1 /* 2 * Copyright 2002-2005, Instant802 Networks, Inc. 3 * Copyright 2005-2006, Devicescape Software, Inc. 4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net> 6 * Copyright 2013-2014 Intel Mobile Communications GmbH 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License version 2 as 10 * published by the Free Software Foundation. 11 */ 12 13 #include <linux/if_ether.h> 14 #include <linux/etherdevice.h> 15 #include <linux/list.h> 16 #include <linux/rcupdate.h> 17 #include <linux/rtnetlink.h> 18 #include <linux/slab.h> 19 #include <linux/export.h> 20 #include <net/mac80211.h> 21 #include <asm/unaligned.h> 22 #include "ieee80211_i.h" 23 #include "driver-ops.h" 24 #include "debugfs_key.h" 25 #include "aes_ccm.h" 26 #include "aes_cmac.h" 27 #include "aes_gmac.h" 28 #include "aes_gcm.h" 29 30 31 /** 32 * DOC: Key handling basics 33 * 34 * Key handling in mac80211 is done based on per-interface (sub_if_data) 35 * keys and per-station keys. Since each station belongs to an interface, 36 * each station key also belongs to that interface. 37 * 38 * Hardware acceleration is done on a best-effort basis for algorithms 39 * that are implemented in software, for each key the hardware is asked 40 * to enable that key for offloading but if it cannot do that the key is 41 * simply kept for software encryption (unless it is for an algorithm 42 * that isn't implemented in software). 43 * There is currently no way of knowing whether a key is handled in SW 44 * or HW except by looking into debugfs. 45 * 46 * All key management is internally protected by a mutex. Within all 47 * other parts of mac80211, key references are, just as STA structure 48 * references, protected by RCU. Note, however, that some things are 49 * unprotected, namely the key->sta dereferences within the hardware 50 * acceleration functions. This means that sta_info_destroy() must 51 * remove the key which waits for an RCU grace period. 52 */ 53 54 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 55 56 static void assert_key_lock(struct ieee80211_local *local) 57 { 58 lockdep_assert_held(&local->key_mtx); 59 } 60 61 static void 62 update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta) 63 { 64 struct ieee80211_sub_if_data *vlan; 65 66 if (sdata->vif.type != NL80211_IFTYPE_AP) 67 return; 68 69 mutex_lock(&sdata->local->mtx); 70 71 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 72 vlan->crypto_tx_tailroom_needed_cnt += delta; 73 74 mutex_unlock(&sdata->local->mtx); 75 } 76 77 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata) 78 { 79 /* 80 * When this count is zero, SKB resizing for allocating tailroom 81 * for IV or MMIC is skipped. But, this check has created two race 82 * cases in xmit path while transiting from zero count to one: 83 * 84 * 1. SKB resize was skipped because no key was added but just before 85 * the xmit key is added and SW encryption kicks off. 86 * 87 * 2. SKB resize was skipped because all the keys were hw planted but 88 * just before xmit one of the key is deleted and SW encryption kicks 89 * off. 90 * 91 * In both the above case SW encryption will find not enough space for 92 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c) 93 * 94 * Solution has been explained at 95 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net 96 */ 97 98 update_vlan_tailroom_need_count(sdata, 1); 99 100 if (!sdata->crypto_tx_tailroom_needed_cnt++) { 101 /* 102 * Flush all XMIT packets currently using HW encryption or no 103 * encryption at all if the count transition is from 0 -> 1. 104 */ 105 synchronize_net(); 106 } 107 } 108 109 static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata, 110 int delta) 111 { 112 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta); 113 114 update_vlan_tailroom_need_count(sdata, -delta); 115 sdata->crypto_tx_tailroom_needed_cnt -= delta; 116 } 117 118 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key) 119 { 120 struct ieee80211_sub_if_data *sdata; 121 struct sta_info *sta; 122 int ret = -EOPNOTSUPP; 123 124 might_sleep(); 125 126 if (key->flags & KEY_FLAG_TAINTED) { 127 /* If we get here, it's during resume and the key is 128 * tainted so shouldn't be used/programmed any more. 129 * However, its flags may still indicate that it was 130 * programmed into the device (since we're in resume) 131 * so clear that flag now to avoid trying to remove 132 * it again later. 133 */ 134 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 135 return -EINVAL; 136 } 137 138 if (!key->local->ops->set_key) 139 goto out_unsupported; 140 141 assert_key_lock(key->local); 142 143 sta = key->sta; 144 145 /* 146 * If this is a per-STA GTK, check if it 147 * is supported; if not, return. 148 */ 149 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) && 150 !(key->local->hw.flags & IEEE80211_HW_SUPPORTS_PER_STA_GTK)) 151 goto out_unsupported; 152 153 if (sta && !sta->uploaded) 154 goto out_unsupported; 155 156 sdata = key->sdata; 157 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 158 /* 159 * The driver doesn't know anything about VLAN interfaces. 160 * Hence, don't send GTKs for VLAN interfaces to the driver. 161 */ 162 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) 163 goto out_unsupported; 164 } 165 166 ret = drv_set_key(key->local, SET_KEY, sdata, 167 sta ? &sta->sta : NULL, &key->conf); 168 169 if (!ret) { 170 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; 171 172 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 173 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 174 decrease_tailroom_need_count(sdata, 1); 175 176 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) && 177 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)); 178 179 return 0; 180 } 181 182 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1) 183 sdata_err(sdata, 184 "failed to set key (%d, %pM) to hardware (%d)\n", 185 key->conf.keyidx, 186 sta ? sta->sta.addr : bcast_addr, ret); 187 188 out_unsupported: 189 switch (key->conf.cipher) { 190 case WLAN_CIPHER_SUITE_WEP40: 191 case WLAN_CIPHER_SUITE_WEP104: 192 case WLAN_CIPHER_SUITE_TKIP: 193 case WLAN_CIPHER_SUITE_CCMP: 194 case WLAN_CIPHER_SUITE_CCMP_256: 195 case WLAN_CIPHER_SUITE_AES_CMAC: 196 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 197 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 198 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 199 case WLAN_CIPHER_SUITE_GCMP: 200 case WLAN_CIPHER_SUITE_GCMP_256: 201 /* all of these we can do in software - if driver can */ 202 if (ret == 1) 203 return 0; 204 if (key->local->hw.flags & IEEE80211_HW_SW_CRYPTO_CONTROL) 205 return -EINVAL; 206 return 0; 207 default: 208 return -EINVAL; 209 } 210 } 211 212 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key) 213 { 214 struct ieee80211_sub_if_data *sdata; 215 struct sta_info *sta; 216 int ret; 217 218 might_sleep(); 219 220 if (!key || !key->local->ops->set_key) 221 return; 222 223 assert_key_lock(key->local); 224 225 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 226 return; 227 228 sta = key->sta; 229 sdata = key->sdata; 230 231 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 232 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 233 increment_tailroom_need_count(sdata); 234 235 ret = drv_set_key(key->local, DISABLE_KEY, sdata, 236 sta ? &sta->sta : NULL, &key->conf); 237 238 if (ret) 239 sdata_err(sdata, 240 "failed to remove key (%d, %pM) from hardware (%d)\n", 241 key->conf.keyidx, 242 sta ? sta->sta.addr : bcast_addr, ret); 243 244 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 245 } 246 247 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, 248 int idx, bool uni, bool multi) 249 { 250 struct ieee80211_key *key = NULL; 251 252 assert_key_lock(sdata->local); 253 254 if (idx >= 0 && idx < NUM_DEFAULT_KEYS) 255 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 256 257 if (uni) { 258 rcu_assign_pointer(sdata->default_unicast_key, key); 259 drv_set_default_unicast_key(sdata->local, sdata, idx); 260 } 261 262 if (multi) 263 rcu_assign_pointer(sdata->default_multicast_key, key); 264 265 ieee80211_debugfs_key_update_default(sdata); 266 } 267 268 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx, 269 bool uni, bool multi) 270 { 271 mutex_lock(&sdata->local->key_mtx); 272 __ieee80211_set_default_key(sdata, idx, uni, multi); 273 mutex_unlock(&sdata->local->key_mtx); 274 } 275 276 static void 277 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx) 278 { 279 struct ieee80211_key *key = NULL; 280 281 assert_key_lock(sdata->local); 282 283 if (idx >= NUM_DEFAULT_KEYS && 284 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) 285 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 286 287 rcu_assign_pointer(sdata->default_mgmt_key, key); 288 289 ieee80211_debugfs_key_update_default(sdata); 290 } 291 292 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, 293 int idx) 294 { 295 mutex_lock(&sdata->local->key_mtx); 296 __ieee80211_set_default_mgmt_key(sdata, idx); 297 mutex_unlock(&sdata->local->key_mtx); 298 } 299 300 301 static void ieee80211_key_replace(struct ieee80211_sub_if_data *sdata, 302 struct sta_info *sta, 303 bool pairwise, 304 struct ieee80211_key *old, 305 struct ieee80211_key *new) 306 { 307 int idx; 308 bool defunikey, defmultikey, defmgmtkey; 309 310 /* caller must provide at least one old/new */ 311 if (WARN_ON(!new && !old)) 312 return; 313 314 if (new) 315 list_add_tail(&new->list, &sdata->key_list); 316 317 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx); 318 319 if (old) 320 idx = old->conf.keyidx; 321 else 322 idx = new->conf.keyidx; 323 324 if (sta) { 325 if (pairwise) { 326 rcu_assign_pointer(sta->ptk[idx], new); 327 sta->ptk_idx = idx; 328 } else { 329 rcu_assign_pointer(sta->gtk[idx], new); 330 sta->gtk_idx = idx; 331 } 332 } else { 333 defunikey = old && 334 old == key_mtx_dereference(sdata->local, 335 sdata->default_unicast_key); 336 defmultikey = old && 337 old == key_mtx_dereference(sdata->local, 338 sdata->default_multicast_key); 339 defmgmtkey = old && 340 old == key_mtx_dereference(sdata->local, 341 sdata->default_mgmt_key); 342 343 if (defunikey && !new) 344 __ieee80211_set_default_key(sdata, -1, true, false); 345 if (defmultikey && !new) 346 __ieee80211_set_default_key(sdata, -1, false, true); 347 if (defmgmtkey && !new) 348 __ieee80211_set_default_mgmt_key(sdata, -1); 349 350 rcu_assign_pointer(sdata->keys[idx], new); 351 if (defunikey && new) 352 __ieee80211_set_default_key(sdata, new->conf.keyidx, 353 true, false); 354 if (defmultikey && new) 355 __ieee80211_set_default_key(sdata, new->conf.keyidx, 356 false, true); 357 if (defmgmtkey && new) 358 __ieee80211_set_default_mgmt_key(sdata, 359 new->conf.keyidx); 360 } 361 362 if (old) 363 list_del(&old->list); 364 } 365 366 struct ieee80211_key * 367 ieee80211_key_alloc(u32 cipher, int idx, size_t key_len, 368 const u8 *key_data, 369 size_t seq_len, const u8 *seq, 370 const struct ieee80211_cipher_scheme *cs) 371 { 372 struct ieee80211_key *key; 373 int i, j, err; 374 375 if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)) 376 return ERR_PTR(-EINVAL); 377 378 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL); 379 if (!key) 380 return ERR_PTR(-ENOMEM); 381 382 /* 383 * Default to software encryption; we'll later upload the 384 * key to the hardware if possible. 385 */ 386 key->conf.flags = 0; 387 key->flags = 0; 388 389 key->conf.cipher = cipher; 390 key->conf.keyidx = idx; 391 key->conf.keylen = key_len; 392 switch (cipher) { 393 case WLAN_CIPHER_SUITE_WEP40: 394 case WLAN_CIPHER_SUITE_WEP104: 395 key->conf.iv_len = IEEE80211_WEP_IV_LEN; 396 key->conf.icv_len = IEEE80211_WEP_ICV_LEN; 397 break; 398 case WLAN_CIPHER_SUITE_TKIP: 399 key->conf.iv_len = IEEE80211_TKIP_IV_LEN; 400 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN; 401 if (seq) { 402 for (i = 0; i < IEEE80211_NUM_TIDS; i++) { 403 key->u.tkip.rx[i].iv32 = 404 get_unaligned_le32(&seq[2]); 405 key->u.tkip.rx[i].iv16 = 406 get_unaligned_le16(seq); 407 } 408 } 409 spin_lock_init(&key->u.tkip.txlock); 410 break; 411 case WLAN_CIPHER_SUITE_CCMP: 412 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN; 413 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN; 414 if (seq) { 415 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 416 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++) 417 key->u.ccmp.rx_pn[i][j] = 418 seq[IEEE80211_CCMP_PN_LEN - j - 1]; 419 } 420 /* 421 * Initialize AES key state here as an optimization so that 422 * it does not need to be initialized for every packet. 423 */ 424 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 425 key_data, key_len, IEEE80211_CCMP_MIC_LEN); 426 if (IS_ERR(key->u.ccmp.tfm)) { 427 err = PTR_ERR(key->u.ccmp.tfm); 428 kfree(key); 429 return ERR_PTR(err); 430 } 431 break; 432 case WLAN_CIPHER_SUITE_CCMP_256: 433 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN; 434 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN; 435 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 436 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++) 437 key->u.ccmp.rx_pn[i][j] = 438 seq[IEEE80211_CCMP_256_PN_LEN - j - 1]; 439 /* Initialize AES key state here as an optimization so that 440 * it does not need to be initialized for every packet. 441 */ 442 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 443 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN); 444 if (IS_ERR(key->u.ccmp.tfm)) { 445 err = PTR_ERR(key->u.ccmp.tfm); 446 kfree(key); 447 return ERR_PTR(err); 448 } 449 break; 450 case WLAN_CIPHER_SUITE_AES_CMAC: 451 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 452 key->conf.iv_len = 0; 453 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC) 454 key->conf.icv_len = sizeof(struct ieee80211_mmie); 455 else 456 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 457 if (seq) 458 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++) 459 key->u.aes_cmac.rx_pn[j] = 460 seq[IEEE80211_CMAC_PN_LEN - j - 1]; 461 /* 462 * Initialize AES key state here as an optimization so that 463 * it does not need to be initialized for every packet. 464 */ 465 key->u.aes_cmac.tfm = 466 ieee80211_aes_cmac_key_setup(key_data, key_len); 467 if (IS_ERR(key->u.aes_cmac.tfm)) { 468 err = PTR_ERR(key->u.aes_cmac.tfm); 469 kfree(key); 470 return ERR_PTR(err); 471 } 472 break; 473 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 474 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 475 key->conf.iv_len = 0; 476 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 477 if (seq) 478 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++) 479 key->u.aes_gmac.rx_pn[j] = 480 seq[IEEE80211_GMAC_PN_LEN - j - 1]; 481 /* Initialize AES key state here as an optimization so that 482 * it does not need to be initialized for every packet. 483 */ 484 key->u.aes_gmac.tfm = 485 ieee80211_aes_gmac_key_setup(key_data, key_len); 486 if (IS_ERR(key->u.aes_gmac.tfm)) { 487 err = PTR_ERR(key->u.aes_gmac.tfm); 488 kfree(key); 489 return ERR_PTR(err); 490 } 491 break; 492 case WLAN_CIPHER_SUITE_GCMP: 493 case WLAN_CIPHER_SUITE_GCMP_256: 494 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN; 495 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN; 496 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 497 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++) 498 key->u.gcmp.rx_pn[i][j] = 499 seq[IEEE80211_GCMP_PN_LEN - j - 1]; 500 /* Initialize AES key state here as an optimization so that 501 * it does not need to be initialized for every packet. 502 */ 503 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data, 504 key_len); 505 if (IS_ERR(key->u.gcmp.tfm)) { 506 err = PTR_ERR(key->u.gcmp.tfm); 507 kfree(key); 508 return ERR_PTR(err); 509 } 510 break; 511 default: 512 if (cs) { 513 size_t len = (seq_len > MAX_PN_LEN) ? 514 MAX_PN_LEN : seq_len; 515 516 key->conf.iv_len = cs->hdr_len; 517 key->conf.icv_len = cs->mic_len; 518 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 519 for (j = 0; j < len; j++) 520 key->u.gen.rx_pn[i][j] = 521 seq[len - j - 1]; 522 key->flags |= KEY_FLAG_CIPHER_SCHEME; 523 } 524 } 525 memcpy(key->conf.key, key_data, key_len); 526 INIT_LIST_HEAD(&key->list); 527 528 return key; 529 } 530 531 static void ieee80211_key_free_common(struct ieee80211_key *key) 532 { 533 switch (key->conf.cipher) { 534 case WLAN_CIPHER_SUITE_CCMP: 535 case WLAN_CIPHER_SUITE_CCMP_256: 536 ieee80211_aes_key_free(key->u.ccmp.tfm); 537 break; 538 case WLAN_CIPHER_SUITE_AES_CMAC: 539 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 540 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm); 541 break; 542 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 543 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 544 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm); 545 break; 546 case WLAN_CIPHER_SUITE_GCMP: 547 case WLAN_CIPHER_SUITE_GCMP_256: 548 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm); 549 break; 550 } 551 kzfree(key); 552 } 553 554 static void __ieee80211_key_destroy(struct ieee80211_key *key, 555 bool delay_tailroom) 556 { 557 if (key->local) 558 ieee80211_key_disable_hw_accel(key); 559 560 if (key->local) { 561 struct ieee80211_sub_if_data *sdata = key->sdata; 562 563 ieee80211_debugfs_key_remove(key); 564 565 if (delay_tailroom) { 566 /* see ieee80211_delayed_tailroom_dec */ 567 sdata->crypto_tx_tailroom_pending_dec++; 568 schedule_delayed_work(&sdata->dec_tailroom_needed_wk, 569 HZ/2); 570 } else { 571 decrease_tailroom_need_count(sdata, 1); 572 } 573 } 574 575 ieee80211_key_free_common(key); 576 } 577 578 static void ieee80211_key_destroy(struct ieee80211_key *key, 579 bool delay_tailroom) 580 { 581 if (!key) 582 return; 583 584 /* 585 * Synchronize so the TX path can no longer be using 586 * this key before we free/remove it. 587 */ 588 synchronize_net(); 589 590 __ieee80211_key_destroy(key, delay_tailroom); 591 } 592 593 void ieee80211_key_free_unused(struct ieee80211_key *key) 594 { 595 WARN_ON(key->sdata || key->local); 596 ieee80211_key_free_common(key); 597 } 598 599 int ieee80211_key_link(struct ieee80211_key *key, 600 struct ieee80211_sub_if_data *sdata, 601 struct sta_info *sta) 602 { 603 struct ieee80211_local *local = sdata->local; 604 struct ieee80211_key *old_key; 605 int idx, ret; 606 bool pairwise; 607 608 pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE; 609 idx = key->conf.keyidx; 610 key->local = sdata->local; 611 key->sdata = sdata; 612 key->sta = sta; 613 614 mutex_lock(&sdata->local->key_mtx); 615 616 if (sta && pairwise) 617 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]); 618 else if (sta) 619 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]); 620 else 621 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 622 623 increment_tailroom_need_count(sdata); 624 625 ieee80211_key_replace(sdata, sta, pairwise, old_key, key); 626 ieee80211_key_destroy(old_key, true); 627 628 ieee80211_debugfs_key_add(key); 629 630 if (!local->wowlan) { 631 ret = ieee80211_key_enable_hw_accel(key); 632 if (ret) 633 ieee80211_key_free(key, true); 634 } else { 635 ret = 0; 636 } 637 638 mutex_unlock(&sdata->local->key_mtx); 639 640 return ret; 641 } 642 643 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom) 644 { 645 if (!key) 646 return; 647 648 /* 649 * Replace key with nothingness if it was ever used. 650 */ 651 if (key->sdata) 652 ieee80211_key_replace(key->sdata, key->sta, 653 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 654 key, NULL); 655 ieee80211_key_destroy(key, delay_tailroom); 656 } 657 658 void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata) 659 { 660 struct ieee80211_key *key; 661 struct ieee80211_sub_if_data *vlan; 662 663 ASSERT_RTNL(); 664 665 if (WARN_ON(!ieee80211_sdata_running(sdata))) 666 return; 667 668 mutex_lock(&sdata->local->key_mtx); 669 670 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt || 671 sdata->crypto_tx_tailroom_pending_dec); 672 673 if (sdata->vif.type == NL80211_IFTYPE_AP) { 674 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 675 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt || 676 vlan->crypto_tx_tailroom_pending_dec); 677 } 678 679 list_for_each_entry(key, &sdata->key_list, list) { 680 increment_tailroom_need_count(sdata); 681 ieee80211_key_enable_hw_accel(key); 682 } 683 684 mutex_unlock(&sdata->local->key_mtx); 685 } 686 687 void ieee80211_reset_crypto_tx_tailroom(struct ieee80211_sub_if_data *sdata) 688 { 689 struct ieee80211_sub_if_data *vlan; 690 691 mutex_lock(&sdata->local->key_mtx); 692 693 sdata->crypto_tx_tailroom_needed_cnt = 0; 694 695 if (sdata->vif.type == NL80211_IFTYPE_AP) { 696 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 697 vlan->crypto_tx_tailroom_needed_cnt = 0; 698 } 699 700 mutex_unlock(&sdata->local->key_mtx); 701 } 702 703 void ieee80211_iter_keys(struct ieee80211_hw *hw, 704 struct ieee80211_vif *vif, 705 void (*iter)(struct ieee80211_hw *hw, 706 struct ieee80211_vif *vif, 707 struct ieee80211_sta *sta, 708 struct ieee80211_key_conf *key, 709 void *data), 710 void *iter_data) 711 { 712 struct ieee80211_local *local = hw_to_local(hw); 713 struct ieee80211_key *key, *tmp; 714 struct ieee80211_sub_if_data *sdata; 715 716 ASSERT_RTNL(); 717 718 mutex_lock(&local->key_mtx); 719 if (vif) { 720 sdata = vif_to_sdata(vif); 721 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) 722 iter(hw, &sdata->vif, 723 key->sta ? &key->sta->sta : NULL, 724 &key->conf, iter_data); 725 } else { 726 list_for_each_entry(sdata, &local->interfaces, list) 727 list_for_each_entry_safe(key, tmp, 728 &sdata->key_list, list) 729 iter(hw, &sdata->vif, 730 key->sta ? &key->sta->sta : NULL, 731 &key->conf, iter_data); 732 } 733 mutex_unlock(&local->key_mtx); 734 } 735 EXPORT_SYMBOL(ieee80211_iter_keys); 736 737 static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata, 738 struct list_head *keys) 739 { 740 struct ieee80211_key *key, *tmp; 741 742 decrease_tailroom_need_count(sdata, 743 sdata->crypto_tx_tailroom_pending_dec); 744 sdata->crypto_tx_tailroom_pending_dec = 0; 745 746 ieee80211_debugfs_key_remove_mgmt_default(sdata); 747 748 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) { 749 ieee80211_key_replace(key->sdata, key->sta, 750 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 751 key, NULL); 752 list_add_tail(&key->list, keys); 753 } 754 755 ieee80211_debugfs_key_update_default(sdata); 756 } 757 758 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata, 759 bool force_synchronize) 760 { 761 struct ieee80211_local *local = sdata->local; 762 struct ieee80211_sub_if_data *vlan; 763 struct ieee80211_sub_if_data *master; 764 struct ieee80211_key *key, *tmp; 765 LIST_HEAD(keys); 766 767 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk); 768 769 mutex_lock(&local->key_mtx); 770 771 ieee80211_free_keys_iface(sdata, &keys); 772 773 if (sdata->vif.type == NL80211_IFTYPE_AP) { 774 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 775 ieee80211_free_keys_iface(vlan, &keys); 776 } 777 778 if (!list_empty(&keys) || force_synchronize) 779 synchronize_net(); 780 list_for_each_entry_safe(key, tmp, &keys, list) 781 __ieee80211_key_destroy(key, false); 782 783 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 784 if (sdata->bss) { 785 master = container_of(sdata->bss, 786 struct ieee80211_sub_if_data, 787 u.ap); 788 789 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt != 790 master->crypto_tx_tailroom_needed_cnt); 791 } 792 } else { 793 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt || 794 sdata->crypto_tx_tailroom_pending_dec); 795 } 796 797 if (sdata->vif.type == NL80211_IFTYPE_AP) { 798 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 799 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt || 800 vlan->crypto_tx_tailroom_pending_dec); 801 } 802 803 mutex_unlock(&local->key_mtx); 804 } 805 806 void ieee80211_free_sta_keys(struct ieee80211_local *local, 807 struct sta_info *sta) 808 { 809 struct ieee80211_key *key; 810 int i; 811 812 mutex_lock(&local->key_mtx); 813 for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) { 814 key = key_mtx_dereference(local, sta->gtk[i]); 815 if (!key) 816 continue; 817 ieee80211_key_replace(key->sdata, key->sta, 818 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 819 key, NULL); 820 __ieee80211_key_destroy(key, true); 821 } 822 823 for (i = 0; i < NUM_DEFAULT_KEYS; i++) { 824 key = key_mtx_dereference(local, sta->ptk[i]); 825 if (!key) 826 continue; 827 ieee80211_key_replace(key->sdata, key->sta, 828 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 829 key, NULL); 830 __ieee80211_key_destroy(key, true); 831 } 832 833 mutex_unlock(&local->key_mtx); 834 } 835 836 void ieee80211_delayed_tailroom_dec(struct work_struct *wk) 837 { 838 struct ieee80211_sub_if_data *sdata; 839 840 sdata = container_of(wk, struct ieee80211_sub_if_data, 841 dec_tailroom_needed_wk.work); 842 843 /* 844 * The reason for the delayed tailroom needed decrementing is to 845 * make roaming faster: during roaming, all keys are first deleted 846 * and then new keys are installed. The first new key causes the 847 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes 848 * the cost of synchronize_net() (which can be slow). Avoid this 849 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on 850 * key removal for a while, so if we roam the value is larger than 851 * zero and no 0->1 transition happens. 852 * 853 * The cost is that if the AP switching was from an AP with keys 854 * to one without, we still allocate tailroom while it would no 855 * longer be needed. However, in the typical (fast) roaming case 856 * within an ESS this usually won't happen. 857 */ 858 859 mutex_lock(&sdata->local->key_mtx); 860 decrease_tailroom_need_count(sdata, 861 sdata->crypto_tx_tailroom_pending_dec); 862 sdata->crypto_tx_tailroom_pending_dec = 0; 863 mutex_unlock(&sdata->local->key_mtx); 864 } 865 866 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid, 867 const u8 *replay_ctr, gfp_t gfp) 868 { 869 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 870 871 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr); 872 873 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp); 874 } 875 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify); 876 877 void ieee80211_get_key_tx_seq(struct ieee80211_key_conf *keyconf, 878 struct ieee80211_key_seq *seq) 879 { 880 struct ieee80211_key *key; 881 u64 pn64; 882 883 if (WARN_ON(!(keyconf->flags & IEEE80211_KEY_FLAG_GENERATE_IV))) 884 return; 885 886 key = container_of(keyconf, struct ieee80211_key, conf); 887 888 switch (key->conf.cipher) { 889 case WLAN_CIPHER_SUITE_TKIP: 890 seq->tkip.iv32 = key->u.tkip.tx.iv32; 891 seq->tkip.iv16 = key->u.tkip.tx.iv16; 892 break; 893 case WLAN_CIPHER_SUITE_CCMP: 894 case WLAN_CIPHER_SUITE_CCMP_256: 895 pn64 = atomic64_read(&key->u.ccmp.tx_pn); 896 seq->ccmp.pn[5] = pn64; 897 seq->ccmp.pn[4] = pn64 >> 8; 898 seq->ccmp.pn[3] = pn64 >> 16; 899 seq->ccmp.pn[2] = pn64 >> 24; 900 seq->ccmp.pn[1] = pn64 >> 32; 901 seq->ccmp.pn[0] = pn64 >> 40; 902 break; 903 case WLAN_CIPHER_SUITE_AES_CMAC: 904 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 905 pn64 = atomic64_read(&key->u.aes_cmac.tx_pn); 906 seq->ccmp.pn[5] = pn64; 907 seq->ccmp.pn[4] = pn64 >> 8; 908 seq->ccmp.pn[3] = pn64 >> 16; 909 seq->ccmp.pn[2] = pn64 >> 24; 910 seq->ccmp.pn[1] = pn64 >> 32; 911 seq->ccmp.pn[0] = pn64 >> 40; 912 break; 913 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 914 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 915 pn64 = atomic64_read(&key->u.aes_gmac.tx_pn); 916 seq->ccmp.pn[5] = pn64; 917 seq->ccmp.pn[4] = pn64 >> 8; 918 seq->ccmp.pn[3] = pn64 >> 16; 919 seq->ccmp.pn[2] = pn64 >> 24; 920 seq->ccmp.pn[1] = pn64 >> 32; 921 seq->ccmp.pn[0] = pn64 >> 40; 922 break; 923 case WLAN_CIPHER_SUITE_GCMP: 924 case WLAN_CIPHER_SUITE_GCMP_256: 925 pn64 = atomic64_read(&key->u.gcmp.tx_pn); 926 seq->gcmp.pn[5] = pn64; 927 seq->gcmp.pn[4] = pn64 >> 8; 928 seq->gcmp.pn[3] = pn64 >> 16; 929 seq->gcmp.pn[2] = pn64 >> 24; 930 seq->gcmp.pn[1] = pn64 >> 32; 931 seq->gcmp.pn[0] = pn64 >> 40; 932 break; 933 default: 934 WARN_ON(1); 935 } 936 } 937 EXPORT_SYMBOL(ieee80211_get_key_tx_seq); 938 939 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf, 940 int tid, struct ieee80211_key_seq *seq) 941 { 942 struct ieee80211_key *key; 943 const u8 *pn; 944 945 key = container_of(keyconf, struct ieee80211_key, conf); 946 947 switch (key->conf.cipher) { 948 case WLAN_CIPHER_SUITE_TKIP: 949 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 950 return; 951 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32; 952 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16; 953 break; 954 case WLAN_CIPHER_SUITE_CCMP: 955 case WLAN_CIPHER_SUITE_CCMP_256: 956 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 957 return; 958 if (tid < 0) 959 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 960 else 961 pn = key->u.ccmp.rx_pn[tid]; 962 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN); 963 break; 964 case WLAN_CIPHER_SUITE_AES_CMAC: 965 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 966 if (WARN_ON(tid != 0)) 967 return; 968 pn = key->u.aes_cmac.rx_pn; 969 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN); 970 break; 971 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 972 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 973 if (WARN_ON(tid != 0)) 974 return; 975 pn = key->u.aes_gmac.rx_pn; 976 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN); 977 break; 978 case WLAN_CIPHER_SUITE_GCMP: 979 case WLAN_CIPHER_SUITE_GCMP_256: 980 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 981 return; 982 if (tid < 0) 983 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 984 else 985 pn = key->u.gcmp.rx_pn[tid]; 986 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN); 987 break; 988 } 989 } 990 EXPORT_SYMBOL(ieee80211_get_key_rx_seq); 991 992 void ieee80211_set_key_tx_seq(struct ieee80211_key_conf *keyconf, 993 struct ieee80211_key_seq *seq) 994 { 995 struct ieee80211_key *key; 996 u64 pn64; 997 998 key = container_of(keyconf, struct ieee80211_key, conf); 999 1000 switch (key->conf.cipher) { 1001 case WLAN_CIPHER_SUITE_TKIP: 1002 key->u.tkip.tx.iv32 = seq->tkip.iv32; 1003 key->u.tkip.tx.iv16 = seq->tkip.iv16; 1004 break; 1005 case WLAN_CIPHER_SUITE_CCMP: 1006 case WLAN_CIPHER_SUITE_CCMP_256: 1007 pn64 = (u64)seq->ccmp.pn[5] | 1008 ((u64)seq->ccmp.pn[4] << 8) | 1009 ((u64)seq->ccmp.pn[3] << 16) | 1010 ((u64)seq->ccmp.pn[2] << 24) | 1011 ((u64)seq->ccmp.pn[1] << 32) | 1012 ((u64)seq->ccmp.pn[0] << 40); 1013 atomic64_set(&key->u.ccmp.tx_pn, pn64); 1014 break; 1015 case WLAN_CIPHER_SUITE_AES_CMAC: 1016 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1017 pn64 = (u64)seq->aes_cmac.pn[5] | 1018 ((u64)seq->aes_cmac.pn[4] << 8) | 1019 ((u64)seq->aes_cmac.pn[3] << 16) | 1020 ((u64)seq->aes_cmac.pn[2] << 24) | 1021 ((u64)seq->aes_cmac.pn[1] << 32) | 1022 ((u64)seq->aes_cmac.pn[0] << 40); 1023 atomic64_set(&key->u.aes_cmac.tx_pn, pn64); 1024 break; 1025 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1026 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1027 pn64 = (u64)seq->aes_gmac.pn[5] | 1028 ((u64)seq->aes_gmac.pn[4] << 8) | 1029 ((u64)seq->aes_gmac.pn[3] << 16) | 1030 ((u64)seq->aes_gmac.pn[2] << 24) | 1031 ((u64)seq->aes_gmac.pn[1] << 32) | 1032 ((u64)seq->aes_gmac.pn[0] << 40); 1033 atomic64_set(&key->u.aes_gmac.tx_pn, pn64); 1034 break; 1035 case WLAN_CIPHER_SUITE_GCMP: 1036 case WLAN_CIPHER_SUITE_GCMP_256: 1037 pn64 = (u64)seq->gcmp.pn[5] | 1038 ((u64)seq->gcmp.pn[4] << 8) | 1039 ((u64)seq->gcmp.pn[3] << 16) | 1040 ((u64)seq->gcmp.pn[2] << 24) | 1041 ((u64)seq->gcmp.pn[1] << 32) | 1042 ((u64)seq->gcmp.pn[0] << 40); 1043 atomic64_set(&key->u.gcmp.tx_pn, pn64); 1044 break; 1045 default: 1046 WARN_ON(1); 1047 break; 1048 } 1049 } 1050 EXPORT_SYMBOL_GPL(ieee80211_set_key_tx_seq); 1051 1052 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf, 1053 int tid, struct ieee80211_key_seq *seq) 1054 { 1055 struct ieee80211_key *key; 1056 u8 *pn; 1057 1058 key = container_of(keyconf, struct ieee80211_key, conf); 1059 1060 switch (key->conf.cipher) { 1061 case WLAN_CIPHER_SUITE_TKIP: 1062 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 1063 return; 1064 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32; 1065 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16; 1066 break; 1067 case WLAN_CIPHER_SUITE_CCMP: 1068 case WLAN_CIPHER_SUITE_CCMP_256: 1069 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1070 return; 1071 if (tid < 0) 1072 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 1073 else 1074 pn = key->u.ccmp.rx_pn[tid]; 1075 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN); 1076 break; 1077 case WLAN_CIPHER_SUITE_AES_CMAC: 1078 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1079 if (WARN_ON(tid != 0)) 1080 return; 1081 pn = key->u.aes_cmac.rx_pn; 1082 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN); 1083 break; 1084 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1085 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1086 if (WARN_ON(tid != 0)) 1087 return; 1088 pn = key->u.aes_gmac.rx_pn; 1089 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN); 1090 break; 1091 case WLAN_CIPHER_SUITE_GCMP: 1092 case WLAN_CIPHER_SUITE_GCMP_256: 1093 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1094 return; 1095 if (tid < 0) 1096 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 1097 else 1098 pn = key->u.gcmp.rx_pn[tid]; 1099 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN); 1100 break; 1101 default: 1102 WARN_ON(1); 1103 break; 1104 } 1105 } 1106 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq); 1107 1108 void ieee80211_remove_key(struct ieee80211_key_conf *keyconf) 1109 { 1110 struct ieee80211_key *key; 1111 1112 key = container_of(keyconf, struct ieee80211_key, conf); 1113 1114 assert_key_lock(key->local); 1115 1116 /* 1117 * if key was uploaded, we assume the driver will/has remove(d) 1118 * it, so adjust bookkeeping accordingly 1119 */ 1120 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 1121 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 1122 1123 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 1124 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 1125 increment_tailroom_need_count(key->sdata); 1126 } 1127 1128 ieee80211_key_free(key, false); 1129 } 1130 EXPORT_SYMBOL_GPL(ieee80211_remove_key); 1131 1132 struct ieee80211_key_conf * 1133 ieee80211_gtk_rekey_add(struct ieee80211_vif *vif, 1134 struct ieee80211_key_conf *keyconf) 1135 { 1136 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1137 struct ieee80211_local *local = sdata->local; 1138 struct ieee80211_key *key; 1139 int err; 1140 1141 if (WARN_ON(!local->wowlan)) 1142 return ERR_PTR(-EINVAL); 1143 1144 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION)) 1145 return ERR_PTR(-EINVAL); 1146 1147 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx, 1148 keyconf->keylen, keyconf->key, 1149 0, NULL, NULL); 1150 if (IS_ERR(key)) 1151 return ERR_CAST(key); 1152 1153 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED) 1154 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT; 1155 1156 err = ieee80211_key_link(key, sdata, NULL); 1157 if (err) 1158 return ERR_PTR(err); 1159 1160 return &key->conf; 1161 } 1162 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add); 1163