Loading...
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
6 * Copyright 2013-2014 Intel Mobile Communications GmbH
7 * Copyright 2015 Intel Deutschland GmbH
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
12 */
13
14#include <linux/if_ether.h>
15#include <linux/etherdevice.h>
16#include <linux/list.h>
17#include <linux/rcupdate.h>
18#include <linux/rtnetlink.h>
19#include <linux/slab.h>
20#include <linux/export.h>
21#include <net/mac80211.h>
22#include <asm/unaligned.h>
23#include "ieee80211_i.h"
24#include "driver-ops.h"
25#include "debugfs_key.h"
26#include "aes_ccm.h"
27#include "aes_cmac.h"
28#include "aes_gmac.h"
29#include "aes_gcm.h"
30
31
32/**
33 * DOC: Key handling basics
34 *
35 * Key handling in mac80211 is done based on per-interface (sub_if_data)
36 * keys and per-station keys. Since each station belongs to an interface,
37 * each station key also belongs to that interface.
38 *
39 * Hardware acceleration is done on a best-effort basis for algorithms
40 * that are implemented in software, for each key the hardware is asked
41 * to enable that key for offloading but if it cannot do that the key is
42 * simply kept for software encryption (unless it is for an algorithm
43 * that isn't implemented in software).
44 * There is currently no way of knowing whether a key is handled in SW
45 * or HW except by looking into debugfs.
46 *
47 * All key management is internally protected by a mutex. Within all
48 * other parts of mac80211, key references are, just as STA structure
49 * references, protected by RCU. Note, however, that some things are
50 * unprotected, namely the key->sta dereferences within the hardware
51 * acceleration functions. This means that sta_info_destroy() must
52 * remove the key which waits for an RCU grace period.
53 */
54
55static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
56
57static void assert_key_lock(struct ieee80211_local *local)
58{
59 lockdep_assert_held(&local->key_mtx);
60}
61
62static void
63update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta)
64{
65 struct ieee80211_sub_if_data *vlan;
66
67 if (sdata->vif.type != NL80211_IFTYPE_AP)
68 return;
69
70 /* crypto_tx_tailroom_needed_cnt is protected by this */
71 assert_key_lock(sdata->local);
72
73 rcu_read_lock();
74
75 list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list)
76 vlan->crypto_tx_tailroom_needed_cnt += delta;
77
78 rcu_read_unlock();
79}
80
81static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
82{
83 /*
84 * When this count is zero, SKB resizing for allocating tailroom
85 * for IV or MMIC is skipped. But, this check has created two race
86 * cases in xmit path while transiting from zero count to one:
87 *
88 * 1. SKB resize was skipped because no key was added but just before
89 * the xmit key is added and SW encryption kicks off.
90 *
91 * 2. SKB resize was skipped because all the keys were hw planted but
92 * just before xmit one of the key is deleted and SW encryption kicks
93 * off.
94 *
95 * In both the above case SW encryption will find not enough space for
96 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
97 *
98 * Solution has been explained at
99 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
100 */
101
102 assert_key_lock(sdata->local);
103
104 update_vlan_tailroom_need_count(sdata, 1);
105
106 if (!sdata->crypto_tx_tailroom_needed_cnt++) {
107 /*
108 * Flush all XMIT packets currently using HW encryption or no
109 * encryption at all if the count transition is from 0 -> 1.
110 */
111 synchronize_net();
112 }
113}
114
115static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata,
116 int delta)
117{
118 assert_key_lock(sdata->local);
119
120 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta);
121
122 update_vlan_tailroom_need_count(sdata, -delta);
123 sdata->crypto_tx_tailroom_needed_cnt -= delta;
124}
125
126static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
127{
128 struct ieee80211_sub_if_data *sdata;
129 struct sta_info *sta;
130 int ret = -EOPNOTSUPP;
131
132 might_sleep();
133
134 if (key->flags & KEY_FLAG_TAINTED) {
135 /* If we get here, it's during resume and the key is
136 * tainted so shouldn't be used/programmed any more.
137 * However, its flags may still indicate that it was
138 * programmed into the device (since we're in resume)
139 * so clear that flag now to avoid trying to remove
140 * it again later.
141 */
142 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
143 return -EINVAL;
144 }
145
146 if (!key->local->ops->set_key)
147 goto out_unsupported;
148
149 assert_key_lock(key->local);
150
151 sta = key->sta;
152
153 /*
154 * If this is a per-STA GTK, check if it
155 * is supported; if not, return.
156 */
157 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) &&
158 !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK))
159 goto out_unsupported;
160
161 if (sta && !sta->uploaded)
162 goto out_unsupported;
163
164 sdata = key->sdata;
165 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
166 /*
167 * The driver doesn't know anything about VLAN interfaces.
168 * Hence, don't send GTKs for VLAN interfaces to the driver.
169 */
170 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE))
171 goto out_unsupported;
172 }
173
174 ret = drv_set_key(key->local, SET_KEY, sdata,
175 sta ? &sta->sta : NULL, &key->conf);
176
177 if (!ret) {
178 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
179
180 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
181 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
182 decrease_tailroom_need_count(sdata, 1);
183
184 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
185 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV));
186
187 return 0;
188 }
189
190 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1)
191 sdata_err(sdata,
192 "failed to set key (%d, %pM) to hardware (%d)\n",
193 key->conf.keyidx,
194 sta ? sta->sta.addr : bcast_addr, ret);
195
196 out_unsupported:
197 switch (key->conf.cipher) {
198 case WLAN_CIPHER_SUITE_WEP40:
199 case WLAN_CIPHER_SUITE_WEP104:
200 case WLAN_CIPHER_SUITE_TKIP:
201 case WLAN_CIPHER_SUITE_CCMP:
202 case WLAN_CIPHER_SUITE_CCMP_256:
203 case WLAN_CIPHER_SUITE_AES_CMAC:
204 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
205 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
206 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
207 case WLAN_CIPHER_SUITE_GCMP:
208 case WLAN_CIPHER_SUITE_GCMP_256:
209 /* all of these we can do in software - if driver can */
210 if (ret == 1)
211 return 0;
212 if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL))
213 return -EINVAL;
214 return 0;
215 default:
216 return -EINVAL;
217 }
218}
219
220static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
221{
222 struct ieee80211_sub_if_data *sdata;
223 struct sta_info *sta;
224 int ret;
225
226 might_sleep();
227
228 if (!key || !key->local->ops->set_key)
229 return;
230
231 assert_key_lock(key->local);
232
233 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
234 return;
235
236 sta = key->sta;
237 sdata = key->sdata;
238
239 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
240 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
241 increment_tailroom_need_count(sdata);
242
243 ret = drv_set_key(key->local, DISABLE_KEY, sdata,
244 sta ? &sta->sta : NULL, &key->conf);
245
246 if (ret)
247 sdata_err(sdata,
248 "failed to remove key (%d, %pM) from hardware (%d)\n",
249 key->conf.keyidx,
250 sta ? sta->sta.addr : bcast_addr, ret);
251
252 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
253}
254
255static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
256 int idx, bool uni, bool multi)
257{
258 struct ieee80211_key *key = NULL;
259
260 assert_key_lock(sdata->local);
261
262 if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
263 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
264
265 if (uni) {
266 rcu_assign_pointer(sdata->default_unicast_key, key);
267 ieee80211_check_fast_xmit_iface(sdata);
268 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN)
269 drv_set_default_unicast_key(sdata->local, sdata, idx);
270 }
271
272 if (multi)
273 rcu_assign_pointer(sdata->default_multicast_key, key);
274
275 ieee80211_debugfs_key_update_default(sdata);
276}
277
278void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
279 bool uni, bool multi)
280{
281 mutex_lock(&sdata->local->key_mtx);
282 __ieee80211_set_default_key(sdata, idx, uni, multi);
283 mutex_unlock(&sdata->local->key_mtx);
284}
285
286static void
287__ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
288{
289 struct ieee80211_key *key = NULL;
290
291 assert_key_lock(sdata->local);
292
293 if (idx >= NUM_DEFAULT_KEYS &&
294 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
295 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
296
297 rcu_assign_pointer(sdata->default_mgmt_key, key);
298
299 ieee80211_debugfs_key_update_default(sdata);
300}
301
302void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
303 int idx)
304{
305 mutex_lock(&sdata->local->key_mtx);
306 __ieee80211_set_default_mgmt_key(sdata, idx);
307 mutex_unlock(&sdata->local->key_mtx);
308}
309
310
311static void ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
312 struct sta_info *sta,
313 bool pairwise,
314 struct ieee80211_key *old,
315 struct ieee80211_key *new)
316{
317 int idx;
318 bool defunikey, defmultikey, defmgmtkey;
319
320 /* caller must provide at least one old/new */
321 if (WARN_ON(!new && !old))
322 return;
323
324 if (new)
325 list_add_tail_rcu(&new->list, &sdata->key_list);
326
327 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
328
329 if (old)
330 idx = old->conf.keyidx;
331 else
332 idx = new->conf.keyidx;
333
334 if (sta) {
335 if (pairwise) {
336 rcu_assign_pointer(sta->ptk[idx], new);
337 sta->ptk_idx = idx;
338 ieee80211_check_fast_xmit(sta);
339 } else {
340 rcu_assign_pointer(sta->gtk[idx], new);
341 }
342 ieee80211_check_fast_rx(sta);
343 } else {
344 defunikey = old &&
345 old == key_mtx_dereference(sdata->local,
346 sdata->default_unicast_key);
347 defmultikey = old &&
348 old == key_mtx_dereference(sdata->local,
349 sdata->default_multicast_key);
350 defmgmtkey = old &&
351 old == key_mtx_dereference(sdata->local,
352 sdata->default_mgmt_key);
353
354 if (defunikey && !new)
355 __ieee80211_set_default_key(sdata, -1, true, false);
356 if (defmultikey && !new)
357 __ieee80211_set_default_key(sdata, -1, false, true);
358 if (defmgmtkey && !new)
359 __ieee80211_set_default_mgmt_key(sdata, -1);
360
361 rcu_assign_pointer(sdata->keys[idx], new);
362 if (defunikey && new)
363 __ieee80211_set_default_key(sdata, new->conf.keyidx,
364 true, false);
365 if (defmultikey && new)
366 __ieee80211_set_default_key(sdata, new->conf.keyidx,
367 false, true);
368 if (defmgmtkey && new)
369 __ieee80211_set_default_mgmt_key(sdata,
370 new->conf.keyidx);
371 }
372
373 if (old)
374 list_del_rcu(&old->list);
375}
376
377struct ieee80211_key *
378ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
379 const u8 *key_data,
380 size_t seq_len, const u8 *seq,
381 const struct ieee80211_cipher_scheme *cs)
382{
383 struct ieee80211_key *key;
384 int i, j, err;
385
386 if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS))
387 return ERR_PTR(-EINVAL);
388
389 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
390 if (!key)
391 return ERR_PTR(-ENOMEM);
392
393 /*
394 * Default to software encryption; we'll later upload the
395 * key to the hardware if possible.
396 */
397 key->conf.flags = 0;
398 key->flags = 0;
399
400 key->conf.cipher = cipher;
401 key->conf.keyidx = idx;
402 key->conf.keylen = key_len;
403 switch (cipher) {
404 case WLAN_CIPHER_SUITE_WEP40:
405 case WLAN_CIPHER_SUITE_WEP104:
406 key->conf.iv_len = IEEE80211_WEP_IV_LEN;
407 key->conf.icv_len = IEEE80211_WEP_ICV_LEN;
408 break;
409 case WLAN_CIPHER_SUITE_TKIP:
410 key->conf.iv_len = IEEE80211_TKIP_IV_LEN;
411 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN;
412 if (seq) {
413 for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
414 key->u.tkip.rx[i].iv32 =
415 get_unaligned_le32(&seq[2]);
416 key->u.tkip.rx[i].iv16 =
417 get_unaligned_le16(seq);
418 }
419 }
420 spin_lock_init(&key->u.tkip.txlock);
421 break;
422 case WLAN_CIPHER_SUITE_CCMP:
423 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN;
424 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN;
425 if (seq) {
426 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
427 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++)
428 key->u.ccmp.rx_pn[i][j] =
429 seq[IEEE80211_CCMP_PN_LEN - j - 1];
430 }
431 /*
432 * Initialize AES key state here as an optimization so that
433 * it does not need to be initialized for every packet.
434 */
435 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
436 key_data, key_len, IEEE80211_CCMP_MIC_LEN);
437 if (IS_ERR(key->u.ccmp.tfm)) {
438 err = PTR_ERR(key->u.ccmp.tfm);
439 kfree(key);
440 return ERR_PTR(err);
441 }
442 break;
443 case WLAN_CIPHER_SUITE_CCMP_256:
444 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN;
445 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN;
446 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
447 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++)
448 key->u.ccmp.rx_pn[i][j] =
449 seq[IEEE80211_CCMP_256_PN_LEN - j - 1];
450 /* Initialize AES key state here as an optimization so that
451 * it does not need to be initialized for every packet.
452 */
453 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
454 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN);
455 if (IS_ERR(key->u.ccmp.tfm)) {
456 err = PTR_ERR(key->u.ccmp.tfm);
457 kfree(key);
458 return ERR_PTR(err);
459 }
460 break;
461 case WLAN_CIPHER_SUITE_AES_CMAC:
462 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
463 key->conf.iv_len = 0;
464 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC)
465 key->conf.icv_len = sizeof(struct ieee80211_mmie);
466 else
467 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
468 if (seq)
469 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
470 key->u.aes_cmac.rx_pn[j] =
471 seq[IEEE80211_CMAC_PN_LEN - j - 1];
472 /*
473 * Initialize AES key state here as an optimization so that
474 * it does not need to be initialized for every packet.
475 */
476 key->u.aes_cmac.tfm =
477 ieee80211_aes_cmac_key_setup(key_data, key_len);
478 if (IS_ERR(key->u.aes_cmac.tfm)) {
479 err = PTR_ERR(key->u.aes_cmac.tfm);
480 kfree(key);
481 return ERR_PTR(err);
482 }
483 break;
484 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
485 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
486 key->conf.iv_len = 0;
487 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
488 if (seq)
489 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++)
490 key->u.aes_gmac.rx_pn[j] =
491 seq[IEEE80211_GMAC_PN_LEN - j - 1];
492 /* Initialize AES key state here as an optimization so that
493 * it does not need to be initialized for every packet.
494 */
495 key->u.aes_gmac.tfm =
496 ieee80211_aes_gmac_key_setup(key_data, key_len);
497 if (IS_ERR(key->u.aes_gmac.tfm)) {
498 err = PTR_ERR(key->u.aes_gmac.tfm);
499 kfree(key);
500 return ERR_PTR(err);
501 }
502 break;
503 case WLAN_CIPHER_SUITE_GCMP:
504 case WLAN_CIPHER_SUITE_GCMP_256:
505 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN;
506 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN;
507 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
508 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++)
509 key->u.gcmp.rx_pn[i][j] =
510 seq[IEEE80211_GCMP_PN_LEN - j - 1];
511 /* Initialize AES key state here as an optimization so that
512 * it does not need to be initialized for every packet.
513 */
514 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data,
515 key_len);
516 if (IS_ERR(key->u.gcmp.tfm)) {
517 err = PTR_ERR(key->u.gcmp.tfm);
518 kfree(key);
519 return ERR_PTR(err);
520 }
521 break;
522 default:
523 if (cs) {
524 if (seq_len && seq_len != cs->pn_len) {
525 kfree(key);
526 return ERR_PTR(-EINVAL);
527 }
528
529 key->conf.iv_len = cs->hdr_len;
530 key->conf.icv_len = cs->mic_len;
531 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
532 for (j = 0; j < seq_len; j++)
533 key->u.gen.rx_pn[i][j] =
534 seq[seq_len - j - 1];
535 key->flags |= KEY_FLAG_CIPHER_SCHEME;
536 }
537 }
538 memcpy(key->conf.key, key_data, key_len);
539 INIT_LIST_HEAD(&key->list);
540
541 return key;
542}
543
544static void ieee80211_key_free_common(struct ieee80211_key *key)
545{
546 switch (key->conf.cipher) {
547 case WLAN_CIPHER_SUITE_CCMP:
548 case WLAN_CIPHER_SUITE_CCMP_256:
549 ieee80211_aes_key_free(key->u.ccmp.tfm);
550 break;
551 case WLAN_CIPHER_SUITE_AES_CMAC:
552 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
553 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
554 break;
555 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
556 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
557 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm);
558 break;
559 case WLAN_CIPHER_SUITE_GCMP:
560 case WLAN_CIPHER_SUITE_GCMP_256:
561 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm);
562 break;
563 }
564 kzfree(key);
565}
566
567static void __ieee80211_key_destroy(struct ieee80211_key *key,
568 bool delay_tailroom)
569{
570 if (key->local)
571 ieee80211_key_disable_hw_accel(key);
572
573 if (key->local) {
574 struct ieee80211_sub_if_data *sdata = key->sdata;
575
576 ieee80211_debugfs_key_remove(key);
577
578 if (delay_tailroom) {
579 /* see ieee80211_delayed_tailroom_dec */
580 sdata->crypto_tx_tailroom_pending_dec++;
581 schedule_delayed_work(&sdata->dec_tailroom_needed_wk,
582 HZ/2);
583 } else {
584 decrease_tailroom_need_count(sdata, 1);
585 }
586 }
587
588 ieee80211_key_free_common(key);
589}
590
591static void ieee80211_key_destroy(struct ieee80211_key *key,
592 bool delay_tailroom)
593{
594 if (!key)
595 return;
596
597 /*
598 * Synchronize so the TX path and rcu key iterators
599 * can no longer be using this key before we free/remove it.
600 */
601 synchronize_net();
602
603 __ieee80211_key_destroy(key, delay_tailroom);
604}
605
606void ieee80211_key_free_unused(struct ieee80211_key *key)
607{
608 WARN_ON(key->sdata || key->local);
609 ieee80211_key_free_common(key);
610}
611
612int ieee80211_key_link(struct ieee80211_key *key,
613 struct ieee80211_sub_if_data *sdata,
614 struct sta_info *sta)
615{
616 struct ieee80211_local *local = sdata->local;
617 struct ieee80211_key *old_key;
618 int idx, ret;
619 bool pairwise;
620
621 pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
622 idx = key->conf.keyidx;
623 key->local = sdata->local;
624 key->sdata = sdata;
625 key->sta = sta;
626
627 mutex_lock(&sdata->local->key_mtx);
628
629 if (sta && pairwise)
630 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]);
631 else if (sta)
632 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]);
633 else
634 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
635
636 increment_tailroom_need_count(sdata);
637
638 ieee80211_key_replace(sdata, sta, pairwise, old_key, key);
639 ieee80211_key_destroy(old_key, true);
640
641 ieee80211_debugfs_key_add(key);
642
643 if (!local->wowlan) {
644 ret = ieee80211_key_enable_hw_accel(key);
645 if (ret)
646 ieee80211_key_free(key, true);
647 } else {
648 ret = 0;
649 }
650
651 mutex_unlock(&sdata->local->key_mtx);
652
653 return ret;
654}
655
656void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom)
657{
658 if (!key)
659 return;
660
661 /*
662 * Replace key with nothingness if it was ever used.
663 */
664 if (key->sdata)
665 ieee80211_key_replace(key->sdata, key->sta,
666 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
667 key, NULL);
668 ieee80211_key_destroy(key, delay_tailroom);
669}
670
671void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata)
672{
673 struct ieee80211_key *key;
674 struct ieee80211_sub_if_data *vlan;
675
676 ASSERT_RTNL();
677
678 if (WARN_ON(!ieee80211_sdata_running(sdata)))
679 return;
680
681 mutex_lock(&sdata->local->key_mtx);
682
683 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
684 sdata->crypto_tx_tailroom_pending_dec);
685
686 if (sdata->vif.type == NL80211_IFTYPE_AP) {
687 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
688 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
689 vlan->crypto_tx_tailroom_pending_dec);
690 }
691
692 list_for_each_entry(key, &sdata->key_list, list) {
693 increment_tailroom_need_count(sdata);
694 ieee80211_key_enable_hw_accel(key);
695 }
696
697 mutex_unlock(&sdata->local->key_mtx);
698}
699
700void ieee80211_reset_crypto_tx_tailroom(struct ieee80211_sub_if_data *sdata)
701{
702 struct ieee80211_sub_if_data *vlan;
703
704 mutex_lock(&sdata->local->key_mtx);
705
706 sdata->crypto_tx_tailroom_needed_cnt = 0;
707
708 if (sdata->vif.type == NL80211_IFTYPE_AP) {
709 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
710 vlan->crypto_tx_tailroom_needed_cnt = 0;
711 }
712
713 mutex_unlock(&sdata->local->key_mtx);
714}
715
716void ieee80211_iter_keys(struct ieee80211_hw *hw,
717 struct ieee80211_vif *vif,
718 void (*iter)(struct ieee80211_hw *hw,
719 struct ieee80211_vif *vif,
720 struct ieee80211_sta *sta,
721 struct ieee80211_key_conf *key,
722 void *data),
723 void *iter_data)
724{
725 struct ieee80211_local *local = hw_to_local(hw);
726 struct ieee80211_key *key, *tmp;
727 struct ieee80211_sub_if_data *sdata;
728
729 ASSERT_RTNL();
730
731 mutex_lock(&local->key_mtx);
732 if (vif) {
733 sdata = vif_to_sdata(vif);
734 list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
735 iter(hw, &sdata->vif,
736 key->sta ? &key->sta->sta : NULL,
737 &key->conf, iter_data);
738 } else {
739 list_for_each_entry(sdata, &local->interfaces, list)
740 list_for_each_entry_safe(key, tmp,
741 &sdata->key_list, list)
742 iter(hw, &sdata->vif,
743 key->sta ? &key->sta->sta : NULL,
744 &key->conf, iter_data);
745 }
746 mutex_unlock(&local->key_mtx);
747}
748EXPORT_SYMBOL(ieee80211_iter_keys);
749
750static void
751_ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
752 struct ieee80211_sub_if_data *sdata,
753 void (*iter)(struct ieee80211_hw *hw,
754 struct ieee80211_vif *vif,
755 struct ieee80211_sta *sta,
756 struct ieee80211_key_conf *key,
757 void *data),
758 void *iter_data)
759{
760 struct ieee80211_key *key;
761
762 list_for_each_entry_rcu(key, &sdata->key_list, list) {
763 /* skip keys of station in removal process */
764 if (key->sta && key->sta->removed)
765 continue;
766 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
767 continue;
768
769 iter(hw, &sdata->vif,
770 key->sta ? &key->sta->sta : NULL,
771 &key->conf, iter_data);
772 }
773}
774
775void ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
776 struct ieee80211_vif *vif,
777 void (*iter)(struct ieee80211_hw *hw,
778 struct ieee80211_vif *vif,
779 struct ieee80211_sta *sta,
780 struct ieee80211_key_conf *key,
781 void *data),
782 void *iter_data)
783{
784 struct ieee80211_local *local = hw_to_local(hw);
785 struct ieee80211_sub_if_data *sdata;
786
787 if (vif) {
788 sdata = vif_to_sdata(vif);
789 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
790 } else {
791 list_for_each_entry_rcu(sdata, &local->interfaces, list)
792 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
793 }
794}
795EXPORT_SYMBOL(ieee80211_iter_keys_rcu);
796
797static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata,
798 struct list_head *keys)
799{
800 struct ieee80211_key *key, *tmp;
801
802 decrease_tailroom_need_count(sdata,
803 sdata->crypto_tx_tailroom_pending_dec);
804 sdata->crypto_tx_tailroom_pending_dec = 0;
805
806 ieee80211_debugfs_key_remove_mgmt_default(sdata);
807
808 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) {
809 ieee80211_key_replace(key->sdata, key->sta,
810 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
811 key, NULL);
812 list_add_tail(&key->list, keys);
813 }
814
815 ieee80211_debugfs_key_update_default(sdata);
816}
817
818void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata,
819 bool force_synchronize)
820{
821 struct ieee80211_local *local = sdata->local;
822 struct ieee80211_sub_if_data *vlan;
823 struct ieee80211_sub_if_data *master;
824 struct ieee80211_key *key, *tmp;
825 LIST_HEAD(keys);
826
827 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk);
828
829 mutex_lock(&local->key_mtx);
830
831 ieee80211_free_keys_iface(sdata, &keys);
832
833 if (sdata->vif.type == NL80211_IFTYPE_AP) {
834 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
835 ieee80211_free_keys_iface(vlan, &keys);
836 }
837
838 if (!list_empty(&keys) || force_synchronize)
839 synchronize_net();
840 list_for_each_entry_safe(key, tmp, &keys, list)
841 __ieee80211_key_destroy(key, false);
842
843 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
844 if (sdata->bss) {
845 master = container_of(sdata->bss,
846 struct ieee80211_sub_if_data,
847 u.ap);
848
849 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt !=
850 master->crypto_tx_tailroom_needed_cnt);
851 }
852 } else {
853 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
854 sdata->crypto_tx_tailroom_pending_dec);
855 }
856
857 if (sdata->vif.type == NL80211_IFTYPE_AP) {
858 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
859 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
860 vlan->crypto_tx_tailroom_pending_dec);
861 }
862
863 mutex_unlock(&local->key_mtx);
864}
865
866void ieee80211_free_sta_keys(struct ieee80211_local *local,
867 struct sta_info *sta)
868{
869 struct ieee80211_key *key;
870 int i;
871
872 mutex_lock(&local->key_mtx);
873 for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) {
874 key = key_mtx_dereference(local, sta->gtk[i]);
875 if (!key)
876 continue;
877 ieee80211_key_replace(key->sdata, key->sta,
878 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
879 key, NULL);
880 __ieee80211_key_destroy(key, true);
881 }
882
883 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
884 key = key_mtx_dereference(local, sta->ptk[i]);
885 if (!key)
886 continue;
887 ieee80211_key_replace(key->sdata, key->sta,
888 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
889 key, NULL);
890 __ieee80211_key_destroy(key, true);
891 }
892
893 mutex_unlock(&local->key_mtx);
894}
895
896void ieee80211_delayed_tailroom_dec(struct work_struct *wk)
897{
898 struct ieee80211_sub_if_data *sdata;
899
900 sdata = container_of(wk, struct ieee80211_sub_if_data,
901 dec_tailroom_needed_wk.work);
902
903 /*
904 * The reason for the delayed tailroom needed decrementing is to
905 * make roaming faster: during roaming, all keys are first deleted
906 * and then new keys are installed. The first new key causes the
907 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes
908 * the cost of synchronize_net() (which can be slow). Avoid this
909 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on
910 * key removal for a while, so if we roam the value is larger than
911 * zero and no 0->1 transition happens.
912 *
913 * The cost is that if the AP switching was from an AP with keys
914 * to one without, we still allocate tailroom while it would no
915 * longer be needed. However, in the typical (fast) roaming case
916 * within an ESS this usually won't happen.
917 */
918
919 mutex_lock(&sdata->local->key_mtx);
920 decrease_tailroom_need_count(sdata,
921 sdata->crypto_tx_tailroom_pending_dec);
922 sdata->crypto_tx_tailroom_pending_dec = 0;
923 mutex_unlock(&sdata->local->key_mtx);
924}
925
926void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid,
927 const u8 *replay_ctr, gfp_t gfp)
928{
929 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
930
931 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr);
932
933 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp);
934}
935EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify);
936
937void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
938 int tid, struct ieee80211_key_seq *seq)
939{
940 struct ieee80211_key *key;
941 const u8 *pn;
942
943 key = container_of(keyconf, struct ieee80211_key, conf);
944
945 switch (key->conf.cipher) {
946 case WLAN_CIPHER_SUITE_TKIP:
947 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
948 return;
949 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32;
950 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
951 break;
952 case WLAN_CIPHER_SUITE_CCMP:
953 case WLAN_CIPHER_SUITE_CCMP_256:
954 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
955 return;
956 if (tid < 0)
957 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
958 else
959 pn = key->u.ccmp.rx_pn[tid];
960 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
961 break;
962 case WLAN_CIPHER_SUITE_AES_CMAC:
963 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
964 if (WARN_ON(tid != 0))
965 return;
966 pn = key->u.aes_cmac.rx_pn;
967 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
968 break;
969 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
970 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
971 if (WARN_ON(tid != 0))
972 return;
973 pn = key->u.aes_gmac.rx_pn;
974 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN);
975 break;
976 case WLAN_CIPHER_SUITE_GCMP:
977 case WLAN_CIPHER_SUITE_GCMP_256:
978 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
979 return;
980 if (tid < 0)
981 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
982 else
983 pn = key->u.gcmp.rx_pn[tid];
984 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN);
985 break;
986 }
987}
988EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
989
990void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
991 int tid, struct ieee80211_key_seq *seq)
992{
993 struct ieee80211_key *key;
994 u8 *pn;
995
996 key = container_of(keyconf, struct ieee80211_key, conf);
997
998 switch (key->conf.cipher) {
999 case WLAN_CIPHER_SUITE_TKIP:
1000 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1001 return;
1002 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32;
1003 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
1004 break;
1005 case WLAN_CIPHER_SUITE_CCMP:
1006 case WLAN_CIPHER_SUITE_CCMP_256:
1007 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1008 return;
1009 if (tid < 0)
1010 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1011 else
1012 pn = key->u.ccmp.rx_pn[tid];
1013 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
1014 break;
1015 case WLAN_CIPHER_SUITE_AES_CMAC:
1016 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1017 if (WARN_ON(tid != 0))
1018 return;
1019 pn = key->u.aes_cmac.rx_pn;
1020 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
1021 break;
1022 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1023 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1024 if (WARN_ON(tid != 0))
1025 return;
1026 pn = key->u.aes_gmac.rx_pn;
1027 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN);
1028 break;
1029 case WLAN_CIPHER_SUITE_GCMP:
1030 case WLAN_CIPHER_SUITE_GCMP_256:
1031 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1032 return;
1033 if (tid < 0)
1034 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1035 else
1036 pn = key->u.gcmp.rx_pn[tid];
1037 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN);
1038 break;
1039 default:
1040 WARN_ON(1);
1041 break;
1042 }
1043}
1044EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq);
1045
1046void ieee80211_remove_key(struct ieee80211_key_conf *keyconf)
1047{
1048 struct ieee80211_key *key;
1049
1050 key = container_of(keyconf, struct ieee80211_key, conf);
1051
1052 assert_key_lock(key->local);
1053
1054 /*
1055 * if key was uploaded, we assume the driver will/has remove(d)
1056 * it, so adjust bookkeeping accordingly
1057 */
1058 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
1059 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
1060
1061 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
1062 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
1063 increment_tailroom_need_count(key->sdata);
1064 }
1065
1066 ieee80211_key_free(key, false);
1067}
1068EXPORT_SYMBOL_GPL(ieee80211_remove_key);
1069
1070struct ieee80211_key_conf *
1071ieee80211_gtk_rekey_add(struct ieee80211_vif *vif,
1072 struct ieee80211_key_conf *keyconf)
1073{
1074 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1075 struct ieee80211_local *local = sdata->local;
1076 struct ieee80211_key *key;
1077 int err;
1078
1079 if (WARN_ON(!local->wowlan))
1080 return ERR_PTR(-EINVAL);
1081
1082 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
1083 return ERR_PTR(-EINVAL);
1084
1085 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx,
1086 keyconf->keylen, keyconf->key,
1087 0, NULL, NULL);
1088 if (IS_ERR(key))
1089 return ERR_CAST(key);
1090
1091 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
1092 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
1093
1094 err = ieee80211_key_link(key, sdata, NULL);
1095 if (err)
1096 return ERR_PTR(err);
1097
1098 return &key->conf;
1099}
1100EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add);
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
6 * Copyright 2013-2014 Intel Mobile Communications GmbH
7 * Copyright 2015-2017 Intel Deutschland GmbH
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
12 */
13
14#include <linux/if_ether.h>
15#include <linux/etherdevice.h>
16#include <linux/list.h>
17#include <linux/rcupdate.h>
18#include <linux/rtnetlink.h>
19#include <linux/slab.h>
20#include <linux/export.h>
21#include <net/mac80211.h>
22#include <crypto/algapi.h>
23#include <asm/unaligned.h>
24#include "ieee80211_i.h"
25#include "driver-ops.h"
26#include "debugfs_key.h"
27#include "aes_ccm.h"
28#include "aes_cmac.h"
29#include "aes_gmac.h"
30#include "aes_gcm.h"
31
32
33/**
34 * DOC: Key handling basics
35 *
36 * Key handling in mac80211 is done based on per-interface (sub_if_data)
37 * keys and per-station keys. Since each station belongs to an interface,
38 * each station key also belongs to that interface.
39 *
40 * Hardware acceleration is done on a best-effort basis for algorithms
41 * that are implemented in software, for each key the hardware is asked
42 * to enable that key for offloading but if it cannot do that the key is
43 * simply kept for software encryption (unless it is for an algorithm
44 * that isn't implemented in software).
45 * There is currently no way of knowing whether a key is handled in SW
46 * or HW except by looking into debugfs.
47 *
48 * All key management is internally protected by a mutex. Within all
49 * other parts of mac80211, key references are, just as STA structure
50 * references, protected by RCU. Note, however, that some things are
51 * unprotected, namely the key->sta dereferences within the hardware
52 * acceleration functions. This means that sta_info_destroy() must
53 * remove the key which waits for an RCU grace period.
54 */
55
56static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
57
58static void assert_key_lock(struct ieee80211_local *local)
59{
60 lockdep_assert_held(&local->key_mtx);
61}
62
63static void
64update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta)
65{
66 struct ieee80211_sub_if_data *vlan;
67
68 if (sdata->vif.type != NL80211_IFTYPE_AP)
69 return;
70
71 /* crypto_tx_tailroom_needed_cnt is protected by this */
72 assert_key_lock(sdata->local);
73
74 rcu_read_lock();
75
76 list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list)
77 vlan->crypto_tx_tailroom_needed_cnt += delta;
78
79 rcu_read_unlock();
80}
81
82static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
83{
84 /*
85 * When this count is zero, SKB resizing for allocating tailroom
86 * for IV or MMIC is skipped. But, this check has created two race
87 * cases in xmit path while transiting from zero count to one:
88 *
89 * 1. SKB resize was skipped because no key was added but just before
90 * the xmit key is added and SW encryption kicks off.
91 *
92 * 2. SKB resize was skipped because all the keys were hw planted but
93 * just before xmit one of the key is deleted and SW encryption kicks
94 * off.
95 *
96 * In both the above case SW encryption will find not enough space for
97 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
98 *
99 * Solution has been explained at
100 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
101 */
102
103 assert_key_lock(sdata->local);
104
105 update_vlan_tailroom_need_count(sdata, 1);
106
107 if (!sdata->crypto_tx_tailroom_needed_cnt++) {
108 /*
109 * Flush all XMIT packets currently using HW encryption or no
110 * encryption at all if the count transition is from 0 -> 1.
111 */
112 synchronize_net();
113 }
114}
115
116static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata,
117 int delta)
118{
119 assert_key_lock(sdata->local);
120
121 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta);
122
123 update_vlan_tailroom_need_count(sdata, -delta);
124 sdata->crypto_tx_tailroom_needed_cnt -= delta;
125}
126
127static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
128{
129 struct ieee80211_sub_if_data *sdata = key->sdata;
130 struct sta_info *sta;
131 int ret = -EOPNOTSUPP;
132
133 might_sleep();
134
135 if (key->flags & KEY_FLAG_TAINTED) {
136 /* If we get here, it's during resume and the key is
137 * tainted so shouldn't be used/programmed any more.
138 * However, its flags may still indicate that it was
139 * programmed into the device (since we're in resume)
140 * so clear that flag now to avoid trying to remove
141 * it again later.
142 */
143 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
144 return -EINVAL;
145 }
146
147 if (!key->local->ops->set_key)
148 goto out_unsupported;
149
150 assert_key_lock(key->local);
151
152 sta = key->sta;
153
154 /*
155 * If this is a per-STA GTK, check if it
156 * is supported; if not, return.
157 */
158 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) &&
159 !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK))
160 goto out_unsupported;
161
162 if (sta && !sta->uploaded)
163 goto out_unsupported;
164
165 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
166 /*
167 * The driver doesn't know anything about VLAN interfaces.
168 * Hence, don't send GTKs for VLAN interfaces to the driver.
169 */
170 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE))
171 goto out_unsupported;
172 }
173
174 ret = drv_set_key(key->local, SET_KEY, sdata,
175 sta ? &sta->sta : NULL, &key->conf);
176
177 if (!ret) {
178 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
179
180 if (!((key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
181 IEEE80211_KEY_FLAG_PUT_MIC_SPACE)) ||
182 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
183 decrease_tailroom_need_count(sdata, 1);
184
185 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
186 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV));
187
188 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_MIC_SPACE) &&
189 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC));
190
191 return 0;
192 }
193
194 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1)
195 sdata_err(sdata,
196 "failed to set key (%d, %pM) to hardware (%d)\n",
197 key->conf.keyidx,
198 sta ? sta->sta.addr : bcast_addr, ret);
199
200 out_unsupported:
201 switch (key->conf.cipher) {
202 case WLAN_CIPHER_SUITE_WEP40:
203 case WLAN_CIPHER_SUITE_WEP104:
204 case WLAN_CIPHER_SUITE_TKIP:
205 case WLAN_CIPHER_SUITE_CCMP:
206 case WLAN_CIPHER_SUITE_CCMP_256:
207 case WLAN_CIPHER_SUITE_AES_CMAC:
208 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
209 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
210 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
211 case WLAN_CIPHER_SUITE_GCMP:
212 case WLAN_CIPHER_SUITE_GCMP_256:
213 /* all of these we can do in software - if driver can */
214 if (ret == 1)
215 return 0;
216 if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL)) {
217 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
218 return 0;
219 return -EINVAL;
220 }
221 return 0;
222 default:
223 return -EINVAL;
224 }
225}
226
227static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
228{
229 struct ieee80211_sub_if_data *sdata;
230 struct sta_info *sta;
231 int ret;
232
233 might_sleep();
234
235 if (!key || !key->local->ops->set_key)
236 return;
237
238 assert_key_lock(key->local);
239
240 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
241 return;
242
243 sta = key->sta;
244 sdata = key->sdata;
245
246 if (!((key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
247 IEEE80211_KEY_FLAG_PUT_MIC_SPACE)) ||
248 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
249 increment_tailroom_need_count(sdata);
250
251 ret = drv_set_key(key->local, DISABLE_KEY, sdata,
252 sta ? &sta->sta : NULL, &key->conf);
253
254 if (ret)
255 sdata_err(sdata,
256 "failed to remove key (%d, %pM) from hardware (%d)\n",
257 key->conf.keyidx,
258 sta ? sta->sta.addr : bcast_addr, ret);
259
260 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
261}
262
263static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
264 int idx, bool uni, bool multi)
265{
266 struct ieee80211_key *key = NULL;
267
268 assert_key_lock(sdata->local);
269
270 if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
271 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
272
273 if (uni) {
274 rcu_assign_pointer(sdata->default_unicast_key, key);
275 ieee80211_check_fast_xmit_iface(sdata);
276 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN)
277 drv_set_default_unicast_key(sdata->local, sdata, idx);
278 }
279
280 if (multi)
281 rcu_assign_pointer(sdata->default_multicast_key, key);
282
283 ieee80211_debugfs_key_update_default(sdata);
284}
285
286void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
287 bool uni, bool multi)
288{
289 mutex_lock(&sdata->local->key_mtx);
290 __ieee80211_set_default_key(sdata, idx, uni, multi);
291 mutex_unlock(&sdata->local->key_mtx);
292}
293
294static void
295__ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
296{
297 struct ieee80211_key *key = NULL;
298
299 assert_key_lock(sdata->local);
300
301 if (idx >= NUM_DEFAULT_KEYS &&
302 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
303 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
304
305 rcu_assign_pointer(sdata->default_mgmt_key, key);
306
307 ieee80211_debugfs_key_update_default(sdata);
308}
309
310void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
311 int idx)
312{
313 mutex_lock(&sdata->local->key_mtx);
314 __ieee80211_set_default_mgmt_key(sdata, idx);
315 mutex_unlock(&sdata->local->key_mtx);
316}
317
318
319static void ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
320 struct sta_info *sta,
321 bool pairwise,
322 struct ieee80211_key *old,
323 struct ieee80211_key *new)
324{
325 int idx;
326 bool defunikey, defmultikey, defmgmtkey;
327
328 /* caller must provide at least one old/new */
329 if (WARN_ON(!new && !old))
330 return;
331
332 if (new)
333 list_add_tail_rcu(&new->list, &sdata->key_list);
334
335 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
336
337 if (old)
338 idx = old->conf.keyidx;
339 else
340 idx = new->conf.keyidx;
341
342 if (sta) {
343 if (pairwise) {
344 rcu_assign_pointer(sta->ptk[idx], new);
345 sta->ptk_idx = idx;
346 ieee80211_check_fast_xmit(sta);
347 } else {
348 rcu_assign_pointer(sta->gtk[idx], new);
349 }
350 ieee80211_check_fast_rx(sta);
351 } else {
352 defunikey = old &&
353 old == key_mtx_dereference(sdata->local,
354 sdata->default_unicast_key);
355 defmultikey = old &&
356 old == key_mtx_dereference(sdata->local,
357 sdata->default_multicast_key);
358 defmgmtkey = old &&
359 old == key_mtx_dereference(sdata->local,
360 sdata->default_mgmt_key);
361
362 if (defunikey && !new)
363 __ieee80211_set_default_key(sdata, -1, true, false);
364 if (defmultikey && !new)
365 __ieee80211_set_default_key(sdata, -1, false, true);
366 if (defmgmtkey && !new)
367 __ieee80211_set_default_mgmt_key(sdata, -1);
368
369 rcu_assign_pointer(sdata->keys[idx], new);
370 if (defunikey && new)
371 __ieee80211_set_default_key(sdata, new->conf.keyidx,
372 true, false);
373 if (defmultikey && new)
374 __ieee80211_set_default_key(sdata, new->conf.keyidx,
375 false, true);
376 if (defmgmtkey && new)
377 __ieee80211_set_default_mgmt_key(sdata,
378 new->conf.keyidx);
379 }
380
381 if (old)
382 list_del_rcu(&old->list);
383}
384
385struct ieee80211_key *
386ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
387 const u8 *key_data,
388 size_t seq_len, const u8 *seq,
389 const struct ieee80211_cipher_scheme *cs)
390{
391 struct ieee80211_key *key;
392 int i, j, err;
393
394 if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS))
395 return ERR_PTR(-EINVAL);
396
397 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
398 if (!key)
399 return ERR_PTR(-ENOMEM);
400
401 /*
402 * Default to software encryption; we'll later upload the
403 * key to the hardware if possible.
404 */
405 key->conf.flags = 0;
406 key->flags = 0;
407
408 key->conf.cipher = cipher;
409 key->conf.keyidx = idx;
410 key->conf.keylen = key_len;
411 switch (cipher) {
412 case WLAN_CIPHER_SUITE_WEP40:
413 case WLAN_CIPHER_SUITE_WEP104:
414 key->conf.iv_len = IEEE80211_WEP_IV_LEN;
415 key->conf.icv_len = IEEE80211_WEP_ICV_LEN;
416 break;
417 case WLAN_CIPHER_SUITE_TKIP:
418 key->conf.iv_len = IEEE80211_TKIP_IV_LEN;
419 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN;
420 if (seq) {
421 for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
422 key->u.tkip.rx[i].iv32 =
423 get_unaligned_le32(&seq[2]);
424 key->u.tkip.rx[i].iv16 =
425 get_unaligned_le16(seq);
426 }
427 }
428 spin_lock_init(&key->u.tkip.txlock);
429 break;
430 case WLAN_CIPHER_SUITE_CCMP:
431 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN;
432 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN;
433 if (seq) {
434 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
435 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++)
436 key->u.ccmp.rx_pn[i][j] =
437 seq[IEEE80211_CCMP_PN_LEN - j - 1];
438 }
439 /*
440 * Initialize AES key state here as an optimization so that
441 * it does not need to be initialized for every packet.
442 */
443 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
444 key_data, key_len, IEEE80211_CCMP_MIC_LEN);
445 if (IS_ERR(key->u.ccmp.tfm)) {
446 err = PTR_ERR(key->u.ccmp.tfm);
447 kfree(key);
448 return ERR_PTR(err);
449 }
450 break;
451 case WLAN_CIPHER_SUITE_CCMP_256:
452 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN;
453 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN;
454 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
455 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++)
456 key->u.ccmp.rx_pn[i][j] =
457 seq[IEEE80211_CCMP_256_PN_LEN - j - 1];
458 /* Initialize AES key state here as an optimization so that
459 * it does not need to be initialized for every packet.
460 */
461 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
462 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN);
463 if (IS_ERR(key->u.ccmp.tfm)) {
464 err = PTR_ERR(key->u.ccmp.tfm);
465 kfree(key);
466 return ERR_PTR(err);
467 }
468 break;
469 case WLAN_CIPHER_SUITE_AES_CMAC:
470 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
471 key->conf.iv_len = 0;
472 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC)
473 key->conf.icv_len = sizeof(struct ieee80211_mmie);
474 else
475 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
476 if (seq)
477 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
478 key->u.aes_cmac.rx_pn[j] =
479 seq[IEEE80211_CMAC_PN_LEN - j - 1];
480 /*
481 * Initialize AES key state here as an optimization so that
482 * it does not need to be initialized for every packet.
483 */
484 key->u.aes_cmac.tfm =
485 ieee80211_aes_cmac_key_setup(key_data, key_len);
486 if (IS_ERR(key->u.aes_cmac.tfm)) {
487 err = PTR_ERR(key->u.aes_cmac.tfm);
488 kfree(key);
489 return ERR_PTR(err);
490 }
491 break;
492 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
493 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
494 key->conf.iv_len = 0;
495 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
496 if (seq)
497 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++)
498 key->u.aes_gmac.rx_pn[j] =
499 seq[IEEE80211_GMAC_PN_LEN - j - 1];
500 /* Initialize AES key state here as an optimization so that
501 * it does not need to be initialized for every packet.
502 */
503 key->u.aes_gmac.tfm =
504 ieee80211_aes_gmac_key_setup(key_data, key_len);
505 if (IS_ERR(key->u.aes_gmac.tfm)) {
506 err = PTR_ERR(key->u.aes_gmac.tfm);
507 kfree(key);
508 return ERR_PTR(err);
509 }
510 break;
511 case WLAN_CIPHER_SUITE_GCMP:
512 case WLAN_CIPHER_SUITE_GCMP_256:
513 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN;
514 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN;
515 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
516 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++)
517 key->u.gcmp.rx_pn[i][j] =
518 seq[IEEE80211_GCMP_PN_LEN - j - 1];
519 /* Initialize AES key state here as an optimization so that
520 * it does not need to be initialized for every packet.
521 */
522 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data,
523 key_len);
524 if (IS_ERR(key->u.gcmp.tfm)) {
525 err = PTR_ERR(key->u.gcmp.tfm);
526 kfree(key);
527 return ERR_PTR(err);
528 }
529 break;
530 default:
531 if (cs) {
532 if (seq_len && seq_len != cs->pn_len) {
533 kfree(key);
534 return ERR_PTR(-EINVAL);
535 }
536
537 key->conf.iv_len = cs->hdr_len;
538 key->conf.icv_len = cs->mic_len;
539 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
540 for (j = 0; j < seq_len; j++)
541 key->u.gen.rx_pn[i][j] =
542 seq[seq_len - j - 1];
543 key->flags |= KEY_FLAG_CIPHER_SCHEME;
544 }
545 }
546 memcpy(key->conf.key, key_data, key_len);
547 INIT_LIST_HEAD(&key->list);
548
549 return key;
550}
551
552static void ieee80211_key_free_common(struct ieee80211_key *key)
553{
554 switch (key->conf.cipher) {
555 case WLAN_CIPHER_SUITE_CCMP:
556 case WLAN_CIPHER_SUITE_CCMP_256:
557 ieee80211_aes_key_free(key->u.ccmp.tfm);
558 break;
559 case WLAN_CIPHER_SUITE_AES_CMAC:
560 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
561 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
562 break;
563 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
564 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
565 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm);
566 break;
567 case WLAN_CIPHER_SUITE_GCMP:
568 case WLAN_CIPHER_SUITE_GCMP_256:
569 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm);
570 break;
571 }
572 kzfree(key);
573}
574
575static void __ieee80211_key_destroy(struct ieee80211_key *key,
576 bool delay_tailroom)
577{
578 if (key->local)
579 ieee80211_key_disable_hw_accel(key);
580
581 if (key->local) {
582 struct ieee80211_sub_if_data *sdata = key->sdata;
583
584 ieee80211_debugfs_key_remove(key);
585
586 if (delay_tailroom) {
587 /* see ieee80211_delayed_tailroom_dec */
588 sdata->crypto_tx_tailroom_pending_dec++;
589 schedule_delayed_work(&sdata->dec_tailroom_needed_wk,
590 HZ/2);
591 } else {
592 decrease_tailroom_need_count(sdata, 1);
593 }
594 }
595
596 ieee80211_key_free_common(key);
597}
598
599static void ieee80211_key_destroy(struct ieee80211_key *key,
600 bool delay_tailroom)
601{
602 if (!key)
603 return;
604
605 /*
606 * Synchronize so the TX path and rcu key iterators
607 * can no longer be using this key before we free/remove it.
608 */
609 synchronize_net();
610
611 __ieee80211_key_destroy(key, delay_tailroom);
612}
613
614void ieee80211_key_free_unused(struct ieee80211_key *key)
615{
616 WARN_ON(key->sdata || key->local);
617 ieee80211_key_free_common(key);
618}
619
620static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata,
621 struct ieee80211_key *old,
622 struct ieee80211_key *new)
623{
624 u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP];
625 u8 *tk_old, *tk_new;
626
627 if (!old || new->conf.keylen != old->conf.keylen)
628 return false;
629
630 tk_old = old->conf.key;
631 tk_new = new->conf.key;
632
633 /*
634 * In station mode, don't compare the TX MIC key, as it's never used
635 * and offloaded rekeying may not care to send it to the host. This
636 * is the case in iwlwifi, for example.
637 */
638 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
639 new->conf.cipher == WLAN_CIPHER_SUITE_TKIP &&
640 new->conf.keylen == WLAN_KEY_LEN_TKIP &&
641 !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
642 memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP);
643 memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP);
644 memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
645 memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
646 tk_old = tkip_old;
647 tk_new = tkip_new;
648 }
649
650 return !crypto_memneq(tk_old, tk_new, new->conf.keylen);
651}
652
653int ieee80211_key_link(struct ieee80211_key *key,
654 struct ieee80211_sub_if_data *sdata,
655 struct sta_info *sta)
656{
657 struct ieee80211_local *local = sdata->local;
658 struct ieee80211_key *old_key;
659 int idx, ret;
660 bool pairwise;
661
662 pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
663 idx = key->conf.keyidx;
664
665 mutex_lock(&sdata->local->key_mtx);
666
667 if (sta && pairwise)
668 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]);
669 else if (sta)
670 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]);
671 else
672 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
673
674 /*
675 * Silently accept key re-installation without really installing the
676 * new version of the key to avoid nonce reuse or replay issues.
677 */
678 if (ieee80211_key_identical(sdata, old_key, key)) {
679 ieee80211_key_free_unused(key);
680 ret = 0;
681 goto out;
682 }
683
684 key->local = sdata->local;
685 key->sdata = sdata;
686 key->sta = sta;
687
688 increment_tailroom_need_count(sdata);
689
690 ieee80211_key_replace(sdata, sta, pairwise, old_key, key);
691 ieee80211_key_destroy(old_key, true);
692
693 ieee80211_debugfs_key_add(key);
694
695 if (!local->wowlan) {
696 ret = ieee80211_key_enable_hw_accel(key);
697 if (ret)
698 ieee80211_key_free(key, true);
699 } else {
700 ret = 0;
701 }
702
703 out:
704 mutex_unlock(&sdata->local->key_mtx);
705
706 return ret;
707}
708
709void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom)
710{
711 if (!key)
712 return;
713
714 /*
715 * Replace key with nothingness if it was ever used.
716 */
717 if (key->sdata)
718 ieee80211_key_replace(key->sdata, key->sta,
719 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
720 key, NULL);
721 ieee80211_key_destroy(key, delay_tailroom);
722}
723
724void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata)
725{
726 struct ieee80211_key *key;
727 struct ieee80211_sub_if_data *vlan;
728
729 ASSERT_RTNL();
730
731 if (WARN_ON(!ieee80211_sdata_running(sdata)))
732 return;
733
734 mutex_lock(&sdata->local->key_mtx);
735
736 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
737 sdata->crypto_tx_tailroom_pending_dec);
738
739 if (sdata->vif.type == NL80211_IFTYPE_AP) {
740 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
741 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
742 vlan->crypto_tx_tailroom_pending_dec);
743 }
744
745 list_for_each_entry(key, &sdata->key_list, list) {
746 increment_tailroom_need_count(sdata);
747 ieee80211_key_enable_hw_accel(key);
748 }
749
750 mutex_unlock(&sdata->local->key_mtx);
751}
752
753void ieee80211_reset_crypto_tx_tailroom(struct ieee80211_sub_if_data *sdata)
754{
755 struct ieee80211_sub_if_data *vlan;
756
757 mutex_lock(&sdata->local->key_mtx);
758
759 sdata->crypto_tx_tailroom_needed_cnt = 0;
760
761 if (sdata->vif.type == NL80211_IFTYPE_AP) {
762 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
763 vlan->crypto_tx_tailroom_needed_cnt = 0;
764 }
765
766 mutex_unlock(&sdata->local->key_mtx);
767}
768
769void ieee80211_iter_keys(struct ieee80211_hw *hw,
770 struct ieee80211_vif *vif,
771 void (*iter)(struct ieee80211_hw *hw,
772 struct ieee80211_vif *vif,
773 struct ieee80211_sta *sta,
774 struct ieee80211_key_conf *key,
775 void *data),
776 void *iter_data)
777{
778 struct ieee80211_local *local = hw_to_local(hw);
779 struct ieee80211_key *key, *tmp;
780 struct ieee80211_sub_if_data *sdata;
781
782 ASSERT_RTNL();
783
784 mutex_lock(&local->key_mtx);
785 if (vif) {
786 sdata = vif_to_sdata(vif);
787 list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
788 iter(hw, &sdata->vif,
789 key->sta ? &key->sta->sta : NULL,
790 &key->conf, iter_data);
791 } else {
792 list_for_each_entry(sdata, &local->interfaces, list)
793 list_for_each_entry_safe(key, tmp,
794 &sdata->key_list, list)
795 iter(hw, &sdata->vif,
796 key->sta ? &key->sta->sta : NULL,
797 &key->conf, iter_data);
798 }
799 mutex_unlock(&local->key_mtx);
800}
801EXPORT_SYMBOL(ieee80211_iter_keys);
802
803static void
804_ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
805 struct ieee80211_sub_if_data *sdata,
806 void (*iter)(struct ieee80211_hw *hw,
807 struct ieee80211_vif *vif,
808 struct ieee80211_sta *sta,
809 struct ieee80211_key_conf *key,
810 void *data),
811 void *iter_data)
812{
813 struct ieee80211_key *key;
814
815 list_for_each_entry_rcu(key, &sdata->key_list, list) {
816 /* skip keys of station in removal process */
817 if (key->sta && key->sta->removed)
818 continue;
819 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
820 continue;
821
822 iter(hw, &sdata->vif,
823 key->sta ? &key->sta->sta : NULL,
824 &key->conf, iter_data);
825 }
826}
827
828void ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
829 struct ieee80211_vif *vif,
830 void (*iter)(struct ieee80211_hw *hw,
831 struct ieee80211_vif *vif,
832 struct ieee80211_sta *sta,
833 struct ieee80211_key_conf *key,
834 void *data),
835 void *iter_data)
836{
837 struct ieee80211_local *local = hw_to_local(hw);
838 struct ieee80211_sub_if_data *sdata;
839
840 if (vif) {
841 sdata = vif_to_sdata(vif);
842 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
843 } else {
844 list_for_each_entry_rcu(sdata, &local->interfaces, list)
845 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
846 }
847}
848EXPORT_SYMBOL(ieee80211_iter_keys_rcu);
849
850static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata,
851 struct list_head *keys)
852{
853 struct ieee80211_key *key, *tmp;
854
855 decrease_tailroom_need_count(sdata,
856 sdata->crypto_tx_tailroom_pending_dec);
857 sdata->crypto_tx_tailroom_pending_dec = 0;
858
859 ieee80211_debugfs_key_remove_mgmt_default(sdata);
860
861 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) {
862 ieee80211_key_replace(key->sdata, key->sta,
863 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
864 key, NULL);
865 list_add_tail(&key->list, keys);
866 }
867
868 ieee80211_debugfs_key_update_default(sdata);
869}
870
871void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata,
872 bool force_synchronize)
873{
874 struct ieee80211_local *local = sdata->local;
875 struct ieee80211_sub_if_data *vlan;
876 struct ieee80211_sub_if_data *master;
877 struct ieee80211_key *key, *tmp;
878 LIST_HEAD(keys);
879
880 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk);
881
882 mutex_lock(&local->key_mtx);
883
884 ieee80211_free_keys_iface(sdata, &keys);
885
886 if (sdata->vif.type == NL80211_IFTYPE_AP) {
887 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
888 ieee80211_free_keys_iface(vlan, &keys);
889 }
890
891 if (!list_empty(&keys) || force_synchronize)
892 synchronize_net();
893 list_for_each_entry_safe(key, tmp, &keys, list)
894 __ieee80211_key_destroy(key, false);
895
896 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
897 if (sdata->bss) {
898 master = container_of(sdata->bss,
899 struct ieee80211_sub_if_data,
900 u.ap);
901
902 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt !=
903 master->crypto_tx_tailroom_needed_cnt);
904 }
905 } else {
906 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
907 sdata->crypto_tx_tailroom_pending_dec);
908 }
909
910 if (sdata->vif.type == NL80211_IFTYPE_AP) {
911 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
912 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
913 vlan->crypto_tx_tailroom_pending_dec);
914 }
915
916 mutex_unlock(&local->key_mtx);
917}
918
919void ieee80211_free_sta_keys(struct ieee80211_local *local,
920 struct sta_info *sta)
921{
922 struct ieee80211_key *key;
923 int i;
924
925 mutex_lock(&local->key_mtx);
926 for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) {
927 key = key_mtx_dereference(local, sta->gtk[i]);
928 if (!key)
929 continue;
930 ieee80211_key_replace(key->sdata, key->sta,
931 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
932 key, NULL);
933 __ieee80211_key_destroy(key, true);
934 }
935
936 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
937 key = key_mtx_dereference(local, sta->ptk[i]);
938 if (!key)
939 continue;
940 ieee80211_key_replace(key->sdata, key->sta,
941 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
942 key, NULL);
943 __ieee80211_key_destroy(key, true);
944 }
945
946 mutex_unlock(&local->key_mtx);
947}
948
949void ieee80211_delayed_tailroom_dec(struct work_struct *wk)
950{
951 struct ieee80211_sub_if_data *sdata;
952
953 sdata = container_of(wk, struct ieee80211_sub_if_data,
954 dec_tailroom_needed_wk.work);
955
956 /*
957 * The reason for the delayed tailroom needed decrementing is to
958 * make roaming faster: during roaming, all keys are first deleted
959 * and then new keys are installed. The first new key causes the
960 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes
961 * the cost of synchronize_net() (which can be slow). Avoid this
962 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on
963 * key removal for a while, so if we roam the value is larger than
964 * zero and no 0->1 transition happens.
965 *
966 * The cost is that if the AP switching was from an AP with keys
967 * to one without, we still allocate tailroom while it would no
968 * longer be needed. However, in the typical (fast) roaming case
969 * within an ESS this usually won't happen.
970 */
971
972 mutex_lock(&sdata->local->key_mtx);
973 decrease_tailroom_need_count(sdata,
974 sdata->crypto_tx_tailroom_pending_dec);
975 sdata->crypto_tx_tailroom_pending_dec = 0;
976 mutex_unlock(&sdata->local->key_mtx);
977}
978
979void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid,
980 const u8 *replay_ctr, gfp_t gfp)
981{
982 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
983
984 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr);
985
986 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp);
987}
988EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify);
989
990void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
991 int tid, struct ieee80211_key_seq *seq)
992{
993 struct ieee80211_key *key;
994 const u8 *pn;
995
996 key = container_of(keyconf, struct ieee80211_key, conf);
997
998 switch (key->conf.cipher) {
999 case WLAN_CIPHER_SUITE_TKIP:
1000 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1001 return;
1002 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32;
1003 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
1004 break;
1005 case WLAN_CIPHER_SUITE_CCMP:
1006 case WLAN_CIPHER_SUITE_CCMP_256:
1007 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1008 return;
1009 if (tid < 0)
1010 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1011 else
1012 pn = key->u.ccmp.rx_pn[tid];
1013 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
1014 break;
1015 case WLAN_CIPHER_SUITE_AES_CMAC:
1016 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1017 if (WARN_ON(tid != 0))
1018 return;
1019 pn = key->u.aes_cmac.rx_pn;
1020 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
1021 break;
1022 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1023 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1024 if (WARN_ON(tid != 0))
1025 return;
1026 pn = key->u.aes_gmac.rx_pn;
1027 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN);
1028 break;
1029 case WLAN_CIPHER_SUITE_GCMP:
1030 case WLAN_CIPHER_SUITE_GCMP_256:
1031 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1032 return;
1033 if (tid < 0)
1034 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1035 else
1036 pn = key->u.gcmp.rx_pn[tid];
1037 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN);
1038 break;
1039 }
1040}
1041EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
1042
1043void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
1044 int tid, struct ieee80211_key_seq *seq)
1045{
1046 struct ieee80211_key *key;
1047 u8 *pn;
1048
1049 key = container_of(keyconf, struct ieee80211_key, conf);
1050
1051 switch (key->conf.cipher) {
1052 case WLAN_CIPHER_SUITE_TKIP:
1053 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1054 return;
1055 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32;
1056 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
1057 break;
1058 case WLAN_CIPHER_SUITE_CCMP:
1059 case WLAN_CIPHER_SUITE_CCMP_256:
1060 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1061 return;
1062 if (tid < 0)
1063 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1064 else
1065 pn = key->u.ccmp.rx_pn[tid];
1066 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
1067 break;
1068 case WLAN_CIPHER_SUITE_AES_CMAC:
1069 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1070 if (WARN_ON(tid != 0))
1071 return;
1072 pn = key->u.aes_cmac.rx_pn;
1073 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
1074 break;
1075 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1076 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1077 if (WARN_ON(tid != 0))
1078 return;
1079 pn = key->u.aes_gmac.rx_pn;
1080 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN);
1081 break;
1082 case WLAN_CIPHER_SUITE_GCMP:
1083 case WLAN_CIPHER_SUITE_GCMP_256:
1084 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1085 return;
1086 if (tid < 0)
1087 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1088 else
1089 pn = key->u.gcmp.rx_pn[tid];
1090 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN);
1091 break;
1092 default:
1093 WARN_ON(1);
1094 break;
1095 }
1096}
1097EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq);
1098
1099void ieee80211_remove_key(struct ieee80211_key_conf *keyconf)
1100{
1101 struct ieee80211_key *key;
1102
1103 key = container_of(keyconf, struct ieee80211_key, conf);
1104
1105 assert_key_lock(key->local);
1106
1107 /*
1108 * if key was uploaded, we assume the driver will/has remove(d)
1109 * it, so adjust bookkeeping accordingly
1110 */
1111 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
1112 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
1113
1114 if (!((key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
1115 IEEE80211_KEY_FLAG_PUT_MIC_SPACE)) ||
1116 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
1117 increment_tailroom_need_count(key->sdata);
1118 }
1119
1120 ieee80211_key_free(key, false);
1121}
1122EXPORT_SYMBOL_GPL(ieee80211_remove_key);
1123
1124struct ieee80211_key_conf *
1125ieee80211_gtk_rekey_add(struct ieee80211_vif *vif,
1126 struct ieee80211_key_conf *keyconf)
1127{
1128 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1129 struct ieee80211_local *local = sdata->local;
1130 struct ieee80211_key *key;
1131 int err;
1132
1133 if (WARN_ON(!local->wowlan))
1134 return ERR_PTR(-EINVAL);
1135
1136 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
1137 return ERR_PTR(-EINVAL);
1138
1139 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx,
1140 keyconf->keylen, keyconf->key,
1141 0, NULL, NULL);
1142 if (IS_ERR(key))
1143 return ERR_CAST(key);
1144
1145 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
1146 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
1147
1148 err = ieee80211_key_link(key, sdata, NULL);
1149 if (err)
1150 return ERR_PTR(err);
1151
1152 return &key->conf;
1153}
1154EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add);