2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
6 * Copyright 2013-2014 Intel Mobile Communications GmbH
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2 as
10 * published by the Free Software Foundation.
13 #include <linux/if_ether.h>
14 #include <linux/etherdevice.h>
15 #include <linux/list.h>
16 #include <linux/rcupdate.h>
17 #include <linux/rtnetlink.h>
18 #include <linux/slab.h>
19 #include <linux/export.h>
20 #include <net/mac80211.h>
21 #include <asm/unaligned.h>
22 #include "ieee80211_i.h"
23 #include "driver-ops.h"
24 #include "debugfs_key.h"
32 * DOC: Key handling basics
34 * Key handling in mac80211 is done based on per-interface (sub_if_data)
35 * keys and per-station keys. Since each station belongs to an interface,
36 * each station key also belongs to that interface.
38 * Hardware acceleration is done on a best-effort basis for algorithms
39 * that are implemented in software, for each key the hardware is asked
40 * to enable that key for offloading but if it cannot do that the key is
41 * simply kept for software encryption (unless it is for an algorithm
42 * that isn't implemented in software).
43 * There is currently no way of knowing whether a key is handled in SW
44 * or HW except by looking into debugfs.
46 * All key management is internally protected by a mutex. Within all
47 * other parts of mac80211, key references are, just as STA structure
48 * references, protected by RCU. Note, however, that some things are
49 * unprotected, namely the key->sta dereferences within the hardware
50 * acceleration functions. This means that sta_info_destroy() must
51 * remove the key which waits for an RCU grace period.
54 static const u8 bcast_addr
[ETH_ALEN
] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
56 static void assert_key_lock(struct ieee80211_local
*local
)
58 lockdep_assert_held(&local
->key_mtx
);
61 static void increment_tailroom_need_count(struct ieee80211_sub_if_data
*sdata
)
64 * When this count is zero, SKB resizing for allocating tailroom
65 * for IV or MMIC is skipped. But, this check has created two race
66 * cases in xmit path while transiting from zero count to one:
68 * 1. SKB resize was skipped because no key was added but just before
69 * the xmit key is added and SW encryption kicks off.
71 * 2. SKB resize was skipped because all the keys were hw planted but
72 * just before xmit one of the key is deleted and SW encryption kicks
75 * In both the above case SW encryption will find not enough space for
76 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
78 * Solution has been explained at
79 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
82 if (!sdata
->crypto_tx_tailroom_needed_cnt
++) {
84 * Flush all XMIT packets currently using HW encryption or no
85 * encryption at all if the count transition is from 0 -> 1.
91 static int ieee80211_key_enable_hw_accel(struct ieee80211_key
*key
)
93 struct ieee80211_sub_if_data
*sdata
;
95 int ret
= -EOPNOTSUPP
;
99 if (key
->flags
& KEY_FLAG_TAINTED
) {
100 /* If we get here, it's during resume and the key is
101 * tainted so shouldn't be used/programmed any more.
102 * However, its flags may still indicate that it was
103 * programmed into the device (since we're in resume)
104 * so clear that flag now to avoid trying to remove
107 key
->flags
&= ~KEY_FLAG_UPLOADED_TO_HARDWARE
;
111 if (!key
->local
->ops
->set_key
)
112 goto out_unsupported
;
114 assert_key_lock(key
->local
);
119 * If this is a per-STA GTK, check if it
120 * is supported; if not, return.
122 if (sta
&& !(key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
) &&
123 !(key
->local
->hw
.flags
& IEEE80211_HW_SUPPORTS_PER_STA_GTK
))
124 goto out_unsupported
;
126 if (sta
&& !sta
->uploaded
)
127 goto out_unsupported
;
130 if (sdata
->vif
.type
== NL80211_IFTYPE_AP_VLAN
) {
132 * The driver doesn't know anything about VLAN interfaces.
133 * Hence, don't send GTKs for VLAN interfaces to the driver.
135 if (!(key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
))
136 goto out_unsupported
;
139 ret
= drv_set_key(key
->local
, SET_KEY
, sdata
,
140 sta
? &sta
->sta
: NULL
, &key
->conf
);
143 key
->flags
|= KEY_FLAG_UPLOADED_TO_HARDWARE
;
145 if (!((key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_MMIC
) ||
146 (key
->conf
.flags
& IEEE80211_KEY_FLAG_RESERVE_TAILROOM
)))
147 sdata
->crypto_tx_tailroom_needed_cnt
--;
149 WARN_ON((key
->conf
.flags
& IEEE80211_KEY_FLAG_PUT_IV_SPACE
) &&
150 (key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_IV
));
155 if (ret
!= -ENOSPC
&& ret
!= -EOPNOTSUPP
&& ret
!= 1)
157 "failed to set key (%d, %pM) to hardware (%d)\n",
159 sta
? sta
->sta
.addr
: bcast_addr
, ret
);
162 switch (key
->conf
.cipher
) {
163 case WLAN_CIPHER_SUITE_WEP40
:
164 case WLAN_CIPHER_SUITE_WEP104
:
165 case WLAN_CIPHER_SUITE_TKIP
:
166 case WLAN_CIPHER_SUITE_CCMP
:
167 case WLAN_CIPHER_SUITE_CCMP_256
:
168 case WLAN_CIPHER_SUITE_AES_CMAC
:
169 case WLAN_CIPHER_SUITE_BIP_CMAC_256
:
170 case WLAN_CIPHER_SUITE_BIP_GMAC_128
:
171 case WLAN_CIPHER_SUITE_BIP_GMAC_256
:
172 case WLAN_CIPHER_SUITE_GCMP
:
173 case WLAN_CIPHER_SUITE_GCMP_256
:
174 /* all of these we can do in software - if driver can */
177 if (key
->local
->hw
.flags
& IEEE80211_HW_SW_CRYPTO_CONTROL
)
185 static void ieee80211_key_disable_hw_accel(struct ieee80211_key
*key
)
187 struct ieee80211_sub_if_data
*sdata
;
188 struct sta_info
*sta
;
193 if (!key
|| !key
->local
->ops
->set_key
)
196 assert_key_lock(key
->local
);
198 if (!(key
->flags
& KEY_FLAG_UPLOADED_TO_HARDWARE
))
204 if (!((key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_MMIC
) ||
205 (key
->conf
.flags
& IEEE80211_KEY_FLAG_RESERVE_TAILROOM
)))
206 increment_tailroom_need_count(sdata
);
208 ret
= drv_set_key(key
->local
, DISABLE_KEY
, sdata
,
209 sta
? &sta
->sta
: NULL
, &key
->conf
);
213 "failed to remove key (%d, %pM) from hardware (%d)\n",
215 sta
? sta
->sta
.addr
: bcast_addr
, ret
);
217 key
->flags
&= ~KEY_FLAG_UPLOADED_TO_HARDWARE
;
220 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data
*sdata
,
221 int idx
, bool uni
, bool multi
)
223 struct ieee80211_key
*key
= NULL
;
225 assert_key_lock(sdata
->local
);
227 if (idx
>= 0 && idx
< NUM_DEFAULT_KEYS
)
228 key
= key_mtx_dereference(sdata
->local
, sdata
->keys
[idx
]);
231 rcu_assign_pointer(sdata
->default_unicast_key
, key
);
232 ieee80211_check_fast_xmit_iface(sdata
);
233 drv_set_default_unicast_key(sdata
->local
, sdata
, idx
);
237 rcu_assign_pointer(sdata
->default_multicast_key
, key
);
239 ieee80211_debugfs_key_update_default(sdata
);
242 void ieee80211_set_default_key(struct ieee80211_sub_if_data
*sdata
, int idx
,
243 bool uni
, bool multi
)
245 mutex_lock(&sdata
->local
->key_mtx
);
246 __ieee80211_set_default_key(sdata
, idx
, uni
, multi
);
247 mutex_unlock(&sdata
->local
->key_mtx
);
251 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data
*sdata
, int idx
)
253 struct ieee80211_key
*key
= NULL
;
255 assert_key_lock(sdata
->local
);
257 if (idx
>= NUM_DEFAULT_KEYS
&&
258 idx
< NUM_DEFAULT_KEYS
+ NUM_DEFAULT_MGMT_KEYS
)
259 key
= key_mtx_dereference(sdata
->local
, sdata
->keys
[idx
]);
261 rcu_assign_pointer(sdata
->default_mgmt_key
, key
);
263 ieee80211_debugfs_key_update_default(sdata
);
266 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data
*sdata
,
269 mutex_lock(&sdata
->local
->key_mtx
);
270 __ieee80211_set_default_mgmt_key(sdata
, idx
);
271 mutex_unlock(&sdata
->local
->key_mtx
);
275 static void ieee80211_key_replace(struct ieee80211_sub_if_data
*sdata
,
276 struct sta_info
*sta
,
278 struct ieee80211_key
*old
,
279 struct ieee80211_key
*new)
282 bool defunikey
, defmultikey
, defmgmtkey
;
284 /* caller must provide at least one old/new */
285 if (WARN_ON(!new && !old
))
289 list_add_tail(&new->list
, &sdata
->key_list
);
291 WARN_ON(new && old
&& new->conf
.keyidx
!= old
->conf
.keyidx
);
294 idx
= old
->conf
.keyidx
;
296 idx
= new->conf
.keyidx
;
300 rcu_assign_pointer(sta
->ptk
[idx
], new);
302 ieee80211_check_fast_xmit(sta
);
304 rcu_assign_pointer(sta
->gtk
[idx
], new);
309 old
== key_mtx_dereference(sdata
->local
,
310 sdata
->default_unicast_key
);
312 old
== key_mtx_dereference(sdata
->local
,
313 sdata
->default_multicast_key
);
315 old
== key_mtx_dereference(sdata
->local
,
316 sdata
->default_mgmt_key
);
318 if (defunikey
&& !new)
319 __ieee80211_set_default_key(sdata
, -1, true, false);
320 if (defmultikey
&& !new)
321 __ieee80211_set_default_key(sdata
, -1, false, true);
322 if (defmgmtkey
&& !new)
323 __ieee80211_set_default_mgmt_key(sdata
, -1);
325 rcu_assign_pointer(sdata
->keys
[idx
], new);
326 if (defunikey
&& new)
327 __ieee80211_set_default_key(sdata
, new->conf
.keyidx
,
329 if (defmultikey
&& new)
330 __ieee80211_set_default_key(sdata
, new->conf
.keyidx
,
332 if (defmgmtkey
&& new)
333 __ieee80211_set_default_mgmt_key(sdata
,
338 list_del(&old
->list
);
341 struct ieee80211_key
*
342 ieee80211_key_alloc(u32 cipher
, int idx
, size_t key_len
,
344 size_t seq_len
, const u8
*seq
,
345 const struct ieee80211_cipher_scheme
*cs
)
347 struct ieee80211_key
*key
;
350 if (WARN_ON(idx
< 0 || idx
>= NUM_DEFAULT_KEYS
+ NUM_DEFAULT_MGMT_KEYS
))
351 return ERR_PTR(-EINVAL
);
353 key
= kzalloc(sizeof(struct ieee80211_key
) + key_len
, GFP_KERNEL
);
355 return ERR_PTR(-ENOMEM
);
358 * Default to software encryption; we'll later upload the
359 * key to the hardware if possible.
364 key
->conf
.cipher
= cipher
;
365 key
->conf
.keyidx
= idx
;
366 key
->conf
.keylen
= key_len
;
368 case WLAN_CIPHER_SUITE_WEP40
:
369 case WLAN_CIPHER_SUITE_WEP104
:
370 key
->conf
.iv_len
= IEEE80211_WEP_IV_LEN
;
371 key
->conf
.icv_len
= IEEE80211_WEP_ICV_LEN
;
373 case WLAN_CIPHER_SUITE_TKIP
:
374 key
->conf
.iv_len
= IEEE80211_TKIP_IV_LEN
;
375 key
->conf
.icv_len
= IEEE80211_TKIP_ICV_LEN
;
377 for (i
= 0; i
< IEEE80211_NUM_TIDS
; i
++) {
378 key
->u
.tkip
.rx
[i
].iv32
=
379 get_unaligned_le32(&seq
[2]);
380 key
->u
.tkip
.rx
[i
].iv16
=
381 get_unaligned_le16(seq
);
384 spin_lock_init(&key
->u
.tkip
.txlock
);
386 case WLAN_CIPHER_SUITE_CCMP
:
387 key
->conf
.iv_len
= IEEE80211_CCMP_HDR_LEN
;
388 key
->conf
.icv_len
= IEEE80211_CCMP_MIC_LEN
;
390 for (i
= 0; i
< IEEE80211_NUM_TIDS
+ 1; i
++)
391 for (j
= 0; j
< IEEE80211_CCMP_PN_LEN
; j
++)
392 key
->u
.ccmp
.rx_pn
[i
][j
] =
393 seq
[IEEE80211_CCMP_PN_LEN
- j
- 1];
396 * Initialize AES key state here as an optimization so that
397 * it does not need to be initialized for every packet.
399 key
->u
.ccmp
.tfm
= ieee80211_aes_key_setup_encrypt(
400 key_data
, key_len
, IEEE80211_CCMP_MIC_LEN
);
401 if (IS_ERR(key
->u
.ccmp
.tfm
)) {
402 err
= PTR_ERR(key
->u
.ccmp
.tfm
);
407 case WLAN_CIPHER_SUITE_CCMP_256
:
408 key
->conf
.iv_len
= IEEE80211_CCMP_256_HDR_LEN
;
409 key
->conf
.icv_len
= IEEE80211_CCMP_256_MIC_LEN
;
410 for (i
= 0; seq
&& i
< IEEE80211_NUM_TIDS
+ 1; i
++)
411 for (j
= 0; j
< IEEE80211_CCMP_256_PN_LEN
; j
++)
412 key
->u
.ccmp
.rx_pn
[i
][j
] =
413 seq
[IEEE80211_CCMP_256_PN_LEN
- j
- 1];
414 /* Initialize AES key state here as an optimization so that
415 * it does not need to be initialized for every packet.
417 key
->u
.ccmp
.tfm
= ieee80211_aes_key_setup_encrypt(
418 key_data
, key_len
, IEEE80211_CCMP_256_MIC_LEN
);
419 if (IS_ERR(key
->u
.ccmp
.tfm
)) {
420 err
= PTR_ERR(key
->u
.ccmp
.tfm
);
425 case WLAN_CIPHER_SUITE_AES_CMAC
:
426 case WLAN_CIPHER_SUITE_BIP_CMAC_256
:
427 key
->conf
.iv_len
= 0;
428 if (cipher
== WLAN_CIPHER_SUITE_AES_CMAC
)
429 key
->conf
.icv_len
= sizeof(struct ieee80211_mmie
);
431 key
->conf
.icv_len
= sizeof(struct ieee80211_mmie_16
);
433 for (j
= 0; j
< IEEE80211_CMAC_PN_LEN
; j
++)
434 key
->u
.aes_cmac
.rx_pn
[j
] =
435 seq
[IEEE80211_CMAC_PN_LEN
- j
- 1];
437 * Initialize AES key state here as an optimization so that
438 * it does not need to be initialized for every packet.
440 key
->u
.aes_cmac
.tfm
=
441 ieee80211_aes_cmac_key_setup(key_data
, key_len
);
442 if (IS_ERR(key
->u
.aes_cmac
.tfm
)) {
443 err
= PTR_ERR(key
->u
.aes_cmac
.tfm
);
448 case WLAN_CIPHER_SUITE_BIP_GMAC_128
:
449 case WLAN_CIPHER_SUITE_BIP_GMAC_256
:
450 key
->conf
.iv_len
= 0;
451 key
->conf
.icv_len
= sizeof(struct ieee80211_mmie_16
);
453 for (j
= 0; j
< IEEE80211_GMAC_PN_LEN
; j
++)
454 key
->u
.aes_gmac
.rx_pn
[j
] =
455 seq
[IEEE80211_GMAC_PN_LEN
- j
- 1];
456 /* Initialize AES key state here as an optimization so that
457 * it does not need to be initialized for every packet.
459 key
->u
.aes_gmac
.tfm
=
460 ieee80211_aes_gmac_key_setup(key_data
, key_len
);
461 if (IS_ERR(key
->u
.aes_gmac
.tfm
)) {
462 err
= PTR_ERR(key
->u
.aes_gmac
.tfm
);
467 case WLAN_CIPHER_SUITE_GCMP
:
468 case WLAN_CIPHER_SUITE_GCMP_256
:
469 key
->conf
.iv_len
= IEEE80211_GCMP_HDR_LEN
;
470 key
->conf
.icv_len
= IEEE80211_GCMP_MIC_LEN
;
471 for (i
= 0; seq
&& i
< IEEE80211_NUM_TIDS
+ 1; i
++)
472 for (j
= 0; j
< IEEE80211_GCMP_PN_LEN
; j
++)
473 key
->u
.gcmp
.rx_pn
[i
][j
] =
474 seq
[IEEE80211_GCMP_PN_LEN
- j
- 1];
475 /* Initialize AES key state here as an optimization so that
476 * it does not need to be initialized for every packet.
478 key
->u
.gcmp
.tfm
= ieee80211_aes_gcm_key_setup_encrypt(key_data
,
480 if (IS_ERR(key
->u
.gcmp
.tfm
)) {
481 err
= PTR_ERR(key
->u
.gcmp
.tfm
);
488 size_t len
= (seq_len
> IEEE80211_MAX_PN_LEN
) ?
489 IEEE80211_MAX_PN_LEN
: seq_len
;
491 key
->conf
.iv_len
= cs
->hdr_len
;
492 key
->conf
.icv_len
= cs
->mic_len
;
493 for (i
= 0; i
< IEEE80211_NUM_TIDS
+ 1; i
++)
494 for (j
= 0; j
< len
; j
++)
495 key
->u
.gen
.rx_pn
[i
][j
] =
497 key
->flags
|= KEY_FLAG_CIPHER_SCHEME
;
500 memcpy(key
->conf
.key
, key_data
, key_len
);
501 INIT_LIST_HEAD(&key
->list
);
506 static void ieee80211_key_free_common(struct ieee80211_key
*key
)
508 switch (key
->conf
.cipher
) {
509 case WLAN_CIPHER_SUITE_CCMP
:
510 case WLAN_CIPHER_SUITE_CCMP_256
:
511 ieee80211_aes_key_free(key
->u
.ccmp
.tfm
);
513 case WLAN_CIPHER_SUITE_AES_CMAC
:
514 case WLAN_CIPHER_SUITE_BIP_CMAC_256
:
515 ieee80211_aes_cmac_key_free(key
->u
.aes_cmac
.tfm
);
517 case WLAN_CIPHER_SUITE_BIP_GMAC_128
:
518 case WLAN_CIPHER_SUITE_BIP_GMAC_256
:
519 ieee80211_aes_gmac_key_free(key
->u
.aes_gmac
.tfm
);
521 case WLAN_CIPHER_SUITE_GCMP
:
522 case WLAN_CIPHER_SUITE_GCMP_256
:
523 ieee80211_aes_gcm_key_free(key
->u
.gcmp
.tfm
);
529 static void __ieee80211_key_destroy(struct ieee80211_key
*key
,
533 ieee80211_key_disable_hw_accel(key
);
536 struct ieee80211_sub_if_data
*sdata
= key
->sdata
;
538 ieee80211_debugfs_key_remove(key
);
540 if (delay_tailroom
) {
541 /* see ieee80211_delayed_tailroom_dec */
542 sdata
->crypto_tx_tailroom_pending_dec
++;
543 schedule_delayed_work(&sdata
->dec_tailroom_needed_wk
,
546 sdata
->crypto_tx_tailroom_needed_cnt
--;
550 ieee80211_key_free_common(key
);
553 static void ieee80211_key_destroy(struct ieee80211_key
*key
,
560 * Synchronize so the TX path can no longer be using
561 * this key before we free/remove it.
565 __ieee80211_key_destroy(key
, delay_tailroom
);
568 void ieee80211_key_free_unused(struct ieee80211_key
*key
)
570 WARN_ON(key
->sdata
|| key
->local
);
571 ieee80211_key_free_common(key
);
574 int ieee80211_key_link(struct ieee80211_key
*key
,
575 struct ieee80211_sub_if_data
*sdata
,
576 struct sta_info
*sta
)
578 struct ieee80211_local
*local
= sdata
->local
;
579 struct ieee80211_key
*old_key
;
583 pairwise
= key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
;
584 idx
= key
->conf
.keyidx
;
585 key
->local
= sdata
->local
;
589 mutex_lock(&sdata
->local
->key_mtx
);
592 old_key
= key_mtx_dereference(sdata
->local
, sta
->ptk
[idx
]);
594 old_key
= key_mtx_dereference(sdata
->local
, sta
->gtk
[idx
]);
596 old_key
= key_mtx_dereference(sdata
->local
, sdata
->keys
[idx
]);
598 increment_tailroom_need_count(sdata
);
600 ieee80211_key_replace(sdata
, sta
, pairwise
, old_key
, key
);
601 ieee80211_key_destroy(old_key
, true);
603 ieee80211_debugfs_key_add(key
);
605 if (!local
->wowlan
) {
606 ret
= ieee80211_key_enable_hw_accel(key
);
608 ieee80211_key_free(key
, true);
613 mutex_unlock(&sdata
->local
->key_mtx
);
618 void ieee80211_key_free(struct ieee80211_key
*key
, bool delay_tailroom
)
624 * Replace key with nothingness if it was ever used.
627 ieee80211_key_replace(key
->sdata
, key
->sta
,
628 key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
,
630 ieee80211_key_destroy(key
, delay_tailroom
);
633 void ieee80211_enable_keys(struct ieee80211_sub_if_data
*sdata
)
635 struct ieee80211_key
*key
;
639 if (WARN_ON(!ieee80211_sdata_running(sdata
)))
642 mutex_lock(&sdata
->local
->key_mtx
);
644 sdata
->crypto_tx_tailroom_needed_cnt
= 0;
646 list_for_each_entry(key
, &sdata
->key_list
, list
) {
647 increment_tailroom_need_count(sdata
);
648 ieee80211_key_enable_hw_accel(key
);
651 mutex_unlock(&sdata
->local
->key_mtx
);
654 void ieee80211_iter_keys(struct ieee80211_hw
*hw
,
655 struct ieee80211_vif
*vif
,
656 void (*iter
)(struct ieee80211_hw
*hw
,
657 struct ieee80211_vif
*vif
,
658 struct ieee80211_sta
*sta
,
659 struct ieee80211_key_conf
*key
,
663 struct ieee80211_local
*local
= hw_to_local(hw
);
664 struct ieee80211_key
*key
, *tmp
;
665 struct ieee80211_sub_if_data
*sdata
;
669 mutex_lock(&local
->key_mtx
);
671 sdata
= vif_to_sdata(vif
);
672 list_for_each_entry_safe(key
, tmp
, &sdata
->key_list
, list
)
673 iter(hw
, &sdata
->vif
,
674 key
->sta
? &key
->sta
->sta
: NULL
,
675 &key
->conf
, iter_data
);
677 list_for_each_entry(sdata
, &local
->interfaces
, list
)
678 list_for_each_entry_safe(key
, tmp
,
679 &sdata
->key_list
, list
)
680 iter(hw
, &sdata
->vif
,
681 key
->sta
? &key
->sta
->sta
: NULL
,
682 &key
->conf
, iter_data
);
684 mutex_unlock(&local
->key_mtx
);
686 EXPORT_SYMBOL(ieee80211_iter_keys
);
688 static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data
*sdata
,
689 struct list_head
*keys
)
691 struct ieee80211_key
*key
, *tmp
;
693 sdata
->crypto_tx_tailroom_needed_cnt
-=
694 sdata
->crypto_tx_tailroom_pending_dec
;
695 sdata
->crypto_tx_tailroom_pending_dec
= 0;
697 ieee80211_debugfs_key_remove_mgmt_default(sdata
);
699 list_for_each_entry_safe(key
, tmp
, &sdata
->key_list
, list
) {
700 ieee80211_key_replace(key
->sdata
, key
->sta
,
701 key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
,
703 list_add_tail(&key
->list
, keys
);
706 ieee80211_debugfs_key_update_default(sdata
);
709 void ieee80211_free_keys(struct ieee80211_sub_if_data
*sdata
,
710 bool force_synchronize
)
712 struct ieee80211_local
*local
= sdata
->local
;
713 struct ieee80211_sub_if_data
*vlan
;
714 struct ieee80211_key
*key
, *tmp
;
717 cancel_delayed_work_sync(&sdata
->dec_tailroom_needed_wk
);
719 mutex_lock(&local
->key_mtx
);
721 ieee80211_free_keys_iface(sdata
, &keys
);
723 if (sdata
->vif
.type
== NL80211_IFTYPE_AP
) {
724 list_for_each_entry(vlan
, &sdata
->u
.ap
.vlans
, u
.vlan
.list
)
725 ieee80211_free_keys_iface(vlan
, &keys
);
728 if (!list_empty(&keys
) || force_synchronize
)
730 list_for_each_entry_safe(key
, tmp
, &keys
, list
)
731 __ieee80211_key_destroy(key
, false);
733 WARN_ON_ONCE(sdata
->crypto_tx_tailroom_needed_cnt
||
734 sdata
->crypto_tx_tailroom_pending_dec
);
735 if (sdata
->vif
.type
== NL80211_IFTYPE_AP
) {
736 list_for_each_entry(vlan
, &sdata
->u
.ap
.vlans
, u
.vlan
.list
)
737 WARN_ON_ONCE(vlan
->crypto_tx_tailroom_needed_cnt
||
738 vlan
->crypto_tx_tailroom_pending_dec
);
741 mutex_unlock(&local
->key_mtx
);
744 void ieee80211_free_sta_keys(struct ieee80211_local
*local
,
745 struct sta_info
*sta
)
747 struct ieee80211_key
*key
;
750 mutex_lock(&local
->key_mtx
);
751 for (i
= 0; i
< ARRAY_SIZE(sta
->gtk
); i
++) {
752 key
= key_mtx_dereference(local
, sta
->gtk
[i
]);
755 ieee80211_key_replace(key
->sdata
, key
->sta
,
756 key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
,
758 __ieee80211_key_destroy(key
, true);
761 for (i
= 0; i
< NUM_DEFAULT_KEYS
; i
++) {
762 key
= key_mtx_dereference(local
, sta
->ptk
[i
]);
765 ieee80211_key_replace(key
->sdata
, key
->sta
,
766 key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
,
768 __ieee80211_key_destroy(key
, true);
771 mutex_unlock(&local
->key_mtx
);
774 void ieee80211_delayed_tailroom_dec(struct work_struct
*wk
)
776 struct ieee80211_sub_if_data
*sdata
;
778 sdata
= container_of(wk
, struct ieee80211_sub_if_data
,
779 dec_tailroom_needed_wk
.work
);
782 * The reason for the delayed tailroom needed decrementing is to
783 * make roaming faster: during roaming, all keys are first deleted
784 * and then new keys are installed. The first new key causes the
785 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes
786 * the cost of synchronize_net() (which can be slow). Avoid this
787 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on
788 * key removal for a while, so if we roam the value is larger than
789 * zero and no 0->1 transition happens.
791 * The cost is that if the AP switching was from an AP with keys
792 * to one without, we still allocate tailroom while it would no
793 * longer be needed. However, in the typical (fast) roaming case
794 * within an ESS this usually won't happen.
797 mutex_lock(&sdata
->local
->key_mtx
);
798 sdata
->crypto_tx_tailroom_needed_cnt
-=
799 sdata
->crypto_tx_tailroom_pending_dec
;
800 sdata
->crypto_tx_tailroom_pending_dec
= 0;
801 mutex_unlock(&sdata
->local
->key_mtx
);
804 void ieee80211_gtk_rekey_notify(struct ieee80211_vif
*vif
, const u8
*bssid
,
805 const u8
*replay_ctr
, gfp_t gfp
)
807 struct ieee80211_sub_if_data
*sdata
= vif_to_sdata(vif
);
809 trace_api_gtk_rekey_notify(sdata
, bssid
, replay_ctr
);
811 cfg80211_gtk_rekey_notify(sdata
->dev
, bssid
, replay_ctr
, gfp
);
813 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify
);
815 void ieee80211_get_key_tx_seq(struct ieee80211_key_conf
*keyconf
,
816 struct ieee80211_key_seq
*seq
)
818 struct ieee80211_key
*key
;
821 if (WARN_ON(!(keyconf
->flags
& IEEE80211_KEY_FLAG_GENERATE_IV
)))
824 key
= container_of(keyconf
, struct ieee80211_key
, conf
);
826 switch (key
->conf
.cipher
) {
827 case WLAN_CIPHER_SUITE_TKIP
:
828 seq
->tkip
.iv32
= key
->u
.tkip
.tx
.iv32
;
829 seq
->tkip
.iv16
= key
->u
.tkip
.tx
.iv16
;
831 case WLAN_CIPHER_SUITE_CCMP
:
832 case WLAN_CIPHER_SUITE_CCMP_256
:
833 pn64
= atomic64_read(&key
->u
.ccmp
.tx_pn
);
834 seq
->ccmp
.pn
[5] = pn64
;
835 seq
->ccmp
.pn
[4] = pn64
>> 8;
836 seq
->ccmp
.pn
[3] = pn64
>> 16;
837 seq
->ccmp
.pn
[2] = pn64
>> 24;
838 seq
->ccmp
.pn
[1] = pn64
>> 32;
839 seq
->ccmp
.pn
[0] = pn64
>> 40;
841 case WLAN_CIPHER_SUITE_AES_CMAC
:
842 case WLAN_CIPHER_SUITE_BIP_CMAC_256
:
843 pn64
= atomic64_read(&key
->u
.aes_cmac
.tx_pn
);
844 seq
->ccmp
.pn
[5] = pn64
;
845 seq
->ccmp
.pn
[4] = pn64
>> 8;
846 seq
->ccmp
.pn
[3] = pn64
>> 16;
847 seq
->ccmp
.pn
[2] = pn64
>> 24;
848 seq
->ccmp
.pn
[1] = pn64
>> 32;
849 seq
->ccmp
.pn
[0] = pn64
>> 40;
851 case WLAN_CIPHER_SUITE_BIP_GMAC_128
:
852 case WLAN_CIPHER_SUITE_BIP_GMAC_256
:
853 pn64
= atomic64_read(&key
->u
.aes_gmac
.tx_pn
);
854 seq
->ccmp
.pn
[5] = pn64
;
855 seq
->ccmp
.pn
[4] = pn64
>> 8;
856 seq
->ccmp
.pn
[3] = pn64
>> 16;
857 seq
->ccmp
.pn
[2] = pn64
>> 24;
858 seq
->ccmp
.pn
[1] = pn64
>> 32;
859 seq
->ccmp
.pn
[0] = pn64
>> 40;
861 case WLAN_CIPHER_SUITE_GCMP
:
862 case WLAN_CIPHER_SUITE_GCMP_256
:
863 pn64
= atomic64_read(&key
->u
.gcmp
.tx_pn
);
864 seq
->gcmp
.pn
[5] = pn64
;
865 seq
->gcmp
.pn
[4] = pn64
>> 8;
866 seq
->gcmp
.pn
[3] = pn64
>> 16;
867 seq
->gcmp
.pn
[2] = pn64
>> 24;
868 seq
->gcmp
.pn
[1] = pn64
>> 32;
869 seq
->gcmp
.pn
[0] = pn64
>> 40;
875 EXPORT_SYMBOL(ieee80211_get_key_tx_seq
);
877 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf
*keyconf
,
878 int tid
, struct ieee80211_key_seq
*seq
)
880 struct ieee80211_key
*key
;
883 key
= container_of(keyconf
, struct ieee80211_key
, conf
);
885 switch (key
->conf
.cipher
) {
886 case WLAN_CIPHER_SUITE_TKIP
:
887 if (WARN_ON(tid
< 0 || tid
>= IEEE80211_NUM_TIDS
))
889 seq
->tkip
.iv32
= key
->u
.tkip
.rx
[tid
].iv32
;
890 seq
->tkip
.iv16
= key
->u
.tkip
.rx
[tid
].iv16
;
892 case WLAN_CIPHER_SUITE_CCMP
:
893 case WLAN_CIPHER_SUITE_CCMP_256
:
894 if (WARN_ON(tid
< -1 || tid
>= IEEE80211_NUM_TIDS
))
897 pn
= key
->u
.ccmp
.rx_pn
[IEEE80211_NUM_TIDS
];
899 pn
= key
->u
.ccmp
.rx_pn
[tid
];
900 memcpy(seq
->ccmp
.pn
, pn
, IEEE80211_CCMP_PN_LEN
);
902 case WLAN_CIPHER_SUITE_AES_CMAC
:
903 case WLAN_CIPHER_SUITE_BIP_CMAC_256
:
904 if (WARN_ON(tid
!= 0))
906 pn
= key
->u
.aes_cmac
.rx_pn
;
907 memcpy(seq
->aes_cmac
.pn
, pn
, IEEE80211_CMAC_PN_LEN
);
909 case WLAN_CIPHER_SUITE_BIP_GMAC_128
:
910 case WLAN_CIPHER_SUITE_BIP_GMAC_256
:
911 if (WARN_ON(tid
!= 0))
913 pn
= key
->u
.aes_gmac
.rx_pn
;
914 memcpy(seq
->aes_gmac
.pn
, pn
, IEEE80211_GMAC_PN_LEN
);
916 case WLAN_CIPHER_SUITE_GCMP
:
917 case WLAN_CIPHER_SUITE_GCMP_256
:
918 if (WARN_ON(tid
< -1 || tid
>= IEEE80211_NUM_TIDS
))
921 pn
= key
->u
.gcmp
.rx_pn
[IEEE80211_NUM_TIDS
];
923 pn
= key
->u
.gcmp
.rx_pn
[tid
];
924 memcpy(seq
->gcmp
.pn
, pn
, IEEE80211_GCMP_PN_LEN
);
928 EXPORT_SYMBOL(ieee80211_get_key_rx_seq
);
930 void ieee80211_set_key_tx_seq(struct ieee80211_key_conf
*keyconf
,
931 struct ieee80211_key_seq
*seq
)
933 struct ieee80211_key
*key
;
936 key
= container_of(keyconf
, struct ieee80211_key
, conf
);
938 switch (key
->conf
.cipher
) {
939 case WLAN_CIPHER_SUITE_TKIP
:
940 key
->u
.tkip
.tx
.iv32
= seq
->tkip
.iv32
;
941 key
->u
.tkip
.tx
.iv16
= seq
->tkip
.iv16
;
943 case WLAN_CIPHER_SUITE_CCMP
:
944 case WLAN_CIPHER_SUITE_CCMP_256
:
945 pn64
= (u64
)seq
->ccmp
.pn
[5] |
946 ((u64
)seq
->ccmp
.pn
[4] << 8) |
947 ((u64
)seq
->ccmp
.pn
[3] << 16) |
948 ((u64
)seq
->ccmp
.pn
[2] << 24) |
949 ((u64
)seq
->ccmp
.pn
[1] << 32) |
950 ((u64
)seq
->ccmp
.pn
[0] << 40);
951 atomic64_set(&key
->u
.ccmp
.tx_pn
, pn64
);
953 case WLAN_CIPHER_SUITE_AES_CMAC
:
954 case WLAN_CIPHER_SUITE_BIP_CMAC_256
:
955 pn64
= (u64
)seq
->aes_cmac
.pn
[5] |
956 ((u64
)seq
->aes_cmac
.pn
[4] << 8) |
957 ((u64
)seq
->aes_cmac
.pn
[3] << 16) |
958 ((u64
)seq
->aes_cmac
.pn
[2] << 24) |
959 ((u64
)seq
->aes_cmac
.pn
[1] << 32) |
960 ((u64
)seq
->aes_cmac
.pn
[0] << 40);
961 atomic64_set(&key
->u
.aes_cmac
.tx_pn
, pn64
);
963 case WLAN_CIPHER_SUITE_BIP_GMAC_128
:
964 case WLAN_CIPHER_SUITE_BIP_GMAC_256
:
965 pn64
= (u64
)seq
->aes_gmac
.pn
[5] |
966 ((u64
)seq
->aes_gmac
.pn
[4] << 8) |
967 ((u64
)seq
->aes_gmac
.pn
[3] << 16) |
968 ((u64
)seq
->aes_gmac
.pn
[2] << 24) |
969 ((u64
)seq
->aes_gmac
.pn
[1] << 32) |
970 ((u64
)seq
->aes_gmac
.pn
[0] << 40);
971 atomic64_set(&key
->u
.aes_gmac
.tx_pn
, pn64
);
973 case WLAN_CIPHER_SUITE_GCMP
:
974 case WLAN_CIPHER_SUITE_GCMP_256
:
975 pn64
= (u64
)seq
->gcmp
.pn
[5] |
976 ((u64
)seq
->gcmp
.pn
[4] << 8) |
977 ((u64
)seq
->gcmp
.pn
[3] << 16) |
978 ((u64
)seq
->gcmp
.pn
[2] << 24) |
979 ((u64
)seq
->gcmp
.pn
[1] << 32) |
980 ((u64
)seq
->gcmp
.pn
[0] << 40);
981 atomic64_set(&key
->u
.gcmp
.tx_pn
, pn64
);
988 EXPORT_SYMBOL_GPL(ieee80211_set_key_tx_seq
);
990 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf
*keyconf
,
991 int tid
, struct ieee80211_key_seq
*seq
)
993 struct ieee80211_key
*key
;
996 key
= container_of(keyconf
, struct ieee80211_key
, conf
);
998 switch (key
->conf
.cipher
) {
999 case WLAN_CIPHER_SUITE_TKIP
:
1000 if (WARN_ON(tid
< 0 || tid
>= IEEE80211_NUM_TIDS
))
1002 key
->u
.tkip
.rx
[tid
].iv32
= seq
->tkip
.iv32
;
1003 key
->u
.tkip
.rx
[tid
].iv16
= seq
->tkip
.iv16
;
1005 case WLAN_CIPHER_SUITE_CCMP
:
1006 case WLAN_CIPHER_SUITE_CCMP_256
:
1007 if (WARN_ON(tid
< -1 || tid
>= IEEE80211_NUM_TIDS
))
1010 pn
= key
->u
.ccmp
.rx_pn
[IEEE80211_NUM_TIDS
];
1012 pn
= key
->u
.ccmp
.rx_pn
[tid
];
1013 memcpy(pn
, seq
->ccmp
.pn
, IEEE80211_CCMP_PN_LEN
);
1015 case WLAN_CIPHER_SUITE_AES_CMAC
:
1016 case WLAN_CIPHER_SUITE_BIP_CMAC_256
:
1017 if (WARN_ON(tid
!= 0))
1019 pn
= key
->u
.aes_cmac
.rx_pn
;
1020 memcpy(pn
, seq
->aes_cmac
.pn
, IEEE80211_CMAC_PN_LEN
);
1022 case WLAN_CIPHER_SUITE_BIP_GMAC_128
:
1023 case WLAN_CIPHER_SUITE_BIP_GMAC_256
:
1024 if (WARN_ON(tid
!= 0))
1026 pn
= key
->u
.aes_gmac
.rx_pn
;
1027 memcpy(pn
, seq
->aes_gmac
.pn
, IEEE80211_GMAC_PN_LEN
);
1029 case WLAN_CIPHER_SUITE_GCMP
:
1030 case WLAN_CIPHER_SUITE_GCMP_256
:
1031 if (WARN_ON(tid
< -1 || tid
>= IEEE80211_NUM_TIDS
))
1034 pn
= key
->u
.gcmp
.rx_pn
[IEEE80211_NUM_TIDS
];
1036 pn
= key
->u
.gcmp
.rx_pn
[tid
];
1037 memcpy(pn
, seq
->gcmp
.pn
, IEEE80211_GCMP_PN_LEN
);
1044 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq
);
1046 void ieee80211_remove_key(struct ieee80211_key_conf
*keyconf
)
1048 struct ieee80211_key
*key
;
1050 key
= container_of(keyconf
, struct ieee80211_key
, conf
);
1052 assert_key_lock(key
->local
);
1055 * if key was uploaded, we assume the driver will/has remove(d)
1056 * it, so adjust bookkeeping accordingly
1058 if (key
->flags
& KEY_FLAG_UPLOADED_TO_HARDWARE
) {
1059 key
->flags
&= ~KEY_FLAG_UPLOADED_TO_HARDWARE
;
1061 if (!((key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_MMIC
) ||
1062 (key
->conf
.flags
& IEEE80211_KEY_FLAG_RESERVE_TAILROOM
)))
1063 increment_tailroom_need_count(key
->sdata
);
1066 ieee80211_key_free(key
, false);
1068 EXPORT_SYMBOL_GPL(ieee80211_remove_key
);
1070 struct ieee80211_key_conf
*
1071 ieee80211_gtk_rekey_add(struct ieee80211_vif
*vif
,
1072 struct ieee80211_key_conf
*keyconf
)
1074 struct ieee80211_sub_if_data
*sdata
= vif_to_sdata(vif
);
1075 struct ieee80211_local
*local
= sdata
->local
;
1076 struct ieee80211_key
*key
;
1079 if (WARN_ON(!local
->wowlan
))
1080 return ERR_PTR(-EINVAL
);
1082 if (WARN_ON(vif
->type
!= NL80211_IFTYPE_STATION
))
1083 return ERR_PTR(-EINVAL
);
1085 key
= ieee80211_key_alloc(keyconf
->cipher
, keyconf
->keyidx
,
1086 keyconf
->keylen
, keyconf
->key
,
1089 return ERR_CAST(key
);
1091 if (sdata
->u
.mgd
.mfp
!= IEEE80211_MFP_DISABLED
)
1092 key
->conf
.flags
|= IEEE80211_KEY_FLAG_RX_MGMT
;
1094 err
= ieee80211_key_link(key
, sdata
, NULL
);
1096 return ERR_PTR(err
);
1100 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add
);