2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
6 * Copyright 2013-2014 Intel Mobile Communications GmbH
7 * Copyright 2017 Intel Deutschland GmbH
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
14 #include <linux/if_ether.h>
15 #include <linux/etherdevice.h>
16 #include <linux/list.h>
17 #include <linux/rcupdate.h>
18 #include <linux/rtnetlink.h>
19 #include <linux/slab.h>
20 #include <linux/export.h>
21 #include <net/mac80211.h>
22 #include <crypto/algapi.h>
23 #include <asm/unaligned.h>
24 #include "ieee80211_i.h"
25 #include "driver-ops.h"
26 #include "debugfs_key.h"
34 * DOC: Key handling basics
36 * Key handling in mac80211 is done based on per-interface (sub_if_data)
37 * keys and per-station keys. Since each station belongs to an interface,
38 * each station key also belongs to that interface.
40 * Hardware acceleration is done on a best-effort basis for algorithms
41 * that are implemented in software, for each key the hardware is asked
42 * to enable that key for offloading but if it cannot do that the key is
43 * simply kept for software encryption (unless it is for an algorithm
44 * that isn't implemented in software).
45 * There is currently no way of knowing whether a key is handled in SW
46 * or HW except by looking into debugfs.
48 * All key management is internally protected by a mutex. Within all
49 * other parts of mac80211, key references are, just as STA structure
50 * references, protected by RCU. Note, however, that some things are
51 * unprotected, namely the key->sta dereferences within the hardware
52 * acceleration functions. This means that sta_info_destroy() must
53 * remove the key which waits for an RCU grace period.
56 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
58 static void assert_key_lock(struct ieee80211_local *local)
60 lockdep_assert_held(&local->key_mtx);
64 update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta)
66 struct ieee80211_sub_if_data *vlan;
68 if (sdata->vif.type != NL80211_IFTYPE_AP)
71 /* crypto_tx_tailroom_needed_cnt is protected by this */
72 assert_key_lock(sdata->local);
76 list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list)
77 vlan->crypto_tx_tailroom_needed_cnt += delta;
82 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
85 * When this count is zero, SKB resizing for allocating tailroom
86 * for IV or MMIC is skipped. But, this check has created two race
87 * cases in xmit path while transiting from zero count to one:
89 * 1. SKB resize was skipped because no key was added but just before
90 * the xmit key is added and SW encryption kicks off.
92 * 2. SKB resize was skipped because all the keys were hw planted but
93 * just before xmit one of the key is deleted and SW encryption kicks
96 * In both the above case SW encryption will find not enough space for
97 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
99 * Solution has been explained at
100 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
103 assert_key_lock(sdata->local);
105 update_vlan_tailroom_need_count(sdata, 1);
107 if (!sdata->crypto_tx_tailroom_needed_cnt++) {
109 * Flush all XMIT packets currently using HW encryption or no
110 * encryption at all if the count transition is from 0 -> 1.
116 static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata,
119 assert_key_lock(sdata->local);
121 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta);
123 update_vlan_tailroom_need_count(sdata, -delta);
124 sdata->crypto_tx_tailroom_needed_cnt -= delta;
127 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
129 struct ieee80211_sub_if_data *sdata;
130 struct sta_info *sta;
131 int ret = -EOPNOTSUPP;
135 if (key->flags & KEY_FLAG_TAINTED) {
136 /* If we get here, it's during resume and the key is
137 * tainted so shouldn't be used/programmed any more.
138 * However, its flags may still indicate that it was
139 * programmed into the device (since we're in resume)
140 * so clear that flag now to avoid trying to remove
143 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
147 if (!key->local->ops->set_key)
148 goto out_unsupported;
150 assert_key_lock(key->local);
155 * If this is a per-STA GTK, check if it
156 * is supported; if not, return.
158 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) &&
159 !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK))
160 goto out_unsupported;
162 if (sta && !sta->uploaded)
163 goto out_unsupported;
166 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
168 * The driver doesn't know anything about VLAN interfaces.
169 * Hence, don't send GTKs for VLAN interfaces to the driver.
171 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE))
172 goto out_unsupported;
175 ret = drv_set_key(key->local, SET_KEY, sdata,
176 sta ? &sta->sta : NULL, &key->conf);
179 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
181 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
182 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
183 decrease_tailroom_need_count(sdata, 1);
185 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
186 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV));
191 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1)
193 "failed to set key (%d, %pM) to hardware (%d)\n",
195 sta ? sta->sta.addr : bcast_addr, ret);
198 switch (key->conf.cipher) {
199 case WLAN_CIPHER_SUITE_WEP40:
200 case WLAN_CIPHER_SUITE_WEP104:
201 case WLAN_CIPHER_SUITE_TKIP:
202 case WLAN_CIPHER_SUITE_CCMP:
203 case WLAN_CIPHER_SUITE_CCMP_256:
204 case WLAN_CIPHER_SUITE_AES_CMAC:
205 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
206 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
207 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
208 case WLAN_CIPHER_SUITE_GCMP:
209 case WLAN_CIPHER_SUITE_GCMP_256:
210 /* all of these we can do in software - if driver can */
213 if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL))
221 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
223 struct ieee80211_sub_if_data *sdata;
224 struct sta_info *sta;
229 if (!key || !key->local->ops->set_key)
232 assert_key_lock(key->local);
234 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
240 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
241 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
242 increment_tailroom_need_count(sdata);
244 ret = drv_set_key(key->local, DISABLE_KEY, sdata,
245 sta ? &sta->sta : NULL, &key->conf);
249 "failed to remove key (%d, %pM) from hardware (%d)\n",
251 sta ? sta->sta.addr : bcast_addr, ret);
253 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
256 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
257 int idx, bool uni, bool multi)
259 struct ieee80211_key *key = NULL;
261 assert_key_lock(sdata->local);
263 if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
264 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
267 rcu_assign_pointer(sdata->default_unicast_key, key);
268 ieee80211_check_fast_xmit_iface(sdata);
269 drv_set_default_unicast_key(sdata->local, sdata, idx);
273 rcu_assign_pointer(sdata->default_multicast_key, key);
275 ieee80211_debugfs_key_update_default(sdata);
278 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
279 bool uni, bool multi)
281 mutex_lock(&sdata->local->key_mtx);
282 __ieee80211_set_default_key(sdata, idx, uni, multi);
283 mutex_unlock(&sdata->local->key_mtx);
287 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
289 struct ieee80211_key *key = NULL;
291 assert_key_lock(sdata->local);
293 if (idx >= NUM_DEFAULT_KEYS &&
294 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
295 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
297 rcu_assign_pointer(sdata->default_mgmt_key, key);
299 ieee80211_debugfs_key_update_default(sdata);
302 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
305 mutex_lock(&sdata->local->key_mtx);
306 __ieee80211_set_default_mgmt_key(sdata, idx);
307 mutex_unlock(&sdata->local->key_mtx);
311 static void ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
312 struct sta_info *sta,
314 struct ieee80211_key *old,
315 struct ieee80211_key *new)
318 bool defunikey, defmultikey, defmgmtkey;
320 /* caller must provide at least one old/new */
321 if (WARN_ON(!new && !old))
325 list_add_tail(&new->list, &sdata->key_list);
327 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
330 idx = old->conf.keyidx;
332 idx = new->conf.keyidx;
336 rcu_assign_pointer(sta->ptk[idx], new);
338 ieee80211_check_fast_xmit(sta);
340 rcu_assign_pointer(sta->gtk[idx], new);
344 old == key_mtx_dereference(sdata->local,
345 sdata->default_unicast_key);
347 old == key_mtx_dereference(sdata->local,
348 sdata->default_multicast_key);
350 old == key_mtx_dereference(sdata->local,
351 sdata->default_mgmt_key);
353 if (defunikey && !new)
354 __ieee80211_set_default_key(sdata, -1, true, false);
355 if (defmultikey && !new)
356 __ieee80211_set_default_key(sdata, -1, false, true);
357 if (defmgmtkey && !new)
358 __ieee80211_set_default_mgmt_key(sdata, -1);
360 rcu_assign_pointer(sdata->keys[idx], new);
361 if (defunikey && new)
362 __ieee80211_set_default_key(sdata, new->conf.keyidx,
364 if (defmultikey && new)
365 __ieee80211_set_default_key(sdata, new->conf.keyidx,
367 if (defmgmtkey && new)
368 __ieee80211_set_default_mgmt_key(sdata,
373 list_del(&old->list);
376 struct ieee80211_key *
377 ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
379 size_t seq_len, const u8 *seq,
380 const struct ieee80211_cipher_scheme *cs)
382 struct ieee80211_key *key;
385 if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS))
386 return ERR_PTR(-EINVAL);
388 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
390 return ERR_PTR(-ENOMEM);
393 * Default to software encryption; we'll later upload the
394 * key to the hardware if possible.
399 key->conf.cipher = cipher;
400 key->conf.keyidx = idx;
401 key->conf.keylen = key_len;
403 case WLAN_CIPHER_SUITE_WEP40:
404 case WLAN_CIPHER_SUITE_WEP104:
405 key->conf.iv_len = IEEE80211_WEP_IV_LEN;
406 key->conf.icv_len = IEEE80211_WEP_ICV_LEN;
408 case WLAN_CIPHER_SUITE_TKIP:
409 key->conf.iv_len = IEEE80211_TKIP_IV_LEN;
410 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN;
412 for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
413 key->u.tkip.rx[i].iv32 =
414 get_unaligned_le32(&seq[2]);
415 key->u.tkip.rx[i].iv16 =
416 get_unaligned_le16(seq);
419 spin_lock_init(&key->u.tkip.txlock);
421 case WLAN_CIPHER_SUITE_CCMP:
422 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN;
423 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN;
425 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
426 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++)
427 key->u.ccmp.rx_pn[i][j] =
428 seq[IEEE80211_CCMP_PN_LEN - j - 1];
431 * Initialize AES key state here as an optimization so that
432 * it does not need to be initialized for every packet.
434 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
435 key_data, key_len, IEEE80211_CCMP_MIC_LEN);
436 if (IS_ERR(key->u.ccmp.tfm)) {
437 err = PTR_ERR(key->u.ccmp.tfm);
442 case WLAN_CIPHER_SUITE_CCMP_256:
443 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN;
444 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN;
445 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
446 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++)
447 key->u.ccmp.rx_pn[i][j] =
448 seq[IEEE80211_CCMP_256_PN_LEN - j - 1];
449 /* Initialize AES key state here as an optimization so that
450 * it does not need to be initialized for every packet.
452 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
453 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN);
454 if (IS_ERR(key->u.ccmp.tfm)) {
455 err = PTR_ERR(key->u.ccmp.tfm);
460 case WLAN_CIPHER_SUITE_AES_CMAC:
461 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
462 key->conf.iv_len = 0;
463 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC)
464 key->conf.icv_len = sizeof(struct ieee80211_mmie);
466 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
468 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
469 key->u.aes_cmac.rx_pn[j] =
470 seq[IEEE80211_CMAC_PN_LEN - j - 1];
472 * Initialize AES key state here as an optimization so that
473 * it does not need to be initialized for every packet.
475 key->u.aes_cmac.tfm =
476 ieee80211_aes_cmac_key_setup(key_data, key_len);
477 if (IS_ERR(key->u.aes_cmac.tfm)) {
478 err = PTR_ERR(key->u.aes_cmac.tfm);
483 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
484 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
485 key->conf.iv_len = 0;
486 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
488 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++)
489 key->u.aes_gmac.rx_pn[j] =
490 seq[IEEE80211_GMAC_PN_LEN - j - 1];
491 /* Initialize AES key state here as an optimization so that
492 * it does not need to be initialized for every packet.
494 key->u.aes_gmac.tfm =
495 ieee80211_aes_gmac_key_setup(key_data, key_len);
496 if (IS_ERR(key->u.aes_gmac.tfm)) {
497 err = PTR_ERR(key->u.aes_gmac.tfm);
502 case WLAN_CIPHER_SUITE_GCMP:
503 case WLAN_CIPHER_SUITE_GCMP_256:
504 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN;
505 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN;
506 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
507 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++)
508 key->u.gcmp.rx_pn[i][j] =
509 seq[IEEE80211_GCMP_PN_LEN - j - 1];
510 /* Initialize AES key state here as an optimization so that
511 * it does not need to be initialized for every packet.
513 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data,
515 if (IS_ERR(key->u.gcmp.tfm)) {
516 err = PTR_ERR(key->u.gcmp.tfm);
523 if (seq_len && seq_len != cs->pn_len) {
525 return ERR_PTR(-EINVAL);
528 key->conf.iv_len = cs->hdr_len;
529 key->conf.icv_len = cs->mic_len;
530 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
531 for (j = 0; j < seq_len; j++)
532 key->u.gen.rx_pn[i][j] =
533 seq[seq_len - j - 1];
534 key->flags |= KEY_FLAG_CIPHER_SCHEME;
537 memcpy(key->conf.key, key_data, key_len);
538 INIT_LIST_HEAD(&key->list);
543 static void ieee80211_key_free_common(struct ieee80211_key *key)
545 switch (key->conf.cipher) {
546 case WLAN_CIPHER_SUITE_CCMP:
547 case WLAN_CIPHER_SUITE_CCMP_256:
548 ieee80211_aes_key_free(key->u.ccmp.tfm);
550 case WLAN_CIPHER_SUITE_AES_CMAC:
551 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
552 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
554 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
555 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
556 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm);
558 case WLAN_CIPHER_SUITE_GCMP:
559 case WLAN_CIPHER_SUITE_GCMP_256:
560 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm);
566 static void __ieee80211_key_destroy(struct ieee80211_key *key,
570 ieee80211_key_disable_hw_accel(key);
573 struct ieee80211_sub_if_data *sdata = key->sdata;
575 ieee80211_debugfs_key_remove(key);
577 if (delay_tailroom) {
578 /* see ieee80211_delayed_tailroom_dec */
579 sdata->crypto_tx_tailroom_pending_dec++;
580 schedule_delayed_work(&sdata->dec_tailroom_needed_wk,
583 decrease_tailroom_need_count(sdata, 1);
587 ieee80211_key_free_common(key);
590 static void ieee80211_key_destroy(struct ieee80211_key *key,
597 * Synchronize so the TX path can no longer be using
598 * this key before we free/remove it.
602 __ieee80211_key_destroy(key, delay_tailroom);
605 void ieee80211_key_free_unused(struct ieee80211_key *key)
607 WARN_ON(key->sdata || key->local);
608 ieee80211_key_free_common(key);
611 static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata,
612 struct ieee80211_key *old,
613 struct ieee80211_key *new)
615 u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP];
618 if (!old || new->conf.keylen != old->conf.keylen)
621 tk_old = old->conf.key;
622 tk_new = new->conf.key;
625 * In station mode, don't compare the TX MIC key, as it's never used
626 * and offloaded rekeying may not care to send it to the host. This
627 * is the case in iwlwifi, for example.
629 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
630 new->conf.cipher == WLAN_CIPHER_SUITE_TKIP &&
631 new->conf.keylen == WLAN_KEY_LEN_TKIP &&
632 !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
633 memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP);
634 memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP);
635 memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
636 memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
641 return !crypto_memneq(tk_old, tk_new, new->conf.keylen);
644 int ieee80211_key_link(struct ieee80211_key *key,
645 struct ieee80211_sub_if_data *sdata,
646 struct sta_info *sta)
648 struct ieee80211_local *local = sdata->local;
649 struct ieee80211_key *old_key;
650 int idx = key->conf.keyidx;
651 bool pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
653 * We want to delay tailroom updates only for station - in that
654 * case it helps roaming speed, but in other cases it hurts and
655 * can cause warnings to appear.
657 bool delay_tailroom = sdata->vif.type == NL80211_IFTYPE_STATION;
660 mutex_lock(&sdata->local->key_mtx);
663 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]);
665 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]);
667 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
670 * Silently accept key re-installation without really installing the
671 * new version of the key to avoid nonce reuse or replay issues.
673 if (ieee80211_key_identical(sdata, old_key, key)) {
674 ieee80211_key_free_unused(key);
679 key->local = sdata->local;
683 increment_tailroom_need_count(sdata);
685 ieee80211_key_replace(sdata, sta, pairwise, old_key, key);
686 ieee80211_key_destroy(old_key, delay_tailroom);
688 ieee80211_debugfs_key_add(key);
690 if (!local->wowlan) {
691 ret = ieee80211_key_enable_hw_accel(key);
693 ieee80211_key_free(key, delay_tailroom);
699 mutex_unlock(&sdata->local->key_mtx);
704 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom)
710 * Replace key with nothingness if it was ever used.
713 ieee80211_key_replace(key->sdata, key->sta,
714 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
716 ieee80211_key_destroy(key, delay_tailroom);
719 void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata)
721 struct ieee80211_key *key;
722 struct ieee80211_sub_if_data *vlan;
726 if (WARN_ON(!ieee80211_sdata_running(sdata)))
729 mutex_lock(&sdata->local->key_mtx);
731 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
732 sdata->crypto_tx_tailroom_pending_dec);
734 if (sdata->vif.type == NL80211_IFTYPE_AP) {
735 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
736 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
737 vlan->crypto_tx_tailroom_pending_dec);
740 list_for_each_entry(key, &sdata->key_list, list) {
741 increment_tailroom_need_count(sdata);
742 ieee80211_key_enable_hw_accel(key);
745 mutex_unlock(&sdata->local->key_mtx);
748 void ieee80211_reset_crypto_tx_tailroom(struct ieee80211_sub_if_data *sdata)
750 struct ieee80211_sub_if_data *vlan;
752 mutex_lock(&sdata->local->key_mtx);
754 sdata->crypto_tx_tailroom_needed_cnt = 0;
756 if (sdata->vif.type == NL80211_IFTYPE_AP) {
757 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
758 vlan->crypto_tx_tailroom_needed_cnt = 0;
761 mutex_unlock(&sdata->local->key_mtx);
764 void ieee80211_iter_keys(struct ieee80211_hw *hw,
765 struct ieee80211_vif *vif,
766 void (*iter)(struct ieee80211_hw *hw,
767 struct ieee80211_vif *vif,
768 struct ieee80211_sta *sta,
769 struct ieee80211_key_conf *key,
773 struct ieee80211_local *local = hw_to_local(hw);
774 struct ieee80211_key *key, *tmp;
775 struct ieee80211_sub_if_data *sdata;
779 mutex_lock(&local->key_mtx);
781 sdata = vif_to_sdata(vif);
782 list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
783 iter(hw, &sdata->vif,
784 key->sta ? &key->sta->sta : NULL,
785 &key->conf, iter_data);
787 list_for_each_entry(sdata, &local->interfaces, list)
788 list_for_each_entry_safe(key, tmp,
789 &sdata->key_list, list)
790 iter(hw, &sdata->vif,
791 key->sta ? &key->sta->sta : NULL,
792 &key->conf, iter_data);
794 mutex_unlock(&local->key_mtx);
796 EXPORT_SYMBOL(ieee80211_iter_keys);
798 static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata,
799 struct list_head *keys)
801 struct ieee80211_key *key, *tmp;
803 decrease_tailroom_need_count(sdata,
804 sdata->crypto_tx_tailroom_pending_dec);
805 sdata->crypto_tx_tailroom_pending_dec = 0;
807 ieee80211_debugfs_key_remove_mgmt_default(sdata);
809 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) {
810 ieee80211_key_replace(key->sdata, key->sta,
811 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
813 list_add_tail(&key->list, keys);
816 ieee80211_debugfs_key_update_default(sdata);
819 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata,
820 bool force_synchronize)
822 struct ieee80211_local *local = sdata->local;
823 struct ieee80211_sub_if_data *vlan;
824 struct ieee80211_sub_if_data *master;
825 struct ieee80211_key *key, *tmp;
828 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk);
830 mutex_lock(&local->key_mtx);
832 ieee80211_free_keys_iface(sdata, &keys);
834 if (sdata->vif.type == NL80211_IFTYPE_AP) {
835 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
836 ieee80211_free_keys_iface(vlan, &keys);
839 if (!list_empty(&keys) || force_synchronize)
841 list_for_each_entry_safe(key, tmp, &keys, list)
842 __ieee80211_key_destroy(key, false);
844 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
846 master = container_of(sdata->bss,
847 struct ieee80211_sub_if_data,
850 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt !=
851 master->crypto_tx_tailroom_needed_cnt);
854 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
855 sdata->crypto_tx_tailroom_pending_dec);
858 if (sdata->vif.type == NL80211_IFTYPE_AP) {
859 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
860 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
861 vlan->crypto_tx_tailroom_pending_dec);
864 mutex_unlock(&local->key_mtx);
867 void ieee80211_free_sta_keys(struct ieee80211_local *local,
868 struct sta_info *sta)
870 struct ieee80211_key *key;
873 mutex_lock(&local->key_mtx);
874 for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) {
875 key = key_mtx_dereference(local, sta->gtk[i]);
878 ieee80211_key_replace(key->sdata, key->sta,
879 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
881 __ieee80211_key_destroy(key, key->sdata->vif.type ==
882 NL80211_IFTYPE_STATION);
885 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
886 key = key_mtx_dereference(local, sta->ptk[i]);
889 ieee80211_key_replace(key->sdata, key->sta,
890 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
892 __ieee80211_key_destroy(key, key->sdata->vif.type ==
893 NL80211_IFTYPE_STATION);
896 mutex_unlock(&local->key_mtx);
899 void ieee80211_delayed_tailroom_dec(struct work_struct *wk)
901 struct ieee80211_sub_if_data *sdata;
903 sdata = container_of(wk, struct ieee80211_sub_if_data,
904 dec_tailroom_needed_wk.work);
907 * The reason for the delayed tailroom needed decrementing is to
908 * make roaming faster: during roaming, all keys are first deleted
909 * and then new keys are installed. The first new key causes the
910 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes
911 * the cost of synchronize_net() (which can be slow). Avoid this
912 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on
913 * key removal for a while, so if we roam the value is larger than
914 * zero and no 0->1 transition happens.
916 * The cost is that if the AP switching was from an AP with keys
917 * to one without, we still allocate tailroom while it would no
918 * longer be needed. However, in the typical (fast) roaming case
919 * within an ESS this usually won't happen.
922 mutex_lock(&sdata->local->key_mtx);
923 decrease_tailroom_need_count(sdata,
924 sdata->crypto_tx_tailroom_pending_dec);
925 sdata->crypto_tx_tailroom_pending_dec = 0;
926 mutex_unlock(&sdata->local->key_mtx);
929 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid,
930 const u8 *replay_ctr, gfp_t gfp)
932 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
934 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr);
936 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp);
938 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify);
940 void ieee80211_get_key_tx_seq(struct ieee80211_key_conf *keyconf,
941 struct ieee80211_key_seq *seq)
943 struct ieee80211_key *key;
946 if (WARN_ON(!(keyconf->flags & IEEE80211_KEY_FLAG_GENERATE_IV)))
949 key = container_of(keyconf, struct ieee80211_key, conf);
951 switch (key->conf.cipher) {
952 case WLAN_CIPHER_SUITE_TKIP:
953 seq->tkip.iv32 = key->u.tkip.tx.iv32;
954 seq->tkip.iv16 = key->u.tkip.tx.iv16;
956 case WLAN_CIPHER_SUITE_CCMP:
957 case WLAN_CIPHER_SUITE_CCMP_256:
958 case WLAN_CIPHER_SUITE_AES_CMAC:
959 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
960 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) !=
961 offsetof(typeof(*seq), aes_cmac));
962 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
963 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
964 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) !=
965 offsetof(typeof(*seq), aes_gmac));
966 case WLAN_CIPHER_SUITE_GCMP:
967 case WLAN_CIPHER_SUITE_GCMP_256:
968 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) !=
969 offsetof(typeof(*seq), gcmp));
970 pn64 = atomic64_read(&key->conf.tx_pn);
971 seq->ccmp.pn[5] = pn64;
972 seq->ccmp.pn[4] = pn64 >> 8;
973 seq->ccmp.pn[3] = pn64 >> 16;
974 seq->ccmp.pn[2] = pn64 >> 24;
975 seq->ccmp.pn[1] = pn64 >> 32;
976 seq->ccmp.pn[0] = pn64 >> 40;
982 EXPORT_SYMBOL(ieee80211_get_key_tx_seq);
984 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
985 int tid, struct ieee80211_key_seq *seq)
987 struct ieee80211_key *key;
990 key = container_of(keyconf, struct ieee80211_key, conf);
992 switch (key->conf.cipher) {
993 case WLAN_CIPHER_SUITE_TKIP:
994 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
996 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32;
997 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
999 case WLAN_CIPHER_SUITE_CCMP:
1000 case WLAN_CIPHER_SUITE_CCMP_256:
1001 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1004 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1006 pn = key->u.ccmp.rx_pn[tid];
1007 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
1009 case WLAN_CIPHER_SUITE_AES_CMAC:
1010 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1011 if (WARN_ON(tid != 0))
1013 pn = key->u.aes_cmac.rx_pn;
1014 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
1016 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1017 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1018 if (WARN_ON(tid != 0))
1020 pn = key->u.aes_gmac.rx_pn;
1021 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN);
1023 case WLAN_CIPHER_SUITE_GCMP:
1024 case WLAN_CIPHER_SUITE_GCMP_256:
1025 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1028 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1030 pn = key->u.gcmp.rx_pn[tid];
1031 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN);
1035 EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
1037 void ieee80211_set_key_tx_seq(struct ieee80211_key_conf *keyconf,
1038 struct ieee80211_key_seq *seq)
1040 struct ieee80211_key *key;
1043 key = container_of(keyconf, struct ieee80211_key, conf);
1045 switch (key->conf.cipher) {
1046 case WLAN_CIPHER_SUITE_TKIP:
1047 key->u.tkip.tx.iv32 = seq->tkip.iv32;
1048 key->u.tkip.tx.iv16 = seq->tkip.iv16;
1050 case WLAN_CIPHER_SUITE_CCMP:
1051 case WLAN_CIPHER_SUITE_CCMP_256:
1052 case WLAN_CIPHER_SUITE_AES_CMAC:
1053 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1054 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) !=
1055 offsetof(typeof(*seq), aes_cmac));
1056 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1057 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1058 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) !=
1059 offsetof(typeof(*seq), aes_gmac));
1060 case WLAN_CIPHER_SUITE_GCMP:
1061 case WLAN_CIPHER_SUITE_GCMP_256:
1062 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) !=
1063 offsetof(typeof(*seq), gcmp));
1064 pn64 = (u64)seq->ccmp.pn[5] |
1065 ((u64)seq->ccmp.pn[4] << 8) |
1066 ((u64)seq->ccmp.pn[3] << 16) |
1067 ((u64)seq->ccmp.pn[2] << 24) |
1068 ((u64)seq->ccmp.pn[1] << 32) |
1069 ((u64)seq->ccmp.pn[0] << 40);
1070 atomic64_set(&key->conf.tx_pn, pn64);
1077 EXPORT_SYMBOL_GPL(ieee80211_set_key_tx_seq);
1079 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
1080 int tid, struct ieee80211_key_seq *seq)
1082 struct ieee80211_key *key;
1085 key = container_of(keyconf, struct ieee80211_key, conf);
1087 switch (key->conf.cipher) {
1088 case WLAN_CIPHER_SUITE_TKIP:
1089 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1091 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32;
1092 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
1094 case WLAN_CIPHER_SUITE_CCMP:
1095 case WLAN_CIPHER_SUITE_CCMP_256:
1096 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1099 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1101 pn = key->u.ccmp.rx_pn[tid];
1102 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
1104 case WLAN_CIPHER_SUITE_AES_CMAC:
1105 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1106 if (WARN_ON(tid != 0))
1108 pn = key->u.aes_cmac.rx_pn;
1109 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
1111 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1112 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1113 if (WARN_ON(tid != 0))
1115 pn = key->u.aes_gmac.rx_pn;
1116 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN);
1118 case WLAN_CIPHER_SUITE_GCMP:
1119 case WLAN_CIPHER_SUITE_GCMP_256:
1120 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1123 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1125 pn = key->u.gcmp.rx_pn[tid];
1126 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN);
1133 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq);
1135 void ieee80211_remove_key(struct ieee80211_key_conf *keyconf)
1137 struct ieee80211_key *key;
1139 key = container_of(keyconf, struct ieee80211_key, conf);
1141 assert_key_lock(key->local);
1144 * if key was uploaded, we assume the driver will/has remove(d)
1145 * it, so adjust bookkeeping accordingly
1147 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
1148 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
1150 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
1151 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
1152 increment_tailroom_need_count(key->sdata);
1155 ieee80211_key_free(key, false);
1157 EXPORT_SYMBOL_GPL(ieee80211_remove_key);
1159 struct ieee80211_key_conf *
1160 ieee80211_gtk_rekey_add(struct ieee80211_vif *vif,
1161 struct ieee80211_key_conf *keyconf)
1163 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1164 struct ieee80211_local *local = sdata->local;
1165 struct ieee80211_key *key;
1168 if (WARN_ON(!local->wowlan))
1169 return ERR_PTR(-EINVAL);
1171 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
1172 return ERR_PTR(-EINVAL);
1174 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx,
1175 keyconf->keylen, keyconf->key,
1178 return ERR_CAST(key);
1180 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
1181 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
1183 err = ieee80211_key_link(key, sdata, NULL);
1185 return ERR_PTR(err);
1189 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add);