net/mac80211/key.c

0001 // SPDX-License-Identifier: GPL-2.0-only
0002 /*
0003  * Copyright 2002-2005, Instant802 Networks, Inc.
0004  * Copyright 2005-2006, Devicescape Software, Inc.
0005  * Copyright 2006-2007  Jiri Benc <jbenc@suse.cz>
0006  * Copyright 2007-2008  Johannes Berg <johannes@sipsolutions.net>
0007  * Copyright 2013-2014  Intel Mobile Communications GmbH
0008  * Copyright 2015-2017  Intel Deutschland GmbH
0009  * Copyright 2018-2020, 2022  Intel Corporation
0010  */
0011
0012 #include <linux/if_ether.h>
0013 #include <linux/etherdevice.h>
0014 #include <linux/list.h>
0015 #include <linux/rcupdate.h>
0016 #include <linux/rtnetlink.h>
0017 #include <linux/slab.h>
0018 #include <linux/export.h>
0019 #include <net/mac80211.h>
0020 #include <crypto/algapi.h>
0021 #include <asm/unaligned.h>
0022 #include "ieee80211_i.h"
0023 #include "driver-ops.h"
0024 #include "debugfs_key.h"
0025 #include "aes_ccm.h"
0026 #include "aes_cmac.h"
0027 #include "aes_gmac.h"
0028 #include "aes_gcm.h"
0029
0030
0031 /**
0032  * DOC: Key handling basics
0033  *
0034  * Key handling in mac80211 is done based on per-interface (sub_if_data)
0035  * keys and per-station keys. Since each station belongs to an interface,
0036  * each station key also belongs to that interface.
0037  *
0038  * Hardware acceleration is done on a best-effort basis for algorithms
0039  * that are implemented in software,  for each key the hardware is asked
0040  * to enable that key for offloading but if it cannot do that the key is
0041  * simply kept for software encryption (unless it is for an algorithm
0042  * that isn't implemented in software).
0043  * There is currently no way of knowing whether a key is handled in SW
0044  * or HW except by looking into debugfs.
0045  *
0046  * All key management is internally protected by a mutex. Within all
0047  * other parts of mac80211, key references are, just as STA structure
0048  * references, protected by RCU. Note, however, that some things are
0049  * unprotected, namely the key->sta dereferences within the hardware
0050  * acceleration functions. This means that sta_info_destroy() must
0051  * remove the key which waits for an RCU grace period.
0052  */
0053
0054 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
0055
0056 static void assert_key_lock(struct ieee80211_local *local)
0057 {
0058     lockdep_assert_held(&local->key_mtx);
0059 }
0060
0061 static void
0062 update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta)
0063 {
0064     struct ieee80211_sub_if_data *vlan;
0065
0066     if (sdata->vif.type != NL80211_IFTYPE_AP)
0067         return;
0068
0069     /* crypto_tx_tailroom_needed_cnt is protected by this */
0070     assert_key_lock(sdata->local);
0071
0072     rcu_read_lock();
0073
0074     list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list)
0075         vlan->crypto_tx_tailroom_needed_cnt += delta;
0076
0077     rcu_read_unlock();
0078 }
0079
0080 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
0081 {
0082     /*
0083      * When this count is zero, SKB resizing for allocating tailroom
0084      * for IV or MMIC is skipped. But, this check has created two race
0085      * cases in xmit path while transiting from zero count to one:
0086      *
0087      * 1. SKB resize was skipped because no key was added but just before
0088      * the xmit key is added and SW encryption kicks off.
0089      *
0090      * 2. SKB resize was skipped because all the keys were hw planted but
0091      * just before xmit one of the key is deleted and SW encryption kicks
0092      * off.
0093      *
0094      * In both the above case SW encryption will find not enough space for
0095      * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
0096      *
0097      * Solution has been explained at
0098      * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
0099      */
0100
0101     assert_key_lock(sdata->local);
0102
0103     update_vlan_tailroom_need_count(sdata, 1);
0104
0105     if (!sdata->crypto_tx_tailroom_needed_cnt++) {
0106         /*
0107          * Flush all XMIT packets currently using HW encryption or no
0108          * encryption at all if the count transition is from 0 -> 1.
0109          */
0110         synchronize_net();
0111     }
0112 }
0113
0114 static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata,
0115                      int delta)
0116 {
0117     assert_key_lock(sdata->local);
0118
0119     WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta);
0120
0121     update_vlan_tailroom_need_count(sdata, -delta);
0122     sdata->crypto_tx_tailroom_needed_cnt -= delta;
0123 }
0124
0125 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
0126 {
0127     struct ieee80211_sub_if_data *sdata = key->sdata;
0128     struct sta_info *sta;
0129     int ret = -EOPNOTSUPP;
0130
0131     might_sleep();
0132
0133     if (key->flags & KEY_FLAG_TAINTED) {
0134         /* If we get here, it's during resume and the key is
0135          * tainted so shouldn't be used/programmed any more.
0136          * However, its flags may still indicate that it was
0137          * programmed into the device (since we're in resume)
0138          * so clear that flag now to avoid trying to remove
0139          * it again later.
0140          */
0141         if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE &&
0142             !(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
0143                      IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
0144                      IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
0145             increment_tailroom_need_count(sdata);
0146
0147         key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
0148         return -EINVAL;
0149     }
0150
0151     if (!key->local->ops->set_key)
0152         goto out_unsupported;
0153
0154     assert_key_lock(key->local);
0155
0156     sta = key->sta;
0157
0158     /*
0159      * If this is a per-STA GTK, check if it
0160      * is supported; if not, return.
0161      */
0162     if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) &&
0163         !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK))
0164         goto out_unsupported;
0165
0166     if (sta && !sta->uploaded)
0167         goto out_unsupported;
0168
0169     if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
0170         /*
0171          * The driver doesn't know anything about VLAN interfaces.
0172          * Hence, don't send GTKs for VLAN interfaces to the driver.
0173          */
0174         if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
0175             ret = 1;
0176             goto out_unsupported;
0177         }
0178     }
0179
0180     ret = drv_set_key(key->local, SET_KEY, sdata,
0181               sta ? &sta->sta : NULL, &key->conf);
0182
0183     if (!ret) {
0184         key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
0185
0186         if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
0187                      IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
0188                      IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
0189             decrease_tailroom_need_count(sdata, 1);
0190
0191         WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
0192             (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV));
0193
0194         WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_MIC_SPACE) &&
0195             (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC));
0196
0197         return 0;
0198     }
0199
0200     if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1)
0201         sdata_err(sdata,
0202               "failed to set key (%d, %pM) to hardware (%d)\n",
0203               key->conf.keyidx,
0204               sta ? sta->sta.addr : bcast_addr, ret);
0205
0206  out_unsupported:
0207     switch (key->conf.cipher) {
0208     case WLAN_CIPHER_SUITE_WEP40:
0209     case WLAN_CIPHER_SUITE_WEP104:
0210     case WLAN_CIPHER_SUITE_TKIP:
0211     case WLAN_CIPHER_SUITE_CCMP:
0212     case WLAN_CIPHER_SUITE_CCMP_256:
0213     case WLAN_CIPHER_SUITE_GCMP:
0214     case WLAN_CIPHER_SUITE_GCMP_256:
0215     case WLAN_CIPHER_SUITE_AES_CMAC:
0216     case WLAN_CIPHER_SUITE_BIP_CMAC_256:
0217     case WLAN_CIPHER_SUITE_BIP_GMAC_128:
0218     case WLAN_CIPHER_SUITE_BIP_GMAC_256:
0219         /* all of these we can do in software - if driver can */
0220         if (ret == 1)
0221             return 0;
0222         if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL))
0223             return -EINVAL;
0224         return 0;
0225     default:
0226         return -EINVAL;
0227     }
0228 }
0229
0230 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
0231 {
0232     struct ieee80211_sub_if_data *sdata;
0233     struct sta_info *sta;
0234     int ret;
0235
0236     might_sleep();
0237
0238     if (!key || !key->local->ops->set_key)
0239         return;
0240
0241     assert_key_lock(key->local);
0242
0243     if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
0244         return;
0245
0246     sta = key->sta;
0247     sdata = key->sdata;
0248
0249     if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
0250                  IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
0251                  IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
0252         increment_tailroom_need_count(sdata);
0253
0254     key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
0255     ret = drv_set_key(key->local, DISABLE_KEY, sdata,
0256               sta ? &sta->sta : NULL, &key->conf);
0257
0258     if (ret)
0259         sdata_err(sdata,
0260               "failed to remove key (%d, %pM) from hardware (%d)\n",
0261               key->conf.keyidx,
0262               sta ? sta->sta.addr : bcast_addr, ret);
0263 }
0264
0265 static int _ieee80211_set_tx_key(struct ieee80211_key *key, bool force)
0266 {
0267     struct sta_info *sta = key->sta;
0268     struct ieee80211_local *local = key->local;
0269
0270     assert_key_lock(local);
0271
0272     set_sta_flag(sta, WLAN_STA_USES_ENCRYPTION);
0273
0274     sta->ptk_idx = key->conf.keyidx;
0275
0276     if (force || !ieee80211_hw_check(&local->hw, AMPDU_KEYBORDER_SUPPORT))
0277         clear_sta_flag(sta, WLAN_STA_BLOCK_BA);
0278     ieee80211_check_fast_xmit(sta);
0279
0280     return 0;
0281 }
0282
0283 int ieee80211_set_tx_key(struct ieee80211_key *key)
0284 {
0285     return _ieee80211_set_tx_key(key, false);
0286 }
0287
0288 static void ieee80211_pairwise_rekey(struct ieee80211_key *old,
0289                      struct ieee80211_key *new)
0290 {
0291     struct ieee80211_local *local = new->local;
0292     struct sta_info *sta = new->sta;
0293     int i;
0294
0295     assert_key_lock(local);
0296
0297     if (new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX) {
0298         /* Extended Key ID key install, initial one or rekey */
0299
0300         if (sta->ptk_idx != INVALID_PTK_KEYIDX &&
0301             !ieee80211_hw_check(&local->hw, AMPDU_KEYBORDER_SUPPORT)) {
0302             /* Aggregation Sessions with Extended Key ID must not
0303              * mix MPDUs with different keyIDs within one A-MPDU.
0304              * Tear down running Tx aggregation sessions and block
0305              * new Rx/Tx aggregation requests during rekey to
0306              * ensure there are no A-MPDUs when the driver is not
0307              * supporting A-MPDU key borders. (Blocking Tx only
0308              * would be sufficient but WLAN_STA_BLOCK_BA gets the
0309              * job done for the few ms we need it.)
0310              */
0311             set_sta_flag(sta, WLAN_STA_BLOCK_BA);
0312             mutex_lock(&sta->ampdu_mlme.mtx);
0313             for (i = 0; i <  IEEE80211_NUM_TIDS; i++)
0314                 ___ieee80211_stop_tx_ba_session(sta, i,
0315                                 AGG_STOP_LOCAL_REQUEST);
0316             mutex_unlock(&sta->ampdu_mlme.mtx);
0317         }
0318     } else if (old) {
0319         /* Rekey without Extended Key ID.
0320          * Aggregation sessions are OK when running on SW crypto.
0321          * A broken remote STA may cause issues not observed with HW
0322          * crypto, though.
0323          */
0324         if (!(old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
0325             return;
0326
0327         /* Stop Tx till we are on the new key */
0328         old->flags |= KEY_FLAG_TAINTED;
0329         ieee80211_clear_fast_xmit(sta);
0330         if (ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION)) {
0331             set_sta_flag(sta, WLAN_STA_BLOCK_BA);
0332             ieee80211_sta_tear_down_BA_sessions(sta,
0333                                 AGG_STOP_LOCAL_REQUEST);
0334         }
0335         if (!wiphy_ext_feature_isset(local->hw.wiphy,
0336                          NL80211_EXT_FEATURE_CAN_REPLACE_PTK0)) {
0337             pr_warn_ratelimited("Rekeying PTK for STA %pM but driver can't safely do that.",
0338                         sta->sta.addr);
0339             /* Flushing the driver queues *may* help prevent
0340              * the clear text leaks and freezes.
0341              */
0342             ieee80211_flush_queues(local, old->sdata, false);
0343         }
0344     }
0345 }
0346
0347 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
0348                     int idx, bool uni, bool multi)
0349 {
0350     struct ieee80211_key *key = NULL;
0351
0352     assert_key_lock(sdata->local);
0353
0354     if (idx >= 0 && idx < NUM_DEFAULT_KEYS) {
0355         key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
0356         if (!key)
0357             key = key_mtx_dereference(sdata->local, sdata->deflink.gtk[idx]);
0358     }
0359
0360     if (uni) {
0361         rcu_assign_pointer(sdata->default_unicast_key, key);
0362         ieee80211_check_fast_xmit_iface(sdata);
0363         if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN)
0364             drv_set_default_unicast_key(sdata->local, sdata, idx);
0365     }
0366
0367     if (multi)
0368         rcu_assign_pointer(sdata->deflink.default_multicast_key, key);
0369
0370     ieee80211_debugfs_key_update_default(sdata);
0371 }
0372
0373 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
0374                    bool uni, bool multi)
0375 {
0376     mutex_lock(&sdata->local->key_mtx);
0377     __ieee80211_set_default_key(sdata, idx, uni, multi);
0378     mutex_unlock(&sdata->local->key_mtx);
0379 }
0380
0381 static void
0382 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
0383 {
0384     struct ieee80211_key *key = NULL;
0385
0386     assert_key_lock(sdata->local);
0387
0388     if (idx >= NUM_DEFAULT_KEYS &&
0389         idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
0390         key = key_mtx_dereference(sdata->local,
0391                       sdata->deflink.gtk[idx]);
0392
0393     rcu_assign_pointer(sdata->deflink.default_mgmt_key, key);
0394
0395     ieee80211_debugfs_key_update_default(sdata);
0396 }
0397
0398 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
0399                     int idx)
0400 {
0401     mutex_lock(&sdata->local->key_mtx);
0402     __ieee80211_set_default_mgmt_key(sdata, idx);
0403     mutex_unlock(&sdata->local->key_mtx);
0404 }
0405
0406 static void
0407 __ieee80211_set_default_beacon_key(struct ieee80211_sub_if_data *sdata, int idx)
0408 {
0409     struct ieee80211_key *key = NULL;
0410
0411     assert_key_lock(sdata->local);
0412
0413     if (idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS &&
0414         idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS +
0415         NUM_DEFAULT_BEACON_KEYS)
0416         key = key_mtx_dereference(sdata->local,
0417                       sdata->deflink.gtk[idx]);
0418
0419     rcu_assign_pointer(sdata->deflink.default_beacon_key, key);
0420
0421     ieee80211_debugfs_key_update_default(sdata);
0422 }
0423
0424 void ieee80211_set_default_beacon_key(struct ieee80211_sub_if_data *sdata,
0425                       int idx)
0426 {
0427     mutex_lock(&sdata->local->key_mtx);
0428     __ieee80211_set_default_beacon_key(sdata, idx);
0429     mutex_unlock(&sdata->local->key_mtx);
0430 }
0431
0432 static int ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
0433                   struct sta_info *sta,
0434                   bool pairwise,
0435                   struct ieee80211_key *old,
0436                   struct ieee80211_key *new)
0437 {
0438     int idx;
0439     int ret = 0;
0440     bool defunikey, defmultikey, defmgmtkey, defbeaconkey;
0441     bool is_wep;
0442
0443     /* caller must provide at least one old/new */
0444     if (WARN_ON(!new && !old))
0445         return 0;
0446
0447     if (new) {
0448         idx = new->conf.keyidx;
0449         list_add_tail_rcu(&new->list, &sdata->key_list);
0450         is_wep = new->conf.cipher == WLAN_CIPHER_SUITE_WEP40 ||
0451              new->conf.cipher == WLAN_CIPHER_SUITE_WEP104;
0452     } else {
0453         idx = old->conf.keyidx;
0454         is_wep = old->conf.cipher == WLAN_CIPHER_SUITE_WEP40 ||
0455              old->conf.cipher == WLAN_CIPHER_SUITE_WEP104;
0456     }
0457
0458     if ((is_wep || pairwise) && idx >= NUM_DEFAULT_KEYS)
0459         return -EINVAL;
0460
0461     WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
0462
0463     if (new && sta && pairwise) {
0464         /* Unicast rekey needs special handling. With Extended Key ID
0465          * old is still NULL for the first rekey.
0466          */
0467         ieee80211_pairwise_rekey(old, new);
0468     }
0469
0470     if (old) {
0471         if (old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
0472             ieee80211_key_disable_hw_accel(old);
0473
0474             if (new)
0475                 ret = ieee80211_key_enable_hw_accel(new);
0476         }
0477     } else {
0478         if (!new->local->wowlan)
0479             ret = ieee80211_key_enable_hw_accel(new);
0480     }
0481
0482     if (ret)
0483         return ret;
0484
0485     if (sta) {
0486         if (pairwise) {
0487             rcu_assign_pointer(sta->ptk[idx], new);
0488             if (new &&
0489                 !(new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX))
0490                 _ieee80211_set_tx_key(new, true);
0491         } else {
0492             rcu_assign_pointer(sta->deflink.gtk[idx], new);
0493         }
0494         /* Only needed for transition from no key -> key.
0495          * Still triggers unnecessary when using Extended Key ID
0496          * and installing the second key ID the first time.
0497          */
0498         if (new && !old)
0499             ieee80211_check_fast_rx(sta);
0500     } else {
0501         defunikey = old &&
0502             old == key_mtx_dereference(sdata->local,
0503                         sdata->default_unicast_key);
0504         defmultikey = old &&
0505             old == key_mtx_dereference(sdata->local,
0506                         sdata->deflink.default_multicast_key);
0507         defmgmtkey = old &&
0508             old == key_mtx_dereference(sdata->local,
0509                         sdata->deflink.default_mgmt_key);
0510         defbeaconkey = old &&
0511             old == key_mtx_dereference(sdata->local,
0512                            sdata->deflink.default_beacon_key);
0513
0514         if (defunikey && !new)
0515             __ieee80211_set_default_key(sdata, -1, true, false);
0516         if (defmultikey && !new)
0517             __ieee80211_set_default_key(sdata, -1, false, true);
0518         if (defmgmtkey && !new)
0519             __ieee80211_set_default_mgmt_key(sdata, -1);
0520         if (defbeaconkey && !new)
0521             __ieee80211_set_default_beacon_key(sdata, -1);
0522
0523         if (is_wep || pairwise)
0524             rcu_assign_pointer(sdata->keys[idx], new);
0525         else
0526             rcu_assign_pointer(sdata->deflink.gtk[idx], new);
0527
0528         if (defunikey && new)
0529             __ieee80211_set_default_key(sdata, new->conf.keyidx,
0530                             true, false);
0531         if (defmultikey && new)
0532             __ieee80211_set_default_key(sdata, new->conf.keyidx,
0533                             false, true);
0534         if (defmgmtkey && new)
0535             __ieee80211_set_default_mgmt_key(sdata,
0536                              new->conf.keyidx);
0537         if (defbeaconkey && new)
0538             __ieee80211_set_default_beacon_key(sdata,
0539                                new->conf.keyidx);
0540     }
0541
0542     if (old)
0543         list_del_rcu(&old->list);
0544
0545     return 0;
0546 }
0547
0548 struct ieee80211_key *
0549 ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
0550             const u8 *key_data,
0551             size_t seq_len, const u8 *seq)
0552 {
0553     struct ieee80211_key *key;
0554     int i, j, err;
0555
0556     if (WARN_ON(idx < 0 ||
0557             idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS +
0558             NUM_DEFAULT_BEACON_KEYS))
0559         return ERR_PTR(-EINVAL);
0560
0561     key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
0562     if (!key)
0563         return ERR_PTR(-ENOMEM);
0564
0565     /*
0566      * Default to software encryption; we'll later upload the
0567      * key to the hardware if possible.
0568      */
0569     key->conf.flags = 0;
0570     key->flags = 0;
0571
0572     key->conf.cipher = cipher;
0573     key->conf.keyidx = idx;
0574     key->conf.keylen = key_len;
0575     switch (cipher) {
0576     case WLAN_CIPHER_SUITE_WEP40:
0577     case WLAN_CIPHER_SUITE_WEP104:
0578         key->conf.iv_len = IEEE80211_WEP_IV_LEN;
0579         key->conf.icv_len = IEEE80211_WEP_ICV_LEN;
0580         break;
0581     case WLAN_CIPHER_SUITE_TKIP:
0582         key->conf.iv_len = IEEE80211_TKIP_IV_LEN;
0583         key->conf.icv_len = IEEE80211_TKIP_ICV_LEN;
0584         if (seq) {
0585             for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
0586                 key->u.tkip.rx[i].iv32 =
0587                     get_unaligned_le32(&seq[2]);
0588                 key->u.tkip.rx[i].iv16 =
0589                     get_unaligned_le16(seq);
0590             }
0591         }
0592         spin_lock_init(&key->u.tkip.txlock);
0593         break;
0594     case WLAN_CIPHER_SUITE_CCMP:
0595         key->conf.iv_len = IEEE80211_CCMP_HDR_LEN;
0596         key->conf.icv_len = IEEE80211_CCMP_MIC_LEN;
0597         if (seq) {
0598             for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
0599                 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++)
0600                     key->u.ccmp.rx_pn[i][j] =
0601                         seq[IEEE80211_CCMP_PN_LEN - j - 1];
0602         }
0603         /*
0604          * Initialize AES key state here as an optimization so that
0605          * it does not need to be initialized for every packet.
0606          */
0607         key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
0608             key_data, key_len, IEEE80211_CCMP_MIC_LEN);
0609         if (IS_ERR(key->u.ccmp.tfm)) {
0610             err = PTR_ERR(key->u.ccmp.tfm);
0611             kfree(key);
0612             return ERR_PTR(err);
0613         }
0614         break;
0615     case WLAN_CIPHER_SUITE_CCMP_256:
0616         key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN;
0617         key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN;
0618         for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
0619             for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++)
0620                 key->u.ccmp.rx_pn[i][j] =
0621                     seq[IEEE80211_CCMP_256_PN_LEN - j - 1];
0622         /* Initialize AES key state here as an optimization so that
0623          * it does not need to be initialized for every packet.
0624          */
0625         key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
0626             key_data, key_len, IEEE80211_CCMP_256_MIC_LEN);
0627         if (IS_ERR(key->u.ccmp.tfm)) {
0628             err = PTR_ERR(key->u.ccmp.tfm);
0629             kfree(key);
0630             return ERR_PTR(err);
0631         }
0632         break;
0633     case WLAN_CIPHER_SUITE_AES_CMAC:
0634     case WLAN_CIPHER_SUITE_BIP_CMAC_256:
0635         key->conf.iv_len = 0;
0636         if (cipher == WLAN_CIPHER_SUITE_AES_CMAC)
0637             key->conf.icv_len = sizeof(struct ieee80211_mmie);
0638         else
0639             key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
0640         if (seq)
0641             for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
0642                 key->u.aes_cmac.rx_pn[j] =
0643                     seq[IEEE80211_CMAC_PN_LEN - j - 1];
0644         /*
0645          * Initialize AES key state here as an optimization so that
0646          * it does not need to be initialized for every packet.
0647          */
0648         key->u.aes_cmac.tfm =
0649             ieee80211_aes_cmac_key_setup(key_data, key_len);
0650         if (IS_ERR(key->u.aes_cmac.tfm)) {
0651             err = PTR_ERR(key->u.aes_cmac.tfm);
0652             kfree(key);
0653             return ERR_PTR(err);
0654         }
0655         break;
0656     case WLAN_CIPHER_SUITE_BIP_GMAC_128:
0657     case WLAN_CIPHER_SUITE_BIP_GMAC_256:
0658         key->conf.iv_len = 0;
0659         key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
0660         if (seq)
0661             for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++)
0662                 key->u.aes_gmac.rx_pn[j] =
0663                     seq[IEEE80211_GMAC_PN_LEN - j - 1];
0664         /* Initialize AES key state here as an optimization so that
0665          * it does not need to be initialized for every packet.
0666          */
0667         key->u.aes_gmac.tfm =
0668             ieee80211_aes_gmac_key_setup(key_data, key_len);
0669         if (IS_ERR(key->u.aes_gmac.tfm)) {
0670             err = PTR_ERR(key->u.aes_gmac.tfm);
0671             kfree(key);
0672             return ERR_PTR(err);
0673         }
0674         break;
0675     case WLAN_CIPHER_SUITE_GCMP:
0676     case WLAN_CIPHER_SUITE_GCMP_256:
0677         key->conf.iv_len = IEEE80211_GCMP_HDR_LEN;
0678         key->conf.icv_len = IEEE80211_GCMP_MIC_LEN;
0679         for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
0680             for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++)
0681                 key->u.gcmp.rx_pn[i][j] =
0682                     seq[IEEE80211_GCMP_PN_LEN - j - 1];
0683         /* Initialize AES key state here as an optimization so that
0684          * it does not need to be initialized for every packet.
0685          */
0686         key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data,
0687                                       key_len);
0688         if (IS_ERR(key->u.gcmp.tfm)) {
0689             err = PTR_ERR(key->u.gcmp.tfm);
0690             kfree(key);
0691             return ERR_PTR(err);
0692         }
0693         break;
0694     }
0695     memcpy(key->conf.key, key_data, key_len);
0696     INIT_LIST_HEAD(&key->list);
0697
0698     return key;
0699 }
0700
0701 static void ieee80211_key_free_common(struct ieee80211_key *key)
0702 {
0703     switch (key->conf.cipher) {
0704     case WLAN_CIPHER_SUITE_CCMP:
0705     case WLAN_CIPHER_SUITE_CCMP_256:
0706         ieee80211_aes_key_free(key->u.ccmp.tfm);
0707         break;
0708     case WLAN_CIPHER_SUITE_AES_CMAC:
0709     case WLAN_CIPHER_SUITE_BIP_CMAC_256:
0710         ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
0711         break;
0712     case WLAN_CIPHER_SUITE_BIP_GMAC_128:
0713     case WLAN_CIPHER_SUITE_BIP_GMAC_256:
0714         ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm);
0715         break;
0716     case WLAN_CIPHER_SUITE_GCMP:
0717     case WLAN_CIPHER_SUITE_GCMP_256:
0718         ieee80211_aes_gcm_key_free(key->u.gcmp.tfm);
0719         break;
0720     }
0721     kfree_sensitive(key);
0722 }
0723
0724 static void __ieee80211_key_destroy(struct ieee80211_key *key,
0725                     bool delay_tailroom)
0726 {
0727     if (key->local) {
0728         struct ieee80211_sub_if_data *sdata = key->sdata;
0729
0730         ieee80211_debugfs_key_remove(key);
0731
0732         if (delay_tailroom) {
0733             /* see ieee80211_delayed_tailroom_dec */
0734             sdata->crypto_tx_tailroom_pending_dec++;
0735             schedule_delayed_work(&sdata->dec_tailroom_needed_wk,
0736                           HZ/2);
0737         } else {
0738             decrease_tailroom_need_count(sdata, 1);
0739         }
0740     }
0741
0742     ieee80211_key_free_common(key);
0743 }
0744
0745 static void ieee80211_key_destroy(struct ieee80211_key *key,
0746                   bool delay_tailroom)
0747 {
0748     if (!key)
0749         return;
0750
0751     /*
0752      * Synchronize so the TX path and rcu key iterators
0753      * can no longer be using this key before we free/remove it.
0754      */
0755     synchronize_net();
0756
0757     __ieee80211_key_destroy(key, delay_tailroom);
0758 }
0759
0760 void ieee80211_key_free_unused(struct ieee80211_key *key)
0761 {
0762     WARN_ON(key->sdata || key->local);
0763     ieee80211_key_free_common(key);
0764 }
0765
0766 static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata,
0767                     struct ieee80211_key *old,
0768                     struct ieee80211_key *new)
0769 {
0770     u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP];
0771     u8 *tk_old, *tk_new;
0772
0773     if (!old || new->conf.keylen != old->conf.keylen)
0774         return false;
0775
0776     tk_old = old->conf.key;
0777     tk_new = new->conf.key;
0778
0779     /*
0780      * In station mode, don't compare the TX MIC key, as it's never used
0781      * and offloaded rekeying may not care to send it to the host. This
0782      * is the case in iwlwifi, for example.
0783      */
0784     if (sdata->vif.type == NL80211_IFTYPE_STATION &&
0785         new->conf.cipher == WLAN_CIPHER_SUITE_TKIP &&
0786         new->conf.keylen == WLAN_KEY_LEN_TKIP &&
0787         !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
0788         memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP);
0789         memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP);
0790         memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
0791         memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
0792         tk_old = tkip_old;
0793         tk_new = tkip_new;
0794     }
0795
0796     return !crypto_memneq(tk_old, tk_new, new->conf.keylen);
0797 }
0798
0799 int ieee80211_key_link(struct ieee80211_key *key,
0800                struct ieee80211_sub_if_data *sdata,
0801                struct sta_info *sta)
0802 {
0803     static atomic_t key_color = ATOMIC_INIT(0);
0804     struct ieee80211_key *old_key = NULL;
0805     int idx = key->conf.keyidx;
0806     bool pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
0807     /*
0808      * We want to delay tailroom updates only for station - in that
0809      * case it helps roaming speed, but in other cases it hurts and
0810      * can cause warnings to appear.
0811      */
0812     bool delay_tailroom = sdata->vif.type == NL80211_IFTYPE_STATION;
0813     int ret = -EOPNOTSUPP;
0814
0815     mutex_lock(&sdata->local->key_mtx);
0816
0817     if (sta && pairwise) {
0818         struct ieee80211_key *alt_key;
0819
0820         old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]);
0821         alt_key = key_mtx_dereference(sdata->local, sta->ptk[idx ^ 1]);
0822
0823         /* The rekey code assumes that the old and new key are using
0824          * the same cipher. Enforce the assumption for pairwise keys.
0825          */
0826         if ((alt_key && alt_key->conf.cipher != key->conf.cipher) ||
0827             (old_key && old_key->conf.cipher != key->conf.cipher))
0828             goto out;
0829     } else if (sta) {
0830         old_key = key_mtx_dereference(sdata->local,
0831                           sta->deflink.gtk[idx]);
0832     } else {
0833         if (idx < NUM_DEFAULT_KEYS)
0834             old_key = key_mtx_dereference(sdata->local,
0835                               sdata->keys[idx]);
0836         if (!old_key)
0837             old_key = key_mtx_dereference(sdata->local,
0838                               sdata->deflink.gtk[idx]);
0839     }
0840
0841     /* Non-pairwise keys must also not switch the cipher on rekey */
0842     if (!pairwise) {
0843         if (old_key && old_key->conf.cipher != key->conf.cipher)
0844             goto out;
0845     }
0846
0847     /*
0848      * Silently accept key re-installation without really installing the
0849      * new version of the key to avoid nonce reuse or replay issues.
0850      */
0851     if (ieee80211_key_identical(sdata, old_key, key)) {
0852         ieee80211_key_free_unused(key);
0853         ret = 0;
0854         goto out;
0855     }
0856
0857     key->local = sdata->local;
0858     key->sdata = sdata;
0859     key->sta = sta;
0860
0861     /*
0862      * Assign a unique ID to every key so we can easily prevent mixed
0863      * key and fragment cache attacks.
0864      */
0865     key->color = atomic_inc_return(&key_color);
0866
0867     increment_tailroom_need_count(sdata);
0868
0869     ret = ieee80211_key_replace(sdata, sta, pairwise, old_key, key);
0870
0871     if (!ret) {
0872         ieee80211_debugfs_key_add(key);
0873         ieee80211_key_destroy(old_key, delay_tailroom);
0874     } else {
0875         ieee80211_key_free(key, delay_tailroom);
0876     }
0877
0878  out:
0879     mutex_unlock(&sdata->local->key_mtx);
0880
0881     return ret;
0882 }
0883
0884 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom)
0885 {
0886     if (!key)
0887         return;
0888
0889     /*
0890      * Replace key with nothingness if it was ever used.
0891      */
0892     if (key->sdata)
0893         ieee80211_key_replace(key->sdata, key->sta,
0894                 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
0895                 key, NULL);
0896     ieee80211_key_destroy(key, delay_tailroom);
0897 }
0898
0899 void ieee80211_reenable_keys(struct ieee80211_sub_if_data *sdata)
0900 {
0901     struct ieee80211_key *key;
0902     struct ieee80211_sub_if_data *vlan;
0903
0904     lockdep_assert_wiphy(sdata->local->hw.wiphy);
0905
0906     mutex_lock(&sdata->local->key_mtx);
0907
0908     sdata->crypto_tx_tailroom_needed_cnt = 0;
0909     sdata->crypto_tx_tailroom_pending_dec = 0;
0910
0911     if (sdata->vif.type == NL80211_IFTYPE_AP) {
0912         list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) {
0913             vlan->crypto_tx_tailroom_needed_cnt = 0;
0914             vlan->crypto_tx_tailroom_pending_dec = 0;
0915         }
0916     }
0917
0918     if (ieee80211_sdata_running(sdata)) {
0919         list_for_each_entry(key, &sdata->key_list, list) {
0920             increment_tailroom_need_count(sdata);
0921             ieee80211_key_enable_hw_accel(key);
0922         }
0923     }
0924
0925     mutex_unlock(&sdata->local->key_mtx);
0926 }
0927
0928 void ieee80211_iter_keys(struct ieee80211_hw *hw,
0929              struct ieee80211_vif *vif,
0930              void (*iter)(struct ieee80211_hw *hw,
0931                       struct ieee80211_vif *vif,
0932                       struct ieee80211_sta *sta,
0933                       struct ieee80211_key_conf *key,
0934                       void *data),
0935              void *iter_data)
0936 {
0937     struct ieee80211_local *local = hw_to_local(hw);
0938     struct ieee80211_key *key, *tmp;
0939     struct ieee80211_sub_if_data *sdata;
0940
0941     lockdep_assert_wiphy(hw->wiphy);
0942
0943     mutex_lock(&local->key_mtx);
0944     if (vif) {
0945         sdata = vif_to_sdata(vif);
0946         list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
0947             iter(hw, &sdata->vif,
0948                  key->sta ? &key->sta->sta : NULL,
0949                  &key->conf, iter_data);
0950     } else {
0951         list_for_each_entry(sdata, &local->interfaces, list)
0952             list_for_each_entry_safe(key, tmp,
0953                          &sdata->key_list, list)
0954                 iter(hw, &sdata->vif,
0955                      key->sta ? &key->sta->sta : NULL,
0956                      &key->conf, iter_data);
0957     }
0958     mutex_unlock(&local->key_mtx);
0959 }
0960 EXPORT_SYMBOL(ieee80211_iter_keys);
0961
0962 static void
0963 _ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
0964              struct ieee80211_sub_if_data *sdata,
0965              void (*iter)(struct ieee80211_hw *hw,
0966                       struct ieee80211_vif *vif,
0967                       struct ieee80211_sta *sta,
0968                       struct ieee80211_key_conf *key,
0969                       void *data),
0970              void *iter_data)
0971 {
0972     struct ieee80211_key *key;
0973
0974     list_for_each_entry_rcu(key, &sdata->key_list, list) {
0975         /* skip keys of station in removal process */
0976         if (key->sta && key->sta->removed)
0977             continue;
0978         if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
0979             continue;
0980
0981         iter(hw, &sdata->vif,
0982              key->sta ? &key->sta->sta : NULL,
0983              &key->conf, iter_data);
0984     }
0985 }
0986
0987 void ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
0988                  struct ieee80211_vif *vif,
0989                  void (*iter)(struct ieee80211_hw *hw,
0990                       struct ieee80211_vif *vif,
0991                       struct ieee80211_sta *sta,
0992                       struct ieee80211_key_conf *key,
0993                       void *data),
0994                  void *iter_data)
0995 {
0996     struct ieee80211_local *local = hw_to_local(hw);
0997     struct ieee80211_sub_if_data *sdata;
0998
0999     if (vif) {
1000         sdata = vif_to_sdata(vif);
1001         _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
1002     } else {
1003         list_for_each_entry_rcu(sdata, &local->interfaces, list)
1004             _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
1005     }
1006 }
1007 EXPORT_SYMBOL(ieee80211_iter_keys_rcu);
1008
1009 static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata,
1010                       struct list_head *keys)
1011 {
1012     struct ieee80211_key *key, *tmp;
1013
1014     decrease_tailroom_need_count(sdata,
1015                      sdata->crypto_tx_tailroom_pending_dec);
1016     sdata->crypto_tx_tailroom_pending_dec = 0;
1017
1018     ieee80211_debugfs_key_remove_mgmt_default(sdata);
1019     ieee80211_debugfs_key_remove_beacon_default(sdata);
1020
1021     list_for_each_entry_safe(key, tmp, &sdata->key_list, list) {
1022         ieee80211_key_replace(key->sdata, key->sta,
1023                 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
1024                 key, NULL);
1025         list_add_tail(&key->list, keys);
1026     }
1027
1028     ieee80211_debugfs_key_update_default(sdata);
1029 }
1030
1031 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata,
1032              bool force_synchronize)
1033 {
1034     struct ieee80211_local *local = sdata->local;
1035     struct ieee80211_sub_if_data *vlan;
1036     struct ieee80211_sub_if_data *master;
1037     struct ieee80211_key *key, *tmp;
1038     LIST_HEAD(keys);
1039
1040     cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk);
1041
1042     mutex_lock(&local->key_mtx);
1043
1044     ieee80211_free_keys_iface(sdata, &keys);
1045
1046     if (sdata->vif.type == NL80211_IFTYPE_AP) {
1047         list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
1048             ieee80211_free_keys_iface(vlan, &keys);
1049     }
1050
1051     if (!list_empty(&keys) || force_synchronize)
1052         synchronize_net();
1053     list_for_each_entry_safe(key, tmp, &keys, list)
1054         __ieee80211_key_destroy(key, false);
1055
1056     if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
1057         if (sdata->bss) {
1058             master = container_of(sdata->bss,
1059                           struct ieee80211_sub_if_data,
1060                           u.ap);
1061
1062             WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt !=
1063                      master->crypto_tx_tailroom_needed_cnt);
1064         }
1065     } else {
1066         WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
1067                  sdata->crypto_tx_tailroom_pending_dec);
1068     }
1069
1070     if (sdata->vif.type == NL80211_IFTYPE_AP) {
1071         list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
1072             WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
1073                      vlan->crypto_tx_tailroom_pending_dec);
1074     }
1075
1076     mutex_unlock(&local->key_mtx);
1077 }
1078
1079 void ieee80211_free_sta_keys(struct ieee80211_local *local,
1080                  struct sta_info *sta)
1081 {
1082     struct ieee80211_key *key;
1083     int i;
1084
1085     mutex_lock(&local->key_mtx);
1086     for (i = 0; i < ARRAY_SIZE(sta->deflink.gtk); i++) {
1087         key = key_mtx_dereference(local, sta->deflink.gtk[i]);
1088         if (!key)
1089             continue;
1090         ieee80211_key_replace(key->sdata, key->sta,
1091                 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
1092                 key, NULL);
1093         __ieee80211_key_destroy(key, key->sdata->vif.type ==
1094                     NL80211_IFTYPE_STATION);
1095     }
1096
1097     for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1098         key = key_mtx_dereference(local, sta->ptk[i]);
1099         if (!key)
1100             continue;
1101         ieee80211_key_replace(key->sdata, key->sta,
1102                 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
1103                 key, NULL);
1104         __ieee80211_key_destroy(key, key->sdata->vif.type ==
1105                     NL80211_IFTYPE_STATION);
1106     }
1107
1108     mutex_unlock(&local->key_mtx);
1109 }
1110
1111 void ieee80211_delayed_tailroom_dec(struct work_struct *wk)
1112 {
1113     struct ieee80211_sub_if_data *sdata;
1114
1115     sdata = container_of(wk, struct ieee80211_sub_if_data,
1116                  dec_tailroom_needed_wk.work);
1117
1118     /*
1119      * The reason for the delayed tailroom needed decrementing is to
1120      * make roaming faster: during roaming, all keys are first deleted
1121      * and then new keys are installed. The first new key causes the
1122      * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes
1123      * the cost of synchronize_net() (which can be slow). Avoid this
1124      * by deferring the crypto_tx_tailroom_needed_cnt decrementing on
1125      * key removal for a while, so if we roam the value is larger than
1126      * zero and no 0->1 transition happens.
1127      *
1128      * The cost is that if the AP switching was from an AP with keys
1129      * to one without, we still allocate tailroom while it would no
1130      * longer be needed. However, in the typical (fast) roaming case
1131      * within an ESS this usually won't happen.
1132      */
1133
1134     mutex_lock(&sdata->local->key_mtx);
1135     decrease_tailroom_need_count(sdata,
1136                      sdata->crypto_tx_tailroom_pending_dec);
1137     sdata->crypto_tx_tailroom_pending_dec = 0;
1138     mutex_unlock(&sdata->local->key_mtx);
1139 }
1140
1141 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid,
1142                 const u8 *replay_ctr, gfp_t gfp)
1143 {
1144     struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1145
1146     trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr);
1147
1148     cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp);
1149 }
1150 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify);
1151
1152 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
1153                   int tid, struct ieee80211_key_seq *seq)
1154 {
1155     struct ieee80211_key *key;
1156     const u8 *pn;
1157
1158     key = container_of(keyconf, struct ieee80211_key, conf);
1159
1160     switch (key->conf.cipher) {
1161     case WLAN_CIPHER_SUITE_TKIP:
1162         if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1163             return;
1164         seq->tkip.iv32 = key->u.tkip.rx[tid].iv32;
1165         seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
1166         break;
1167     case WLAN_CIPHER_SUITE_CCMP:
1168     case WLAN_CIPHER_SUITE_CCMP_256:
1169         if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1170             return;
1171         if (tid < 0)
1172             pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1173         else
1174             pn = key->u.ccmp.rx_pn[tid];
1175         memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
1176         break;
1177     case WLAN_CIPHER_SUITE_AES_CMAC:
1178     case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1179         if (WARN_ON(tid != 0))
1180             return;
1181         pn = key->u.aes_cmac.rx_pn;
1182         memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
1183         break;
1184     case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1185     case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1186         if (WARN_ON(tid != 0))
1187             return;
1188         pn = key->u.aes_gmac.rx_pn;
1189         memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN);
1190         break;
1191     case WLAN_CIPHER_SUITE_GCMP:
1192     case WLAN_CIPHER_SUITE_GCMP_256:
1193         if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1194             return;
1195         if (tid < 0)
1196             pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1197         else
1198             pn = key->u.gcmp.rx_pn[tid];
1199         memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN);
1200         break;
1201     }
1202 }
1203 EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
1204
1205 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
1206                   int tid, struct ieee80211_key_seq *seq)
1207 {
1208     struct ieee80211_key *key;
1209     u8 *pn;
1210
1211     key = container_of(keyconf, struct ieee80211_key, conf);
1212
1213     switch (key->conf.cipher) {
1214     case WLAN_CIPHER_SUITE_TKIP:
1215         if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1216             return;
1217         key->u.tkip.rx[tid].iv32 = seq->tkip.iv32;
1218         key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
1219         break;
1220     case WLAN_CIPHER_SUITE_CCMP:
1221     case WLAN_CIPHER_SUITE_CCMP_256:
1222         if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1223             return;
1224         if (tid < 0)
1225             pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1226         else
1227             pn = key->u.ccmp.rx_pn[tid];
1228         memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
1229         break;
1230     case WLAN_CIPHER_SUITE_AES_CMAC:
1231     case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1232         if (WARN_ON(tid != 0))
1233             return;
1234         pn = key->u.aes_cmac.rx_pn;
1235         memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
1236         break;
1237     case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1238     case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1239         if (WARN_ON(tid != 0))
1240             return;
1241         pn = key->u.aes_gmac.rx_pn;
1242         memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN);
1243         break;
1244     case WLAN_CIPHER_SUITE_GCMP:
1245     case WLAN_CIPHER_SUITE_GCMP_256:
1246         if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1247             return;
1248         if (tid < 0)
1249             pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1250         else
1251             pn = key->u.gcmp.rx_pn[tid];
1252         memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN);
1253         break;
1254     default:
1255         WARN_ON(1);
1256         break;
1257     }
1258 }
1259 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq);
1260
1261 void ieee80211_remove_key(struct ieee80211_key_conf *keyconf)
1262 {
1263     struct ieee80211_key *key;
1264
1265     key = container_of(keyconf, struct ieee80211_key, conf);
1266
1267     assert_key_lock(key->local);
1268
1269     /*
1270      * if key was uploaded, we assume the driver will/has remove(d)
1271      * it, so adjust bookkeeping accordingly
1272      */
1273     if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
1274         key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
1275
1276         if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
1277                      IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
1278                      IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
1279             increment_tailroom_need_count(key->sdata);
1280     }
1281
1282     ieee80211_key_free(key, false);
1283 }
1284 EXPORT_SYMBOL_GPL(ieee80211_remove_key);
1285
1286 struct ieee80211_key_conf *
1287 ieee80211_gtk_rekey_add(struct ieee80211_vif *vif,
1288             struct ieee80211_key_conf *keyconf)
1289 {
1290     struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1291     struct ieee80211_local *local = sdata->local;
1292     struct ieee80211_key *key;
1293     int err;
1294
1295     if (WARN_ON(!local->wowlan))
1296         return ERR_PTR(-EINVAL);
1297
1298     if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
1299         return ERR_PTR(-EINVAL);
1300
1301     key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx,
1302                   keyconf->keylen, keyconf->key,
1303                   0, NULL);
1304     if (IS_ERR(key))
1305         return ERR_CAST(key);
1306
1307     if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
1308         key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
1309
1310     err = ieee80211_key_link(key, sdata, NULL);
1311     if (err)
1312         return ERR_PTR(err);
1313
1314     return &key->conf;
1315 }
1316 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add);
1317
1318 void ieee80211_key_mic_failure(struct ieee80211_key_conf *keyconf)
1319 {
1320     struct ieee80211_key *key;
1321
1322     key = container_of(keyconf, struct ieee80211_key, conf);
1323
1324     switch (key->conf.cipher) {
1325     case WLAN_CIPHER_SUITE_AES_CMAC:
1326     case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1327         key->u.aes_cmac.icverrors++;
1328         break;
1329     case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1330     case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1331         key->u.aes_gmac.icverrors++;
1332         break;
1333     default:
1334         /* ignore the others for now, we don't keep counters now */
1335         break;
1336     }
1337 }
1338 EXPORT_SYMBOL_GPL(ieee80211_key_mic_failure);
1339
1340 void ieee80211_key_replay(struct ieee80211_key_conf *keyconf)
1341 {
1342     struct ieee80211_key *key;
1343
1344     key = container_of(keyconf, struct ieee80211_key, conf);
1345
1346     switch (key->conf.cipher) {
1347     case WLAN_CIPHER_SUITE_CCMP:
1348     case WLAN_CIPHER_SUITE_CCMP_256:
1349         key->u.ccmp.replays++;
1350         break;
1351     case WLAN_CIPHER_SUITE_AES_CMAC:
1352     case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1353         key->u.aes_cmac.replays++;
1354         break;
1355     case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1356     case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1357         key->u.aes_gmac.replays++;
1358         break;
1359     case WLAN_CIPHER_SUITE_GCMP:
1360     case WLAN_CIPHER_SUITE_GCMP_256:
1361         key->u.gcmp.replays++;
1362         break;
1363     }
1364 }
1365 EXPORT_SYMBOL_GPL(ieee80211_key_replay);