silabs/wfx/key.c

0001 // SPDX-License-Identifier: GPL-2.0-only
0002 /*
0003  * Key management related functions.
0004  *
0005  * Copyright (c) 2017-2020, Silicon Laboratories, Inc.
0006  * Copyright (c) 2010, ST-Ericsson
0007  */
0008 #include <linux/etherdevice.h>
0009 #include <net/mac80211.h>
0010
0011 #include "key.h"
0012 #include "wfx.h"
0013 #include "hif_tx_mib.h"
0014
0015 static int wfx_alloc_key(struct wfx_dev *wdev)
0016 {
0017     int idx;
0018
0019     idx = ffs(~wdev->key_map) - 1;
0020     if (idx < 0 || idx >= MAX_KEY_ENTRIES)
0021         return -1;
0022
0023     wdev->key_map |= BIT(idx);
0024     return idx;
0025 }
0026
0027 static void wfx_free_key(struct wfx_dev *wdev, int idx)
0028 {
0029     WARN(!(wdev->key_map & BIT(idx)), "inconsistent key allocation");
0030     wdev->key_map &= ~BIT(idx);
0031 }
0032
0033 static u8 fill_wep_pair(struct wfx_hif_wep_pairwise_key *msg,
0034             struct ieee80211_key_conf *key, u8 *peer_addr)
0035 {
0036     WARN(key->keylen > sizeof(msg->key_data), "inconsistent data");
0037     msg->key_length = key->keylen;
0038     memcpy(msg->key_data, key->key, key->keylen);
0039     ether_addr_copy(msg->peer_address, peer_addr);
0040     return HIF_KEY_TYPE_WEP_PAIRWISE;
0041 }
0042
0043 static u8 fill_wep_group(struct wfx_hif_wep_group_key *msg,
0044              struct ieee80211_key_conf *key)
0045 {
0046     WARN(key->keylen > sizeof(msg->key_data), "inconsistent data");
0047     msg->key_id = key->keyidx;
0048     msg->key_length = key->keylen;
0049     memcpy(msg->key_data, key->key, key->keylen);
0050     return HIF_KEY_TYPE_WEP_DEFAULT;
0051 }
0052
0053 static u8 fill_tkip_pair(struct wfx_hif_tkip_pairwise_key *msg,
0054              struct ieee80211_key_conf *key, u8 *peer_addr)
0055 {
0056     u8 *keybuf = key->key;
0057
0058     WARN(key->keylen != sizeof(msg->tkip_key_data) + sizeof(msg->tx_mic_key) +
0059                 sizeof(msg->rx_mic_key), "inconsistent data");
0060     memcpy(msg->tkip_key_data, keybuf, sizeof(msg->tkip_key_data));
0061     keybuf += sizeof(msg->tkip_key_data);
0062     memcpy(msg->tx_mic_key, keybuf, sizeof(msg->tx_mic_key));
0063     keybuf += sizeof(msg->tx_mic_key);
0064     memcpy(msg->rx_mic_key, keybuf, sizeof(msg->rx_mic_key));
0065     ether_addr_copy(msg->peer_address, peer_addr);
0066     return HIF_KEY_TYPE_TKIP_PAIRWISE;
0067 }
0068
0069 static u8 fill_tkip_group(struct wfx_hif_tkip_group_key *msg, struct ieee80211_key_conf *key,
0070               struct ieee80211_key_seq *seq, enum nl80211_iftype iftype)
0071 {
0072     u8 *keybuf = key->key;
0073
0074     WARN(key->keylen != sizeof(msg->tkip_key_data) + 2 * sizeof(msg->rx_mic_key),
0075          "inconsistent data");
0076     msg->key_id = key->keyidx;
0077     memcpy(msg->rx_sequence_counter, &seq->tkip.iv16, sizeof(seq->tkip.iv16));
0078     memcpy(msg->rx_sequence_counter + sizeof(u16), &seq->tkip.iv32, sizeof(seq->tkip.iv32));
0079     memcpy(msg->tkip_key_data, keybuf, sizeof(msg->tkip_key_data));
0080     keybuf += sizeof(msg->tkip_key_data);
0081     if (iftype == NL80211_IFTYPE_AP)
0082         /* Use Tx MIC Key */
0083         memcpy(msg->rx_mic_key, keybuf + 0, sizeof(msg->rx_mic_key));
0084     else
0085         /* Use Rx MIC Key */
0086         memcpy(msg->rx_mic_key, keybuf + 8, sizeof(msg->rx_mic_key));
0087     return HIF_KEY_TYPE_TKIP_GROUP;
0088 }
0089
0090 static u8 fill_ccmp_pair(struct wfx_hif_aes_pairwise_key *msg,
0091              struct ieee80211_key_conf *key, u8 *peer_addr)
0092 {
0093     WARN(key->keylen != sizeof(msg->aes_key_data), "inconsistent data");
0094     ether_addr_copy(msg->peer_address, peer_addr);
0095     memcpy(msg->aes_key_data, key->key, key->keylen);
0096     return HIF_KEY_TYPE_AES_PAIRWISE;
0097 }
0098
0099 static u8 fill_ccmp_group(struct wfx_hif_aes_group_key *msg,
0100               struct ieee80211_key_conf *key, struct ieee80211_key_seq *seq)
0101 {
0102     WARN(key->keylen != sizeof(msg->aes_key_data), "inconsistent data");
0103     memcpy(msg->aes_key_data, key->key, key->keylen);
0104     memcpy(msg->rx_sequence_counter, seq->ccmp.pn, sizeof(seq->ccmp.pn));
0105     memreverse(msg->rx_sequence_counter, sizeof(seq->ccmp.pn));
0106     msg->key_id = key->keyidx;
0107     return HIF_KEY_TYPE_AES_GROUP;
0108 }
0109
0110 static u8 fill_sms4_pair(struct wfx_hif_wapi_pairwise_key *msg,
0111              struct ieee80211_key_conf *key, u8 *peer_addr)
0112 {
0113     u8 *keybuf = key->key;
0114
0115     WARN(key->keylen != sizeof(msg->wapi_key_data) + sizeof(msg->mic_key_data),
0116          "inconsistent data");
0117     ether_addr_copy(msg->peer_address, peer_addr);
0118     memcpy(msg->wapi_key_data, keybuf, sizeof(msg->wapi_key_data));
0119     keybuf += sizeof(msg->wapi_key_data);
0120     memcpy(msg->mic_key_data, keybuf, sizeof(msg->mic_key_data));
0121     msg->key_id = key->keyidx;
0122     return HIF_KEY_TYPE_WAPI_PAIRWISE;
0123 }
0124
0125 static u8 fill_sms4_group(struct wfx_hif_wapi_group_key *msg,
0126               struct ieee80211_key_conf *key)
0127 {
0128     u8 *keybuf = key->key;
0129
0130     WARN(key->keylen != sizeof(msg->wapi_key_data) + sizeof(msg->mic_key_data),
0131          "inconsistent data");
0132     memcpy(msg->wapi_key_data, keybuf, sizeof(msg->wapi_key_data));
0133     keybuf += sizeof(msg->wapi_key_data);
0134     memcpy(msg->mic_key_data, keybuf, sizeof(msg->mic_key_data));
0135     msg->key_id = key->keyidx;
0136     return HIF_KEY_TYPE_WAPI_GROUP;
0137 }
0138
0139 static u8 fill_aes_cmac_group(struct wfx_hif_igtk_group_key *msg,
0140                   struct ieee80211_key_conf *key, struct ieee80211_key_seq *seq)
0141 {
0142     WARN(key->keylen != sizeof(msg->igtk_key_data), "inconsistent data");
0143     memcpy(msg->igtk_key_data, key->key, key->keylen);
0144     memcpy(msg->ipn, seq->aes_cmac.pn, sizeof(seq->aes_cmac.pn));
0145     memreverse(msg->ipn, sizeof(seq->aes_cmac.pn));
0146     msg->key_id = key->keyidx;
0147     return HIF_KEY_TYPE_IGTK_GROUP;
0148 }
0149
0150 static int wfx_add_key(struct wfx_vif *wvif, struct ieee80211_sta *sta,
0151                struct ieee80211_key_conf *key)
0152 {
0153     int ret;
0154     struct wfx_hif_req_add_key k = { };
0155     struct ieee80211_key_seq seq;
0156     struct wfx_dev *wdev = wvif->wdev;
0157     int idx = wfx_alloc_key(wvif->wdev);
0158     bool pairwise = key->flags & IEEE80211_KEY_FLAG_PAIRWISE;
0159     struct ieee80211_vif *vif = wvif_to_vif(wvif);
0160
0161     WARN(key->flags & IEEE80211_KEY_FLAG_PAIRWISE && !sta, "inconsistent data");
0162     ieee80211_get_key_rx_seq(key, 0, &seq);
0163     if (idx < 0)
0164         return -EINVAL;
0165     k.int_id = wvif->id;
0166     k.entry_index = idx;
0167     if (key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
0168         key->cipher == WLAN_CIPHER_SUITE_WEP104) {
0169         if (pairwise)
0170             k.type = fill_wep_pair(&k.key.wep_pairwise_key, key, sta->addr);
0171         else
0172             k.type = fill_wep_group(&k.key.wep_group_key, key);
0173     } else if (key->cipher == WLAN_CIPHER_SUITE_TKIP) {
0174         if (pairwise)
0175             k.type = fill_tkip_pair(&k.key.tkip_pairwise_key, key, sta->addr);
0176         else
0177             k.type = fill_tkip_group(&k.key.tkip_group_key, key, &seq,
0178                          vif->type);
0179     } else if (key->cipher == WLAN_CIPHER_SUITE_CCMP) {
0180         if (pairwise)
0181             k.type = fill_ccmp_pair(&k.key.aes_pairwise_key, key, sta->addr);
0182         else
0183             k.type = fill_ccmp_group(&k.key.aes_group_key, key, &seq);
0184     } else if (key->cipher == WLAN_CIPHER_SUITE_SMS4) {
0185         if (pairwise)
0186             k.type = fill_sms4_pair(&k.key.wapi_pairwise_key, key, sta->addr);
0187         else
0188             k.type = fill_sms4_group(&k.key.wapi_group_key, key);
0189     } else if (key->cipher == WLAN_CIPHER_SUITE_AES_CMAC) {
0190         k.type = fill_aes_cmac_group(&k.key.igtk_group_key, key, &seq);
0191         key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIE;
0192     } else {
0193         dev_warn(wdev->dev, "unsupported key type %d\n", key->cipher);
0194         wfx_free_key(wdev, idx);
0195         return -EOPNOTSUPP;
0196     }
0197     ret = wfx_hif_add_key(wdev, &k);
0198     if (ret) {
0199         wfx_free_key(wdev, idx);
0200         return -EOPNOTSUPP;
0201     }
0202     key->flags |= IEEE80211_KEY_FLAG_PUT_IV_SPACE | IEEE80211_KEY_FLAG_RESERVE_TAILROOM;
0203     key->hw_key_idx = idx;
0204     return 0;
0205 }
0206
0207 static int wfx_remove_key(struct wfx_vif *wvif, struct ieee80211_key_conf *key)
0208 {
0209     WARN(key->hw_key_idx >= MAX_KEY_ENTRIES, "corrupted hw_key_idx");
0210     wfx_free_key(wvif->wdev, key->hw_key_idx);
0211     return wfx_hif_remove_key(wvif->wdev, key->hw_key_idx);
0212 }
0213
0214 int wfx_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd, struct ieee80211_vif *vif,
0215         struct ieee80211_sta *sta, struct ieee80211_key_conf *key)
0216 {
0217     int ret = -EOPNOTSUPP;
0218     struct wfx_vif *wvif = (struct wfx_vif *)vif->drv_priv;
0219
0220     mutex_lock(&wvif->wdev->conf_mutex);
0221     if (cmd == SET_KEY)
0222         ret = wfx_add_key(wvif, sta, key);
0223     if (cmd == DISABLE_KEY)
0224         ret = wfx_remove_key(wvif, key);
0225     mutex_unlock(&wvif->wdev->conf_mutex);
0226     return ret;
0227 }