LXR linux/net/mac80211/key.c

   1// SPDX-License-Identifier: GPL-2.0-only
   2/*
   3 * Copyright 2002-2005, Instant802 Networks, Inc.
   4 * Copyright 2005-2006, Devicescape Software, Inc.
   5 * Copyright 2006-2007  Jiri Benc <jbenc@suse.cz>
   6 * Copyright 2007-2008  Johannes Berg <johannes@sipsolutions.net>
   7 * Copyright 2013-2014  Intel Mobile Communications GmbH
   8 * Copyright 2015-2017  Intel Deutschland GmbH
   9 * Copyright 2018-2020  Intel Corporation
  10 */
  11
  12#include <linux/if_ether.h>
  13#include <linux/etherdevice.h>
  14#include <linux/list.h>
  15#include <linux/rcupdate.h>
  16#include <linux/rtnetlink.h>
  17#include <linux/slab.h>
  18#include <linux/export.h>
  19#include <net/mac80211.h>
  20#include <crypto/algapi.h>
  21#include <asm/unaligned.h>
  22#include "ieee80211_i.h"
  23#include "driver-ops.h"
  24#include "debugfs_key.h"
  25#include "aes_ccm.h"
  26#include "aes_cmac.h"
  27#include "aes_gmac.h"
  28#include "aes_gcm.h"
  29
  30
  31/**
  32 * DOC: Key handling basics
  33 *
  34 * Key handling in mac80211 is done based on per-interface (sub_if_data)
  35 * keys and per-station keys. Since each station belongs to an interface,
  36 * each station key also belongs to that interface.
  37 *
  38 * Hardware acceleration is done on a best-effort basis for algorithms
  39 * that are implemented in software,  for each key the hardware is asked
  40 * to enable that key for offloading but if it cannot do that the key is
  41 * simply kept for software encryption (unless it is for an algorithm
  42 * that isn't implemented in software).
  43 * There is currently no way of knowing whether a key is handled in SW
  44 * or HW except by looking into debugfs.
  45 *
  46 * All key management is internally protected by a mutex. Within all
  47 * other parts of mac80211, key references are, just as STA structure
  48 * references, protected by RCU. Note, however, that some things are
  49 * unprotected, namely the key->sta dereferences within the hardware
  50 * acceleration functions. This means that sta_info_destroy() must
  51 * remove the key which waits for an RCU grace period.
  52 */
  53
  54static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
  55
  56static void assert_key_lock(struct ieee80211_local *local)
  57{
  58        lockdep_assert_held(&local->key_mtx);
  59}
  60
  61static void
  62update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta)
  63{
  64        struct ieee80211_sub_if_data *vlan;
  65
  66        if (sdata->vif.type != NL80211_IFTYPE_AP)
  67                return;
  68
  69        /* crypto_tx_tailroom_needed_cnt is protected by this */
  70        assert_key_lock(sdata->local);
  71
  72        rcu_read_lock();
  73
  74        list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list)
  75                vlan->crypto_tx_tailroom_needed_cnt += delta;
  76
  77        rcu_read_unlock();
  78}
  79
  80static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
  81{
  82        /*
  83         * When this count is zero, SKB resizing for allocating tailroom
  84         * for IV or MMIC is skipped. But, this check has created two race
  85         * cases in xmit path while transiting from zero count to one:
  86         *
  87         * 1. SKB resize was skipped because no key was added but just before
  88         * the xmit key is added and SW encryption kicks off.
  89         *
  90         * 2. SKB resize was skipped because all the keys were hw planted but
  91         * just before xmit one of the key is deleted and SW encryption kicks
  92         * off.
  93         *
  94         * In both the above case SW encryption will find not enough space for
  95         * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
  96         *
  97         * Solution has been explained at
  98         * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
  99         */
 100
 101        assert_key_lock(sdata->local);
 102
 103        update_vlan_tailroom_need_count(sdata, 1);
 104
 105        if (!sdata->crypto_tx_tailroom_needed_cnt++) {
 106                /*
 107                 * Flush all XMIT packets currently using HW encryption or no
 108                 * encryption at all if the count transition is from 0 -> 1.
 109                 */
 110                synchronize_net();
 111        }
 112}
 113
 114static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata,
 115                                         int delta)
 116{
 117        assert_key_lock(sdata->local);
 118
 119        WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta);
 120
 121        update_vlan_tailroom_need_count(sdata, -delta);
 122        sdata->crypto_tx_tailroom_needed_cnt -= delta;
 123}
 124
 125static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
 126{
 127        struct ieee80211_sub_if_data *sdata = key->sdata;
 128        struct sta_info *sta;
 129        int ret = -EOPNOTSUPP;
 130
 131        might_sleep();
 132
 133        if (key->flags & KEY_FLAG_TAINTED) {
 134                /* If we get here, it's during resume and the key is
 135                 * tainted so shouldn't be used/programmed any more.
 136                 * However, its flags may still indicate that it was
 137                 * programmed into the device (since we're in resume)
 138                 * so clear that flag now to avoid trying to remove
 139                 * it again later.
 140                 */
 141                if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE &&
 142                    !(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
 143                                         IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
 144                                         IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
 145                        increment_tailroom_need_count(sdata);
 146
 147                key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
 148                return -EINVAL;
 149        }
 150
 151        if (!key->local->ops->set_key)
 152                goto out_unsupported;
 153
 154        assert_key_lock(key->local);
 155
 156        sta = key->sta;
 157
 158        /*
 159         * If this is a per-STA GTK, check if it
 160         * is supported; if not, return.
 161         */
 162        if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) &&
 163            !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK))
 164                goto out_unsupported;
 165
 166        if (sta && !sta->uploaded)
 167                goto out_unsupported;
 168
 169        if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
 170                /*
 171                 * The driver doesn't know anything about VLAN interfaces.
 172                 * Hence, don't send GTKs for VLAN interfaces to the driver.
 173                 */
 174                if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
 175                        ret = 1;
 176                        goto out_unsupported;
 177                }
 178        }
 179
 180        ret = drv_set_key(key->local, SET_KEY, sdata,
 181                          sta ? &sta->sta : NULL, &key->conf);
 182
 183        if (!ret) {
 184                key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
 185
 186                if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
 187                                         IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
 188                                         IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
 189                        decrease_tailroom_need_count(sdata, 1);
 190
 191                WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
 192                        (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV));
 193
 194                WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_MIC_SPACE) &&
 195                        (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC));
 196
 197                return 0;
 198        }
 199
 200        if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1)
 201                sdata_err(sdata,
 202                          "failed to set key (%d, %pM) to hardware (%d)\n",
 203                          key->conf.keyidx,
 204                          sta ? sta->sta.addr : bcast_addr, ret);
 205
 206 out_unsupported:
 207        switch (key->conf.cipher) {
 208        case WLAN_CIPHER_SUITE_WEP40:
 209        case WLAN_CIPHER_SUITE_WEP104:
 210        case WLAN_CIPHER_SUITE_TKIP:
 211        case WLAN_CIPHER_SUITE_CCMP:
 212        case WLAN_CIPHER_SUITE_CCMP_256:
 213        case WLAN_CIPHER_SUITE_GCMP:
 214        case WLAN_CIPHER_SUITE_GCMP_256:
 215        case WLAN_CIPHER_SUITE_AES_CMAC:
 216        case WLAN_CIPHER_SUITE_BIP_CMAC_256:
 217        case WLAN_CIPHER_SUITE_BIP_GMAC_128:
 218        case WLAN_CIPHER_SUITE_BIP_GMAC_256:
 219                /* all of these we can do in software - if driver can */
 220                if (ret == 1)
 221                        return 0;
 222                if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL))
 223                        return -EINVAL;
 224                return 0;
 225        default:
 226                return -EINVAL;
 227        }
 228}
 229
 230static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
 231{
 232        struct ieee80211_sub_if_data *sdata;
 233        struct sta_info *sta;
 234        int ret;
 235
 236        might_sleep();
 237
 238        if (!key || !key->local->ops->set_key)
 239                return;
 240
 241        assert_key_lock(key->local);
 242
 243        if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
 244                return;
 245
 246        sta = key->sta;
 247        sdata = key->sdata;
 248
 249        if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
 250                                 IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
 251                                 IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
 252                increment_tailroom_need_count(sdata);
 253
 254        key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
 255        ret = drv_set_key(key->local, DISABLE_KEY, sdata,
 256                          sta ? &sta->sta : NULL, &key->conf);
 257
 258        if (ret)
 259                sdata_err(sdata,
 260                          "failed to remove key (%d, %pM) from hardware (%d)\n",
 261                          key->conf.keyidx,
 262                          sta ? sta->sta.addr : bcast_addr, ret);
 263}
 264
 265static int _ieee80211_set_tx_key(struct ieee80211_key *key, bool force)
 266{
 267        struct sta_info *sta = key->sta;
 268        struct ieee80211_local *local = key->local;
 269
 270        assert_key_lock(local);
 271
 272        set_sta_flag(sta, WLAN_STA_USES_ENCRYPTION);
 273
 274        sta->ptk_idx = key->conf.keyidx;
 275
 276        if (force || !ieee80211_hw_check(&local->hw, AMPDU_KEYBORDER_SUPPORT))
 277                clear_sta_flag(sta, WLAN_STA_BLOCK_BA);
 278        ieee80211_check_fast_xmit(sta);
 279
 280        return 0;
 281}
 282
 283int ieee80211_set_tx_key(struct ieee80211_key *key)
 284{
 285        return _ieee80211_set_tx_key(key, false);
 286}
 287
 288static void ieee80211_pairwise_rekey(struct ieee80211_key *old,
 289                                     struct ieee80211_key *new)
 290{
 291        struct ieee80211_local *local = new->local;
 292        struct sta_info *sta = new->sta;
 293        int i;
 294
 295        assert_key_lock(local);
 296
 297        if (new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX) {
 298                /* Extended Key ID key install, initial one or rekey */
 299
 300                if (sta->ptk_idx != INVALID_PTK_KEYIDX &&
 301                    !ieee80211_hw_check(&local->hw, AMPDU_KEYBORDER_SUPPORT)) {
 302                        /* Aggregation Sessions with Extended Key ID must not
 303                         * mix MPDUs with different keyIDs within one A-MPDU.
 304                         * Tear down running Tx aggregation sessions and block
 305                         * new Rx/Tx aggregation requests during rekey to
 306                         * ensure there are no A-MPDUs when the driver is not
 307                         * supporting A-MPDU key borders. (Blocking Tx only
 308                         * would be sufficient but WLAN_STA_BLOCK_BA gets the
 309                         * job done for the few ms we need it.)
 310                         */
 311                        set_sta_flag(sta, WLAN_STA_BLOCK_BA);
 312                        mutex_lock(&sta->ampdu_mlme.mtx);
 313                        for (i = 0; i <  IEEE80211_NUM_TIDS; i++)
 314                                ___ieee80211_stop_tx_ba_session(sta, i,
 315                                                                AGG_STOP_LOCAL_REQUEST);
 316                        mutex_unlock(&sta->ampdu_mlme.mtx);
 317                }
 318        } else if (old) {
 319                /* Rekey without Extended Key ID.
 320                 * Aggregation sessions are OK when running on SW crypto.
 321                 * A broken remote STA may cause issues not observed with HW
 322                 * crypto, though.
 323                 */
 324                if (!(old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
 325                        return;
 326
 327                /* Stop Tx till we are on the new key */
 328                old->flags |= KEY_FLAG_TAINTED;
 329                ieee80211_clear_fast_xmit(sta);
 330                if (ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION)) {
 331                        set_sta_flag(sta, WLAN_STA_BLOCK_BA);
 332                        ieee80211_sta_tear_down_BA_sessions(sta,
 333                                                            AGG_STOP_LOCAL_REQUEST);
 334                }
 335                if (!wiphy_ext_feature_isset(local->hw.wiphy,
 336                                             NL80211_EXT_FEATURE_CAN_REPLACE_PTK0)) {
 337                        pr_warn_ratelimited("Rekeying PTK for STA %pM but driver can't safely do that.",
 338                                            sta->sta.addr);
 339                        /* Flushing the driver queues *may* help prevent
 340                         * the clear text leaks and freezes.
 341                         */
 342                        ieee80211_flush_queues(local, old->sdata, false);
 343                }
 344        }
 345}
 346
 347static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
 348                                        int idx, bool uni, bool multi)
 349{
 350        struct ieee80211_key *key = NULL;
 351
 352        assert_key_lock(sdata->local);
 353
 354        if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
 355                key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
 356
 357        if (uni) {
 358                rcu_assign_pointer(sdata->default_unicast_key, key);
 359                ieee80211_check_fast_xmit_iface(sdata);
 360                if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN)
 361                        drv_set_default_unicast_key(sdata->local, sdata, idx);
 362        }
 363
 364        if (multi)
 365                rcu_assign_pointer(sdata->default_multicast_key, key);
 366
 367        ieee80211_debugfs_key_update_default(sdata);
 368}
 369
 370void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
 371                               bool uni, bool multi)
 372{
 373        mutex_lock(&sdata->local->key_mtx);
 374        __ieee80211_set_default_key(sdata, idx, uni, multi);
 375        mutex_unlock(&sdata->local->key_mtx);
 376}
 377
 378static void
 379__ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
 380{
 381        struct ieee80211_key *key = NULL;
 382
 383        assert_key_lock(sdata->local);
 384
 385        if (idx >= NUM_DEFAULT_KEYS &&
 386            idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
 387                key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
 388
 389        rcu_assign_pointer(sdata->default_mgmt_key, key);
 390
 391        ieee80211_debugfs_key_update_default(sdata);
 392}
 393
 394void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
 395                                    int idx)
 396{
 397        mutex_lock(&sdata->local->key_mtx);
 398        __ieee80211_set_default_mgmt_key(sdata, idx);
 399        mutex_unlock(&sdata->local->key_mtx);
 400}
 401
 402static void
 403__ieee80211_set_default_beacon_key(struct ieee80211_sub_if_data *sdata, int idx)
 404{
 405        struct ieee80211_key *key = NULL;
 406
 407        assert_key_lock(sdata->local);
 408
 409        if (idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS &&
 410            idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS +
 411            NUM_DEFAULT_BEACON_KEYS)
 412                key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
 413
 414        rcu_assign_pointer(sdata->default_beacon_key, key);
 415
 416        ieee80211_debugfs_key_update_default(sdata);
 417}
 418
 419void ieee80211_set_default_beacon_key(struct ieee80211_sub_if_data *sdata,
 420                                      int idx)
 421{
 422        mutex_lock(&sdata->local->key_mtx);
 423        __ieee80211_set_default_beacon_key(sdata, idx);
 424        mutex_unlock(&sdata->local->key_mtx);
 425}
 426
 427static int ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
 428                                  struct sta_info *sta,
 429                                  bool pairwise,
 430                                  struct ieee80211_key *old,
 431                                  struct ieee80211_key *new)
 432{
 433        int idx;
 434        int ret = 0;
 435        bool defunikey, defmultikey, defmgmtkey, defbeaconkey;
 436
 437        /* caller must provide at least one old/new */
 438        if (WARN_ON(!new && !old))
 439                return 0;
 440
 441        if (new)
 442                list_add_tail_rcu(&new->list, &sdata->key_list);
 443
 444        WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
 445
 446        if (new && sta && pairwise) {
 447                /* Unicast rekey needs special handling. With Extended Key ID
 448                 * old is still NULL for the first rekey.
 449                 */
 450                ieee80211_pairwise_rekey(old, new);
 451        }
 452
 453        if (old) {
 454                idx = old->conf.keyidx;
 455
 456                if (old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
 457                        ieee80211_key_disable_hw_accel(old);
 458
 459                        if (new)
 460                                ret = ieee80211_key_enable_hw_accel(new);
 461                }
 462        } else {
 463                /* new must be provided in case old is not */
 464                idx = new->conf.keyidx;
 465                if (!new->local->wowlan)
 466                        ret = ieee80211_key_enable_hw_accel(new);
 467        }
 468
 469        if (ret)
 470                return ret;
 471
 472        if (sta) {
 473                if (pairwise) {
 474                        rcu_assign_pointer(sta->ptk[idx], new);
 475                        if (new &&
 476                            !(new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX))
 477                                _ieee80211_set_tx_key(new, true);
 478                } else {
 479                        rcu_assign_pointer(sta->gtk[idx], new);
 480                }
 481                /* Only needed for transition from no key -> key.
 482                 * Still triggers unnecessary when using Extended Key ID
 483                 * and installing the second key ID the first time.
 484                 */
 485                if (new && !old)
 486                        ieee80211_check_fast_rx(sta);
 487        } else {
 488                defunikey = old &&
 489                        old == key_mtx_dereference(sdata->local,
 490                                                sdata->default_unicast_key);
 491                defmultikey = old &&
 492                        old == key_mtx_dereference(sdata->local,
 493                                                sdata->default_multicast_key);
 494                defmgmtkey = old &&
 495                        old == key_mtx_dereference(sdata->local,
 496                                                sdata->default_mgmt_key);
 497                defbeaconkey = old &&
 498                        old == key_mtx_dereference(sdata->local,
 499                                                   sdata->default_beacon_key);
 500
 501                if (defunikey && !new)
 502                        __ieee80211_set_default_key(sdata, -1, true, false);
 503                if (defmultikey && !new)
 504                        __ieee80211_set_default_key(sdata, -1, false, true);
 505                if (defmgmtkey && !new)
 506                        __ieee80211_set_default_mgmt_key(sdata, -1);
 507                if (defbeaconkey && !new)
 508                        __ieee80211_set_default_beacon_key(sdata, -1);
 509
 510                rcu_assign_pointer(sdata->keys[idx], new);
 511                if (defunikey && new)
 512                        __ieee80211_set_default_key(sdata, new->conf.keyidx,
 513                                                    true, false);
 514                if (defmultikey && new)
 515                        __ieee80211_set_default_key(sdata, new->conf.keyidx,
 516                                                    false, true);
 517                if (defmgmtkey && new)
 518                        __ieee80211_set_default_mgmt_key(sdata,
 519                                                         new->conf.keyidx);
 520                if (defbeaconkey && new)
 521                        __ieee80211_set_default_beacon_key(sdata,
 522                                                           new->conf.keyidx);
 523        }
 524
 525        if (old)
 526                list_del_rcu(&old->list);
 527
 528        return 0;
 529}
 530
 531struct ieee80211_key *
 532ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
 533                    const u8 *key_data,
 534                    size_t seq_len, const u8 *seq,
 535                    const struct ieee80211_cipher_scheme *cs)
 536{
 537        struct ieee80211_key *key;
 538        int i, j, err;
 539
 540        if (WARN_ON(idx < 0 ||
 541                    idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS +
 542                    NUM_DEFAULT_BEACON_KEYS))
 543                return ERR_PTR(-EINVAL);
 544
 545        key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
 546        if (!key)
 547                return ERR_PTR(-ENOMEM);
 548
 549        /*
 550         * Default to software encryption; we'll later upload the
 551         * key to the hardware if possible.
 552         */
 553        key->conf.flags = 0;
 554        key->flags = 0;
 555
 556        key->conf.cipher = cipher;
 557        key->conf.keyidx = idx;
 558        key->conf.keylen = key_len;
 559        switch (cipher) {
 560        case WLAN_CIPHER_SUITE_WEP40:
 561        case WLAN_CIPHER_SUITE_WEP104:
 562                key->conf.iv_len = IEEE80211_WEP_IV_LEN;
 563                key->conf.icv_len = IEEE80211_WEP_ICV_LEN;
 564                break;
 565        case WLAN_CIPHER_SUITE_TKIP:
 566                key->conf.iv_len = IEEE80211_TKIP_IV_LEN;
 567                key->conf.icv_len = IEEE80211_TKIP_ICV_LEN;
 568                if (seq) {
 569                        for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
 570                                key->u.tkip.rx[i].iv32 =
 571                                        get_unaligned_le32(&seq[2]);
 572                                key->u.tkip.rx[i].iv16 =
 573                                        get_unaligned_le16(seq);
 574                        }
 575                }
 576                spin_lock_init(&key->u.tkip.txlock);
 577                break;
 578        case WLAN_CIPHER_SUITE_CCMP:
 579                key->conf.iv_len = IEEE80211_CCMP_HDR_LEN;
 580                key->conf.icv_len = IEEE80211_CCMP_MIC_LEN;
 581                if (seq) {
 582                        for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
 583                                for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++)
 584                                        key->u.ccmp.rx_pn[i][j] =
 585                                                seq[IEEE80211_CCMP_PN_LEN - j - 1];
 586                }
 587                /*
 588                 * Initialize AES key state here as an optimization so that
 589                 * it does not need to be initialized for every packet.
 590                 */
 591                key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
 592                        key_data, key_len, IEEE80211_CCMP_MIC_LEN);
 593                if (IS_ERR(key->u.ccmp.tfm)) {
 594                        err = PTR_ERR(key->u.ccmp.tfm);
 595                        kfree(key);
 596                        return ERR_PTR(err);
 597                }
 598                break;
 599        case WLAN_CIPHER_SUITE_CCMP_256:
 600                key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN;
 601                key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN;
 602                for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
 603                        for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++)
 604                                key->u.ccmp.rx_pn[i][j] =
 605                                        seq[IEEE80211_CCMP_256_PN_LEN - j - 1];
 606                /* Initialize AES key state here as an optimization so that
 607                 * it does not need to be initialized for every packet.
 608                 */
 609                key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
 610                        key_data, key_len, IEEE80211_CCMP_256_MIC_LEN);
 611                if (IS_ERR(key->u.ccmp.tfm)) {
 612                        err = PTR_ERR(key->u.ccmp.tfm);
 613                        kfree(key);
 614                        return ERR_PTR(err);
 615                }
 616                break;
 617        case WLAN_CIPHER_SUITE_AES_CMAC:
 618        case WLAN_CIPHER_SUITE_BIP_CMAC_256:
 619                key->conf.iv_len = 0;
 620                if (cipher == WLAN_CIPHER_SUITE_AES_CMAC)
 621                        key->conf.icv_len = sizeof(struct ieee80211_mmie);
 622                else
 623                        key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
 624                if (seq)
 625                        for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
 626                                key->u.aes_cmac.rx_pn[j] =
 627                                        seq[IEEE80211_CMAC_PN_LEN - j - 1];
 628                /*
 629                 * Initialize AES key state here as an optimization so that
 630                 * it does not need to be initialized for every packet.
 631                 */
 632                key->u.aes_cmac.tfm =
 633                        ieee80211_aes_cmac_key_setup(key_data, key_len);
 634                if (IS_ERR(key->u.aes_cmac.tfm)) {
 635                        err = PTR_ERR(key->u.aes_cmac.tfm);
 636                        kfree(key);
 637                        return ERR_PTR(err);
 638                }
 639                break;
 640        case WLAN_CIPHER_SUITE_BIP_GMAC_128:
 641        case WLAN_CIPHER_SUITE_BIP_GMAC_256:
 642                key->conf.iv_len = 0;
 643                key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
 644                if (seq)
 645                        for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++)
 646                                key->u.aes_gmac.rx_pn[j] =
 647                                        seq[IEEE80211_GMAC_PN_LEN - j - 1];
 648                /* Initialize AES key state here as an optimization so that
 649                 * it does not need to be initialized for every packet.
 650                 */
 651                key->u.aes_gmac.tfm =
 652                        ieee80211_aes_gmac_key_setup(key_data, key_len);
 653                if (IS_ERR(key->u.aes_gmac.tfm)) {
 654                        err = PTR_ERR(key->u.aes_gmac.tfm);
 655                        kfree(key);
 656                        return ERR_PTR(err);
 657                }
 658                break;
 659        case WLAN_CIPHER_SUITE_GCMP:
 660        case WLAN_CIPHER_SUITE_GCMP_256:
 661                key->conf.iv_len = IEEE80211_GCMP_HDR_LEN;
 662                key->conf.icv_len = IEEE80211_GCMP_MIC_LEN;
 663                for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
 664                        for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++)
 665                                key->u.gcmp.rx_pn[i][j] =
 666                                        seq[IEEE80211_GCMP_PN_LEN - j - 1];
 667                /* Initialize AES key state here as an optimization so that
 668                 * it does not need to be initialized for every packet.
 669                 */
 670                key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data,
 671                                                                      key_len);
 672                if (IS_ERR(key->u.gcmp.tfm)) {
 673                        err = PTR_ERR(key->u.gcmp.tfm);
 674                        kfree(key);
 675                        return ERR_PTR(err);
 676                }
 677                break;
 678        default:
 679                if (cs) {
 680                        if (seq_len && seq_len != cs->pn_len) {
 681                                kfree(key);
 682                                return ERR_PTR(-EINVAL);
 683                        }
 684
 685                        key->conf.iv_len = cs->hdr_len;
 686                        key->conf.icv_len = cs->mic_len;
 687                        for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
 688                                for (j = 0; j < seq_len; j++)
 689                                        key->u.gen.rx_pn[i][j] =
 690                                                        seq[seq_len - j - 1];
 691                        key->flags |= KEY_FLAG_CIPHER_SCHEME;
 692                }
 693        }
 694        memcpy(key->conf.key, key_data, key_len);
 695        INIT_LIST_HEAD(&key->list);
 696
 697        return key;
 698}
 699
 700static void ieee80211_key_free_common(struct ieee80211_key *key)
 701{
 702        switch (key->conf.cipher) {
 703        case WLAN_CIPHER_SUITE_CCMP:
 704        case WLAN_CIPHER_SUITE_CCMP_256:
 705                ieee80211_aes_key_free(key->u.ccmp.tfm);
 706                break;
 707        case WLAN_CIPHER_SUITE_AES_CMAC:
 708        case WLAN_CIPHER_SUITE_BIP_CMAC_256:
 709                ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
 710                break;
 711        case WLAN_CIPHER_SUITE_BIP_GMAC_128:
 712        case WLAN_CIPHER_SUITE_BIP_GMAC_256:
 713                ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm);
 714                break;
 715        case WLAN_CIPHER_SUITE_GCMP:
 716        case WLAN_CIPHER_SUITE_GCMP_256:
 717                ieee80211_aes_gcm_key_free(key->u.gcmp.tfm);
 718                break;
 719        }
 720        kfree_sensitive(key);
 721}
 722
 723static void __ieee80211_key_destroy(struct ieee80211_key *key,
 724                                    bool delay_tailroom)
 725{
 726        if (key->local) {
 727                struct ieee80211_sub_if_data *sdata = key->sdata;
 728
 729                ieee80211_debugfs_key_remove(key);
 730
 731                if (delay_tailroom) {
 732                        /* see ieee80211_delayed_tailroom_dec */
 733                        sdata->crypto_tx_tailroom_pending_dec++;
 734                        schedule_delayed_work(&sdata->dec_tailroom_needed_wk,
 735                                              HZ/2);
 736                } else {
 737                        decrease_tailroom_need_count(sdata, 1);
 738                }
 739        }
 740
 741        ieee80211_key_free_common(key);
 742}
 743
 744static void ieee80211_key_destroy(struct ieee80211_key *key,
 745                                  bool delay_tailroom)
 746{
 747        if (!key)
 748                return;
 749
 750        /*
 751         * Synchronize so the TX path and rcu key iterators
 752         * can no longer be using this key before we free/remove it.
 753         */
 754        synchronize_net();
 755
 756        __ieee80211_key_destroy(key, delay_tailroom);
 757}
 758
 759void ieee80211_key_free_unused(struct ieee80211_key *key)
 760{
 761        WARN_ON(key->sdata || key->local);
 762        ieee80211_key_free_common(key);
 763}
 764
 765static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata,
 766                                    struct ieee80211_key *old,
 767                                    struct ieee80211_key *new)
 768{
 769        u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP];
 770        u8 *tk_old, *tk_new;
 771
 772        if (!old || new->conf.keylen != old->conf.keylen)
 773                return false;
 774
 775        tk_old = old->conf.key;
 776        tk_new = new->conf.key;
 777
 778        /*
 779         * In station mode, don't compare the TX MIC key, as it's never used
 780         * and offloaded rekeying may not care to send it to the host. This
 781         * is the case in iwlwifi, for example.
 782         */
 783        if (sdata->vif.type == NL80211_IFTYPE_STATION &&
 784            new->conf.cipher == WLAN_CIPHER_SUITE_TKIP &&
 785            new->conf.keylen == WLAN_KEY_LEN_TKIP &&
 786            !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
 787                memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP);
 788                memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP);
 789                memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
 790                memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
 791                tk_old = tkip_old;
 792                tk_new = tkip_new;
 793        }
 794
 795        return !crypto_memneq(tk_old, tk_new, new->conf.keylen);
 796}
 797
 798int ieee80211_key_link(struct ieee80211_key *key,
 799                       struct ieee80211_sub_if_data *sdata,
 800                       struct sta_info *sta)
 801{
 802        static atomic_t key_color = ATOMIC_INIT(0);
 803        struct ieee80211_key *old_key;
 804        int idx = key->conf.keyidx;
 805        bool pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
 806        /*
 807         * We want to delay tailroom updates only for station - in that
 808         * case it helps roaming speed, but in other cases it hurts and
 809         * can cause warnings to appear.
 810         */
 811        bool delay_tailroom = sdata->vif.type == NL80211_IFTYPE_STATION;
 812        int ret = -EOPNOTSUPP;
 813
 814        mutex_lock(&sdata->local->key_mtx);
 815
 816        if (sta && pairwise) {
 817                struct ieee80211_key *alt_key;
 818
 819                old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]);
 820                alt_key = key_mtx_dereference(sdata->local, sta->ptk[idx ^ 1]);
 821
 822                /* The rekey code assumes that the old and new key are using
 823                 * the same cipher. Enforce the assumption for pairwise keys.
 824                 */
 825                if ((alt_key && alt_key->conf.cipher != key->conf.cipher) ||
 826                    (old_key && old_key->conf.cipher != key->conf.cipher))
 827                        goto out;
 828        } else if (sta) {
 829                old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]);
 830        } else {
 831                old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
 832        }
 833
 834        /* Non-pairwise keys must also not switch the cipher on rekey */
 835        if (!pairwise) {
 836                if (old_key && old_key->conf.cipher != key->conf.cipher)
 837                        goto out;
 838        }
 839
 840        /*
 841         * Silently accept key re-installation without really installing the
 842         * new version of the key to avoid nonce reuse or replay issues.
 843         */
 844        if (ieee80211_key_identical(sdata, old_key, key)) {
 845                ieee80211_key_free_unused(key);
 846                ret = 0;
 847                goto out;
 848        }
 849
 850        key->local = sdata->local;
 851        key->sdata = sdata;
 852        key->sta = sta;
 853
 854        /*
 855         * Assign a unique ID to every key so we can easily prevent mixed
 856         * key and fragment cache attacks.
 857         */
 858        key->color = atomic_inc_return(&key_color);
 859
 860        increment_tailroom_need_count(sdata);
 861
 862        ret = ieee80211_key_replace(sdata, sta, pairwise, old_key, key);
 863
 864        if (!ret) {
 865                ieee80211_debugfs_key_add(key);
 866                ieee80211_key_destroy(old_key, delay_tailroom);
 867        } else {
 868                ieee80211_key_free(key, delay_tailroom);
 869        }
 870
 871 out:
 872        mutex_unlock(&sdata->local->key_mtx);
 873
 874        return ret;
 875}
 876
 877void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom)
 878{
 879        if (!key)
 880                return;
 881
 882        /*
 883         * Replace key with nothingness if it was ever used.
 884         */
 885        if (key->sdata)
 886                ieee80211_key_replace(key->sdata, key->sta,
 887                                key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
 888                                key, NULL);
 889        ieee80211_key_destroy(key, delay_tailroom);
 890}
 891
 892void ieee80211_reenable_keys(struct ieee80211_sub_if_data *sdata)
 893{
 894        struct ieee80211_key *key;
 895        struct ieee80211_sub_if_data *vlan;
 896
 897        lockdep_assert_wiphy(sdata->local->hw.wiphy);
 898
 899        mutex_lock(&sdata->local->key_mtx);
 900
 901        sdata->crypto_tx_tailroom_needed_cnt = 0;
 902        sdata->crypto_tx_tailroom_pending_dec = 0;
 903
 904        if (sdata->vif.type == NL80211_IFTYPE_AP) {
 905                list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) {
 906                        vlan->crypto_tx_tailroom_needed_cnt = 0;
 907                        vlan->crypto_tx_tailroom_pending_dec = 0;
 908                }
 909        }
 910
 911        if (ieee80211_sdata_running(sdata)) {
 912                list_for_each_entry(key, &sdata->key_list, list) {
 913                        increment_tailroom_need_count(sdata);
 914                        ieee80211_key_enable_hw_accel(key);
 915                }
 916        }
 917
 918        mutex_unlock(&sdata->local->key_mtx);
 919}
 920
 921void ieee80211_iter_keys(struct ieee80211_hw *hw,
 922                         struct ieee80211_vif *vif,
 923                         void (*iter)(struct ieee80211_hw *hw,
 924                                      struct ieee80211_vif *vif,
 925                                      struct ieee80211_sta *sta,
 926                                      struct ieee80211_key_conf *key,
 927                                      void *data),
 928                         void *iter_data)
 929{
 930        struct ieee80211_local *local = hw_to_local(hw);
 931        struct ieee80211_key *key, *tmp;
 932        struct ieee80211_sub_if_data *sdata;
 933
 934        lockdep_assert_wiphy(hw->wiphy);
 935
 936        mutex_lock(&local->key_mtx);
 937        if (vif) {
 938                sdata = vif_to_sdata(vif);
 939                list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
 940                        iter(hw, &sdata->vif,
 941                             key->sta ? &key->sta->sta : NULL,
 942                             &key->conf, iter_data);
 943        } else {
 944                list_for_each_entry(sdata, &local->interfaces, list)
 945                        list_for_each_entry_safe(key, tmp,
 946                                                 &sdata->key_list, list)
 947                                iter(hw, &sdata->vif,
 948                                     key->sta ? &key->sta->sta : NULL,
 949                                     &key->conf, iter_data);
 950        }
 951        mutex_unlock(&local->key_mtx);
 952}
 953EXPORT_SYMBOL(ieee80211_iter_keys);
 954
 955static void
 956_ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
 957                         struct ieee80211_sub_if_data *sdata,
 958                         void (*iter)(struct ieee80211_hw *hw,
 959                                      struct ieee80211_vif *vif,
 960                                      struct ieee80211_sta *sta,
 961                                      struct ieee80211_key_conf *key,
 962                                      void *data),
 963                         void *iter_data)
 964{
 965        struct ieee80211_key *key;
 966
 967        list_for_each_entry_rcu(key, &sdata->key_list, list) {
 968                /* skip keys of station in removal process */
 969                if (key->sta && key->sta->removed)
 970                        continue;
 971                if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
 972                        continue;
 973
 974                iter(hw, &sdata->vif,
 975                     key->sta ? &key->sta->sta : NULL,
 976                     &key->conf, iter_data);
 977        }
 978}
 979
 980void ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
 981                             struct ieee80211_vif *vif,
 982                             void (*iter)(struct ieee80211_hw *hw,
 983                                          struct ieee80211_vif *vif,
 984                                          struct ieee80211_sta *sta,
 985                                          struct ieee80211_key_conf *key,
 986                                          void *data),
 987                             void *iter_data)
 988{
 989        struct ieee80211_local *local = hw_to_local(hw);
 990        struct ieee80211_sub_if_data *sdata;
 991
 992        if (vif) {
 993                sdata = vif_to_sdata(vif);
 994                _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
 995        } else {
 996                list_for_each_entry_rcu(sdata, &local->interfaces, list)
 997                        _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
 998        }
 999}
1000EXPORT_SYMBOL(ieee80211_iter_keys_rcu);

1001
1002static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata,
1003                                      struct list_head *keys)
1004{
1005        struct ieee80211_key *key, *tmp;
1006
1007        decrease_tailroom_need_count(sdata,
1008                                     sdata->crypto_tx_tailroom_pending_dec);
1009        sdata->crypto_tx_tailroom_pending_dec = 0;
1010
1011        ieee80211_debugfs_key_remove_mgmt_default(sdata);
1012        ieee80211_debugfs_key_remove_beacon_default(sdata);
1013
1014        list_for_each_entry_safe(key, tmp, &sdata->key_list, list) {
1015                ieee80211_key_replace(key->sdata, key->sta,
1016                                key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
1017                                key, NULL);
1018                list_add_tail(&key->list, keys);
1019        }
1020
1021        ieee80211_debugfs_key_update_default(sdata);
1022}
1023
1024void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata,
1025                         bool force_synchronize)
1026{
1027        struct ieee80211_local *local = sdata->local;
1028        struct ieee80211_sub_if_data *vlan;
1029        struct ieee80211_sub_if_data *master;
1030        struct ieee80211_key *key, *tmp;
1031        LIST_HEAD(keys);
1032
1033        cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk);
1034
1035        mutex_lock(&local->key_mtx);
1036
1037        ieee80211_free_keys_iface(sdata, &keys);
1038
1039        if (sdata->vif.type == NL80211_IFTYPE_AP) {
1040                list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
1041                        ieee80211_free_keys_iface(vlan, &keys);
1042        }
1043
1044        if (!list_empty(&keys) || force_synchronize)
1045                synchronize_net();
1046        list_for_each_entry_safe(key, tmp, &keys, list)
1047                __ieee80211_key_destroy(key, false);
1048
1049        if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
1050                if (sdata->bss) {
1051                        master = container_of(sdata->bss,
1052                                              struct ieee80211_sub_if_data,
1053                                              u.ap);
1054
1055                        WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt !=
1056                                     master->crypto_tx_tailroom_needed_cnt);
1057                }
1058        } else {
1059                WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
1060                             sdata->crypto_tx_tailroom_pending_dec);
1061        }
1062
1063        if (sdata->vif.type == NL80211_IFTYPE_AP) {
1064                list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
1065                        WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
1066                                     vlan->crypto_tx_tailroom_pending_dec);
1067        }
1068
1069        mutex_unlock(&local->key_mtx);
1070}
1071
1072void ieee80211_free_sta_keys(struct ieee80211_local *local,
1073                             struct sta_info *sta)
1074{
1075        struct ieee80211_key *key;
1076        int i;
1077
1078        mutex_lock(&local->key_mtx);
1079        for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) {
1080                key = key_mtx_dereference(local, sta->gtk[i]);
1081                if (!key)
1082                        continue;
1083                ieee80211_key_replace(key->sdata, key->sta,
1084                                key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
1085                                key, NULL);
1086                __ieee80211_key_destroy(key, key->sdata->vif.type ==
1087                                        NL80211_IFTYPE_STATION);
1088        }
1089
1090        for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1091                key = key_mtx_dereference(local, sta->ptk[i]);
1092                if (!key)
1093                        continue;
1094                ieee80211_key_replace(key->sdata, key->sta,
1095                                key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
1096                                key, NULL);
1097                __ieee80211_key_destroy(key, key->sdata->vif.type ==
1098                                        NL80211_IFTYPE_STATION);
1099        }
1100
1101        mutex_unlock(&local->key_mtx);
1102}
1103
1104void ieee80211_delayed_tailroom_dec(struct work_struct *wk)
1105{
1106        struct ieee80211_sub_if_data *sdata;
1107
1108        sdata = container_of(wk, struct ieee80211_sub_if_data,
1109                             dec_tailroom_needed_wk.work);
1110
1111        /*
1112         * The reason for the delayed tailroom needed decrementing is to
1113         * make roaming faster: during roaming, all keys are first deleted
1114         * and then new keys are installed. The first new key causes the
1115         * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes
1116         * the cost of synchronize_net() (which can be slow). Avoid this
1117         * by deferring the crypto_tx_tailroom_needed_cnt decrementing on
1118         * key removal for a while, so if we roam the value is larger than
1119         * zero and no 0->1 transition happens.
1120         *
1121         * The cost is that if the AP switching was from an AP with keys
1122         * to one without, we still allocate tailroom while it would no
1123         * longer be needed. However, in the typical (fast) roaming case
1124         * within an ESS this usually won't happen.
1125         */
1126
1127        mutex_lock(&sdata->local->key_mtx);
1128        decrease_tailroom_need_count(sdata,
1129                                     sdata->crypto_tx_tailroom_pending_dec);
1130        sdata->crypto_tx_tailroom_pending_dec = 0;
1131        mutex_unlock(&sdata->local->key_mtx);
1132}
1133
1134void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid,
1135                                const u8 *replay_ctr, gfp_t gfp)
1136{
1137        struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1138
1139        trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr);
1140
1141        cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp);
1142}
1143EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify);
1144
1145void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
1146                              int tid, struct ieee80211_key_seq *seq)
1147{
1148        struct ieee80211_key *key;
1149        const u8 *pn;
1150
1151        key = container_of(keyconf, struct ieee80211_key, conf);
1152
1153        switch (key->conf.cipher) {
1154        case WLAN_CIPHER_SUITE_TKIP:
1155                if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1156                        return;
1157                seq->tkip.iv32 = key->u.tkip.rx[tid].iv32;
1158                seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
1159                break;
1160        case WLAN_CIPHER_SUITE_CCMP:
1161        case WLAN_CIPHER_SUITE_CCMP_256:
1162                if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1163                        return;
1164                if (tid < 0)
1165                        pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1166                else
1167                        pn = key->u.ccmp.rx_pn[tid];
1168                memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
1169                break;
1170        case WLAN_CIPHER_SUITE_AES_CMAC:
1171        case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1172                if (WARN_ON(tid != 0))
1173                        return;
1174                pn = key->u.aes_cmac.rx_pn;
1175                memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
1176                break;
1177        case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1178        case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1179                if (WARN_ON(tid != 0))
1180                        return;
1181                pn = key->u.aes_gmac.rx_pn;
1182                memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN);
1183                break;
1184        case WLAN_CIPHER_SUITE_GCMP:
1185        case WLAN_CIPHER_SUITE_GCMP_256:
1186                if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1187                        return;
1188                if (tid < 0)
1189                        pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1190                else
1191                        pn = key->u.gcmp.rx_pn[tid];
1192                memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN);
1193                break;
1194        }
1195}
1196EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
1197
1198void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
1199                              int tid, struct ieee80211_key_seq *seq)
1200{
1201        struct ieee80211_key *key;
1202        u8 *pn;
1203
1204        key = container_of(keyconf, struct ieee80211_key, conf);
1205
1206        switch (key->conf.cipher) {
1207        case WLAN_CIPHER_SUITE_TKIP:
1208                if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1209                        return;
1210                key->u.tkip.rx[tid].iv32 = seq->tkip.iv32;
1211                key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
1212                break;
1213        case WLAN_CIPHER_SUITE_CCMP:
1214        case WLAN_CIPHER_SUITE_CCMP_256:
1215                if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1216                        return;
1217                if (tid < 0)
1218                        pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1219                else
1220                        pn = key->u.ccmp.rx_pn[tid];
1221                memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
1222                break;
1223        case WLAN_CIPHER_SUITE_AES_CMAC:
1224        case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1225                if (WARN_ON(tid != 0))
1226                        return;
1227                pn = key->u.aes_cmac.rx_pn;
1228                memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
1229                break;
1230        case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1231        case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1232                if (WARN_ON(tid != 0))
1233                        return;
1234                pn = key->u.aes_gmac.rx_pn;
1235                memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN);
1236                break;
1237        case WLAN_CIPHER_SUITE_GCMP:
1238        case WLAN_CIPHER_SUITE_GCMP_256:
1239                if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1240                        return;
1241                if (tid < 0)
1242                        pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1243                else
1244                        pn = key->u.gcmp.rx_pn[tid];
1245                memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN);
1246                break;
1247        default:
1248                WARN_ON(1);
1249                break;
1250        }
1251}
1252EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq);
1253
1254void ieee80211_remove_key(struct ieee80211_key_conf *keyconf)
1255{
1256        struct ieee80211_key *key;
1257
1258        key = container_of(keyconf, struct ieee80211_key, conf);
1259
1260        assert_key_lock(key->local);
1261
1262        /*
1263         * if key was uploaded, we assume the driver will/has remove(d)
1264         * it, so adjust bookkeeping accordingly
1265         */
1266        if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
1267                key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
1268
1269                if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
1270                                         IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
1271                                         IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
1272                        increment_tailroom_need_count(key->sdata);
1273        }
1274
1275        ieee80211_key_free(key, false);
1276}
1277EXPORT_SYMBOL_GPL(ieee80211_remove_key);
1278
1279struct ieee80211_key_conf *
1280ieee80211_gtk_rekey_add(struct ieee80211_vif *vif,
1281                        struct ieee80211_key_conf *keyconf)
1282{
1283        struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1284        struct ieee80211_local *local = sdata->local;
1285        struct ieee80211_key *key;
1286        int err;
1287
1288        if (WARN_ON(!local->wowlan))
1289                return ERR_PTR(-EINVAL);
1290
1291        if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
1292                return ERR_PTR(-EINVAL);
1293
1294        key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx,
1295                                  keyconf->keylen, keyconf->key,
1296                                  0, NULL, NULL);
1297        if (IS_ERR(key))
1298                return ERR_CAST(key);
1299
1300        if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
1301                key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
1302
1303        err = ieee80211_key_link(key, sdata, NULL);
1304        if (err)
1305                return ERR_PTR(err);
1306
1307        return &key->conf;
1308}
1309EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add);
1310
1311void ieee80211_key_mic_failure(struct ieee80211_key_conf *keyconf)
1312{
1313        struct ieee80211_key *key;
1314
1315        key = container_of(keyconf, struct ieee80211_key, conf);
1316
1317        switch (key->conf.cipher) {
1318        case WLAN_CIPHER_SUITE_AES_CMAC:
1319        case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1320                key->u.aes_cmac.icverrors++;
1321                break;
1322        case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1323        case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1324                key->u.aes_gmac.icverrors++;
1325                break;
1326        default:
1327                /* ignore the others for now, we don't keep counters now */
1328                break;
1329        }
1330}
1331EXPORT_SYMBOL_GPL(ieee80211_key_mic_failure);
1332
1333void ieee80211_key_replay(struct ieee80211_key_conf *keyconf)
1334{
1335        struct ieee80211_key *key;
1336
1337        key = container_of(keyconf, struct ieee80211_key, conf);
1338
1339        switch (key->conf.cipher) {
1340        case WLAN_CIPHER_SUITE_CCMP:
1341        case WLAN_CIPHER_SUITE_CCMP_256:
1342                key->u.ccmp.replays++;
1343                break;
1344        case WLAN_CIPHER_SUITE_AES_CMAC:
1345        case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1346                key->u.aes_cmac.replays++;
1347                break;
1348        case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1349        case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1350                key->u.aes_gmac.replays++;
1351                break;
1352        case WLAN_CIPHER_SUITE_GCMP:
1353        case WLAN_CIPHER_SUITE_GCMP_256:
1354                key->u.gcmp.replays++;
1355                break;
1356        }
1357}
1358EXPORT_SYMBOL_GPL(ieee80211_key_replay);
1359