1/* 2 * Copyright 2002-2005, Instant802 Networks, Inc. 3 * Copyright 2005-2006, Devicescape Software, Inc. 4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net> 6 * Copyright 2013-2014 Intel Mobile Communications GmbH 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License version 2 as 10 * published by the Free Software Foundation. 11 */ 12 13#include <linux/if_ether.h> 14#include <linux/etherdevice.h> 15#include <linux/list.h> 16#include <linux/rcupdate.h> 17#include <linux/rtnetlink.h> 18#include <linux/slab.h> 19#include <linux/export.h> 20#include <net/mac80211.h> 21#include <asm/unaligned.h> 22#include "ieee80211_i.h" 23#include "driver-ops.h" 24#include "debugfs_key.h" 25#include "aes_ccm.h" 26#include "aes_cmac.h" 27#include "aes_gmac.h" 28#include "aes_gcm.h" 29 30 31/** 32 * DOC: Key handling basics 33 * 34 * Key handling in mac80211 is done based on per-interface (sub_if_data) 35 * keys and per-station keys. Since each station belongs to an interface, 36 * each station key also belongs to that interface. 37 * 38 * Hardware acceleration is done on a best-effort basis for algorithms 39 * that are implemented in software, for each key the hardware is asked 40 * to enable that key for offloading but if it cannot do that the key is 41 * simply kept for software encryption (unless it is for an algorithm 42 * that isn't implemented in software). 43 * There is currently no way of knowing whether a key is handled in SW 44 * or HW except by looking into debugfs. 45 * 46 * All key management is internally protected by a mutex. Within all 47 * other parts of mac80211, key references are, just as STA structure 48 * references, protected by RCU. Note, however, that some things are 49 * unprotected, namely the key->sta dereferences within the hardware 50 * acceleration functions. This means that sta_info_destroy() must 51 * remove the key which waits for an RCU grace period. 52 */ 53 54static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 55 56static void assert_key_lock(struct ieee80211_local *local) 57{ 58 lockdep_assert_held(&local->key_mtx); 59} 60 61static void 62update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta) 63{ 64 struct ieee80211_sub_if_data *vlan; 65 66 if (sdata->vif.type != NL80211_IFTYPE_AP) 67 return; 68 69 /* crypto_tx_tailroom_needed_cnt is protected by this */ 70 assert_key_lock(sdata->local); 71 72 rcu_read_lock(); 73 74 list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list) 75 vlan->crypto_tx_tailroom_needed_cnt += delta; 76 77 rcu_read_unlock(); 78} 79 80static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata) 81{ 82 /* 83 * When this count is zero, SKB resizing for allocating tailroom 84 * for IV or MMIC is skipped. But, this check has created two race 85 * cases in xmit path while transiting from zero count to one: 86 * 87 * 1. SKB resize was skipped because no key was added but just before 88 * the xmit key is added and SW encryption kicks off. 89 * 90 * 2. SKB resize was skipped because all the keys were hw planted but 91 * just before xmit one of the key is deleted and SW encryption kicks 92 * off. 93 * 94 * In both the above case SW encryption will find not enough space for 95 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c) 96 * 97 * Solution has been explained at 98 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net 99 */ 100 101 assert_key_lock(sdata->local); 102 103 update_vlan_tailroom_need_count(sdata, 1); 104 105 if (!sdata->crypto_tx_tailroom_needed_cnt++) { 106 /* 107 * Flush all XMIT packets currently using HW encryption or no 108 * encryption at all if the count transition is from 0 -> 1. 109 */ 110 synchronize_net(); 111 } 112} 113 114static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata, 115 int delta) 116{ 117 assert_key_lock(sdata->local); 118 119 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta); 120 121 update_vlan_tailroom_need_count(sdata, -delta); 122 sdata->crypto_tx_tailroom_needed_cnt -= delta; 123} 124 125static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key) 126{ 127 struct ieee80211_sub_if_data *sdata; 128 struct sta_info *sta; 129 int ret = -EOPNOTSUPP; 130 131 might_sleep(); 132 133 if (key->flags & KEY_FLAG_TAINTED) { 134 /* If we get here, it's during resume and the key is 135 * tainted so shouldn't be used/programmed any more. 136 * However, its flags may still indicate that it was 137 * programmed into the device (since we're in resume) 138 * so clear that flag now to avoid trying to remove 139 * it again later. 140 */ 141 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 142 return -EINVAL; 143 } 144 145 if (!key->local->ops->set_key) 146 goto out_unsupported; 147 148 assert_key_lock(key->local); 149 150 sta = key->sta; 151 152 /* 153 * If this is a per-STA GTK, check if it 154 * is supported; if not, return. 155 */ 156 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) && 157 !(key->local->hw.flags & IEEE80211_HW_SUPPORTS_PER_STA_GTK)) 158 goto out_unsupported; 159 160 if (sta && !sta->uploaded) 161 goto out_unsupported; 162 163 sdata = key->sdata; 164 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 165 /* 166 * The driver doesn't know anything about VLAN interfaces. 167 * Hence, don't send GTKs for VLAN interfaces to the driver. 168 */ 169 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) 170 goto out_unsupported; 171 } 172 173 ret = drv_set_key(key->local, SET_KEY, sdata, 174 sta ? &sta->sta : NULL, &key->conf); 175 176 if (!ret) { 177 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; 178 179 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 180 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 181 decrease_tailroom_need_count(sdata, 1); 182 183 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) && 184 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)); 185 186 return 0; 187 } 188 189 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1) 190 sdata_err(sdata, 191 "failed to set key (%d, %pM) to hardware (%d)\n", 192 key->conf.keyidx, 193 sta ? sta->sta.addr : bcast_addr, ret); 194 195 out_unsupported: 196 switch (key->conf.cipher) { 197 case WLAN_CIPHER_SUITE_WEP40: 198 case WLAN_CIPHER_SUITE_WEP104: 199 case WLAN_CIPHER_SUITE_TKIP: 200 case WLAN_CIPHER_SUITE_CCMP: 201 case WLAN_CIPHER_SUITE_CCMP_256: 202 case WLAN_CIPHER_SUITE_AES_CMAC: 203 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 204 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 205 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 206 case WLAN_CIPHER_SUITE_GCMP: 207 case WLAN_CIPHER_SUITE_GCMP_256: 208 /* all of these we can do in software - if driver can */ 209 if (ret == 1) 210 return 0; 211 if (key->local->hw.flags & IEEE80211_HW_SW_CRYPTO_CONTROL) 212 return -EINVAL; 213 return 0; 214 default: 215 return -EINVAL; 216 } 217} 218 219static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key) 220{ 221 struct ieee80211_sub_if_data *sdata; 222 struct sta_info *sta; 223 int ret; 224 225 might_sleep(); 226 227 if (!key || !key->local->ops->set_key) 228 return; 229 230 assert_key_lock(key->local); 231 232 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 233 return; 234 235 sta = key->sta; 236 sdata = key->sdata; 237 238 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 239 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 240 increment_tailroom_need_count(sdata); 241 242 ret = drv_set_key(key->local, DISABLE_KEY, sdata, 243 sta ? &sta->sta : NULL, &key->conf); 244 245 if (ret) 246 sdata_err(sdata, 247 "failed to remove key (%d, %pM) from hardware (%d)\n", 248 key->conf.keyidx, 249 sta ? sta->sta.addr : bcast_addr, ret); 250 251 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 252} 253 254static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, 255 int idx, bool uni, bool multi) 256{ 257 struct ieee80211_key *key = NULL; 258 259 assert_key_lock(sdata->local); 260 261 if (idx >= 0 && idx < NUM_DEFAULT_KEYS) 262 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 263 264 if (uni) { 265 rcu_assign_pointer(sdata->default_unicast_key, key); 266 drv_set_default_unicast_key(sdata->local, sdata, idx); 267 } 268 269 if (multi) 270 rcu_assign_pointer(sdata->default_multicast_key, key); 271 272 ieee80211_debugfs_key_update_default(sdata); 273} 274 275void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx, 276 bool uni, bool multi) 277{ 278 mutex_lock(&sdata->local->key_mtx); 279 __ieee80211_set_default_key(sdata, idx, uni, multi); 280 mutex_unlock(&sdata->local->key_mtx); 281} 282 283static void 284__ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx) 285{ 286 struct ieee80211_key *key = NULL; 287 288 assert_key_lock(sdata->local); 289 290 if (idx >= NUM_DEFAULT_KEYS && 291 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) 292 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 293 294 rcu_assign_pointer(sdata->default_mgmt_key, key); 295 296 ieee80211_debugfs_key_update_default(sdata); 297} 298 299void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, 300 int idx) 301{ 302 mutex_lock(&sdata->local->key_mtx); 303 __ieee80211_set_default_mgmt_key(sdata, idx); 304 mutex_unlock(&sdata->local->key_mtx); 305} 306 307 308static void ieee80211_key_replace(struct ieee80211_sub_if_data *sdata, 309 struct sta_info *sta, 310 bool pairwise, 311 struct ieee80211_key *old, 312 struct ieee80211_key *new) 313{ 314 int idx; 315 bool defunikey, defmultikey, defmgmtkey; 316 317 /* caller must provide at least one old/new */ 318 if (WARN_ON(!new && !old)) 319 return; 320 321 if (new) 322 list_add_tail(&new->list, &sdata->key_list); 323 324 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx); 325 326 if (old) 327 idx = old->conf.keyidx; 328 else 329 idx = new->conf.keyidx; 330 331 if (sta) { 332 if (pairwise) { 333 rcu_assign_pointer(sta->ptk[idx], new); 334 sta->ptk_idx = idx; 335 } else { 336 rcu_assign_pointer(sta->gtk[idx], new); 337 sta->gtk_idx = idx; 338 } 339 } else { 340 defunikey = old && 341 old == key_mtx_dereference(sdata->local, 342 sdata->default_unicast_key); 343 defmultikey = old && 344 old == key_mtx_dereference(sdata->local, 345 sdata->default_multicast_key); 346 defmgmtkey = old && 347 old == key_mtx_dereference(sdata->local, 348 sdata->default_mgmt_key); 349 350 if (defunikey && !new) 351 __ieee80211_set_default_key(sdata, -1, true, false); 352 if (defmultikey && !new) 353 __ieee80211_set_default_key(sdata, -1, false, true); 354 if (defmgmtkey && !new) 355 __ieee80211_set_default_mgmt_key(sdata, -1); 356 357 rcu_assign_pointer(sdata->keys[idx], new); 358 if (defunikey && new) 359 __ieee80211_set_default_key(sdata, new->conf.keyidx, 360 true, false); 361 if (defmultikey && new) 362 __ieee80211_set_default_key(sdata, new->conf.keyidx, 363 false, true); 364 if (defmgmtkey && new) 365 __ieee80211_set_default_mgmt_key(sdata, 366 new->conf.keyidx); 367 } 368 369 if (old) 370 list_del(&old->list); 371} 372 373struct ieee80211_key * 374ieee80211_key_alloc(u32 cipher, int idx, size_t key_len, 375 const u8 *key_data, 376 size_t seq_len, const u8 *seq, 377 const struct ieee80211_cipher_scheme *cs) 378{ 379 struct ieee80211_key *key; 380 int i, j, err; 381 382 if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)) 383 return ERR_PTR(-EINVAL); 384 385 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL); 386 if (!key) 387 return ERR_PTR(-ENOMEM); 388 389 /* 390 * Default to software encryption; we'll later upload the 391 * key to the hardware if possible. 392 */ 393 key->conf.flags = 0; 394 key->flags = 0; 395 396 key->conf.cipher = cipher; 397 key->conf.keyidx = idx; 398 key->conf.keylen = key_len; 399 switch (cipher) { 400 case WLAN_CIPHER_SUITE_WEP40: 401 case WLAN_CIPHER_SUITE_WEP104: 402 key->conf.iv_len = IEEE80211_WEP_IV_LEN; 403 key->conf.icv_len = IEEE80211_WEP_ICV_LEN; 404 break; 405 case WLAN_CIPHER_SUITE_TKIP: 406 key->conf.iv_len = IEEE80211_TKIP_IV_LEN; 407 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN; 408 if (seq) { 409 for (i = 0; i < IEEE80211_NUM_TIDS; i++) { 410 key->u.tkip.rx[i].iv32 = 411 get_unaligned_le32(&seq[2]); 412 key->u.tkip.rx[i].iv16 = 413 get_unaligned_le16(seq); 414 } 415 } 416 spin_lock_init(&key->u.tkip.txlock); 417 break; 418 case WLAN_CIPHER_SUITE_CCMP: 419 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN; 420 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN; 421 if (seq) { 422 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 423 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++) 424 key->u.ccmp.rx_pn[i][j] = 425 seq[IEEE80211_CCMP_PN_LEN - j - 1]; 426 } 427 /* 428 * Initialize AES key state here as an optimization so that 429 * it does not need to be initialized for every packet. 430 */ 431 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 432 key_data, key_len, IEEE80211_CCMP_MIC_LEN); 433 if (IS_ERR(key->u.ccmp.tfm)) { 434 err = PTR_ERR(key->u.ccmp.tfm); 435 kfree(key); 436 return ERR_PTR(err); 437 } 438 break; 439 case WLAN_CIPHER_SUITE_CCMP_256: 440 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN; 441 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN; 442 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 443 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++) 444 key->u.ccmp.rx_pn[i][j] = 445 seq[IEEE80211_CCMP_256_PN_LEN - j - 1]; 446 /* Initialize AES key state here as an optimization so that 447 * it does not need to be initialized for every packet. 448 */ 449 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 450 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN); 451 if (IS_ERR(key->u.ccmp.tfm)) { 452 err = PTR_ERR(key->u.ccmp.tfm); 453 kfree(key); 454 return ERR_PTR(err); 455 } 456 break; 457 case WLAN_CIPHER_SUITE_AES_CMAC: 458 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 459 key->conf.iv_len = 0; 460 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC) 461 key->conf.icv_len = sizeof(struct ieee80211_mmie); 462 else 463 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 464 if (seq) 465 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++) 466 key->u.aes_cmac.rx_pn[j] = 467 seq[IEEE80211_CMAC_PN_LEN - j - 1]; 468 /* 469 * Initialize AES key state here as an optimization so that 470 * it does not need to be initialized for every packet. 471 */ 472 key->u.aes_cmac.tfm = 473 ieee80211_aes_cmac_key_setup(key_data, key_len); 474 if (IS_ERR(key->u.aes_cmac.tfm)) { 475 err = PTR_ERR(key->u.aes_cmac.tfm); 476 kfree(key); 477 return ERR_PTR(err); 478 } 479 break; 480 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 481 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 482 key->conf.iv_len = 0; 483 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 484 if (seq) 485 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++) 486 key->u.aes_gmac.rx_pn[j] = 487 seq[IEEE80211_GMAC_PN_LEN - j - 1]; 488 /* Initialize AES key state here as an optimization so that 489 * it does not need to be initialized for every packet. 490 */ 491 key->u.aes_gmac.tfm = 492 ieee80211_aes_gmac_key_setup(key_data, key_len); 493 if (IS_ERR(key->u.aes_gmac.tfm)) { 494 err = PTR_ERR(key->u.aes_gmac.tfm); 495 kfree(key); 496 return ERR_PTR(err); 497 } 498 break; 499 case WLAN_CIPHER_SUITE_GCMP: 500 case WLAN_CIPHER_SUITE_GCMP_256: 501 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN; 502 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN; 503 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 504 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++) 505 key->u.gcmp.rx_pn[i][j] = 506 seq[IEEE80211_GCMP_PN_LEN - j - 1]; 507 /* Initialize AES key state here as an optimization so that 508 * it does not need to be initialized for every packet. 509 */ 510 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data, 511 key_len); 512 if (IS_ERR(key->u.gcmp.tfm)) { 513 err = PTR_ERR(key->u.gcmp.tfm); 514 kfree(key); 515 return ERR_PTR(err); 516 } 517 break; 518 default: 519 if (cs) { 520 size_t len = (seq_len > MAX_PN_LEN) ? 521 MAX_PN_LEN : seq_len; 522 523 key->conf.iv_len = cs->hdr_len; 524 key->conf.icv_len = cs->mic_len; 525 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 526 for (j = 0; j < len; j++) 527 key->u.gen.rx_pn[i][j] = 528 seq[len - j - 1]; 529 key->flags |= KEY_FLAG_CIPHER_SCHEME; 530 } 531 } 532 memcpy(key->conf.key, key_data, key_len); 533 INIT_LIST_HEAD(&key->list); 534 535 return key; 536} 537 538static void ieee80211_key_free_common(struct ieee80211_key *key) 539{ 540 switch (key->conf.cipher) { 541 case WLAN_CIPHER_SUITE_CCMP: 542 case WLAN_CIPHER_SUITE_CCMP_256: 543 ieee80211_aes_key_free(key->u.ccmp.tfm); 544 break; 545 case WLAN_CIPHER_SUITE_AES_CMAC: 546 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 547 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm); 548 break; 549 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 550 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 551 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm); 552 break; 553 case WLAN_CIPHER_SUITE_GCMP: 554 case WLAN_CIPHER_SUITE_GCMP_256: 555 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm); 556 break; 557 } 558 kzfree(key); 559} 560 561static void __ieee80211_key_destroy(struct ieee80211_key *key, 562 bool delay_tailroom) 563{ 564 if (key->local) 565 ieee80211_key_disable_hw_accel(key); 566 567 if (key->local) { 568 struct ieee80211_sub_if_data *sdata = key->sdata; 569 570 ieee80211_debugfs_key_remove(key); 571 572 if (delay_tailroom) { 573 /* see ieee80211_delayed_tailroom_dec */ 574 sdata->crypto_tx_tailroom_pending_dec++; 575 schedule_delayed_work(&sdata->dec_tailroom_needed_wk, 576 HZ/2); 577 } else { 578 decrease_tailroom_need_count(sdata, 1); 579 } 580 } 581 582 ieee80211_key_free_common(key); 583} 584 585static void ieee80211_key_destroy(struct ieee80211_key *key, 586 bool delay_tailroom) 587{ 588 if (!key) 589 return; 590 591 /* 592 * Synchronize so the TX path can no longer be using 593 * this key before we free/remove it. 594 */ 595 synchronize_net(); 596 597 __ieee80211_key_destroy(key, delay_tailroom); 598} 599 600void ieee80211_key_free_unused(struct ieee80211_key *key) 601{ 602 WARN_ON(key->sdata || key->local); 603 ieee80211_key_free_common(key); 604} 605 606int ieee80211_key_link(struct ieee80211_key *key, 607 struct ieee80211_sub_if_data *sdata, 608 struct sta_info *sta) 609{ 610 struct ieee80211_local *local = sdata->local; 611 struct ieee80211_key *old_key; 612 int idx, ret; 613 bool pairwise; 614 615 pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE; 616 idx = key->conf.keyidx; 617 key->local = sdata->local; 618 key->sdata = sdata; 619 key->sta = sta; 620 621 mutex_lock(&sdata->local->key_mtx); 622 623 if (sta && pairwise) 624 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]); 625 else if (sta) 626 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]); 627 else 628 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 629 630 increment_tailroom_need_count(sdata); 631 632 ieee80211_key_replace(sdata, sta, pairwise, old_key, key); 633 ieee80211_key_destroy(old_key, true); 634 635 ieee80211_debugfs_key_add(key); 636 637 if (!local->wowlan) { 638 ret = ieee80211_key_enable_hw_accel(key); 639 if (ret) 640 ieee80211_key_free(key, true); 641 } else { 642 ret = 0; 643 } 644 645 mutex_unlock(&sdata->local->key_mtx); 646 647 return ret; 648} 649 650void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom) 651{ 652 if (!key) 653 return; 654 655 /* 656 * Replace key with nothingness if it was ever used. 657 */ 658 if (key->sdata) 659 ieee80211_key_replace(key->sdata, key->sta, 660 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 661 key, NULL); 662 ieee80211_key_destroy(key, delay_tailroom); 663} 664 665void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata) 666{ 667 struct ieee80211_key *key; 668 struct ieee80211_sub_if_data *vlan; 669 670 ASSERT_RTNL(); 671 672 if (WARN_ON(!ieee80211_sdata_running(sdata))) 673 return; 674 675 mutex_lock(&sdata->local->key_mtx); 676 677 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt || 678 sdata->crypto_tx_tailroom_pending_dec); 679 680 if (sdata->vif.type == NL80211_IFTYPE_AP) { 681 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 682 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt || 683 vlan->crypto_tx_tailroom_pending_dec); 684 } 685 686 list_for_each_entry(key, &sdata->key_list, list) { 687 increment_tailroom_need_count(sdata); 688 ieee80211_key_enable_hw_accel(key); 689 } 690 691 mutex_unlock(&sdata->local->key_mtx); 692} 693 694void ieee80211_reset_crypto_tx_tailroom(struct ieee80211_sub_if_data *sdata) 695{ 696 struct ieee80211_sub_if_data *vlan; 697 698 mutex_lock(&sdata->local->key_mtx); 699 700 sdata->crypto_tx_tailroom_needed_cnt = 0; 701 702 if (sdata->vif.type == NL80211_IFTYPE_AP) { 703 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 704 vlan->crypto_tx_tailroom_needed_cnt = 0; 705 } 706 707 mutex_unlock(&sdata->local->key_mtx); 708} 709 710void ieee80211_iter_keys(struct ieee80211_hw *hw, 711 struct ieee80211_vif *vif, 712 void (*iter)(struct ieee80211_hw *hw, 713 struct ieee80211_vif *vif, 714 struct ieee80211_sta *sta, 715 struct ieee80211_key_conf *key, 716 void *data), 717 void *iter_data) 718{ 719 struct ieee80211_local *local = hw_to_local(hw); 720 struct ieee80211_key *key, *tmp; 721 struct ieee80211_sub_if_data *sdata; 722 723 ASSERT_RTNL(); 724 725 mutex_lock(&local->key_mtx); 726 if (vif) { 727 sdata = vif_to_sdata(vif); 728 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) 729 iter(hw, &sdata->vif, 730 key->sta ? &key->sta->sta : NULL, 731 &key->conf, iter_data); 732 } else { 733 list_for_each_entry(sdata, &local->interfaces, list) 734 list_for_each_entry_safe(key, tmp, 735 &sdata->key_list, list) 736 iter(hw, &sdata->vif, 737 key->sta ? &key->sta->sta : NULL, 738 &key->conf, iter_data); 739 } 740 mutex_unlock(&local->key_mtx); 741} 742EXPORT_SYMBOL(ieee80211_iter_keys); 743 744static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata, 745 struct list_head *keys) 746{ 747 struct ieee80211_key *key, *tmp; 748 749 decrease_tailroom_need_count(sdata, 750 sdata->crypto_tx_tailroom_pending_dec); 751 sdata->crypto_tx_tailroom_pending_dec = 0; 752 753 ieee80211_debugfs_key_remove_mgmt_default(sdata); 754 755 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) { 756 ieee80211_key_replace(key->sdata, key->sta, 757 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 758 key, NULL); 759 list_add_tail(&key->list, keys); 760 } 761 762 ieee80211_debugfs_key_update_default(sdata); 763} 764 765void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata, 766 bool force_synchronize) 767{ 768 struct ieee80211_local *local = sdata->local; 769 struct ieee80211_sub_if_data *vlan; 770 struct ieee80211_sub_if_data *master; 771 struct ieee80211_key *key, *tmp; 772 LIST_HEAD(keys); 773 774 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk); 775 776 mutex_lock(&local->key_mtx); 777 778 ieee80211_free_keys_iface(sdata, &keys); 779 780 if (sdata->vif.type == NL80211_IFTYPE_AP) { 781 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 782 ieee80211_free_keys_iface(vlan, &keys); 783 } 784 785 if (!list_empty(&keys) || force_synchronize) 786 synchronize_net(); 787 list_for_each_entry_safe(key, tmp, &keys, list) 788 __ieee80211_key_destroy(key, false); 789 790 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 791 if (sdata->bss) { 792 master = container_of(sdata->bss, 793 struct ieee80211_sub_if_data, 794 u.ap); 795 796 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt != 797 master->crypto_tx_tailroom_needed_cnt); 798 } 799 } else { 800 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt || 801 sdata->crypto_tx_tailroom_pending_dec); 802 } 803 804 if (sdata->vif.type == NL80211_IFTYPE_AP) { 805 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 806 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt || 807 vlan->crypto_tx_tailroom_pending_dec); 808 } 809 810 mutex_unlock(&local->key_mtx); 811} 812 813void ieee80211_free_sta_keys(struct ieee80211_local *local, 814 struct sta_info *sta) 815{ 816 struct ieee80211_key *key; 817 int i; 818 819 mutex_lock(&local->key_mtx); 820 for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) { 821 key = key_mtx_dereference(local, sta->gtk[i]); 822 if (!key) 823 continue; 824 ieee80211_key_replace(key->sdata, key->sta, 825 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 826 key, NULL); 827 __ieee80211_key_destroy(key, true); 828 } 829 830 for (i = 0; i < NUM_DEFAULT_KEYS; i++) { 831 key = key_mtx_dereference(local, sta->ptk[i]); 832 if (!key) 833 continue; 834 ieee80211_key_replace(key->sdata, key->sta, 835 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 836 key, NULL); 837 __ieee80211_key_destroy(key, true); 838 } 839 840 mutex_unlock(&local->key_mtx); 841} 842 843void ieee80211_delayed_tailroom_dec(struct work_struct *wk) 844{ 845 struct ieee80211_sub_if_data *sdata; 846 847 sdata = container_of(wk, struct ieee80211_sub_if_data, 848 dec_tailroom_needed_wk.work); 849 850 /* 851 * The reason for the delayed tailroom needed decrementing is to 852 * make roaming faster: during roaming, all keys are first deleted 853 * and then new keys are installed. The first new key causes the 854 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes 855 * the cost of synchronize_net() (which can be slow). Avoid this 856 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on 857 * key removal for a while, so if we roam the value is larger than 858 * zero and no 0->1 transition happens. 859 * 860 * The cost is that if the AP switching was from an AP with keys 861 * to one without, we still allocate tailroom while it would no 862 * longer be needed. However, in the typical (fast) roaming case 863 * within an ESS this usually won't happen. 864 */ 865 866 mutex_lock(&sdata->local->key_mtx); 867 decrease_tailroom_need_count(sdata, 868 sdata->crypto_tx_tailroom_pending_dec); 869 sdata->crypto_tx_tailroom_pending_dec = 0; 870 mutex_unlock(&sdata->local->key_mtx); 871} 872 873void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid, 874 const u8 *replay_ctr, gfp_t gfp) 875{ 876 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 877 878 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr); 879 880 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp); 881} 882EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify); 883 884void ieee80211_get_key_tx_seq(struct ieee80211_key_conf *keyconf, 885 struct ieee80211_key_seq *seq) 886{ 887 struct ieee80211_key *key; 888 u64 pn64; 889 890 if (WARN_ON(!(keyconf->flags & IEEE80211_KEY_FLAG_GENERATE_IV))) 891 return; 892 893 key = container_of(keyconf, struct ieee80211_key, conf); 894 895 switch (key->conf.cipher) { 896 case WLAN_CIPHER_SUITE_TKIP: 897 seq->tkip.iv32 = key->u.tkip.tx.iv32; 898 seq->tkip.iv16 = key->u.tkip.tx.iv16; 899 break; 900 case WLAN_CIPHER_SUITE_CCMP: 901 case WLAN_CIPHER_SUITE_CCMP_256: 902 pn64 = atomic64_read(&key->u.ccmp.tx_pn); 903 seq->ccmp.pn[5] = pn64; 904 seq->ccmp.pn[4] = pn64 >> 8; 905 seq->ccmp.pn[3] = pn64 >> 16; 906 seq->ccmp.pn[2] = pn64 >> 24; 907 seq->ccmp.pn[1] = pn64 >> 32; 908 seq->ccmp.pn[0] = pn64 >> 40; 909 break; 910 case WLAN_CIPHER_SUITE_AES_CMAC: 911 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 912 pn64 = atomic64_read(&key->u.aes_cmac.tx_pn); 913 seq->ccmp.pn[5] = pn64; 914 seq->ccmp.pn[4] = pn64 >> 8; 915 seq->ccmp.pn[3] = pn64 >> 16; 916 seq->ccmp.pn[2] = pn64 >> 24; 917 seq->ccmp.pn[1] = pn64 >> 32; 918 seq->ccmp.pn[0] = pn64 >> 40; 919 break; 920 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 921 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 922 pn64 = atomic64_read(&key->u.aes_gmac.tx_pn); 923 seq->ccmp.pn[5] = pn64; 924 seq->ccmp.pn[4] = pn64 >> 8; 925 seq->ccmp.pn[3] = pn64 >> 16; 926 seq->ccmp.pn[2] = pn64 >> 24; 927 seq->ccmp.pn[1] = pn64 >> 32; 928 seq->ccmp.pn[0] = pn64 >> 40; 929 break; 930 case WLAN_CIPHER_SUITE_GCMP: 931 case WLAN_CIPHER_SUITE_GCMP_256: 932 pn64 = atomic64_read(&key->u.gcmp.tx_pn); 933 seq->gcmp.pn[5] = pn64; 934 seq->gcmp.pn[4] = pn64 >> 8; 935 seq->gcmp.pn[3] = pn64 >> 16; 936 seq->gcmp.pn[2] = pn64 >> 24; 937 seq->gcmp.pn[1] = pn64 >> 32; 938 seq->gcmp.pn[0] = pn64 >> 40; 939 break; 940 default: 941 WARN_ON(1); 942 } 943} 944EXPORT_SYMBOL(ieee80211_get_key_tx_seq); 945 946void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf, 947 int tid, struct ieee80211_key_seq *seq) 948{ 949 struct ieee80211_key *key; 950 const u8 *pn; 951 952 key = container_of(keyconf, struct ieee80211_key, conf); 953 954 switch (key->conf.cipher) { 955 case WLAN_CIPHER_SUITE_TKIP: 956 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 957 return; 958 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32; 959 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16; 960 break; 961 case WLAN_CIPHER_SUITE_CCMP: 962 case WLAN_CIPHER_SUITE_CCMP_256: 963 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 964 return; 965 if (tid < 0) 966 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 967 else 968 pn = key->u.ccmp.rx_pn[tid]; 969 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN); 970 break; 971 case WLAN_CIPHER_SUITE_AES_CMAC: 972 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 973 if (WARN_ON(tid != 0)) 974 return; 975 pn = key->u.aes_cmac.rx_pn; 976 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN); 977 break; 978 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 979 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 980 if (WARN_ON(tid != 0)) 981 return; 982 pn = key->u.aes_gmac.rx_pn; 983 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN); 984 break; 985 case WLAN_CIPHER_SUITE_GCMP: 986 case WLAN_CIPHER_SUITE_GCMP_256: 987 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 988 return; 989 if (tid < 0) 990 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 991 else 992 pn = key->u.gcmp.rx_pn[tid]; 993 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN); 994 break; 995 } 996} 997EXPORT_SYMBOL(ieee80211_get_key_rx_seq); 998 999void ieee80211_set_key_tx_seq(struct ieee80211_key_conf *keyconf, 1000 struct ieee80211_key_seq *seq) 1001{ 1002 struct ieee80211_key *key; 1003 u64 pn64; 1004 1005 key = container_of(keyconf, struct ieee80211_key, conf); 1006 1007 switch (key->conf.cipher) { 1008 case WLAN_CIPHER_SUITE_TKIP: 1009 key->u.tkip.tx.iv32 = seq->tkip.iv32; 1010 key->u.tkip.tx.iv16 = seq->tkip.iv16; 1011 break; 1012 case WLAN_CIPHER_SUITE_CCMP: 1013 case WLAN_CIPHER_SUITE_CCMP_256: 1014 pn64 = (u64)seq->ccmp.pn[5] | 1015 ((u64)seq->ccmp.pn[4] << 8) | 1016 ((u64)seq->ccmp.pn[3] << 16) | 1017 ((u64)seq->ccmp.pn[2] << 24) | 1018 ((u64)seq->ccmp.pn[1] << 32) | 1019 ((u64)seq->ccmp.pn[0] << 40); 1020 atomic64_set(&key->u.ccmp.tx_pn, pn64); 1021 break; 1022 case WLAN_CIPHER_SUITE_AES_CMAC: 1023 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1024 pn64 = (u64)seq->aes_cmac.pn[5] | 1025 ((u64)seq->aes_cmac.pn[4] << 8) | 1026 ((u64)seq->aes_cmac.pn[3] << 16) | 1027 ((u64)seq->aes_cmac.pn[2] << 24) | 1028 ((u64)seq->aes_cmac.pn[1] << 32) | 1029 ((u64)seq->aes_cmac.pn[0] << 40); 1030 atomic64_set(&key->u.aes_cmac.tx_pn, pn64); 1031 break; 1032 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1033 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1034 pn64 = (u64)seq->aes_gmac.pn[5] | 1035 ((u64)seq->aes_gmac.pn[4] << 8) | 1036 ((u64)seq->aes_gmac.pn[3] << 16) | 1037 ((u64)seq->aes_gmac.pn[2] << 24) | 1038 ((u64)seq->aes_gmac.pn[1] << 32) | 1039 ((u64)seq->aes_gmac.pn[0] << 40); 1040 atomic64_set(&key->u.aes_gmac.tx_pn, pn64); 1041 break; 1042 case WLAN_CIPHER_SUITE_GCMP: 1043 case WLAN_CIPHER_SUITE_GCMP_256: 1044 pn64 = (u64)seq->gcmp.pn[5] | 1045 ((u64)seq->gcmp.pn[4] << 8) | 1046 ((u64)seq->gcmp.pn[3] << 16) | 1047 ((u64)seq->gcmp.pn[2] << 24) | 1048 ((u64)seq->gcmp.pn[1] << 32) | 1049 ((u64)seq->gcmp.pn[0] << 40); 1050 atomic64_set(&key->u.gcmp.tx_pn, pn64); 1051 break; 1052 default: 1053 WARN_ON(1); 1054 break; 1055 } 1056} 1057EXPORT_SYMBOL_GPL(ieee80211_set_key_tx_seq); 1058 1059void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf, 1060 int tid, struct ieee80211_key_seq *seq) 1061{ 1062 struct ieee80211_key *key; 1063 u8 *pn; 1064 1065 key = container_of(keyconf, struct ieee80211_key, conf); 1066 1067 switch (key->conf.cipher) { 1068 case WLAN_CIPHER_SUITE_TKIP: 1069 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 1070 return; 1071 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32; 1072 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16; 1073 break; 1074 case WLAN_CIPHER_SUITE_CCMP: 1075 case WLAN_CIPHER_SUITE_CCMP_256: 1076 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1077 return; 1078 if (tid < 0) 1079 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 1080 else 1081 pn = key->u.ccmp.rx_pn[tid]; 1082 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN); 1083 break; 1084 case WLAN_CIPHER_SUITE_AES_CMAC: 1085 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1086 if (WARN_ON(tid != 0)) 1087 return; 1088 pn = key->u.aes_cmac.rx_pn; 1089 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN); 1090 break; 1091 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1092 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1093 if (WARN_ON(tid != 0)) 1094 return; 1095 pn = key->u.aes_gmac.rx_pn; 1096 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN); 1097 break; 1098 case WLAN_CIPHER_SUITE_GCMP: 1099 case WLAN_CIPHER_SUITE_GCMP_256: 1100 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1101 return; 1102 if (tid < 0) 1103 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 1104 else 1105 pn = key->u.gcmp.rx_pn[tid]; 1106 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN); 1107 break; 1108 default: 1109 WARN_ON(1); 1110 break; 1111 } 1112} 1113EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq); 1114 1115void ieee80211_remove_key(struct ieee80211_key_conf *keyconf) 1116{ 1117 struct ieee80211_key *key; 1118 1119 key = container_of(keyconf, struct ieee80211_key, conf); 1120 1121 assert_key_lock(key->local); 1122 1123 /* 1124 * if key was uploaded, we assume the driver will/has remove(d) 1125 * it, so adjust bookkeeping accordingly 1126 */ 1127 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 1128 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 1129 1130 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 1131 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 1132 increment_tailroom_need_count(key->sdata); 1133 } 1134 1135 ieee80211_key_free(key, false); 1136} 1137EXPORT_SYMBOL_GPL(ieee80211_remove_key); 1138 1139struct ieee80211_key_conf * 1140ieee80211_gtk_rekey_add(struct ieee80211_vif *vif, 1141 struct ieee80211_key_conf *keyconf) 1142{ 1143 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1144 struct ieee80211_local *local = sdata->local; 1145 struct ieee80211_key *key; 1146 int err; 1147 1148 if (WARN_ON(!local->wowlan)) 1149 return ERR_PTR(-EINVAL); 1150 1151 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION)) 1152 return ERR_PTR(-EINVAL); 1153 1154 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx, 1155 keyconf->keylen, keyconf->key, 1156 0, NULL, NULL); 1157 if (IS_ERR(key)) 1158 return ERR_CAST(key); 1159 1160 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED) 1161 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT; 1162 1163 err = ieee80211_key_link(key, sdata, NULL); 1164 if (err) 1165 return ERR_PTR(err); 1166 1167 return &key->conf; 1168} 1169EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add); 1170