LXR linux/net/mac80211/key.c

   1/*
   2 * Copyright 2002-2005, Instant802 Networks, Inc.
   3 * Copyright 2005-2006, Devicescape Software, Inc.
   4 * Copyright 2006-2007  Jiri Benc <jbenc@suse.cz>
   5 * Copyright 2007-2008  Johannes Berg <johannes@sipsolutions.net>
   6 * Copyright 2013-2014  Intel Mobile Communications GmbH
   7 * Copyright 2015-2017  Intel Deutschland GmbH
   8 *
   9 * This program is free software; you can redistribute it and/or modify
  10 * it under the terms of the GNU General Public License version 2 as
  11 * published by the Free Software Foundation.
  12 */
  13
  14#include <linux/if_ether.h>
  15#include <linux/etherdevice.h>
  16#include <linux/list.h>
  17#include <linux/rcupdate.h>
  18#include <linux/rtnetlink.h>
  19#include <linux/slab.h>
  20#include <linux/export.h>
  21#include <net/mac80211.h>
  22#include <crypto/algapi.h>
  23#include <asm/unaligned.h>
  24#include "ieee80211_i.h"
  25#include "driver-ops.h"
  26#include "debugfs_key.h"
  27#include "aes_ccm.h"
  28#include "aes_cmac.h"
  29#include "aes_gmac.h"
  30#include "aes_gcm.h"
  31
  32
  33/**
  34 * DOC: Key handling basics
  35 *
  36 * Key handling in mac80211 is done based on per-interface (sub_if_data)
  37 * keys and per-station keys. Since each station belongs to an interface,
  38 * each station key also belongs to that interface.
  39 *
  40 * Hardware acceleration is done on a best-effort basis for algorithms
  41 * that are implemented in software,  for each key the hardware is asked
  42 * to enable that key for offloading but if it cannot do that the key is
  43 * simply kept for software encryption (unless it is for an algorithm
  44 * that isn't implemented in software).
  45 * There is currently no way of knowing whether a key is handled in SW
  46 * or HW except by looking into debugfs.
  47 *
  48 * All key management is internally protected by a mutex. Within all
  49 * other parts of mac80211, key references are, just as STA structure
  50 * references, protected by RCU. Note, however, that some things are
  51 * unprotected, namely the key->sta dereferences within the hardware
  52 * acceleration functions. This means that sta_info_destroy() must
  53 * remove the key which waits for an RCU grace period.
  54 */
  55
  56static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
  57
  58static void assert_key_lock(struct ieee80211_local *local)
  59{
  60        lockdep_assert_held(&local->key_mtx);
  61}
  62
  63static void
  64update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta)
  65{
  66        struct ieee80211_sub_if_data *vlan;
  67
  68        if (sdata->vif.type != NL80211_IFTYPE_AP)
  69                return;
  70
  71        /* crypto_tx_tailroom_needed_cnt is protected by this */
  72        assert_key_lock(sdata->local);
  73
  74        rcu_read_lock();
  75
  76        list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list)
  77                vlan->crypto_tx_tailroom_needed_cnt += delta;
  78
  79        rcu_read_unlock();
  80}
  81
  82static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
  83{
  84        /*
  85         * When this count is zero, SKB resizing for allocating tailroom
  86         * for IV or MMIC is skipped. But, this check has created two race
  87         * cases in xmit path while transiting from zero count to one:
  88         *
  89         * 1. SKB resize was skipped because no key was added but just before
  90         * the xmit key is added and SW encryption kicks off.
  91         *
  92         * 2. SKB resize was skipped because all the keys were hw planted but
  93         * just before xmit one of the key is deleted and SW encryption kicks
  94         * off.
  95         *
  96         * In both the above case SW encryption will find not enough space for
  97         * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
  98         *
  99         * Solution has been explained at
 100         * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
 101         */
 102
 103        assert_key_lock(sdata->local);
 104
 105        update_vlan_tailroom_need_count(sdata, 1);
 106
 107        if (!sdata->crypto_tx_tailroom_needed_cnt++) {
 108                /*
 109                 * Flush all XMIT packets currently using HW encryption or no
 110                 * encryption at all if the count transition is from 0 -> 1.
 111                 */
 112                synchronize_net();
 113        }
 114}
 115
 116static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata,
 117                                         int delta)
 118{
 119        assert_key_lock(sdata->local);
 120
 121        WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta);
 122
 123        update_vlan_tailroom_need_count(sdata, -delta);
 124        sdata->crypto_tx_tailroom_needed_cnt -= delta;
 125}
 126
 127static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
 128{
 129        struct ieee80211_sub_if_data *sdata;
 130        struct sta_info *sta;
 131        int ret = -EOPNOTSUPP;
 132
 133        might_sleep();
 134
 135        if (key->flags & KEY_FLAG_TAINTED) {
 136                /* If we get here, it's during resume and the key is
 137                 * tainted so shouldn't be used/programmed any more.
 138                 * However, its flags may still indicate that it was
 139                 * programmed into the device (since we're in resume)
 140                 * so clear that flag now to avoid trying to remove
 141                 * it again later.
 142                 */
 143                key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
 144                return -EINVAL;
 145        }
 146
 147        if (!key->local->ops->set_key)
 148                goto out_unsupported;
 149
 150        assert_key_lock(key->local);
 151
 152        sta = key->sta;
 153
 154        /*
 155         * If this is a per-STA GTK, check if it
 156         * is supported; if not, return.
 157         */
 158        if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) &&
 159            !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK))
 160                goto out_unsupported;
 161
 162        if (sta && !sta->uploaded)
 163                goto out_unsupported;
 164
 165        sdata = key->sdata;
 166        if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
 167                /*
 168                 * The driver doesn't know anything about VLAN interfaces.
 169                 * Hence, don't send GTKs for VLAN interfaces to the driver.
 170                 */
 171                if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE))
 172                        goto out_unsupported;
 173        }
 174
 175        ret = drv_set_key(key->local, SET_KEY, sdata,
 176                          sta ? &sta->sta : NULL, &key->conf);
 177
 178        if (!ret) {
 179                key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
 180
 181                if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
 182                      (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
 183                        decrease_tailroom_need_count(sdata, 1);
 184
 185                WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
 186                        (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV));
 187
 188                return 0;
 189        }
 190
 191        if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1)
 192                sdata_err(sdata,
 193                          "failed to set key (%d, %pM) to hardware (%d)\n",
 194                          key->conf.keyidx,
 195                          sta ? sta->sta.addr : bcast_addr, ret);
 196
 197 out_unsupported:
 198        switch (key->conf.cipher) {
 199        case WLAN_CIPHER_SUITE_WEP40:
 200        case WLAN_CIPHER_SUITE_WEP104:
 201        case WLAN_CIPHER_SUITE_TKIP:
 202        case WLAN_CIPHER_SUITE_CCMP:
 203        case WLAN_CIPHER_SUITE_CCMP_256:
 204        case WLAN_CIPHER_SUITE_AES_CMAC:
 205        case WLAN_CIPHER_SUITE_BIP_CMAC_256:
 206        case WLAN_CIPHER_SUITE_BIP_GMAC_128:
 207        case WLAN_CIPHER_SUITE_BIP_GMAC_256:
 208        case WLAN_CIPHER_SUITE_GCMP:
 209        case WLAN_CIPHER_SUITE_GCMP_256:
 210                /* all of these we can do in software - if driver can */
 211                if (ret == 1)
 212                        return 0;
 213                if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL))
 214                        return -EINVAL;
 215                return 0;
 216        default:
 217                return -EINVAL;
 218        }
 219}
 220
 221static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
 222{
 223        struct ieee80211_sub_if_data *sdata;
 224        struct sta_info *sta;
 225        int ret;
 226
 227        might_sleep();
 228
 229        if (!key || !key->local->ops->set_key)
 230                return;
 231
 232        assert_key_lock(key->local);
 233
 234        if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
 235                return;
 236
 237        sta = key->sta;
 238        sdata = key->sdata;
 239
 240        if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
 241              (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
 242                increment_tailroom_need_count(sdata);
 243
 244        ret = drv_set_key(key->local, DISABLE_KEY, sdata,
 245                          sta ? &sta->sta : NULL, &key->conf);
 246
 247        if (ret)
 248                sdata_err(sdata,
 249                          "failed to remove key (%d, %pM) from hardware (%d)\n",
 250                          key->conf.keyidx,
 251                          sta ? sta->sta.addr : bcast_addr, ret);
 252
 253        key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
 254}
 255
 256static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
 257                                        int idx, bool uni, bool multi)
 258{
 259        struct ieee80211_key *key = NULL;
 260
 261        assert_key_lock(sdata->local);
 262
 263        if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
 264                key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
 265
 266        if (uni) {
 267                rcu_assign_pointer(sdata->default_unicast_key, key);
 268                ieee80211_check_fast_xmit_iface(sdata);
 269                if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN)
 270                        drv_set_default_unicast_key(sdata->local, sdata, idx);
 271        }
 272
 273        if (multi)
 274                rcu_assign_pointer(sdata->default_multicast_key, key);
 275
 276        ieee80211_debugfs_key_update_default(sdata);
 277}
 278
 279void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
 280                               bool uni, bool multi)
 281{
 282        mutex_lock(&sdata->local->key_mtx);
 283        __ieee80211_set_default_key(sdata, idx, uni, multi);
 284        mutex_unlock(&sdata->local->key_mtx);
 285}
 286
 287static void
 288__ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
 289{
 290        struct ieee80211_key *key = NULL;
 291
 292        assert_key_lock(sdata->local);
 293
 294        if (idx >= NUM_DEFAULT_KEYS &&
 295            idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
 296                key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
 297
 298        rcu_assign_pointer(sdata->default_mgmt_key, key);
 299
 300        ieee80211_debugfs_key_update_default(sdata);
 301}
 302
 303void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
 304                                    int idx)
 305{
 306        mutex_lock(&sdata->local->key_mtx);
 307        __ieee80211_set_default_mgmt_key(sdata, idx);
 308        mutex_unlock(&sdata->local->key_mtx);
 309}
 310
 311
 312static void ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
 313                                  struct sta_info *sta,
 314                                  bool pairwise,
 315                                  struct ieee80211_key *old,
 316                                  struct ieee80211_key *new)
 317{
 318        int idx;
 319        bool defunikey, defmultikey, defmgmtkey;
 320
 321        /* caller must provide at least one old/new */
 322        if (WARN_ON(!new && !old))
 323                return;
 324
 325        if (new)
 326                list_add_tail_rcu(&new->list, &sdata->key_list);
 327
 328        WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
 329
 330        if (old)
 331                idx = old->conf.keyidx;
 332        else
 333                idx = new->conf.keyidx;
 334
 335        if (sta) {
 336                if (pairwise) {
 337                        rcu_assign_pointer(sta->ptk[idx], new);
 338                        sta->ptk_idx = idx;
 339                        ieee80211_check_fast_xmit(sta);
 340                } else {
 341                        rcu_assign_pointer(sta->gtk[idx], new);
 342                }
 343                ieee80211_check_fast_rx(sta);
 344        } else {
 345                defunikey = old &&
 346                        old == key_mtx_dereference(sdata->local,
 347                                                sdata->default_unicast_key);
 348                defmultikey = old &&
 349                        old == key_mtx_dereference(sdata->local,
 350                                                sdata->default_multicast_key);
 351                defmgmtkey = old &&
 352                        old == key_mtx_dereference(sdata->local,
 353                                                sdata->default_mgmt_key);
 354
 355                if (defunikey && !new)
 356                        __ieee80211_set_default_key(sdata, -1, true, false);
 357                if (defmultikey && !new)
 358                        __ieee80211_set_default_key(sdata, -1, false, true);
 359                if (defmgmtkey && !new)
 360                        __ieee80211_set_default_mgmt_key(sdata, -1);
 361
 362                rcu_assign_pointer(sdata->keys[idx], new);
 363                if (defunikey && new)
 364                        __ieee80211_set_default_key(sdata, new->conf.keyidx,
 365                                                    true, false);
 366                if (defmultikey && new)
 367                        __ieee80211_set_default_key(sdata, new->conf.keyidx,
 368                                                    false, true);
 369                if (defmgmtkey && new)
 370                        __ieee80211_set_default_mgmt_key(sdata,
 371                                                         new->conf.keyidx);
 372        }
 373
 374        if (old)
 375                list_del_rcu(&old->list);
 376}
 377
 378struct ieee80211_key *
 379ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
 380                    const u8 *key_data,
 381                    size_t seq_len, const u8 *seq,
 382                    const struct ieee80211_cipher_scheme *cs)
 383{
 384        struct ieee80211_key *key;
 385        int i, j, err;
 386
 387        if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS))
 388                return ERR_PTR(-EINVAL);
 389
 390        key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
 391        if (!key)
 392                return ERR_PTR(-ENOMEM);
 393
 394        /*
 395         * Default to software encryption; we'll later upload the
 396         * key to the hardware if possible.
 397         */
 398        key->conf.flags = 0;
 399        key->flags = 0;
 400
 401        key->conf.cipher = cipher;
 402        key->conf.keyidx = idx;
 403        key->conf.keylen = key_len;
 404        switch (cipher) {
 405        case WLAN_CIPHER_SUITE_WEP40:
 406        case WLAN_CIPHER_SUITE_WEP104:
 407                key->conf.iv_len = IEEE80211_WEP_IV_LEN;
 408                key->conf.icv_len = IEEE80211_WEP_ICV_LEN;
 409                break;
 410        case WLAN_CIPHER_SUITE_TKIP:
 411                key->conf.iv_len = IEEE80211_TKIP_IV_LEN;
 412                key->conf.icv_len = IEEE80211_TKIP_ICV_LEN;
 413                if (seq) {
 414                        for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
 415                                key->u.tkip.rx[i].iv32 =
 416                                        get_unaligned_le32(&seq[2]);
 417                                key->u.tkip.rx[i].iv16 =
 418                                        get_unaligned_le16(seq);
 419                        }
 420                }
 421                spin_lock_init(&key->u.tkip.txlock);
 422                break;
 423        case WLAN_CIPHER_SUITE_CCMP:
 424                key->conf.iv_len = IEEE80211_CCMP_HDR_LEN;
 425                key->conf.icv_len = IEEE80211_CCMP_MIC_LEN;
 426                if (seq) {
 427                        for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
 428                                for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++)
 429                                        key->u.ccmp.rx_pn[i][j] =
 430                                                seq[IEEE80211_CCMP_PN_LEN - j - 1];
 431                }
 432                /*
 433                 * Initialize AES key state here as an optimization so that
 434                 * it does not need to be initialized for every packet.
 435                 */
 436                key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
 437                        key_data, key_len, IEEE80211_CCMP_MIC_LEN);
 438                if (IS_ERR(key->u.ccmp.tfm)) {
 439                        err = PTR_ERR(key->u.ccmp.tfm);
 440                        kfree(key);
 441                        return ERR_PTR(err);
 442                }
 443                break;
 444        case WLAN_CIPHER_SUITE_CCMP_256:
 445                key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN;
 446                key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN;
 447                for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
 448                        for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++)
 449                                key->u.ccmp.rx_pn[i][j] =
 450                                        seq[IEEE80211_CCMP_256_PN_LEN - j - 1];
 451                /* Initialize AES key state here as an optimization so that
 452                 * it does not need to be initialized for every packet.
 453                 */
 454                key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
 455                        key_data, key_len, IEEE80211_CCMP_256_MIC_LEN);
 456                if (IS_ERR(key->u.ccmp.tfm)) {
 457                        err = PTR_ERR(key->u.ccmp.tfm);
 458                        kfree(key);
 459                        return ERR_PTR(err);
 460                }
 461                break;
 462        case WLAN_CIPHER_SUITE_AES_CMAC:
 463        case WLAN_CIPHER_SUITE_BIP_CMAC_256:
 464                key->conf.iv_len = 0;
 465                if (cipher == WLAN_CIPHER_SUITE_AES_CMAC)
 466                        key->conf.icv_len = sizeof(struct ieee80211_mmie);
 467                else
 468                        key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
 469                if (seq)
 470                        for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
 471                                key->u.aes_cmac.rx_pn[j] =
 472                                        seq[IEEE80211_CMAC_PN_LEN - j - 1];
 473                /*
 474                 * Initialize AES key state here as an optimization so that
 475                 * it does not need to be initialized for every packet.
 476                 */
 477                key->u.aes_cmac.tfm =
 478                        ieee80211_aes_cmac_key_setup(key_data, key_len);
 479                if (IS_ERR(key->u.aes_cmac.tfm)) {
 480                        err = PTR_ERR(key->u.aes_cmac.tfm);
 481                        kfree(key);
 482                        return ERR_PTR(err);
 483                }
 484                break;
 485        case WLAN_CIPHER_SUITE_BIP_GMAC_128:
 486        case WLAN_CIPHER_SUITE_BIP_GMAC_256:
 487                key->conf.iv_len = 0;
 488                key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
 489                if (seq)
 490                        for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++)
 491                                key->u.aes_gmac.rx_pn[j] =
 492                                        seq[IEEE80211_GMAC_PN_LEN - j - 1];
 493                /* Initialize AES key state here as an optimization so that
 494                 * it does not need to be initialized for every packet.
 495                 */
 496                key->u.aes_gmac.tfm =
 497                        ieee80211_aes_gmac_key_setup(key_data, key_len);
 498                if (IS_ERR(key->u.aes_gmac.tfm)) {
 499                        err = PTR_ERR(key->u.aes_gmac.tfm);
 500                        kfree(key);
 501                        return ERR_PTR(err);
 502                }
 503                break;
 504        case WLAN_CIPHER_SUITE_GCMP:
 505        case WLAN_CIPHER_SUITE_GCMP_256:
 506                key->conf.iv_len = IEEE80211_GCMP_HDR_LEN;
 507                key->conf.icv_len = IEEE80211_GCMP_MIC_LEN;
 508                for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
 509                        for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++)
 510                                key->u.gcmp.rx_pn[i][j] =
 511                                        seq[IEEE80211_GCMP_PN_LEN - j - 1];
 512                /* Initialize AES key state here as an optimization so that
 513                 * it does not need to be initialized for every packet.
 514                 */
 515                key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data,
 516                                                                      key_len);
 517                if (IS_ERR(key->u.gcmp.tfm)) {
 518                        err = PTR_ERR(key->u.gcmp.tfm);
 519                        kfree(key);
 520                        return ERR_PTR(err);
 521                }
 522                break;
 523        default:
 524                if (cs) {
 525                        if (seq_len && seq_len != cs->pn_len) {
 526                                kfree(key);
 527                                return ERR_PTR(-EINVAL);
 528                        }
 529
 530                        key->conf.iv_len = cs->hdr_len;
 531                        key->conf.icv_len = cs->mic_len;
 532                        for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
 533                                for (j = 0; j < seq_len; j++)
 534                                        key->u.gen.rx_pn[i][j] =
 535                                                        seq[seq_len - j - 1];
 536                        key->flags |= KEY_FLAG_CIPHER_SCHEME;
 537                }
 538        }
 539        memcpy(key->conf.key, key_data, key_len);
 540        INIT_LIST_HEAD(&key->list);
 541
 542        return key;
 543}
 544
 545static void ieee80211_key_free_common(struct ieee80211_key *key)
 546{
 547        switch (key->conf.cipher) {
 548        case WLAN_CIPHER_SUITE_CCMP:
 549        case WLAN_CIPHER_SUITE_CCMP_256:
 550                ieee80211_aes_key_free(key->u.ccmp.tfm);
 551                break;
 552        case WLAN_CIPHER_SUITE_AES_CMAC:
 553        case WLAN_CIPHER_SUITE_BIP_CMAC_256:
 554                ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
 555                break;
 556        case WLAN_CIPHER_SUITE_BIP_GMAC_128:
 557        case WLAN_CIPHER_SUITE_BIP_GMAC_256:
 558                ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm);
 559                break;
 560        case WLAN_CIPHER_SUITE_GCMP:
 561        case WLAN_CIPHER_SUITE_GCMP_256:
 562                ieee80211_aes_gcm_key_free(key->u.gcmp.tfm);
 563                break;
 564        }
 565        kzfree(key);
 566}
 567
 568static void __ieee80211_key_destroy(struct ieee80211_key *key,
 569                                    bool delay_tailroom)
 570{
 571        if (key->local)
 572                ieee80211_key_disable_hw_accel(key);
 573
 574        if (key->local) {
 575                struct ieee80211_sub_if_data *sdata = key->sdata;
 576
 577                ieee80211_debugfs_key_remove(key);
 578
 579                if (delay_tailroom) {
 580                        /* see ieee80211_delayed_tailroom_dec */
 581                        sdata->crypto_tx_tailroom_pending_dec++;
 582                        schedule_delayed_work(&sdata->dec_tailroom_needed_wk,
 583                                              HZ/2);
 584                } else {
 585                        decrease_tailroom_need_count(sdata, 1);
 586                }
 587        }
 588
 589        ieee80211_key_free_common(key);
 590}
 591
 592static void ieee80211_key_destroy(struct ieee80211_key *key,
 593                                  bool delay_tailroom)
 594{
 595        if (!key)
 596                return;
 597
 598        /*
 599         * Synchronize so the TX path and rcu key iterators
 600         * can no longer be using this key before we free/remove it.
 601         */
 602        synchronize_net();
 603
 604        __ieee80211_key_destroy(key, delay_tailroom);
 605}
 606
 607void ieee80211_key_free_unused(struct ieee80211_key *key)
 608{
 609        WARN_ON(key->sdata || key->local);
 610        ieee80211_key_free_common(key);
 611}
 612
 613static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata,
 614                                    struct ieee80211_key *old,
 615                                    struct ieee80211_key *new)
 616{
 617        u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP];
 618        u8 *tk_old, *tk_new;
 619
 620        if (!old || new->conf.keylen != old->conf.keylen)
 621                return false;
 622
 623        tk_old = old->conf.key;
 624        tk_new = new->conf.key;
 625
 626        /*
 627         * In station mode, don't compare the TX MIC key, as it's never used
 628         * and offloaded rekeying may not care to send it to the host. This
 629         * is the case in iwlwifi, for example.
 630         */
 631        if (sdata->vif.type == NL80211_IFTYPE_STATION &&
 632            new->conf.cipher == WLAN_CIPHER_SUITE_TKIP &&
 633            new->conf.keylen == WLAN_KEY_LEN_TKIP &&
 634            !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
 635                memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP);
 636                memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP);
 637                memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
 638                memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
 639                tk_old = tkip_old;
 640                tk_new = tkip_new;
 641        }
 642
 643        return !crypto_memneq(tk_old, tk_new, new->conf.keylen);
 644}
 645
 646int ieee80211_key_link(struct ieee80211_key *key,
 647                       struct ieee80211_sub_if_data *sdata,
 648                       struct sta_info *sta)
 649{
 650        struct ieee80211_local *local = sdata->local;
 651        struct ieee80211_key *old_key;
 652        int idx, ret;
 653        bool pairwise;
 654
 655        pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
 656        idx = key->conf.keyidx;
 657
 658        mutex_lock(&sdata->local->key_mtx);
 659
 660        if (sta && pairwise)
 661                old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]);
 662        else if (sta)
 663                old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]);
 664        else
 665                old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
 666
 667        /*
 668         * Silently accept key re-installation without really installing the
 669         * new version of the key to avoid nonce reuse or replay issues.
 670         */
 671        if (ieee80211_key_identical(sdata, old_key, key)) {
 672                ieee80211_key_free_unused(key);
 673                ret = 0;
 674                goto out;
 675        }
 676
 677        key->local = sdata->local;
 678        key->sdata = sdata;
 679        key->sta = sta;
 680
 681        increment_tailroom_need_count(sdata);
 682
 683        ieee80211_key_replace(sdata, sta, pairwise, old_key, key);
 684        ieee80211_key_destroy(old_key, true);
 685
 686        ieee80211_debugfs_key_add(key);
 687
 688        if (!local->wowlan) {
 689                ret = ieee80211_key_enable_hw_accel(key);
 690                if (ret)
 691                        ieee80211_key_free(key, true);
 692        } else {
 693                ret = 0;
 694        }
 695
 696 out:
 697        mutex_unlock(&sdata->local->key_mtx);
 698
 699        return ret;
 700}
 701
 702void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom)
 703{
 704        if (!key)
 705                return;
 706
 707        /*
 708         * Replace key with nothingness if it was ever used.
 709         */
 710        if (key->sdata)
 711                ieee80211_key_replace(key->sdata, key->sta,
 712                                key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
 713                                key, NULL);
 714        ieee80211_key_destroy(key, delay_tailroom);
 715}
 716
 717void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata)
 718{
 719        struct ieee80211_key *key;
 720        struct ieee80211_sub_if_data *vlan;
 721
 722        ASSERT_RTNL();
 723
 724        if (WARN_ON(!ieee80211_sdata_running(sdata)))
 725                return;
 726
 727        mutex_lock(&sdata->local->key_mtx);
 728
 729        WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
 730                     sdata->crypto_tx_tailroom_pending_dec);
 731
 732        if (sdata->vif.type == NL80211_IFTYPE_AP) {
 733                list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
 734                        WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
 735                                     vlan->crypto_tx_tailroom_pending_dec);
 736        }
 737
 738        list_for_each_entry(key, &sdata->key_list, list) {
 739                increment_tailroom_need_count(sdata);
 740                ieee80211_key_enable_hw_accel(key);
 741        }
 742
 743        mutex_unlock(&sdata->local->key_mtx);
 744}
 745
 746void ieee80211_reset_crypto_tx_tailroom(struct ieee80211_sub_if_data *sdata)
 747{
 748        struct ieee80211_sub_if_data *vlan;
 749
 750        mutex_lock(&sdata->local->key_mtx);
 751
 752        sdata->crypto_tx_tailroom_needed_cnt = 0;
 753
 754        if (sdata->vif.type == NL80211_IFTYPE_AP) {
 755                list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
 756                        vlan->crypto_tx_tailroom_needed_cnt = 0;
 757        }
 758
 759        mutex_unlock(&sdata->local->key_mtx);
 760}
 761
 762void ieee80211_iter_keys(struct ieee80211_hw *hw,
 763                         struct ieee80211_vif *vif,
 764                         void (*iter)(struct ieee80211_hw *hw,
 765                                      struct ieee80211_vif *vif,
 766                                      struct ieee80211_sta *sta,
 767                                      struct ieee80211_key_conf *key,
 768                                      void *data),
 769                         void *iter_data)
 770{
 771        struct ieee80211_local *local = hw_to_local(hw);
 772        struct ieee80211_key *key, *tmp;
 773        struct ieee80211_sub_if_data *sdata;
 774
 775        ASSERT_RTNL();
 776
 777        mutex_lock(&local->key_mtx);
 778        if (vif) {
 779                sdata = vif_to_sdata(vif);
 780                list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
 781                        iter(hw, &sdata->vif,
 782                             key->sta ? &key->sta->sta : NULL,
 783                             &key->conf, iter_data);
 784        } else {
 785                list_for_each_entry(sdata, &local->interfaces, list)
 786                        list_for_each_entry_safe(key, tmp,
 787                                                 &sdata->key_list, list)
 788                                iter(hw, &sdata->vif,
 789                                     key->sta ? &key->sta->sta : NULL,
 790                                     &key->conf, iter_data);
 791        }
 792        mutex_unlock(&local->key_mtx);
 793}
 794EXPORT_SYMBOL(ieee80211_iter_keys);
 795
 796static void
 797_ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
 798                         struct ieee80211_sub_if_data *sdata,
 799                         void (*iter)(struct ieee80211_hw *hw,
 800                                      struct ieee80211_vif *vif,
 801                                      struct ieee80211_sta *sta,
 802                                      struct ieee80211_key_conf *key,
 803                                      void *data),
 804                         void *iter_data)
 805{
 806        struct ieee80211_key *key;
 807
 808        list_for_each_entry_rcu(key, &sdata->key_list, list) {
 809                /* skip keys of station in removal process */
 810                if (key->sta && key->sta->removed)
 811                        continue;
 812                if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
 813                        continue;
 814
 815                iter(hw, &sdata->vif,
 816                     key->sta ? &key->sta->sta : NULL,
 817                     &key->conf, iter_data);
 818        }
 819}
 820
 821void ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
 822                             struct ieee80211_vif *vif,
 823                             void (*iter)(struct ieee80211_hw *hw,
 824                                          struct ieee80211_vif *vif,
 825                                          struct ieee80211_sta *sta,
 826                                          struct ieee80211_key_conf *key,
 827                                          void *data),
 828                             void *iter_data)
 829{
 830        struct ieee80211_local *local = hw_to_local(hw);
 831        struct ieee80211_sub_if_data *sdata;
 832
 833        if (vif) {
 834                sdata = vif_to_sdata(vif);
 835                _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
 836        } else {
 837                list_for_each_entry_rcu(sdata, &local->interfaces, list)
 838                        _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
 839        }
 840}
 841EXPORT_SYMBOL(ieee80211_iter_keys_rcu);
 842
 843static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata,
 844                                      struct list_head *keys)
 845{
 846        struct ieee80211_key *key, *tmp;
 847
 848        decrease_tailroom_need_count(sdata,
 849                                     sdata->crypto_tx_tailroom_pending_dec);
 850        sdata->crypto_tx_tailroom_pending_dec = 0;
 851
 852        ieee80211_debugfs_key_remove_mgmt_default(sdata);
 853
 854        list_for_each_entry_safe(key, tmp, &sdata->key_list, list) {
 855                ieee80211_key_replace(key->sdata, key->sta,
 856                                key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
 857                                key, NULL);
 858                list_add_tail(&key->list, keys);
 859        }
 860
 861        ieee80211_debugfs_key_update_default(sdata);
 862}
 863
 864void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata,
 865                         bool force_synchronize)
 866{
 867        struct ieee80211_local *local = sdata->local;
 868        struct ieee80211_sub_if_data *vlan;
 869        struct ieee80211_sub_if_data *master;
 870        struct ieee80211_key *key, *tmp;
 871        LIST_HEAD(keys);
 872
 873        cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk);
 874
 875        mutex_lock(&local->key_mtx);
 876
 877        ieee80211_free_keys_iface(sdata, &keys);
 878
 879        if (sdata->vif.type == NL80211_IFTYPE_AP) {
 880                list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
 881                        ieee80211_free_keys_iface(vlan, &keys);
 882        }
 883
 884        if (!list_empty(&keys) || force_synchronize)
 885                synchronize_net();
 886        list_for_each_entry_safe(key, tmp, &keys, list)
 887                __ieee80211_key_destroy(key, false);
 888
 889        if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
 890                if (sdata->bss) {
 891                        master = container_of(sdata->bss,
 892                                              struct ieee80211_sub_if_data,
 893                                              u.ap);
 894
 895                        WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt !=
 896                                     master->crypto_tx_tailroom_needed_cnt);
 897                }
 898        } else {
 899                WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
 900                             sdata->crypto_tx_tailroom_pending_dec);
 901        }
 902
 903        if (sdata->vif.type == NL80211_IFTYPE_AP) {
 904                list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
 905                        WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
 906                                     vlan->crypto_tx_tailroom_pending_dec);
 907        }
 908
 909        mutex_unlock(&local->key_mtx);
 910}
 911
 912void ieee80211_free_sta_keys(struct ieee80211_local *local,
 913                             struct sta_info *sta)
 914{
 915        struct ieee80211_key *key;
 916        int i;
 917
 918        mutex_lock(&local->key_mtx);
 919        for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) {
 920                key = key_mtx_dereference(local, sta->gtk[i]);
 921                if (!key)
 922                        continue;
 923                ieee80211_key_replace(key->sdata, key->sta,
 924                                key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
 925                                key, NULL);
 926                __ieee80211_key_destroy(key, true);
 927        }
 928
 929        for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
 930                key = key_mtx_dereference(local, sta->ptk[i]);
 931                if (!key)
 932                        continue;
 933                ieee80211_key_replace(key->sdata, key->sta,
 934                                key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
 935                                key, NULL);
 936                __ieee80211_key_destroy(key, true);
 937        }
 938
 939        mutex_unlock(&local->key_mtx);
 940}
 941
 942void ieee80211_delayed_tailroom_dec(struct work_struct *wk)
 943{
 944        struct ieee80211_sub_if_data *sdata;
 945
 946        sdata = container_of(wk, struct ieee80211_sub_if_data,
 947                             dec_tailroom_needed_wk.work);
 948
 949        /*
 950         * The reason for the delayed tailroom needed decrementing is to
 951         * make roaming faster: during roaming, all keys are first deleted
 952         * and then new keys are installed. The first new key causes the
 953         * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes
 954         * the cost of synchronize_net() (which can be slow). Avoid this
 955         * by deferring the crypto_tx_tailroom_needed_cnt decrementing on
 956         * key removal for a while, so if we roam the value is larger than
 957         * zero and no 0->1 transition happens.
 958         *
 959         * The cost is that if the AP switching was from an AP with keys
 960         * to one without, we still allocate tailroom while it would no
 961         * longer be needed. However, in the typical (fast) roaming case
 962         * within an ESS this usually won't happen.
 963         */
 964
 965        mutex_lock(&sdata->local->key_mtx);
 966        decrease_tailroom_need_count(sdata,
 967                                     sdata->crypto_tx_tailroom_pending_dec);
 968        sdata->crypto_tx_tailroom_pending_dec = 0;
 969        mutex_unlock(&sdata->local->key_mtx);
 970}
 971
 972void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid,
 973                                const u8 *replay_ctr, gfp_t gfp)
 974{
 975        struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
 976
 977        trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr);
 978
 979        cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp);
 980}
 981EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify);
 982
 983void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
 984                              int tid, struct ieee80211_key_seq *seq)
 985{
 986        struct ieee80211_key *key;
 987        const u8 *pn;
 988
 989        key = container_of(keyconf, struct ieee80211_key, conf);
 990
 991        switch (key->conf.cipher) {
 992        case WLAN_CIPHER_SUITE_TKIP:
 993                if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
 994                        return;
 995                seq->tkip.iv32 = key->u.tkip.rx[tid].iv32;
 996                seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
 997                break;
 998        case WLAN_CIPHER_SUITE_CCMP:
 999        case WLAN_CIPHER_SUITE_CCMP_256:
1000                if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))

1001                        return;
1002                if (tid < 0)
1003                        pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1004                else
1005                        pn = key->u.ccmp.rx_pn[tid];
1006                memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
1007                break;
1008        case WLAN_CIPHER_SUITE_AES_CMAC:
1009        case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1010                if (WARN_ON(tid != 0))
1011                        return;
1012                pn = key->u.aes_cmac.rx_pn;
1013                memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
1014                break;
1015        case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1016        case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1017                if (WARN_ON(tid != 0))
1018                        return;
1019                pn = key->u.aes_gmac.rx_pn;
1020                memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN);
1021                break;
1022        case WLAN_CIPHER_SUITE_GCMP:
1023        case WLAN_CIPHER_SUITE_GCMP_256:
1024                if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1025                        return;
1026                if (tid < 0)
1027                        pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1028                else
1029                        pn = key->u.gcmp.rx_pn[tid];
1030                memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN);
1031                break;
1032        }
1033}
1034EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
1035
1036void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
1037                              int tid, struct ieee80211_key_seq *seq)
1038{
1039        struct ieee80211_key *key;
1040        u8 *pn;
1041
1042        key = container_of(keyconf, struct ieee80211_key, conf);
1043
1044        switch (key->conf.cipher) {
1045        case WLAN_CIPHER_SUITE_TKIP:
1046                if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1047                        return;
1048                key->u.tkip.rx[tid].iv32 = seq->tkip.iv32;
1049                key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
1050                break;
1051        case WLAN_CIPHER_SUITE_CCMP:
1052        case WLAN_CIPHER_SUITE_CCMP_256:
1053                if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1054                        return;
1055                if (tid < 0)
1056                        pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1057                else
1058                        pn = key->u.ccmp.rx_pn[tid];
1059                memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
1060                break;
1061        case WLAN_CIPHER_SUITE_AES_CMAC:
1062        case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1063                if (WARN_ON(tid != 0))
1064                        return;
1065                pn = key->u.aes_cmac.rx_pn;
1066                memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
1067                break;
1068        case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1069        case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1070                if (WARN_ON(tid != 0))
1071                        return;
1072                pn = key->u.aes_gmac.rx_pn;
1073                memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN);
1074                break;
1075        case WLAN_CIPHER_SUITE_GCMP:
1076        case WLAN_CIPHER_SUITE_GCMP_256:
1077                if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1078                        return;
1079                if (tid < 0)
1080                        pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1081                else
1082                        pn = key->u.gcmp.rx_pn[tid];
1083                memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN);
1084                break;
1085        default:
1086                WARN_ON(1);
1087                break;
1088        }
1089}
1090EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq);
1091
1092void ieee80211_remove_key(struct ieee80211_key_conf *keyconf)
1093{
1094        struct ieee80211_key *key;
1095
1096        key = container_of(keyconf, struct ieee80211_key, conf);
1097
1098        assert_key_lock(key->local);
1099
1100        /*
1101         * if key was uploaded, we assume the driver will/has remove(d)
1102         * it, so adjust bookkeeping accordingly
1103         */
1104        if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
1105                key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
1106
1107                if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
1108                      (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
1109                        increment_tailroom_need_count(key->sdata);
1110        }
1111
1112        ieee80211_key_free(key, false);
1113}
1114EXPORT_SYMBOL_GPL(ieee80211_remove_key);
1115
1116struct ieee80211_key_conf *
1117ieee80211_gtk_rekey_add(struct ieee80211_vif *vif,
1118                        struct ieee80211_key_conf *keyconf)
1119{
1120        struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1121        struct ieee80211_local *local = sdata->local;
1122        struct ieee80211_key *key;
1123        int err;
1124
1125        if (WARN_ON(!local->wowlan))
1126                return ERR_PTR(-EINVAL);
1127
1128        if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
1129                return ERR_PTR(-EINVAL);
1130
1131        key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx,
1132                                  keyconf->keylen, keyconf->key,
1133                                  0, NULL, NULL);
1134        if (IS_ERR(key))
1135                return ERR_CAST(key);
1136
1137        if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
1138                key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
1139
1140        err = ieee80211_key_link(key, sdata, NULL);
1141        if (err)
1142                return ERR_PTR(err);
1143
1144        return &key->conf;
1145}
1146EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add);
1147