2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
6 * Copyright 2013-2014 Intel Mobile Communications GmbH
7 * Copyright 2015-2017 Intel Deutschland GmbH
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
14 #include <linux/if_ether.h>
15 #include <linux/etherdevice.h>
16 #include <linux/list.h>
17 #include <linux/rcupdate.h>
18 #include <linux/rtnetlink.h>
19 #include <linux/slab.h>
20 #include <linux/export.h>
21 #include <net/mac80211.h>
22 #include <crypto/algapi.h>
23 #include <asm/unaligned.h>
24 #include "ieee80211_i.h"
25 #include "driver-ops.h"
26 #include "debugfs_key.h"
34 * DOC: Key handling basics
36 * Key handling in mac80211 is done based on per-interface (sub_if_data)
37 * keys and per-station keys. Since each station belongs to an interface,
38 * each station key also belongs to that interface.
40 * Hardware acceleration is done on a best-effort basis for algorithms
41 * that are implemented in software, for each key the hardware is asked
42 * to enable that key for offloading but if it cannot do that the key is
43 * simply kept for software encryption (unless it is for an algorithm
44 * that isn't implemented in software).
45 * There is currently no way of knowing whether a key is handled in SW
46 * or HW except by looking into debugfs.
48 * All key management is internally protected by a mutex. Within all
49 * other parts of mac80211, key references are, just as STA structure
50 * references, protected by RCU. Note, however, that some things are
51 * unprotected, namely the key->sta dereferences within the hardware
52 * acceleration functions. This means that sta_info_destroy() must
53 * remove the key which waits for an RCU grace period.
56 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
58 static void assert_key_lock(struct ieee80211_local *local)
60 lockdep_assert_held(&local->key_mtx);
64 update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta)
66 struct ieee80211_sub_if_data *vlan;
68 if (sdata->vif.type != NL80211_IFTYPE_AP)
71 /* crypto_tx_tailroom_needed_cnt is protected by this */
72 assert_key_lock(sdata->local);
76 list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list)
77 vlan->crypto_tx_tailroom_needed_cnt += delta;
82 static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
85 * When this count is zero, SKB resizing for allocating tailroom
86 * for IV or MMIC is skipped. But, this check has created two race
87 * cases in xmit path while transiting from zero count to one:
89 * 1. SKB resize was skipped because no key was added but just before
90 * the xmit key is added and SW encryption kicks off.
92 * 2. SKB resize was skipped because all the keys were hw planted but
93 * just before xmit one of the key is deleted and SW encryption kicks
96 * In both the above case SW encryption will find not enough space for
97 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
99 * Solution has been explained at
100 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
103 assert_key_lock(sdata->local);
105 update_vlan_tailroom_need_count(sdata, 1);
107 if (!sdata->crypto_tx_tailroom_needed_cnt++) {
109 * Flush all XMIT packets currently using HW encryption or no
110 * encryption at all if the count transition is from 0 -> 1.
116 static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata,
119 assert_key_lock(sdata->local);
121 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta);
123 update_vlan_tailroom_need_count(sdata, -delta);
124 sdata->crypto_tx_tailroom_needed_cnt -= delta;
127 static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
129 struct ieee80211_sub_if_data *sdata;
130 struct sta_info *sta;
131 int ret = -EOPNOTSUPP;
135 if (key->flags & KEY_FLAG_TAINTED) {
136 /* If we get here, it's during resume and the key is
137 * tainted so shouldn't be used/programmed any more.
138 * However, its flags may still indicate that it was
139 * programmed into the device (since we're in resume)
140 * so clear that flag now to avoid trying to remove
143 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
147 if (!key->local->ops->set_key)
148 goto out_unsupported;
150 assert_key_lock(key->local);
155 * If this is a per-STA GTK, check if it
156 * is supported; if not, return.
158 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) &&
159 !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK))
160 goto out_unsupported;
162 if (sta && !sta->uploaded)
163 goto out_unsupported;
166 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
168 * The driver doesn't know anything about VLAN interfaces.
169 * Hence, don't send GTKs for VLAN interfaces to the driver.
171 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE))
172 goto out_unsupported;
175 ret = drv_set_key(key->local, SET_KEY, sdata,
176 sta ? &sta->sta : NULL, &key->conf);
179 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
181 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
182 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
183 decrease_tailroom_need_count(sdata, 1);
185 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
186 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV));
191 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1)
193 "failed to set key (%d, %pM) to hardware (%d)\n",
195 sta ? sta->sta.addr : bcast_addr, ret);
198 switch (key->conf.cipher) {
199 case WLAN_CIPHER_SUITE_WEP40:
200 case WLAN_CIPHER_SUITE_WEP104:
201 case WLAN_CIPHER_SUITE_TKIP:
202 case WLAN_CIPHER_SUITE_CCMP:
203 case WLAN_CIPHER_SUITE_CCMP_256:
204 case WLAN_CIPHER_SUITE_AES_CMAC:
205 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
206 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
207 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
208 case WLAN_CIPHER_SUITE_GCMP:
209 case WLAN_CIPHER_SUITE_GCMP_256:
210 /* all of these we can do in software - if driver can */
213 if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL))
221 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
223 struct ieee80211_sub_if_data *sdata;
224 struct sta_info *sta;
229 if (!key || !key->local->ops->set_key)
232 assert_key_lock(key->local);
234 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
240 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
241 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
242 increment_tailroom_need_count(sdata);
244 ret = drv_set_key(key->local, DISABLE_KEY, sdata,
245 sta ? &sta->sta : NULL, &key->conf);
249 "failed to remove key (%d, %pM) from hardware (%d)\n",
251 sta ? sta->sta.addr : bcast_addr, ret);
253 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
256 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
257 int idx, bool uni, bool multi)
259 struct ieee80211_key *key = NULL;
261 assert_key_lock(sdata->local);
263 if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
264 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
267 rcu_assign_pointer(sdata->default_unicast_key, key);
268 ieee80211_check_fast_xmit_iface(sdata);
269 drv_set_default_unicast_key(sdata->local, sdata, idx);
273 rcu_assign_pointer(sdata->default_multicast_key, key);
275 ieee80211_debugfs_key_update_default(sdata);
278 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
279 bool uni, bool multi)
281 mutex_lock(&sdata->local->key_mtx);
282 __ieee80211_set_default_key(sdata, idx, uni, multi);
283 mutex_unlock(&sdata->local->key_mtx);
287 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
289 struct ieee80211_key *key = NULL;
291 assert_key_lock(sdata->local);
293 if (idx >= NUM_DEFAULT_KEYS &&
294 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
295 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
297 rcu_assign_pointer(sdata->default_mgmt_key, key);
299 ieee80211_debugfs_key_update_default(sdata);
302 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
305 mutex_lock(&sdata->local->key_mtx);
306 __ieee80211_set_default_mgmt_key(sdata, idx);
307 mutex_unlock(&sdata->local->key_mtx);
311 static void ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
312 struct sta_info *sta,
314 struct ieee80211_key *old,
315 struct ieee80211_key *new)
318 bool defunikey, defmultikey, defmgmtkey;
320 /* caller must provide at least one old/new */
321 if (WARN_ON(!new && !old))
325 list_add_tail_rcu(&new->list, &sdata->key_list);
327 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
330 idx = old->conf.keyidx;
332 idx = new->conf.keyidx;
336 rcu_assign_pointer(sta->ptk[idx], new);
337 set_sta_flag(sta, WLAN_STA_USES_ENCRYPTION);
339 ieee80211_check_fast_xmit(sta);
341 rcu_assign_pointer(sta->gtk[idx], new);
343 ieee80211_check_fast_rx(sta);
346 old == key_mtx_dereference(sdata->local,
347 sdata->default_unicast_key);
349 old == key_mtx_dereference(sdata->local,
350 sdata->default_multicast_key);
352 old == key_mtx_dereference(sdata->local,
353 sdata->default_mgmt_key);
355 if (defunikey && !new)
356 __ieee80211_set_default_key(sdata, -1, true, false);
357 if (defmultikey && !new)
358 __ieee80211_set_default_key(sdata, -1, false, true);
359 if (defmgmtkey && !new)
360 __ieee80211_set_default_mgmt_key(sdata, -1);
362 rcu_assign_pointer(sdata->keys[idx], new);
363 if (defunikey && new)
364 __ieee80211_set_default_key(sdata, new->conf.keyidx,
366 if (defmultikey && new)
367 __ieee80211_set_default_key(sdata, new->conf.keyidx,
369 if (defmgmtkey && new)
370 __ieee80211_set_default_mgmt_key(sdata,
375 list_del_rcu(&old->list);
378 struct ieee80211_key *
379 ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
381 size_t seq_len, const u8 *seq,
382 const struct ieee80211_cipher_scheme *cs)
384 struct ieee80211_key *key;
387 if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS))
388 return ERR_PTR(-EINVAL);
390 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
392 return ERR_PTR(-ENOMEM);
395 * Default to software encryption; we'll later upload the
396 * key to the hardware if possible.
401 key->conf.cipher = cipher;
402 key->conf.keyidx = idx;
403 key->conf.keylen = key_len;
405 case WLAN_CIPHER_SUITE_WEP40:
406 case WLAN_CIPHER_SUITE_WEP104:
407 key->conf.iv_len = IEEE80211_WEP_IV_LEN;
408 key->conf.icv_len = IEEE80211_WEP_ICV_LEN;
410 case WLAN_CIPHER_SUITE_TKIP:
411 key->conf.iv_len = IEEE80211_TKIP_IV_LEN;
412 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN;
414 for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
415 key->u.tkip.rx[i].iv32 =
416 get_unaligned_le32(&seq[2]);
417 key->u.tkip.rx[i].iv16 =
418 get_unaligned_le16(seq);
421 spin_lock_init(&key->u.tkip.txlock);
423 case WLAN_CIPHER_SUITE_CCMP:
424 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN;
425 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN;
427 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
428 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++)
429 key->u.ccmp.rx_pn[i][j] =
430 seq[IEEE80211_CCMP_PN_LEN - j - 1];
433 * Initialize AES key state here as an optimization so that
434 * it does not need to be initialized for every packet.
436 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
437 key_data, key_len, IEEE80211_CCMP_MIC_LEN);
438 if (IS_ERR(key->u.ccmp.tfm)) {
439 err = PTR_ERR(key->u.ccmp.tfm);
444 case WLAN_CIPHER_SUITE_CCMP_256:
445 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN;
446 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN;
447 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
448 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++)
449 key->u.ccmp.rx_pn[i][j] =
450 seq[IEEE80211_CCMP_256_PN_LEN - j - 1];
451 /* Initialize AES key state here as an optimization so that
452 * it does not need to be initialized for every packet.
454 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
455 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN);
456 if (IS_ERR(key->u.ccmp.tfm)) {
457 err = PTR_ERR(key->u.ccmp.tfm);
462 case WLAN_CIPHER_SUITE_AES_CMAC:
463 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
464 key->conf.iv_len = 0;
465 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC)
466 key->conf.icv_len = sizeof(struct ieee80211_mmie);
468 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
470 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
471 key->u.aes_cmac.rx_pn[j] =
472 seq[IEEE80211_CMAC_PN_LEN - j - 1];
474 * Initialize AES key state here as an optimization so that
475 * it does not need to be initialized for every packet.
477 key->u.aes_cmac.tfm =
478 ieee80211_aes_cmac_key_setup(key_data, key_len);
479 if (IS_ERR(key->u.aes_cmac.tfm)) {
480 err = PTR_ERR(key->u.aes_cmac.tfm);
485 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
486 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
487 key->conf.iv_len = 0;
488 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
490 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++)
491 key->u.aes_gmac.rx_pn[j] =
492 seq[IEEE80211_GMAC_PN_LEN - j - 1];
493 /* Initialize AES key state here as an optimization so that
494 * it does not need to be initialized for every packet.
496 key->u.aes_gmac.tfm =
497 ieee80211_aes_gmac_key_setup(key_data, key_len);
498 if (IS_ERR(key->u.aes_gmac.tfm)) {
499 err = PTR_ERR(key->u.aes_gmac.tfm);
504 case WLAN_CIPHER_SUITE_GCMP:
505 case WLAN_CIPHER_SUITE_GCMP_256:
506 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN;
507 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN;
508 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
509 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++)
510 key->u.gcmp.rx_pn[i][j] =
511 seq[IEEE80211_GCMP_PN_LEN - j - 1];
512 /* Initialize AES key state here as an optimization so that
513 * it does not need to be initialized for every packet.
515 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data,
517 if (IS_ERR(key->u.gcmp.tfm)) {
518 err = PTR_ERR(key->u.gcmp.tfm);
525 if (seq_len && seq_len != cs->pn_len) {
527 return ERR_PTR(-EINVAL);
530 key->conf.iv_len = cs->hdr_len;
531 key->conf.icv_len = cs->mic_len;
532 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
533 for (j = 0; j < seq_len; j++)
534 key->u.gen.rx_pn[i][j] =
535 seq[seq_len - j - 1];
536 key->flags |= KEY_FLAG_CIPHER_SCHEME;
539 memcpy(key->conf.key, key_data, key_len);
540 INIT_LIST_HEAD(&key->list);
545 static void ieee80211_key_free_common(struct ieee80211_key *key)
547 switch (key->conf.cipher) {
548 case WLAN_CIPHER_SUITE_CCMP:
549 case WLAN_CIPHER_SUITE_CCMP_256:
550 ieee80211_aes_key_free(key->u.ccmp.tfm);
552 case WLAN_CIPHER_SUITE_AES_CMAC:
553 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
554 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
556 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
557 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
558 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm);
560 case WLAN_CIPHER_SUITE_GCMP:
561 case WLAN_CIPHER_SUITE_GCMP_256:
562 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm);
568 static void __ieee80211_key_destroy(struct ieee80211_key *key,
572 ieee80211_key_disable_hw_accel(key);
575 struct ieee80211_sub_if_data *sdata = key->sdata;
577 ieee80211_debugfs_key_remove(key);
579 if (delay_tailroom) {
580 /* see ieee80211_delayed_tailroom_dec */
581 sdata->crypto_tx_tailroom_pending_dec++;
582 schedule_delayed_work(&sdata->dec_tailroom_needed_wk,
585 decrease_tailroom_need_count(sdata, 1);
589 ieee80211_key_free_common(key);
592 static void ieee80211_key_destroy(struct ieee80211_key *key,
599 * Synchronize so the TX path and rcu key iterators
600 * can no longer be using this key before we free/remove it.
604 __ieee80211_key_destroy(key, delay_tailroom);
607 void ieee80211_key_free_unused(struct ieee80211_key *key)
609 WARN_ON(key->sdata || key->local);
610 ieee80211_key_free_common(key);
613 static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata,
614 struct ieee80211_key *old,
615 struct ieee80211_key *new)
617 u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP];
620 if (!old || new->conf.keylen != old->conf.keylen)
623 tk_old = old->conf.key;
624 tk_new = new->conf.key;
627 * In station mode, don't compare the TX MIC key, as it's never used
628 * and offloaded rekeying may not care to send it to the host. This
629 * is the case in iwlwifi, for example.
631 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
632 new->conf.cipher == WLAN_CIPHER_SUITE_TKIP &&
633 new->conf.keylen == WLAN_KEY_LEN_TKIP &&
634 !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
635 memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP);
636 memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP);
637 memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
638 memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
643 return !crypto_memneq(tk_old, tk_new, new->conf.keylen);
646 int ieee80211_key_link(struct ieee80211_key *key,
647 struct ieee80211_sub_if_data *sdata,
648 struct sta_info *sta)
650 struct ieee80211_local *local = sdata->local;
651 static atomic_t key_color = ATOMIC_INIT(0);
652 struct ieee80211_key *old_key;
653 int idx = key->conf.keyidx;
654 bool pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
656 * We want to delay tailroom updates only for station - in that
657 * case it helps roaming speed, but in other cases it hurts and
658 * can cause warnings to appear.
660 bool delay_tailroom = sdata->vif.type == NL80211_IFTYPE_STATION;
664 * Assign a unique ID to every key so we can easily prevent mixed
665 * key and fragment cache attacks.
667 key->color = atomic_inc_return(&key_color);
669 mutex_lock(&sdata->local->key_mtx);
672 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]);
674 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]);
676 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
679 * Silently accept key re-installation without really installing the
680 * new version of the key to avoid nonce reuse or replay issues.
682 if (ieee80211_key_identical(sdata, old_key, key)) {
683 ieee80211_key_free_unused(key);
688 key->local = sdata->local;
692 increment_tailroom_need_count(sdata);
694 ieee80211_key_replace(sdata, sta, pairwise, old_key, key);
695 ieee80211_key_destroy(old_key, delay_tailroom);
697 ieee80211_debugfs_key_add(key);
699 if (!local->wowlan) {
700 ret = ieee80211_key_enable_hw_accel(key);
702 ieee80211_key_free(key, delay_tailroom);
708 mutex_unlock(&sdata->local->key_mtx);
713 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom)
719 * Replace key with nothingness if it was ever used.
722 ieee80211_key_replace(key->sdata, key->sta,
723 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
725 ieee80211_key_destroy(key, delay_tailroom);
728 void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata)
730 struct ieee80211_key *key;
731 struct ieee80211_sub_if_data *vlan;
735 if (WARN_ON(!ieee80211_sdata_running(sdata)))
738 mutex_lock(&sdata->local->key_mtx);
740 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
741 sdata->crypto_tx_tailroom_pending_dec);
743 if (sdata->vif.type == NL80211_IFTYPE_AP) {
744 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
745 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
746 vlan->crypto_tx_tailroom_pending_dec);
749 list_for_each_entry(key, &sdata->key_list, list) {
750 increment_tailroom_need_count(sdata);
751 ieee80211_key_enable_hw_accel(key);
754 mutex_unlock(&sdata->local->key_mtx);
757 void ieee80211_reset_crypto_tx_tailroom(struct ieee80211_sub_if_data *sdata)
759 struct ieee80211_sub_if_data *vlan;
761 mutex_lock(&sdata->local->key_mtx);
763 sdata->crypto_tx_tailroom_needed_cnt = 0;
765 if (sdata->vif.type == NL80211_IFTYPE_AP) {
766 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
767 vlan->crypto_tx_tailroom_needed_cnt = 0;
770 mutex_unlock(&sdata->local->key_mtx);
773 void ieee80211_iter_keys(struct ieee80211_hw *hw,
774 struct ieee80211_vif *vif,
775 void (*iter)(struct ieee80211_hw *hw,
776 struct ieee80211_vif *vif,
777 struct ieee80211_sta *sta,
778 struct ieee80211_key_conf *key,
782 struct ieee80211_local *local = hw_to_local(hw);
783 struct ieee80211_key *key, *tmp;
784 struct ieee80211_sub_if_data *sdata;
788 mutex_lock(&local->key_mtx);
790 sdata = vif_to_sdata(vif);
791 list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
792 iter(hw, &sdata->vif,
793 key->sta ? &key->sta->sta : NULL,
794 &key->conf, iter_data);
796 list_for_each_entry(sdata, &local->interfaces, list)
797 list_for_each_entry_safe(key, tmp,
798 &sdata->key_list, list)
799 iter(hw, &sdata->vif,
800 key->sta ? &key->sta->sta : NULL,
801 &key->conf, iter_data);
803 mutex_unlock(&local->key_mtx);
805 EXPORT_SYMBOL(ieee80211_iter_keys);
808 _ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
809 struct ieee80211_sub_if_data *sdata,
810 void (*iter)(struct ieee80211_hw *hw,
811 struct ieee80211_vif *vif,
812 struct ieee80211_sta *sta,
813 struct ieee80211_key_conf *key,
817 struct ieee80211_key *key;
819 list_for_each_entry_rcu(key, &sdata->key_list, list) {
820 /* skip keys of station in removal process */
821 if (key->sta && key->sta->removed)
823 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
826 iter(hw, &sdata->vif,
827 key->sta ? &key->sta->sta : NULL,
828 &key->conf, iter_data);
832 void ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
833 struct ieee80211_vif *vif,
834 void (*iter)(struct ieee80211_hw *hw,
835 struct ieee80211_vif *vif,
836 struct ieee80211_sta *sta,
837 struct ieee80211_key_conf *key,
841 struct ieee80211_local *local = hw_to_local(hw);
842 struct ieee80211_sub_if_data *sdata;
845 sdata = vif_to_sdata(vif);
846 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
848 list_for_each_entry_rcu(sdata, &local->interfaces, list)
849 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
852 EXPORT_SYMBOL(ieee80211_iter_keys_rcu);
854 static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata,
855 struct list_head *keys)
857 struct ieee80211_key *key, *tmp;
859 decrease_tailroom_need_count(sdata,
860 sdata->crypto_tx_tailroom_pending_dec);
861 sdata->crypto_tx_tailroom_pending_dec = 0;
863 ieee80211_debugfs_key_remove_mgmt_default(sdata);
865 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) {
866 ieee80211_key_replace(key->sdata, key->sta,
867 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
869 list_add_tail(&key->list, keys);
872 ieee80211_debugfs_key_update_default(sdata);
875 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata,
876 bool force_synchronize)
878 struct ieee80211_local *local = sdata->local;
879 struct ieee80211_sub_if_data *vlan;
880 struct ieee80211_sub_if_data *master;
881 struct ieee80211_key *key, *tmp;
884 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk);
886 mutex_lock(&local->key_mtx);
888 ieee80211_free_keys_iface(sdata, &keys);
890 if (sdata->vif.type == NL80211_IFTYPE_AP) {
891 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
892 ieee80211_free_keys_iface(vlan, &keys);
895 if (!list_empty(&keys) || force_synchronize)
897 list_for_each_entry_safe(key, tmp, &keys, list)
898 __ieee80211_key_destroy(key, false);
900 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
902 master = container_of(sdata->bss,
903 struct ieee80211_sub_if_data,
906 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt !=
907 master->crypto_tx_tailroom_needed_cnt);
910 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
911 sdata->crypto_tx_tailroom_pending_dec);
914 if (sdata->vif.type == NL80211_IFTYPE_AP) {
915 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
916 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
917 vlan->crypto_tx_tailroom_pending_dec);
920 mutex_unlock(&local->key_mtx);
923 void ieee80211_free_sta_keys(struct ieee80211_local *local,
924 struct sta_info *sta)
926 struct ieee80211_key *key;
929 mutex_lock(&local->key_mtx);
930 for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) {
931 key = key_mtx_dereference(local, sta->gtk[i]);
934 ieee80211_key_replace(key->sdata, key->sta,
935 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
937 __ieee80211_key_destroy(key, key->sdata->vif.type ==
938 NL80211_IFTYPE_STATION);
941 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
942 key = key_mtx_dereference(local, sta->ptk[i]);
945 ieee80211_key_replace(key->sdata, key->sta,
946 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
948 __ieee80211_key_destroy(key, key->sdata->vif.type ==
949 NL80211_IFTYPE_STATION);
952 mutex_unlock(&local->key_mtx);
955 void ieee80211_delayed_tailroom_dec(struct work_struct *wk)
957 struct ieee80211_sub_if_data *sdata;
959 sdata = container_of(wk, struct ieee80211_sub_if_data,
960 dec_tailroom_needed_wk.work);
963 * The reason for the delayed tailroom needed decrementing is to
964 * make roaming faster: during roaming, all keys are first deleted
965 * and then new keys are installed. The first new key causes the
966 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes
967 * the cost of synchronize_net() (which can be slow). Avoid this
968 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on
969 * key removal for a while, so if we roam the value is larger than
970 * zero and no 0->1 transition happens.
972 * The cost is that if the AP switching was from an AP with keys
973 * to one without, we still allocate tailroom while it would no
974 * longer be needed. However, in the typical (fast) roaming case
975 * within an ESS this usually won't happen.
978 mutex_lock(&sdata->local->key_mtx);
979 decrease_tailroom_need_count(sdata,
980 sdata->crypto_tx_tailroom_pending_dec);
981 sdata->crypto_tx_tailroom_pending_dec = 0;
982 mutex_unlock(&sdata->local->key_mtx);
985 void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid,
986 const u8 *replay_ctr, gfp_t gfp)
988 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
990 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr);
992 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp);
994 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify);
996 void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
997 int tid, struct ieee80211_key_seq *seq)
999 struct ieee80211_key *key;
1002 key = container_of(keyconf, struct ieee80211_key, conf);
1004 switch (key->conf.cipher) {
1005 case WLAN_CIPHER_SUITE_TKIP:
1006 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1008 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32;
1009 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
1011 case WLAN_CIPHER_SUITE_CCMP:
1012 case WLAN_CIPHER_SUITE_CCMP_256:
1013 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1016 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1018 pn = key->u.ccmp.rx_pn[tid];
1019 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
1021 case WLAN_CIPHER_SUITE_AES_CMAC:
1022 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1023 if (WARN_ON(tid != 0))
1025 pn = key->u.aes_cmac.rx_pn;
1026 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
1028 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1029 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1030 if (WARN_ON(tid != 0))
1032 pn = key->u.aes_gmac.rx_pn;
1033 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN);
1035 case WLAN_CIPHER_SUITE_GCMP:
1036 case WLAN_CIPHER_SUITE_GCMP_256:
1037 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1040 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1042 pn = key->u.gcmp.rx_pn[tid];
1043 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN);
1047 EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
1049 void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
1050 int tid, struct ieee80211_key_seq *seq)
1052 struct ieee80211_key *key;
1055 key = container_of(keyconf, struct ieee80211_key, conf);
1057 switch (key->conf.cipher) {
1058 case WLAN_CIPHER_SUITE_TKIP:
1059 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1061 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32;
1062 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
1064 case WLAN_CIPHER_SUITE_CCMP:
1065 case WLAN_CIPHER_SUITE_CCMP_256:
1066 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1069 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1071 pn = key->u.ccmp.rx_pn[tid];
1072 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
1074 case WLAN_CIPHER_SUITE_AES_CMAC:
1075 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1076 if (WARN_ON(tid != 0))
1078 pn = key->u.aes_cmac.rx_pn;
1079 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
1081 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1082 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1083 if (WARN_ON(tid != 0))
1085 pn = key->u.aes_gmac.rx_pn;
1086 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN);
1088 case WLAN_CIPHER_SUITE_GCMP:
1089 case WLAN_CIPHER_SUITE_GCMP_256:
1090 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1093 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1095 pn = key->u.gcmp.rx_pn[tid];
1096 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN);
1103 EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq);
1105 void ieee80211_remove_key(struct ieee80211_key_conf *keyconf)
1107 struct ieee80211_key *key;
1109 key = container_of(keyconf, struct ieee80211_key, conf);
1111 assert_key_lock(key->local);
1114 * if key was uploaded, we assume the driver will/has remove(d)
1115 * it, so adjust bookkeeping accordingly
1117 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
1118 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
1120 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
1121 (key->conf.flags & IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
1122 increment_tailroom_need_count(key->sdata);
1125 ieee80211_key_free(key, false);
1127 EXPORT_SYMBOL_GPL(ieee80211_remove_key);
1129 struct ieee80211_key_conf *
1130 ieee80211_gtk_rekey_add(struct ieee80211_vif *vif,
1131 struct ieee80211_key_conf *keyconf)
1133 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1134 struct ieee80211_local *local = sdata->local;
1135 struct ieee80211_key *key;
1138 if (WARN_ON(!local->wowlan))
1139 return ERR_PTR(-EINVAL);
1141 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
1142 return ERR_PTR(-EINVAL);
1144 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx,
1145 keyconf->keylen, keyconf->key,
1148 return ERR_CAST(key);
1150 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
1151 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
1153 err = ieee80211_key_link(key, sdata, NULL);
1155 return ERR_PTR(err);
1159 EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add);