1 /* 2 * Copyright 2002-2005, Instant802 Networks, Inc. 3 * Copyright 2005-2006, Devicescape Software, Inc. 4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net> 6 * Copyright 2013-2014 Intel Mobile Communications GmbH 7 * Copyright 2015-2017 Intel Deutschland GmbH 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License version 2 as 11 * published by the Free Software Foundation. 12 */ 13 14 #include <linux/if_ether.h> 15 #include <linux/etherdevice.h> 16 #include <linux/list.h> 17 #include <linux/rcupdate.h> 18 #include <linux/rtnetlink.h> 19 #include <linux/slab.h> 20 #include <linux/export.h> 21 #include <net/mac80211.h> 22 #include <crypto/algapi.h> 23 #include <asm/unaligned.h> 24 #include "ieee80211_i.h" 25 #include "driver-ops.h" 26 #include "debugfs_key.h" 27 #include "aes_ccm.h" 28 #include "aes_cmac.h" 29 #include "aes_gmac.h" 30 #include "aes_gcm.h" 31 32 33 /** 34 * DOC: Key handling basics 35 * 36 * Key handling in mac80211 is done based on per-interface (sub_if_data) 37 * keys and per-station keys. Since each station belongs to an interface, 38 * each station key also belongs to that interface. 39 * 40 * Hardware acceleration is done on a best-effort basis for algorithms 41 * that are implemented in software, for each key the hardware is asked 42 * to enable that key for offloading but if it cannot do that the key is 43 * simply kept for software encryption (unless it is for an algorithm 44 * that isn't implemented in software). 45 * There is currently no way of knowing whether a key is handled in SW 46 * or HW except by looking into debugfs. 47 * 48 * All key management is internally protected by a mutex. Within all 49 * other parts of mac80211, key references are, just as STA structure 50 * references, protected by RCU. Note, however, that some things are 51 * unprotected, namely the key->sta dereferences within the hardware 52 * acceleration functions. This means that sta_info_destroy() must 53 * remove the key which waits for an RCU grace period. 54 */ 55 56 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 57 58 static void assert_key_lock(struct ieee80211_local *local) 59 { 60 lockdep_assert_held(&local->key_mtx); 61 } 62 63 static void 64 update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta) 65 { 66 struct ieee80211_sub_if_data *vlan; 67 68 if (sdata->vif.type != NL80211_IFTYPE_AP) 69 return; 70 71 /* crypto_tx_tailroom_needed_cnt is protected by this */ 72 assert_key_lock(sdata->local); 73 74 rcu_read_lock(); 75 76 list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list) 77 vlan->crypto_tx_tailroom_needed_cnt += delta; 78 79 rcu_read_unlock(); 80 } 81 82 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata) 83 { 84 /* 85 * When this count is zero, SKB resizing for allocating tailroom 86 * for IV or MMIC is skipped. But, this check has created two race 87 * cases in xmit path while transiting from zero count to one: 88 * 89 * 1. SKB resize was skipped because no key was added but just before 90 * the xmit key is added and SW encryption kicks off. 91 * 92 * 2. SKB resize was skipped because all the keys were hw planted but 93 * just before xmit one of the key is deleted and SW encryption kicks 94 * off. 95 * 96 * In both the above case SW encryption will find not enough space for 97 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c) 98 * 99 * Solution has been explained at 100 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net 101 */ 102 103 assert_key_lock(sdata->local); 104 105 update_vlan_tailroom_need_count(sdata, 1); 106 107 if (!sdata->crypto_tx_tailroom_needed_cnt++) { 108 /* 109 * Flush all XMIT packets currently using HW encryption or no 110 * encryption at all if the count transition is from 0 -> 1. 111 */ 112 synchronize_net(); 113 } 114 } 115 116 static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata, 117 int delta) 118 { 119 assert_key_lock(sdata->local); 120 121 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta); 122 123 update_vlan_tailroom_need_count(sdata, -delta); 124 sdata->crypto_tx_tailroom_needed_cnt -= delta; 125 } 126 127 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key) 128 { 129 struct ieee80211_sub_if_data *sdata = key->sdata; 130 struct sta_info *sta; 131 int ret = -EOPNOTSUPP; 132 133 might_sleep(); 134 135 if (key->flags & KEY_FLAG_TAINTED) { 136 /* If we get here, it's during resume and the key is 137 * tainted so shouldn't be used/programmed any more. 138 * However, its flags may still indicate that it was 139 * programmed into the device (since we're in resume) 140 * so clear that flag now to avoid trying to remove 141 * it again later. 142 */ 143 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE && 144 !(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 145 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 146 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 147 increment_tailroom_need_count(sdata); 148 149 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 150 return -EINVAL; 151 } 152 153 if (!key->local->ops->set_key) 154 goto out_unsupported; 155 156 assert_key_lock(key->local); 157 158 sta = key->sta; 159 160 /* 161 * If this is a per-STA GTK, check if it 162 * is supported; if not, return. 163 */ 164 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) && 165 !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK)) 166 goto out_unsupported; 167 168 if (sta && !sta->uploaded) 169 goto out_unsupported; 170 171 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 172 /* 173 * The driver doesn't know anything about VLAN interfaces. 174 * Hence, don't send GTKs for VLAN interfaces to the driver. 175 */ 176 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) { 177 ret = 1; 178 goto out_unsupported; 179 } 180 } 181 182 ret = drv_set_key(key->local, SET_KEY, sdata, 183 sta ? &sta->sta : NULL, &key->conf); 184 185 if (!ret) { 186 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; 187 188 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 189 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 190 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 191 decrease_tailroom_need_count(sdata, 1); 192 193 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) && 194 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)); 195 196 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_MIC_SPACE) && 197 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC)); 198 199 return 0; 200 } 201 202 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1) 203 sdata_err(sdata, 204 "failed to set key (%d, %pM) to hardware (%d)\n", 205 key->conf.keyidx, 206 sta ? sta->sta.addr : bcast_addr, ret); 207 208 out_unsupported: 209 switch (key->conf.cipher) { 210 case WLAN_CIPHER_SUITE_WEP40: 211 case WLAN_CIPHER_SUITE_WEP104: 212 case WLAN_CIPHER_SUITE_TKIP: 213 case WLAN_CIPHER_SUITE_CCMP: 214 case WLAN_CIPHER_SUITE_CCMP_256: 215 case WLAN_CIPHER_SUITE_AES_CMAC: 216 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 217 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 218 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 219 case WLAN_CIPHER_SUITE_GCMP: 220 case WLAN_CIPHER_SUITE_GCMP_256: 221 /* all of these we can do in software - if driver can */ 222 if (ret == 1) 223 return 0; 224 if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL)) 225 return -EINVAL; 226 return 0; 227 default: 228 return -EINVAL; 229 } 230 } 231 232 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key) 233 { 234 struct ieee80211_sub_if_data *sdata; 235 struct sta_info *sta; 236 int ret; 237 238 might_sleep(); 239 240 if (!key || !key->local->ops->set_key) 241 return; 242 243 assert_key_lock(key->local); 244 245 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 246 return; 247 248 sta = key->sta; 249 sdata = key->sdata; 250 251 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 252 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 253 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 254 increment_tailroom_need_count(sdata); 255 256 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 257 ret = drv_set_key(key->local, DISABLE_KEY, sdata, 258 sta ? &sta->sta : NULL, &key->conf); 259 260 if (ret) 261 sdata_err(sdata, 262 "failed to remove key (%d, %pM) from hardware (%d)\n", 263 key->conf.keyidx, 264 sta ? sta->sta.addr : bcast_addr, ret); 265 } 266 267 int ieee80211_set_tx_key(struct ieee80211_key *key) 268 { 269 struct sta_info *sta = key->sta; 270 struct ieee80211_local *local = key->local; 271 272 assert_key_lock(local); 273 274 sta->ptk_idx = key->conf.keyidx; 275 ieee80211_check_fast_xmit(sta); 276 277 return 0; 278 } 279 280 static int ieee80211_hw_key_replace(struct ieee80211_key *old_key, 281 struct ieee80211_key *new_key, 282 bool pairwise) 283 { 284 struct ieee80211_sub_if_data *sdata; 285 struct ieee80211_local *local; 286 struct sta_info *sta; 287 int ret; 288 289 /* Aggregation sessions are OK when running on SW crypto. 290 * A broken remote STA may cause issues not observed with HW 291 * crypto, though. 292 */ 293 if (!(old_key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 294 return 0; 295 296 assert_key_lock(old_key->local); 297 sta = old_key->sta; 298 299 /* Unicast rekey without Extended Key ID needs special handling */ 300 if (new_key && sta && pairwise && 301 rcu_access_pointer(sta->ptk[sta->ptk_idx]) == old_key) { 302 local = old_key->local; 303 sdata = old_key->sdata; 304 305 /* Stop TX till we are on the new key */ 306 old_key->flags |= KEY_FLAG_TAINTED; 307 ieee80211_clear_fast_xmit(sta); 308 309 /* Aggregation sessions during rekey are complicated due to the 310 * reorder buffer and retransmits. Side step that by blocking 311 * aggregation during rekey and tear down running sessions. 312 */ 313 if (ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION)) { 314 set_sta_flag(sta, WLAN_STA_BLOCK_BA); 315 ieee80211_sta_tear_down_BA_sessions(sta, 316 AGG_STOP_LOCAL_REQUEST); 317 } 318 319 if (!wiphy_ext_feature_isset(local->hw.wiphy, 320 NL80211_EXT_FEATURE_CAN_REPLACE_PTK0)) { 321 pr_warn_ratelimited("Rekeying PTK for STA %pM but driver can't safely do that.", 322 sta->sta.addr); 323 /* Flushing the driver queues *may* help prevent 324 * the clear text leaks and freezes. 325 */ 326 ieee80211_flush_queues(local, sdata, false); 327 } 328 } 329 330 ieee80211_key_disable_hw_accel(old_key); 331 332 if (new_key) 333 ret = ieee80211_key_enable_hw_accel(new_key); 334 else 335 ret = 0; 336 337 return ret; 338 } 339 340 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, 341 int idx, bool uni, bool multi) 342 { 343 struct ieee80211_key *key = NULL; 344 345 assert_key_lock(sdata->local); 346 347 if (idx >= 0 && idx < NUM_DEFAULT_KEYS) 348 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 349 350 if (uni) { 351 rcu_assign_pointer(sdata->default_unicast_key, key); 352 ieee80211_check_fast_xmit_iface(sdata); 353 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN) 354 drv_set_default_unicast_key(sdata->local, sdata, idx); 355 } 356 357 if (multi) 358 rcu_assign_pointer(sdata->default_multicast_key, key); 359 360 ieee80211_debugfs_key_update_default(sdata); 361 } 362 363 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx, 364 bool uni, bool multi) 365 { 366 mutex_lock(&sdata->local->key_mtx); 367 __ieee80211_set_default_key(sdata, idx, uni, multi); 368 mutex_unlock(&sdata->local->key_mtx); 369 } 370 371 static void 372 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx) 373 { 374 struct ieee80211_key *key = NULL; 375 376 assert_key_lock(sdata->local); 377 378 if (idx >= NUM_DEFAULT_KEYS && 379 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) 380 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 381 382 rcu_assign_pointer(sdata->default_mgmt_key, key); 383 384 ieee80211_debugfs_key_update_default(sdata); 385 } 386 387 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, 388 int idx) 389 { 390 mutex_lock(&sdata->local->key_mtx); 391 __ieee80211_set_default_mgmt_key(sdata, idx); 392 mutex_unlock(&sdata->local->key_mtx); 393 } 394 395 396 static int ieee80211_key_replace(struct ieee80211_sub_if_data *sdata, 397 struct sta_info *sta, 398 bool pairwise, 399 struct ieee80211_key *old, 400 struct ieee80211_key *new) 401 { 402 int idx; 403 int ret; 404 bool defunikey, defmultikey, defmgmtkey; 405 406 /* caller must provide at least one old/new */ 407 if (WARN_ON(!new && !old)) 408 return 0; 409 410 if (new) 411 list_add_tail_rcu(&new->list, &sdata->key_list); 412 413 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx); 414 415 if (old) { 416 idx = old->conf.keyidx; 417 ret = ieee80211_hw_key_replace(old, new, pairwise); 418 } else { 419 /* new must be provided in case old is not */ 420 idx = new->conf.keyidx; 421 if (!new->local->wowlan) 422 ret = ieee80211_key_enable_hw_accel(new); 423 else 424 ret = 0; 425 } 426 427 if (ret) 428 return ret; 429 430 if (sta) { 431 if (pairwise) { 432 rcu_assign_pointer(sta->ptk[idx], new); 433 if (new && 434 !(new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX)) { 435 sta->ptk_idx = idx; 436 clear_sta_flag(sta, WLAN_STA_BLOCK_BA); 437 ieee80211_check_fast_xmit(sta); 438 } 439 } else { 440 rcu_assign_pointer(sta->gtk[idx], new); 441 } 442 /* Only needed for transition from no key -> key. 443 * Still triggers unnecessary when using Extended Key ID 444 * and installing the second key ID the first time. 445 */ 446 if (new && !old) 447 ieee80211_check_fast_rx(sta); 448 } else { 449 defunikey = old && 450 old == key_mtx_dereference(sdata->local, 451 sdata->default_unicast_key); 452 defmultikey = old && 453 old == key_mtx_dereference(sdata->local, 454 sdata->default_multicast_key); 455 defmgmtkey = old && 456 old == key_mtx_dereference(sdata->local, 457 sdata->default_mgmt_key); 458 459 if (defunikey && !new) 460 __ieee80211_set_default_key(sdata, -1, true, false); 461 if (defmultikey && !new) 462 __ieee80211_set_default_key(sdata, -1, false, true); 463 if (defmgmtkey && !new) 464 __ieee80211_set_default_mgmt_key(sdata, -1); 465 466 rcu_assign_pointer(sdata->keys[idx], new); 467 if (defunikey && new) 468 __ieee80211_set_default_key(sdata, new->conf.keyidx, 469 true, false); 470 if (defmultikey && new) 471 __ieee80211_set_default_key(sdata, new->conf.keyidx, 472 false, true); 473 if (defmgmtkey && new) 474 __ieee80211_set_default_mgmt_key(sdata, 475 new->conf.keyidx); 476 } 477 478 if (old) 479 list_del_rcu(&old->list); 480 481 return 0; 482 } 483 484 struct ieee80211_key * 485 ieee80211_key_alloc(u32 cipher, int idx, size_t key_len, 486 const u8 *key_data, 487 size_t seq_len, const u8 *seq, 488 const struct ieee80211_cipher_scheme *cs) 489 { 490 struct ieee80211_key *key; 491 int i, j, err; 492 493 if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)) 494 return ERR_PTR(-EINVAL); 495 496 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL); 497 if (!key) 498 return ERR_PTR(-ENOMEM); 499 500 /* 501 * Default to software encryption; we'll later upload the 502 * key to the hardware if possible. 503 */ 504 key->conf.flags = 0; 505 key->flags = 0; 506 507 key->conf.cipher = cipher; 508 key->conf.keyidx = idx; 509 key->conf.keylen = key_len; 510 switch (cipher) { 511 case WLAN_CIPHER_SUITE_WEP40: 512 case WLAN_CIPHER_SUITE_WEP104: 513 key->conf.iv_len = IEEE80211_WEP_IV_LEN; 514 key->conf.icv_len = IEEE80211_WEP_ICV_LEN; 515 break; 516 case WLAN_CIPHER_SUITE_TKIP: 517 key->conf.iv_len = IEEE80211_TKIP_IV_LEN; 518 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN; 519 if (seq) { 520 for (i = 0; i < IEEE80211_NUM_TIDS; i++) { 521 key->u.tkip.rx[i].iv32 = 522 get_unaligned_le32(&seq[2]); 523 key->u.tkip.rx[i].iv16 = 524 get_unaligned_le16(seq); 525 } 526 } 527 spin_lock_init(&key->u.tkip.txlock); 528 break; 529 case WLAN_CIPHER_SUITE_CCMP: 530 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN; 531 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN; 532 if (seq) { 533 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 534 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++) 535 key->u.ccmp.rx_pn[i][j] = 536 seq[IEEE80211_CCMP_PN_LEN - j - 1]; 537 } 538 /* 539 * Initialize AES key state here as an optimization so that 540 * it does not need to be initialized for every packet. 541 */ 542 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 543 key_data, key_len, IEEE80211_CCMP_MIC_LEN); 544 if (IS_ERR(key->u.ccmp.tfm)) { 545 err = PTR_ERR(key->u.ccmp.tfm); 546 kfree(key); 547 return ERR_PTR(err); 548 } 549 break; 550 case WLAN_CIPHER_SUITE_CCMP_256: 551 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN; 552 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN; 553 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 554 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++) 555 key->u.ccmp.rx_pn[i][j] = 556 seq[IEEE80211_CCMP_256_PN_LEN - j - 1]; 557 /* Initialize AES key state here as an optimization so that 558 * it does not need to be initialized for every packet. 559 */ 560 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 561 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN); 562 if (IS_ERR(key->u.ccmp.tfm)) { 563 err = PTR_ERR(key->u.ccmp.tfm); 564 kfree(key); 565 return ERR_PTR(err); 566 } 567 break; 568 case WLAN_CIPHER_SUITE_AES_CMAC: 569 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 570 key->conf.iv_len = 0; 571 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC) 572 key->conf.icv_len = sizeof(struct ieee80211_mmie); 573 else 574 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 575 if (seq) 576 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++) 577 key->u.aes_cmac.rx_pn[j] = 578 seq[IEEE80211_CMAC_PN_LEN - j - 1]; 579 /* 580 * Initialize AES key state here as an optimization so that 581 * it does not need to be initialized for every packet. 582 */ 583 key->u.aes_cmac.tfm = 584 ieee80211_aes_cmac_key_setup(key_data, key_len); 585 if (IS_ERR(key->u.aes_cmac.tfm)) { 586 err = PTR_ERR(key->u.aes_cmac.tfm); 587 kfree(key); 588 return ERR_PTR(err); 589 } 590 break; 591 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 592 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 593 key->conf.iv_len = 0; 594 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 595 if (seq) 596 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++) 597 key->u.aes_gmac.rx_pn[j] = 598 seq[IEEE80211_GMAC_PN_LEN - j - 1]; 599 /* Initialize AES key state here as an optimization so that 600 * it does not need to be initialized for every packet. 601 */ 602 key->u.aes_gmac.tfm = 603 ieee80211_aes_gmac_key_setup(key_data, key_len); 604 if (IS_ERR(key->u.aes_gmac.tfm)) { 605 err = PTR_ERR(key->u.aes_gmac.tfm); 606 kfree(key); 607 return ERR_PTR(err); 608 } 609 break; 610 case WLAN_CIPHER_SUITE_GCMP: 611 case WLAN_CIPHER_SUITE_GCMP_256: 612 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN; 613 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN; 614 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 615 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++) 616 key->u.gcmp.rx_pn[i][j] = 617 seq[IEEE80211_GCMP_PN_LEN - j - 1]; 618 /* Initialize AES key state here as an optimization so that 619 * it does not need to be initialized for every packet. 620 */ 621 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data, 622 key_len); 623 if (IS_ERR(key->u.gcmp.tfm)) { 624 err = PTR_ERR(key->u.gcmp.tfm); 625 kfree(key); 626 return ERR_PTR(err); 627 } 628 break; 629 default: 630 if (cs) { 631 if (seq_len && seq_len != cs->pn_len) { 632 kfree(key); 633 return ERR_PTR(-EINVAL); 634 } 635 636 key->conf.iv_len = cs->hdr_len; 637 key->conf.icv_len = cs->mic_len; 638 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 639 for (j = 0; j < seq_len; j++) 640 key->u.gen.rx_pn[i][j] = 641 seq[seq_len - j - 1]; 642 key->flags |= KEY_FLAG_CIPHER_SCHEME; 643 } 644 } 645 memcpy(key->conf.key, key_data, key_len); 646 INIT_LIST_HEAD(&key->list); 647 648 return key; 649 } 650 651 static void ieee80211_key_free_common(struct ieee80211_key *key) 652 { 653 switch (key->conf.cipher) { 654 case WLAN_CIPHER_SUITE_CCMP: 655 case WLAN_CIPHER_SUITE_CCMP_256: 656 ieee80211_aes_key_free(key->u.ccmp.tfm); 657 break; 658 case WLAN_CIPHER_SUITE_AES_CMAC: 659 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 660 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm); 661 break; 662 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 663 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 664 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm); 665 break; 666 case WLAN_CIPHER_SUITE_GCMP: 667 case WLAN_CIPHER_SUITE_GCMP_256: 668 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm); 669 break; 670 } 671 kzfree(key); 672 } 673 674 static void __ieee80211_key_destroy(struct ieee80211_key *key, 675 bool delay_tailroom) 676 { 677 if (key->local) { 678 struct ieee80211_sub_if_data *sdata = key->sdata; 679 680 ieee80211_debugfs_key_remove(key); 681 682 if (delay_tailroom) { 683 /* see ieee80211_delayed_tailroom_dec */ 684 sdata->crypto_tx_tailroom_pending_dec++; 685 schedule_delayed_work(&sdata->dec_tailroom_needed_wk, 686 HZ/2); 687 } else { 688 decrease_tailroom_need_count(sdata, 1); 689 } 690 } 691 692 ieee80211_key_free_common(key); 693 } 694 695 static void ieee80211_key_destroy(struct ieee80211_key *key, 696 bool delay_tailroom) 697 { 698 if (!key) 699 return; 700 701 /* 702 * Synchronize so the TX path and rcu key iterators 703 * can no longer be using this key before we free/remove it. 704 */ 705 synchronize_net(); 706 707 __ieee80211_key_destroy(key, delay_tailroom); 708 } 709 710 void ieee80211_key_free_unused(struct ieee80211_key *key) 711 { 712 WARN_ON(key->sdata || key->local); 713 ieee80211_key_free_common(key); 714 } 715 716 static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata, 717 struct ieee80211_key *old, 718 struct ieee80211_key *new) 719 { 720 u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP]; 721 u8 *tk_old, *tk_new; 722 723 if (!old || new->conf.keylen != old->conf.keylen) 724 return false; 725 726 tk_old = old->conf.key; 727 tk_new = new->conf.key; 728 729 /* 730 * In station mode, don't compare the TX MIC key, as it's never used 731 * and offloaded rekeying may not care to send it to the host. This 732 * is the case in iwlwifi, for example. 733 */ 734 if (sdata->vif.type == NL80211_IFTYPE_STATION && 735 new->conf.cipher == WLAN_CIPHER_SUITE_TKIP && 736 new->conf.keylen == WLAN_KEY_LEN_TKIP && 737 !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) { 738 memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP); 739 memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP); 740 memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8); 741 memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8); 742 tk_old = tkip_old; 743 tk_new = tkip_new; 744 } 745 746 return !crypto_memneq(tk_old, tk_new, new->conf.keylen); 747 } 748 749 int ieee80211_key_link(struct ieee80211_key *key, 750 struct ieee80211_sub_if_data *sdata, 751 struct sta_info *sta) 752 { 753 struct ieee80211_key *old_key; 754 int idx = key->conf.keyidx; 755 bool pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE; 756 /* 757 * We want to delay tailroom updates only for station - in that 758 * case it helps roaming speed, but in other cases it hurts and 759 * can cause warnings to appear. 760 */ 761 bool delay_tailroom = sdata->vif.type == NL80211_IFTYPE_STATION; 762 int ret = -EOPNOTSUPP; 763 764 mutex_lock(&sdata->local->key_mtx); 765 766 if (sta && pairwise) { 767 struct ieee80211_key *alt_key; 768 769 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]); 770 alt_key = key_mtx_dereference(sdata->local, sta->ptk[idx ^ 1]); 771 772 /* The rekey code assumes that the old and new key are using 773 * the same cipher. Enforce the assumption for pairwise keys. 774 */ 775 if (key && 776 ((alt_key && alt_key->conf.cipher != key->conf.cipher) || 777 (old_key && old_key->conf.cipher != key->conf.cipher))) 778 goto out; 779 } else if (sta) { 780 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]); 781 } else { 782 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 783 } 784 785 /* Non-pairwise keys must also not switch the cipher on rekey */ 786 if (!pairwise) { 787 if (key && old_key && old_key->conf.cipher != key->conf.cipher) 788 goto out; 789 } 790 791 /* 792 * Silently accept key re-installation without really installing the 793 * new version of the key to avoid nonce reuse or replay issues. 794 */ 795 if (ieee80211_key_identical(sdata, old_key, key)) { 796 ieee80211_key_free_unused(key); 797 ret = 0; 798 goto out; 799 } 800 801 key->local = sdata->local; 802 key->sdata = sdata; 803 key->sta = sta; 804 805 increment_tailroom_need_count(sdata); 806 807 ret = ieee80211_key_replace(sdata, sta, pairwise, old_key, key); 808 809 if (!ret) { 810 ieee80211_debugfs_key_add(key); 811 ieee80211_key_destroy(old_key, delay_tailroom); 812 } else { 813 ieee80211_key_free(key, delay_tailroom); 814 } 815 816 out: 817 mutex_unlock(&sdata->local->key_mtx); 818 819 return ret; 820 } 821 822 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom) 823 { 824 if (!key) 825 return; 826 827 /* 828 * Replace key with nothingness if it was ever used. 829 */ 830 if (key->sdata) 831 ieee80211_key_replace(key->sdata, key->sta, 832 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 833 key, NULL); 834 ieee80211_key_destroy(key, delay_tailroom); 835 } 836 837 void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata) 838 { 839 struct ieee80211_key *key; 840 struct ieee80211_sub_if_data *vlan; 841 842 ASSERT_RTNL(); 843 844 if (WARN_ON(!ieee80211_sdata_running(sdata))) 845 return; 846 847 mutex_lock(&sdata->local->key_mtx); 848 849 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt || 850 sdata->crypto_tx_tailroom_pending_dec); 851 852 if (sdata->vif.type == NL80211_IFTYPE_AP) { 853 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 854 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt || 855 vlan->crypto_tx_tailroom_pending_dec); 856 } 857 858 list_for_each_entry(key, &sdata->key_list, list) { 859 increment_tailroom_need_count(sdata); 860 ieee80211_key_enable_hw_accel(key); 861 } 862 863 mutex_unlock(&sdata->local->key_mtx); 864 } 865 866 void ieee80211_reset_crypto_tx_tailroom(struct ieee80211_sub_if_data *sdata) 867 { 868 struct ieee80211_sub_if_data *vlan; 869 870 mutex_lock(&sdata->local->key_mtx); 871 872 sdata->crypto_tx_tailroom_needed_cnt = 0; 873 874 if (sdata->vif.type == NL80211_IFTYPE_AP) { 875 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 876 vlan->crypto_tx_tailroom_needed_cnt = 0; 877 } 878 879 mutex_unlock(&sdata->local->key_mtx); 880 } 881 882 void ieee80211_iter_keys(struct ieee80211_hw *hw, 883 struct ieee80211_vif *vif, 884 void (*iter)(struct ieee80211_hw *hw, 885 struct ieee80211_vif *vif, 886 struct ieee80211_sta *sta, 887 struct ieee80211_key_conf *key, 888 void *data), 889 void *iter_data) 890 { 891 struct ieee80211_local *local = hw_to_local(hw); 892 struct ieee80211_key *key, *tmp; 893 struct ieee80211_sub_if_data *sdata; 894 895 ASSERT_RTNL(); 896 897 mutex_lock(&local->key_mtx); 898 if (vif) { 899 sdata = vif_to_sdata(vif); 900 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) 901 iter(hw, &sdata->vif, 902 key->sta ? &key->sta->sta : NULL, 903 &key->conf, iter_data); 904 } else { 905 list_for_each_entry(sdata, &local->interfaces, list) 906 list_for_each_entry_safe(key, tmp, 907 &sdata->key_list, list) 908 iter(hw, &sdata->vif, 909 key->sta ? &key->sta->sta : NULL, 910 &key->conf, iter_data); 911 } 912 mutex_unlock(&local->key_mtx); 913 } 914 EXPORT_SYMBOL(ieee80211_iter_keys); 915 916 static void 917 _ieee80211_iter_keys_rcu(struct ieee80211_hw *hw, 918 struct ieee80211_sub_if_data *sdata, 919 void (*iter)(struct ieee80211_hw *hw, 920 struct ieee80211_vif *vif, 921 struct ieee80211_sta *sta, 922 struct ieee80211_key_conf *key, 923 void *data), 924 void *iter_data) 925 { 926 struct ieee80211_key *key; 927 928 list_for_each_entry_rcu(key, &sdata->key_list, list) { 929 /* skip keys of station in removal process */ 930 if (key->sta && key->sta->removed) 931 continue; 932 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 933 continue; 934 935 iter(hw, &sdata->vif, 936 key->sta ? &key->sta->sta : NULL, 937 &key->conf, iter_data); 938 } 939 } 940 941 void ieee80211_iter_keys_rcu(struct ieee80211_hw *hw, 942 struct ieee80211_vif *vif, 943 void (*iter)(struct ieee80211_hw *hw, 944 struct ieee80211_vif *vif, 945 struct ieee80211_sta *sta, 946 struct ieee80211_key_conf *key, 947 void *data), 948 void *iter_data) 949 { 950 struct ieee80211_local *local = hw_to_local(hw); 951 struct ieee80211_sub_if_data *sdata; 952 953 if (vif) { 954 sdata = vif_to_sdata(vif); 955 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data); 956 } else { 957 list_for_each_entry_rcu(sdata, &local->interfaces, list) 958 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data); 959 } 960 } 961 EXPORT_SYMBOL(ieee80211_iter_keys_rcu); 962 963 static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata, 964 struct list_head *keys) 965 { 966 struct ieee80211_key *key, *tmp; 967 968 decrease_tailroom_need_count(sdata, 969 sdata->crypto_tx_tailroom_pending_dec); 970 sdata->crypto_tx_tailroom_pending_dec = 0; 971 972 ieee80211_debugfs_key_remove_mgmt_default(sdata); 973 974 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) { 975 ieee80211_key_replace(key->sdata, key->sta, 976 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 977 key, NULL); 978 list_add_tail(&key->list, keys); 979 } 980 981 ieee80211_debugfs_key_update_default(sdata); 982 } 983 984 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata, 985 bool force_synchronize) 986 { 987 struct ieee80211_local *local = sdata->local; 988 struct ieee80211_sub_if_data *vlan; 989 struct ieee80211_sub_if_data *master; 990 struct ieee80211_key *key, *tmp; 991 LIST_HEAD(keys); 992 993 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk); 994 995 mutex_lock(&local->key_mtx); 996 997 ieee80211_free_keys_iface(sdata, &keys); 998 999 if (sdata->vif.type == NL80211_IFTYPE_AP) { 1000 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 1001 ieee80211_free_keys_iface(vlan, &keys); 1002 } 1003 1004 if (!list_empty(&keys) || force_synchronize) 1005 synchronize_net(); 1006 list_for_each_entry_safe(key, tmp, &keys, list) 1007 __ieee80211_key_destroy(key, false); 1008 1009 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 1010 if (sdata->bss) { 1011 master = container_of(sdata->bss, 1012 struct ieee80211_sub_if_data, 1013 u.ap); 1014 1015 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt != 1016 master->crypto_tx_tailroom_needed_cnt); 1017 } 1018 } else { 1019 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt || 1020 sdata->crypto_tx_tailroom_pending_dec); 1021 } 1022 1023 if (sdata->vif.type == NL80211_IFTYPE_AP) { 1024 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 1025 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt || 1026 vlan->crypto_tx_tailroom_pending_dec); 1027 } 1028 1029 mutex_unlock(&local->key_mtx); 1030 } 1031 1032 void ieee80211_free_sta_keys(struct ieee80211_local *local, 1033 struct sta_info *sta) 1034 { 1035 struct ieee80211_key *key; 1036 int i; 1037 1038 mutex_lock(&local->key_mtx); 1039 for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) { 1040 key = key_mtx_dereference(local, sta->gtk[i]); 1041 if (!key) 1042 continue; 1043 ieee80211_key_replace(key->sdata, key->sta, 1044 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1045 key, NULL); 1046 __ieee80211_key_destroy(key, key->sdata->vif.type == 1047 NL80211_IFTYPE_STATION); 1048 } 1049 1050 for (i = 0; i < NUM_DEFAULT_KEYS; i++) { 1051 key = key_mtx_dereference(local, sta->ptk[i]); 1052 if (!key) 1053 continue; 1054 ieee80211_key_replace(key->sdata, key->sta, 1055 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 1056 key, NULL); 1057 __ieee80211_key_destroy(key, key->sdata->vif.type == 1058 NL80211_IFTYPE_STATION); 1059 } 1060 1061 mutex_unlock(&local->key_mtx); 1062 } 1063 1064 void ieee80211_delayed_tailroom_dec(struct work_struct *wk) 1065 { 1066 struct ieee80211_sub_if_data *sdata; 1067 1068 sdata = container_of(wk, struct ieee80211_sub_if_data, 1069 dec_tailroom_needed_wk.work); 1070 1071 /* 1072 * The reason for the delayed tailroom needed decrementing is to 1073 * make roaming faster: during roaming, all keys are first deleted 1074 * and then new keys are installed. The first new key causes the 1075 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes 1076 * the cost of synchronize_net() (which can be slow). Avoid this 1077 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on 1078 * key removal for a while, so if we roam the value is larger than 1079 * zero and no 0->1 transition happens. 1080 * 1081 * The cost is that if the AP switching was from an AP with keys 1082 * to one without, we still allocate tailroom while it would no 1083 * longer be needed. However, in the typical (fast) roaming case 1084 * within an ESS this usually won't happen. 1085 */ 1086 1087 mutex_lock(&sdata->local->key_mtx); 1088 decrease_tailroom_need_count(sdata, 1089 sdata->crypto_tx_tailroom_pending_dec); 1090 sdata->crypto_tx_tailroom_pending_dec = 0; 1091 mutex_unlock(&sdata->local->key_mtx); 1092 } 1093 1094 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid, 1095 const u8 *replay_ctr, gfp_t gfp) 1096 { 1097 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1098 1099 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr); 1100 1101 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp); 1102 } 1103 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify); 1104 1105 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf, 1106 int tid, struct ieee80211_key_seq *seq) 1107 { 1108 struct ieee80211_key *key; 1109 const u8 *pn; 1110 1111 key = container_of(keyconf, struct ieee80211_key, conf); 1112 1113 switch (key->conf.cipher) { 1114 case WLAN_CIPHER_SUITE_TKIP: 1115 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 1116 return; 1117 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32; 1118 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16; 1119 break; 1120 case WLAN_CIPHER_SUITE_CCMP: 1121 case WLAN_CIPHER_SUITE_CCMP_256: 1122 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1123 return; 1124 if (tid < 0) 1125 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 1126 else 1127 pn = key->u.ccmp.rx_pn[tid]; 1128 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN); 1129 break; 1130 case WLAN_CIPHER_SUITE_AES_CMAC: 1131 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1132 if (WARN_ON(tid != 0)) 1133 return; 1134 pn = key->u.aes_cmac.rx_pn; 1135 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN); 1136 break; 1137 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1138 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1139 if (WARN_ON(tid != 0)) 1140 return; 1141 pn = key->u.aes_gmac.rx_pn; 1142 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN); 1143 break; 1144 case WLAN_CIPHER_SUITE_GCMP: 1145 case WLAN_CIPHER_SUITE_GCMP_256: 1146 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1147 return; 1148 if (tid < 0) 1149 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 1150 else 1151 pn = key->u.gcmp.rx_pn[tid]; 1152 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN); 1153 break; 1154 } 1155 } 1156 EXPORT_SYMBOL(ieee80211_get_key_rx_seq); 1157 1158 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf, 1159 int tid, struct ieee80211_key_seq *seq) 1160 { 1161 struct ieee80211_key *key; 1162 u8 *pn; 1163 1164 key = container_of(keyconf, struct ieee80211_key, conf); 1165 1166 switch (key->conf.cipher) { 1167 case WLAN_CIPHER_SUITE_TKIP: 1168 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 1169 return; 1170 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32; 1171 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16; 1172 break; 1173 case WLAN_CIPHER_SUITE_CCMP: 1174 case WLAN_CIPHER_SUITE_CCMP_256: 1175 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1176 return; 1177 if (tid < 0) 1178 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 1179 else 1180 pn = key->u.ccmp.rx_pn[tid]; 1181 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN); 1182 break; 1183 case WLAN_CIPHER_SUITE_AES_CMAC: 1184 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1185 if (WARN_ON(tid != 0)) 1186 return; 1187 pn = key->u.aes_cmac.rx_pn; 1188 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN); 1189 break; 1190 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1191 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1192 if (WARN_ON(tid != 0)) 1193 return; 1194 pn = key->u.aes_gmac.rx_pn; 1195 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN); 1196 break; 1197 case WLAN_CIPHER_SUITE_GCMP: 1198 case WLAN_CIPHER_SUITE_GCMP_256: 1199 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1200 return; 1201 if (tid < 0) 1202 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 1203 else 1204 pn = key->u.gcmp.rx_pn[tid]; 1205 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN); 1206 break; 1207 default: 1208 WARN_ON(1); 1209 break; 1210 } 1211 } 1212 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq); 1213 1214 void ieee80211_remove_key(struct ieee80211_key_conf *keyconf) 1215 { 1216 struct ieee80211_key *key; 1217 1218 key = container_of(keyconf, struct ieee80211_key, conf); 1219 1220 assert_key_lock(key->local); 1221 1222 /* 1223 * if key was uploaded, we assume the driver will/has remove(d) 1224 * it, so adjust bookkeeping accordingly 1225 */ 1226 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 1227 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 1228 1229 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC | 1230 IEEE80211_KEY_FLAG_PUT_MIC_SPACE | 1231 IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 1232 increment_tailroom_need_count(key->sdata); 1233 } 1234 1235 ieee80211_key_free(key, false); 1236 } 1237 EXPORT_SYMBOL_GPL(ieee80211_remove_key); 1238 1239 struct ieee80211_key_conf * 1240 ieee80211_gtk_rekey_add(struct ieee80211_vif *vif, 1241 struct ieee80211_key_conf *keyconf) 1242 { 1243 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1244 struct ieee80211_local *local = sdata->local; 1245 struct ieee80211_key *key; 1246 int err; 1247 1248 if (WARN_ON(!local->wowlan)) 1249 return ERR_PTR(-EINVAL); 1250 1251 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION)) 1252 return ERR_PTR(-EINVAL); 1253 1254 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx, 1255 keyconf->keylen, keyconf->key, 1256 0, NULL, NULL); 1257 if (IS_ERR(key)) 1258 return ERR_CAST(key); 1259 1260 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED) 1261 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT; 1262 1263 err = ieee80211_key_link(key, sdata, NULL); 1264 if (err) 1265 return ERR_PTR(err); 1266 1267 return &key->conf; 1268 } 1269 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add); 1270