1/* 2 * Copyright 2002-2005, Instant802 Networks, Inc. 3 * Copyright 2005-2006, Devicescape Software, Inc. 4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net> 6 * Copyright 2013-2014 Intel Mobile Communications GmbH 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License version 2 as 10 * published by the Free Software Foundation. 11 */ 12 13#include <linux/if_ether.h> 14#include <linux/etherdevice.h> 15#include <linux/list.h> 16#include <linux/rcupdate.h> 17#include <linux/rtnetlink.h> 18#include <linux/slab.h> 19#include <linux/export.h> 20#include <net/mac80211.h> 21#include <asm/unaligned.h> 22#include "ieee80211_i.h" 23#include "driver-ops.h" 24#include "debugfs_key.h" 25#include "aes_ccm.h" 26#include "aes_cmac.h" 27#include "aes_gmac.h" 28#include "aes_gcm.h" 29 30 31/** 32 * DOC: Key handling basics 33 * 34 * Key handling in mac80211 is done based on per-interface (sub_if_data) 35 * keys and per-station keys. Since each station belongs to an interface, 36 * each station key also belongs to that interface. 37 * 38 * Hardware acceleration is done on a best-effort basis for algorithms 39 * that are implemented in software, for each key the hardware is asked 40 * to enable that key for offloading but if it cannot do that the key is 41 * simply kept for software encryption (unless it is for an algorithm 42 * that isn't implemented in software). 43 * There is currently no way of knowing whether a key is handled in SW 44 * or HW except by looking into debugfs. 45 * 46 * All key management is internally protected by a mutex. Within all 47 * other parts of mac80211, key references are, just as STA structure 48 * references, protected by RCU. Note, however, that some things are 49 * unprotected, namely the key->sta dereferences within the hardware 50 * acceleration functions. This means that sta_info_destroy() must 51 * remove the key which waits for an RCU grace period. 52 */ 53 54static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 55 56static void assert_key_lock(struct ieee80211_local *local) 57{ 58 lockdep_assert_held(&local->key_mtx); 59} 60 61static void 62update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta) 63{ 64 struct ieee80211_sub_if_data *vlan; 65 66 if (sdata->vif.type != NL80211_IFTYPE_AP) 67 return; 68 69 /* crypto_tx_tailroom_needed_cnt is protected by this */ 70 assert_key_lock(sdata->local); 71 72 rcu_read_lock(); 73 74 list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list) 75 vlan->crypto_tx_tailroom_needed_cnt += delta; 76 77 rcu_read_unlock(); 78} 79 80static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata) 81{ 82 /* 83 * When this count is zero, SKB resizing for allocating tailroom 84 * for IV or MMIC is skipped. But, this check has created two race 85 * cases in xmit path while transiting from zero count to one: 86 * 87 * 1. SKB resize was skipped because no key was added but just before 88 * the xmit key is added and SW encryption kicks off. 89 * 90 * 2. SKB resize was skipped because all the keys were hw planted but 91 * just before xmit one of the key is deleted and SW encryption kicks 92 * off. 93 * 94 * In both the above case SW encryption will find not enough space for 95 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c) 96 * 97 * Solution has been explained at 98 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net 99 */ 100 101 assert_key_lock(sdata->local); 102 103 update_vlan_tailroom_need_count(sdata, 1); 104 105 if (!sdata->crypto_tx_tailroom_needed_cnt++) { 106 /* 107 * Flush all XMIT packets currently using HW encryption or no 108 * encryption at all if the count transition is from 0 -> 1. 109 */ 110 synchronize_net(); 111 } 112} 113 114static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata, 115 int delta) 116{ 117 assert_key_lock(sdata->local); 118 119 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta); 120 121 update_vlan_tailroom_need_count(sdata, -delta); 122 sdata->crypto_tx_tailroom_needed_cnt -= delta; 123} 124 125static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key) 126{ 127 struct ieee80211_sub_if_data *sdata; 128 struct sta_info *sta; 129 int ret = -EOPNOTSUPP; 130 131 might_sleep(); 132 133 if (key->flags & KEY_FLAG_TAINTED) { 134 /* If we get here, it's during resume and the key is 135 * tainted so shouldn't be used/programmed any more. 136 * However, its flags may still indicate that it was 137 * programmed into the device (since we're in resume) 138 * so clear that flag now to avoid trying to remove 139 * it again later. 140 */ 141 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 142 return -EINVAL; 143 } 144 145 if (!key->local->ops->set_key) 146 goto out_unsupported; 147 148 assert_key_lock(key->local); 149 150 sta = key->sta; 151 152 /* 153 * If this is a per-STA GTK, check if it 154 * is supported; if not, return. 155 */ 156 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) && 157 !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK)) 158 goto out_unsupported; 159 160 if (sta && !sta->uploaded) 161 goto out_unsupported; 162 163 sdata = key->sdata; 164 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 165 /* 166 * The driver doesn't know anything about VLAN interfaces. 167 * Hence, don't send GTKs for VLAN interfaces to the driver. 168 */ 169 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) 170 goto out_unsupported; 171 } 172 173 ret = drv_set_key(key->local, SET_KEY, sdata, 174 sta ? &sta->sta : NULL, &key->conf); 175 176 if (!ret) { 177 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; 178 179 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 180 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 181 decrease_tailroom_need_count(sdata, 1); 182 183 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) && 184 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)); 185 186 return 0; 187 } 188 189 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1) 190 sdata_err(sdata, 191 "failed to set key (%d, %pM) to hardware (%d)\n", 192 key->conf.keyidx, 193 sta ? sta->sta.addr : bcast_addr, ret); 194 195 out_unsupported: 196 switch (key->conf.cipher) { 197 case WLAN_CIPHER_SUITE_WEP40: 198 case WLAN_CIPHER_SUITE_WEP104: 199 case WLAN_CIPHER_SUITE_TKIP: 200 case WLAN_CIPHER_SUITE_CCMP: 201 case WLAN_CIPHER_SUITE_CCMP_256: 202 case WLAN_CIPHER_SUITE_AES_CMAC: 203 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 204 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 205 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 206 case WLAN_CIPHER_SUITE_GCMP: 207 case WLAN_CIPHER_SUITE_GCMP_256: 208 /* all of these we can do in software - if driver can */ 209 if (ret == 1) 210 return 0; 211 if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL)) 212 return -EINVAL; 213 return 0; 214 default: 215 return -EINVAL; 216 } 217} 218 219static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key) 220{ 221 struct ieee80211_sub_if_data *sdata; 222 struct sta_info *sta; 223 int ret; 224 225 might_sleep(); 226 227 if (!key || !key->local->ops->set_key) 228 return; 229 230 assert_key_lock(key->local); 231 232 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 233 return; 234 235 sta = key->sta; 236 sdata = key->sdata; 237 238 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 239 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 240 increment_tailroom_need_count(sdata); 241 242 ret = drv_set_key(key->local, DISABLE_KEY, sdata, 243 sta ? &sta->sta : NULL, &key->conf); 244 245 if (ret) 246 sdata_err(sdata, 247 "failed to remove key (%d, %pM) from hardware (%d)\n", 248 key->conf.keyidx, 249 sta ? sta->sta.addr : bcast_addr, ret); 250 251 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 252} 253 254static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, 255 int idx, bool uni, bool multi) 256{ 257 struct ieee80211_key *key = NULL; 258 259 assert_key_lock(sdata->local); 260 261 if (idx >= 0 && idx < NUM_DEFAULT_KEYS) 262 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 263 264 if (uni) { 265 rcu_assign_pointer(sdata->default_unicast_key, key); 266 ieee80211_check_fast_xmit_iface(sdata); 267 drv_set_default_unicast_key(sdata->local, sdata, idx); 268 } 269 270 if (multi) 271 rcu_assign_pointer(sdata->default_multicast_key, key); 272 273 ieee80211_debugfs_key_update_default(sdata); 274} 275 276void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx, 277 bool uni, bool multi) 278{ 279 mutex_lock(&sdata->local->key_mtx); 280 __ieee80211_set_default_key(sdata, idx, uni, multi); 281 mutex_unlock(&sdata->local->key_mtx); 282} 283 284static void 285__ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx) 286{ 287 struct ieee80211_key *key = NULL; 288 289 assert_key_lock(sdata->local); 290 291 if (idx >= NUM_DEFAULT_KEYS && 292 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) 293 key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 294 295 rcu_assign_pointer(sdata->default_mgmt_key, key); 296 297 ieee80211_debugfs_key_update_default(sdata); 298} 299 300void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, 301 int idx) 302{ 303 mutex_lock(&sdata->local->key_mtx); 304 __ieee80211_set_default_mgmt_key(sdata, idx); 305 mutex_unlock(&sdata->local->key_mtx); 306} 307 308 309static void ieee80211_key_replace(struct ieee80211_sub_if_data *sdata, 310 struct sta_info *sta, 311 bool pairwise, 312 struct ieee80211_key *old, 313 struct ieee80211_key *new) 314{ 315 int idx; 316 bool defunikey, defmultikey, defmgmtkey; 317 318 /* caller must provide at least one old/new */ 319 if (WARN_ON(!new && !old)) 320 return; 321 322 if (new) 323 list_add_tail(&new->list, &sdata->key_list); 324 325 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx); 326 327 if (old) 328 idx = old->conf.keyidx; 329 else 330 idx = new->conf.keyidx; 331 332 if (sta) { 333 if (pairwise) { 334 rcu_assign_pointer(sta->ptk[idx], new); 335 sta->ptk_idx = idx; 336 ieee80211_check_fast_xmit(sta); 337 } else { 338 rcu_assign_pointer(sta->gtk[idx], new); 339 } 340 } else { 341 defunikey = old && 342 old == key_mtx_dereference(sdata->local, 343 sdata->default_unicast_key); 344 defmultikey = old && 345 old == key_mtx_dereference(sdata->local, 346 sdata->default_multicast_key); 347 defmgmtkey = old && 348 old == key_mtx_dereference(sdata->local, 349 sdata->default_mgmt_key); 350 351 if (defunikey && !new) 352 __ieee80211_set_default_key(sdata, -1, true, false); 353 if (defmultikey && !new) 354 __ieee80211_set_default_key(sdata, -1, false, true); 355 if (defmgmtkey && !new) 356 __ieee80211_set_default_mgmt_key(sdata, -1); 357 358 rcu_assign_pointer(sdata->keys[idx], new); 359 if (defunikey && new) 360 __ieee80211_set_default_key(sdata, new->conf.keyidx, 361 true, false); 362 if (defmultikey && new) 363 __ieee80211_set_default_key(sdata, new->conf.keyidx, 364 false, true); 365 if (defmgmtkey && new) 366 __ieee80211_set_default_mgmt_key(sdata, 367 new->conf.keyidx); 368 } 369 370 if (old) 371 list_del(&old->list); 372} 373 374struct ieee80211_key * 375ieee80211_key_alloc(u32 cipher, int idx, size_t key_len, 376 const u8 *key_data, 377 size_t seq_len, const u8 *seq, 378 const struct ieee80211_cipher_scheme *cs) 379{ 380 struct ieee80211_key *key; 381 int i, j, err; 382 383 if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)) 384 return ERR_PTR(-EINVAL); 385 386 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL); 387 if (!key) 388 return ERR_PTR(-ENOMEM); 389 390 /* 391 * Default to software encryption; we'll later upload the 392 * key to the hardware if possible. 393 */ 394 key->conf.flags = 0; 395 key->flags = 0; 396 397 key->conf.cipher = cipher; 398 key->conf.keyidx = idx; 399 key->conf.keylen = key_len; 400 switch (cipher) { 401 case WLAN_CIPHER_SUITE_WEP40: 402 case WLAN_CIPHER_SUITE_WEP104: 403 key->conf.iv_len = IEEE80211_WEP_IV_LEN; 404 key->conf.icv_len = IEEE80211_WEP_ICV_LEN; 405 break; 406 case WLAN_CIPHER_SUITE_TKIP: 407 key->conf.iv_len = IEEE80211_TKIP_IV_LEN; 408 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN; 409 if (seq) { 410 for (i = 0; i < IEEE80211_NUM_TIDS; i++) { 411 key->u.tkip.rx[i].iv32 = 412 get_unaligned_le32(&seq[2]); 413 key->u.tkip.rx[i].iv16 = 414 get_unaligned_le16(seq); 415 } 416 } 417 spin_lock_init(&key->u.tkip.txlock); 418 break; 419 case WLAN_CIPHER_SUITE_CCMP: 420 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN; 421 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN; 422 if (seq) { 423 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 424 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++) 425 key->u.ccmp.rx_pn[i][j] = 426 seq[IEEE80211_CCMP_PN_LEN - j - 1]; 427 } 428 /* 429 * Initialize AES key state here as an optimization so that 430 * it does not need to be initialized for every packet. 431 */ 432 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 433 key_data, key_len, IEEE80211_CCMP_MIC_LEN); 434 if (IS_ERR(key->u.ccmp.tfm)) { 435 err = PTR_ERR(key->u.ccmp.tfm); 436 kfree(key); 437 return ERR_PTR(err); 438 } 439 break; 440 case WLAN_CIPHER_SUITE_CCMP_256: 441 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN; 442 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN; 443 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 444 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++) 445 key->u.ccmp.rx_pn[i][j] = 446 seq[IEEE80211_CCMP_256_PN_LEN - j - 1]; 447 /* Initialize AES key state here as an optimization so that 448 * it does not need to be initialized for every packet. 449 */ 450 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt( 451 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN); 452 if (IS_ERR(key->u.ccmp.tfm)) { 453 err = PTR_ERR(key->u.ccmp.tfm); 454 kfree(key); 455 return ERR_PTR(err); 456 } 457 break; 458 case WLAN_CIPHER_SUITE_AES_CMAC: 459 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 460 key->conf.iv_len = 0; 461 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC) 462 key->conf.icv_len = sizeof(struct ieee80211_mmie); 463 else 464 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 465 if (seq) 466 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++) 467 key->u.aes_cmac.rx_pn[j] = 468 seq[IEEE80211_CMAC_PN_LEN - j - 1]; 469 /* 470 * Initialize AES key state here as an optimization so that 471 * it does not need to be initialized for every packet. 472 */ 473 key->u.aes_cmac.tfm = 474 ieee80211_aes_cmac_key_setup(key_data, key_len); 475 if (IS_ERR(key->u.aes_cmac.tfm)) { 476 err = PTR_ERR(key->u.aes_cmac.tfm); 477 kfree(key); 478 return ERR_PTR(err); 479 } 480 break; 481 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 482 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 483 key->conf.iv_len = 0; 484 key->conf.icv_len = sizeof(struct ieee80211_mmie_16); 485 if (seq) 486 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++) 487 key->u.aes_gmac.rx_pn[j] = 488 seq[IEEE80211_GMAC_PN_LEN - j - 1]; 489 /* Initialize AES key state here as an optimization so that 490 * it does not need to be initialized for every packet. 491 */ 492 key->u.aes_gmac.tfm = 493 ieee80211_aes_gmac_key_setup(key_data, key_len); 494 if (IS_ERR(key->u.aes_gmac.tfm)) { 495 err = PTR_ERR(key->u.aes_gmac.tfm); 496 kfree(key); 497 return ERR_PTR(err); 498 } 499 break; 500 case WLAN_CIPHER_SUITE_GCMP: 501 case WLAN_CIPHER_SUITE_GCMP_256: 502 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN; 503 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN; 504 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++) 505 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++) 506 key->u.gcmp.rx_pn[i][j] = 507 seq[IEEE80211_GCMP_PN_LEN - j - 1]; 508 /* Initialize AES key state here as an optimization so that 509 * it does not need to be initialized for every packet. 510 */ 511 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data, 512 key_len); 513 if (IS_ERR(key->u.gcmp.tfm)) { 514 err = PTR_ERR(key->u.gcmp.tfm); 515 kfree(key); 516 return ERR_PTR(err); 517 } 518 break; 519 default: 520 if (cs) { 521 if (seq_len && seq_len != cs->pn_len) { 522 kfree(key); 523 return ERR_PTR(-EINVAL); 524 } 525 526 key->conf.iv_len = cs->hdr_len; 527 key->conf.icv_len = cs->mic_len; 528 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) 529 for (j = 0; j < seq_len; j++) 530 key->u.gen.rx_pn[i][j] = 531 seq[seq_len - j - 1]; 532 key->flags |= KEY_FLAG_CIPHER_SCHEME; 533 } 534 } 535 memcpy(key->conf.key, key_data, key_len); 536 INIT_LIST_HEAD(&key->list); 537 538 return key; 539} 540 541static void ieee80211_key_free_common(struct ieee80211_key *key) 542{ 543 switch (key->conf.cipher) { 544 case WLAN_CIPHER_SUITE_CCMP: 545 case WLAN_CIPHER_SUITE_CCMP_256: 546 ieee80211_aes_key_free(key->u.ccmp.tfm); 547 break; 548 case WLAN_CIPHER_SUITE_AES_CMAC: 549 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 550 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm); 551 break; 552 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 553 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 554 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm); 555 break; 556 case WLAN_CIPHER_SUITE_GCMP: 557 case WLAN_CIPHER_SUITE_GCMP_256: 558 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm); 559 break; 560 } 561 kzfree(key); 562} 563 564static void __ieee80211_key_destroy(struct ieee80211_key *key, 565 bool delay_tailroom) 566{ 567 if (key->local) 568 ieee80211_key_disable_hw_accel(key); 569 570 if (key->local) { 571 struct ieee80211_sub_if_data *sdata = key->sdata; 572 573 ieee80211_debugfs_key_remove(key); 574 575 if (delay_tailroom) { 576 /* see ieee80211_delayed_tailroom_dec */ 577 sdata->crypto_tx_tailroom_pending_dec++; 578 schedule_delayed_work(&sdata->dec_tailroom_needed_wk, 579 HZ/2); 580 } else { 581 decrease_tailroom_need_count(sdata, 1); 582 } 583 } 584 585 ieee80211_key_free_common(key); 586} 587 588static void ieee80211_key_destroy(struct ieee80211_key *key, 589 bool delay_tailroom) 590{ 591 if (!key) 592 return; 593 594 /* 595 * Synchronize so the TX path can no longer be using 596 * this key before we free/remove it. 597 */ 598 synchronize_net(); 599 600 __ieee80211_key_destroy(key, delay_tailroom); 601} 602 603void ieee80211_key_free_unused(struct ieee80211_key *key) 604{ 605 WARN_ON(key->sdata || key->local); 606 ieee80211_key_free_common(key); 607} 608 609int ieee80211_key_link(struct ieee80211_key *key, 610 struct ieee80211_sub_if_data *sdata, 611 struct sta_info *sta) 612{ 613 struct ieee80211_local *local = sdata->local; 614 struct ieee80211_key *old_key; 615 int idx, ret; 616 bool pairwise; 617 618 pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE; 619 idx = key->conf.keyidx; 620 key->local = sdata->local; 621 key->sdata = sdata; 622 key->sta = sta; 623 624 mutex_lock(&sdata->local->key_mtx); 625 626 if (sta && pairwise) 627 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]); 628 else if (sta) 629 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]); 630 else 631 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]); 632 633 increment_tailroom_need_count(sdata); 634 635 ieee80211_key_replace(sdata, sta, pairwise, old_key, key); 636 ieee80211_key_destroy(old_key, true); 637 638 ieee80211_debugfs_key_add(key); 639 640 if (!local->wowlan) { 641 ret = ieee80211_key_enable_hw_accel(key); 642 if (ret) 643 ieee80211_key_free(key, true); 644 } else { 645 ret = 0; 646 } 647 648 mutex_unlock(&sdata->local->key_mtx); 649 650 return ret; 651} 652 653void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom) 654{ 655 if (!key) 656 return; 657 658 /* 659 * Replace key with nothingness if it was ever used. 660 */ 661 if (key->sdata) 662 ieee80211_key_replace(key->sdata, key->sta, 663 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 664 key, NULL); 665 ieee80211_key_destroy(key, delay_tailroom); 666} 667 668void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata) 669{ 670 struct ieee80211_key *key; 671 struct ieee80211_sub_if_data *vlan; 672 673 ASSERT_RTNL(); 674 675 if (WARN_ON(!ieee80211_sdata_running(sdata))) 676 return; 677 678 mutex_lock(&sdata->local->key_mtx); 679 680 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt || 681 sdata->crypto_tx_tailroom_pending_dec); 682 683 if (sdata->vif.type == NL80211_IFTYPE_AP) { 684 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 685 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt || 686 vlan->crypto_tx_tailroom_pending_dec); 687 } 688 689 list_for_each_entry(key, &sdata->key_list, list) { 690 increment_tailroom_need_count(sdata); 691 ieee80211_key_enable_hw_accel(key); 692 } 693 694 mutex_unlock(&sdata->local->key_mtx); 695} 696 697void ieee80211_reset_crypto_tx_tailroom(struct ieee80211_sub_if_data *sdata) 698{ 699 struct ieee80211_sub_if_data *vlan; 700 701 mutex_lock(&sdata->local->key_mtx); 702 703 sdata->crypto_tx_tailroom_needed_cnt = 0; 704 705 if (sdata->vif.type == NL80211_IFTYPE_AP) { 706 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 707 vlan->crypto_tx_tailroom_needed_cnt = 0; 708 } 709 710 mutex_unlock(&sdata->local->key_mtx); 711} 712 713void ieee80211_iter_keys(struct ieee80211_hw *hw, 714 struct ieee80211_vif *vif, 715 void (*iter)(struct ieee80211_hw *hw, 716 struct ieee80211_vif *vif, 717 struct ieee80211_sta *sta, 718 struct ieee80211_key_conf *key, 719 void *data), 720 void *iter_data) 721{ 722 struct ieee80211_local *local = hw_to_local(hw); 723 struct ieee80211_key *key, *tmp; 724 struct ieee80211_sub_if_data *sdata; 725 726 ASSERT_RTNL(); 727 728 mutex_lock(&local->key_mtx); 729 if (vif) { 730 sdata = vif_to_sdata(vif); 731 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) 732 iter(hw, &sdata->vif, 733 key->sta ? &key->sta->sta : NULL, 734 &key->conf, iter_data); 735 } else { 736 list_for_each_entry(sdata, &local->interfaces, list) 737 list_for_each_entry_safe(key, tmp, 738 &sdata->key_list, list) 739 iter(hw, &sdata->vif, 740 key->sta ? &key->sta->sta : NULL, 741 &key->conf, iter_data); 742 } 743 mutex_unlock(&local->key_mtx); 744} 745EXPORT_SYMBOL(ieee80211_iter_keys); 746 747static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata, 748 struct list_head *keys) 749{ 750 struct ieee80211_key *key, *tmp; 751 752 decrease_tailroom_need_count(sdata, 753 sdata->crypto_tx_tailroom_pending_dec); 754 sdata->crypto_tx_tailroom_pending_dec = 0; 755 756 ieee80211_debugfs_key_remove_mgmt_default(sdata); 757 758 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) { 759 ieee80211_key_replace(key->sdata, key->sta, 760 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 761 key, NULL); 762 list_add_tail(&key->list, keys); 763 } 764 765 ieee80211_debugfs_key_update_default(sdata); 766} 767 768void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata, 769 bool force_synchronize) 770{ 771 struct ieee80211_local *local = sdata->local; 772 struct ieee80211_sub_if_data *vlan; 773 struct ieee80211_sub_if_data *master; 774 struct ieee80211_key *key, *tmp; 775 LIST_HEAD(keys); 776 777 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk); 778 779 mutex_lock(&local->key_mtx); 780 781 ieee80211_free_keys_iface(sdata, &keys); 782 783 if (sdata->vif.type == NL80211_IFTYPE_AP) { 784 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 785 ieee80211_free_keys_iface(vlan, &keys); 786 } 787 788 if (!list_empty(&keys) || force_synchronize) 789 synchronize_net(); 790 list_for_each_entry_safe(key, tmp, &keys, list) 791 __ieee80211_key_destroy(key, false); 792 793 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 794 if (sdata->bss) { 795 master = container_of(sdata->bss, 796 struct ieee80211_sub_if_data, 797 u.ap); 798 799 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt != 800 master->crypto_tx_tailroom_needed_cnt); 801 } 802 } else { 803 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt || 804 sdata->crypto_tx_tailroom_pending_dec); 805 } 806 807 if (sdata->vif.type == NL80211_IFTYPE_AP) { 808 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) 809 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt || 810 vlan->crypto_tx_tailroom_pending_dec); 811 } 812 813 mutex_unlock(&local->key_mtx); 814} 815 816void ieee80211_free_sta_keys(struct ieee80211_local *local, 817 struct sta_info *sta) 818{ 819 struct ieee80211_key *key; 820 int i; 821 822 mutex_lock(&local->key_mtx); 823 for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) { 824 key = key_mtx_dereference(local, sta->gtk[i]); 825 if (!key) 826 continue; 827 ieee80211_key_replace(key->sdata, key->sta, 828 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 829 key, NULL); 830 __ieee80211_key_destroy(key, true); 831 } 832 833 for (i = 0; i < NUM_DEFAULT_KEYS; i++) { 834 key = key_mtx_dereference(local, sta->ptk[i]); 835 if (!key) 836 continue; 837 ieee80211_key_replace(key->sdata, key->sta, 838 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 839 key, NULL); 840 __ieee80211_key_destroy(key, true); 841 } 842 843 mutex_unlock(&local->key_mtx); 844} 845 846void ieee80211_delayed_tailroom_dec(struct work_struct *wk) 847{ 848 struct ieee80211_sub_if_data *sdata; 849 850 sdata = container_of(wk, struct ieee80211_sub_if_data, 851 dec_tailroom_needed_wk.work); 852 853 /* 854 * The reason for the delayed tailroom needed decrementing is to 855 * make roaming faster: during roaming, all keys are first deleted 856 * and then new keys are installed. The first new key causes the 857 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes 858 * the cost of synchronize_net() (which can be slow). Avoid this 859 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on 860 * key removal for a while, so if we roam the value is larger than 861 * zero and no 0->1 transition happens. 862 * 863 * The cost is that if the AP switching was from an AP with keys 864 * to one without, we still allocate tailroom while it would no 865 * longer be needed. However, in the typical (fast) roaming case 866 * within an ESS this usually won't happen. 867 */ 868 869 mutex_lock(&sdata->local->key_mtx); 870 decrease_tailroom_need_count(sdata, 871 sdata->crypto_tx_tailroom_pending_dec); 872 sdata->crypto_tx_tailroom_pending_dec = 0; 873 mutex_unlock(&sdata->local->key_mtx); 874} 875 876void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid, 877 const u8 *replay_ctr, gfp_t gfp) 878{ 879 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 880 881 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr); 882 883 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp); 884} 885EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify); 886 887void ieee80211_get_key_tx_seq(struct ieee80211_key_conf *keyconf, 888 struct ieee80211_key_seq *seq) 889{ 890 struct ieee80211_key *key; 891 u64 pn64; 892 893 if (WARN_ON(!(keyconf->flags & IEEE80211_KEY_FLAG_GENERATE_IV))) 894 return; 895 896 key = container_of(keyconf, struct ieee80211_key, conf); 897 898 switch (key->conf.cipher) { 899 case WLAN_CIPHER_SUITE_TKIP: 900 seq->tkip.iv32 = key->u.tkip.tx.iv32; 901 seq->tkip.iv16 = key->u.tkip.tx.iv16; 902 break; 903 case WLAN_CIPHER_SUITE_CCMP: 904 case WLAN_CIPHER_SUITE_CCMP_256: 905 case WLAN_CIPHER_SUITE_AES_CMAC: 906 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 907 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) != 908 offsetof(typeof(*seq), aes_cmac)); 909 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 910 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 911 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) != 912 offsetof(typeof(*seq), aes_gmac)); 913 case WLAN_CIPHER_SUITE_GCMP: 914 case WLAN_CIPHER_SUITE_GCMP_256: 915 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) != 916 offsetof(typeof(*seq), gcmp)); 917 pn64 = atomic64_read(&key->conf.tx_pn); 918 seq->ccmp.pn[5] = pn64; 919 seq->ccmp.pn[4] = pn64 >> 8; 920 seq->ccmp.pn[3] = pn64 >> 16; 921 seq->ccmp.pn[2] = pn64 >> 24; 922 seq->ccmp.pn[1] = pn64 >> 32; 923 seq->ccmp.pn[0] = pn64 >> 40; 924 break; 925 default: 926 WARN_ON(1); 927 } 928} 929EXPORT_SYMBOL(ieee80211_get_key_tx_seq); 930 931void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf, 932 int tid, struct ieee80211_key_seq *seq) 933{ 934 struct ieee80211_key *key; 935 const u8 *pn; 936 937 key = container_of(keyconf, struct ieee80211_key, conf); 938 939 switch (key->conf.cipher) { 940 case WLAN_CIPHER_SUITE_TKIP: 941 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 942 return; 943 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32; 944 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16; 945 break; 946 case WLAN_CIPHER_SUITE_CCMP: 947 case WLAN_CIPHER_SUITE_CCMP_256: 948 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 949 return; 950 if (tid < 0) 951 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 952 else 953 pn = key->u.ccmp.rx_pn[tid]; 954 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN); 955 break; 956 case WLAN_CIPHER_SUITE_AES_CMAC: 957 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 958 if (WARN_ON(tid != 0)) 959 return; 960 pn = key->u.aes_cmac.rx_pn; 961 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN); 962 break; 963 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 964 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 965 if (WARN_ON(tid != 0)) 966 return; 967 pn = key->u.aes_gmac.rx_pn; 968 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN); 969 break; 970 case WLAN_CIPHER_SUITE_GCMP: 971 case WLAN_CIPHER_SUITE_GCMP_256: 972 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 973 return; 974 if (tid < 0) 975 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 976 else 977 pn = key->u.gcmp.rx_pn[tid]; 978 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN); 979 break; 980 } 981} 982EXPORT_SYMBOL(ieee80211_get_key_rx_seq); 983 984void ieee80211_set_key_tx_seq(struct ieee80211_key_conf *keyconf, 985 struct ieee80211_key_seq *seq) 986{ 987 struct ieee80211_key *key; 988 u64 pn64; 989 990 key = container_of(keyconf, struct ieee80211_key, conf); 991 992 switch (key->conf.cipher) { 993 case WLAN_CIPHER_SUITE_TKIP: 994 key->u.tkip.tx.iv32 = seq->tkip.iv32; 995 key->u.tkip.tx.iv16 = seq->tkip.iv16; 996 break; 997 case WLAN_CIPHER_SUITE_CCMP: 998 case WLAN_CIPHER_SUITE_CCMP_256: 999 case WLAN_CIPHER_SUITE_AES_CMAC: 1000 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1001 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) != 1002 offsetof(typeof(*seq), aes_cmac)); 1003 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1004 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1005 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) != 1006 offsetof(typeof(*seq), aes_gmac)); 1007 case WLAN_CIPHER_SUITE_GCMP: 1008 case WLAN_CIPHER_SUITE_GCMP_256: 1009 BUILD_BUG_ON(offsetof(typeof(*seq), ccmp) != 1010 offsetof(typeof(*seq), gcmp)); 1011 pn64 = (u64)seq->ccmp.pn[5] | 1012 ((u64)seq->ccmp.pn[4] << 8) | 1013 ((u64)seq->ccmp.pn[3] << 16) | 1014 ((u64)seq->ccmp.pn[2] << 24) | 1015 ((u64)seq->ccmp.pn[1] << 32) | 1016 ((u64)seq->ccmp.pn[0] << 40); 1017 atomic64_set(&key->conf.tx_pn, pn64); 1018 break; 1019 default: 1020 WARN_ON(1); 1021 break; 1022 } 1023} 1024EXPORT_SYMBOL_GPL(ieee80211_set_key_tx_seq); 1025 1026void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf, 1027 int tid, struct ieee80211_key_seq *seq) 1028{ 1029 struct ieee80211_key *key; 1030 u8 *pn; 1031 1032 key = container_of(keyconf, struct ieee80211_key, conf); 1033 1034 switch (key->conf.cipher) { 1035 case WLAN_CIPHER_SUITE_TKIP: 1036 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS)) 1037 return; 1038 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32; 1039 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16; 1040 break; 1041 case WLAN_CIPHER_SUITE_CCMP: 1042 case WLAN_CIPHER_SUITE_CCMP_256: 1043 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1044 return; 1045 if (tid < 0) 1046 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS]; 1047 else 1048 pn = key->u.ccmp.rx_pn[tid]; 1049 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN); 1050 break; 1051 case WLAN_CIPHER_SUITE_AES_CMAC: 1052 case WLAN_CIPHER_SUITE_BIP_CMAC_256: 1053 if (WARN_ON(tid != 0)) 1054 return; 1055 pn = key->u.aes_cmac.rx_pn; 1056 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN); 1057 break; 1058 case WLAN_CIPHER_SUITE_BIP_GMAC_128: 1059 case WLAN_CIPHER_SUITE_BIP_GMAC_256: 1060 if (WARN_ON(tid != 0)) 1061 return; 1062 pn = key->u.aes_gmac.rx_pn; 1063 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN); 1064 break; 1065 case WLAN_CIPHER_SUITE_GCMP: 1066 case WLAN_CIPHER_SUITE_GCMP_256: 1067 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1068 return; 1069 if (tid < 0) 1070 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS]; 1071 else 1072 pn = key->u.gcmp.rx_pn[tid]; 1073 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN); 1074 break; 1075 default: 1076 WARN_ON(1); 1077 break; 1078 } 1079} 1080EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq); 1081 1082void ieee80211_remove_key(struct ieee80211_key_conf *keyconf) 1083{ 1084 struct ieee80211_key *key; 1085 1086 key = container_of(keyconf, struct ieee80211_key, conf); 1087 1088 assert_key_lock(key->local); 1089 1090 /* 1091 * if key was uploaded, we assume the driver will/has remove(d) 1092 * it, so adjust bookkeeping accordingly 1093 */ 1094 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) { 1095 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 1096 1097 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) || 1098 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM))) 1099 increment_tailroom_need_count(key->sdata); 1100 } 1101 1102 ieee80211_key_free(key, false); 1103} 1104EXPORT_SYMBOL_GPL(ieee80211_remove_key); 1105 1106struct ieee80211_key_conf * 1107ieee80211_gtk_rekey_add(struct ieee80211_vif *vif, 1108 struct ieee80211_key_conf *keyconf) 1109{ 1110 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); 1111 struct ieee80211_local *local = sdata->local; 1112 struct ieee80211_key *key; 1113 int err; 1114 1115 if (WARN_ON(!local->wowlan)) 1116 return ERR_PTR(-EINVAL); 1117 1118 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION)) 1119 return ERR_PTR(-EINVAL); 1120 1121 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx, 1122 keyconf->keylen, keyconf->key, 1123 0, NULL, NULL); 1124 if (IS_ERR(key)) 1125 return ERR_CAST(key); 1126 1127 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED) 1128 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT; 1129 1130 err = ieee80211_key_link(key, sdata, NULL); 1131 if (err) 1132 return ERR_PTR(err); 1133 1134 return &key->conf; 1135} 1136EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add); 1137