2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
12 #include <linux/if_ether.h>
13 #include <linux/etherdevice.h>
14 #include <linux/list.h>
15 #include <linux/rcupdate.h>
16 #include <linux/rtnetlink.h>
17 #include <linux/slab.h>
18 #include <linux/export.h>
19 #include <net/mac80211.h>
20 #include <asm/unaligned.h>
21 #include "ieee80211_i.h"
22 #include "driver-ops.h"
23 #include "debugfs_key.h"
29 * DOC: Key handling basics
31 * Key handling in mac80211 is done based on per-interface (sub_if_data)
32 * keys and per-station keys. Since each station belongs to an interface,
33 * each station key also belongs to that interface.
35 * Hardware acceleration is done on a best-effort basis for algorithms
36 * that are implemented in software, for each key the hardware is asked
37 * to enable that key for offloading but if it cannot do that the key is
38 * simply kept for software encryption (unless it is for an algorithm
39 * that isn't implemented in software).
40 * There is currently no way of knowing whether a key is handled in SW
41 * or HW except by looking into debugfs.
43 * All key management is internally protected by a mutex. Within all
44 * other parts of mac80211, key references are, just as STA structure
45 * references, protected by RCU. Note, however, that some things are
46 * unprotected, namely the key->sta dereferences within the hardware
47 * acceleration functions. This means that sta_info_destroy() must
48 * remove the key which waits for an RCU grace period.
51 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
53 static void assert_key_lock(struct ieee80211_local *local)
55 lockdep_assert_held(&local->key_mtx);
58 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
61 * When this count is zero, SKB resizing for allocating tailroom
62 * for IV or MMIC is skipped. But, this check has created two race
63 * cases in xmit path while transiting from zero count to one:
65 * 1. SKB resize was skipped because no key was added but just before
66 * the xmit key is added and SW encryption kicks off.
68 * 2. SKB resize was skipped because all the keys were hw planted but
69 * just before xmit one of the key is deleted and SW encryption kicks
72 * In both the above case SW encryption will find not enough space for
73 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
75 * Solution has been explained at
76 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
79 if (!sdata->crypto_tx_tailroom_needed_cnt++) {
81 * Flush all XMIT packets currently using HW encryption or no
82 * encryption at all if the count transition is from 0 -> 1.
88 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
90 struct ieee80211_sub_if_data *sdata;
96 if (key->flags & KEY_FLAG_TAINTED)
99 if (!key->local->ops->set_key)
100 goto out_unsupported;
102 assert_key_lock(key->local);
107 * If this is a per-STA GTK, check if it
108 * is supported; if not, return.
110 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) &&
111 !(key->local->hw.flags & IEEE80211_HW_SUPPORTS_PER_STA_GTK))
112 goto out_unsupported;
114 if (sta && !sta->uploaded)
115 goto out_unsupported;
118 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
120 * The driver doesn't know anything about VLAN interfaces.
121 * Hence, don't send GTKs for VLAN interfaces to the driver.
123 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE))
124 goto out_unsupported;
127 ret = drv_set_key(key->local, SET_KEY, sdata,
128 sta ? &sta->sta : NULL, &key->conf);
131 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
133 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
134 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) ||
135 (key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)))
136 sdata->crypto_tx_tailroom_needed_cnt--;
138 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
139 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV));
144 if (ret != -ENOSPC && ret != -EOPNOTSUPP)
146 "failed to set key (%d, %pM) to hardware (%d)\n",
148 sta ? sta->sta.addr : bcast_addr, ret);
151 switch (key->conf.cipher) {
152 case WLAN_CIPHER_SUITE_WEP40:
153 case WLAN_CIPHER_SUITE_WEP104:
154 case WLAN_CIPHER_SUITE_TKIP:
155 case WLAN_CIPHER_SUITE_CCMP:
156 case WLAN_CIPHER_SUITE_AES_CMAC:
157 /* all of these we can do in software */
164 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
166 struct ieee80211_sub_if_data *sdata;
167 struct sta_info *sta;
172 if (!key || !key->local->ops->set_key)
175 assert_key_lock(key->local);
177 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
183 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
184 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) ||
185 (key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)))
186 increment_tailroom_need_count(sdata);
188 ret = drv_set_key(key->local, DISABLE_KEY, sdata,
189 sta ? &sta->sta : NULL, &key->conf);
193 "failed to remove key (%d, %pM) from hardware (%d)\n",
195 sta ? sta->sta.addr : bcast_addr, ret);
197 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
200 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
201 int idx, bool uni, bool multi)
203 struct ieee80211_key *key = NULL;
205 assert_key_lock(sdata->local);
207 if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
208 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
211 rcu_assign_pointer(sdata->default_unicast_key, key);
212 drv_set_default_unicast_key(sdata->local, sdata, idx);
216 rcu_assign_pointer(sdata->default_multicast_key, key);
218 ieee80211_debugfs_key_update_default(sdata);
221 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
222 bool uni, bool multi)
224 mutex_lock(&sdata->local->key_mtx);
225 __ieee80211_set_default_key(sdata, idx, uni, multi);
226 mutex_unlock(&sdata->local->key_mtx);
230 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
232 struct ieee80211_key *key = NULL;
234 assert_key_lock(sdata->local);
236 if (idx >= NUM_DEFAULT_KEYS &&
237 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
238 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
240 rcu_assign_pointer(sdata->default_mgmt_key, key);
242 ieee80211_debugfs_key_update_default(sdata);
245 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
248 mutex_lock(&sdata->local->key_mtx);
249 __ieee80211_set_default_mgmt_key(sdata, idx);
250 mutex_unlock(&sdata->local->key_mtx);
254 static void ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
255 struct sta_info *sta,
257 struct ieee80211_key *old,
258 struct ieee80211_key *new)
261 bool defunikey, defmultikey, defmgmtkey;
263 /* caller must provide at least one old/new */
264 if (WARN_ON(!new && !old))
268 list_add_tail(&new->list, &sdata->key_list);
270 if (sta && pairwise) {
271 rcu_assign_pointer(sta->ptk, new);
274 idx = old->conf.keyidx;
276 idx = new->conf.keyidx;
277 rcu_assign_pointer(sta->gtk[idx], new);
279 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
282 idx = old->conf.keyidx;
284 idx = new->conf.keyidx;
287 old == key_mtx_dereference(sdata->local,
288 sdata->default_unicast_key);
290 old == key_mtx_dereference(sdata->local,
291 sdata->default_multicast_key);
293 old == key_mtx_dereference(sdata->local,
294 sdata->default_mgmt_key);
296 if (defunikey && !new)
297 __ieee80211_set_default_key(sdata, -1, true, false);
298 if (defmultikey && !new)
299 __ieee80211_set_default_key(sdata, -1, false, true);
300 if (defmgmtkey && !new)
301 __ieee80211_set_default_mgmt_key(sdata, -1);
303 rcu_assign_pointer(sdata->keys[idx], new);
304 if (defunikey && new)
305 __ieee80211_set_default_key(sdata, new->conf.keyidx,
307 if (defmultikey && new)
308 __ieee80211_set_default_key(sdata, new->conf.keyidx,
310 if (defmgmtkey && new)
311 __ieee80211_set_default_mgmt_key(sdata,
316 list_del(&old->list);
319 struct ieee80211_key *ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
321 size_t seq_len, const u8 *seq)
323 struct ieee80211_key *key;
326 BUG_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS);
328 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
330 return ERR_PTR(-ENOMEM);
333 * Default to software encryption; we'll later upload the
334 * key to the hardware if possible.
339 key->conf.cipher = cipher;
340 key->conf.keyidx = idx;
341 key->conf.keylen = key_len;
343 case WLAN_CIPHER_SUITE_WEP40:
344 case WLAN_CIPHER_SUITE_WEP104:
345 key->conf.iv_len = IEEE80211_WEP_IV_LEN;
346 key->conf.icv_len = IEEE80211_WEP_ICV_LEN;
348 case WLAN_CIPHER_SUITE_TKIP:
349 key->conf.iv_len = IEEE80211_TKIP_IV_LEN;
350 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN;
352 for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
353 key->u.tkip.rx[i].iv32 =
354 get_unaligned_le32(&seq[2]);
355 key->u.tkip.rx[i].iv16 =
356 get_unaligned_le16(seq);
359 spin_lock_init(&key->u.tkip.txlock);
361 case WLAN_CIPHER_SUITE_CCMP:
362 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN;
363 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN;
365 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
366 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++)
367 key->u.ccmp.rx_pn[i][j] =
368 seq[IEEE80211_CCMP_PN_LEN - j - 1];
371 * Initialize AES key state here as an optimization so that
372 * it does not need to be initialized for every packet.
374 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(key_data);
375 if (IS_ERR(key->u.ccmp.tfm)) {
376 err = PTR_ERR(key->u.ccmp.tfm);
381 case WLAN_CIPHER_SUITE_AES_CMAC:
382 key->conf.iv_len = 0;
383 key->conf.icv_len = sizeof(struct ieee80211_mmie);
385 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
386 key->u.aes_cmac.rx_pn[j] =
387 seq[IEEE80211_CMAC_PN_LEN - j - 1];
389 * Initialize AES key state here as an optimization so that
390 * it does not need to be initialized for every packet.
392 key->u.aes_cmac.tfm =
393 ieee80211_aes_cmac_key_setup(key_data);
394 if (IS_ERR(key->u.aes_cmac.tfm)) {
395 err = PTR_ERR(key->u.aes_cmac.tfm);
401 memcpy(key->conf.key, key_data, key_len);
402 INIT_LIST_HEAD(&key->list);
407 static void ieee80211_key_free_common(struct ieee80211_key *key)
409 if (key->conf.cipher == WLAN_CIPHER_SUITE_CCMP)
410 ieee80211_aes_key_free(key->u.ccmp.tfm);
411 if (key->conf.cipher == WLAN_CIPHER_SUITE_AES_CMAC)
412 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
416 static void __ieee80211_key_destroy(struct ieee80211_key *key,
420 ieee80211_key_disable_hw_accel(key);
423 struct ieee80211_sub_if_data *sdata = key->sdata;
425 ieee80211_debugfs_key_remove(key);
427 if (delay_tailroom) {
428 /* see ieee80211_delayed_tailroom_dec */
429 sdata->crypto_tx_tailroom_pending_dec++;
430 schedule_delayed_work(&sdata->dec_tailroom_needed_wk,
433 sdata->crypto_tx_tailroom_needed_cnt--;
437 ieee80211_key_free_common(key);
440 static void ieee80211_key_destroy(struct ieee80211_key *key,
447 * Synchronize so the TX path can no longer be using
448 * this key before we free/remove it.
452 __ieee80211_key_destroy(key, delay_tailroom);
455 void ieee80211_key_free_unused(struct ieee80211_key *key)
457 WARN_ON(key->sdata || key->local);
458 ieee80211_key_free_common(key);
461 int ieee80211_key_link(struct ieee80211_key *key,
462 struct ieee80211_sub_if_data *sdata,
463 struct sta_info *sta)
465 struct ieee80211_local *local = sdata->local;
466 struct ieee80211_key *old_key;
473 pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
474 idx = key->conf.keyidx;
475 key->local = sdata->local;
479 mutex_lock(&sdata->local->key_mtx);
482 old_key = key_mtx_dereference(sdata->local, sta->ptk);
484 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]);
486 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
488 increment_tailroom_need_count(sdata);
490 ieee80211_key_replace(sdata, sta, pairwise, old_key, key);
491 ieee80211_key_destroy(old_key, true);
493 ieee80211_debugfs_key_add(key);
495 if (!local->wowlan) {
496 ret = ieee80211_key_enable_hw_accel(key);
498 ieee80211_key_free(key, true);
503 mutex_unlock(&sdata->local->key_mtx);
508 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom)
514 * Replace key with nothingness if it was ever used.
517 ieee80211_key_replace(key->sdata, key->sta,
518 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
520 ieee80211_key_destroy(key, delay_tailroom);
523 void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata)
525 struct ieee80211_key *key;
529 if (WARN_ON(!ieee80211_sdata_running(sdata)))
532 mutex_lock(&sdata->local->key_mtx);
534 sdata->crypto_tx_tailroom_needed_cnt = 0;
536 list_for_each_entry(key, &sdata->key_list, list) {
537 increment_tailroom_need_count(sdata);
538 ieee80211_key_enable_hw_accel(key);
541 mutex_unlock(&sdata->local->key_mtx);
544 void ieee80211_iter_keys(struct ieee80211_hw *hw,
545 struct ieee80211_vif *vif,
546 void (*iter)(struct ieee80211_hw *hw,
547 struct ieee80211_vif *vif,
548 struct ieee80211_sta *sta,
549 struct ieee80211_key_conf *key,
553 struct ieee80211_local *local = hw_to_local(hw);
554 struct ieee80211_key *key, *tmp;
555 struct ieee80211_sub_if_data *sdata;
559 mutex_lock(&local->key_mtx);
561 sdata = vif_to_sdata(vif);
562 list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
563 iter(hw, &sdata->vif,
564 key->sta ? &key->sta->sta : NULL,
565 &key->conf, iter_data);
567 list_for_each_entry(sdata, &local->interfaces, list)
568 list_for_each_entry_safe(key, tmp,
569 &sdata->key_list, list)
570 iter(hw, &sdata->vif,
571 key->sta ? &key->sta->sta : NULL,
572 &key->conf, iter_data);
574 mutex_unlock(&local->key_mtx);
576 EXPORT_SYMBOL(ieee80211_iter_keys);
578 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata)
580 struct ieee80211_key *key, *tmp;
583 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk);
585 mutex_lock(&sdata->local->key_mtx);
587 sdata->crypto_tx_tailroom_needed_cnt -=
588 sdata->crypto_tx_tailroom_pending_dec;
589 sdata->crypto_tx_tailroom_pending_dec = 0;
591 ieee80211_debugfs_key_remove_mgmt_default(sdata);
593 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) {
594 ieee80211_key_replace(key->sdata, key->sta,
595 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
597 list_add_tail(&key->list, &keys);
600 ieee80211_debugfs_key_update_default(sdata);
602 if (!list_empty(&keys)) {
604 list_for_each_entry_safe(key, tmp, &keys, list)
605 __ieee80211_key_destroy(key, false);
608 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
609 sdata->crypto_tx_tailroom_pending_dec);
611 mutex_unlock(&sdata->local->key_mtx);
614 void ieee80211_free_sta_keys(struct ieee80211_local *local,
615 struct sta_info *sta)
617 struct ieee80211_key *key, *tmp;
621 mutex_lock(&local->key_mtx);
622 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
623 key = key_mtx_dereference(local, sta->gtk[i]);
626 ieee80211_key_replace(key->sdata, key->sta,
627 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
629 list_add(&key->list, &keys);
632 key = key_mtx_dereference(local, sta->ptk);
634 ieee80211_key_replace(key->sdata, key->sta,
635 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
637 list_add(&key->list, &keys);
641 * NB: the station code relies on this being
642 * done even if there aren't any keys
646 list_for_each_entry_safe(key, tmp, &keys, list)
647 __ieee80211_key_destroy(key, true);
649 mutex_unlock(&local->key_mtx);
652 void ieee80211_delayed_tailroom_dec(struct work_struct *wk)
654 struct ieee80211_sub_if_data *sdata;
656 sdata = container_of(wk, struct ieee80211_sub_if_data,
657 dec_tailroom_needed_wk.work);
660 * The reason for the delayed tailroom needed decrementing is to
661 * make roaming faster: during roaming, all keys are first deleted
662 * and then new keys are installed. The first new key causes the
663 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes
664 * the cost of synchronize_net() (which can be slow). Avoid this
665 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on
666 * key removal for a while, so if we roam the value is larger than
667 * zero and no 0->1 transition happens.
669 * The cost is that if the AP switching was from an AP with keys
670 * to one without, we still allocate tailroom while it would no
671 * longer be needed. However, in the typical (fast) roaming case
672 * within an ESS this usually won't happen.
675 mutex_lock(&sdata->local->key_mtx);
676 sdata->crypto_tx_tailroom_needed_cnt -=
677 sdata->crypto_tx_tailroom_pending_dec;
678 sdata->crypto_tx_tailroom_pending_dec = 0;
679 mutex_unlock(&sdata->local->key_mtx);
682 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid,
683 const u8 *replay_ctr, gfp_t gfp)
685 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
687 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr);
689 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp);
691 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify);
693 void ieee80211_get_key_tx_seq(struct ieee80211_key_conf *keyconf,
694 struct ieee80211_key_seq *seq)
696 struct ieee80211_key *key;
699 if (WARN_ON(!(keyconf->flags & IEEE80211_KEY_FLAG_GENERATE_IV)))
702 key = container_of(keyconf, struct ieee80211_key, conf);
704 switch (key->conf.cipher) {
705 case WLAN_CIPHER_SUITE_TKIP:
706 seq->tkip.iv32 = key->u.tkip.tx.iv32;
707 seq->tkip.iv16 = key->u.tkip.tx.iv16;
709 case WLAN_CIPHER_SUITE_CCMP:
710 pn64 = atomic64_read(&key->u.ccmp.tx_pn);
711 seq->ccmp.pn[5] = pn64;
712 seq->ccmp.pn[4] = pn64 >> 8;
713 seq->ccmp.pn[3] = pn64 >> 16;
714 seq->ccmp.pn[2] = pn64 >> 24;
715 seq->ccmp.pn[1] = pn64 >> 32;
716 seq->ccmp.pn[0] = pn64 >> 40;
718 case WLAN_CIPHER_SUITE_AES_CMAC:
719 pn64 = atomic64_read(&key->u.aes_cmac.tx_pn);
720 seq->ccmp.pn[5] = pn64;
721 seq->ccmp.pn[4] = pn64 >> 8;
722 seq->ccmp.pn[3] = pn64 >> 16;
723 seq->ccmp.pn[2] = pn64 >> 24;
724 seq->ccmp.pn[1] = pn64 >> 32;
725 seq->ccmp.pn[0] = pn64 >> 40;
731 EXPORT_SYMBOL(ieee80211_get_key_tx_seq);
733 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
734 int tid, struct ieee80211_key_seq *seq)
736 struct ieee80211_key *key;
739 key = container_of(keyconf, struct ieee80211_key, conf);
741 switch (key->conf.cipher) {
742 case WLAN_CIPHER_SUITE_TKIP:
743 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
745 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32;
746 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
748 case WLAN_CIPHER_SUITE_CCMP:
749 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
752 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
754 pn = key->u.ccmp.rx_pn[tid];
755 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
757 case WLAN_CIPHER_SUITE_AES_CMAC:
758 if (WARN_ON(tid != 0))
760 pn = key->u.aes_cmac.rx_pn;
761 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
765 EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
767 void ieee80211_set_key_tx_seq(struct ieee80211_key_conf *keyconf,
768 struct ieee80211_key_seq *seq)
770 struct ieee80211_key *key;
773 key = container_of(keyconf, struct ieee80211_key, conf);
775 switch (key->conf.cipher) {
776 case WLAN_CIPHER_SUITE_TKIP:
777 key->u.tkip.tx.iv32 = seq->tkip.iv32;
778 key->u.tkip.tx.iv16 = seq->tkip.iv16;
780 case WLAN_CIPHER_SUITE_CCMP:
781 pn64 = (u64)seq->ccmp.pn[5] |
782 ((u64)seq->ccmp.pn[4] << 8) |
783 ((u64)seq->ccmp.pn[3] << 16) |
784 ((u64)seq->ccmp.pn[2] << 24) |
785 ((u64)seq->ccmp.pn[1] << 32) |
786 ((u64)seq->ccmp.pn[0] << 40);
787 atomic64_set(&key->u.ccmp.tx_pn, pn64);
789 case WLAN_CIPHER_SUITE_AES_CMAC:
790 pn64 = (u64)seq->aes_cmac.pn[5] |
791 ((u64)seq->aes_cmac.pn[4] << 8) |
792 ((u64)seq->aes_cmac.pn[3] << 16) |
793 ((u64)seq->aes_cmac.pn[2] << 24) |
794 ((u64)seq->aes_cmac.pn[1] << 32) |
795 ((u64)seq->aes_cmac.pn[0] << 40);
796 atomic64_set(&key->u.aes_cmac.tx_pn, pn64);
803 EXPORT_SYMBOL_GPL(ieee80211_set_key_tx_seq);
805 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
806 int tid, struct ieee80211_key_seq *seq)
808 struct ieee80211_key *key;
811 key = container_of(keyconf, struct ieee80211_key, conf);
813 switch (key->conf.cipher) {
814 case WLAN_CIPHER_SUITE_TKIP:
815 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
817 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32;
818 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
820 case WLAN_CIPHER_SUITE_CCMP:
821 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
824 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
826 pn = key->u.ccmp.rx_pn[tid];
827 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
829 case WLAN_CIPHER_SUITE_AES_CMAC:
830 if (WARN_ON(tid != 0))
832 pn = key->u.aes_cmac.rx_pn;
833 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
840 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq);
842 void ieee80211_remove_key(struct ieee80211_key_conf *keyconf)
844 struct ieee80211_key *key;
846 key = container_of(keyconf, struct ieee80211_key, conf);
848 assert_key_lock(key->local);
851 * if key was uploaded, we assume the driver will/has remove(d)
852 * it, so adjust bookkeeping accordingly
854 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
855 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
857 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
858 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) ||
859 (key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)))
860 increment_tailroom_need_count(key->sdata);
863 ieee80211_key_free(key, false);
865 EXPORT_SYMBOL_GPL(ieee80211_remove_key);
867 struct ieee80211_key_conf *
868 ieee80211_gtk_rekey_add(struct ieee80211_vif *vif,
869 struct ieee80211_key_conf *keyconf)
871 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
872 struct ieee80211_local *local = sdata->local;
873 struct ieee80211_key *key;
876 if (WARN_ON(!local->wowlan))
877 return ERR_PTR(-EINVAL);
879 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
880 return ERR_PTR(-EINVAL);
882 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx,
883 keyconf->keylen, keyconf->key,
886 return ERR_CAST(key);
888 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
889 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
891 err = ieee80211_key_link(key, sdata, NULL);
897 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add);
projects / platform / adaptation / renesas_rcar / renesas_kernel.git / blob