2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
6 * Copyright 2013-2014 Intel Mobile Communications GmbH
7 * Copyright 2015-2017 Intel Deutschland GmbH
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
14 #include <linux/if_ether.h>
15 #include <linux/etherdevice.h>
16 #include <linux/list.h>
17 #include <linux/rcupdate.h>
18 #include <linux/rtnetlink.h>
19 #include <linux/slab.h>
20 #include <linux/export.h>
21 #include <net/mac80211.h>
22 #include <crypto/algapi.h>
23 #include <asm/unaligned.h>
24 #include "ieee80211_i.h"
25 #include "driver-ops.h"
26 #include "debugfs_key.h"
34 * DOC: Key handling basics
36 * Key handling in mac80211 is done based on per-interface (sub_if_data)
37 * keys and per-station keys. Since each station belongs to an interface,
38 * each station key also belongs to that interface.
40 * Hardware acceleration is done on a best-effort basis for algorithms
41 * that are implemented in software, for each key the hardware is asked
42 * to enable that key for offloading but if it cannot do that the key is
43 * simply kept for software encryption (unless it is for an algorithm
44 * that isn't implemented in software).
45 * There is currently no way of knowing whether a key is handled in SW
46 * or HW except by looking into debugfs.
48 * All key management is internally protected by a mutex. Within all
49 * other parts of mac80211, key references are, just as STA structure
50 * references, protected by RCU. Note, however, that some things are
51 * unprotected, namely the key->sta dereferences within the hardware
52 * acceleration functions. This means that sta_info_destroy() must
53 * remove the key which waits for an RCU grace period.
56 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
58 static void assert_key_lock(struct ieee80211_local *local)
60 lockdep_assert_held(&local->key_mtx);
64 update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta)
66 struct ieee80211_sub_if_data *vlan;
68 if (sdata->vif.type != NL80211_IFTYPE_AP)
71 /* crypto_tx_tailroom_needed_cnt is protected by this */
72 assert_key_lock(sdata->local);
76 list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list)
77 vlan->crypto_tx_tailroom_needed_cnt += delta;
82 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
85 * When this count is zero, SKB resizing for allocating tailroom
86 * for IV or MMIC is skipped. But, this check has created two race
87 * cases in xmit path while transiting from zero count to one:
89 * 1. SKB resize was skipped because no key was added but just before
90 * the xmit key is added and SW encryption kicks off.
92 * 2. SKB resize was skipped because all the keys were hw planted but
93 * just before xmit one of the key is deleted and SW encryption kicks
96 * In both the above case SW encryption will find not enough space for
97 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
99 * Solution has been explained at
100 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
103 assert_key_lock(sdata->local);
105 update_vlan_tailroom_need_count(sdata, 1);
107 if (!sdata->crypto_tx_tailroom_needed_cnt++) {
109 * Flush all XMIT packets currently using HW encryption or no
110 * encryption at all if the count transition is from 0 -> 1.
116 static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata,
119 assert_key_lock(sdata->local);
121 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta);
123 update_vlan_tailroom_need_count(sdata, -delta);
124 sdata->crypto_tx_tailroom_needed_cnt -= delta;
127 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
129 struct ieee80211_sub_if_data *sdata = key->sdata;
130 struct sta_info *sta;
131 int ret = -EOPNOTSUPP;
135 if (key->flags & KEY_FLAG_TAINTED) {
136 /* If we get here, it's during resume and the key is
137 * tainted so shouldn't be used/programmed any more.
138 * However, its flags may still indicate that it was
139 * programmed into the device (since we're in resume)
140 * so clear that flag now to avoid trying to remove
143 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE &&
144 !(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
145 IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
146 IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
147 increment_tailroom_need_count(sdata);
149 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
153 if (!key->local->ops->set_key)
154 goto out_unsupported;
156 assert_key_lock(key->local);
161 * If this is a per-STA GTK, check if it
162 * is supported; if not, return.
164 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) &&
165 !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK))
166 goto out_unsupported;
168 if (sta && !sta->uploaded)
169 goto out_unsupported;
171 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
173 * The driver doesn't know anything about VLAN interfaces.
174 * Hence, don't send GTKs for VLAN interfaces to the driver.
176 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
178 goto out_unsupported;
182 ret = drv_set_key(key->local, SET_KEY, sdata,
183 sta ? &sta->sta : NULL, &key->conf);
186 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
188 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
189 IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
190 IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
191 decrease_tailroom_need_count(sdata, 1);
193 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
194 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV));
196 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_MIC_SPACE) &&
197 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC));
202 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1)
204 "failed to set key (%d, %pM) to hardware (%d)\n",
206 sta ? sta->sta.addr : bcast_addr, ret);
209 switch (key->conf.cipher) {
210 case WLAN_CIPHER_SUITE_WEP40:
211 case WLAN_CIPHER_SUITE_WEP104:
212 case WLAN_CIPHER_SUITE_TKIP:
213 case WLAN_CIPHER_SUITE_CCMP:
214 case WLAN_CIPHER_SUITE_CCMP_256:
215 case WLAN_CIPHER_SUITE_AES_CMAC:
216 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
217 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
218 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
219 case WLAN_CIPHER_SUITE_GCMP:
220 case WLAN_CIPHER_SUITE_GCMP_256:
221 /* all of these we can do in software - if driver can */
224 if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL))
232 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
234 struct ieee80211_sub_if_data *sdata;
235 struct sta_info *sta;
240 if (!key || !key->local->ops->set_key)
243 assert_key_lock(key->local);
245 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
251 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
252 IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
253 IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
254 increment_tailroom_need_count(sdata);
256 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
257 ret = drv_set_key(key->local, DISABLE_KEY, sdata,
258 sta ? &sta->sta : NULL, &key->conf);
262 "failed to remove key (%d, %pM) from hardware (%d)\n",
264 sta ? sta->sta.addr : bcast_addr, ret);
267 int ieee80211_set_tx_key(struct ieee80211_key *key)
269 struct sta_info *sta = key->sta;
270 struct ieee80211_local *local = key->local;
271 struct ieee80211_key *old;
273 assert_key_lock(local);
275 old = key_mtx_dereference(local, sta->ptk[sta->ptk_idx]);
276 sta->ptk_idx = key->conf.keyidx;
277 ieee80211_check_fast_xmit(sta);
282 static int ieee80211_hw_key_replace(struct ieee80211_key *old_key,
283 struct ieee80211_key *new_key,
286 struct ieee80211_sub_if_data *sdata;
287 struct ieee80211_local *local;
288 struct sta_info *sta;
291 /* Aggregation sessions are OK when running on SW crypto.
292 * A broken remote STA may cause issues not observed with HW
295 if (!(old_key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
298 assert_key_lock(old_key->local);
301 /* Unicast rekey without Extended Key ID needs special handling */
302 if (new_key && sta && pairwise &&
303 rcu_access_pointer(sta->ptk[sta->ptk_idx]) == old_key) {
304 local = old_key->local;
305 sdata = old_key->sdata;
307 /* Stop TX till we are on the new key */
308 old_key->flags |= KEY_FLAG_TAINTED;
309 ieee80211_clear_fast_xmit(sta);
311 /* Aggregation sessions during rekey are complicated due to the
312 * reorder buffer and retransmits. Side step that by blocking
313 * aggregation during rekey and tear down running sessions.
315 if (ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION)) {
316 set_sta_flag(sta, WLAN_STA_BLOCK_BA);
317 ieee80211_sta_tear_down_BA_sessions(sta,
318 AGG_STOP_LOCAL_REQUEST);
321 if (!wiphy_ext_feature_isset(local->hw.wiphy,
322 NL80211_EXT_FEATURE_CAN_REPLACE_PTK0)) {
323 pr_warn_ratelimited("Rekeying PTK for STA %pM but driver can't safely do that.",
325 /* Flushing the driver queues *may* help prevent
326 * the clear text leaks and freezes.
328 ieee80211_flush_queues(local, sdata, false);
332 ieee80211_key_disable_hw_accel(old_key);
335 ret = ieee80211_key_enable_hw_accel(new_key);
342 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
343 int idx, bool uni, bool multi)
345 struct ieee80211_key *key = NULL;
347 assert_key_lock(sdata->local);
349 if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
350 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
353 rcu_assign_pointer(sdata->default_unicast_key, key);
354 ieee80211_check_fast_xmit_iface(sdata);
355 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN)
356 drv_set_default_unicast_key(sdata->local, sdata, idx);
360 rcu_assign_pointer(sdata->default_multicast_key, key);
362 ieee80211_debugfs_key_update_default(sdata);
365 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
366 bool uni, bool multi)
368 mutex_lock(&sdata->local->key_mtx);
369 __ieee80211_set_default_key(sdata, idx, uni, multi);
370 mutex_unlock(&sdata->local->key_mtx);
374 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
376 struct ieee80211_key *key = NULL;
378 assert_key_lock(sdata->local);
380 if (idx >= NUM_DEFAULT_KEYS &&
381 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
382 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
384 rcu_assign_pointer(sdata->default_mgmt_key, key);
386 ieee80211_debugfs_key_update_default(sdata);
389 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
392 mutex_lock(&sdata->local->key_mtx);
393 __ieee80211_set_default_mgmt_key(sdata, idx);
394 mutex_unlock(&sdata->local->key_mtx);
398 static int ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
399 struct sta_info *sta,
401 struct ieee80211_key *old,
402 struct ieee80211_key *new)
406 bool defunikey, defmultikey, defmgmtkey;
408 /* caller must provide at least one old/new */
409 if (WARN_ON(!new && !old))
413 list_add_tail_rcu(&new->list, &sdata->key_list);
415 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
418 idx = old->conf.keyidx;
419 ret = ieee80211_hw_key_replace(old, new, pairwise);
421 /* new must be provided in case old is not */
422 idx = new->conf.keyidx;
423 if (!new->local->wowlan)
424 ret = ieee80211_key_enable_hw_accel(new);
434 rcu_assign_pointer(sta->ptk[idx], new);
436 !(new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX)) {
438 clear_sta_flag(sta, WLAN_STA_BLOCK_BA);
439 ieee80211_check_fast_xmit(sta);
442 rcu_assign_pointer(sta->gtk[idx], new);
444 /* Only needed for transition from no key -> key.
445 * Still triggers unnecessary when using Extended Key ID
446 * and installing the second key ID the first time.
449 ieee80211_check_fast_rx(sta);
452 old == key_mtx_dereference(sdata->local,
453 sdata->default_unicast_key);
455 old == key_mtx_dereference(sdata->local,
456 sdata->default_multicast_key);
458 old == key_mtx_dereference(sdata->local,
459 sdata->default_mgmt_key);
461 if (defunikey && !new)
462 __ieee80211_set_default_key(sdata, -1, true, false);
463 if (defmultikey && !new)
464 __ieee80211_set_default_key(sdata, -1, false, true);
465 if (defmgmtkey && !new)
466 __ieee80211_set_default_mgmt_key(sdata, -1);
468 rcu_assign_pointer(sdata->keys[idx], new);
469 if (defunikey && new)
470 __ieee80211_set_default_key(sdata, new->conf.keyidx,
472 if (defmultikey && new)
473 __ieee80211_set_default_key(sdata, new->conf.keyidx,
475 if (defmgmtkey && new)
476 __ieee80211_set_default_mgmt_key(sdata,
481 list_del_rcu(&old->list);
486 struct ieee80211_key *
487 ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
489 size_t seq_len, const u8 *seq,
490 const struct ieee80211_cipher_scheme *cs)
492 struct ieee80211_key *key;
495 if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS))
496 return ERR_PTR(-EINVAL);
498 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
500 return ERR_PTR(-ENOMEM);
503 * Default to software encryption; we'll later upload the
504 * key to the hardware if possible.
509 key->conf.cipher = cipher;
510 key->conf.keyidx = idx;
511 key->conf.keylen = key_len;
513 case WLAN_CIPHER_SUITE_WEP40:
514 case WLAN_CIPHER_SUITE_WEP104:
515 key->conf.iv_len = IEEE80211_WEP_IV_LEN;
516 key->conf.icv_len = IEEE80211_WEP_ICV_LEN;
518 case WLAN_CIPHER_SUITE_TKIP:
519 key->conf.iv_len = IEEE80211_TKIP_IV_LEN;
520 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN;
522 for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
523 key->u.tkip.rx[i].iv32 =
524 get_unaligned_le32(&seq[2]);
525 key->u.tkip.rx[i].iv16 =
526 get_unaligned_le16(seq);
529 spin_lock_init(&key->u.tkip.txlock);
531 case WLAN_CIPHER_SUITE_CCMP:
532 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN;
533 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN;
535 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
536 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++)
537 key->u.ccmp.rx_pn[i][j] =
538 seq[IEEE80211_CCMP_PN_LEN - j - 1];
541 * Initialize AES key state here as an optimization so that
542 * it does not need to be initialized for every packet.
544 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
545 key_data, key_len, IEEE80211_CCMP_MIC_LEN);
546 if (IS_ERR(key->u.ccmp.tfm)) {
547 err = PTR_ERR(key->u.ccmp.tfm);
552 case WLAN_CIPHER_SUITE_CCMP_256:
553 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN;
554 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN;
555 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
556 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++)
557 key->u.ccmp.rx_pn[i][j] =
558 seq[IEEE80211_CCMP_256_PN_LEN - j - 1];
559 /* Initialize AES key state here as an optimization so that
560 * it does not need to be initialized for every packet.
562 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
563 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN);
564 if (IS_ERR(key->u.ccmp.tfm)) {
565 err = PTR_ERR(key->u.ccmp.tfm);
570 case WLAN_CIPHER_SUITE_AES_CMAC:
571 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
572 key->conf.iv_len = 0;
573 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC)
574 key->conf.icv_len = sizeof(struct ieee80211_mmie);
576 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
578 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
579 key->u.aes_cmac.rx_pn[j] =
580 seq[IEEE80211_CMAC_PN_LEN - j - 1];
582 * Initialize AES key state here as an optimization so that
583 * it does not need to be initialized for every packet.
585 key->u.aes_cmac.tfm =
586 ieee80211_aes_cmac_key_setup(key_data, key_len);
587 if (IS_ERR(key->u.aes_cmac.tfm)) {
588 err = PTR_ERR(key->u.aes_cmac.tfm);
593 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
594 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
595 key->conf.iv_len = 0;
596 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
598 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++)
599 key->u.aes_gmac.rx_pn[j] =
600 seq[IEEE80211_GMAC_PN_LEN - j - 1];
601 /* Initialize AES key state here as an optimization so that
602 * it does not need to be initialized for every packet.
604 key->u.aes_gmac.tfm =
605 ieee80211_aes_gmac_key_setup(key_data, key_len);
606 if (IS_ERR(key->u.aes_gmac.tfm)) {
607 err = PTR_ERR(key->u.aes_gmac.tfm);
612 case WLAN_CIPHER_SUITE_GCMP:
613 case WLAN_CIPHER_SUITE_GCMP_256:
614 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN;
615 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN;
616 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
617 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++)
618 key->u.gcmp.rx_pn[i][j] =
619 seq[IEEE80211_GCMP_PN_LEN - j - 1];
620 /* Initialize AES key state here as an optimization so that
621 * it does not need to be initialized for every packet.
623 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data,
625 if (IS_ERR(key->u.gcmp.tfm)) {
626 err = PTR_ERR(key->u.gcmp.tfm);
633 if (seq_len && seq_len != cs->pn_len) {
635 return ERR_PTR(-EINVAL);
638 key->conf.iv_len = cs->hdr_len;
639 key->conf.icv_len = cs->mic_len;
640 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
641 for (j = 0; j < seq_len; j++)
642 key->u.gen.rx_pn[i][j] =
643 seq[seq_len - j - 1];
644 key->flags |= KEY_FLAG_CIPHER_SCHEME;
647 memcpy(key->conf.key, key_data, key_len);
648 INIT_LIST_HEAD(&key->list);
653 static void ieee80211_key_free_common(struct ieee80211_key *key)
655 switch (key->conf.cipher) {
656 case WLAN_CIPHER_SUITE_CCMP:
657 case WLAN_CIPHER_SUITE_CCMP_256:
658 ieee80211_aes_key_free(key->u.ccmp.tfm);
660 case WLAN_CIPHER_SUITE_AES_CMAC:
661 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
662 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
664 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
665 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
666 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm);
668 case WLAN_CIPHER_SUITE_GCMP:
669 case WLAN_CIPHER_SUITE_GCMP_256:
670 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm);
676 static void __ieee80211_key_destroy(struct ieee80211_key *key,
680 struct ieee80211_sub_if_data *sdata = key->sdata;
682 ieee80211_debugfs_key_remove(key);
684 if (delay_tailroom) {
685 /* see ieee80211_delayed_tailroom_dec */
686 sdata->crypto_tx_tailroom_pending_dec++;
687 schedule_delayed_work(&sdata->dec_tailroom_needed_wk,
690 decrease_tailroom_need_count(sdata, 1);
694 ieee80211_key_free_common(key);
697 static void ieee80211_key_destroy(struct ieee80211_key *key,
704 * Synchronize so the TX path and rcu key iterators
705 * can no longer be using this key before we free/remove it.
709 __ieee80211_key_destroy(key, delay_tailroom);
712 void ieee80211_key_free_unused(struct ieee80211_key *key)
714 WARN_ON(key->sdata || key->local);
715 ieee80211_key_free_common(key);
718 static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata,
719 struct ieee80211_key *old,
720 struct ieee80211_key *new)
722 u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP];
725 if (!old || new->conf.keylen != old->conf.keylen)
728 tk_old = old->conf.key;
729 tk_new = new->conf.key;
732 * In station mode, don't compare the TX MIC key, as it's never used
733 * and offloaded rekeying may not care to send it to the host. This
734 * is the case in iwlwifi, for example.
736 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
737 new->conf.cipher == WLAN_CIPHER_SUITE_TKIP &&
738 new->conf.keylen == WLAN_KEY_LEN_TKIP &&
739 !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
740 memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP);
741 memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP);
742 memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
743 memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
748 return !crypto_memneq(tk_old, tk_new, new->conf.keylen);
751 int ieee80211_key_link(struct ieee80211_key *key,
752 struct ieee80211_sub_if_data *sdata,
753 struct sta_info *sta)
755 struct ieee80211_key *old_key;
756 int idx = key->conf.keyidx;
757 bool pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
759 * We want to delay tailroom updates only for station - in that
760 * case it helps roaming speed, but in other cases it hurts and
761 * can cause warnings to appear.
763 bool delay_tailroom = sdata->vif.type == NL80211_IFTYPE_STATION;
764 int ret = -EOPNOTSUPP;
766 mutex_lock(&sdata->local->key_mtx);
768 if (sta && pairwise) {
769 struct ieee80211_key *alt_key;
771 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]);
772 alt_key = key_mtx_dereference(sdata->local, sta->ptk[idx ^ 1]);
774 /* The rekey code assumes that the old and new key are using
775 * the same cipher. Enforce the assumption for pairwise keys.
778 ((alt_key && alt_key->conf.cipher != key->conf.cipher) ||
779 (old_key && old_key->conf.cipher != key->conf.cipher)))
782 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]);
784 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
787 /* Non-pairwise keys must also not switch the cipher on rekey */
789 if (key && old_key && old_key->conf.cipher != key->conf.cipher)
794 * Silently accept key re-installation without really installing the
795 * new version of the key to avoid nonce reuse or replay issues.
797 if (ieee80211_key_identical(sdata, old_key, key)) {
798 ieee80211_key_free_unused(key);
803 key->local = sdata->local;
807 increment_tailroom_need_count(sdata);
809 ret = ieee80211_key_replace(sdata, sta, pairwise, old_key, key);
812 ieee80211_debugfs_key_add(key);
813 ieee80211_key_destroy(old_key, delay_tailroom);
815 ieee80211_key_free(key, delay_tailroom);
819 mutex_unlock(&sdata->local->key_mtx);
824 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom)
830 * Replace key with nothingness if it was ever used.
833 ieee80211_key_replace(key->sdata, key->sta,
834 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
836 ieee80211_key_destroy(key, delay_tailroom);
839 void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata)
841 struct ieee80211_key *key;
842 struct ieee80211_sub_if_data *vlan;
846 if (WARN_ON(!ieee80211_sdata_running(sdata)))
849 mutex_lock(&sdata->local->key_mtx);
851 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
852 sdata->crypto_tx_tailroom_pending_dec);
854 if (sdata->vif.type == NL80211_IFTYPE_AP) {
855 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
856 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
857 vlan->crypto_tx_tailroom_pending_dec);
860 list_for_each_entry(key, &sdata->key_list, list) {
861 increment_tailroom_need_count(sdata);
862 ieee80211_key_enable_hw_accel(key);
865 mutex_unlock(&sdata->local->key_mtx);
868 void ieee80211_reset_crypto_tx_tailroom(struct ieee80211_sub_if_data *sdata)
870 struct ieee80211_sub_if_data *vlan;
872 mutex_lock(&sdata->local->key_mtx);
874 sdata->crypto_tx_tailroom_needed_cnt = 0;
876 if (sdata->vif.type == NL80211_IFTYPE_AP) {
877 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
878 vlan->crypto_tx_tailroom_needed_cnt = 0;
881 mutex_unlock(&sdata->local->key_mtx);
884 void ieee80211_iter_keys(struct ieee80211_hw *hw,
885 struct ieee80211_vif *vif,
886 void (*iter)(struct ieee80211_hw *hw,
887 struct ieee80211_vif *vif,
888 struct ieee80211_sta *sta,
889 struct ieee80211_key_conf *key,
893 struct ieee80211_local *local = hw_to_local(hw);
894 struct ieee80211_key *key, *tmp;
895 struct ieee80211_sub_if_data *sdata;
899 mutex_lock(&local->key_mtx);
901 sdata = vif_to_sdata(vif);
902 list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
903 iter(hw, &sdata->vif,
904 key->sta ? &key->sta->sta : NULL,
905 &key->conf, iter_data);
907 list_for_each_entry(sdata, &local->interfaces, list)
908 list_for_each_entry_safe(key, tmp,
909 &sdata->key_list, list)
910 iter(hw, &sdata->vif,
911 key->sta ? &key->sta->sta : NULL,
912 &key->conf, iter_data);
914 mutex_unlock(&local->key_mtx);
916 EXPORT_SYMBOL(ieee80211_iter_keys);
919 _ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
920 struct ieee80211_sub_if_data *sdata,
921 void (*iter)(struct ieee80211_hw *hw,
922 struct ieee80211_vif *vif,
923 struct ieee80211_sta *sta,
924 struct ieee80211_key_conf *key,
928 struct ieee80211_key *key;
930 list_for_each_entry_rcu(key, &sdata->key_list, list) {
931 /* skip keys of station in removal process */
932 if (key->sta && key->sta->removed)
934 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
937 iter(hw, &sdata->vif,
938 key->sta ? &key->sta->sta : NULL,
939 &key->conf, iter_data);
943 void ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
944 struct ieee80211_vif *vif,
945 void (*iter)(struct ieee80211_hw *hw,
946 struct ieee80211_vif *vif,
947 struct ieee80211_sta *sta,
948 struct ieee80211_key_conf *key,
952 struct ieee80211_local *local = hw_to_local(hw);
953 struct ieee80211_sub_if_data *sdata;
956 sdata = vif_to_sdata(vif);
957 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
959 list_for_each_entry_rcu(sdata, &local->interfaces, list)
960 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
963 EXPORT_SYMBOL(ieee80211_iter_keys_rcu);
965 static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata,
966 struct list_head *keys)
968 struct ieee80211_key *key, *tmp;
970 decrease_tailroom_need_count(sdata,
971 sdata->crypto_tx_tailroom_pending_dec);
972 sdata->crypto_tx_tailroom_pending_dec = 0;
974 ieee80211_debugfs_key_remove_mgmt_default(sdata);
976 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) {
977 ieee80211_key_replace(key->sdata, key->sta,
978 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
980 list_add_tail(&key->list, keys);
983 ieee80211_debugfs_key_update_default(sdata);
986 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata,
987 bool force_synchronize)
989 struct ieee80211_local *local = sdata->local;
990 struct ieee80211_sub_if_data *vlan;
991 struct ieee80211_sub_if_data *master;
992 struct ieee80211_key *key, *tmp;
995 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk);
997 mutex_lock(&local->key_mtx);
999 ieee80211_free_keys_iface(sdata, &keys);
1001 if (sdata->vif.type == NL80211_IFTYPE_AP) {
1002 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
1003 ieee80211_free_keys_iface(vlan, &keys);
1006 if (!list_empty(&keys) || force_synchronize)
1008 list_for_each_entry_safe(key, tmp, &keys, list)
1009 __ieee80211_key_destroy(key, false);
1011 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
1013 master = container_of(sdata->bss,
1014 struct ieee80211_sub_if_data,
1017 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt !=
1018 master->crypto_tx_tailroom_needed_cnt);
1021 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
1022 sdata->crypto_tx_tailroom_pending_dec);
1025 if (sdata->vif.type == NL80211_IFTYPE_AP) {
1026 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
1027 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
1028 vlan->crypto_tx_tailroom_pending_dec);
1031 mutex_unlock(&local->key_mtx);
1034 void ieee80211_free_sta_keys(struct ieee80211_local *local,
1035 struct sta_info *sta)
1037 struct ieee80211_key *key;
1040 mutex_lock(&local->key_mtx);
1041 for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) {
1042 key = key_mtx_dereference(local, sta->gtk[i]);
1045 ieee80211_key_replace(key->sdata, key->sta,
1046 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
1048 __ieee80211_key_destroy(key, key->sdata->vif.type ==
1049 NL80211_IFTYPE_STATION);
1052 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1053 key = key_mtx_dereference(local, sta->ptk[i]);
1056 ieee80211_key_replace(key->sdata, key->sta,
1057 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
1059 __ieee80211_key_destroy(key, key->sdata->vif.type ==
1060 NL80211_IFTYPE_STATION);
1063 mutex_unlock(&local->key_mtx);
1066 void ieee80211_delayed_tailroom_dec(struct work_struct *wk)
1068 struct ieee80211_sub_if_data *sdata;
1070 sdata = container_of(wk, struct ieee80211_sub_if_data,
1071 dec_tailroom_needed_wk.work);
1074 * The reason for the delayed tailroom needed decrementing is to
1075 * make roaming faster: during roaming, all keys are first deleted
1076 * and then new keys are installed. The first new key causes the
1077 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes
1078 * the cost of synchronize_net() (which can be slow). Avoid this
1079 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on
1080 * key removal for a while, so if we roam the value is larger than
1081 * zero and no 0->1 transition happens.
1083 * The cost is that if the AP switching was from an AP with keys
1084 * to one without, we still allocate tailroom while it would no
1085 * longer be needed. However, in the typical (fast) roaming case
1086 * within an ESS this usually won't happen.
1089 mutex_lock(&sdata->local->key_mtx);
1090 decrease_tailroom_need_count(sdata,
1091 sdata->crypto_tx_tailroom_pending_dec);
1092 sdata->crypto_tx_tailroom_pending_dec = 0;
1093 mutex_unlock(&sdata->local->key_mtx);
1096 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid,
1097 const u8 *replay_ctr, gfp_t gfp)
1099 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1101 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr);
1103 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp);
1105 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify);
1107 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
1108 int tid, struct ieee80211_key_seq *seq)
1110 struct ieee80211_key *key;
1113 key = container_of(keyconf, struct ieee80211_key, conf);
1115 switch (key->conf.cipher) {
1116 case WLAN_CIPHER_SUITE_TKIP:
1117 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1119 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32;
1120 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
1122 case WLAN_CIPHER_SUITE_CCMP:
1123 case WLAN_CIPHER_SUITE_CCMP_256:
1124 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1127 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1129 pn = key->u.ccmp.rx_pn[tid];
1130 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
1132 case WLAN_CIPHER_SUITE_AES_CMAC:
1133 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1134 if (WARN_ON(tid != 0))
1136 pn = key->u.aes_cmac.rx_pn;
1137 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
1139 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1140 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1141 if (WARN_ON(tid != 0))
1143 pn = key->u.aes_gmac.rx_pn;
1144 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN);
1146 case WLAN_CIPHER_SUITE_GCMP:
1147 case WLAN_CIPHER_SUITE_GCMP_256:
1148 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1151 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1153 pn = key->u.gcmp.rx_pn[tid];
1154 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN);
1158 EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
1160 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
1161 int tid, struct ieee80211_key_seq *seq)
1163 struct ieee80211_key *key;
1166 key = container_of(keyconf, struct ieee80211_key, conf);
1168 switch (key->conf.cipher) {
1169 case WLAN_CIPHER_SUITE_TKIP:
1170 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1172 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32;
1173 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
1175 case WLAN_CIPHER_SUITE_CCMP:
1176 case WLAN_CIPHER_SUITE_CCMP_256:
1177 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1180 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1182 pn = key->u.ccmp.rx_pn[tid];
1183 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
1185 case WLAN_CIPHER_SUITE_AES_CMAC:
1186 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1187 if (WARN_ON(tid != 0))
1189 pn = key->u.aes_cmac.rx_pn;
1190 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
1192 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1193 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1194 if (WARN_ON(tid != 0))
1196 pn = key->u.aes_gmac.rx_pn;
1197 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN);
1199 case WLAN_CIPHER_SUITE_GCMP:
1200 case WLAN_CIPHER_SUITE_GCMP_256:
1201 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1204 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1206 pn = key->u.gcmp.rx_pn[tid];
1207 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN);
1214 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq);
1216 void ieee80211_remove_key(struct ieee80211_key_conf *keyconf)
1218 struct ieee80211_key *key;
1220 key = container_of(keyconf, struct ieee80211_key, conf);
1222 assert_key_lock(key->local);
1225 * if key was uploaded, we assume the driver will/has remove(d)
1226 * it, so adjust bookkeeping accordingly
1228 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
1229 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
1231 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
1232 IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
1233 IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
1234 increment_tailroom_need_count(key->sdata);
1237 ieee80211_key_free(key, false);
1239 EXPORT_SYMBOL_GPL(ieee80211_remove_key);
1241 struct ieee80211_key_conf *
1242 ieee80211_gtk_rekey_add(struct ieee80211_vif *vif,
1243 struct ieee80211_key_conf *keyconf)
1245 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1246 struct ieee80211_local *local = sdata->local;
1247 struct ieee80211_key *key;
1250 if (WARN_ON(!local->wowlan))
1251 return ERR_PTR(-EINVAL);
1253 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
1254 return ERR_PTR(-EINVAL);
1256 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx,
1257 keyconf->keylen, keyconf->key,
1260 return ERR_CAST(key);
1262 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
1263 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
1265 err = ieee80211_key_link(key, sdata, NULL);
1267 return ERR_PTR(err);
1271 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add);
projects / linux.git / blob