2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
12 #include <linux/if_ether.h>
13 #include <linux/etherdevice.h>
14 #include <linux/list.h>
15 #include <linux/rcupdate.h>
16 #include <linux/rtnetlink.h>
17 #include <linux/slab.h>
18 #include <linux/export.h>
19 #include <net/mac80211.h>
20 #include <asm/unaligned.h>
21 #include "ieee80211_i.h"
22 #include "driver-ops.h"
23 #include "debugfs_key.h"
29 * DOC: Key handling basics
31 * Key handling in mac80211 is done based on per-interface (sub_if_data)
32 * keys and per-station keys. Since each station belongs to an interface,
33 * each station key also belongs to that interface.
35 * Hardware acceleration is done on a best-effort basis for algorithms
36 * that are implemented in software, for each key the hardware is asked
37 * to enable that key for offloading but if it cannot do that the key is
38 * simply kept for software encryption (unless it is for an algorithm
39 * that isn't implemented in software).
40 * There is currently no way of knowing whether a key is handled in SW
41 * or HW except by looking into debugfs.
43 * All key management is internally protected by a mutex. Within all
44 * other parts of mac80211, key references are, just as STA structure
45 * references, protected by RCU. Note, however, that some things are
46 * unprotected, namely the key->sta dereferences within the hardware
47 * acceleration functions. This means that sta_info_destroy() must
48 * remove the key which waits for an RCU grace period.
51 static const u8 bcast_addr
[ETH_ALEN
] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
53 static void assert_key_lock(struct ieee80211_local
*local
)
55 lockdep_assert_held(&local
->key_mtx
);
58 static void increment_tailroom_need_count(struct ieee80211_sub_if_data
*sdata
)
61 * When this count is zero, SKB resizing for allocating tailroom
62 * for IV or MMIC is skipped. But, this check has created two race
63 * cases in xmit path while transiting from zero count to one:
65 * 1. SKB resize was skipped because no key was added but just before
66 * the xmit key is added and SW encryption kicks off.
68 * 2. SKB resize was skipped because all the keys were hw planted but
69 * just before xmit one of the key is deleted and SW encryption kicks
72 * In both the above case SW encryption will find not enough space for
73 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
75 * Solution has been explained at
76 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
79 if (!sdata
->crypto_tx_tailroom_needed_cnt
++) {
81 * Flush all XMIT packets currently using HW encryption or no
82 * encryption at all if the count transition is from 0 -> 1.
88 static int ieee80211_key_enable_hw_accel(struct ieee80211_key
*key
)
90 struct ieee80211_sub_if_data
*sdata
;
96 if (!key
->local
->ops
->set_key
)
99 assert_key_lock(key
->local
);
104 * If this is a per-STA GTK, check if it
105 * is supported; if not, return.
107 if (sta
&& !(key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
) &&
108 !(key
->local
->hw
.flags
& IEEE80211_HW_SUPPORTS_PER_STA_GTK
))
109 goto out_unsupported
;
111 if (sta
&& !sta
->uploaded
)
112 goto out_unsupported
;
115 if (sdata
->vif
.type
== NL80211_IFTYPE_AP_VLAN
) {
117 * The driver doesn't know anything about VLAN interfaces.
118 * Hence, don't send GTKs for VLAN interfaces to the driver.
120 if (!(key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
))
121 goto out_unsupported
;
124 ret
= drv_set_key(key
->local
, SET_KEY
, sdata
,
125 sta
? &sta
->sta
: NULL
, &key
->conf
);
128 key
->flags
|= KEY_FLAG_UPLOADED_TO_HARDWARE
;
130 if (!((key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_MMIC
) ||
131 (key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_IV
) ||
132 (key
->conf
.flags
& IEEE80211_KEY_FLAG_PUT_IV_SPACE
)))
133 sdata
->crypto_tx_tailroom_needed_cnt
--;
135 WARN_ON((key
->conf
.flags
& IEEE80211_KEY_FLAG_PUT_IV_SPACE
) &&
136 (key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_IV
));
141 if (ret
!= -ENOSPC
&& ret
!= -EOPNOTSUPP
)
142 wiphy_err(key
->local
->hw
.wiphy
,
143 "failed to set key (%d, %pM) to hardware (%d)\n",
145 sta
? sta
->sta
.addr
: bcast_addr
, ret
);
148 switch (key
->conf
.cipher
) {
149 case WLAN_CIPHER_SUITE_WEP40
:
150 case WLAN_CIPHER_SUITE_WEP104
:
151 case WLAN_CIPHER_SUITE_TKIP
:
152 case WLAN_CIPHER_SUITE_CCMP
:
153 case WLAN_CIPHER_SUITE_AES_CMAC
:
154 /* all of these we can do in software */
161 static void ieee80211_key_disable_hw_accel(struct ieee80211_key
*key
)
163 struct ieee80211_sub_if_data
*sdata
;
164 struct sta_info
*sta
;
169 if (!key
|| !key
->local
->ops
->set_key
)
172 assert_key_lock(key
->local
);
174 if (!(key
->flags
& KEY_FLAG_UPLOADED_TO_HARDWARE
))
180 if (!((key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_MMIC
) ||
181 (key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_IV
) ||
182 (key
->conf
.flags
& IEEE80211_KEY_FLAG_PUT_IV_SPACE
)))
183 increment_tailroom_need_count(sdata
);
185 ret
= drv_set_key(key
->local
, DISABLE_KEY
, sdata
,
186 sta
? &sta
->sta
: NULL
, &key
->conf
);
189 wiphy_err(key
->local
->hw
.wiphy
,
190 "failed to remove key (%d, %pM) from hardware (%d)\n",
192 sta
? sta
->sta
.addr
: bcast_addr
, ret
);
194 key
->flags
&= ~KEY_FLAG_UPLOADED_TO_HARDWARE
;
197 void ieee80211_key_removed(struct ieee80211_key_conf
*key_conf
)
199 struct ieee80211_key
*key
;
201 key
= container_of(key_conf
, struct ieee80211_key
, conf
);
204 assert_key_lock(key
->local
);
206 key
->flags
&= ~KEY_FLAG_UPLOADED_TO_HARDWARE
;
209 * Flush TX path to avoid attempts to use this key
210 * after this function returns. Until then, drivers
211 * must be prepared to handle the key.
215 EXPORT_SYMBOL_GPL(ieee80211_key_removed
);
217 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data
*sdata
,
218 int idx
, bool uni
, bool multi
)
220 struct ieee80211_key
*key
= NULL
;
222 assert_key_lock(sdata
->local
);
224 if (idx
>= 0 && idx
< NUM_DEFAULT_KEYS
)
225 key
= key_mtx_dereference(sdata
->local
, sdata
->keys
[idx
]);
228 rcu_assign_pointer(sdata
->default_unicast_key
, key
);
230 rcu_assign_pointer(sdata
->default_multicast_key
, key
);
232 ieee80211_debugfs_key_update_default(sdata
);
235 void ieee80211_set_default_key(struct ieee80211_sub_if_data
*sdata
, int idx
,
236 bool uni
, bool multi
)
238 mutex_lock(&sdata
->local
->key_mtx
);
239 __ieee80211_set_default_key(sdata
, idx
, uni
, multi
);
240 mutex_unlock(&sdata
->local
->key_mtx
);
244 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data
*sdata
, int idx
)
246 struct ieee80211_key
*key
= NULL
;
248 assert_key_lock(sdata
->local
);
250 if (idx
>= NUM_DEFAULT_KEYS
&&
251 idx
< NUM_DEFAULT_KEYS
+ NUM_DEFAULT_MGMT_KEYS
)
252 key
= key_mtx_dereference(sdata
->local
, sdata
->keys
[idx
]);
254 rcu_assign_pointer(sdata
->default_mgmt_key
, key
);
256 ieee80211_debugfs_key_update_default(sdata
);
259 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data
*sdata
,
262 mutex_lock(&sdata
->local
->key_mtx
);
263 __ieee80211_set_default_mgmt_key(sdata
, idx
);
264 mutex_unlock(&sdata
->local
->key_mtx
);
268 static void __ieee80211_key_replace(struct ieee80211_sub_if_data
*sdata
,
269 struct sta_info
*sta
,
271 struct ieee80211_key
*old
,
272 struct ieee80211_key
*new)
275 bool defunikey
, defmultikey
, defmgmtkey
;
278 list_add_tail(&new->list
, &sdata
->key_list
);
280 if (sta
&& pairwise
) {
281 rcu_assign_pointer(sta
->ptk
, new);
284 idx
= old
->conf
.keyidx
;
286 idx
= new->conf
.keyidx
;
287 rcu_assign_pointer(sta
->gtk
[idx
], new);
289 WARN_ON(new && old
&& new->conf
.keyidx
!= old
->conf
.keyidx
);
292 idx
= old
->conf
.keyidx
;
294 idx
= new->conf
.keyidx
;
297 old
== key_mtx_dereference(sdata
->local
,
298 sdata
->default_unicast_key
);
300 old
== key_mtx_dereference(sdata
->local
,
301 sdata
->default_multicast_key
);
303 old
== key_mtx_dereference(sdata
->local
,
304 sdata
->default_mgmt_key
);
306 if (defunikey
&& !new)
307 __ieee80211_set_default_key(sdata
, -1, true, false);
308 if (defmultikey
&& !new)
309 __ieee80211_set_default_key(sdata
, -1, false, true);
310 if (defmgmtkey
&& !new)
311 __ieee80211_set_default_mgmt_key(sdata
, -1);
313 rcu_assign_pointer(sdata
->keys
[idx
], new);
314 if (defunikey
&& new)
315 __ieee80211_set_default_key(sdata
, new->conf
.keyidx
,
317 if (defmultikey
&& new)
318 __ieee80211_set_default_key(sdata
, new->conf
.keyidx
,
320 if (defmgmtkey
&& new)
321 __ieee80211_set_default_mgmt_key(sdata
,
326 list_del(&old
->list
);
329 struct ieee80211_key
*ieee80211_key_alloc(u32 cipher
, int idx
, size_t key_len
,
331 size_t seq_len
, const u8
*seq
)
333 struct ieee80211_key
*key
;
336 BUG_ON(idx
< 0 || idx
>= NUM_DEFAULT_KEYS
+ NUM_DEFAULT_MGMT_KEYS
);
338 key
= kzalloc(sizeof(struct ieee80211_key
) + key_len
, GFP_KERNEL
);
340 return ERR_PTR(-ENOMEM
);
343 * Default to software encryption; we'll later upload the
344 * key to the hardware if possible.
349 key
->conf
.cipher
= cipher
;
350 key
->conf
.keyidx
= idx
;
351 key
->conf
.keylen
= key_len
;
353 case WLAN_CIPHER_SUITE_WEP40
:
354 case WLAN_CIPHER_SUITE_WEP104
:
355 key
->conf
.iv_len
= WEP_IV_LEN
;
356 key
->conf
.icv_len
= WEP_ICV_LEN
;
358 case WLAN_CIPHER_SUITE_TKIP
:
359 key
->conf
.iv_len
= TKIP_IV_LEN
;
360 key
->conf
.icv_len
= TKIP_ICV_LEN
;
362 for (i
= 0; i
< NUM_RX_DATA_QUEUES
; i
++) {
363 key
->u
.tkip
.rx
[i
].iv32
=
364 get_unaligned_le32(&seq
[2]);
365 key
->u
.tkip
.rx
[i
].iv16
=
366 get_unaligned_le16(seq
);
369 spin_lock_init(&key
->u
.tkip
.txlock
);
371 case WLAN_CIPHER_SUITE_CCMP
:
372 key
->conf
.iv_len
= CCMP_HDR_LEN
;
373 key
->conf
.icv_len
= CCMP_MIC_LEN
;
375 for (i
= 0; i
< NUM_RX_DATA_QUEUES
+ 1; i
++)
376 for (j
= 0; j
< CCMP_PN_LEN
; j
++)
377 key
->u
.ccmp
.rx_pn
[i
][j
] =
378 seq
[CCMP_PN_LEN
- j
- 1];
381 * Initialize AES key state here as an optimization so that
382 * it does not need to be initialized for every packet.
384 key
->u
.ccmp
.tfm
= ieee80211_aes_key_setup_encrypt(key_data
);
385 if (IS_ERR(key
->u
.ccmp
.tfm
)) {
386 err
= PTR_ERR(key
->u
.ccmp
.tfm
);
391 case WLAN_CIPHER_SUITE_AES_CMAC
:
392 key
->conf
.iv_len
= 0;
393 key
->conf
.icv_len
= sizeof(struct ieee80211_mmie
);
395 for (j
= 0; j
< 6; j
++)
396 key
->u
.aes_cmac
.rx_pn
[j
] = seq
[6 - j
- 1];
398 * Initialize AES key state here as an optimization so that
399 * it does not need to be initialized for every packet.
401 key
->u
.aes_cmac
.tfm
=
402 ieee80211_aes_cmac_key_setup(key_data
);
403 if (IS_ERR(key
->u
.aes_cmac
.tfm
)) {
404 err
= PTR_ERR(key
->u
.aes_cmac
.tfm
);
410 memcpy(key
->conf
.key
, key_data
, key_len
);
411 INIT_LIST_HEAD(&key
->list
);
416 static void __ieee80211_key_destroy(struct ieee80211_key
*key
)
422 * Synchronize so the TX path can no longer be using
423 * this key before we free/remove it.
428 ieee80211_key_disable_hw_accel(key
);
430 if (key
->conf
.cipher
== WLAN_CIPHER_SUITE_CCMP
)
431 ieee80211_aes_key_free(key
->u
.ccmp
.tfm
);
432 if (key
->conf
.cipher
== WLAN_CIPHER_SUITE_AES_CMAC
)
433 ieee80211_aes_cmac_key_free(key
->u
.aes_cmac
.tfm
);
435 ieee80211_debugfs_key_remove(key
);
436 key
->sdata
->crypto_tx_tailroom_needed_cnt
--;
442 int ieee80211_key_link(struct ieee80211_key
*key
,
443 struct ieee80211_sub_if_data
*sdata
,
444 struct sta_info
*sta
)
446 struct ieee80211_key
*old_key
;
453 pairwise
= key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
;
454 idx
= key
->conf
.keyidx
;
455 key
->local
= sdata
->local
;
461 * some hardware cannot handle TKIP with QoS, so
462 * we indicate whether QoS could be in use.
464 if (test_sta_flag(sta
, WLAN_STA_WME
))
465 key
->conf
.flags
|= IEEE80211_KEY_FLAG_WMM_STA
;
467 if (sdata
->vif
.type
== NL80211_IFTYPE_STATION
) {
471 * We're getting a sta pointer in, so must be under
472 * appropriate locking for sta_info_get().
475 /* same here, the AP could be using QoS */
476 ap
= sta_info_get(key
->sdata
, key
->sdata
->u
.mgd
.bssid
);
478 if (test_sta_flag(ap
, WLAN_STA_WME
))
480 IEEE80211_KEY_FLAG_WMM_STA
;
485 mutex_lock(&sdata
->local
->key_mtx
);
488 old_key
= key_mtx_dereference(sdata
->local
, sta
->ptk
);
490 old_key
= key_mtx_dereference(sdata
->local
, sta
->gtk
[idx
]);
492 old_key
= key_mtx_dereference(sdata
->local
, sdata
->keys
[idx
]);
494 increment_tailroom_need_count(sdata
);
496 __ieee80211_key_replace(sdata
, sta
, pairwise
, old_key
, key
);
497 __ieee80211_key_destroy(old_key
);
499 ieee80211_debugfs_key_add(key
);
501 ret
= ieee80211_key_enable_hw_accel(key
);
503 mutex_unlock(&sdata
->local
->key_mtx
);
508 void __ieee80211_key_free(struct ieee80211_key
*key
)
514 * Replace key with nothingness if it was ever used.
517 __ieee80211_key_replace(key
->sdata
, key
->sta
,
518 key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
,
520 __ieee80211_key_destroy(key
);
523 void ieee80211_key_free(struct ieee80211_local
*local
,
524 struct ieee80211_key
*key
)
526 mutex_lock(&local
->key_mtx
);
527 __ieee80211_key_free(key
);
528 mutex_unlock(&local
->key_mtx
);
531 void ieee80211_enable_keys(struct ieee80211_sub_if_data
*sdata
)
533 struct ieee80211_key
*key
;
537 if (WARN_ON(!ieee80211_sdata_running(sdata
)))
540 mutex_lock(&sdata
->local
->key_mtx
);
542 sdata
->crypto_tx_tailroom_needed_cnt
= 0;
544 list_for_each_entry(key
, &sdata
->key_list
, list
) {
545 increment_tailroom_need_count(sdata
);
546 ieee80211_key_enable_hw_accel(key
);
549 mutex_unlock(&sdata
->local
->key_mtx
);
552 void ieee80211_iter_keys(struct ieee80211_hw
*hw
,
553 struct ieee80211_vif
*vif
,
554 void (*iter
)(struct ieee80211_hw
*hw
,
555 struct ieee80211_vif
*vif
,
556 struct ieee80211_sta
*sta
,
557 struct ieee80211_key_conf
*key
,
561 struct ieee80211_local
*local
= hw_to_local(hw
);
562 struct ieee80211_key
*key
;
563 struct ieee80211_sub_if_data
*sdata
;
567 mutex_lock(&local
->key_mtx
);
569 sdata
= vif_to_sdata(vif
);
570 list_for_each_entry(key
, &sdata
->key_list
, list
)
571 iter(hw
, &sdata
->vif
,
572 key
->sta
? &key
->sta
->sta
: NULL
,
573 &key
->conf
, iter_data
);
575 list_for_each_entry(sdata
, &local
->interfaces
, list
)
576 list_for_each_entry(key
, &sdata
->key_list
, list
)
577 iter(hw
, &sdata
->vif
,
578 key
->sta
? &key
->sta
->sta
: NULL
,
579 &key
->conf
, iter_data
);
581 mutex_unlock(&local
->key_mtx
);
583 EXPORT_SYMBOL(ieee80211_iter_keys
);
585 void ieee80211_disable_keys(struct ieee80211_sub_if_data
*sdata
)
587 struct ieee80211_key
*key
;
591 mutex_lock(&sdata
->local
->key_mtx
);
593 list_for_each_entry(key
, &sdata
->key_list
, list
)
594 ieee80211_key_disable_hw_accel(key
);
596 mutex_unlock(&sdata
->local
->key_mtx
);
599 void ieee80211_free_keys(struct ieee80211_sub_if_data
*sdata
)
601 struct ieee80211_key
*key
, *tmp
;
603 mutex_lock(&sdata
->local
->key_mtx
);
605 ieee80211_debugfs_key_remove_mgmt_default(sdata
);
607 list_for_each_entry_safe(key
, tmp
, &sdata
->key_list
, list
)
608 __ieee80211_key_free(key
);
610 ieee80211_debugfs_key_update_default(sdata
);
612 mutex_unlock(&sdata
->local
->key_mtx
);
616 void ieee80211_gtk_rekey_notify(struct ieee80211_vif
*vif
, const u8
*bssid
,
617 const u8
*replay_ctr
, gfp_t gfp
)
619 struct ieee80211_sub_if_data
*sdata
= vif_to_sdata(vif
);
621 trace_api_gtk_rekey_notify(sdata
, bssid
, replay_ctr
);
623 cfg80211_gtk_rekey_notify(sdata
->dev
, bssid
, replay_ctr
, gfp
);
625 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify
);
627 void ieee80211_get_key_tx_seq(struct ieee80211_key_conf
*keyconf
,
628 struct ieee80211_key_seq
*seq
)
630 struct ieee80211_key
*key
;
633 if (WARN_ON(!(keyconf
->flags
& IEEE80211_KEY_FLAG_GENERATE_IV
)))
636 key
= container_of(keyconf
, struct ieee80211_key
, conf
);
638 switch (key
->conf
.cipher
) {
639 case WLAN_CIPHER_SUITE_TKIP
:
640 seq
->tkip
.iv32
= key
->u
.tkip
.tx
.iv32
;
641 seq
->tkip
.iv16
= key
->u
.tkip
.tx
.iv16
;
643 case WLAN_CIPHER_SUITE_CCMP
:
644 pn64
= atomic64_read(&key
->u
.ccmp
.tx_pn
);
645 seq
->ccmp
.pn
[5] = pn64
;
646 seq
->ccmp
.pn
[4] = pn64
>> 8;
647 seq
->ccmp
.pn
[3] = pn64
>> 16;
648 seq
->ccmp
.pn
[2] = pn64
>> 24;
649 seq
->ccmp
.pn
[1] = pn64
>> 32;
650 seq
->ccmp
.pn
[0] = pn64
>> 40;
652 case WLAN_CIPHER_SUITE_AES_CMAC
:
653 pn64
= atomic64_read(&key
->u
.aes_cmac
.tx_pn
);
654 seq
->ccmp
.pn
[5] = pn64
;
655 seq
->ccmp
.pn
[4] = pn64
>> 8;
656 seq
->ccmp
.pn
[3] = pn64
>> 16;
657 seq
->ccmp
.pn
[2] = pn64
>> 24;
658 seq
->ccmp
.pn
[1] = pn64
>> 32;
659 seq
->ccmp
.pn
[0] = pn64
>> 40;
665 EXPORT_SYMBOL(ieee80211_get_key_tx_seq
);
667 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf
*keyconf
,
668 int tid
, struct ieee80211_key_seq
*seq
)
670 struct ieee80211_key
*key
;
673 key
= container_of(keyconf
, struct ieee80211_key
, conf
);
675 switch (key
->conf
.cipher
) {
676 case WLAN_CIPHER_SUITE_TKIP
:
677 if (WARN_ON(tid
< 0 || tid
>= NUM_RX_DATA_QUEUES
))
679 seq
->tkip
.iv32
= key
->u
.tkip
.rx
[tid
].iv32
;
680 seq
->tkip
.iv16
= key
->u
.tkip
.rx
[tid
].iv16
;
682 case WLAN_CIPHER_SUITE_CCMP
:
683 if (WARN_ON(tid
< -1 || tid
>= NUM_RX_DATA_QUEUES
))
686 pn
= key
->u
.ccmp
.rx_pn
[NUM_RX_DATA_QUEUES
];
688 pn
= key
->u
.ccmp
.rx_pn
[tid
];
689 memcpy(seq
->ccmp
.pn
, pn
, CCMP_PN_LEN
);
691 case WLAN_CIPHER_SUITE_AES_CMAC
:
692 if (WARN_ON(tid
!= 0))
694 pn
= key
->u
.aes_cmac
.rx_pn
;
695 memcpy(seq
->aes_cmac
.pn
, pn
, CMAC_PN_LEN
);
699 EXPORT_SYMBOL(ieee80211_get_key_rx_seq
);