LXR linux/net/mac80211/key.h

   1/* SPDX-License-Identifier: GPL-2.0-only */
   2/*
   3 * Copyright 2002-2004, Instant802 Networks, Inc.
   4 * Copyright 2005, Devicescape Software, Inc.
   5 * Copyright (C) 2019 Intel Corporation
   6 */
   7
   8#ifndef IEEE80211_KEY_H
   9#define IEEE80211_KEY_H
  10
  11#include <linux/types.h>
  12#include <linux/list.h>
  13#include <linux/crypto.h>
  14#include <linux/rcupdate.h>
  15#include <crypto/arc4.h>
  16#include <net/mac80211.h>
  17
  18#define NUM_DEFAULT_KEYS 4
  19#define NUM_DEFAULT_MGMT_KEYS 2
  20#define NUM_DEFAULT_BEACON_KEYS 2
  21#define INVALID_PTK_KEYIDX 2 /* Keyidx always pointing to a NULL key for PTK */
  22
  23struct ieee80211_local;
  24struct ieee80211_sub_if_data;
  25struct sta_info;
  26
  27/**
  28 * enum ieee80211_internal_key_flags - internal key flags
  29 *
  30 * @KEY_FLAG_UPLOADED_TO_HARDWARE: Indicates that this key is present
  31 *      in the hardware for TX crypto hardware acceleration.
  32 * @KEY_FLAG_TAINTED: Key is tainted and packets should be dropped.
  33 * @KEY_FLAG_CIPHER_SCHEME: This key is for a hardware cipher scheme
  34 */
  35enum ieee80211_internal_key_flags {
  36        KEY_FLAG_UPLOADED_TO_HARDWARE   = BIT(0),
  37        KEY_FLAG_TAINTED                = BIT(1),
  38        KEY_FLAG_CIPHER_SCHEME          = BIT(2),
  39};
  40
  41enum ieee80211_internal_tkip_state {
  42        TKIP_STATE_NOT_INIT,
  43        TKIP_STATE_PHASE1_DONE,
  44        TKIP_STATE_PHASE1_HW_UPLOADED,
  45};
  46
  47struct tkip_ctx {
  48        u16 p1k[5];     /* p1k cache */
  49        u32 p1k_iv32;   /* iv32 for which p1k computed */
  50        enum ieee80211_internal_tkip_state state;
  51};
  52
  53struct tkip_ctx_rx {
  54        struct tkip_ctx ctx;
  55        u32 iv32;       /* current iv32 */
  56        u16 iv16;       /* current iv16 */
  57};
  58
  59struct ieee80211_key {
  60        struct ieee80211_local *local;
  61        struct ieee80211_sub_if_data *sdata;
  62        struct sta_info *sta;
  63
  64        /* for sdata list */
  65        struct list_head list;
  66
  67        /* protected by key mutex */
  68        unsigned int flags;
  69
  70        union {
  71                struct {
  72                        /* protects tx context */
  73                        spinlock_t txlock;
  74
  75                        /* last used TSC */
  76                        struct tkip_ctx tx;
  77
  78                        /* last received RSC */
  79                        struct tkip_ctx_rx rx[IEEE80211_NUM_TIDS];
  80
  81                        /* number of mic failures */
  82                        u32 mic_failures;
  83                } tkip;
  84                struct {
  85                        /*
  86                         * Last received packet number. The first
  87                         * IEEE80211_NUM_TIDS counters are used with Data
  88                         * frames and the last counter is used with Robust
  89                         * Management frames.
  90                         */
  91                        u8 rx_pn[IEEE80211_NUM_TIDS + 1][IEEE80211_CCMP_PN_LEN];
  92                        struct crypto_aead *tfm;
  93                        u32 replays; /* dot11RSNAStatsCCMPReplays */
  94                } ccmp;
  95                struct {
  96                        u8 rx_pn[IEEE80211_CMAC_PN_LEN];
  97                        struct crypto_shash *tfm;
  98                        u32 replays; /* dot11RSNAStatsCMACReplays */
  99                        u32 icverrors; /* dot11RSNAStatsCMACICVErrors */
 100                } aes_cmac;
 101                struct {
 102                        u8 rx_pn[IEEE80211_GMAC_PN_LEN];
 103                        struct crypto_aead *tfm;
 104                        u32 replays; /* dot11RSNAStatsCMACReplays */
 105                        u32 icverrors; /* dot11RSNAStatsCMACICVErrors */
 106                } aes_gmac;
 107                struct {
 108                        /* Last received packet number. The first
 109                         * IEEE80211_NUM_TIDS counters are used with Data
 110                         * frames and the last counter is used with Robust
 111                         * Management frames.
 112                         */
 113                        u8 rx_pn[IEEE80211_NUM_TIDS + 1][IEEE80211_GCMP_PN_LEN];
 114                        struct crypto_aead *tfm;
 115                        u32 replays; /* dot11RSNAStatsGCMPReplays */
 116                } gcmp;
 117                struct {
 118                        /* generic cipher scheme */
 119                        u8 rx_pn[IEEE80211_NUM_TIDS + 1][IEEE80211_MAX_PN_LEN];
 120                } gen;
 121        } u;
 122
 123#ifdef CONFIG_MAC80211_DEBUGFS
 124        struct {
 125                struct dentry *stalink;
 126                struct dentry *dir;
 127                int cnt;
 128        } debugfs;
 129#endif
 130
 131        unsigned int color;
 132
 133        /*
 134         * key config, must be last because it contains key
 135         * material as variable length member
 136         */
 137        struct ieee80211_key_conf conf;
 138};
 139
 140struct ieee80211_key *
 141ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
 142                    const u8 *key_data,
 143                    size_t seq_len, const u8 *seq,
 144                    const struct ieee80211_cipher_scheme *cs);
 145/*
 146 * Insert a key into data structures (sdata, sta if necessary)
 147 * to make it used, free old key. On failure, also free the new key.
 148 */
 149int ieee80211_key_link(struct ieee80211_key *key,
 150                       struct ieee80211_sub_if_data *sdata,
 151                       struct sta_info *sta);
 152int ieee80211_set_tx_key(struct ieee80211_key *key);
 153void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom);
 154void ieee80211_key_free_unused(struct ieee80211_key *key);
 155void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
 156                               bool uni, bool multi);
 157void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
 158                                    int idx);
 159void ieee80211_set_default_beacon_key(struct ieee80211_sub_if_data *sdata,
 160                                      int idx);
 161void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata,
 162                         bool force_synchronize);
 163void ieee80211_free_sta_keys(struct ieee80211_local *local,
 164                             struct sta_info *sta);
 165void ieee80211_reenable_keys(struct ieee80211_sub_if_data *sdata);
 166
 167#define key_mtx_dereference(local, ref) \
 168        rcu_dereference_protected(ref, lockdep_is_held(&((local)->key_mtx)))
 169
 170void ieee80211_delayed_tailroom_dec(struct work_struct *wk);
 171
 172#endif /* IEEE80211_KEY_H */
 173