2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
6 * Copyright 2013-2014 Intel Mobile Communications GmbH
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2 as
10 * published by the Free Software Foundation.
13 #include <linux/if_ether.h>
14 #include <linux/etherdevice.h>
15 #include <linux/list.h>
16 #include <linux/rcupdate.h>
17 #include <linux/rtnetlink.h>
18 #include <linux/slab.h>
19 #include <linux/export.h>
20 #include <net/mac80211.h>
21 #include <asm/unaligned.h>
22 #include "ieee80211_i.h"
23 #include "driver-ops.h"
24 #include "debugfs_key.h"
32 * DOC: Key handling basics
34 * Key handling in mac80211 is done based on per-interface (sub_if_data)
35 * keys and per-station keys. Since each station belongs to an interface,
36 * each station key also belongs to that interface.
38 * Hardware acceleration is done on a best-effort basis for algorithms
39 * that are implemented in software, for each key the hardware is asked
40 * to enable that key for offloading but if it cannot do that the key is
41 * simply kept for software encryption (unless it is for an algorithm
42 * that isn't implemented in software).
43 * There is currently no way of knowing whether a key is handled in SW
44 * or HW except by looking into debugfs.
46 * All key management is internally protected by a mutex. Within all
47 * other parts of mac80211, key references are, just as STA structure
48 * references, protected by RCU. Note, however, that some things are
49 * unprotected, namely the key->sta dereferences within the hardware
50 * acceleration functions. This means that sta_info_destroy() must
51 * remove the key which waits for an RCU grace period.
54 static const u8 bcast_addr
[ETH_ALEN
] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
56 static void assert_key_lock(struct ieee80211_local
*local
)
58 lockdep_assert_held(&local
->key_mtx
);
62 update_vlan_tailroom_need_count(struct ieee80211_sub_if_data
*sdata
, int delta
)
64 struct ieee80211_sub_if_data
*vlan
;
66 if (sdata
->vif
.type
!= NL80211_IFTYPE_AP
)
69 mutex_lock(&sdata
->local
->mtx
);
71 list_for_each_entry(vlan
, &sdata
->u
.ap
.vlans
, u
.vlan
.list
)
72 vlan
->crypto_tx_tailroom_needed_cnt
+= delta
;
74 mutex_unlock(&sdata
->local
->mtx
);
77 static void increment_tailroom_need_count(struct ieee80211_sub_if_data
*sdata
)
80 * When this count is zero, SKB resizing for allocating tailroom
81 * for IV or MMIC is skipped. But, this check has created two race
82 * cases in xmit path while transiting from zero count to one:
84 * 1. SKB resize was skipped because no key was added but just before
85 * the xmit key is added and SW encryption kicks off.
87 * 2. SKB resize was skipped because all the keys were hw planted but
88 * just before xmit one of the key is deleted and SW encryption kicks
91 * In both the above case SW encryption will find not enough space for
92 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
94 * Solution has been explained at
95 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
98 update_vlan_tailroom_need_count(sdata
, 1);
100 if (!sdata
->crypto_tx_tailroom_needed_cnt
++) {
102 * Flush all XMIT packets currently using HW encryption or no
103 * encryption at all if the count transition is from 0 -> 1.
109 static void decrease_tailroom_need_count(struct ieee80211_sub_if_data
*sdata
,
112 WARN_ON_ONCE(sdata
->crypto_tx_tailroom_needed_cnt
< delta
);
114 update_vlan_tailroom_need_count(sdata
, -delta
);
115 sdata
->crypto_tx_tailroom_needed_cnt
-= delta
;
118 static int ieee80211_key_enable_hw_accel(struct ieee80211_key
*key
)
120 struct ieee80211_sub_if_data
*sdata
;
121 struct sta_info
*sta
;
122 int ret
= -EOPNOTSUPP
;
126 if (key
->flags
& KEY_FLAG_TAINTED
) {
127 /* If we get here, it's during resume and the key is
128 * tainted so shouldn't be used/programmed any more.
129 * However, its flags may still indicate that it was
130 * programmed into the device (since we're in resume)
131 * so clear that flag now to avoid trying to remove
134 key
->flags
&= ~KEY_FLAG_UPLOADED_TO_HARDWARE
;
138 if (!key
->local
->ops
->set_key
)
139 goto out_unsupported
;
141 assert_key_lock(key
->local
);
146 * If this is a per-STA GTK, check if it
147 * is supported; if not, return.
149 if (sta
&& !(key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
) &&
150 !(key
->local
->hw
.flags
& IEEE80211_HW_SUPPORTS_PER_STA_GTK
))
151 goto out_unsupported
;
153 if (sta
&& !sta
->uploaded
)
154 goto out_unsupported
;
157 if (sdata
->vif
.type
== NL80211_IFTYPE_AP_VLAN
) {
159 * The driver doesn't know anything about VLAN interfaces.
160 * Hence, don't send GTKs for VLAN interfaces to the driver.
162 if (!(key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
))
163 goto out_unsupported
;
166 ret
= drv_set_key(key
->local
, SET_KEY
, sdata
,
167 sta
? &sta
->sta
: NULL
, &key
->conf
);
170 key
->flags
|= KEY_FLAG_UPLOADED_TO_HARDWARE
;
172 if (!((key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_MMIC
) ||
173 (key
->conf
.flags
& IEEE80211_KEY_FLAG_RESERVE_TAILROOM
)))
174 decrease_tailroom_need_count(sdata
, 1);
176 WARN_ON((key
->conf
.flags
& IEEE80211_KEY_FLAG_PUT_IV_SPACE
) &&
177 (key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_IV
));
182 if (ret
!= -ENOSPC
&& ret
!= -EOPNOTSUPP
&& ret
!= 1)
184 "failed to set key (%d, %pM) to hardware (%d)\n",
186 sta
? sta
->sta
.addr
: bcast_addr
, ret
);
189 switch (key
->conf
.cipher
) {
190 case WLAN_CIPHER_SUITE_WEP40
:
191 case WLAN_CIPHER_SUITE_WEP104
:
192 case WLAN_CIPHER_SUITE_TKIP
:
193 case WLAN_CIPHER_SUITE_CCMP
:
194 case WLAN_CIPHER_SUITE_CCMP_256
:
195 case WLAN_CIPHER_SUITE_AES_CMAC
:
196 case WLAN_CIPHER_SUITE_BIP_CMAC_256
:
197 case WLAN_CIPHER_SUITE_BIP_GMAC_128
:
198 case WLAN_CIPHER_SUITE_BIP_GMAC_256
:
199 case WLAN_CIPHER_SUITE_GCMP
:
200 case WLAN_CIPHER_SUITE_GCMP_256
:
201 /* all of these we can do in software - if driver can */
204 if (key
->local
->hw
.flags
& IEEE80211_HW_SW_CRYPTO_CONTROL
)
212 static void ieee80211_key_disable_hw_accel(struct ieee80211_key
*key
)
214 struct ieee80211_sub_if_data
*sdata
;
215 struct sta_info
*sta
;
220 if (!key
|| !key
->local
->ops
->set_key
)
223 assert_key_lock(key
->local
);
225 if (!(key
->flags
& KEY_FLAG_UPLOADED_TO_HARDWARE
))
231 if (!((key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_MMIC
) ||
232 (key
->conf
.flags
& IEEE80211_KEY_FLAG_RESERVE_TAILROOM
)))
233 increment_tailroom_need_count(sdata
);
235 ret
= drv_set_key(key
->local
, DISABLE_KEY
, sdata
,
236 sta
? &sta
->sta
: NULL
, &key
->conf
);
240 "failed to remove key (%d, %pM) from hardware (%d)\n",
242 sta
? sta
->sta
.addr
: bcast_addr
, ret
);
244 key
->flags
&= ~KEY_FLAG_UPLOADED_TO_HARDWARE
;
247 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data
*sdata
,
248 int idx
, bool uni
, bool multi
)
250 struct ieee80211_key
*key
= NULL
;
252 assert_key_lock(sdata
->local
);
254 if (idx
>= 0 && idx
< NUM_DEFAULT_KEYS
)
255 key
= key_mtx_dereference(sdata
->local
, sdata
->keys
[idx
]);
258 rcu_assign_pointer(sdata
->default_unicast_key
, key
);
259 drv_set_default_unicast_key(sdata
->local
, sdata
, idx
);
263 rcu_assign_pointer(sdata
->default_multicast_key
, key
);
265 ieee80211_debugfs_key_update_default(sdata
);
268 void ieee80211_set_default_key(struct ieee80211_sub_if_data
*sdata
, int idx
,
269 bool uni
, bool multi
)
271 mutex_lock(&sdata
->local
->key_mtx
);
272 __ieee80211_set_default_key(sdata
, idx
, uni
, multi
);
273 mutex_unlock(&sdata
->local
->key_mtx
);
277 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data
*sdata
, int idx
)
279 struct ieee80211_key
*key
= NULL
;
281 assert_key_lock(sdata
->local
);
283 if (idx
>= NUM_DEFAULT_KEYS
&&
284 idx
< NUM_DEFAULT_KEYS
+ NUM_DEFAULT_MGMT_KEYS
)
285 key
= key_mtx_dereference(sdata
->local
, sdata
->keys
[idx
]);
287 rcu_assign_pointer(sdata
->default_mgmt_key
, key
);
289 ieee80211_debugfs_key_update_default(sdata
);
292 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data
*sdata
,
295 mutex_lock(&sdata
->local
->key_mtx
);
296 __ieee80211_set_default_mgmt_key(sdata
, idx
);
297 mutex_unlock(&sdata
->local
->key_mtx
);
301 static void ieee80211_key_replace(struct ieee80211_sub_if_data
*sdata
,
302 struct sta_info
*sta
,
304 struct ieee80211_key
*old
,
305 struct ieee80211_key
*new)
308 bool defunikey
, defmultikey
, defmgmtkey
;
310 /* caller must provide at least one old/new */
311 if (WARN_ON(!new && !old
))
315 list_add_tail(&new->list
, &sdata
->key_list
);
317 WARN_ON(new && old
&& new->conf
.keyidx
!= old
->conf
.keyidx
);
320 idx
= old
->conf
.keyidx
;
322 idx
= new->conf
.keyidx
;
326 rcu_assign_pointer(sta
->ptk
[idx
], new);
329 rcu_assign_pointer(sta
->gtk
[idx
], new);
334 old
== key_mtx_dereference(sdata
->local
,
335 sdata
->default_unicast_key
);
337 old
== key_mtx_dereference(sdata
->local
,
338 sdata
->default_multicast_key
);
340 old
== key_mtx_dereference(sdata
->local
,
341 sdata
->default_mgmt_key
);
343 if (defunikey
&& !new)
344 __ieee80211_set_default_key(sdata
, -1, true, false);
345 if (defmultikey
&& !new)
346 __ieee80211_set_default_key(sdata
, -1, false, true);
347 if (defmgmtkey
&& !new)
348 __ieee80211_set_default_mgmt_key(sdata
, -1);
350 rcu_assign_pointer(sdata
->keys
[idx
], new);
351 if (defunikey
&& new)
352 __ieee80211_set_default_key(sdata
, new->conf
.keyidx
,
354 if (defmultikey
&& new)
355 __ieee80211_set_default_key(sdata
, new->conf
.keyidx
,
357 if (defmgmtkey
&& new)
358 __ieee80211_set_default_mgmt_key(sdata
,
363 list_del(&old
->list
);
366 struct ieee80211_key
*
367 ieee80211_key_alloc(u32 cipher
, int idx
, size_t key_len
,
369 size_t seq_len
, const u8
*seq
,
370 const struct ieee80211_cipher_scheme
*cs
)
372 struct ieee80211_key
*key
;
375 if (WARN_ON(idx
< 0 || idx
>= NUM_DEFAULT_KEYS
+ NUM_DEFAULT_MGMT_KEYS
))
376 return ERR_PTR(-EINVAL
);
378 key
= kzalloc(sizeof(struct ieee80211_key
) + key_len
, GFP_KERNEL
);
380 return ERR_PTR(-ENOMEM
);
383 * Default to software encryption; we'll later upload the
384 * key to the hardware if possible.
389 key
->conf
.cipher
= cipher
;
390 key
->conf
.keyidx
= idx
;
391 key
->conf
.keylen
= key_len
;
393 case WLAN_CIPHER_SUITE_WEP40
:
394 case WLAN_CIPHER_SUITE_WEP104
:
395 key
->conf
.iv_len
= IEEE80211_WEP_IV_LEN
;
396 key
->conf
.icv_len
= IEEE80211_WEP_ICV_LEN
;
398 case WLAN_CIPHER_SUITE_TKIP
:
399 key
->conf
.iv_len
= IEEE80211_TKIP_IV_LEN
;
400 key
->conf
.icv_len
= IEEE80211_TKIP_ICV_LEN
;
402 for (i
= 0; i
< IEEE80211_NUM_TIDS
; i
++) {
403 key
->u
.tkip
.rx
[i
].iv32
=
404 get_unaligned_le32(&seq
[2]);
405 key
->u
.tkip
.rx
[i
].iv16
=
406 get_unaligned_le16(seq
);
409 spin_lock_init(&key
->u
.tkip
.txlock
);
411 case WLAN_CIPHER_SUITE_CCMP
:
412 key
->conf
.iv_len
= IEEE80211_CCMP_HDR_LEN
;
413 key
->conf
.icv_len
= IEEE80211_CCMP_MIC_LEN
;
415 for (i
= 0; i
< IEEE80211_NUM_TIDS
+ 1; i
++)
416 for (j
= 0; j
< IEEE80211_CCMP_PN_LEN
; j
++)
417 key
->u
.ccmp
.rx_pn
[i
][j
] =
418 seq
[IEEE80211_CCMP_PN_LEN
- j
- 1];
421 * Initialize AES key state here as an optimization so that
422 * it does not need to be initialized for every packet.
424 key
->u
.ccmp
.tfm
= ieee80211_aes_key_setup_encrypt(
425 key_data
, key_len
, IEEE80211_CCMP_MIC_LEN
);
426 if (IS_ERR(key
->u
.ccmp
.tfm
)) {
427 err
= PTR_ERR(key
->u
.ccmp
.tfm
);
432 case WLAN_CIPHER_SUITE_CCMP_256
:
433 key
->conf
.iv_len
= IEEE80211_CCMP_256_HDR_LEN
;
434 key
->conf
.icv_len
= IEEE80211_CCMP_256_MIC_LEN
;
435 for (i
= 0; seq
&& i
< IEEE80211_NUM_TIDS
+ 1; i
++)
436 for (j
= 0; j
< IEEE80211_CCMP_256_PN_LEN
; j
++)
437 key
->u
.ccmp
.rx_pn
[i
][j
] =
438 seq
[IEEE80211_CCMP_256_PN_LEN
- j
- 1];
439 /* Initialize AES key state here as an optimization so that
440 * it does not need to be initialized for every packet.
442 key
->u
.ccmp
.tfm
= ieee80211_aes_key_setup_encrypt(
443 key_data
, key_len
, IEEE80211_CCMP_256_MIC_LEN
);
444 if (IS_ERR(key
->u
.ccmp
.tfm
)) {
445 err
= PTR_ERR(key
->u
.ccmp
.tfm
);
450 case WLAN_CIPHER_SUITE_AES_CMAC
:
451 case WLAN_CIPHER_SUITE_BIP_CMAC_256
:
452 key
->conf
.iv_len
= 0;
453 if (cipher
== WLAN_CIPHER_SUITE_AES_CMAC
)
454 key
->conf
.icv_len
= sizeof(struct ieee80211_mmie
);
456 key
->conf
.icv_len
= sizeof(struct ieee80211_mmie_16
);
458 for (j
= 0; j
< IEEE80211_CMAC_PN_LEN
; j
++)
459 key
->u
.aes_cmac
.rx_pn
[j
] =
460 seq
[IEEE80211_CMAC_PN_LEN
- j
- 1];
462 * Initialize AES key state here as an optimization so that
463 * it does not need to be initialized for every packet.
465 key
->u
.aes_cmac
.tfm
=
466 ieee80211_aes_cmac_key_setup(key_data
, key_len
);
467 if (IS_ERR(key
->u
.aes_cmac
.tfm
)) {
468 err
= PTR_ERR(key
->u
.aes_cmac
.tfm
);
473 case WLAN_CIPHER_SUITE_BIP_GMAC_128
:
474 case WLAN_CIPHER_SUITE_BIP_GMAC_256
:
475 key
->conf
.iv_len
= 0;
476 key
->conf
.icv_len
= sizeof(struct ieee80211_mmie_16
);
478 for (j
= 0; j
< IEEE80211_GMAC_PN_LEN
; j
++)
479 key
->u
.aes_gmac
.rx_pn
[j
] =
480 seq
[IEEE80211_GMAC_PN_LEN
- j
- 1];
481 /* Initialize AES key state here as an optimization so that
482 * it does not need to be initialized for every packet.
484 key
->u
.aes_gmac
.tfm
=
485 ieee80211_aes_gmac_key_setup(key_data
, key_len
);
486 if (IS_ERR(key
->u
.aes_gmac
.tfm
)) {
487 err
= PTR_ERR(key
->u
.aes_gmac
.tfm
);
492 case WLAN_CIPHER_SUITE_GCMP
:
493 case WLAN_CIPHER_SUITE_GCMP_256
:
494 key
->conf
.iv_len
= IEEE80211_GCMP_HDR_LEN
;
495 key
->conf
.icv_len
= IEEE80211_GCMP_MIC_LEN
;
496 for (i
= 0; seq
&& i
< IEEE80211_NUM_TIDS
+ 1; i
++)
497 for (j
= 0; j
< IEEE80211_GCMP_PN_LEN
; j
++)
498 key
->u
.gcmp
.rx_pn
[i
][j
] =
499 seq
[IEEE80211_GCMP_PN_LEN
- j
- 1];
500 /* Initialize AES key state here as an optimization so that
501 * it does not need to be initialized for every packet.
503 key
->u
.gcmp
.tfm
= ieee80211_aes_gcm_key_setup_encrypt(key_data
,
505 if (IS_ERR(key
->u
.gcmp
.tfm
)) {
506 err
= PTR_ERR(key
->u
.gcmp
.tfm
);
513 size_t len
= (seq_len
> MAX_PN_LEN
) ?
514 MAX_PN_LEN
: seq_len
;
516 key
->conf
.iv_len
= cs
->hdr_len
;
517 key
->conf
.icv_len
= cs
->mic_len
;
518 for (i
= 0; i
< IEEE80211_NUM_TIDS
+ 1; i
++)
519 for (j
= 0; j
< len
; j
++)
520 key
->u
.gen
.rx_pn
[i
][j
] =
522 key
->flags
|= KEY_FLAG_CIPHER_SCHEME
;
525 memcpy(key
->conf
.key
, key_data
, key_len
);
526 INIT_LIST_HEAD(&key
->list
);
531 static void ieee80211_key_free_common(struct ieee80211_key
*key
)
533 switch (key
->conf
.cipher
) {
534 case WLAN_CIPHER_SUITE_CCMP
:
535 case WLAN_CIPHER_SUITE_CCMP_256
:
536 ieee80211_aes_key_free(key
->u
.ccmp
.tfm
);
538 case WLAN_CIPHER_SUITE_AES_CMAC
:
539 case WLAN_CIPHER_SUITE_BIP_CMAC_256
:
540 ieee80211_aes_cmac_key_free(key
->u
.aes_cmac
.tfm
);
542 case WLAN_CIPHER_SUITE_BIP_GMAC_128
:
543 case WLAN_CIPHER_SUITE_BIP_GMAC_256
:
544 ieee80211_aes_gmac_key_free(key
->u
.aes_gmac
.tfm
);
546 case WLAN_CIPHER_SUITE_GCMP
:
547 case WLAN_CIPHER_SUITE_GCMP_256
:
548 ieee80211_aes_gcm_key_free(key
->u
.gcmp
.tfm
);
554 static void __ieee80211_key_destroy(struct ieee80211_key
*key
,
558 ieee80211_key_disable_hw_accel(key
);
561 struct ieee80211_sub_if_data
*sdata
= key
->sdata
;
563 ieee80211_debugfs_key_remove(key
);
565 if (delay_tailroom
) {
566 /* see ieee80211_delayed_tailroom_dec */
567 sdata
->crypto_tx_tailroom_pending_dec
++;
568 schedule_delayed_work(&sdata
->dec_tailroom_needed_wk
,
571 decrease_tailroom_need_count(sdata
, 1);
575 ieee80211_key_free_common(key
);
578 static void ieee80211_key_destroy(struct ieee80211_key
*key
,
585 * Synchronize so the TX path can no longer be using
586 * this key before we free/remove it.
590 __ieee80211_key_destroy(key
, delay_tailroom
);
593 void ieee80211_key_free_unused(struct ieee80211_key
*key
)
595 WARN_ON(key
->sdata
|| key
->local
);
596 ieee80211_key_free_common(key
);
599 int ieee80211_key_link(struct ieee80211_key
*key
,
600 struct ieee80211_sub_if_data
*sdata
,
601 struct sta_info
*sta
)
603 struct ieee80211_local
*local
= sdata
->local
;
604 struct ieee80211_key
*old_key
;
608 pairwise
= key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
;
609 idx
= key
->conf
.keyidx
;
610 key
->local
= sdata
->local
;
614 mutex_lock(&sdata
->local
->key_mtx
);
617 old_key
= key_mtx_dereference(sdata
->local
, sta
->ptk
[idx
]);
619 old_key
= key_mtx_dereference(sdata
->local
, sta
->gtk
[idx
]);
621 old_key
= key_mtx_dereference(sdata
->local
, sdata
->keys
[idx
]);
623 increment_tailroom_need_count(sdata
);
625 ieee80211_key_replace(sdata
, sta
, pairwise
, old_key
, key
);
626 ieee80211_key_destroy(old_key
, true);
628 ieee80211_debugfs_key_add(key
);
630 if (!local
->wowlan
) {
631 ret
= ieee80211_key_enable_hw_accel(key
);
633 ieee80211_key_free(key
, true);
638 mutex_unlock(&sdata
->local
->key_mtx
);
643 void ieee80211_key_free(struct ieee80211_key
*key
, bool delay_tailroom
)
649 * Replace key with nothingness if it was ever used.
652 ieee80211_key_replace(key
->sdata
, key
->sta
,
653 key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
,
655 ieee80211_key_destroy(key
, delay_tailroom
);
658 void ieee80211_enable_keys(struct ieee80211_sub_if_data
*sdata
)
660 struct ieee80211_key
*key
;
661 struct ieee80211_sub_if_data
*vlan
;
665 if (WARN_ON(!ieee80211_sdata_running(sdata
)))
668 mutex_lock(&sdata
->local
->key_mtx
);
670 WARN_ON_ONCE(sdata
->crypto_tx_tailroom_needed_cnt
||
671 sdata
->crypto_tx_tailroom_pending_dec
);
673 if (sdata
->vif
.type
== NL80211_IFTYPE_AP
) {
674 list_for_each_entry(vlan
, &sdata
->u
.ap
.vlans
, u
.vlan
.list
)
675 WARN_ON_ONCE(vlan
->crypto_tx_tailroom_needed_cnt
||
676 vlan
->crypto_tx_tailroom_pending_dec
);
679 list_for_each_entry(key
, &sdata
->key_list
, list
) {
680 increment_tailroom_need_count(sdata
);
681 ieee80211_key_enable_hw_accel(key
);
684 mutex_unlock(&sdata
->local
->key_mtx
);
687 void ieee80211_reset_crypto_tx_tailroom(struct ieee80211_sub_if_data
*sdata
)
689 struct ieee80211_sub_if_data
*vlan
;
691 mutex_lock(&sdata
->local
->key_mtx
);
693 sdata
->crypto_tx_tailroom_needed_cnt
= 0;
695 if (sdata
->vif
.type
== NL80211_IFTYPE_AP
) {
696 list_for_each_entry(vlan
, &sdata
->u
.ap
.vlans
, u
.vlan
.list
)
697 vlan
->crypto_tx_tailroom_needed_cnt
= 0;
700 mutex_unlock(&sdata
->local
->key_mtx
);
703 void ieee80211_iter_keys(struct ieee80211_hw
*hw
,
704 struct ieee80211_vif
*vif
,
705 void (*iter
)(struct ieee80211_hw
*hw
,
706 struct ieee80211_vif
*vif
,
707 struct ieee80211_sta
*sta
,
708 struct ieee80211_key_conf
*key
,
712 struct ieee80211_local
*local
= hw_to_local(hw
);
713 struct ieee80211_key
*key
, *tmp
;
714 struct ieee80211_sub_if_data
*sdata
;
718 mutex_lock(&local
->key_mtx
);
720 sdata
= vif_to_sdata(vif
);
721 list_for_each_entry_safe(key
, tmp
, &sdata
->key_list
, list
)
722 iter(hw
, &sdata
->vif
,
723 key
->sta
? &key
->sta
->sta
: NULL
,
724 &key
->conf
, iter_data
);
726 list_for_each_entry(sdata
, &local
->interfaces
, list
)
727 list_for_each_entry_safe(key
, tmp
,
728 &sdata
->key_list
, list
)
729 iter(hw
, &sdata
->vif
,
730 key
->sta
? &key
->sta
->sta
: NULL
,
731 &key
->conf
, iter_data
);
733 mutex_unlock(&local
->key_mtx
);
735 EXPORT_SYMBOL(ieee80211_iter_keys
);
737 static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data
*sdata
,
738 struct list_head
*keys
)
740 struct ieee80211_key
*key
, *tmp
;
742 decrease_tailroom_need_count(sdata
,
743 sdata
->crypto_tx_tailroom_pending_dec
);
744 sdata
->crypto_tx_tailroom_pending_dec
= 0;
746 ieee80211_debugfs_key_remove_mgmt_default(sdata
);
748 list_for_each_entry_safe(key
, tmp
, &sdata
->key_list
, list
) {
749 ieee80211_key_replace(key
->sdata
, key
->sta
,
750 key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
,
752 list_add_tail(&key
->list
, keys
);
755 ieee80211_debugfs_key_update_default(sdata
);
758 void ieee80211_free_keys(struct ieee80211_sub_if_data
*sdata
,
759 bool force_synchronize
)
761 struct ieee80211_local
*local
= sdata
->local
;
762 struct ieee80211_sub_if_data
*vlan
;
763 struct ieee80211_sub_if_data
*master
;
764 struct ieee80211_key
*key
, *tmp
;
767 cancel_delayed_work_sync(&sdata
->dec_tailroom_needed_wk
);
769 mutex_lock(&local
->key_mtx
);
771 ieee80211_free_keys_iface(sdata
, &keys
);
773 if (sdata
->vif
.type
== NL80211_IFTYPE_AP
) {
774 list_for_each_entry(vlan
, &sdata
->u
.ap
.vlans
, u
.vlan
.list
)
775 ieee80211_free_keys_iface(vlan
, &keys
);
778 if (!list_empty(&keys
) || force_synchronize
)
780 list_for_each_entry_safe(key
, tmp
, &keys
, list
)
781 __ieee80211_key_destroy(key
, false);
783 if (sdata
->vif
.type
== NL80211_IFTYPE_AP_VLAN
) {
785 master
= container_of(sdata
->bss
,
786 struct ieee80211_sub_if_data
,
789 WARN_ON_ONCE(sdata
->crypto_tx_tailroom_needed_cnt
!=
790 master
->crypto_tx_tailroom_needed_cnt
);
793 WARN_ON_ONCE(sdata
->crypto_tx_tailroom_needed_cnt
||
794 sdata
->crypto_tx_tailroom_pending_dec
);
797 if (sdata
->vif
.type
== NL80211_IFTYPE_AP
) {
798 list_for_each_entry(vlan
, &sdata
->u
.ap
.vlans
, u
.vlan
.list
)
799 WARN_ON_ONCE(vlan
->crypto_tx_tailroom_needed_cnt
||
800 vlan
->crypto_tx_tailroom_pending_dec
);
803 mutex_unlock(&local
->key_mtx
);
806 void ieee80211_free_sta_keys(struct ieee80211_local
*local
,
807 struct sta_info
*sta
)
809 struct ieee80211_key
*key
;
812 mutex_lock(&local
->key_mtx
);
813 for (i
= 0; i
< ARRAY_SIZE(sta
->gtk
); i
++) {
814 key
= key_mtx_dereference(local
, sta
->gtk
[i
]);
817 ieee80211_key_replace(key
->sdata
, key
->sta
,
818 key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
,
820 __ieee80211_key_destroy(key
, true);
823 for (i
= 0; i
< NUM_DEFAULT_KEYS
; i
++) {
824 key
= key_mtx_dereference(local
, sta
->ptk
[i
]);
827 ieee80211_key_replace(key
->sdata
, key
->sta
,
828 key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
,
830 __ieee80211_key_destroy(key
, true);
833 mutex_unlock(&local
->key_mtx
);
836 void ieee80211_delayed_tailroom_dec(struct work_struct
*wk
)
838 struct ieee80211_sub_if_data
*sdata
;
840 sdata
= container_of(wk
, struct ieee80211_sub_if_data
,
841 dec_tailroom_needed_wk
.work
);
844 * The reason for the delayed tailroom needed decrementing is to
845 * make roaming faster: during roaming, all keys are first deleted
846 * and then new keys are installed. The first new key causes the
847 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes
848 * the cost of synchronize_net() (which can be slow). Avoid this
849 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on
850 * key removal for a while, so if we roam the value is larger than
851 * zero and no 0->1 transition happens.
853 * The cost is that if the AP switching was from an AP with keys
854 * to one without, we still allocate tailroom while it would no
855 * longer be needed. However, in the typical (fast) roaming case
856 * within an ESS this usually won't happen.
859 mutex_lock(&sdata
->local
->key_mtx
);
860 decrease_tailroom_need_count(sdata
,
861 sdata
->crypto_tx_tailroom_pending_dec
);
862 sdata
->crypto_tx_tailroom_pending_dec
= 0;
863 mutex_unlock(&sdata
->local
->key_mtx
);
866 void ieee80211_gtk_rekey_notify(struct ieee80211_vif
*vif
, const u8
*bssid
,
867 const u8
*replay_ctr
, gfp_t gfp
)
869 struct ieee80211_sub_if_data
*sdata
= vif_to_sdata(vif
);
871 trace_api_gtk_rekey_notify(sdata
, bssid
, replay_ctr
);
873 cfg80211_gtk_rekey_notify(sdata
->dev
, bssid
, replay_ctr
, gfp
);
875 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify
);
877 void ieee80211_get_key_tx_seq(struct ieee80211_key_conf
*keyconf
,
878 struct ieee80211_key_seq
*seq
)
880 struct ieee80211_key
*key
;
883 if (WARN_ON(!(keyconf
->flags
& IEEE80211_KEY_FLAG_GENERATE_IV
)))
886 key
= container_of(keyconf
, struct ieee80211_key
, conf
);
888 switch (key
->conf
.cipher
) {
889 case WLAN_CIPHER_SUITE_TKIP
:
890 seq
->tkip
.iv32
= key
->u
.tkip
.tx
.iv32
;
891 seq
->tkip
.iv16
= key
->u
.tkip
.tx
.iv16
;
893 case WLAN_CIPHER_SUITE_CCMP
:
894 case WLAN_CIPHER_SUITE_CCMP_256
:
895 pn64
= atomic64_read(&key
->u
.ccmp
.tx_pn
);
896 seq
->ccmp
.pn
[5] = pn64
;
897 seq
->ccmp
.pn
[4] = pn64
>> 8;
898 seq
->ccmp
.pn
[3] = pn64
>> 16;
899 seq
->ccmp
.pn
[2] = pn64
>> 24;
900 seq
->ccmp
.pn
[1] = pn64
>> 32;
901 seq
->ccmp
.pn
[0] = pn64
>> 40;
903 case WLAN_CIPHER_SUITE_AES_CMAC
:
904 case WLAN_CIPHER_SUITE_BIP_CMAC_256
:
905 pn64
= atomic64_read(&key
->u
.aes_cmac
.tx_pn
);
906 seq
->ccmp
.pn
[5] = pn64
;
907 seq
->ccmp
.pn
[4] = pn64
>> 8;
908 seq
->ccmp
.pn
[3] = pn64
>> 16;
909 seq
->ccmp
.pn
[2] = pn64
>> 24;
910 seq
->ccmp
.pn
[1] = pn64
>> 32;
911 seq
->ccmp
.pn
[0] = pn64
>> 40;
913 case WLAN_CIPHER_SUITE_BIP_GMAC_128
:
914 case WLAN_CIPHER_SUITE_BIP_GMAC_256
:
915 pn64
= atomic64_read(&key
->u
.aes_gmac
.tx_pn
);
916 seq
->ccmp
.pn
[5] = pn64
;
917 seq
->ccmp
.pn
[4] = pn64
>> 8;
918 seq
->ccmp
.pn
[3] = pn64
>> 16;
919 seq
->ccmp
.pn
[2] = pn64
>> 24;
920 seq
->ccmp
.pn
[1] = pn64
>> 32;
921 seq
->ccmp
.pn
[0] = pn64
>> 40;
923 case WLAN_CIPHER_SUITE_GCMP
:
924 case WLAN_CIPHER_SUITE_GCMP_256
:
925 pn64
= atomic64_read(&key
->u
.gcmp
.tx_pn
);
926 seq
->gcmp
.pn
[5] = pn64
;
927 seq
->gcmp
.pn
[4] = pn64
>> 8;
928 seq
->gcmp
.pn
[3] = pn64
>> 16;
929 seq
->gcmp
.pn
[2] = pn64
>> 24;
930 seq
->gcmp
.pn
[1] = pn64
>> 32;
931 seq
->gcmp
.pn
[0] = pn64
>> 40;
937 EXPORT_SYMBOL(ieee80211_get_key_tx_seq
);
939 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf
*keyconf
,
940 int tid
, struct ieee80211_key_seq
*seq
)
942 struct ieee80211_key
*key
;
945 key
= container_of(keyconf
, struct ieee80211_key
, conf
);
947 switch (key
->conf
.cipher
) {
948 case WLAN_CIPHER_SUITE_TKIP
:
949 if (WARN_ON(tid
< 0 || tid
>= IEEE80211_NUM_TIDS
))
951 seq
->tkip
.iv32
= key
->u
.tkip
.rx
[tid
].iv32
;
952 seq
->tkip
.iv16
= key
->u
.tkip
.rx
[tid
].iv16
;
954 case WLAN_CIPHER_SUITE_CCMP
:
955 case WLAN_CIPHER_SUITE_CCMP_256
:
956 if (WARN_ON(tid
< -1 || tid
>= IEEE80211_NUM_TIDS
))
959 pn
= key
->u
.ccmp
.rx_pn
[IEEE80211_NUM_TIDS
];
961 pn
= key
->u
.ccmp
.rx_pn
[tid
];
962 memcpy(seq
->ccmp
.pn
, pn
, IEEE80211_CCMP_PN_LEN
);
964 case WLAN_CIPHER_SUITE_AES_CMAC
:
965 case WLAN_CIPHER_SUITE_BIP_CMAC_256
:
966 if (WARN_ON(tid
!= 0))
968 pn
= key
->u
.aes_cmac
.rx_pn
;
969 memcpy(seq
->aes_cmac
.pn
, pn
, IEEE80211_CMAC_PN_LEN
);
971 case WLAN_CIPHER_SUITE_BIP_GMAC_128
:
972 case WLAN_CIPHER_SUITE_BIP_GMAC_256
:
973 if (WARN_ON(tid
!= 0))
975 pn
= key
->u
.aes_gmac
.rx_pn
;
976 memcpy(seq
->aes_gmac
.pn
, pn
, IEEE80211_GMAC_PN_LEN
);
978 case WLAN_CIPHER_SUITE_GCMP
:
979 case WLAN_CIPHER_SUITE_GCMP_256
:
980 if (WARN_ON(tid
< -1 || tid
>= IEEE80211_NUM_TIDS
))
983 pn
= key
->u
.gcmp
.rx_pn
[IEEE80211_NUM_TIDS
];
985 pn
= key
->u
.gcmp
.rx_pn
[tid
];
986 memcpy(seq
->gcmp
.pn
, pn
, IEEE80211_GCMP_PN_LEN
);
990 EXPORT_SYMBOL(ieee80211_get_key_rx_seq
);
992 void ieee80211_set_key_tx_seq(struct ieee80211_key_conf
*keyconf
,
993 struct ieee80211_key_seq
*seq
)
995 struct ieee80211_key
*key
;
998 key
= container_of(keyconf
, struct ieee80211_key
, conf
);
1000 switch (key
->conf
.cipher
) {
1001 case WLAN_CIPHER_SUITE_TKIP
:
1002 key
->u
.tkip
.tx
.iv32
= seq
->tkip
.iv32
;
1003 key
->u
.tkip
.tx
.iv16
= seq
->tkip
.iv16
;
1005 case WLAN_CIPHER_SUITE_CCMP
:
1006 case WLAN_CIPHER_SUITE_CCMP_256
:
1007 pn64
= (u64
)seq
->ccmp
.pn
[5] |
1008 ((u64
)seq
->ccmp
.pn
[4] << 8) |
1009 ((u64
)seq
->ccmp
.pn
[3] << 16) |
1010 ((u64
)seq
->ccmp
.pn
[2] << 24) |
1011 ((u64
)seq
->ccmp
.pn
[1] << 32) |
1012 ((u64
)seq
->ccmp
.pn
[0] << 40);
1013 atomic64_set(&key
->u
.ccmp
.tx_pn
, pn64
);
1015 case WLAN_CIPHER_SUITE_AES_CMAC
:
1016 case WLAN_CIPHER_SUITE_BIP_CMAC_256
:
1017 pn64
= (u64
)seq
->aes_cmac
.pn
[5] |
1018 ((u64
)seq
->aes_cmac
.pn
[4] << 8) |
1019 ((u64
)seq
->aes_cmac
.pn
[3] << 16) |
1020 ((u64
)seq
->aes_cmac
.pn
[2] << 24) |
1021 ((u64
)seq
->aes_cmac
.pn
[1] << 32) |
1022 ((u64
)seq
->aes_cmac
.pn
[0] << 40);
1023 atomic64_set(&key
->u
.aes_cmac
.tx_pn
, pn64
);
1025 case WLAN_CIPHER_SUITE_BIP_GMAC_128
:
1026 case WLAN_CIPHER_SUITE_BIP_GMAC_256
:
1027 pn64
= (u64
)seq
->aes_gmac
.pn
[5] |
1028 ((u64
)seq
->aes_gmac
.pn
[4] << 8) |
1029 ((u64
)seq
->aes_gmac
.pn
[3] << 16) |
1030 ((u64
)seq
->aes_gmac
.pn
[2] << 24) |
1031 ((u64
)seq
->aes_gmac
.pn
[1] << 32) |
1032 ((u64
)seq
->aes_gmac
.pn
[0] << 40);
1033 atomic64_set(&key
->u
.aes_gmac
.tx_pn
, pn64
);
1035 case WLAN_CIPHER_SUITE_GCMP
:
1036 case WLAN_CIPHER_SUITE_GCMP_256
:
1037 pn64
= (u64
)seq
->gcmp
.pn
[5] |
1038 ((u64
)seq
->gcmp
.pn
[4] << 8) |
1039 ((u64
)seq
->gcmp
.pn
[3] << 16) |
1040 ((u64
)seq
->gcmp
.pn
[2] << 24) |
1041 ((u64
)seq
->gcmp
.pn
[1] << 32) |
1042 ((u64
)seq
->gcmp
.pn
[0] << 40);
1043 atomic64_set(&key
->u
.gcmp
.tx_pn
, pn64
);
1050 EXPORT_SYMBOL_GPL(ieee80211_set_key_tx_seq
);
1052 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf
*keyconf
,
1053 int tid
, struct ieee80211_key_seq
*seq
)
1055 struct ieee80211_key
*key
;
1058 key
= container_of(keyconf
, struct ieee80211_key
, conf
);
1060 switch (key
->conf
.cipher
) {
1061 case WLAN_CIPHER_SUITE_TKIP
:
1062 if (WARN_ON(tid
< 0 || tid
>= IEEE80211_NUM_TIDS
))
1064 key
->u
.tkip
.rx
[tid
].iv32
= seq
->tkip
.iv32
;
1065 key
->u
.tkip
.rx
[tid
].iv16
= seq
->tkip
.iv16
;
1067 case WLAN_CIPHER_SUITE_CCMP
:
1068 case WLAN_CIPHER_SUITE_CCMP_256
:
1069 if (WARN_ON(tid
< -1 || tid
>= IEEE80211_NUM_TIDS
))
1072 pn
= key
->u
.ccmp
.rx_pn
[IEEE80211_NUM_TIDS
];
1074 pn
= key
->u
.ccmp
.rx_pn
[tid
];
1075 memcpy(pn
, seq
->ccmp
.pn
, IEEE80211_CCMP_PN_LEN
);
1077 case WLAN_CIPHER_SUITE_AES_CMAC
:
1078 case WLAN_CIPHER_SUITE_BIP_CMAC_256
:
1079 if (WARN_ON(tid
!= 0))
1081 pn
= key
->u
.aes_cmac
.rx_pn
;
1082 memcpy(pn
, seq
->aes_cmac
.pn
, IEEE80211_CMAC_PN_LEN
);
1084 case WLAN_CIPHER_SUITE_BIP_GMAC_128
:
1085 case WLAN_CIPHER_SUITE_BIP_GMAC_256
:
1086 if (WARN_ON(tid
!= 0))
1088 pn
= key
->u
.aes_gmac
.rx_pn
;
1089 memcpy(pn
, seq
->aes_gmac
.pn
, IEEE80211_GMAC_PN_LEN
);
1091 case WLAN_CIPHER_SUITE_GCMP
:
1092 case WLAN_CIPHER_SUITE_GCMP_256
:
1093 if (WARN_ON(tid
< -1 || tid
>= IEEE80211_NUM_TIDS
))
1096 pn
= key
->u
.gcmp
.rx_pn
[IEEE80211_NUM_TIDS
];
1098 pn
= key
->u
.gcmp
.rx_pn
[tid
];
1099 memcpy(pn
, seq
->gcmp
.pn
, IEEE80211_GCMP_PN_LEN
);
1106 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq
);
1108 void ieee80211_remove_key(struct ieee80211_key_conf
*keyconf
)
1110 struct ieee80211_key
*key
;
1112 key
= container_of(keyconf
, struct ieee80211_key
, conf
);
1114 assert_key_lock(key
->local
);
1117 * if key was uploaded, we assume the driver will/has remove(d)
1118 * it, so adjust bookkeeping accordingly
1120 if (key
->flags
& KEY_FLAG_UPLOADED_TO_HARDWARE
) {
1121 key
->flags
&= ~KEY_FLAG_UPLOADED_TO_HARDWARE
;
1123 if (!((key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_MMIC
) ||
1124 (key
->conf
.flags
& IEEE80211_KEY_FLAG_RESERVE_TAILROOM
)))
1125 increment_tailroom_need_count(key
->sdata
);
1128 ieee80211_key_free(key
, false);
1130 EXPORT_SYMBOL_GPL(ieee80211_remove_key
);
1132 struct ieee80211_key_conf
*
1133 ieee80211_gtk_rekey_add(struct ieee80211_vif
*vif
,
1134 struct ieee80211_key_conf
*keyconf
)
1136 struct ieee80211_sub_if_data
*sdata
= vif_to_sdata(vif
);
1137 struct ieee80211_local
*local
= sdata
->local
;
1138 struct ieee80211_key
*key
;
1141 if (WARN_ON(!local
->wowlan
))
1142 return ERR_PTR(-EINVAL
);
1144 if (WARN_ON(vif
->type
!= NL80211_IFTYPE_STATION
))
1145 return ERR_PTR(-EINVAL
);
1147 key
= ieee80211_key_alloc(keyconf
->cipher
, keyconf
->keyidx
,
1148 keyconf
->keylen
, keyconf
->key
,
1151 return ERR_CAST(key
);
1153 if (sdata
->u
.mgd
.mfp
!= IEEE80211_MFP_DISABLED
)
1154 key
->conf
.flags
|= IEEE80211_KEY_FLAG_RX_MGMT
;
1156 err
= ieee80211_key_link(key
, sdata
, NULL
);
1158 return ERR_PTR(err
);
1162 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add
);