2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
6 * Copyright 2017 Intel Deutschland GmbH
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2 as
10 * published by the Free Software Foundation.
13 #include <linux/if_ether.h>
14 #include <linux/etherdevice.h>
15 #include <linux/list.h>
16 #include <linux/rcupdate.h>
17 #include <linux/rtnetlink.h>
18 #include <linux/slab.h>
19 #include <linux/export.h>
20 #include <net/mac80211.h>
21 #include "ieee80211_i.h"
22 #include "driver-ops.h"
23 #include "debugfs_key.h"
29 * DOC: Key handling basics
31 * Key handling in mac80211 is done based on per-interface (sub_if_data)
32 * keys and per-station keys. Since each station belongs to an interface,
33 * each station key also belongs to that interface.
35 * Hardware acceleration is done on a best-effort basis for algorithms
36 * that are implemented in software, for each key the hardware is asked
37 * to enable that key for offloading but if it cannot do that the key is
38 * simply kept for software encryption (unless it is for an algorithm
39 * that isn't implemented in software).
40 * There is currently no way of knowing whether a key is handled in SW
41 * or HW except by looking into debugfs.
43 * All key management is internally protected by a mutex. Within all
44 * other parts of mac80211, key references are, just as STA structure
45 * references, protected by RCU. Note, however, that some things are
46 * unprotected, namely the key->sta dereferences within the hardware
47 * acceleration functions. This means that sta_info_destroy() must
48 * remove the key which waits for an RCU grace period.
51 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
53 static void assert_key_lock(struct ieee80211_local *local)
55 lockdep_assert_held(&local->key_mtx);
58 static struct ieee80211_sta *get_sta_for_key(struct ieee80211_key *key)
61 return &key->sta->sta;
66 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
69 * When this count is zero, SKB resizing for allocating tailroom
70 * for IV or MMIC is skipped. But, this check has created two race
71 * cases in xmit path while transiting from zero count to one:
73 * 1. SKB resize was skipped because no key was added but just before
74 * the xmit key is added and SW encryption kicks off.
76 * 2. SKB resize was skipped because all the keys were hw planted but
77 * just before xmit one of the key is deleted and SW encryption kicks
80 * In both the above case SW encryption will find not enough space for
81 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
83 * Solution has been explained at
84 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
87 if (!sdata->crypto_tx_tailroom_needed_cnt++) {
89 * Flush all XMIT packets currently using HW encryption or no
90 * encryption at all if the count transition is from 0 -> 1.
96 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
98 struct ieee80211_sub_if_data *sdata;
99 struct ieee80211_sta *sta;
104 if (!key->local->ops->set_key)
105 goto out_unsupported;
107 assert_key_lock(key->local);
109 sta = get_sta_for_key(key);
112 * If this is a per-STA GTK, check if it
113 * is supported; if not, return.
115 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) &&
116 !(key->local->hw.flags & IEEE80211_HW_SUPPORTS_PER_STA_GTK))
117 goto out_unsupported;
120 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
122 * The driver doesn't know anything about VLAN interfaces.
123 * Hence, don't send GTKs for VLAN interfaces to the driver.
125 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE))
126 goto out_unsupported;
127 sdata = container_of(sdata->bss,
128 struct ieee80211_sub_if_data,
132 ret = drv_set_key(key->local, SET_KEY, sdata, sta, &key->conf);
135 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
137 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
138 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)))
139 sdata->crypto_tx_tailroom_needed_cnt--;
144 if (ret != -ENOSPC && ret != -EOPNOTSUPP)
145 wiphy_err(key->local->hw.wiphy,
146 "failed to set key (%d, %pM) to hardware (%d)\n",
147 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret);
150 switch (key->conf.cipher) {
151 case WLAN_CIPHER_SUITE_WEP40:
152 case WLAN_CIPHER_SUITE_WEP104:
153 case WLAN_CIPHER_SUITE_TKIP:
154 case WLAN_CIPHER_SUITE_CCMP:
155 case WLAN_CIPHER_SUITE_AES_CMAC:
156 /* all of these we can do in software */
163 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
165 struct ieee80211_sub_if_data *sdata;
166 struct ieee80211_sta *sta;
171 if (!key || !key->local->ops->set_key)
174 assert_key_lock(key->local);
176 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
179 sta = get_sta_for_key(key);
182 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
183 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)))
184 increment_tailroom_need_count(sdata);
186 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
187 sdata = container_of(sdata->bss,
188 struct ieee80211_sub_if_data,
191 ret = drv_set_key(key->local, DISABLE_KEY, sdata,
195 wiphy_err(key->local->hw.wiphy,
196 "failed to remove key (%d, %pM) from hardware (%d)\n",
197 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret);
199 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
202 void ieee80211_key_removed(struct ieee80211_key_conf *key_conf)
204 struct ieee80211_key *key;
206 key = container_of(key_conf, struct ieee80211_key, conf);
209 assert_key_lock(key->local);
211 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
214 * Flush TX path to avoid attempts to use this key
215 * after this function returns. Until then, drivers
216 * must be prepared to handle the key.
220 EXPORT_SYMBOL_GPL(ieee80211_key_removed);
222 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
223 int idx, bool uni, bool multi)
225 struct ieee80211_key *key = NULL;
227 assert_key_lock(sdata->local);
229 if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
230 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
233 rcu_assign_pointer(sdata->default_unicast_key, key);
235 rcu_assign_pointer(sdata->default_multicast_key, key);
237 ieee80211_debugfs_key_update_default(sdata);
240 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
241 bool uni, bool multi)
243 mutex_lock(&sdata->local->key_mtx);
244 __ieee80211_set_default_key(sdata, idx, uni, multi);
245 mutex_unlock(&sdata->local->key_mtx);
249 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
251 struct ieee80211_key *key = NULL;
253 assert_key_lock(sdata->local);
255 if (idx >= NUM_DEFAULT_KEYS &&
256 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
257 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
259 rcu_assign_pointer(sdata->default_mgmt_key, key);
261 ieee80211_debugfs_key_update_default(sdata);
264 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
267 mutex_lock(&sdata->local->key_mtx);
268 __ieee80211_set_default_mgmt_key(sdata, idx);
269 mutex_unlock(&sdata->local->key_mtx);
273 static void __ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
274 struct sta_info *sta,
276 struct ieee80211_key *old,
277 struct ieee80211_key *new)
280 bool defunikey, defmultikey, defmgmtkey;
283 list_add_tail(&new->list, &sdata->key_list);
285 if (sta && pairwise) {
286 rcu_assign_pointer(sta->ptk, new);
289 idx = old->conf.keyidx;
291 idx = new->conf.keyidx;
292 rcu_assign_pointer(sta->gtk[idx], new);
294 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
297 idx = old->conf.keyidx;
299 idx = new->conf.keyidx;
302 old == key_mtx_dereference(sdata->local,
303 sdata->default_unicast_key);
305 old == key_mtx_dereference(sdata->local,
306 sdata->default_multicast_key);
308 old == key_mtx_dereference(sdata->local,
309 sdata->default_mgmt_key);
311 if (defunikey && !new)
312 __ieee80211_set_default_key(sdata, -1, true, false);
313 if (defmultikey && !new)
314 __ieee80211_set_default_key(sdata, -1, false, true);
315 if (defmgmtkey && !new)
316 __ieee80211_set_default_mgmt_key(sdata, -1);
318 rcu_assign_pointer(sdata->keys[idx], new);
319 if (defunikey && new)
320 __ieee80211_set_default_key(sdata, new->conf.keyidx,
322 if (defmultikey && new)
323 __ieee80211_set_default_key(sdata, new->conf.keyidx,
325 if (defmgmtkey && new)
326 __ieee80211_set_default_mgmt_key(sdata,
331 list_del(&old->list);
334 struct ieee80211_key *ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
336 size_t seq_len, const u8 *seq)
338 struct ieee80211_key *key;
341 BUG_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS);
343 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
345 return ERR_PTR(-ENOMEM);
348 * Default to software encryption; we'll later upload the
349 * key to the hardware if possible.
354 key->conf.cipher = cipher;
355 key->conf.keyidx = idx;
356 key->conf.keylen = key_len;
358 case WLAN_CIPHER_SUITE_WEP40:
359 case WLAN_CIPHER_SUITE_WEP104:
360 key->conf.iv_len = WEP_IV_LEN;
361 key->conf.icv_len = WEP_ICV_LEN;
363 case WLAN_CIPHER_SUITE_TKIP:
364 key->conf.iv_len = TKIP_IV_LEN;
365 key->conf.icv_len = TKIP_ICV_LEN;
367 for (i = 0; i < NUM_RX_DATA_QUEUES; i++) {
368 key->u.tkip.rx[i].iv32 =
369 get_unaligned_le32(&seq[2]);
370 key->u.tkip.rx[i].iv16 =
371 get_unaligned_le16(seq);
374 spin_lock_init(&key->u.tkip.txlock);
376 case WLAN_CIPHER_SUITE_CCMP:
377 key->conf.iv_len = CCMP_HDR_LEN;
378 key->conf.icv_len = CCMP_MIC_LEN;
380 for (i = 0; i < NUM_RX_DATA_QUEUES + 1; i++)
381 for (j = 0; j < CCMP_PN_LEN; j++)
382 key->u.ccmp.rx_pn[i][j] =
383 seq[CCMP_PN_LEN - j - 1];
386 * Initialize AES key state here as an optimization so that
387 * it does not need to be initialized for every packet.
389 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(key_data);
390 if (IS_ERR(key->u.ccmp.tfm)) {
391 err = PTR_ERR(key->u.ccmp.tfm);
396 case WLAN_CIPHER_SUITE_AES_CMAC:
397 key->conf.iv_len = 0;
398 key->conf.icv_len = sizeof(struct ieee80211_mmie);
400 for (j = 0; j < 6; j++)
401 key->u.aes_cmac.rx_pn[j] = seq[6 - j - 1];
403 * Initialize AES key state here as an optimization so that
404 * it does not need to be initialized for every packet.
406 key->u.aes_cmac.tfm =
407 ieee80211_aes_cmac_key_setup(key_data);
408 if (IS_ERR(key->u.aes_cmac.tfm)) {
409 err = PTR_ERR(key->u.aes_cmac.tfm);
415 memcpy(key->conf.key, key_data, key_len);
416 INIT_LIST_HEAD(&key->list);
421 static void __ieee80211_key_destroy(struct ieee80211_key *key)
427 * Synchronize so the TX path can no longer be using
428 * this key before we free/remove it.
433 ieee80211_key_disable_hw_accel(key);
435 if (key->conf.cipher == WLAN_CIPHER_SUITE_CCMP)
436 ieee80211_aes_key_free(key->u.ccmp.tfm);
437 if (key->conf.cipher == WLAN_CIPHER_SUITE_AES_CMAC)
438 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
440 ieee80211_debugfs_key_remove(key);
441 key->sdata->crypto_tx_tailroom_needed_cnt--;
447 static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata,
448 struct ieee80211_key *old,
449 struct ieee80211_key *new)
451 u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP];
454 if (!old || new->conf.keylen != old->conf.keylen)
457 tk_old = old->conf.key;
458 tk_new = new->conf.key;
461 * In station mode, don't compare the TX MIC key, as it's never used
462 * and offloaded rekeying may not care to send it to the host. This
463 * is the case in iwlwifi, for example.
465 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
466 new->conf.cipher == WLAN_CIPHER_SUITE_TKIP &&
467 new->conf.keylen == WLAN_KEY_LEN_TKIP &&
468 !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
469 memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP);
470 memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP);
471 memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
472 memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
477 return !memcmp(tk_old, tk_new, new->conf.keylen);
480 int ieee80211_key_link(struct ieee80211_key *key,
481 struct ieee80211_sub_if_data *sdata,
482 struct sta_info *sta)
484 struct ieee80211_key *old_key;
491 pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
492 idx = key->conf.keyidx;
496 * some hardware cannot handle TKIP with QoS, so
497 * we indicate whether QoS could be in use.
499 if (test_sta_flag(sta, WLAN_STA_WME))
500 key->conf.flags |= IEEE80211_KEY_FLAG_WMM_STA;
502 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
506 * We're getting a sta pointer in, so must be under
507 * appropriate locking for sta_info_get().
510 /* same here, the AP could be using QoS */
511 ap = sta_info_get(sdata, sdata->u.mgd.bssid);
513 if (test_sta_flag(ap, WLAN_STA_WME))
515 IEEE80211_KEY_FLAG_WMM_STA;
520 mutex_lock(&sdata->local->key_mtx);
523 old_key = key_mtx_dereference(sdata->local, sta->ptk);
525 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]);
527 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
530 * Silently accept key re-installation without really installing the
531 * new version of the key to avoid nonce reuse or replay issues.
533 if (ieee80211_key_identical(sdata, old_key, key)) {
534 __ieee80211_key_free(key);
539 key->local = sdata->local;
543 increment_tailroom_need_count(sdata);
545 __ieee80211_key_replace(sdata, sta, pairwise, old_key, key);
546 __ieee80211_key_destroy(old_key);
548 ieee80211_debugfs_key_add(key);
550 ret = ieee80211_key_enable_hw_accel(key);
553 mutex_unlock(&sdata->local->key_mtx);
558 void __ieee80211_key_free(struct ieee80211_key *key)
564 * Replace key with nothingness if it was ever used.
567 __ieee80211_key_replace(key->sdata, key->sta,
568 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
570 __ieee80211_key_destroy(key);
573 void ieee80211_key_free(struct ieee80211_local *local,
574 struct ieee80211_key *key)
576 mutex_lock(&local->key_mtx);
577 __ieee80211_key_free(key);
578 mutex_unlock(&local->key_mtx);
581 void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata)
583 struct ieee80211_key *key;
587 if (WARN_ON(!ieee80211_sdata_running(sdata)))
590 mutex_lock(&sdata->local->key_mtx);
592 sdata->crypto_tx_tailroom_needed_cnt = 0;
594 list_for_each_entry(key, &sdata->key_list, list) {
595 increment_tailroom_need_count(sdata);
596 ieee80211_key_enable_hw_accel(key);
599 mutex_unlock(&sdata->local->key_mtx);
602 void ieee80211_iter_keys(struct ieee80211_hw *hw,
603 struct ieee80211_vif *vif,
604 void (*iter)(struct ieee80211_hw *hw,
605 struct ieee80211_vif *vif,
606 struct ieee80211_sta *sta,
607 struct ieee80211_key_conf *key,
611 struct ieee80211_local *local = hw_to_local(hw);
612 struct ieee80211_key *key;
613 struct ieee80211_sub_if_data *sdata;
617 mutex_lock(&local->key_mtx);
619 sdata = vif_to_sdata(vif);
620 list_for_each_entry(key, &sdata->key_list, list)
621 iter(hw, &sdata->vif,
622 key->sta ? &key->sta->sta : NULL,
623 &key->conf, iter_data);
625 list_for_each_entry(sdata, &local->interfaces, list)
626 list_for_each_entry(key, &sdata->key_list, list)
627 iter(hw, &sdata->vif,
628 key->sta ? &key->sta->sta : NULL,
629 &key->conf, iter_data);
631 mutex_unlock(&local->key_mtx);
633 EXPORT_SYMBOL(ieee80211_iter_keys);
635 void ieee80211_disable_keys(struct ieee80211_sub_if_data *sdata)
637 struct ieee80211_key *key;
641 mutex_lock(&sdata->local->key_mtx);
643 list_for_each_entry(key, &sdata->key_list, list)
644 ieee80211_key_disable_hw_accel(key);
646 mutex_unlock(&sdata->local->key_mtx);
649 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata)
651 struct ieee80211_key *key, *tmp;
653 mutex_lock(&sdata->local->key_mtx);
655 ieee80211_debugfs_key_remove_mgmt_default(sdata);
657 list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
658 __ieee80211_key_free(key);
660 ieee80211_debugfs_key_update_default(sdata);
662 mutex_unlock(&sdata->local->key_mtx);
666 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid,
667 const u8 *replay_ctr, gfp_t gfp)
669 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
671 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr);
673 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp);
675 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify);
677 void ieee80211_get_key_tx_seq(struct ieee80211_key_conf *keyconf,
678 struct ieee80211_key_seq *seq)
680 struct ieee80211_key *key;
683 if (WARN_ON(!(keyconf->flags & IEEE80211_KEY_FLAG_GENERATE_IV)))
686 key = container_of(keyconf, struct ieee80211_key, conf);
688 switch (key->conf.cipher) {
689 case WLAN_CIPHER_SUITE_TKIP:
690 seq->tkip.iv32 = key->u.tkip.tx.iv32;
691 seq->tkip.iv16 = key->u.tkip.tx.iv16;
693 case WLAN_CIPHER_SUITE_CCMP:
694 pn64 = atomic64_read(&key->u.ccmp.tx_pn);
695 seq->ccmp.pn[5] = pn64;
696 seq->ccmp.pn[4] = pn64 >> 8;
697 seq->ccmp.pn[3] = pn64 >> 16;
698 seq->ccmp.pn[2] = pn64 >> 24;
699 seq->ccmp.pn[1] = pn64 >> 32;
700 seq->ccmp.pn[0] = pn64 >> 40;
702 case WLAN_CIPHER_SUITE_AES_CMAC:
703 pn64 = atomic64_read(&key->u.aes_cmac.tx_pn);
704 seq->ccmp.pn[5] = pn64;
705 seq->ccmp.pn[4] = pn64 >> 8;
706 seq->ccmp.pn[3] = pn64 >> 16;
707 seq->ccmp.pn[2] = pn64 >> 24;
708 seq->ccmp.pn[1] = pn64 >> 32;
709 seq->ccmp.pn[0] = pn64 >> 40;
715 EXPORT_SYMBOL(ieee80211_get_key_tx_seq);
717 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
718 int tid, struct ieee80211_key_seq *seq)
720 struct ieee80211_key *key;
723 key = container_of(keyconf, struct ieee80211_key, conf);
725 switch (key->conf.cipher) {
726 case WLAN_CIPHER_SUITE_TKIP:
727 if (WARN_ON(tid < 0 || tid >= NUM_RX_DATA_QUEUES))
729 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32;
730 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
732 case WLAN_CIPHER_SUITE_CCMP:
733 if (WARN_ON(tid < -1 || tid >= NUM_RX_DATA_QUEUES))
736 pn = key->u.ccmp.rx_pn[NUM_RX_DATA_QUEUES];
738 pn = key->u.ccmp.rx_pn[tid];
739 memcpy(seq->ccmp.pn, pn, CCMP_PN_LEN);
741 case WLAN_CIPHER_SUITE_AES_CMAC:
742 if (WARN_ON(tid != 0))
744 pn = key->u.aes_cmac.rx_pn;
745 memcpy(seq->aes_cmac.pn, pn, CMAC_PN_LEN);
749 EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
git.openpandora.org / pandora-kernel.git / blob