Gitiles
Code Review Sign In
gerrit.nordix.org / codeaurora / cp-linux / c9398ad8a107f96d44e8a7ef3a09f788ed53c119 / . / net / mac80211 / key.c
blob: 4a72c0d1e56f9a3c5be552352839fc58811d23ee [file] [log] [blame]
Kyle Swenson8d8f6542021-03-15 11:02:55 -0600[diff] [blame]1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
6 * Copyright 2013-2014 Intel Mobile Communications GmbH
7 * Copyright 2017 Intel Deutschland GmbH
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
12 */
13
14#include <linux/if_ether.h>
15#include <linux/etherdevice.h>
16#include <linux/list.h>
17#include <linux/rcupdate.h>
18#include <linux/rtnetlink.h>
19#include <linux/slab.h>
20#include <linux/export.h>
21#include <net/mac80211.h>
22#include <crypto/algapi.h>
23#include <asm/unaligned.h>
24#include "ieee80211_i.h"
25#include "driver-ops.h"
26#include "debugfs_key.h"
27#include "aes_ccm.h"
28#include "aes_cmac.h"
29#include "aes_gmac.h"
30#include "aes_gcm.h"
31
32
33/**
34 * DOC: Key handling basics
35 *
36 * Key handling in mac80211 is done based on per-interface (sub_if_data)
37 * keys and per-station keys. Since each station belongs to an interface,
38 * each station key also belongs to that interface.
39 *
40 * Hardware acceleration is done on a best-effort basis for algorithms
41 * that are implemented in software, for each key the hardware is asked
42 * to enable that key for offloading but if it cannot do that the key is
43 * simply kept for software encryption (unless it is for an algorithm
44 * that isn't implemented in software).
45 * There is currently no way of knowing whether a key is handled in SW
46 * or HW except by looking into debugfs.
47 *
48 * All key management is internally protected by a mutex. Within all
49 * other parts of mac80211, key references are, just as STA structure
50 * references, protected by RCU. Note, however, that some things are
51 * unprotected, namely the key->sta dereferences within the hardware
52 * acceleration functions. This means that sta_info_destroy() must
53 * remove the key which waits for an RCU grace period.
54 */
55
56static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
57
58static void assert_key_lock(struct ieee80211_local *local)
59{
60 lockdep_assert_held(&local->key_mtx);
61}
62
63static void
64update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta)
65{
66 struct ieee80211_sub_if_data *vlan;
67
68 if (sdata->vif.type != NL80211_IFTYPE_AP)
69 return;
70
71 /* crypto_tx_tailroom_needed_cnt is protected by this */
72 assert_key_lock(sdata->local);
73
74 rcu_read_lock();
75
76 list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list)
77 vlan->crypto_tx_tailroom_needed_cnt += delta;
78
79 rcu_read_unlock();
80}
81
82static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
83{
84 /*
85 * When this count is zero, SKB resizing for allocating tailroom
86 * for IV or MMIC is skipped. But, this check has created two race
87 * cases in xmit path while transiting from zero count to one:
88 *
89 * 1. SKB resize was skipped because no key was added but just before
90 * the xmit key is added and SW encryption kicks off.
91 *
92 * 2. SKB resize was skipped because all the keys were hw planted but
93 * just before xmit one of the key is deleted and SW encryption kicks
94 * off.
95 *
96 * In both the above case SW encryption will find not enough space for
97 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
98 *
99 * Solution has been explained at
100 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
101 */
102
103 assert_key_lock(sdata->local);
104
105 update_vlan_tailroom_need_count(sdata, 1);
106
107 if (!sdata->crypto_tx_tailroom_needed_cnt++) {
108 /*
109 * Flush all XMIT packets currently using HW encryption or no
110 * encryption at all if the count transition is from 0 -> 1.
111 */
112 synchronize_net();
113 }
114}
115
116static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata,
117 int delta)
118{
119 assert_key_lock(sdata->local);
120
121 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta);
122
123 update_vlan_tailroom_need_count(sdata, -delta);
124 sdata->crypto_tx_tailroom_needed_cnt -= delta;
125}
126
127static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
128{
129 struct ieee80211_sub_if_data *sdata;
130 struct sta_info *sta;
131 int ret = -EOPNOTSUPP;
132
133 might_sleep();
134
135 if (key->flags & KEY_FLAG_TAINTED) {
136 /* If we get here, it's during resume and the key is
137 * tainted so shouldn't be used/programmed any more.
138 * However, its flags may still indicate that it was
139 * programmed into the device (since we're in resume)
140 * so clear that flag now to avoid trying to remove
141 * it again later.
142 */
143 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
144 return -EINVAL;
145 }
146
147 if (!key->local->ops->set_key)
148 goto out_unsupported;
149
150 assert_key_lock(key->local);
151
152 sta = key->sta;
153
154 /*
155 * If this is a per-STA GTK, check if it
156 * is supported; if not, return.
157 */
158 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) &&
159 !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK))
160 goto out_unsupported;
161
162 if (sta && !sta->uploaded)
163 goto out_unsupported;
164
165 sdata = key->sdata;
166 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
167 /*
168 * The driver doesn't know anything about VLAN interfaces.
169 * Hence, don't send GTKs for VLAN interfaces to the driver.
170 */
171 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE))
172 goto out_unsupported;
173 }
174
175 ret = drv_set_key(key->local, SET_KEY, sdata,
176 sta ? &sta->sta : NULL, &key->conf);
177
178 if (!ret) {
179 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
180
181 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
182 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
183 decrease_tailroom_need_count(sdata, 1);
184
185 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
186 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV));
187
188 return 0;
189 }
190
191 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1)
192 sdata_err(sdata,
193 "failed to set key (%d, %pM) to hardware (%d)\n",
194 key->conf.keyidx,
195 sta ? sta->sta.addr : bcast_addr, ret);
196
197 out_unsupported:
198 switch (key->conf.cipher) {
199 case WLAN_CIPHER_SUITE_WEP40:
200 case WLAN_CIPHER_SUITE_WEP104:
201 case WLAN_CIPHER_SUITE_TKIP:
202 case WLAN_CIPHER_SUITE_CCMP:
203 case WLAN_CIPHER_SUITE_CCMP_256:
204 case WLAN_CIPHER_SUITE_AES_CMAC:
205 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
206 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
207 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
208 case WLAN_CIPHER_SUITE_GCMP:
209 case WLAN_CIPHER_SUITE_GCMP_256:
210 /* all of these we can do in software - if driver can */
211 if (ret == 1)
212 return 0;
213 if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL))
214 return -EINVAL;
215 return 0;
216 default:
217 return -EINVAL;
218 }
219}
220
221static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
222{
223 struct ieee80211_sub_if_data *sdata;
224 struct sta_info *sta;
225 int ret;
226
227 might_sleep();
228
229 if (!key || !key->local->ops->set_key)
230 return;
231
232 assert_key_lock(key->local);
233
234 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
235 return;
236
237 sta = key->sta;
238 sdata = key->sdata;
239
240 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
241 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
242 increment_tailroom_need_count(sdata);
243
244 ret = drv_set_key(key->local, DISABLE_KEY, sdata,
245 sta ? &sta->sta : NULL, &key->conf);
246
247 if (ret)
248 sdata_err(sdata,
249 "failed to remove key (%d, %pM) from hardware (%d)\n",
250 key->conf.keyidx,
251 sta ? sta->sta.addr : bcast_addr, ret);
252
253 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
254}
255
256static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
257 int idx, bool uni, bool multi)
258{
259 struct ieee80211_key *key = NULL;
260
261 assert_key_lock(sdata->local);
262
263 if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
264 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
265
266 if (uni) {
267 rcu_assign_pointer(sdata->default_unicast_key, key);
268 ieee80211_check_fast_xmit_iface(sdata);
269 drv_set_default_unicast_key(sdata->local, sdata, idx);
270 }
271
272 if (multi)
273 rcu_assign_pointer(sdata->default_multicast_key, key);
274
275 ieee80211_debugfs_key_update_default(sdata);
276}
277
278void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
279 bool uni, bool multi)
280{
281 mutex_lock(&sdata->local->key_mtx);
282 __ieee80211_set_default_key(sdata, idx, uni, multi);
283 mutex_unlock(&sdata->local->key_mtx);
284}
285
286static void
287__ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
288{
289 struct ieee80211_key *key = NULL;
290
291 assert_key_lock(sdata->local);
292
293 if (idx >= NUM_DEFAULT_KEYS &&
294 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
295 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
296
297 rcu_assign_pointer(sdata->default_mgmt_key, key);
298
299 ieee80211_debugfs_key_update_default(sdata);
300}
301
302void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
303 int idx)
304{
305 mutex_lock(&sdata->local->key_mtx);
306 __ieee80211_set_default_mgmt_key(sdata, idx);
307 mutex_unlock(&sdata->local->key_mtx);
308}
309
310
311static void ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
312 struct sta_info *sta,
313 bool pairwise,
314 struct ieee80211_key *old,
315 struct ieee80211_key *new)
316{
317 int idx;
318 bool defunikey, defmultikey, defmgmtkey;
319
320 /* caller must provide at least one old/new */
321 if (WARN_ON(!new && !old))
322 return;
323
324 if (new)
325 list_add_tail(&new->list, &sdata->key_list);
326
327 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
328
329 if (old)
330 idx = old->conf.keyidx;
331 else
332 idx = new->conf.keyidx;
333
334 if (sta) {
335 if (pairwise) {
336 rcu_assign_pointer(sta->ptk[idx], new);
337 sta->ptk_idx = idx;
338 ieee80211_check_fast_xmit(sta);
339 } else {
340 rcu_assign_pointer(sta->gtk[idx], new);
341 }
342 } else {
343 defunikey = old &&
344 old == key_mtx_dereference(sdata->local,
345 sdata->default_unicast_key);
346 defmultikey = old &&
347 old == key_mtx_dereference(sdata->local,
348 sdata->default_multicast_key);
349 defmgmtkey = old &&
350 old == key_mtx_dereference(sdata->local,
351 sdata->default_mgmt_key);
352
353 if (defunikey && !new)
354 __ieee80211_set_default_key(sdata, -1, true, false);
355 if (defmultikey && !new)
356 __ieee80211_set_default_key(sdata, -1, false, true);
357 if (defmgmtkey && !new)
358 __ieee80211_set_default_mgmt_key(sdata, -1);
359
360 rcu_assign_pointer(sdata->keys[idx], new);
361 if (defunikey && new)
362 __ieee80211_set_default_key(sdata, new->conf.keyidx,
363 true, false);
364 if (defmultikey && new)
365 __ieee80211_set_default_key(sdata, new->conf.keyidx,
366 false, true);
367 if (defmgmtkey && new)
368 __ieee80211_set_default_mgmt_key(sdata,
369 new->conf.keyidx);
370 }
371
372 if (old)
373 list_del(&old->list);
374}
375
376struct ieee80211_key *
377ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
378 const u8 *key_data,
379 size_t seq_len, const u8 *seq,
380 const struct ieee80211_cipher_scheme *cs)
381{
382 struct ieee80211_key *key;
383 int i, j, err;
384
385 if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS))
386 return ERR_PTR(-EINVAL);
387
388 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
389 if (!key)
390 return ERR_PTR(-ENOMEM);
391
392 /*
393 * Default to software encryption; we'll later upload the
394 * key to the hardware if possible.
395 */
396 key->conf.flags = 0;
397 key->flags = 0;
398
399 key->conf.cipher = cipher;
400 key->conf.keyidx = idx;
401 key->conf.keylen = key_len;
402 switch (cipher) {
403 case WLAN_CIPHER_SUITE_WEP40:
404 case WLAN_CIPHER_SUITE_WEP104:
405 key->conf.iv_len = IEEE80211_WEP_IV_LEN;
406 key->conf.icv_len = IEEE80211_WEP_ICV_LEN;
407 break;
408 case WLAN_CIPHER_SUITE_TKIP:
409 key->conf.iv_len = IEEE80211_TKIP_IV_LEN;
410 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN;
411 if (seq) {
412 for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
413 key->u.tkip.rx[i].iv32 =
414 get_unaligned_le32(&seq[2]);
415 key->u.tkip.rx[i].iv16 =
416 get_unaligned_le16(seq);
417 }
418 }
419 spin_lock_init(&key->u.tkip.txlock);
420 break;
421 case WLAN_CIPHER_SUITE_CCMP:
422 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN;
423 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN;
424 if (seq) {
425 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
426 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++)
427 key->u.ccmp.rx_pn[i][j] =
428 seq[IEEE80211_CCMP_PN_LEN - j - 1];
429 }
430 /*
431 * Initialize AES key state here as an optimization so that
432 * it does not need to be initialized for every packet.
433 */
434 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
435 key_data, key_len, IEEE80211_CCMP_MIC_LEN);
436 if (IS_ERR(key->u.ccmp.tfm)) {
437 err = PTR_ERR(key->u.ccmp.tfm);
438 kfree(key);
439 return ERR_PTR(err);
440 }
441 break;
442 case WLAN_CIPHER_SUITE_CCMP_256:
443 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN;
444 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN;
445 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
446 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++)
447 key->u.ccmp.rx_pn[i][j] =
448 seq[IEEE80211_CCMP_256_PN_LEN - j - 1];
449 /* Initialize AES key state here as an optimization so that
450 * it does not need to be initialized for every packet.
451 */
452 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
453 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN);
454 if (IS_ERR(key->u.ccmp.tfm)) {
455 err = PTR_ERR(key->u.ccmp.tfm);
456 kfree(key);
457 return ERR_PTR(err);
458 }
459 break;
460 case WLAN_CIPHER_SUITE_AES_CMAC:
461 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
462 key->conf.iv_len = 0;
463 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC)
464 key->conf.icv_len = sizeof(struct ieee80211_mmie);
465 else
466 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
467 if (seq)
468 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
469 key->u.aes_cmac.rx_pn[j] =
470 seq[IEEE80211_CMAC_PN_LEN - j - 1];
471 /*
472 * Initialize AES key state here as an optimization so that
473 * it does not need to be initialized for every packet.
474 */
475 key->u.aes_cmac.tfm =
476 ieee80211_aes_cmac_key_setup(key_data, key_len);
477 if (IS_ERR(key->u.aes_cmac.tfm)) {
478 err = PTR_ERR(key->u.aes_cmac.tfm);
479 kfree(key);
480 return ERR_PTR(err);
481 }
482 break;
483 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
484 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
485 key->conf.iv_len = 0;
486 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
487 if (seq)
488 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++)
489 key->u.aes_gmac.rx_pn[j] =
490 seq[IEEE80211_GMAC_PN_LEN - j - 1];
491 /* Initialize AES key state here as an optimization so that
492 * it does not need to be initialized for every packet.
493 */
494 key->u.aes_gmac.tfm =
495 ieee80211_aes_gmac_key_setup(key_data, key_len);
496 if (IS_ERR(key->u.aes_gmac.tfm)) {
497 err = PTR_ERR(key->u.aes_gmac.tfm);
498 kfree(key);
499 return ERR_PTR(err);
500 }
501 break;
502 case WLAN_CIPHER_SUITE_GCMP:
503 case WLAN_CIPHER_SUITE_GCMP_256:
504 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN;
505 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN;
506 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
507 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++)
508 key->u.gcmp.rx_pn[i][j] =
509 seq[IEEE80211_GCMP_PN_LEN - j - 1];
510 /* Initialize AES key state here as an optimization so that
511 * it does not need to be initialized for every packet.
512 */
513 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data,
514 key_len);
515 if (IS_ERR(key->u.gcmp.tfm)) {
516 err = PTR_ERR(key->u.gcmp.tfm);
517 kfree(key);
518 return ERR_PTR(err);
519 }
520 break;
521 default:
522 if (cs) {
523 if (seq_len && seq_len != cs->pn_len) {
524 kfree(key);
525 return ERR_PTR(-EINVAL);
526 }
527
528 key->conf.iv_len = cs->hdr_len;
529 key->conf.icv_len = cs->mic_len;
530 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
531 for (j = 0; j < seq_len; j++)
532 key->u.gen.rx_pn[i][j] =
533 seq[seq_len - j - 1];
534 key->flags |= KEY_FLAG_CIPHER_SCHEME;
535 }
536 }
537 memcpy(key->conf.key, key_data, key_len);
538 INIT_LIST_HEAD(&key->list);
539
540 return key;
541}
542
543static void ieee80211_key_free_common(struct ieee80211_key *key)
544{
545 switch (key->conf.cipher) {
546 case WLAN_CIPHER_SUITE_CCMP:
547 case WLAN_CIPHER_SUITE_CCMP_256:
548 ieee80211_aes_key_free(key->u.ccmp.tfm);
549 break;
550 case WLAN_CIPHER_SUITE_AES_CMAC:
551 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
552 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
553 break;
554 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
555 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
556 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm);
557 break;
558 case WLAN_CIPHER_SUITE_GCMP:
559 case WLAN_CIPHER_SUITE_GCMP_256:
560 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm);
561 break;
562 }
563 kzfree(key);
564}
565
566static void __ieee80211_key_destroy(struct ieee80211_key *key,
567 bool delay_tailroom)
568{
569 if (key->local)
570 ieee80211_key_disable_hw_accel(key);
571
572 if (key->local) {
573 struct ieee80211_sub_if_data *sdata = key->sdata;
574
575 ieee80211_debugfs_key_remove(key);
576
577 if (delay_tailroom) {
578 /* see ieee80211_delayed_tailroom_dec */
579 sdata->crypto_tx_tailroom_pending_dec++;
580 schedule_delayed_work(&sdata->dec_tailroom_needed_wk,
581 HZ/2);
582 } else {
583 decrease_tailroom_need_count(sdata, 1);
584 }
585 }
586
587 ieee80211_key_free_common(key);
588}
589
590static void ieee80211_key_destroy(struct ieee80211_key *key,
591 bool delay_tailroom)
592{
593 if (!key)
594 return;
595
596 /*
597 * Synchronize so the TX path can no longer be using
598 * this key before we free/remove it.
599 */
600 synchronize_net();
601
602 __ieee80211_key_destroy(key, delay_tailroom);
603}
604
605void ieee80211_key_free_unused(struct ieee80211_key *key)
606{
607 WARN_ON(key->sdata || key->local);
608 ieee80211_key_free_common(key);
609}
610
611static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata,
612 struct ieee80211_key *old,
613 struct ieee80211_key *new)
614{
615 u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP];
616 u8 *tk_old, *tk_new;
617
618 if (!old || new->conf.keylen != old->conf.keylen)
619 return false;
620
621 tk_old = old->conf.key;
622 tk_new = new->conf.key;
623
624 /*
625 * In station mode, don't compare the TX MIC key, as it's never used
626 * and offloaded rekeying may not care to send it to the host. This
627 * is the case in iwlwifi, for example.
628 */
629 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
630 new->conf.cipher == WLAN_CIPHER_SUITE_TKIP &&
631 new->conf.keylen == WLAN_KEY_LEN_TKIP &&
632 !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
633 memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP);
634 memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP);
635 memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
636 memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
637 tk_old = tkip_old;
638 tk_new = tkip_new;
639 }
640
641 return !crypto_memneq(tk_old, tk_new, new->conf.keylen);
642}
643
644int ieee80211_key_link(struct ieee80211_key *key,
645 struct ieee80211_sub_if_data *sdata,
646 struct sta_info *sta)
647{
648 struct ieee80211_local *local = sdata->local;
649 struct ieee80211_key *old_key;
650 int idx, ret;
651 bool pairwise;
652
653 pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
654 idx = key->conf.keyidx;
655
656 mutex_lock(&sdata->local->key_mtx);
657
658 if (sta && pairwise)
659 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]);
660 else if (sta)
661 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]);
662 else
663 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
664
665 /*
666 * Silently accept key re-installation without really installing the
667 * new version of the key to avoid nonce reuse or replay issues.
668 */
669 if (ieee80211_key_identical(sdata, old_key, key)) {
670 ieee80211_key_free_unused(key);
671 ret = 0;
672 goto out;
673 }
674
675 key->local = sdata->local;
676 key->sdata = sdata;
677 key->sta = sta;
678
679 increment_tailroom_need_count(sdata);
680
681 ieee80211_key_replace(sdata, sta, pairwise, old_key, key);
682 ieee80211_key_destroy(old_key, true);
683
684 ieee80211_debugfs_key_add(key);
685
686 if (!local->wowlan) {
687 ret = ieee80211_key_enable_hw_accel(key);
688 if (ret)
689 ieee80211_key_free(key, true);
690 } else {
691 ret = 0;
692 }
693
694 out:
695 mutex_unlock(&sdata->local->key_mtx);
696
697 return ret;
698}
699
700void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom)
701{
702 if (!key)
703 return;
704
705 /*
706 * Replace key with nothingness if it was ever used.
707 */
708 if (key->sdata)
709 ieee80211_key_replace(key->sdata, key->sta,
710 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
711 key, NULL);
712 ieee80211_key_destroy(key, delay_tailroom);
713}
714
715void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata)
716{
717 struct ieee80211_key *key;
718 struct ieee80211_sub_if_data *vlan;
719
720 ASSERT_RTNL();
721
722 if (WARN_ON(!ieee80211_sdata_running(sdata)))
723 return;
724
725 mutex_lock(&sdata->local->key_mtx);
726
727 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
728 sdata->crypto_tx_tailroom_pending_dec);
729
730 if (sdata->vif.type == NL80211_IFTYPE_AP) {
731 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
732 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
733 vlan->crypto_tx_tailroom_pending_dec);
734 }
735
736 list_for_each_entry(key, &sdata->key_list, list) {
737 increment_tailroom_need_count(sdata);
738 ieee80211_key_enable_hw_accel(key);
739 }
740
741 mutex_unlock(&sdata->local->key_mtx);
742}
743
744void ieee80211_reset_crypto_tx_tailroom(struct ieee80211_sub_if_data *sdata)
745{
746 struct ieee80211_sub_if_data *vlan;
747
748 mutex_lock(&sdata->local->key_mtx);
749
750 sdata->crypto_tx_tailroom_needed_cnt = 0;
751
752 if (sdata->vif.type == NL80211_IFTYPE_AP) {
753 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
754 vlan->crypto_tx_tailroom_needed_cnt = 0;
755 }
756
757 mutex_unlock(&sdata->local->key_mtx);
758}
759
760void ieee80211_iter_keys(struct ieee80211_hw *hw,
761 struct ieee80211_vif *vif,
762 void (*iter)(struct ieee80211_hw *hw,
763 struct ieee80211_vif *vif,
764 struct ieee80211_sta *sta,
765 struct ieee80211_key_conf *key,
766 void *data),
767 void *iter_data)
768{
769 struct ieee80211_local *local = hw_to_local(hw);
770 struct ieee80211_key *key, *tmp;
771 struct ieee80211_sub_if_data *sdata;
772
773 ASSERT_RTNL();
774
775 mutex_lock(&local->key_mtx);
776 if (vif) {
777 sdata = vif_to_sdata(vif);
778 list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
779 iter(hw, &sdata->vif,
780 key->sta ? &key->sta->sta : NULL,
781 &key->conf, iter_data);
782 } else {
783 list_for_each_entry(sdata, &local->interfaces, list)
784 list_for_each_entry_safe(key, tmp,
785 &sdata->key_list, list)
786 iter(hw, &sdata->vif,
787 key->sta ? &key->sta->sta : NULL,
788 &key->conf, iter_data);
789 }
790 mutex_unlock(&local->key_mtx);
791}
792EXPORT_SYMBOL(ieee80211_iter_keys);
793
794static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata,
795 struct list_head *keys)
796{
797 struct ieee80211_key *key, *tmp;
798
799 decrease_tailroom_need_count(sdata,
800 sdata->crypto_tx_tailroom_pending_dec);
801 sdata->crypto_tx_tailroom_pending_dec = 0;
802
803 ieee80211_debugfs_key_remove_mgmt_default(sdata);
804
805 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) {
806 ieee80211_key_replace(key->sdata, key->sta,
807 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
808 key, NULL);
809 list_add_tail(&key->list, keys);
810 }
811
812 ieee80211_debugfs_key_update_default(sdata);
813}
814
815void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata,
816 bool force_synchronize)
817{
818 struct ieee80211_local *local = sdata->local;
819 struct ieee80211_sub_if_data *vlan;
820 struct ieee80211_sub_if_data *master;
821 struct ieee80211_key *key, *tmp;
822 LIST_HEAD(keys);
823
824 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk);
825
826 mutex_lock(&local->key_mtx);
827
828 ieee80211_free_keys_iface(sdata, &keys);
829
830 if (sdata->vif.type == NL80211_IFTYPE_AP) {
831 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
832 ieee80211_free_keys_iface(vlan, &keys);
833 }
834
835 if (!list_empty(&keys) || force_synchronize)
836 synchronize_net();
837 list_for_each_entry_safe(key, tmp, &keys, list)
838 __ieee80211_key_destroy(key, false);
839
840 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
841 if (sdata->bss) {
842 master = container_of(sdata->bss,
843 struct ieee80211_sub_if_data,
844 u.ap);
845
846 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt !=
847 master->crypto_tx_tailroom_needed_cnt);
848 }
849 } else {
850 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
851 sdata->crypto_tx_tailroom_pending_dec);
852 }
853
854 if (sdata->vif.type == NL80211_IFTYPE_AP) {
855 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
856 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
857 vlan->crypto_tx_tailroom_pending_dec);
858 }
859
860 mutex_unlock(&local->key_mtx);
861}
862
863void ieee80211_free_sta_keys(struct ieee80211_local *local,
864 struct sta_info *sta)
865{
866 struct ieee80211_key *key;
867 int i;
868
869 mutex_lock(&local->key_mtx);
870 for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) {
871 key = key_mtx_dereference(local, sta->gtk[i]);
872 if (!key)
873 continue;
874 ieee80211_key_replace(key->sdata, key->sta,
875 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
876 key, NULL);
877 __ieee80211_key_destroy(key, true);
878 }
879
880 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
881 key = key_mtx_dereference(local, sta->ptk[i]);
882 if (!key)
883 continue;
884 ieee80211_key_replace(key->sdata, key->sta,
885 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
886 key, NULL);
887 __ieee80211_key_destroy(key, true);
888 }
889
890 mutex_unlock(&local->key_mtx);
891}
892
893void ieee80211_delayed_tailroom_dec(struct work_struct *wk)
894{
895 struct ieee80211_sub_if_data *sdata;
896
897 sdata = container_of(wk, struct ieee80211_sub_if_data,
898 dec_tailroom_needed_wk.work);
899
900 /*
901 * The reason for the delayed tailroom needed decrementing is to
902 * make roaming faster: during roaming, all keys are first deleted
903 * and then new keys are installed. The first new key causes the
904 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes
905 * the cost of synchronize_net() (which can be slow). Avoid this
906 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on
907 * key removal for a while, so if we roam the value is larger than
908 * zero and no 0->1 transition happens.
909 *
910 * The cost is that if the AP switching was from an AP with keys
911 * to one without, we still allocate tailroom while it would no
912 * longer be needed. However, in the typical (fast) roaming case
913 * within an ESS this usually won't happen.
914 */
915
916 mutex_lock(&sdata->local->key_mtx);
917 decrease_tailroom_need_count(sdata,
918 sdata->crypto_tx_tailroom_pending_dec);
919 sdata->crypto_tx_tailroom_pending_dec = 0;
920 mutex_unlock(&sdata->local->key_mtx);
921}
922
923void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid,
924 const u8 *replay_ctr, gfp_t gfp)
925{
926 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
927
928 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr);
929
930 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp);
931}
932EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify);
933
934void ieee80211_get_key_tx_seq(struct ieee80211_key_conf *keyconf,
935 struct ieee80211_key_seq *seq)
936{
937 struct ieee80211_key *key;
938 u64 pn64;
939
940 if (WARN_ON(!(keyconf->flags & IEEE80211_KEY_FLAG_GENERATE_IV)))
941 return;
942
943 key = container_of(keyconf, struct ieee80211_key, conf);
944
945 switch (key->conf.cipher) {
946 case WLAN_CIPHER_SUITE_TKIP:
947 seq->tkip.iv32 = key->u.tkip.tx.iv32;
948 seq->tkip.iv16 = key->u.tkip.tx.iv16;
949 break;
950 case WLAN_CIPHER_SUITE_CCMP:
951 case WLAN_CIPHER_SUITE_CCMP_256:
952 case WLAN_CIPHER_SUITE_AES_CMAC:
953 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
954 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) !=
955 offsetof(typeof(*seq), aes_cmac));
956 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
957 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
958 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) !=
959 offsetof(typeof(*seq), aes_gmac));
960 case WLAN_CIPHER_SUITE_GCMP:
961 case WLAN_CIPHER_SUITE_GCMP_256:
962 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) !=
963 offsetof(typeof(*seq), gcmp));
964 pn64 = atomic64_read(&key->conf.tx_pn);
965 seq->ccmp.pn[5] = pn64;
966 seq->ccmp.pn[4] = pn64 >> 8;
967 seq->ccmp.pn[3] = pn64 >> 16;
968 seq->ccmp.pn[2] = pn64 >> 24;
969 seq->ccmp.pn[1] = pn64 >> 32;
970 seq->ccmp.pn[0] = pn64 >> 40;
971 break;
972 default:
973 WARN_ON(1);
974 }
975}
976EXPORT_SYMBOL(ieee80211_get_key_tx_seq);
977
978void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
979 int tid, struct ieee80211_key_seq *seq)
980{
981 struct ieee80211_key *key;
982 const u8 *pn;
983
984 key = container_of(keyconf, struct ieee80211_key, conf);
985
986 switch (key->conf.cipher) {
987 case WLAN_CIPHER_SUITE_TKIP:
988 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
989 return;
990 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32;
991 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
992 break;
993 case WLAN_CIPHER_SUITE_CCMP:
994 case WLAN_CIPHER_SUITE_CCMP_256:
995 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
996 return;
997 if (tid < 0)
998 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
999 else
1000 pn = key->u.ccmp.rx_pn[tid];
1001 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
1002 break;
1003 case WLAN_CIPHER_SUITE_AES_CMAC:
1004 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1005 if (WARN_ON(tid != 0))
1006 return;
1007 pn = key->u.aes_cmac.rx_pn;
1008 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
1009 break;
1010 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1011 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1012 if (WARN_ON(tid != 0))
1013 return;
1014 pn = key->u.aes_gmac.rx_pn;
1015 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN);
1016 break;
1017 case WLAN_CIPHER_SUITE_GCMP:
1018 case WLAN_CIPHER_SUITE_GCMP_256:
1019 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1020 return;
1021 if (tid < 0)
1022 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1023 else
1024 pn = key->u.gcmp.rx_pn[tid];
1025 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN);
1026 break;
1027 }
1028}
1029EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
1030
1031void ieee80211_set_key_tx_seq(struct ieee80211_key_conf *keyconf,
1032 struct ieee80211_key_seq *seq)
1033{
1034 struct ieee80211_key *key;
1035 u64 pn64;
1036
1037 key = container_of(keyconf, struct ieee80211_key, conf);
1038
1039 switch (key->conf.cipher) {
1040 case WLAN_CIPHER_SUITE_TKIP:
1041 key->u.tkip.tx.iv32 = seq->tkip.iv32;
1042 key->u.tkip.tx.iv16 = seq->tkip.iv16;
1043 break;
1044 case WLAN_CIPHER_SUITE_CCMP:
1045 case WLAN_CIPHER_SUITE_CCMP_256:
1046 case WLAN_CIPHER_SUITE_AES_CMAC:
1047 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1048 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) !=
1049 offsetof(typeof(*seq), aes_cmac));
1050 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1051 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1052 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) !=
1053 offsetof(typeof(*seq), aes_gmac));
1054 case WLAN_CIPHER_SUITE_GCMP:
1055 case WLAN_CIPHER_SUITE_GCMP_256:
1056 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) !=
1057 offsetof(typeof(*seq), gcmp));
1058 pn64 = (u64)seq->ccmp.pn[5] |
1059 ((u64)seq->ccmp.pn[4] << 8) |
1060 ((u64)seq->ccmp.pn[3] << 16) |
1061 ((u64)seq->ccmp.pn[2] << 24) |
1062 ((u64)seq->ccmp.pn[1] << 32) |
1063 ((u64)seq->ccmp.pn[0] << 40);
1064 atomic64_set(&key->conf.tx_pn, pn64);
1065 break;
1066 default:
1067 WARN_ON(1);
1068 break;
1069 }
1070}
1071EXPORT_SYMBOL_GPL(ieee80211_set_key_tx_seq);
1072
1073void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
1074 int tid, struct ieee80211_key_seq *seq)
1075{
1076 struct ieee80211_key *key;
1077 u8 *pn;
1078
1079 key = container_of(keyconf, struct ieee80211_key, conf);
1080
1081 switch (key->conf.cipher) {
1082 case WLAN_CIPHER_SUITE_TKIP:
1083 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1084 return;
1085 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32;
1086 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
1087 break;
1088 case WLAN_CIPHER_SUITE_CCMP:
1089 case WLAN_CIPHER_SUITE_CCMP_256:
1090 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1091 return;
1092 if (tid < 0)
1093 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1094 else
1095 pn = key->u.ccmp.rx_pn[tid];
1096 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
1097 break;
1098 case WLAN_CIPHER_SUITE_AES_CMAC:
1099 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1100 if (WARN_ON(tid != 0))
1101 return;
1102 pn = key->u.aes_cmac.rx_pn;
1103 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
1104 break;
1105 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1106 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1107 if (WARN_ON(tid != 0))
1108 return;
1109 pn = key->u.aes_gmac.rx_pn;
1110 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN);
1111 break;
1112 case WLAN_CIPHER_SUITE_GCMP:
1113 case WLAN_CIPHER_SUITE_GCMP_256:
1114 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1115 return;
1116 if (tid < 0)
1117 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1118 else
1119 pn = key->u.gcmp.rx_pn[tid];
1120 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN);
1121 break;
1122 default:
1123 WARN_ON(1);
1124 break;
1125 }
1126}
1127EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq);
1128
1129void ieee80211_remove_key(struct ieee80211_key_conf *keyconf)
1130{
1131 struct ieee80211_key *key;
1132
1133 key = container_of(keyconf, struct ieee80211_key, conf);
1134
1135 assert_key_lock(key->local);
1136
1137 /*
1138 * if key was uploaded, we assume the driver will/has remove(d)
1139 * it, so adjust bookkeeping accordingly
1140 */
1141 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
1142 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
1143
1144 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
1145 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
1146 increment_tailroom_need_count(key->sdata);
1147 }
1148
1149 ieee80211_key_free(key, false);
1150}
1151EXPORT_SYMBOL_GPL(ieee80211_remove_key);
1152
1153struct ieee80211_key_conf *
1154ieee80211_gtk_rekey_add(struct ieee80211_vif *vif,
1155 struct ieee80211_key_conf *keyconf)
1156{
1157 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1158 struct ieee80211_local *local = sdata->local;
1159 struct ieee80211_key *key;
1160 int err;
1161
1162 if (WARN_ON(!local->wowlan))
1163 return ERR_PTR(-EINVAL);
1164
1165 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
1166 return ERR_PTR(-EINVAL);
1167
1168 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx,
1169 keyconf->keylen, keyconf->key,
1170 0, NULL, NULL);
1171 if (IS_ERR(key))
1172 return ERR_CAST(key);
1173
1174 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
1175 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
1176
1177 err = ieee80211_key_link(key, sdata, NULL);
1178 if (err)
1179 return ERR_PTR(err);
1180
1181 return &key->conf;
1182}
1183EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add);