1 // SPDX-License-Identifier: GPL-2.0-only
3 * Copyright 2002-2005, Instant802 Networks, Inc.
4 * Copyright 2005-2006, Devicescape Software, Inc.
7 * Copyright 2013-2014 Intel Mobile Communications GmbH
8 * Copyright 2015-2017 Intel Deutschland GmbH
11 #include <linux/if_ether.h>
12 #include <linux/etherdevice.h>
13 #include <linux/list.h>
14 #include <linux/rcupdate.h>
15 #include <linux/rtnetlink.h>
16 #include <linux/slab.h>
17 #include <linux/export.h>
18 #include <net/mac80211.h>
19 #include <crypto/algapi.h>
20 #include <asm/unaligned.h>
21 #include "ieee80211_i.h"
22 #include "driver-ops.h"
23 #include "debugfs_key.h"
31 * DOC: Key handling basics
33 * Key handling in mac80211 is done based on per-interface (sub_if_data)
34 * keys and per-station keys. Since each station belongs to an interface,
35 * each station key also belongs to that interface.
37 * Hardware acceleration is done on a best-effort basis for algorithms
38 * that are implemented in software, for each key the hardware is asked
39 * to enable that key for offloading but if it cannot do that the key is
40 * simply kept for software encryption (unless it is for an algorithm
41 * that isn't implemented in software).
42 * There is currently no way of knowing whether a key is handled in SW
43 * or HW except by looking into debugfs.
45 * All key management is internally protected by a mutex. Within all
46 * other parts of mac80211, key references are, just as STA structure
47 * references, protected by RCU. Note, however, that some things are
48 * unprotected, namely the key->sta dereferences within the hardware
49 * acceleration functions. This means that sta_info_destroy() must
50 * remove the key which waits for an RCU grace period.
53 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
55 static void assert_key_lock(struct ieee80211_local *local)
57 lockdep_assert_held(&local->key_mtx);
61 update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta)
63 struct ieee80211_sub_if_data *vlan;
65 if (sdata->vif.type != NL80211_IFTYPE_AP)
68 /* crypto_tx_tailroom_needed_cnt is protected by this */
69 assert_key_lock(sdata->local);
73 list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list)
74 vlan->crypto_tx_tailroom_needed_cnt += delta;
79 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
82 * When this count is zero, SKB resizing for allocating tailroom
83 * for IV or MMIC is skipped. But, this check has created two race
84 * cases in xmit path while transiting from zero count to one:
86 * 1. SKB resize was skipped because no key was added but just before
87 * the xmit key is added and SW encryption kicks off.
89 * 2. SKB resize was skipped because all the keys were hw planted but
90 * just before xmit one of the key is deleted and SW encryption kicks
93 * In both the above case SW encryption will find not enough space for
94 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
96 * Solution has been explained at
100 assert_key_lock(sdata->local);
102 update_vlan_tailroom_need_count(sdata, 1);
104 if (!sdata->crypto_tx_tailroom_needed_cnt++) {
106 * Flush all XMIT packets currently using HW encryption or no
107 * encryption at all if the count transition is from 0 -> 1.
113 static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata,
116 assert_key_lock(sdata->local);
118 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta);
120 update_vlan_tailroom_need_count(sdata, -delta);
121 sdata->crypto_tx_tailroom_needed_cnt -= delta;
124 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
126 struct ieee80211_sub_if_data *sdata = key->sdata;
127 struct sta_info *sta;
128 int ret = -EOPNOTSUPP;
132 if (key->flags & KEY_FLAG_TAINTED) {
133 /* If we get here, it's during resume and the key is
134 * tainted so shouldn't be used/programmed any more.
135 * However, its flags may still indicate that it was
136 * programmed into the device (since we're in resume)
137 * so clear that flag now to avoid trying to remove
140 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE &&
141 !(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
142 IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
143 IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
144 increment_tailroom_need_count(sdata);
146 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
150 if (!key->local->ops->set_key)
151 goto out_unsupported;
153 assert_key_lock(key->local);
158 * If this is a per-STA GTK, check if it
159 * is supported; if not, return.
161 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) &&
162 !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK))
163 goto out_unsupported;
165 if (sta && !sta->uploaded)
166 goto out_unsupported;
168 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
170 * The driver doesn't know anything about VLAN interfaces.
171 * Hence, don't send GTKs for VLAN interfaces to the driver.
173 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
175 goto out_unsupported;
179 ret = drv_set_key(key->local, SET_KEY, sdata,
180 sta ? &sta->sta : NULL, &key->conf);
183 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
185 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
186 IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
187 IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
188 decrease_tailroom_need_count(sdata, 1);
190 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
191 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV));
193 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_MIC_SPACE) &&
194 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC));
199 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1)
201 "failed to set key (%d, %pM) to hardware (%d)\n",
203 sta ? sta->sta.addr : bcast_addr, ret);
206 switch (key->conf.cipher) {
207 case WLAN_CIPHER_SUITE_WEP40:
208 case WLAN_CIPHER_SUITE_WEP104:
209 case WLAN_CIPHER_SUITE_TKIP:
210 case WLAN_CIPHER_SUITE_CCMP:
211 case WLAN_CIPHER_SUITE_CCMP_256:
212 case WLAN_CIPHER_SUITE_AES_CMAC:
213 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
214 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
215 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
216 case WLAN_CIPHER_SUITE_GCMP:
217 case WLAN_CIPHER_SUITE_GCMP_256:
218 /* all of these we can do in software - if driver can */
221 if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL))
229 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
231 struct ieee80211_sub_if_data *sdata;
232 struct sta_info *sta;
237 if (!key || !key->local->ops->set_key)
240 assert_key_lock(key->local);
242 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
248 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
249 IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
250 IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
251 increment_tailroom_need_count(sdata);
253 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
254 ret = drv_set_key(key->local, DISABLE_KEY, sdata,
255 sta ? &sta->sta : NULL, &key->conf);
259 "failed to remove key (%d, %pM) from hardware (%d)\n",
261 sta ? sta->sta.addr : bcast_addr, ret);
264 int ieee80211_set_tx_key(struct ieee80211_key *key)
266 struct sta_info *sta = key->sta;
267 struct ieee80211_local *local = key->local;
269 assert_key_lock(local);
271 sta->ptk_idx = key->conf.keyidx;
273 if (ieee80211_hw_check(&local->hw, NO_AMPDU_KEYBORDER_SUPPORT))
274 clear_sta_flag(sta, WLAN_STA_BLOCK_BA);
275 ieee80211_check_fast_xmit(sta);
280 static void ieee80211_pairwise_rekey(struct ieee80211_key *old,
281 struct ieee80211_key *new)
283 struct ieee80211_local *local = new->local;
284 struct sta_info *sta = new->sta;
287 assert_key_lock(local);
289 if (new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX) {
290 /* Extended Key ID key install, initial one or rekey */
292 if (sta->ptk_idx != INVALID_PTK_KEYIDX &&
293 ieee80211_hw_check(&local->hw,
294 NO_AMPDU_KEYBORDER_SUPPORT)) {
295 /* Aggregation Sessions with Extended Key ID must not
296 * mix MPDUs with different keyIDs within one A-MPDU.
297 * Tear down any running Tx aggregation and all new
298 * Rx/Tx aggregation request during rekey if the driver
299 * asks us to do so. (Blocking Tx only would be
300 * sufficient but WLAN_STA_BLOCK_BA gets the job done
301 * for the few ms we need it.)
303 set_sta_flag(sta, WLAN_STA_BLOCK_BA);
304 mutex_lock(&sta->ampdu_mlme.mtx);
305 for (i = 0; i < IEEE80211_NUM_TIDS; i++)
306 ___ieee80211_stop_tx_ba_session(sta, i,
307 AGG_STOP_LOCAL_REQUEST);
308 mutex_unlock(&sta->ampdu_mlme.mtx);
311 /* Rekey without Extended Key ID.
312 * Aggregation sessions are OK when running on SW crypto.
313 * A broken remote STA may cause issues not observed with HW
316 if (!(old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
319 /* Stop Tx till we are on the new key */
320 old->flags |= KEY_FLAG_TAINTED;
321 ieee80211_clear_fast_xmit(sta);
322 if (ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION)) {
323 set_sta_flag(sta, WLAN_STA_BLOCK_BA);
324 ieee80211_sta_tear_down_BA_sessions(sta,
325 AGG_STOP_LOCAL_REQUEST);
327 if (!wiphy_ext_feature_isset(local->hw.wiphy,
328 NL80211_EXT_FEATURE_CAN_REPLACE_PTK0)) {
329 pr_warn_ratelimited("Rekeying PTK for STA %pM but driver can't safely do that.",
331 /* Flushing the driver queues *may* help prevent
332 * the clear text leaks and freezes.
334 ieee80211_flush_queues(local, old->sdata, false);
339 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
340 int idx, bool uni, bool multi)
342 struct ieee80211_key *key = NULL;
344 assert_key_lock(sdata->local);
346 if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
347 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
350 rcu_assign_pointer(sdata->default_unicast_key, key);
351 ieee80211_check_fast_xmit_iface(sdata);
352 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN)
353 drv_set_default_unicast_key(sdata->local, sdata, idx);
357 rcu_assign_pointer(sdata->default_multicast_key, key);
359 ieee80211_debugfs_key_update_default(sdata);
362 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
363 bool uni, bool multi)
365 mutex_lock(&sdata->local->key_mtx);
366 __ieee80211_set_default_key(sdata, idx, uni, multi);
367 mutex_unlock(&sdata->local->key_mtx);
371 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
373 struct ieee80211_key *key = NULL;
375 assert_key_lock(sdata->local);
377 if (idx >= NUM_DEFAULT_KEYS &&
378 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
379 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
381 rcu_assign_pointer(sdata->default_mgmt_key, key);
383 ieee80211_debugfs_key_update_default(sdata);
386 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
389 mutex_lock(&sdata->local->key_mtx);
390 __ieee80211_set_default_mgmt_key(sdata, idx);
391 mutex_unlock(&sdata->local->key_mtx);
394 static int ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
395 struct sta_info *sta,
397 struct ieee80211_key *old,
398 struct ieee80211_key *new)
402 bool defunikey, defmultikey, defmgmtkey;
404 /* caller must provide at least one old/new */
405 if (WARN_ON(!new && !old))
409 list_add_tail_rcu(&new->list, &sdata->key_list);
411 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
413 if (new && sta && pairwise) {
414 /* Unicast rekey needs special handling. With Extended Key ID
415 * old is still NULL for the first rekey.
417 ieee80211_pairwise_rekey(old, new);
421 idx = old->conf.keyidx;
423 if (old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
424 ieee80211_key_disable_hw_accel(old);
427 ret = ieee80211_key_enable_hw_accel(new);
430 /* new must be provided in case old is not */
431 idx = new->conf.keyidx;
432 if (!new->local->wowlan)
433 ret = ieee80211_key_enable_hw_accel(new);
441 rcu_assign_pointer(sta->ptk[idx], new);
443 !(new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX)) {
445 clear_sta_flag(sta, WLAN_STA_BLOCK_BA);
446 ieee80211_check_fast_xmit(sta);
449 rcu_assign_pointer(sta->gtk[idx], new);
451 /* Only needed for transition from no key -> key.
452 * Still triggers unnecessary when using Extended Key ID
453 * and installing the second key ID the first time.
456 ieee80211_check_fast_rx(sta);
459 old == key_mtx_dereference(sdata->local,
460 sdata->default_unicast_key);
462 old == key_mtx_dereference(sdata->local,
463 sdata->default_multicast_key);
465 old == key_mtx_dereference(sdata->local,
466 sdata->default_mgmt_key);
468 if (defunikey && !new)
469 __ieee80211_set_default_key(sdata, -1, true, false);
470 if (defmultikey && !new)
471 __ieee80211_set_default_key(sdata, -1, false, true);
472 if (defmgmtkey && !new)
473 __ieee80211_set_default_mgmt_key(sdata, -1);
475 rcu_assign_pointer(sdata->keys[idx], new);
476 if (defunikey && new)
477 __ieee80211_set_default_key(sdata, new->conf.keyidx,
479 if (defmultikey && new)
480 __ieee80211_set_default_key(sdata, new->conf.keyidx,
482 if (defmgmtkey && new)
483 __ieee80211_set_default_mgmt_key(sdata,
488 list_del_rcu(&old->list);
493 struct ieee80211_key *
494 ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
496 size_t seq_len, const u8 *seq,
497 const struct ieee80211_cipher_scheme *cs)
499 struct ieee80211_key *key;
502 if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS))
503 return ERR_PTR(-EINVAL);
505 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
507 return ERR_PTR(-ENOMEM);
510 * Default to software encryption; we'll later upload the
511 * key to the hardware if possible.
516 key->conf.cipher = cipher;
517 key->conf.keyidx = idx;
518 key->conf.keylen = key_len;
520 case WLAN_CIPHER_SUITE_WEP40:
521 case WLAN_CIPHER_SUITE_WEP104:
522 key->conf.iv_len = IEEE80211_WEP_IV_LEN;
523 key->conf.icv_len = IEEE80211_WEP_ICV_LEN;
525 case WLAN_CIPHER_SUITE_TKIP:
526 key->conf.iv_len = IEEE80211_TKIP_IV_LEN;
527 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN;
529 for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
530 key->u.tkip.rx[i].iv32 =
531 get_unaligned_le32(&seq[2]);
532 key->u.tkip.rx[i].iv16 =
533 get_unaligned_le16(seq);
536 spin_lock_init(&key->u.tkip.txlock);
538 case WLAN_CIPHER_SUITE_CCMP:
539 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN;
540 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN;
542 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
543 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++)
544 key->u.ccmp.rx_pn[i][j] =
545 seq[IEEE80211_CCMP_PN_LEN - j - 1];
548 * Initialize AES key state here as an optimization so that
549 * it does not need to be initialized for every packet.
551 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
552 key_data, key_len, IEEE80211_CCMP_MIC_LEN);
553 if (IS_ERR(key->u.ccmp.tfm)) {
554 err = PTR_ERR(key->u.ccmp.tfm);
559 case WLAN_CIPHER_SUITE_CCMP_256:
560 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN;
561 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN;
562 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
563 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++)
564 key->u.ccmp.rx_pn[i][j] =
565 seq[IEEE80211_CCMP_256_PN_LEN - j - 1];
566 /* Initialize AES key state here as an optimization so that
567 * it does not need to be initialized for every packet.
569 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
570 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN);
571 if (IS_ERR(key->u.ccmp.tfm)) {
572 err = PTR_ERR(key->u.ccmp.tfm);
577 case WLAN_CIPHER_SUITE_AES_CMAC:
578 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
579 key->conf.iv_len = 0;
580 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC)
581 key->conf.icv_len = sizeof(struct ieee80211_mmie);
583 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
585 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
586 key->u.aes_cmac.rx_pn[j] =
587 seq[IEEE80211_CMAC_PN_LEN - j - 1];
589 * Initialize AES key state here as an optimization so that
590 * it does not need to be initialized for every packet.
592 key->u.aes_cmac.tfm =
593 ieee80211_aes_cmac_key_setup(key_data, key_len);
594 if (IS_ERR(key->u.aes_cmac.tfm)) {
595 err = PTR_ERR(key->u.aes_cmac.tfm);
600 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
601 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
602 key->conf.iv_len = 0;
603 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
605 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++)
606 key->u.aes_gmac.rx_pn[j] =
607 seq[IEEE80211_GMAC_PN_LEN - j - 1];
608 /* Initialize AES key state here as an optimization so that
609 * it does not need to be initialized for every packet.
611 key->u.aes_gmac.tfm =
612 ieee80211_aes_gmac_key_setup(key_data, key_len);
613 if (IS_ERR(key->u.aes_gmac.tfm)) {
614 err = PTR_ERR(key->u.aes_gmac.tfm);
619 case WLAN_CIPHER_SUITE_GCMP:
620 case WLAN_CIPHER_SUITE_GCMP_256:
621 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN;
622 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN;
623 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
624 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++)
625 key->u.gcmp.rx_pn[i][j] =
626 seq[IEEE80211_GCMP_PN_LEN - j - 1];
627 /* Initialize AES key state here as an optimization so that
628 * it does not need to be initialized for every packet.
630 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data,
632 if (IS_ERR(key->u.gcmp.tfm)) {
633 err = PTR_ERR(key->u.gcmp.tfm);
640 if (seq_len && seq_len != cs->pn_len) {
642 return ERR_PTR(-EINVAL);
645 key->conf.iv_len = cs->hdr_len;
646 key->conf.icv_len = cs->mic_len;
647 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
648 for (j = 0; j < seq_len; j++)
649 key->u.gen.rx_pn[i][j] =
650 seq[seq_len - j - 1];
651 key->flags |= KEY_FLAG_CIPHER_SCHEME;
654 memcpy(key->conf.key, key_data, key_len);
655 INIT_LIST_HEAD(&key->list);
660 static void ieee80211_key_free_common(struct ieee80211_key *key)
662 switch (key->conf.cipher) {
663 case WLAN_CIPHER_SUITE_CCMP:
664 case WLAN_CIPHER_SUITE_CCMP_256:
665 ieee80211_aes_key_free(key->u.ccmp.tfm);
667 case WLAN_CIPHER_SUITE_AES_CMAC:
668 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
669 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
671 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
672 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
673 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm);
675 case WLAN_CIPHER_SUITE_GCMP:
676 case WLAN_CIPHER_SUITE_GCMP_256:
677 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm);
683 static void __ieee80211_key_destroy(struct ieee80211_key *key,
687 struct ieee80211_sub_if_data *sdata = key->sdata;
689 ieee80211_debugfs_key_remove(key);
691 if (delay_tailroom) {
692 /* see ieee80211_delayed_tailroom_dec */
693 sdata->crypto_tx_tailroom_pending_dec++;
694 schedule_delayed_work(&sdata->dec_tailroom_needed_wk,
697 decrease_tailroom_need_count(sdata, 1);
701 ieee80211_key_free_common(key);
704 static void ieee80211_key_destroy(struct ieee80211_key *key,
711 * Synchronize so the TX path and rcu key iterators
712 * can no longer be using this key before we free/remove it.
716 __ieee80211_key_destroy(key, delay_tailroom);
719 void ieee80211_key_free_unused(struct ieee80211_key *key)
721 WARN_ON(key->sdata || key->local);
722 ieee80211_key_free_common(key);
725 static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata,
726 struct ieee80211_key *old,
727 struct ieee80211_key *new)
729 u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP];
732 if (!old || new->conf.keylen != old->conf.keylen)
735 tk_old = old->conf.key;
736 tk_new = new->conf.key;
739 * In station mode, don't compare the TX MIC key, as it's never used
740 * and offloaded rekeying may not care to send it to the host. This
741 * is the case in iwlwifi, for example.
743 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
744 new->conf.cipher == WLAN_CIPHER_SUITE_TKIP &&
745 new->conf.keylen == WLAN_KEY_LEN_TKIP &&
746 !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
747 memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP);
748 memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP);
749 memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
750 memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
755 return !crypto_memneq(tk_old, tk_new, new->conf.keylen);
758 int ieee80211_key_link(struct ieee80211_key *key,
759 struct ieee80211_sub_if_data *sdata,
760 struct sta_info *sta)
762 struct ieee80211_key *old_key;
763 int idx = key->conf.keyidx;
764 bool pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
766 * We want to delay tailroom updates only for station - in that
767 * case it helps roaming speed, but in other cases it hurts and
768 * can cause warnings to appear.
770 bool delay_tailroom = sdata->vif.type == NL80211_IFTYPE_STATION;
771 int ret = -EOPNOTSUPP;
773 mutex_lock(&sdata->local->key_mtx);
775 if (sta && pairwise) {
776 struct ieee80211_key *alt_key;
778 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]);
779 alt_key = key_mtx_dereference(sdata->local, sta->ptk[idx ^ 1]);
781 /* The rekey code assumes that the old and new key are using
782 * the same cipher. Enforce the assumption for pairwise keys.
785 ((alt_key && alt_key->conf.cipher != key->conf.cipher) ||
786 (old_key && old_key->conf.cipher != key->conf.cipher)))
789 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]);
791 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
794 /* Non-pairwise keys must also not switch the cipher on rekey */
796 if (key && old_key && old_key->conf.cipher != key->conf.cipher)
801 * Silently accept key re-installation without really installing the
802 * new version of the key to avoid nonce reuse or replay issues.
804 if (ieee80211_key_identical(sdata, old_key, key)) {
805 ieee80211_key_free_unused(key);
810 key->local = sdata->local;
814 increment_tailroom_need_count(sdata);
816 ret = ieee80211_key_replace(sdata, sta, pairwise, old_key, key);
819 ieee80211_debugfs_key_add(key);
820 ieee80211_key_destroy(old_key, delay_tailroom);
822 ieee80211_key_free(key, delay_tailroom);
826 mutex_unlock(&sdata->local->key_mtx);
831 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom)
837 * Replace key with nothingness if it was ever used.
840 ieee80211_key_replace(key->sdata, key->sta,
841 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
843 ieee80211_key_destroy(key, delay_tailroom);
846 void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata)
848 struct ieee80211_key *key;
849 struct ieee80211_sub_if_data *vlan;
853 if (WARN_ON(!ieee80211_sdata_running(sdata)))
856 mutex_lock(&sdata->local->key_mtx);
858 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
859 sdata->crypto_tx_tailroom_pending_dec);
861 if (sdata->vif.type == NL80211_IFTYPE_AP) {
862 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
863 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
864 vlan->crypto_tx_tailroom_pending_dec);
867 list_for_each_entry(key, &sdata->key_list, list) {
868 increment_tailroom_need_count(sdata);
869 ieee80211_key_enable_hw_accel(key);
872 mutex_unlock(&sdata->local->key_mtx);
875 void ieee80211_reset_crypto_tx_tailroom(struct ieee80211_sub_if_data *sdata)
877 struct ieee80211_sub_if_data *vlan;
879 mutex_lock(&sdata->local->key_mtx);
881 sdata->crypto_tx_tailroom_needed_cnt = 0;
883 if (sdata->vif.type == NL80211_IFTYPE_AP) {
884 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
885 vlan->crypto_tx_tailroom_needed_cnt = 0;
888 mutex_unlock(&sdata->local->key_mtx);
891 void ieee80211_iter_keys(struct ieee80211_hw *hw,
892 struct ieee80211_vif *vif,
893 void (*iter)(struct ieee80211_hw *hw,
894 struct ieee80211_vif *vif,
895 struct ieee80211_sta *sta,
896 struct ieee80211_key_conf *key,
900 struct ieee80211_local *local = hw_to_local(hw);
901 struct ieee80211_key *key, *tmp;
902 struct ieee80211_sub_if_data *sdata;
906 mutex_lock(&local->key_mtx);
908 sdata = vif_to_sdata(vif);
909 list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
910 iter(hw, &sdata->vif,
911 key->sta ? &key->sta->sta : NULL,
912 &key->conf, iter_data);
914 list_for_each_entry(sdata, &local->interfaces, list)
915 list_for_each_entry_safe(key, tmp,
916 &sdata->key_list, list)
917 iter(hw, &sdata->vif,
918 key->sta ? &key->sta->sta : NULL,
919 &key->conf, iter_data);
921 mutex_unlock(&local->key_mtx);
923 EXPORT_SYMBOL(ieee80211_iter_keys);
926 _ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
927 struct ieee80211_sub_if_data *sdata,
928 void (*iter)(struct ieee80211_hw *hw,
929 struct ieee80211_vif *vif,
930 struct ieee80211_sta *sta,
931 struct ieee80211_key_conf *key,
935 struct ieee80211_key *key;
937 list_for_each_entry_rcu(key, &sdata->key_list, list) {
938 /* skip keys of station in removal process */
939 if (key->sta && key->sta->removed)
941 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
944 iter(hw, &sdata->vif,
945 key->sta ? &key->sta->sta : NULL,
946 &key->conf, iter_data);
950 void ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
951 struct ieee80211_vif *vif,
952 void (*iter)(struct ieee80211_hw *hw,
953 struct ieee80211_vif *vif,
954 struct ieee80211_sta *sta,
955 struct ieee80211_key_conf *key,
959 struct ieee80211_local *local = hw_to_local(hw);
960 struct ieee80211_sub_if_data *sdata;
963 sdata = vif_to_sdata(vif);
964 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
966 list_for_each_entry_rcu(sdata, &local->interfaces, list)
967 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
970 EXPORT_SYMBOL(ieee80211_iter_keys_rcu);
972 static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata,
973 struct list_head *keys)
975 struct ieee80211_key *key, *tmp;
977 decrease_tailroom_need_count(sdata,
978 sdata->crypto_tx_tailroom_pending_dec);
979 sdata->crypto_tx_tailroom_pending_dec = 0;
981 ieee80211_debugfs_key_remove_mgmt_default(sdata);
983 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) {
984 ieee80211_key_replace(key->sdata, key->sta,
985 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
987 list_add_tail(&key->list, keys);
990 ieee80211_debugfs_key_update_default(sdata);
993 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata,
994 bool force_synchronize)
996 struct ieee80211_local *local = sdata->local;
997 struct ieee80211_sub_if_data *vlan;
998 struct ieee80211_sub_if_data *master;
999 struct ieee80211_key *key, *tmp;
1002 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk);
1004 mutex_lock(&local->key_mtx);
1006 ieee80211_free_keys_iface(sdata, &keys);
1008 if (sdata->vif.type == NL80211_IFTYPE_AP) {
1009 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
1010 ieee80211_free_keys_iface(vlan, &keys);
1013 if (!list_empty(&keys) || force_synchronize)
1015 list_for_each_entry_safe(key, tmp, &keys, list)
1016 __ieee80211_key_destroy(key, false);
1018 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
1020 master = container_of(sdata->bss,
1021 struct ieee80211_sub_if_data,
1024 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt !=
1025 master->crypto_tx_tailroom_needed_cnt);
1028 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
1029 sdata->crypto_tx_tailroom_pending_dec);
1032 if (sdata->vif.type == NL80211_IFTYPE_AP) {
1033 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
1034 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
1035 vlan->crypto_tx_tailroom_pending_dec);
1038 mutex_unlock(&local->key_mtx);
1041 void ieee80211_free_sta_keys(struct ieee80211_local *local,
1042 struct sta_info *sta)
1044 struct ieee80211_key *key;
1047 mutex_lock(&local->key_mtx);
1048 for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) {
1049 key = key_mtx_dereference(local, sta->gtk[i]);
1052 ieee80211_key_replace(key->sdata, key->sta,
1053 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
1055 __ieee80211_key_destroy(key, key->sdata->vif.type ==
1056 NL80211_IFTYPE_STATION);
1059 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1060 key = key_mtx_dereference(local, sta->ptk[i]);
1063 ieee80211_key_replace(key->sdata, key->sta,
1064 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
1066 __ieee80211_key_destroy(key, key->sdata->vif.type ==
1067 NL80211_IFTYPE_STATION);
1070 mutex_unlock(&local->key_mtx);
1073 void ieee80211_delayed_tailroom_dec(struct work_struct *wk)
1075 struct ieee80211_sub_if_data *sdata;
1077 sdata = container_of(wk, struct ieee80211_sub_if_data,
1078 dec_tailroom_needed_wk.work);
1081 * The reason for the delayed tailroom needed decrementing is to
1082 * make roaming faster: during roaming, all keys are first deleted
1083 * and then new keys are installed. The first new key causes the
1084 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes
1085 * the cost of synchronize_net() (which can be slow). Avoid this
1086 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on
1087 * key removal for a while, so if we roam the value is larger than
1088 * zero and no 0->1 transition happens.
1090 * The cost is that if the AP switching was from an AP with keys
1091 * to one without, we still allocate tailroom while it would no
1092 * longer be needed. However, in the typical (fast) roaming case
1093 * within an ESS this usually won't happen.
1096 mutex_lock(&sdata->local->key_mtx);
1097 decrease_tailroom_need_count(sdata,
1098 sdata->crypto_tx_tailroom_pending_dec);
1099 sdata->crypto_tx_tailroom_pending_dec = 0;
1100 mutex_unlock(&sdata->local->key_mtx);
1103 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid,
1104 const u8 *replay_ctr, gfp_t gfp)
1106 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1108 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr);
1110 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp);
1112 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify);
1114 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
1115 int tid, struct ieee80211_key_seq *seq)
1117 struct ieee80211_key *key;
1120 key = container_of(keyconf, struct ieee80211_key, conf);
1122 switch (key->conf.cipher) {
1123 case WLAN_CIPHER_SUITE_TKIP:
1124 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1126 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32;
1127 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
1129 case WLAN_CIPHER_SUITE_CCMP:
1130 case WLAN_CIPHER_SUITE_CCMP_256:
1131 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1134 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1136 pn = key->u.ccmp.rx_pn[tid];
1137 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
1139 case WLAN_CIPHER_SUITE_AES_CMAC:
1140 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1141 if (WARN_ON(tid != 0))
1143 pn = key->u.aes_cmac.rx_pn;
1144 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
1146 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1147 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1148 if (WARN_ON(tid != 0))
1150 pn = key->u.aes_gmac.rx_pn;
1151 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN);
1153 case WLAN_CIPHER_SUITE_GCMP:
1154 case WLAN_CIPHER_SUITE_GCMP_256:
1155 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1158 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1160 pn = key->u.gcmp.rx_pn[tid];
1161 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN);
1165 EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
1167 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
1168 int tid, struct ieee80211_key_seq *seq)
1170 struct ieee80211_key *key;
1173 key = container_of(keyconf, struct ieee80211_key, conf);
1175 switch (key->conf.cipher) {
1176 case WLAN_CIPHER_SUITE_TKIP:
1177 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1179 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32;
1180 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
1182 case WLAN_CIPHER_SUITE_CCMP:
1183 case WLAN_CIPHER_SUITE_CCMP_256:
1184 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1187 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1189 pn = key->u.ccmp.rx_pn[tid];
1190 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
1192 case WLAN_CIPHER_SUITE_AES_CMAC:
1193 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1194 if (WARN_ON(tid != 0))
1196 pn = key->u.aes_cmac.rx_pn;
1197 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
1199 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1200 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1201 if (WARN_ON(tid != 0))
1203 pn = key->u.aes_gmac.rx_pn;
1204 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN);
1206 case WLAN_CIPHER_SUITE_GCMP:
1207 case WLAN_CIPHER_SUITE_GCMP_256:
1208 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1211 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1213 pn = key->u.gcmp.rx_pn[tid];
1214 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN);
1221 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq);
1223 void ieee80211_remove_key(struct ieee80211_key_conf *keyconf)
1225 struct ieee80211_key *key;
1227 key = container_of(keyconf, struct ieee80211_key, conf);
1229 assert_key_lock(key->local);
1232 * if key was uploaded, we assume the driver will/has remove(d)
1233 * it, so adjust bookkeeping accordingly
1235 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
1236 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
1238 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
1239 IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
1240 IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
1241 increment_tailroom_need_count(key->sdata);
1244 ieee80211_key_free(key, false);
1246 EXPORT_SYMBOL_GPL(ieee80211_remove_key);
1248 struct ieee80211_key_conf *
1249 ieee80211_gtk_rekey_add(struct ieee80211_vif *vif,
1250 struct ieee80211_key_conf *keyconf)
1252 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1253 struct ieee80211_local *local = sdata->local;
1254 struct ieee80211_key *key;
1257 if (WARN_ON(!local->wowlan))
1258 return ERR_PTR(-EINVAL);
1260 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
1261 return ERR_PTR(-EINVAL);
1263 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx,
1264 keyconf->keylen, keyconf->key,
1267 return ERR_CAST(key);
1269 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
1270 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
1272 err = ieee80211_key_link(key, sdata, NULL);
1274 return ERR_PTR(err);
1278 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add);
projects / linux.git / blob