return -EOPNOTSUPP; 196 } 197 ret = wfx_hif_add_key(wdev, &k); 198 if (ret) { 199 wfx_free_key(wdev, idx); 200 return -EOPNOTSUPP; 201 } 202 key->flags |= IEEE80211_KEY_FLAG_PUT_IV_SPACE | IEEE80211_KEY_FLAG_RESERVE_TAILROOM; 203 key->hw_key_idx = idx; 204 return 0; 205 } 206 207 static int wfx_remove_key(struct wfx_vif *wvif, struct ieee80211_key_conf *key) 208 { 209 WARN(key->hw_key_idx >= MAX_KEY_ENTRIES, "corrupted hw_key_idx"); 210 wfx_free_key(wvif->wdev, key->hw_key_idx); 211 return wfx_hif_remove_key(wvif->wdev, key->hw_key_idx); 212 } 213 214 int wfx_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd, struct ieee80211_vif *vif, 215 struct ieee80211_sta *sta, struct ieee80211_key_conf *key) 216 { 217 int ret = -EOPNOTSUPP; 218 struct wfx_vif *wvif = (struct wfx_vif *)vif->drv_priv; 219 220 mutex_lock(&wvif->wdev->conf_mutex); 221 if (cmd == SET_KEY) 222 ret = wfx_add_key(wvif, sta, key); 223 if (cmd == DISABLE_KEY) 224 ret = wfx_remove_key(wvif, key); 225 mutex_unlock(&wvif->wdev->conf_mutex); 226 return ret; 227 } 228