2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
12 #include <linux/if_ether.h>
13 #include <linux/etherdevice.h>
14 #include <linux/list.h>
15 #include <linux/rcupdate.h>
16 #include <linux/rtnetlink.h>
17 #include <linux/slab.h>
18 #include <linux/export.h>
19 #include <net/mac80211.h>
20 #include "ieee80211_i.h"
21 #include "driver-ops.h"
22 #include "debugfs_key.h"
28 * DOC: Key handling basics
30 * Key handling in mac80211 is done based on per-interface (sub_if_data)
31 * keys and per-station keys. Since each station belongs to an interface,
32 * each station key also belongs to that interface.
34 * Hardware acceleration is done on a best-effort basis for algorithms
35 * that are implemented in software, for each key the hardware is asked
36 * to enable that key for offloading but if it cannot do that the key is
37 * simply kept for software encryption (unless it is for an algorithm
38 * that isn't implemented in software).
39 * There is currently no way of knowing whether a key is handled in SW
40 * or HW except by looking into debugfs.
42 * All key management is internally protected by a mutex. Within all
43 * other parts of mac80211, key references are, just as STA structure
44 * references, protected by RCU. Note, however, that some things are
45 * unprotected, namely the key->sta dereferences within the hardware
46 * acceleration functions. This means that sta_info_destroy() must
47 * remove the key which waits for an RCU grace period.
50 static const u8 bcast_addr
[ETH_ALEN
] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
52 static void assert_key_lock(struct ieee80211_local
*local
)
54 lockdep_assert_held(&local
->key_mtx
);
57 static struct ieee80211_sta
*get_sta_for_key(struct ieee80211_key
*key
)
60 return &key
->sta
->sta
;
65 static void increment_tailroom_need_count(struct ieee80211_sub_if_data
*sdata
)
68 * When this count is zero, SKB resizing for allocating tailroom
69 * for IV or MMIC is skipped. But, this check has created two race
70 * cases in xmit path while transiting from zero count to one:
72 * 1. SKB resize was skipped because no key was added but just before
73 * the xmit key is added and SW encryption kicks off.
75 * 2. SKB resize was skipped because all the keys were hw planted but
76 * just before xmit one of the key is deleted and SW encryption kicks
79 * In both the above case SW encryption will find not enough space for
80 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
82 * Solution has been explained at
83 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
86 if (!sdata
->crypto_tx_tailroom_needed_cnt
++) {
88 * Flush all XMIT packets currently using HW encryption or no
89 * encryption at all if the count transition is from 0 -> 1.
95 static int ieee80211_key_enable_hw_accel(struct ieee80211_key
*key
)
97 struct ieee80211_sub_if_data
*sdata
;
98 struct ieee80211_sta
*sta
;
103 if (!key
->local
->ops
->set_key
)
104 goto out_unsupported
;
106 assert_key_lock(key
->local
);
108 sta
= get_sta_for_key(key
);
111 * If this is a per-STA GTK, check if it
112 * is supported; if not, return.
114 if (sta
&& !(key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
) &&
115 !(key
->local
->hw
.flags
& IEEE80211_HW_SUPPORTS_PER_STA_GTK
))
116 goto out_unsupported
;
119 if (sdata
->vif
.type
== NL80211_IFTYPE_AP_VLAN
) {
121 * The driver doesn't know anything about VLAN interfaces.
122 * Hence, don't send GTKs for VLAN interfaces to the driver.
124 if (!(key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
))
125 goto out_unsupported
;
128 ret
= drv_set_key(key
->local
, SET_KEY
, sdata
, sta
, &key
->conf
);
131 key
->flags
|= KEY_FLAG_UPLOADED_TO_HARDWARE
;
133 if (!((key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_MMIC
) ||
134 (key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_IV
) ||
135 (key
->conf
.flags
& IEEE80211_KEY_FLAG_PUT_IV_SPACE
)))
136 sdata
->crypto_tx_tailroom_needed_cnt
--;
138 WARN_ON((key
->conf
.flags
& IEEE80211_KEY_FLAG_PUT_IV_SPACE
) &&
139 (key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_IV
));
144 if (ret
!= -ENOSPC
&& ret
!= -EOPNOTSUPP
)
145 wiphy_err(key
->local
->hw
.wiphy
,
146 "failed to set key (%d, %pM) to hardware (%d)\n",
147 key
->conf
.keyidx
, sta
? sta
->addr
: bcast_addr
, ret
);
150 switch (key
->conf
.cipher
) {
151 case WLAN_CIPHER_SUITE_WEP40
:
152 case WLAN_CIPHER_SUITE_WEP104
:
153 case WLAN_CIPHER_SUITE_TKIP
:
154 case WLAN_CIPHER_SUITE_CCMP
:
155 case WLAN_CIPHER_SUITE_AES_CMAC
:
156 /* all of these we can do in software */
163 static void ieee80211_key_disable_hw_accel(struct ieee80211_key
*key
)
165 struct ieee80211_sub_if_data
*sdata
;
166 struct ieee80211_sta
*sta
;
171 if (!key
|| !key
->local
->ops
->set_key
)
174 assert_key_lock(key
->local
);
176 if (!(key
->flags
& KEY_FLAG_UPLOADED_TO_HARDWARE
))
179 sta
= get_sta_for_key(key
);
182 if (!((key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_MMIC
) ||
183 (key
->conf
.flags
& IEEE80211_KEY_FLAG_GENERATE_IV
) ||
184 (key
->conf
.flags
& IEEE80211_KEY_FLAG_PUT_IV_SPACE
)))
185 increment_tailroom_need_count(sdata
);
187 ret
= drv_set_key(key
->local
, DISABLE_KEY
, sdata
,
191 wiphy_err(key
->local
->hw
.wiphy
,
192 "failed to remove key (%d, %pM) from hardware (%d)\n",
193 key
->conf
.keyidx
, sta
? sta
->addr
: bcast_addr
, ret
);
195 key
->flags
&= ~KEY_FLAG_UPLOADED_TO_HARDWARE
;
198 void ieee80211_key_removed(struct ieee80211_key_conf
*key_conf
)
200 struct ieee80211_key
*key
;
202 key
= container_of(key_conf
, struct ieee80211_key
, conf
);
205 assert_key_lock(key
->local
);
207 key
->flags
&= ~KEY_FLAG_UPLOADED_TO_HARDWARE
;
210 * Flush TX path to avoid attempts to use this key
211 * after this function returns. Until then, drivers
212 * must be prepared to handle the key.
216 EXPORT_SYMBOL_GPL(ieee80211_key_removed
);
218 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data
*sdata
,
219 int idx
, bool uni
, bool multi
)
221 struct ieee80211_key
*key
= NULL
;
223 assert_key_lock(sdata
->local
);
225 if (idx
>= 0 && idx
< NUM_DEFAULT_KEYS
)
226 key
= key_mtx_dereference(sdata
->local
, sdata
->keys
[idx
]);
229 rcu_assign_pointer(sdata
->default_unicast_key
, key
);
231 rcu_assign_pointer(sdata
->default_multicast_key
, key
);
233 ieee80211_debugfs_key_update_default(sdata
);
236 void ieee80211_set_default_key(struct ieee80211_sub_if_data
*sdata
, int idx
,
237 bool uni
, bool multi
)
239 mutex_lock(&sdata
->local
->key_mtx
);
240 __ieee80211_set_default_key(sdata
, idx
, uni
, multi
);
241 mutex_unlock(&sdata
->local
->key_mtx
);
245 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data
*sdata
, int idx
)
247 struct ieee80211_key
*key
= NULL
;
249 assert_key_lock(sdata
->local
);
251 if (idx
>= NUM_DEFAULT_KEYS
&&
252 idx
< NUM_DEFAULT_KEYS
+ NUM_DEFAULT_MGMT_KEYS
)
253 key
= key_mtx_dereference(sdata
->local
, sdata
->keys
[idx
]);
255 rcu_assign_pointer(sdata
->default_mgmt_key
, key
);
257 ieee80211_debugfs_key_update_default(sdata
);
260 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data
*sdata
,
263 mutex_lock(&sdata
->local
->key_mtx
);
264 __ieee80211_set_default_mgmt_key(sdata
, idx
);
265 mutex_unlock(&sdata
->local
->key_mtx
);
269 static void __ieee80211_key_replace(struct ieee80211_sub_if_data
*sdata
,
270 struct sta_info
*sta
,
272 struct ieee80211_key
*old
,
273 struct ieee80211_key
*new)
276 bool defunikey
, defmultikey
, defmgmtkey
;
279 list_add_tail(&new->list
, &sdata
->key_list
);
281 if (sta
&& pairwise
) {
282 rcu_assign_pointer(sta
->ptk
, new);
285 idx
= old
->conf
.keyidx
;
287 idx
= new->conf
.keyidx
;
288 rcu_assign_pointer(sta
->gtk
[idx
], new);
290 WARN_ON(new && old
&& new->conf
.keyidx
!= old
->conf
.keyidx
);
293 idx
= old
->conf
.keyidx
;
295 idx
= new->conf
.keyidx
;
298 old
== key_mtx_dereference(sdata
->local
,
299 sdata
->default_unicast_key
);
301 old
== key_mtx_dereference(sdata
->local
,
302 sdata
->default_multicast_key
);
304 old
== key_mtx_dereference(sdata
->local
,
305 sdata
->default_mgmt_key
);
307 if (defunikey
&& !new)
308 __ieee80211_set_default_key(sdata
, -1, true, false);
309 if (defmultikey
&& !new)
310 __ieee80211_set_default_key(sdata
, -1, false, true);
311 if (defmgmtkey
&& !new)
312 __ieee80211_set_default_mgmt_key(sdata
, -1);
314 rcu_assign_pointer(sdata
->keys
[idx
], new);
315 if (defunikey
&& new)
316 __ieee80211_set_default_key(sdata
, new->conf
.keyidx
,
318 if (defmultikey
&& new)
319 __ieee80211_set_default_key(sdata
, new->conf
.keyidx
,
321 if (defmgmtkey
&& new)
322 __ieee80211_set_default_mgmt_key(sdata
,
327 list_del(&old
->list
);
330 struct ieee80211_key
*ieee80211_key_alloc(u32 cipher
, int idx
, size_t key_len
,
332 size_t seq_len
, const u8
*seq
)
334 struct ieee80211_key
*key
;
337 BUG_ON(idx
< 0 || idx
>= NUM_DEFAULT_KEYS
+ NUM_DEFAULT_MGMT_KEYS
);
339 key
= kzalloc(sizeof(struct ieee80211_key
) + key_len
, GFP_KERNEL
);
341 return ERR_PTR(-ENOMEM
);
344 * Default to software encryption; we'll later upload the
345 * key to the hardware if possible.
350 key
->conf
.cipher
= cipher
;
351 key
->conf
.keyidx
= idx
;
352 key
->conf
.keylen
= key_len
;
354 case WLAN_CIPHER_SUITE_WEP40
:
355 case WLAN_CIPHER_SUITE_WEP104
:
356 key
->conf
.iv_len
= WEP_IV_LEN
;
357 key
->conf
.icv_len
= WEP_ICV_LEN
;
359 case WLAN_CIPHER_SUITE_TKIP
:
360 key
->conf
.iv_len
= TKIP_IV_LEN
;
361 key
->conf
.icv_len
= TKIP_ICV_LEN
;
363 for (i
= 0; i
< NUM_RX_DATA_QUEUES
; i
++) {
364 key
->u
.tkip
.rx
[i
].iv32
=
365 get_unaligned_le32(&seq
[2]);
366 key
->u
.tkip
.rx
[i
].iv16
=
367 get_unaligned_le16(seq
);
370 spin_lock_init(&key
->u
.tkip
.txlock
);
372 case WLAN_CIPHER_SUITE_CCMP
:
373 key
->conf
.iv_len
= CCMP_HDR_LEN
;
374 key
->conf
.icv_len
= CCMP_MIC_LEN
;
376 for (i
= 0; i
< NUM_RX_DATA_QUEUES
+ 1; i
++)
377 for (j
= 0; j
< CCMP_PN_LEN
; j
++)
378 key
->u
.ccmp
.rx_pn
[i
][j
] =
379 seq
[CCMP_PN_LEN
- j
- 1];
382 * Initialize AES key state here as an optimization so that
383 * it does not need to be initialized for every packet.
385 key
->u
.ccmp
.tfm
= ieee80211_aes_key_setup_encrypt(key_data
);
386 if (IS_ERR(key
->u
.ccmp
.tfm
)) {
387 err
= PTR_ERR(key
->u
.ccmp
.tfm
);
392 case WLAN_CIPHER_SUITE_AES_CMAC
:
393 key
->conf
.iv_len
= 0;
394 key
->conf
.icv_len
= sizeof(struct ieee80211_mmie
);
396 for (j
= 0; j
< 6; j
++)
397 key
->u
.aes_cmac
.rx_pn
[j
] = seq
[6 - j
- 1];
399 * Initialize AES key state here as an optimization so that
400 * it does not need to be initialized for every packet.
402 key
->u
.aes_cmac
.tfm
=
403 ieee80211_aes_cmac_key_setup(key_data
);
404 if (IS_ERR(key
->u
.aes_cmac
.tfm
)) {
405 err
= PTR_ERR(key
->u
.aes_cmac
.tfm
);
411 memcpy(key
->conf
.key
, key_data
, key_len
);
412 INIT_LIST_HEAD(&key
->list
);
417 static void __ieee80211_key_destroy(struct ieee80211_key
*key
)
423 * Synchronize so the TX path can no longer be using
424 * this key before we free/remove it.
429 ieee80211_key_disable_hw_accel(key
);
431 if (key
->conf
.cipher
== WLAN_CIPHER_SUITE_CCMP
)
432 ieee80211_aes_key_free(key
->u
.ccmp
.tfm
);
433 if (key
->conf
.cipher
== WLAN_CIPHER_SUITE_AES_CMAC
)
434 ieee80211_aes_cmac_key_free(key
->u
.aes_cmac
.tfm
);
436 ieee80211_debugfs_key_remove(key
);
437 key
->sdata
->crypto_tx_tailroom_needed_cnt
--;
443 int ieee80211_key_link(struct ieee80211_key
*key
,
444 struct ieee80211_sub_if_data
*sdata
,
445 struct sta_info
*sta
)
447 struct ieee80211_key
*old_key
;
454 pairwise
= key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
;
455 idx
= key
->conf
.keyidx
;
456 key
->local
= sdata
->local
;
462 * some hardware cannot handle TKIP with QoS, so
463 * we indicate whether QoS could be in use.
465 if (test_sta_flag(sta
, WLAN_STA_WME
))
466 key
->conf
.flags
|= IEEE80211_KEY_FLAG_WMM_STA
;
468 if (sdata
->vif
.type
== NL80211_IFTYPE_STATION
) {
472 * We're getting a sta pointer in, so must be under
473 * appropriate locking for sta_info_get().
476 /* same here, the AP could be using QoS */
477 ap
= sta_info_get(key
->sdata
, key
->sdata
->u
.mgd
.bssid
);
479 if (test_sta_flag(ap
, WLAN_STA_WME
))
481 IEEE80211_KEY_FLAG_WMM_STA
;
486 mutex_lock(&sdata
->local
->key_mtx
);
489 old_key
= key_mtx_dereference(sdata
->local
, sta
->ptk
);
491 old_key
= key_mtx_dereference(sdata
->local
, sta
->gtk
[idx
]);
493 old_key
= key_mtx_dereference(sdata
->local
, sdata
->keys
[idx
]);
495 increment_tailroom_need_count(sdata
);
497 __ieee80211_key_replace(sdata
, sta
, pairwise
, old_key
, key
);
498 __ieee80211_key_destroy(old_key
);
500 ieee80211_debugfs_key_add(key
);
502 ret
= ieee80211_key_enable_hw_accel(key
);
504 mutex_unlock(&sdata
->local
->key_mtx
);
509 void __ieee80211_key_free(struct ieee80211_key
*key
)
515 * Replace key with nothingness if it was ever used.
518 __ieee80211_key_replace(key
->sdata
, key
->sta
,
519 key
->conf
.flags
& IEEE80211_KEY_FLAG_PAIRWISE
,
521 __ieee80211_key_destroy(key
);
524 void ieee80211_key_free(struct ieee80211_local
*local
,
525 struct ieee80211_key
*key
)
527 mutex_lock(&local
->key_mtx
);
528 __ieee80211_key_free(key
);
529 mutex_unlock(&local
->key_mtx
);
532 void ieee80211_enable_keys(struct ieee80211_sub_if_data
*sdata
)
534 struct ieee80211_key
*key
;
538 if (WARN_ON(!ieee80211_sdata_running(sdata
)))
541 mutex_lock(&sdata
->local
->key_mtx
);
543 sdata
->crypto_tx_tailroom_needed_cnt
= 0;
545 list_for_each_entry(key
, &sdata
->key_list
, list
) {
546 increment_tailroom_need_count(sdata
);
547 ieee80211_key_enable_hw_accel(key
);
550 mutex_unlock(&sdata
->local
->key_mtx
);
553 void ieee80211_iter_keys(struct ieee80211_hw
*hw
,
554 struct ieee80211_vif
*vif
,
555 void (*iter
)(struct ieee80211_hw
*hw
,
556 struct ieee80211_vif
*vif
,
557 struct ieee80211_sta
*sta
,
558 struct ieee80211_key_conf
*key
,
562 struct ieee80211_local
*local
= hw_to_local(hw
);
563 struct ieee80211_key
*key
;
564 struct ieee80211_sub_if_data
*sdata
;
568 mutex_lock(&local
->key_mtx
);
570 sdata
= vif_to_sdata(vif
);
571 list_for_each_entry(key
, &sdata
->key_list
, list
)
572 iter(hw
, &sdata
->vif
,
573 key
->sta
? &key
->sta
->sta
: NULL
,
574 &key
->conf
, iter_data
);
576 list_for_each_entry(sdata
, &local
->interfaces
, list
)
577 list_for_each_entry(key
, &sdata
->key_list
, list
)
578 iter(hw
, &sdata
->vif
,
579 key
->sta
? &key
->sta
->sta
: NULL
,
580 &key
->conf
, iter_data
);
582 mutex_unlock(&local
->key_mtx
);
584 EXPORT_SYMBOL(ieee80211_iter_keys
);
586 void ieee80211_disable_keys(struct ieee80211_sub_if_data
*sdata
)
588 struct ieee80211_key
*key
;
592 mutex_lock(&sdata
->local
->key_mtx
);
594 list_for_each_entry(key
, &sdata
->key_list
, list
)
595 ieee80211_key_disable_hw_accel(key
);
597 mutex_unlock(&sdata
->local
->key_mtx
);
600 void ieee80211_free_keys(struct ieee80211_sub_if_data
*sdata
)
602 struct ieee80211_key
*key
, *tmp
;
604 mutex_lock(&sdata
->local
->key_mtx
);
606 ieee80211_debugfs_key_remove_mgmt_default(sdata
);
608 list_for_each_entry_safe(key
, tmp
, &sdata
->key_list
, list
)
609 __ieee80211_key_free(key
);
611 ieee80211_debugfs_key_update_default(sdata
);
613 mutex_unlock(&sdata
->local
->key_mtx
);
617 void ieee80211_gtk_rekey_notify(struct ieee80211_vif
*vif
, const u8
*bssid
,
618 const u8
*replay_ctr
, gfp_t gfp
)
620 struct ieee80211_sub_if_data
*sdata
= vif_to_sdata(vif
);
622 trace_api_gtk_rekey_notify(sdata
, bssid
, replay_ctr
);
624 cfg80211_gtk_rekey_notify(sdata
->dev
, bssid
, replay_ctr
, gfp
);
626 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify
);
628 void ieee80211_get_key_tx_seq(struct ieee80211_key_conf
*keyconf
,
629 struct ieee80211_key_seq
*seq
)
631 struct ieee80211_key
*key
;
634 if (WARN_ON(!(keyconf
->flags
& IEEE80211_KEY_FLAG_GENERATE_IV
)))
637 key
= container_of(keyconf
, struct ieee80211_key
, conf
);
639 switch (key
->conf
.cipher
) {
640 case WLAN_CIPHER_SUITE_TKIP
:
641 seq
->tkip
.iv32
= key
->u
.tkip
.tx
.iv32
;
642 seq
->tkip
.iv16
= key
->u
.tkip
.tx
.iv16
;
644 case WLAN_CIPHER_SUITE_CCMP
:
645 pn64
= atomic64_read(&key
->u
.ccmp
.tx_pn
);
646 seq
->ccmp
.pn
[5] = pn64
;
647 seq
->ccmp
.pn
[4] = pn64
>> 8;
648 seq
->ccmp
.pn
[3] = pn64
>> 16;
649 seq
->ccmp
.pn
[2] = pn64
>> 24;
650 seq
->ccmp
.pn
[1] = pn64
>> 32;
651 seq
->ccmp
.pn
[0] = pn64
>> 40;
653 case WLAN_CIPHER_SUITE_AES_CMAC
:
654 pn64
= atomic64_read(&key
->u
.aes_cmac
.tx_pn
);
655 seq
->ccmp
.pn
[5] = pn64
;
656 seq
->ccmp
.pn
[4] = pn64
>> 8;
657 seq
->ccmp
.pn
[3] = pn64
>> 16;
658 seq
->ccmp
.pn
[2] = pn64
>> 24;
659 seq
->ccmp
.pn
[1] = pn64
>> 32;
660 seq
->ccmp
.pn
[0] = pn64
>> 40;
666 EXPORT_SYMBOL(ieee80211_get_key_tx_seq
);
668 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf
*keyconf
,
669 int tid
, struct ieee80211_key_seq
*seq
)
671 struct ieee80211_key
*key
;
674 key
= container_of(keyconf
, struct ieee80211_key
, conf
);
676 switch (key
->conf
.cipher
) {
677 case WLAN_CIPHER_SUITE_TKIP
:
678 if (WARN_ON(tid
< 0 || tid
>= NUM_RX_DATA_QUEUES
))
680 seq
->tkip
.iv32
= key
->u
.tkip
.rx
[tid
].iv32
;
681 seq
->tkip
.iv16
= key
->u
.tkip
.rx
[tid
].iv16
;
683 case WLAN_CIPHER_SUITE_CCMP
:
684 if (WARN_ON(tid
< -1 || tid
>= NUM_RX_DATA_QUEUES
))
687 pn
= key
->u
.ccmp
.rx_pn
[NUM_RX_DATA_QUEUES
];
689 pn
= key
->u
.ccmp
.rx_pn
[tid
];
690 memcpy(seq
->ccmp
.pn
, pn
, CCMP_PN_LEN
);
692 case WLAN_CIPHER_SUITE_AES_CMAC
:
693 if (WARN_ON(tid
!= 0))
695 pn
= key
->u
.aes_cmac
.rx_pn
;
696 memcpy(seq
->aes_cmac
.pn
, pn
, CMAC_PN_LEN
);
700 EXPORT_SYMBOL(ieee80211_get_key_rx_seq
);