1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright 2002-2005, Instant802 Networks, Inc. 4 * Copyright 2005-2006, Devicescape Software, Inc. 5 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 6 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net> 7 * Copyright 2013-2014 Intel Mobile Communications GmbH 8 * Copyright 2015-2017 Intel Deutschland GmbH 9 * Copyright 2018-2020, 2022 Intel Corporation 10 */ 11 12 #include <linux/if_ether.h> 13 #include <linux/etherdevice.h> 14 #include <linux/list.h> 15 #include <linux/rcupdate.h> 16 #include <linux/rtnetlink.h> 17 #include <linux/slab.h> 18 #include <linux/export.h> 19 #include <net/mac80211.h> 20 #include <crypto/algapi.h> 21 #include <asm/unaligned.h> 22 #include "ieee80211_i.h" 23 #include "driver-ops.h" 24 #include "debugfs_key.h" 25 #include "aes_ccm.h" 26 #include "aes_cmac.h" 27 #include "aes_gmac.h" 28 #include "aes_gcm.h" 29 30 31 /** 32 * DOC: Key handling basics 33 * 34 * Key handling in mac80211 is done based on per-interface (sub_if_data) 35 * keys and per-station keys. Since each station belongs to an interface, 36 * each station key also belongs to that interface. 37 * 38 * Hardware acceleration is done on a best-effort basis for algorithms 39 * that are implemented in software, for each key the hardware is asked 40 * to enable that key for offloading but if it cannot do that the key is 41 * simply kept for software encryption (unless it is for an algorithm 42 * that isn't implemented in software). 43 * There is currently no way of knowing whether a key is handled in SW 44 * or HW except by looking into debugfs. 45 * 46 * All key management is internally protected by a mutex. Within all 47 * other parts of mac80211, key references are, just as STA structure 48 * references, protected by RCU. Note, however, that some things are 49 * unprotected, namely the key->sta dereferences within the hardware 50 * acceleration functions. This means that sta_info_destroy() must 51 * remove the key which waits for an RCU grace period. 52 */ 53 54 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 55 56 static void assert_key_lock(struct ieee80211_local *local) 57 { 58 lockdep_assert_held(&local->key_mtx); 59 } 60 61 static void 62 update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta) 63 { 64 struct ieee80211_sub_if_data *vlan; 65 66 if (sdata->vif.type != NL80211_IFTYPE_AP) 67 return; 68 69 /* crypto_tx_tailroom_needed_cnt is protected by this */ 70 assert_key_lock(sdata->local); 71 72 rcu_read_lock(); 73 74 list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list) 75 vlan->crypto_tx_tailroom_needed_cnt += delta; 76 77 rcu_read_unlock(); 78 } 79 80 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata) 81 { 82 /* 83 * When this count is zero, SKB resizing for allocating tailroom 84 * for IV or MMIC is skipped. But, this check has created two race 85 * cases in xmit path while transiting from zero count to one: 86 * 87 * 1. SKB resize was skipped because no key was added but just before 88 * the xmit key is added and SW encryption kicks off. 89 * 90 * 2. SKB resize was skipped because all the keys were hw planted but 91 * just before xmit one of the key is deleted and SW encryption kicks 92 * off. 93 * 94 * In both the above case SW encryption will find not enough space for 95 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c) 96 * 97 * Solution has been explained at 98 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net 99 */ 100 101 assert_key_lock(sdata->local); 102 103 update_vlan_tailroom_need_count(sdata, 1); 104 105 if (!sdata->crypto_tx_tailroom_needed_cnt++) { 106 /* 107 * Flush all XMIT packets currently using HW encryption or no 108 * encryption at all if the count transition is from 0 -> 1. 109 */ 110 synchronize_net(); 111 } 112 } 113 114 static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata, 115 int delta) 116 { 117 assert_key_lock(sdata->local); 118 119 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta); 120 121 update_vlan_tailroom_need_count(sdata, -delta); 122 sdata->crypto_tx_tailroom_needed_cnt -= delta; 123 } 124 125 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key) 126 { 127 struct ieee80211_sub_if_data *sdata = key->sdata; 128 struct sta_info *sta; 129 int ret = -EOPNOTSUPP; 130 131 might_sleep(); 132 133 if (key->flags & KEY_FLAG_TAINTED) { 134 /* If we get here, it's during resume and the key is 135 * tainted so shouldn't be used/programmed any more. 136 * However, its flags may still indicate that it was 137 * programmed into the device (since we're in resume) 138 * so clear that flag now to avoid trying to remove 139 * it again later. 140 */ 141 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE && 142 !(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 143 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 144 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 145 increment_tailroom_need_count(sdata); 146 147 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 148 return -EINVAL; 149 } 150 151 if (!key->local->ops->set_key) 152 goto out_unsupported; 153 154 assert_key_lock(key->local); 155 156 sta = key->sta; 157 158 /* 159 * If this is a per-STA GTK, check if it 160 * is supported; if not, return. 161 */ 162 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) && 163 !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK)) 164 goto out_unsupported; 165 166 if (sta && !sta->uploaded) 167 goto out_unsupported; 168 169 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 170 /* 171 * The driver doesn't know anything about VLAN interfaces. 172 * Hence, don't send GTKs for VLAN interfaces to the driver. 173 */ 174 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) { 175 ret = 1; 176 goto out_unsupported; 177 } 178 } 179 180 ret = drv_set_key(key->local, SET_KEY, sdata, 181 sta ? &sta->sta : NULL, &key->conf); 182 183 if (!ret) { 184 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; 185 186 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 187 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 188 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 189 decrease_tailroom_need_count(sdata, 1); 190 191 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) && 192 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)); 193 194 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_MIC_SPACE) && 195 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC)); 196 197 return 0; 198 } 199 200 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1) 201 sdata_err(sdata, 202 "failed to set key (%d, %pM) to hardware (%d)\n", 203 key->conf.keyidx, 204 sta ? sta->sta.addr : bcast_addr, ret); 205 206 out_unsupported: 207 switch (key->conf.cipher) { 208 case WLAN_CIPHER_SUITE_WEP40: 209 case WLAN_CIPHER_SUITE_WEP104: 210 case WLAN_CIPHER_SUITE_TKIP: 211 case WLAN_CIPHER_SUITE_CCMP: 212 case WLAN_CIPHER_SUITE_CCMP_256: 213 case WLAN_CIPHER_SUITE_GCMP: 214 case WLAN_CIPHER_SUITE_GCMP_256: 215 case WLAN_CIPHER_SUITE_AES_CMAC: 216 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 217 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 218 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 219 /* all of these we can do in software - if driver can */ 220 if (ret == 1) 221 return 0; 222 if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL)) 223 return -EINVAL; 224 return 0; 225 default: 226 return -EINVAL; 227 } 228 } 229 230 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key) 231 { 232 struct ieee80211_sub_if_data *sdata; 233 struct sta_info *sta; 234 int ret; 235 236 might_sleep(); 237 238 if (!key || !key->local->ops->set_key) 239 return; 240 241 assert_key_lock(key->local); 242 243 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 244 return; 245 246 sta = key->sta; 247 sdata = key->sdata; 248 249 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 250 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 251 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 252 increment_tailroom_need_count(sdata); 253 254 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 255 ret = drv_set_key(key->local, DISABLE_KEY, sdata, 256 sta ? &sta->sta : NULL, &key->conf); 257 258 if (ret) 259 sdata_err(sdata, 260 "failed to remove key (%d, %pM) from hardware (%d)\n", 261 key->conf.keyidx, 262 sta ? sta->sta.addr : bcast_addr, ret); 263 } 264 265 static int _ieee80211_set_tx_key(struct ieee80211_key *key, bool force) 266 { 267 struct sta_info *sta = key->sta; 268 struct ieee80211_local *local = key->local; 269 270 assert_key_lock(local); 271 272 set_sta_flag(sta, WLAN_STA_USES_ENCRYPTION); 273 274 sta->ptk_idx = key->conf.keyidx; 275 276 if (force || !ieee80211_hw_check(&local->hw, AMPDU_KEYBORDER_SUPPORT)) 277 clear_sta_flag(sta, WLAN_STA_BLOCK_BA); 278 ieee80211_check_fast_xmit(sta); 279 280 return 0; 281 } 282 283 int ieee80211_set_tx_key(struct ieee80211_key *key) 284 { 285 return _ieee80211_set_tx_key(key, false); 286 } 287 288 static void ieee80211_pairwise_rekey(struct ieee80211_key *old, 289 struct ieee80211_key *new) 290 { 291 struct ieee80211_local *local = new->local; 292 struct sta_info *sta = new->sta; 293 int i; 294 295 assert_key_lock(local); 296 297 if (new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX) { 298 /* Extended Key ID key install, initial one or rekey */ 299 300 if (sta->ptk_idx != INVALID_PTK_KEYIDX && 301 !ieee80211_hw_check(&local->hw, AMPDU_KEYBORDER_SUPPORT)) { 302 /* Aggregation Sessions with Extended Key ID must not 303 * mix MPDUs with different keyIDs within one A-MPDU. 304 * Tear down running Tx aggregation sessions and block 305 * new Rx/Tx aggregation requests during rekey to 306 * ensure there are no A-MPDUs when the driver is not 307 * supporting A-MPDU key borders. (Blocking Tx only 308 * would be sufficient but WLAN_STA_BLOCK_BA gets the 309 * job done for the few ms we need it.) 310 */ 311 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 312 mutex_lock(&sta->ampdu_mlme.mtx); 313 for (i = 0; i < IEEE80211_NUM_TIDS; i++) 314 ___ieee80211_stop_tx_ba_session(sta, i, 315 AGG_STOP_LOCAL_REQUEST); 316 mutex_unlock(&sta->ampdu_mlme.mtx); 317 } 318 } else if (old) { 319 /* Rekey without Extended Key ID. 320 * Aggregation sessions are OK when running on SW crypto. 321 * A broken remote STA may cause issues not observed with HW 322 * crypto, though. 323 */ 324 if (!(old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 325 return; 326 327 /* Stop Tx till we are on the new key */ 328 old->flags |= KEY_FLAG_TAINTED; 329 ieee80211_clear_fast_xmit(sta); 330 if (ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION)) { 331 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 332 ieee80211_sta_tear_down_BA_sessions(sta, 333 AGG_STOP_LOCAL_REQUEST); 334 } 335 if (!wiphy_ext_feature_isset(local->hw.wiphy, 336 NL80211_EXT_FEATURE_CAN_REPLACE_PTK0)) { 337 pr_warn_ratelimited("Rekeying PTK for STA %pM but driver can't safely do that.", 338 sta->sta.addr); 339 /* Flushing the driver queues *may* help prevent 340 * the clear text leaks and freezes. 341 */ 342 ieee80211_flush_queues(local, old->sdata, false); 343 } 344 } 345 } 346 347 static void __ieee80211_set_default_key(struct ieee80211_link_data *link, 348 int idx, bool uni, bool multi) 349 { 350 struct ieee80211_sub_if_data *sdata = link->sdata; 351 struct ieee80211_key *key = NULL; 352 353 assert_key_lock(sdata->local); 354 355 if (idx >= 0 && idx < NUM_DEFAULT_KEYS) { 356 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 357 if (!key) 358 key = key_mtx_dereference(sdata->local, link->gtk[idx]); 359 } 360 361 if (uni) { 362 rcu_assign_pointer(sdata->default_unicast_key, key); 363 ieee80211_check_fast_xmit_iface(sdata); 364 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN) 365 drv_set_default_unicast_key(sdata->local, sdata, idx); 366 } 367 368 if (multi) 369 rcu_assign_pointer(link->default_multicast_key, key); 370 371 ieee80211_debugfs_key_update_default(sdata); 372 } 373 374 void ieee80211_set_default_key(struct ieee80211_link_data *link, int idx, 375 bool uni, bool multi) 376 { 377 mutex_lock(&link->sdata->local->key_mtx); 378 __ieee80211_set_default_key(link, idx, uni, multi); 379 mutex_unlock(&link->sdata->local->key_mtx); 380 } 381 382 static void 383 __ieee80211_set_default_mgmt_key(struct ieee80211_link_data *link, int idx) 384 { 385 struct ieee80211_sub_if_data *sdata = link->sdata; 386 struct ieee80211_key *key = NULL; 387 388 assert_key_lock(sdata->local); 389 390 if (idx >= NUM_DEFAULT_KEYS && 391 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) 392 key = key_mtx_dereference(sdata->local, link->gtk[idx]); 393 394 rcu_assign_pointer(link->default_mgmt_key, key); 395 396 ieee80211_debugfs_key_update_default(sdata); 397 } 398 399 void ieee80211_set_default_mgmt_key(struct ieee80211_link_data *link, 400 int idx) 401 { 402 mutex_lock(&link->sdata->local->key_mtx); 403 __ieee80211_set_default_mgmt_key(link, idx); 404 mutex_unlock(&link->sdata->local->key_mtx); 405 } 406 407 static void 408 __ieee80211_set_default_beacon_key(struct ieee80211_link_data *link, int idx) 409 { 410 struct ieee80211_sub_if_data *sdata = link->sdata; 411 struct ieee80211_key *key = NULL; 412 413 assert_key_lock(sdata->local); 414 415 if (idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS && 416 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS + 417 NUM_DEFAULT_BEACON_KEYS) 418 key = key_mtx_dereference(sdata->local, link->gtk[idx]); 419 420 rcu_assign_pointer(link->default_beacon_key, key); 421 422 ieee80211_debugfs_key_update_default(sdata); 423 } 424 425 void ieee80211_set_default_beacon_key(struct ieee80211_link_data *link, 426 int idx) 427 { 428 mutex_lock(&link->sdata->local->key_mtx); 429 __ieee80211_set_default_beacon_key(link, idx); 430 mutex_unlock(&link->sdata->local->key_mtx); 431 } 432 433 static int ieee80211_key_replace(struct ieee80211_sub_if_data *sdata, 434 struct ieee80211_link_data *link, 435 struct sta_info *sta, 436 bool pairwise, 437 struct ieee80211_key *old, 438 struct ieee80211_key *new) 439 { 440 struct link_sta_info *link_sta = sta ? &sta->deflink : NULL; 441 int link_id; 442 int idx; 443 int ret = 0; 444 bool defunikey, defmultikey, defmgmtkey, defbeaconkey; 445 bool is_wep; 446 447 /* caller must provide at least one old/new */ 448 if (WARN_ON(!new && !old)) 449 return 0; 450 451 if (new) { 452 idx = new->conf.keyidx; 453 is_wep = new->conf.cipher == WLAN_CIPHER_SUITE_WEP40 || 454 new->conf.cipher == WLAN_CIPHER_SUITE_WEP104; 455 link_id = new->conf.link_id; 456 } else { 457 idx = old->conf.keyidx; 458 is_wep = old->conf.cipher == WLAN_CIPHER_SUITE_WEP40 || 459 old->conf.cipher == WLAN_CIPHER_SUITE_WEP104; 460 link_id = old->conf.link_id; 461 } 462 463 if (WARN(old && old->conf.link_id != link_id, 464 "old link ID %d doesn't match new link ID %d\n", 465 old->conf.link_id, link_id)) 466 return -EINVAL; 467 468 if (link_id >= 0) { 469 if (!link) { 470 link = sdata_dereference(sdata->link[link_id], sdata); 471 if (!link) 472 return -ENOLINK; 473 } 474 475 if (sta) { 476 link_sta = rcu_dereference_protected(sta->link[link_id], 477 lockdep_is_held(&sta->local->sta_mtx)); 478 if (!link_sta) 479 return -ENOLINK; 480 } 481 } else { 482 link = &sdata->deflink; 483 } 484 485 if ((is_wep || pairwise) && idx >= NUM_DEFAULT_KEYS) 486 return -EINVAL; 487 488 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx); 489 490 if (new && sta && pairwise) { 491 /* Unicast rekey needs special handling. With Extended Key ID 492 * old is still NULL for the first rekey. 493 */ 494 ieee80211_pairwise_rekey(old, new); 495 } 496 497 if (old) { 498 if (old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 499 ieee80211_key_disable_hw_accel(old); 500 501 if (new) 502 ret = ieee80211_key_enable_hw_accel(new); 503 } 504 } else { 505 if (!new->local->wowlan) 506 ret = ieee80211_key_enable_hw_accel(new); 507 } 508 509 if (ret) 510 return ret; 511 512 if (new) 513 list_add_tail_rcu(&new->list, &sdata->key_list); 514 515 if (sta) { 516 if (pairwise) { 517 rcu_assign_pointer(sta->ptk[idx], new); 518 if (new && 519 !(new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX)) 520 _ieee80211_set_tx_key(new, true); 521 } else { 522 rcu_assign_pointer(link_sta->gtk[idx], new); 523 } 524 /* Only needed for transition from no key -> key. 525 * Still triggers unnecessary when using Extended Key ID 526 * and installing the second key ID the first time. 527 */ 528 if (new && !old) 529 ieee80211_check_fast_rx(sta); 530 } else { 531 defunikey = old && 532 old == key_mtx_dereference(sdata->local, 533 sdata->default_unicast_key); 534 defmultikey = old && 535 old == key_mtx_dereference(sdata->local, 536 link->default_multicast_key); 537 defmgmtkey = old && 538 old == key_mtx_dereference(sdata->local, 539 link->default_mgmt_key); 540 defbeaconkey = old && 541 old == key_mtx_dereference(sdata->local, 542 link->default_beacon_key); 543 544 if (defunikey && !new) 545 __ieee80211_set_default_key(link, -1, true, false); 546 if (defmultikey && !new) 547 __ieee80211_set_default_key(link, -1, false, true); 548 if (defmgmtkey && !new) 549 __ieee80211_set_default_mgmt_key(link, -1); 550 if (defbeaconkey && !new) 551 __ieee80211_set_default_beacon_key(link, -1); 552 553 if (is_wep || pairwise) 554 rcu_assign_pointer(sdata->keys[idx], new); 555 else 556 rcu_assign_pointer(link->gtk[idx], new); 557 558 if (defunikey && new) 559 __ieee80211_set_default_key(link, new->conf.keyidx, 560 true, false); 561 if (defmultikey && new) 562 __ieee80211_set_default_key(link, new->conf.keyidx, 563 false, true); 564 if (defmgmtkey && new) 565 __ieee80211_set_default_mgmt_key(link, 566 new->conf.keyidx); 567 if (defbeaconkey && new) 568 __ieee80211_set_default_beacon_key(link, 569 new->conf.keyidx); 570 } 571 572 if (old) 573 list_del_rcu(&old->list); 574 575 return 0; 576 } 577 578 struct ieee80211_key * 579 ieee80211_key_alloc(u32 cipher, int idx, size_t key_len, 580 const u8 *key_data, 581 size_t seq_len, const u8 *seq) 582 { 583 struct ieee80211_key *key; 584 int i, j, err; 585 586 if (WARN_ON(idx < 0 || 587 idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS + 588 NUM_DEFAULT_BEACON_KEYS)) 589 return ERR_PTR(-EINVAL); 590 591 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL); 592 if (!key) 593 return ERR_PTR(-ENOMEM); 594 595 /* 596 * Default to software encryption; we'll later upload the 597 * key to the hardware if possible. 598 */ 599 key->conf.flags = 0; 600 key->flags = 0; 601 602 key->conf.link_id = -1; 603 key->conf.cipher = cipher; 604 key->conf.keyidx = idx; 605 key->conf.keylen = key_len; 606 switch (cipher) { 607 case WLAN_CIPHER_SUITE_WEP40: 608 case WLAN_CIPHER_SUITE_WEP104: 609 key->conf.iv_len = IEEE80211_WEP_IV_LEN; 610 key->conf.icv_len = IEEE80211_WEP_ICV_LEN; 611 break; 612 case WLAN_CIPHER_SUITE_TKIP: 613 key->conf.iv_len = IEEE80211_TKIP_IV_LEN; 614 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN; 615 if (seq) { 616 for (i = 0; i < IEEE80211_NUM_TIDS; i++) { 617 key->u.tkip.rx[i].iv32 = 618 get_unaligned_le32(&seq[2]); 619 key->u.tkip.rx[i].iv16 = 620 get_unaligned_le16(seq); 621 } 622 } 623 spin_lock_init(&key->u.tkip.txlock); 624 break; 625 case WLAN_CIPHER_SUITE_CCMP: 626 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN; 627 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN; 628 if (seq) { 629 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 630 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++) 631 key->u.ccmp.rx_pn[i][j] = 632 seq[IEEE80211_CCMP_PN_LEN - j - 1]; 633 } 634 /* 635 * Initialize AES key state here as an optimization so that 636 * it does not need to be initialized for every packet. 637 */ 638 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 639 key_data, key_len, IEEE80211_CCMP_MIC_LEN); 640 if (IS_ERR(key->u.ccmp.tfm)) { 641 err = PTR_ERR(key->u.ccmp.tfm); 642 kfree(key); 643 return ERR_PTR(err); 644 } 645 break; 646 case WLAN_CIPHER_SUITE_CCMP_256: 647 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN; 648 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN; 649 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 650 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++) 651 key->u.ccmp.rx_pn[i][j] = 652 seq[IEEE80211_CCMP_256_PN_LEN - j - 1]; 653 /* Initialize AES key state here as an optimization so that 654 * it does not need to be initialized for every packet. 655 */ 656 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 657 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN); 658 if (IS_ERR(key->u.ccmp.tfm)) { 659 err = PTR_ERR(key->u.ccmp.tfm); 660 kfree(key); 661 return ERR_PTR(err); 662 } 663 break; 664 case WLAN_CIPHER_SUITE_AES_CMAC: 665 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 666 key->conf.iv_len = 0; 667 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC) 668 key->conf.icv_len = sizeof(struct ieee80211_mmie); 669 else 670 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 671 if (seq) 672 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++) 673 key->u.aes_cmac.rx_pn[j] = 674 seq[IEEE80211_CMAC_PN_LEN - j - 1]; 675 /* 676 * Initialize AES key state here as an optimization so that 677 * it does not need to be initialized for every packet. 678 */ 679 key->u.aes_cmac.tfm = 680 ieee80211_aes_cmac_key_setup(key_data, key_len); 681 if (IS_ERR(key->u.aes_cmac.tfm)) { 682 err = PTR_ERR(key->u.aes_cmac.tfm); 683 kfree(key); 684 return ERR_PTR(err); 685 } 686 break; 687 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 688 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 689 key->conf.iv_len = 0; 690 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 691 if (seq) 692 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++) 693 key->u.aes_gmac.rx_pn[j] = 694 seq[IEEE80211_GMAC_PN_LEN - j - 1]; 695 /* Initialize AES key state here as an optimization so that 696 * it does not need to be initialized for every packet. 697 */ 698 key->u.aes_gmac.tfm = 699 ieee80211_aes_gmac_key_setup(key_data, key_len); 700 if (IS_ERR(key->u.aes_gmac.tfm)) { 701 err = PTR_ERR(key->u.aes_gmac.tfm); 702 kfree(key); 703 return ERR_PTR(err); 704 } 705 break; 706 case WLAN_CIPHER_SUITE_GCMP: 707 case WLAN_CIPHER_SUITE_GCMP_256: 708 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN; 709 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN; 710 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 711 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++) 712 key->u.gcmp.rx_pn[i][j] = 713 seq[IEEE80211_GCMP_PN_LEN - j - 1]; 714 /* Initialize AES key state here as an optimization so that 715 * it does not need to be initialized for every packet. 716 */ 717 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data, 718 key_len); 719 if (IS_ERR(key->u.gcmp.tfm)) { 720 err = PTR_ERR(key->u.gcmp.tfm); 721 kfree(key); 722 return ERR_PTR(err); 723 } 724 break; 725 } 726 memcpy(key->conf.key, key_data, key_len); 727 INIT_LIST_HEAD(&key->list); 728 729 return key; 730 } 731 732 static void ieee80211_key_free_common(struct ieee80211_key *key) 733 { 734 switch (key->conf.cipher) { 735 case WLAN_CIPHER_SUITE_CCMP: 736 case WLAN_CIPHER_SUITE_CCMP_256: 737 ieee80211_aes_key_free(key->u.ccmp.tfm); 738 break; 739 case WLAN_CIPHER_SUITE_AES_CMAC: 740 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 741 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm); 742 break; 743 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 744 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 745 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm); 746 break; 747 case WLAN_CIPHER_SUITE_GCMP: 748 case WLAN_CIPHER_SUITE_GCMP_256: 749 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm); 750 break; 751 } 752 kfree_sensitive(key); 753 } 754 755 static void __ieee80211_key_destroy(struct ieee80211_key *key, 756 bool delay_tailroom) 757 { 758 if (key->local) { 759 struct ieee80211_sub_if_data *sdata = key->sdata; 760 761 ieee80211_debugfs_key_remove(key); 762 763 if (delay_tailroom) { 764 /* see ieee80211_delayed_tailroom_dec */ 765 sdata->crypto_tx_tailroom_pending_dec++; 766 schedule_delayed_work(&sdata->dec_tailroom_needed_wk, 767 HZ/2); 768 } else { 769 decrease_tailroom_need_count(sdata, 1); 770 } 771 } 772 773 ieee80211_key_free_common(key); 774 } 775 776 static void ieee80211_key_destroy(struct ieee80211_key *key, 777 bool delay_tailroom) 778 { 779 if (!key) 780 return; 781 782 /* 783 * Synchronize so the TX path and rcu key iterators 784 * can no longer be using this key before we free/remove it. 785 */ 786 synchronize_net(); 787 788 __ieee80211_key_destroy(key, delay_tailroom); 789 } 790 791 void ieee80211_key_free_unused(struct ieee80211_key *key) 792 { 793 WARN_ON(key->sdata || key->local); 794 ieee80211_key_free_common(key); 795 } 796 797 static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata, 798 struct ieee80211_key *old, 799 struct ieee80211_key *new) 800 { 801 u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP]; 802 u8 *tk_old, *tk_new; 803 804 if (!old || new->conf.keylen != old->conf.keylen) 805 return false; 806 807 tk_old = old->conf.key; 808 tk_new = new->conf.key; 809 810 /* 811 * In station mode, don't compare the TX MIC key, as it's never used 812 * and offloaded rekeying may not care to send it to the host. This 813 * is the case in iwlwifi, for example. 814 */ 815 if (sdata->vif.type == NL80211_IFTYPE_STATION && 816 new->conf.cipher == WLAN_CIPHER_SUITE_TKIP && 817 new->conf.keylen == WLAN_KEY_LEN_TKIP && 818 !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) { 819 memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP); 820 memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP); 821 memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8); 822 memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8); 823 tk_old = tkip_old; 824 tk_new = tkip_new; 825 } 826 827 return !crypto_memneq(tk_old, tk_new, new->conf.keylen); 828 } 829 830 int ieee80211_key_link(struct ieee80211_key *key, 831 struct ieee80211_link_data *link, 832 struct sta_info *sta) 833 { 834 struct ieee80211_sub_if_data *sdata = link->sdata; 835 static atomic_t key_color = ATOMIC_INIT(0); 836 struct ieee80211_key *old_key = NULL; 837 int idx = key->conf.keyidx; 838 bool pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE; 839 /* 840 * We want to delay tailroom updates only for station - in that 841 * case it helps roaming speed, but in other cases it hurts and 842 * can cause warnings to appear. 843 */ 844 bool delay_tailroom = sdata->vif.type == NL80211_IFTYPE_STATION; 845 int ret = -EOPNOTSUPP; 846 847 mutex_lock(&sdata->local->key_mtx); 848 849 if (sta && pairwise) { 850 struct ieee80211_key *alt_key; 851 852 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]); 853 alt_key = key_mtx_dereference(sdata->local, sta->ptk[idx ^ 1]); 854 855 /* The rekey code assumes that the old and new key are using 856 * the same cipher. Enforce the assumption for pairwise keys. 857 */ 858 if ((alt_key && alt_key->conf.cipher != key->conf.cipher) || 859 (old_key && old_key->conf.cipher != key->conf.cipher)) 860 goto out; 861 } else if (sta) { 862 struct link_sta_info *link_sta = &sta->deflink; 863 int link_id = key->conf.link_id; 864 865 if (link_id >= 0) { 866 link_sta = rcu_dereference_protected(sta->link[link_id], 867 lockdep_is_held(&sta->local->sta_mtx)); 868 if (!link_sta) { 869 ret = -ENOLINK; 870 goto out; 871 } 872 } 873 874 old_key = key_mtx_dereference(sdata->local, link_sta->gtk[idx]); 875 } else { 876 if (idx < NUM_DEFAULT_KEYS) 877 old_key = key_mtx_dereference(sdata->local, 878 sdata->keys[idx]); 879 if (!old_key) 880 old_key = key_mtx_dereference(sdata->local, 881 link->gtk[idx]); 882 } 883 884 /* Non-pairwise keys must also not switch the cipher on rekey */ 885 if (!pairwise) { 886 if (old_key && old_key->conf.cipher != key->conf.cipher) 887 goto out; 888 } 889 890 /* 891 * Silently accept key re-installation without really installing the 892 * new version of the key to avoid nonce reuse or replay issues. 893 */ 894 if (ieee80211_key_identical(sdata, old_key, key)) { 895 ieee80211_key_free_unused(key); 896 ret = 0; 897 goto out; 898 } 899 900 key->local = sdata->local; 901 key->sdata = sdata; 902 key->sta = sta; 903 904 /* 905 * Assign a unique ID to every key so we can easily prevent mixed 906 * key and fragment cache attacks. 907 */ 908 key->color = atomic_inc_return(&key_color); 909 910 increment_tailroom_need_count(sdata); 911 912 ret = ieee80211_key_replace(sdata, link, sta, pairwise, old_key, key); 913 914 if (!ret) { 915 ieee80211_debugfs_key_add(key); 916 ieee80211_key_destroy(old_key, delay_tailroom); 917 } else { 918 ieee80211_key_free(key, delay_tailroom); 919 } 920 921 out: 922 mutex_unlock(&sdata->local->key_mtx); 923 924 return ret; 925 } 926 927 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom) 928 { 929 if (!key) 930 return; 931 932 /* 933 * Replace key with nothingness if it was ever used. 934 */ 935 if (key->sdata) 936 ieee80211_key_replace(key->sdata, NULL, key->sta, 937 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 938 key, NULL); 939 ieee80211_key_destroy(key, delay_tailroom); 940 } 941 942 void ieee80211_reenable_keys(struct ieee80211_sub_if_data *sdata) 943 { 944 struct ieee80211_key *key; 945 struct ieee80211_sub_if_data *vlan; 946 947 lockdep_assert_wiphy(sdata->local->hw.wiphy); 948 949 mutex_lock(&sdata->local->key_mtx); 950 951 sdata->crypto_tx_tailroom_needed_cnt = 0; 952 sdata->crypto_tx_tailroom_pending_dec = 0; 953 954 if (sdata->vif.type == NL80211_IFTYPE_AP) { 955 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) { 956 vlan->crypto_tx_tailroom_needed_cnt = 0; 957 vlan->crypto_tx_tailroom_pending_dec = 0; 958 } 959 } 960 961 if (ieee80211_sdata_running(sdata)) { 962 list_for_each_entry(key, &sdata->key_list, list) { 963 increment_tailroom_need_count(sdata); 964 ieee80211_key_enable_hw_accel(key); 965 } 966 } 967 968 mutex_unlock(&sdata->local->key_mtx); 969 } 970 971 void ieee80211_iter_keys(struct ieee80211_hw *hw, 972 struct ieee80211_vif *vif, 973 void (*iter)(struct ieee80211_hw *hw, 974 struct ieee80211_vif *vif, 975 struct ieee80211_sta *sta, 976 struct ieee80211_key_conf *key, 977 void *data), 978 void *iter_data) 979 { 980 struct ieee80211_local *local = hw_to_local(hw); 981 struct ieee80211_key *key, *tmp; 982 struct ieee80211_sub_if_data *sdata; 983 984 lockdep_assert_wiphy(hw->wiphy); 985 986 mutex_lock(&local->key_mtx); 987 if (vif) { 988 sdata = vif_to_sdata(vif); 989 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) 990 iter(hw, &sdata->vif, 991 key->sta ? &key->sta->sta : NULL, 992 &key->conf, iter_data); 993 } else { 994 list_for_each_entry(sdata, &local->interfaces, list) 995 list_for_each_entry_safe(key, tmp, 996 &sdata->key_list, list) 997 iter(hw, &sdata->vif, 998 key->sta ? &key->sta->sta : NULL, 999 &key->conf, iter_data); 1000 } 1001 mutex_unlock(&local->key_mtx); 1002 } 1003 EXPORT_SYMBOL(ieee80211_iter_keys); 1004 1005 static void 1006 _ieee80211_iter_keys_rcu(struct ieee80211_hw *hw, 1007 struct ieee80211_sub_if_data *sdata, 1008 void (*iter)(struct ieee80211_hw *hw, 1009 struct ieee80211_vif *vif, 1010 struct ieee80211_sta *sta, 1011 struct ieee80211_key_conf *key, 1012 void *data), 1013 void *iter_data) 1014 { 1015 struct ieee80211_key *key; 1016 1017 list_for_each_entry_rcu(key, &sdata->key_list, list) { 1018 /* skip keys of station in removal process */ 1019 if (key->sta && key->sta->removed) 1020 continue; 1021 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 1022 continue; 1023 1024 iter(hw, &sdata->vif, 1025 key->sta ? &key->sta->sta : NULL, 1026 &key->conf, iter_data); 1027 } 1028 } 1029 1030 void ieee80211_iter_keys_rcu(struct ieee80211_hw *hw, 1031 struct ieee80211_vif *vif, 1032 void (*iter)(struct ieee80211_hw *hw, 1033 struct ieee80211_vif *vif, 1034 struct ieee80211_sta *sta, 1035 struct ieee80211_key_conf *key, 1036 void *data), 1037 void *iter_data) 1038 { 1039 struct ieee80211_local *local = hw_to_local(hw); 1040 struct ieee80211_sub_if_data *sdata; 1041 1042 if (vif) { 1043 sdata = vif_to_sdata(vif); 1044 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data); 1045 } else { 1046 list_for_each_entry_rcu(sdata, &local->interfaces, list) 1047 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data); 1048 } 1049 } 1050 EXPORT_SYMBOL(ieee80211_iter_keys_rcu); 1051 1052 static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata, 1053 struct list_head *keys) 1054 { 1055 struct ieee80211_key *key, *tmp; 1056 1057 decrease_tailroom_need_count(sdata, 1058 sdata->crypto_tx_tailroom_pending_dec); 1059 sdata->crypto_tx_tailroom_pending_dec = 0; 1060 1061 ieee80211_debugfs_key_remove_mgmt_default(sdata); 1062 ieee80211_debugfs_key_remove_beacon_default(sdata); 1063 1064 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) { 1065 ieee80211_key_replace(key->sdata, NULL, key->sta, 1066 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1067 key, NULL); 1068 list_add_tail(&key->list, keys); 1069 } 1070 1071 ieee80211_debugfs_key_update_default(sdata); 1072 } 1073 1074 void ieee80211_remove_link_keys(struct ieee80211_link_data *link, 1075 struct list_head *keys) 1076 { 1077 struct ieee80211_sub_if_data *sdata = link->sdata; 1078 struct ieee80211_local *local = sdata->local; 1079 struct ieee80211_key *key, *tmp; 1080 1081 mutex_lock(&local->key_mtx); 1082 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) { 1083 if (key->conf.link_id != link->link_id) 1084 continue; 1085 ieee80211_key_replace(key->sdata, link, key->sta, 1086 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1087 key, NULL); 1088 list_add_tail(&key->list, keys); 1089 } 1090 mutex_unlock(&local->key_mtx); 1091 } 1092 1093 void ieee80211_free_key_list(struct ieee80211_local *local, 1094 struct list_head *keys) 1095 { 1096 struct ieee80211_key *key, *tmp; 1097 1098 mutex_lock(&local->key_mtx); 1099 list_for_each_entry_safe(key, tmp, keys, list) 1100 __ieee80211_key_destroy(key, false); 1101 mutex_unlock(&local->key_mtx); 1102 } 1103 1104 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata, 1105 bool force_synchronize) 1106 { 1107 struct ieee80211_local *local = sdata->local; 1108 struct ieee80211_sub_if_data *vlan; 1109 struct ieee80211_sub_if_data *master; 1110 struct ieee80211_key *key, *tmp; 1111 LIST_HEAD(keys); 1112 1113 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk); 1114 1115 mutex_lock(&local->key_mtx); 1116 1117 ieee80211_free_keys_iface(sdata, &keys); 1118 1119 if (sdata->vif.type == NL80211_IFTYPE_AP) { 1120 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 1121 ieee80211_free_keys_iface(vlan, &keys); 1122 } 1123 1124 if (!list_empty(&keys) || force_synchronize) 1125 synchronize_net(); 1126 list_for_each_entry_safe(key, tmp, &keys, list) 1127 __ieee80211_key_destroy(key, false); 1128 1129 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 1130 if (sdata->bss) { 1131 master = container_of(sdata->bss, 1132 struct ieee80211_sub_if_data, 1133 u.ap); 1134 1135 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt != 1136 master->crypto_tx_tailroom_needed_cnt); 1137 } 1138 } else { 1139 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt || 1140 sdata->crypto_tx_tailroom_pending_dec); 1141 } 1142 1143 if (sdata->vif.type == NL80211_IFTYPE_AP) { 1144 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 1145 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt || 1146 vlan->crypto_tx_tailroom_pending_dec); 1147 } 1148 1149 mutex_unlock(&local->key_mtx); 1150 } 1151 1152 void ieee80211_free_sta_keys(struct ieee80211_local *local, 1153 struct sta_info *sta) 1154 { 1155 struct ieee80211_key *key; 1156 int i; 1157 1158 mutex_lock(&local->key_mtx); 1159 for (i = 0; i < ARRAY_SIZE(sta->deflink.gtk); i++) { 1160 key = key_mtx_dereference(local, sta->deflink.gtk[i]); 1161 if (!key) 1162 continue; 1163 ieee80211_key_replace(key->sdata, NULL, key->sta, 1164 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1165 key, NULL); 1166 __ieee80211_key_destroy(key, key->sdata->vif.type == 1167 NL80211_IFTYPE_STATION); 1168 } 1169 1170 for (i = 0; i < NUM_DEFAULT_KEYS; i++) { 1171 key = key_mtx_dereference(local, sta->ptk[i]); 1172 if (!key) 1173 continue; 1174 ieee80211_key_replace(key->sdata, NULL, key->sta, 1175 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1176 key, NULL); 1177 __ieee80211_key_destroy(key, key->sdata->vif.type == 1178 NL80211_IFTYPE_STATION); 1179 } 1180 1181 mutex_unlock(&local->key_mtx); 1182 } 1183 1184 void ieee80211_delayed_tailroom_dec(struct work_struct *wk) 1185 { 1186 struct ieee80211_sub_if_data *sdata; 1187 1188 sdata = container_of(wk, struct ieee80211_sub_if_data, 1189 dec_tailroom_needed_wk.work); 1190 1191 /* 1192 * The reason for the delayed tailroom needed decrementing is to 1193 * make roaming faster: during roaming, all keys are first deleted 1194 * and then new keys are installed. The first new key causes the 1195 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes 1196 * the cost of synchronize_net() (which can be slow). Avoid this 1197 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on 1198 * key removal for a while, so if we roam the value is larger than 1199 * zero and no 0->1 transition happens. 1200 * 1201 * The cost is that if the AP switching was from an AP with keys 1202 * to one without, we still allocate tailroom while it would no 1203 * longer be needed. However, in the typical (fast) roaming case 1204 * within an ESS this usually won't happen. 1205 */ 1206 1207 mutex_lock(&sdata->local->key_mtx); 1208 decrease_tailroom_need_count(sdata, 1209 sdata->crypto_tx_tailroom_pending_dec); 1210 sdata->crypto_tx_tailroom_pending_dec = 0; 1211 mutex_unlock(&sdata->local->key_mtx); 1212 } 1213 1214 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid, 1215 const u8 *replay_ctr, gfp_t gfp) 1216 { 1217 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1218 1219 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr); 1220 1221 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp); 1222 } 1223 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify); 1224 1225 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf, 1226 int tid, struct ieee80211_key_seq *seq) 1227 { 1228 struct ieee80211_key *key; 1229 const u8 *pn; 1230 1231 key = container_of(keyconf, struct ieee80211_key, conf); 1232 1233 switch (key->conf.cipher) { 1234 case WLAN_CIPHER_SUITE_TKIP: 1235 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 1236 return; 1237 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32; 1238 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16; 1239 break; 1240 case WLAN_CIPHER_SUITE_CCMP: 1241 case WLAN_CIPHER_SUITE_CCMP_256: 1242 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1243 return; 1244 if (tid < 0) 1245 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 1246 else 1247 pn = key->u.ccmp.rx_pn[tid]; 1248 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN); 1249 break; 1250 case WLAN_CIPHER_SUITE_AES_CMAC: 1251 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1252 if (WARN_ON(tid != 0)) 1253 return; 1254 pn = key->u.aes_cmac.rx_pn; 1255 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN); 1256 break; 1257 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1258 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1259 if (WARN_ON(tid != 0)) 1260 return; 1261 pn = key->u.aes_gmac.rx_pn; 1262 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN); 1263 break; 1264 case WLAN_CIPHER_SUITE_GCMP: 1265 case WLAN_CIPHER_SUITE_GCMP_256: 1266 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1267 return; 1268 if (tid < 0) 1269 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 1270 else 1271 pn = key->u.gcmp.rx_pn[tid]; 1272 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN); 1273 break; 1274 } 1275 } 1276 EXPORT_SYMBOL(ieee80211_get_key_rx_seq); 1277 1278 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf, 1279 int tid, struct ieee80211_key_seq *seq) 1280 { 1281 struct ieee80211_key *key; 1282 u8 *pn; 1283 1284 key = container_of(keyconf, struct ieee80211_key, conf); 1285 1286 switch (key->conf.cipher) { 1287 case WLAN_CIPHER_SUITE_TKIP: 1288 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 1289 return; 1290 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32; 1291 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16; 1292 break; 1293 case WLAN_CIPHER_SUITE_CCMP: 1294 case WLAN_CIPHER_SUITE_CCMP_256: 1295 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1296 return; 1297 if (tid < 0) 1298 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 1299 else 1300 pn = key->u.ccmp.rx_pn[tid]; 1301 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN); 1302 break; 1303 case WLAN_CIPHER_SUITE_AES_CMAC: 1304 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1305 if (WARN_ON(tid != 0)) 1306 return; 1307 pn = key->u.aes_cmac.rx_pn; 1308 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN); 1309 break; 1310 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1311 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1312 if (WARN_ON(tid != 0)) 1313 return; 1314 pn = key->u.aes_gmac.rx_pn; 1315 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN); 1316 break; 1317 case WLAN_CIPHER_SUITE_GCMP: 1318 case WLAN_CIPHER_SUITE_GCMP_256: 1319 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1320 return; 1321 if (tid < 0) 1322 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 1323 else 1324 pn = key->u.gcmp.rx_pn[tid]; 1325 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN); 1326 break; 1327 default: 1328 WARN_ON(1); 1329 break; 1330 } 1331 } 1332 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq); 1333 1334 void ieee80211_remove_key(struct ieee80211_key_conf *keyconf) 1335 { 1336 struct ieee80211_key *key; 1337 1338 key = container_of(keyconf, struct ieee80211_key, conf); 1339 1340 assert_key_lock(key->local); 1341 1342 /* 1343 * if key was uploaded, we assume the driver will/has remove(d) 1344 * it, so adjust bookkeeping accordingly 1345 */ 1346 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 1347 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 1348 1349 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 1350 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 1351 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 1352 increment_tailroom_need_count(key->sdata); 1353 } 1354 1355 ieee80211_key_free(key, false); 1356 } 1357 EXPORT_SYMBOL_GPL(ieee80211_remove_key); 1358 1359 struct ieee80211_key_conf * 1360 ieee80211_gtk_rekey_add(struct ieee80211_vif *vif, 1361 struct ieee80211_key_conf *keyconf) 1362 { 1363 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1364 struct ieee80211_local *local = sdata->local; 1365 struct ieee80211_key *key; 1366 int err; 1367 1368 if (WARN_ON(!local->wowlan)) 1369 return ERR_PTR(-EINVAL); 1370 1371 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION)) 1372 return ERR_PTR(-EINVAL); 1373 1374 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx, 1375 keyconf->keylen, keyconf->key, 1376 0, NULL); 1377 if (IS_ERR(key)) 1378 return ERR_CAST(key); 1379 1380 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED) 1381 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT; 1382 1383 /* FIXME: this function needs to get a link ID */ 1384 err = ieee80211_key_link(key, &sdata->deflink, NULL); 1385 if (err) 1386 return ERR_PTR(err); 1387 1388 return &key->conf; 1389 } 1390 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add); 1391 1392 void ieee80211_key_mic_failure(struct ieee80211_key_conf *keyconf) 1393 { 1394 struct ieee80211_key *key; 1395 1396 key = container_of(keyconf, struct ieee80211_key, conf); 1397 1398 switch (key->conf.cipher) { 1399 case WLAN_CIPHER_SUITE_AES_CMAC: 1400 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1401 key->u.aes_cmac.icverrors++; 1402 break; 1403 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1404 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1405 key->u.aes_gmac.icverrors++; 1406 break; 1407 default: 1408 /* ignore the others for now, we don't keep counters now */ 1409 break; 1410 } 1411 } 1412 EXPORT_SYMBOL_GPL(ieee80211_key_mic_failure); 1413 1414 void ieee80211_key_replay(struct ieee80211_key_conf *keyconf) 1415 { 1416 struct ieee80211_key *key; 1417 1418 key = container_of(keyconf, struct ieee80211_key, conf); 1419 1420 switch (key->conf.cipher) { 1421 case WLAN_CIPHER_SUITE_CCMP: 1422 case WLAN_CIPHER_SUITE_CCMP_256: 1423 key->u.ccmp.replays++; 1424 break; 1425 case WLAN_CIPHER_SUITE_AES_CMAC: 1426 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1427 key->u.aes_cmac.replays++; 1428 break; 1429 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1430 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1431 key->u.aes_gmac.replays++; 1432 break; 1433 case WLAN_CIPHER_SUITE_GCMP: 1434 case WLAN_CIPHER_SUITE_GCMP_256: 1435 key->u.gcmp.replays++; 1436 break; 1437 } 1438 } 1439 EXPORT_SYMBOL_GPL(ieee80211_key_replay); 1440