^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) // SPDX-License-Identifier: GPL-2.0-only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) * Copyright 2002-2005, Instant802 Networks, Inc.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) * Copyright 2005-2006, Devicescape Software, Inc.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) * Copyright 2013-2014 Intel Mobile Communications GmbH
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) * Copyright 2015-2017 Intel Deutschland GmbH
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) * Copyright 2018-2020 Intel Corporation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) #include <linux/if_ether.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) #include <linux/etherdevice.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) #include <linux/list.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) #include <linux/rcupdate.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) #include <linux/rtnetlink.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) #include <linux/slab.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) #include <linux/export.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) #include <net/mac80211.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) #include <crypto/algapi.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) #include <asm/unaligned.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) #include "ieee80211_i.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) #include "driver-ops.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) #include "debugfs_key.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) #include "aes_ccm.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) #include "aes_cmac.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) #include "aes_gmac.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) #include "aes_gcm.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) * DOC: Key handling basics
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) * Key handling in mac80211 is done based on per-interface (sub_if_data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) * keys and per-station keys. Since each station belongs to an interface,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) * each station key also belongs to that interface.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) * Hardware acceleration is done on a best-effort basis for algorithms
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) * that are implemented in software, for each key the hardware is asked
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) * to enable that key for offloading but if it cannot do that the key is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) * simply kept for software encryption (unless it is for an algorithm
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) * that isn't implemented in software).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) * There is currently no way of knowing whether a key is handled in SW
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) * or HW except by looking into debugfs.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) * All key management is internally protected by a mutex. Within all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) * other parts of mac80211, key references are, just as STA structure
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) * references, protected by RCU. Note, however, that some things are
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) * unprotected, namely the key->sta dereferences within the hardware
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) * acceleration functions. This means that sta_info_destroy() must
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) * remove the key which waits for an RCU grace period.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) static void assert_key_lock(struct ieee80211_local *local)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) lockdep_assert_held(&local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) static void
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) struct ieee80211_sub_if_data *vlan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) if (sdata->vif.type != NL80211_IFTYPE_AP)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) /* crypto_tx_tailroom_needed_cnt is protected by this */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) assert_key_lock(sdata->local);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) vlan->crypto_tx_tailroom_needed_cnt += delta;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) * When this count is zero, SKB resizing for allocating tailroom
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) * for IV or MMIC is skipped. But, this check has created two race
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) * cases in xmit path while transiting from zero count to one:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) * 1. SKB resize was skipped because no key was added but just before
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) * the xmit key is added and SW encryption kicks off.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) * 2. SKB resize was skipped because all the keys were hw planted but
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) * just before xmit one of the key is deleted and SW encryption kicks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) * off.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) * In both the above case SW encryption will find not enough space for
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) * Solution has been explained at
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) assert_key_lock(sdata->local);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) update_vlan_tailroom_need_count(sdata, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) if (!sdata->crypto_tx_tailroom_needed_cnt++) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) * Flush all XMIT packets currently using HW encryption or no
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) * encryption at all if the count transition is from 0 -> 1.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) synchronize_net();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) int delta)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) assert_key_lock(sdata->local);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) update_vlan_tailroom_need_count(sdata, -delta);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) sdata->crypto_tx_tailroom_needed_cnt -= delta;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) struct ieee80211_sub_if_data *sdata = key->sdata;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) struct sta_info *sta;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) int ret = -EOPNOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) might_sleep();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) if (key->flags & KEY_FLAG_TAINTED) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) /* If we get here, it's during resume and the key is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) * tainted so shouldn't be used/programmed any more.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) * However, its flags may still indicate that it was
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) * programmed into the device (since we're in resume)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) * so clear that flag now to avoid trying to remove
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) * it again later.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) !(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) increment_tailroom_need_count(sdata);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) if (!key->local->ops->set_key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) goto out_unsupported;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) assert_key_lock(key->local);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) sta = key->sta;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) * If this is a per-STA GTK, check if it
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) * is supported; if not, return.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) goto out_unsupported;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) if (sta && !sta->uploaded)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) goto out_unsupported;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) * The driver doesn't know anything about VLAN interfaces.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) * Hence, don't send GTKs for VLAN interfaces to the driver.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) ret = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) goto out_unsupported;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) ret = drv_set_key(key->local, SET_KEY, sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) sta ? &sta->sta : NULL, &key->conf);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) if (!ret) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) decrease_tailroom_need_count(sdata, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_MIC_SPACE) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) sdata_err(sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) "failed to set key (%d, %pM) to hardware (%d)\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) key->conf.keyidx,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) sta ? sta->sta.addr : bcast_addr, ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) out_unsupported:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) switch (key->conf.cipher) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) case WLAN_CIPHER_SUITE_WEP40:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) case WLAN_CIPHER_SUITE_WEP104:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) case WLAN_CIPHER_SUITE_TKIP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) case WLAN_CIPHER_SUITE_CCMP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) case WLAN_CIPHER_SUITE_CCMP_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) case WLAN_CIPHER_SUITE_GCMP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) case WLAN_CIPHER_SUITE_GCMP_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) case WLAN_CIPHER_SUITE_AES_CMAC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) case WLAN_CIPHER_SUITE_BIP_CMAC_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) case WLAN_CIPHER_SUITE_BIP_GMAC_128:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) case WLAN_CIPHER_SUITE_BIP_GMAC_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) /* all of these we can do in software - if driver can */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) if (ret == 1)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) struct ieee80211_sub_if_data *sdata;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) struct sta_info *sta;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) might_sleep();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) if (!key || !key->local->ops->set_key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) assert_key_lock(key->local);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) sta = key->sta;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) sdata = key->sdata;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249) if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252) increment_tailroom_need_count(sdata);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254) key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255) ret = drv_set_key(key->local, DISABLE_KEY, sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256) sta ? &sta->sta : NULL, &key->conf);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258) if (ret)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) sdata_err(sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) "failed to remove key (%d, %pM) from hardware (%d)\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) key->conf.keyidx,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262) sta ? sta->sta.addr : bcast_addr, ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265) static int _ieee80211_set_tx_key(struct ieee80211_key *key, bool force)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267) struct sta_info *sta = key->sta;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268) struct ieee80211_local *local = key->local;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270) assert_key_lock(local);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272) set_sta_flag(sta, WLAN_STA_USES_ENCRYPTION);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274) sta->ptk_idx = key->conf.keyidx;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276) if (force || !ieee80211_hw_check(&local->hw, AMPDU_KEYBORDER_SUPPORT))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277) clear_sta_flag(sta, WLAN_STA_BLOCK_BA);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278) ieee80211_check_fast_xmit(sta);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283) int ieee80211_set_tx_key(struct ieee80211_key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) return _ieee80211_set_tx_key(key, false);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288) static void ieee80211_pairwise_rekey(struct ieee80211_key *old,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289) struct ieee80211_key *new)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291) struct ieee80211_local *local = new->local;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292) struct sta_info *sta = new->sta;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293) int i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 294)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 295) assert_key_lock(local);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 296)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 297) if (new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 298) /* Extended Key ID key install, initial one or rekey */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 299)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 300) if (sta->ptk_idx != INVALID_PTK_KEYIDX &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 301) !ieee80211_hw_check(&local->hw, AMPDU_KEYBORDER_SUPPORT)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 302) /* Aggregation Sessions with Extended Key ID must not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 303) * mix MPDUs with different keyIDs within one A-MPDU.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 304) * Tear down running Tx aggregation sessions and block
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 305) * new Rx/Tx aggregation requests during rekey to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 306) * ensure there are no A-MPDUs when the driver is not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 307) * supporting A-MPDU key borders. (Blocking Tx only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 308) * would be sufficient but WLAN_STA_BLOCK_BA gets the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 309) * job done for the few ms we need it.)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 310) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 311) set_sta_flag(sta, WLAN_STA_BLOCK_BA);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 312) mutex_lock(&sta->ampdu_mlme.mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 313) for (i = 0; i < IEEE80211_NUM_TIDS; i++)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 314) ___ieee80211_stop_tx_ba_session(sta, i,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 315) AGG_STOP_LOCAL_REQUEST);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 316) mutex_unlock(&sta->ampdu_mlme.mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 317) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 318) } else if (old) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 319) /* Rekey without Extended Key ID.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 320) * Aggregation sessions are OK when running on SW crypto.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 321) * A broken remote STA may cause issues not observed with HW
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 322) * crypto, though.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 323) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 324) if (!(old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 325) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 326)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 327) /* Stop Tx till we are on the new key */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 328) old->flags |= KEY_FLAG_TAINTED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 329) ieee80211_clear_fast_xmit(sta);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 330) if (ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 331) set_sta_flag(sta, WLAN_STA_BLOCK_BA);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 332) ieee80211_sta_tear_down_BA_sessions(sta,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 333) AGG_STOP_LOCAL_REQUEST);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 334) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 335) if (!wiphy_ext_feature_isset(local->hw.wiphy,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 336) NL80211_EXT_FEATURE_CAN_REPLACE_PTK0)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 337) pr_warn_ratelimited("Rekeying PTK for STA %pM but driver can't safely do that.",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 338) sta->sta.addr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 339) /* Flushing the driver queues *may* help prevent
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 340) * the clear text leaks and freezes.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 341) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 342) ieee80211_flush_queues(local, old->sdata, false);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 343) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 344) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 345) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 346)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 347) static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 348) int idx, bool uni, bool multi)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 349) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 350) struct ieee80211_key *key = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 351)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 352) assert_key_lock(sdata->local);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 353)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 354) if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 355) key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 356)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 357) if (uni) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 358) rcu_assign_pointer(sdata->default_unicast_key, key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 359) ieee80211_check_fast_xmit_iface(sdata);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 360) if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 361) drv_set_default_unicast_key(sdata->local, sdata, idx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 362) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 363)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 364) if (multi)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 365) rcu_assign_pointer(sdata->default_multicast_key, key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 366)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 367) ieee80211_debugfs_key_update_default(sdata);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 368) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 369)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 370) void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 371) bool uni, bool multi)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 372) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 373) mutex_lock(&sdata->local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 374) __ieee80211_set_default_key(sdata, idx, uni, multi);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 375) mutex_unlock(&sdata->local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 376) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 377)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 378) static void
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 379) __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 380) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 381) struct ieee80211_key *key = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 382)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 383) assert_key_lock(sdata->local);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 384)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 385) if (idx >= NUM_DEFAULT_KEYS &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 386) idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 387) key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 388)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 389) rcu_assign_pointer(sdata->default_mgmt_key, key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 390)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 391) ieee80211_debugfs_key_update_default(sdata);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 392) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 393)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 394) void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 395) int idx)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 396) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 397) mutex_lock(&sdata->local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 398) __ieee80211_set_default_mgmt_key(sdata, idx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 399) mutex_unlock(&sdata->local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 400) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 401)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 402) static void
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 403) __ieee80211_set_default_beacon_key(struct ieee80211_sub_if_data *sdata, int idx)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 404) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 405) struct ieee80211_key *key = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 406)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 407) assert_key_lock(sdata->local);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 408)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 409) if (idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 410) idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS +
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 411) NUM_DEFAULT_BEACON_KEYS)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 412) key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 413)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 414) rcu_assign_pointer(sdata->default_beacon_key, key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 415)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 416) ieee80211_debugfs_key_update_default(sdata);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 417) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 418)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 419) void ieee80211_set_default_beacon_key(struct ieee80211_sub_if_data *sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 420) int idx)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 421) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 422) mutex_lock(&sdata->local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 423) __ieee80211_set_default_beacon_key(sdata, idx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 424) mutex_unlock(&sdata->local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 425) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 426)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 427) static int ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 428) struct sta_info *sta,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 429) bool pairwise,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 430) struct ieee80211_key *old,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 431) struct ieee80211_key *new)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 432) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 433) int idx;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 434) int ret = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 435) bool defunikey, defmultikey, defmgmtkey, defbeaconkey;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 436)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 437) /* caller must provide at least one old/new */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 438) if (WARN_ON(!new && !old))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 439) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 440)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 441) if (new)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 442) list_add_tail_rcu(&new->list, &sdata->key_list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 443)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 444) WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 445)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 446) if (new && sta && pairwise) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 447) /* Unicast rekey needs special handling. With Extended Key ID
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 448) * old is still NULL for the first rekey.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 449) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 450) ieee80211_pairwise_rekey(old, new);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 451) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 452)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 453) if (old) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 454) idx = old->conf.keyidx;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 455)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 456) if (old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 457) ieee80211_key_disable_hw_accel(old);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 458)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 459) if (new)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 460) ret = ieee80211_key_enable_hw_accel(new);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 461) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 462) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 463) /* new must be provided in case old is not */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 464) idx = new->conf.keyidx;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 465) if (!new->local->wowlan)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 466) ret = ieee80211_key_enable_hw_accel(new);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 467) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 468)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 469) if (ret)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 470) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 471)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 472) if (sta) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 473) if (pairwise) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 474) rcu_assign_pointer(sta->ptk[idx], new);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 475) if (new &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 476) !(new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 477) _ieee80211_set_tx_key(new, true);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 478) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 479) rcu_assign_pointer(sta->gtk[idx], new);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 480) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 481) /* Only needed for transition from no key -> key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 482) * Still triggers unnecessary when using Extended Key ID
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 483) * and installing the second key ID the first time.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 484) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 485) if (new && !old)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 486) ieee80211_check_fast_rx(sta);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 487) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 488) defunikey = old &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 489) old == key_mtx_dereference(sdata->local,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 490) sdata->default_unicast_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 491) defmultikey = old &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 492) old == key_mtx_dereference(sdata->local,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 493) sdata->default_multicast_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 494) defmgmtkey = old &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 495) old == key_mtx_dereference(sdata->local,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 496) sdata->default_mgmt_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 497) defbeaconkey = old &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 498) old == key_mtx_dereference(sdata->local,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 499) sdata->default_beacon_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 500)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 501) if (defunikey && !new)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 502) __ieee80211_set_default_key(sdata, -1, true, false);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 503) if (defmultikey && !new)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 504) __ieee80211_set_default_key(sdata, -1, false, true);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 505) if (defmgmtkey && !new)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 506) __ieee80211_set_default_mgmt_key(sdata, -1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 507) if (defbeaconkey && !new)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 508) __ieee80211_set_default_beacon_key(sdata, -1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 509)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 510) rcu_assign_pointer(sdata->keys[idx], new);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 511) if (defunikey && new)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 512) __ieee80211_set_default_key(sdata, new->conf.keyidx,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 513) true, false);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 514) if (defmultikey && new)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 515) __ieee80211_set_default_key(sdata, new->conf.keyidx,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 516) false, true);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 517) if (defmgmtkey && new)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 518) __ieee80211_set_default_mgmt_key(sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 519) new->conf.keyidx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 520) if (defbeaconkey && new)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 521) __ieee80211_set_default_beacon_key(sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 522) new->conf.keyidx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 523) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 524)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 525) if (old)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 526) list_del_rcu(&old->list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 527)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 528) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 529) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 530)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 531) struct ieee80211_key *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 532) ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 533) const u8 *key_data,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 534) size_t seq_len, const u8 *seq,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 535) const struct ieee80211_cipher_scheme *cs)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 536) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 537) struct ieee80211_key *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 538) int i, j, err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 539)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 540) if (WARN_ON(idx < 0 ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 541) idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS +
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 542) NUM_DEFAULT_BEACON_KEYS))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 543) return ERR_PTR(-EINVAL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 544)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 545) key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 546) if (!key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 547) return ERR_PTR(-ENOMEM);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 548)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 549) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 550) * Default to software encryption; we'll later upload the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 551) * key to the hardware if possible.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 552) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 553) key->conf.flags = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 554) key->flags = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 555)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 556) key->conf.cipher = cipher;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 557) key->conf.keyidx = idx;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 558) key->conf.keylen = key_len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 559) switch (cipher) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 560) case WLAN_CIPHER_SUITE_WEP40:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 561) case WLAN_CIPHER_SUITE_WEP104:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 562) key->conf.iv_len = IEEE80211_WEP_IV_LEN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 563) key->conf.icv_len = IEEE80211_WEP_ICV_LEN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 564) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 565) case WLAN_CIPHER_SUITE_TKIP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 566) key->conf.iv_len = IEEE80211_TKIP_IV_LEN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 567) key->conf.icv_len = IEEE80211_TKIP_ICV_LEN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 568) if (seq) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 569) for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 570) key->u.tkip.rx[i].iv32 =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 571) get_unaligned_le32(&seq[2]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 572) key->u.tkip.rx[i].iv16 =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 573) get_unaligned_le16(seq);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 574) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 575) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 576) spin_lock_init(&key->u.tkip.txlock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 577) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 578) case WLAN_CIPHER_SUITE_CCMP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 579) key->conf.iv_len = IEEE80211_CCMP_HDR_LEN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 580) key->conf.icv_len = IEEE80211_CCMP_MIC_LEN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 581) if (seq) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 582) for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 583) for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 584) key->u.ccmp.rx_pn[i][j] =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 585) seq[IEEE80211_CCMP_PN_LEN - j - 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 586) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 587) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 588) * Initialize AES key state here as an optimization so that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 589) * it does not need to be initialized for every packet.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 590) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 591) key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 592) key_data, key_len, IEEE80211_CCMP_MIC_LEN);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 593) if (IS_ERR(key->u.ccmp.tfm)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 594) err = PTR_ERR(key->u.ccmp.tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 595) kfree(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 596) return ERR_PTR(err);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 597) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 598) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 599) case WLAN_CIPHER_SUITE_CCMP_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 600) key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 601) key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 602) for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 603) for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 604) key->u.ccmp.rx_pn[i][j] =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 605) seq[IEEE80211_CCMP_256_PN_LEN - j - 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 606) /* Initialize AES key state here as an optimization so that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 607) * it does not need to be initialized for every packet.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 608) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 609) key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 610) key_data, key_len, IEEE80211_CCMP_256_MIC_LEN);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 611) if (IS_ERR(key->u.ccmp.tfm)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 612) err = PTR_ERR(key->u.ccmp.tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 613) kfree(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 614) return ERR_PTR(err);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 615) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 616) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 617) case WLAN_CIPHER_SUITE_AES_CMAC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 618) case WLAN_CIPHER_SUITE_BIP_CMAC_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 619) key->conf.iv_len = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 620) if (cipher == WLAN_CIPHER_SUITE_AES_CMAC)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 621) key->conf.icv_len = sizeof(struct ieee80211_mmie);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 622) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 623) key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 624) if (seq)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 625) for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 626) key->u.aes_cmac.rx_pn[j] =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 627) seq[IEEE80211_CMAC_PN_LEN - j - 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 628) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 629) * Initialize AES key state here as an optimization so that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 630) * it does not need to be initialized for every packet.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 631) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 632) key->u.aes_cmac.tfm =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 633) ieee80211_aes_cmac_key_setup(key_data, key_len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 634) if (IS_ERR(key->u.aes_cmac.tfm)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 635) err = PTR_ERR(key->u.aes_cmac.tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 636) kfree(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 637) return ERR_PTR(err);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 638) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 639) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 640) case WLAN_CIPHER_SUITE_BIP_GMAC_128:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 641) case WLAN_CIPHER_SUITE_BIP_GMAC_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 642) key->conf.iv_len = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 643) key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 644) if (seq)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 645) for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 646) key->u.aes_gmac.rx_pn[j] =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 647) seq[IEEE80211_GMAC_PN_LEN - j - 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 648) /* Initialize AES key state here as an optimization so that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 649) * it does not need to be initialized for every packet.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 650) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 651) key->u.aes_gmac.tfm =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 652) ieee80211_aes_gmac_key_setup(key_data, key_len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 653) if (IS_ERR(key->u.aes_gmac.tfm)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 654) err = PTR_ERR(key->u.aes_gmac.tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 655) kfree(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 656) return ERR_PTR(err);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 657) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 658) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 659) case WLAN_CIPHER_SUITE_GCMP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 660) case WLAN_CIPHER_SUITE_GCMP_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 661) key->conf.iv_len = IEEE80211_GCMP_HDR_LEN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 662) key->conf.icv_len = IEEE80211_GCMP_MIC_LEN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 663) for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 664) for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 665) key->u.gcmp.rx_pn[i][j] =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 666) seq[IEEE80211_GCMP_PN_LEN - j - 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 667) /* Initialize AES key state here as an optimization so that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 668) * it does not need to be initialized for every packet.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 669) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 670) key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 671) key_len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 672) if (IS_ERR(key->u.gcmp.tfm)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 673) err = PTR_ERR(key->u.gcmp.tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 674) kfree(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 675) return ERR_PTR(err);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 676) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 677) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 678) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 679) if (cs) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 680) if (seq_len && seq_len != cs->pn_len) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 681) kfree(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 682) return ERR_PTR(-EINVAL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 683) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 684)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 685) key->conf.iv_len = cs->hdr_len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 686) key->conf.icv_len = cs->mic_len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 687) for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 688) for (j = 0; j < seq_len; j++)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 689) key->u.gen.rx_pn[i][j] =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 690) seq[seq_len - j - 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 691) key->flags |= KEY_FLAG_CIPHER_SCHEME;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 692) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 693) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 694) memcpy(key->conf.key, key_data, key_len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 695) INIT_LIST_HEAD(&key->list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 696)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 697) return key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 698) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 699)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 700) static void ieee80211_key_free_common(struct ieee80211_key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 701) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 702) switch (key->conf.cipher) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 703) case WLAN_CIPHER_SUITE_CCMP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 704) case WLAN_CIPHER_SUITE_CCMP_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 705) ieee80211_aes_key_free(key->u.ccmp.tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 706) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 707) case WLAN_CIPHER_SUITE_AES_CMAC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 708) case WLAN_CIPHER_SUITE_BIP_CMAC_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 709) ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 710) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 711) case WLAN_CIPHER_SUITE_BIP_GMAC_128:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 712) case WLAN_CIPHER_SUITE_BIP_GMAC_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 713) ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 714) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 715) case WLAN_CIPHER_SUITE_GCMP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 716) case WLAN_CIPHER_SUITE_GCMP_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 717) ieee80211_aes_gcm_key_free(key->u.gcmp.tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 718) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 719) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 720) kfree_sensitive(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 721) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 722)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 723) static void __ieee80211_key_destroy(struct ieee80211_key *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 724) bool delay_tailroom)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 725) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 726) if (key->local) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 727) struct ieee80211_sub_if_data *sdata = key->sdata;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 728)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 729) ieee80211_debugfs_key_remove(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 730)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 731) if (delay_tailroom) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 732) /* see ieee80211_delayed_tailroom_dec */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 733) sdata->crypto_tx_tailroom_pending_dec++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 734) schedule_delayed_work(&sdata->dec_tailroom_needed_wk,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 735) HZ/2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 736) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 737) decrease_tailroom_need_count(sdata, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 738) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 739) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 740)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 741) ieee80211_key_free_common(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 742) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 743)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 744) static void ieee80211_key_destroy(struct ieee80211_key *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 745) bool delay_tailroom)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 746) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 747) if (!key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 748) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 749)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 750) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 751) * Synchronize so the TX path and rcu key iterators
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 752) * can no longer be using this key before we free/remove it.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 753) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 754) synchronize_net();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 755)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 756) __ieee80211_key_destroy(key, delay_tailroom);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 757) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 758)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 759) void ieee80211_key_free_unused(struct ieee80211_key *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 760) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 761) WARN_ON(key->sdata || key->local);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 762) ieee80211_key_free_common(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 763) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 764)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 765) static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 766) struct ieee80211_key *old,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 767) struct ieee80211_key *new)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 768) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 769) u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 770) u8 *tk_old, *tk_new;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 771)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 772) if (!old || new->conf.keylen != old->conf.keylen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 773) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 774)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 775) tk_old = old->conf.key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 776) tk_new = new->conf.key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 777)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 778) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 779) * In station mode, don't compare the TX MIC key, as it's never used
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 780) * and offloaded rekeying may not care to send it to the host. This
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 781) * is the case in iwlwifi, for example.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 782) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 783) if (sdata->vif.type == NL80211_IFTYPE_STATION &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 784) new->conf.cipher == WLAN_CIPHER_SUITE_TKIP &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 785) new->conf.keylen == WLAN_KEY_LEN_TKIP &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 786) !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 787) memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 788) memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 789) memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 790) memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 791) tk_old = tkip_old;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 792) tk_new = tkip_new;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 793) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 794)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 795) return !crypto_memneq(tk_old, tk_new, new->conf.keylen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 796) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 797)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 798) int ieee80211_key_link(struct ieee80211_key *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 799) struct ieee80211_sub_if_data *sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 800) struct sta_info *sta)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 801) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 802) static atomic_t key_color = ATOMIC_INIT(0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 803) struct ieee80211_key *old_key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 804) int idx = key->conf.keyidx;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 805) bool pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 806) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 807) * We want to delay tailroom updates only for station - in that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 808) * case it helps roaming speed, but in other cases it hurts and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 809) * can cause warnings to appear.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 810) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 811) bool delay_tailroom = sdata->vif.type == NL80211_IFTYPE_STATION;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 812) int ret = -EOPNOTSUPP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 813)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 814) mutex_lock(&sdata->local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 815)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 816) if (sta && pairwise) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 817) struct ieee80211_key *alt_key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 818)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 819) old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 820) alt_key = key_mtx_dereference(sdata->local, sta->ptk[idx ^ 1]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 821)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 822) /* The rekey code assumes that the old and new key are using
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 823) * the same cipher. Enforce the assumption for pairwise keys.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 824) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 825) if ((alt_key && alt_key->conf.cipher != key->conf.cipher) ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 826) (old_key && old_key->conf.cipher != key->conf.cipher))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 827) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 828) } else if (sta) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 829) old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 830) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 831) old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 832) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 833)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 834) /* Non-pairwise keys must also not switch the cipher on rekey */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 835) if (!pairwise) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 836) if (old_key && old_key->conf.cipher != key->conf.cipher)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 837) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 838) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 839)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 840) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 841) * Silently accept key re-installation without really installing the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 842) * new version of the key to avoid nonce reuse or replay issues.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 843) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 844) if (ieee80211_key_identical(sdata, old_key, key)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 845) ieee80211_key_free_unused(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 846) ret = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 847) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 848) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 849)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 850) key->local = sdata->local;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 851) key->sdata = sdata;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 852) key->sta = sta;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 853)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 854) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 855) * Assign a unique ID to every key so we can easily prevent mixed
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 856) * key and fragment cache attacks.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 857) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 858) key->color = atomic_inc_return(&key_color);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 859)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 860) increment_tailroom_need_count(sdata);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 861)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 862) ret = ieee80211_key_replace(sdata, sta, pairwise, old_key, key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 863)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 864) if (!ret) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 865) ieee80211_debugfs_key_add(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 866) ieee80211_key_destroy(old_key, delay_tailroom);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 867) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 868) ieee80211_key_free(key, delay_tailroom);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 869) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 870)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 871) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 872) mutex_unlock(&sdata->local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 873)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 874) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 875) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 876)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 877) void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 878) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 879) if (!key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 880) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 881)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 882) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 883) * Replace key with nothingness if it was ever used.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 884) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 885) if (key->sdata)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 886) ieee80211_key_replace(key->sdata, key->sta,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 887) key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 888) key, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 889) ieee80211_key_destroy(key, delay_tailroom);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 890) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 891)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 892) void ieee80211_reenable_keys(struct ieee80211_sub_if_data *sdata)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 893) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 894) struct ieee80211_key *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 895) struct ieee80211_sub_if_data *vlan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 896)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 897) ASSERT_RTNL();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 898)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 899) mutex_lock(&sdata->local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 900)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 901) sdata->crypto_tx_tailroom_needed_cnt = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 902) sdata->crypto_tx_tailroom_pending_dec = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 903)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 904) if (sdata->vif.type == NL80211_IFTYPE_AP) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 905) list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 906) vlan->crypto_tx_tailroom_needed_cnt = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 907) vlan->crypto_tx_tailroom_pending_dec = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 908) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 909) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 910)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 911) if (ieee80211_sdata_running(sdata)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 912) list_for_each_entry(key, &sdata->key_list, list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 913) increment_tailroom_need_count(sdata);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 914) ieee80211_key_enable_hw_accel(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 915) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 916) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 917)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 918) mutex_unlock(&sdata->local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 919) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 920)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 921) void ieee80211_iter_keys(struct ieee80211_hw *hw,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 922) struct ieee80211_vif *vif,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 923) void (*iter)(struct ieee80211_hw *hw,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 924) struct ieee80211_vif *vif,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 925) struct ieee80211_sta *sta,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 926) struct ieee80211_key_conf *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 927) void *data),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 928) void *iter_data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 929) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 930) struct ieee80211_local *local = hw_to_local(hw);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 931) struct ieee80211_key *key, *tmp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 932) struct ieee80211_sub_if_data *sdata;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 933)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 934) ASSERT_RTNL();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 935)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 936) mutex_lock(&local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 937) if (vif) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 938) sdata = vif_to_sdata(vif);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 939) list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 940) iter(hw, &sdata->vif,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 941) key->sta ? &key->sta->sta : NULL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 942) &key->conf, iter_data);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 943) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 944) list_for_each_entry(sdata, &local->interfaces, list)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 945) list_for_each_entry_safe(key, tmp,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 946) &sdata->key_list, list)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 947) iter(hw, &sdata->vif,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 948) key->sta ? &key->sta->sta : NULL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 949) &key->conf, iter_data);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 950) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 951) mutex_unlock(&local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 952) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 953) EXPORT_SYMBOL(ieee80211_iter_keys);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 954)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 955) static void
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 956) _ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 957) struct ieee80211_sub_if_data *sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 958) void (*iter)(struct ieee80211_hw *hw,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 959) struct ieee80211_vif *vif,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 960) struct ieee80211_sta *sta,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 961) struct ieee80211_key_conf *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 962) void *data),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 963) void *iter_data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 964) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 965) struct ieee80211_key *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 966)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 967) list_for_each_entry_rcu(key, &sdata->key_list, list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 968) /* skip keys of station in removal process */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 969) if (key->sta && key->sta->removed)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 970) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 971) if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 972) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 973)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 974) iter(hw, &sdata->vif,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 975) key->sta ? &key->sta->sta : NULL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 976) &key->conf, iter_data);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 977) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 978) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 979)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 980) void ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 981) struct ieee80211_vif *vif,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 982) void (*iter)(struct ieee80211_hw *hw,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 983) struct ieee80211_vif *vif,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 984) struct ieee80211_sta *sta,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 985) struct ieee80211_key_conf *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 986) void *data),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 987) void *iter_data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 988) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 989) struct ieee80211_local *local = hw_to_local(hw);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 990) struct ieee80211_sub_if_data *sdata;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 991)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 992) if (vif) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 993) sdata = vif_to_sdata(vif);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 994) _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 995) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 996) list_for_each_entry_rcu(sdata, &local->interfaces, list)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 997) _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 998) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 999) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1000) EXPORT_SYMBOL(ieee80211_iter_keys_rcu);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1001)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1002) static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1003) struct list_head *keys)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1004) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1005) struct ieee80211_key *key, *tmp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1006)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1007) decrease_tailroom_need_count(sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1008) sdata->crypto_tx_tailroom_pending_dec);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1009) sdata->crypto_tx_tailroom_pending_dec = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1010)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1011) ieee80211_debugfs_key_remove_mgmt_default(sdata);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1012) ieee80211_debugfs_key_remove_beacon_default(sdata);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1013)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1014) list_for_each_entry_safe(key, tmp, &sdata->key_list, list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1015) ieee80211_key_replace(key->sdata, key->sta,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1016) key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1017) key, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1018) list_add_tail(&key->list, keys);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1019) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1020)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1021) ieee80211_debugfs_key_update_default(sdata);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1022) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1023)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1024) void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1025) bool force_synchronize)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1026) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1027) struct ieee80211_local *local = sdata->local;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1028) struct ieee80211_sub_if_data *vlan;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1029) struct ieee80211_sub_if_data *master;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1030) struct ieee80211_key *key, *tmp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1031) LIST_HEAD(keys);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1032)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1033) cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1034)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1035) mutex_lock(&local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1036)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1037) ieee80211_free_keys_iface(sdata, &keys);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1038)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1039) if (sdata->vif.type == NL80211_IFTYPE_AP) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1040) list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1041) ieee80211_free_keys_iface(vlan, &keys);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1042) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1043)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1044) if (!list_empty(&keys) || force_synchronize)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1045) synchronize_net();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1046) list_for_each_entry_safe(key, tmp, &keys, list)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1047) __ieee80211_key_destroy(key, false);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1048)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1049) if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1050) if (sdata->bss) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1051) master = container_of(sdata->bss,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1052) struct ieee80211_sub_if_data,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1053) u.ap);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1054)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1055) WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt !=
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1056) master->crypto_tx_tailroom_needed_cnt);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1057) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1058) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1059) WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1060) sdata->crypto_tx_tailroom_pending_dec);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1061) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1062)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1063) if (sdata->vif.type == NL80211_IFTYPE_AP) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1064) list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1065) WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1066) vlan->crypto_tx_tailroom_pending_dec);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1067) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1068)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1069) mutex_unlock(&local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1070) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1071)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1072) void ieee80211_free_sta_keys(struct ieee80211_local *local,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1073) struct sta_info *sta)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1074) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1075) struct ieee80211_key *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1076) int i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1077)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1078) mutex_lock(&local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1079) for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1080) key = key_mtx_dereference(local, sta->gtk[i]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1081) if (!key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1082) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1083) ieee80211_key_replace(key->sdata, key->sta,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1084) key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1085) key, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1086) __ieee80211_key_destroy(key, key->sdata->vif.type ==
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1087) NL80211_IFTYPE_STATION);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1088) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1089)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1090) for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1091) key = key_mtx_dereference(local, sta->ptk[i]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1092) if (!key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1093) continue;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1094) ieee80211_key_replace(key->sdata, key->sta,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1095) key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1096) key, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1097) __ieee80211_key_destroy(key, key->sdata->vif.type ==
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1098) NL80211_IFTYPE_STATION);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1099) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1100)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1101) mutex_unlock(&local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1102) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1103)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1104) void ieee80211_delayed_tailroom_dec(struct work_struct *wk)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1105) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1106) struct ieee80211_sub_if_data *sdata;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1107)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1108) sdata = container_of(wk, struct ieee80211_sub_if_data,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1109) dec_tailroom_needed_wk.work);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1110)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1111) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1112) * The reason for the delayed tailroom needed decrementing is to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1113) * make roaming faster: during roaming, all keys are first deleted
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1114) * and then new keys are installed. The first new key causes the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1115) * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1116) * the cost of synchronize_net() (which can be slow). Avoid this
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1117) * by deferring the crypto_tx_tailroom_needed_cnt decrementing on
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1118) * key removal for a while, so if we roam the value is larger than
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1119) * zero and no 0->1 transition happens.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1120) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1121) * The cost is that if the AP switching was from an AP with keys
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1122) * to one without, we still allocate tailroom while it would no
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1123) * longer be needed. However, in the typical (fast) roaming case
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1124) * within an ESS this usually won't happen.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1125) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1126)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1127) mutex_lock(&sdata->local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1128) decrease_tailroom_need_count(sdata,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1129) sdata->crypto_tx_tailroom_pending_dec);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1130) sdata->crypto_tx_tailroom_pending_dec = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1131) mutex_unlock(&sdata->local->key_mtx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1132) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1133)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1134) void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1135) const u8 *replay_ctr, gfp_t gfp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1136) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1137) struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1138)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1139) trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1140)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1141) cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1142) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1143) EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1144)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1145) void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1146) int tid, struct ieee80211_key_seq *seq)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1147) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1148) struct ieee80211_key *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1149) const u8 *pn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1150)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1151) key = container_of(keyconf, struct ieee80211_key, conf);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1152)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1153) switch (key->conf.cipher) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1154) case WLAN_CIPHER_SUITE_TKIP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1155) if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1156) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1157) seq->tkip.iv32 = key->u.tkip.rx[tid].iv32;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1158) seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1159) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1160) case WLAN_CIPHER_SUITE_CCMP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1161) case WLAN_CIPHER_SUITE_CCMP_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1162) if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1163) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1164) if (tid < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1165) pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1166) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1167) pn = key->u.ccmp.rx_pn[tid];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1168) memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1169) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1170) case WLAN_CIPHER_SUITE_AES_CMAC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1171) case WLAN_CIPHER_SUITE_BIP_CMAC_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1172) if (WARN_ON(tid != 0))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1173) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1174) pn = key->u.aes_cmac.rx_pn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1175) memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1176) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1177) case WLAN_CIPHER_SUITE_BIP_GMAC_128:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1178) case WLAN_CIPHER_SUITE_BIP_GMAC_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1179) if (WARN_ON(tid != 0))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1180) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1181) pn = key->u.aes_gmac.rx_pn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1182) memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1183) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1184) case WLAN_CIPHER_SUITE_GCMP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1185) case WLAN_CIPHER_SUITE_GCMP_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1186) if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1187) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1188) if (tid < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1189) pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1190) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1191) pn = key->u.gcmp.rx_pn[tid];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1192) memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1193) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1194) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1195) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1196) EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1197)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1198) void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1199) int tid, struct ieee80211_key_seq *seq)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1200) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1201) struct ieee80211_key *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1202) u8 *pn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1203)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1204) key = container_of(keyconf, struct ieee80211_key, conf);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1205)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1206) switch (key->conf.cipher) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1207) case WLAN_CIPHER_SUITE_TKIP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1208) if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1209) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1210) key->u.tkip.rx[tid].iv32 = seq->tkip.iv32;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1211) key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1212) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1213) case WLAN_CIPHER_SUITE_CCMP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1214) case WLAN_CIPHER_SUITE_CCMP_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1215) if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1216) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1217) if (tid < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1218) pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1219) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1220) pn = key->u.ccmp.rx_pn[tid];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1221) memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1222) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1223) case WLAN_CIPHER_SUITE_AES_CMAC:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1224) case WLAN_CIPHER_SUITE_BIP_CMAC_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1225) if (WARN_ON(tid != 0))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1226) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1227) pn = key->u.aes_cmac.rx_pn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1228) memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1229) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1230) case WLAN_CIPHER_SUITE_BIP_GMAC_128:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1231) case WLAN_CIPHER_SUITE_BIP_GMAC_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1232) if (WARN_ON(tid != 0))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1233) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1234) pn = key->u.aes_gmac.rx_pn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1235) memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1236) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1237) case WLAN_CIPHER_SUITE_GCMP:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1238) case WLAN_CIPHER_SUITE_GCMP_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1239) if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1240) return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1241) if (tid < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1242) pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1243) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1244) pn = key->u.gcmp.rx_pn[tid];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1245) memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1246) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1247) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1248) WARN_ON(1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1249) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1250) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1251) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1252) EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1253)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1254) void ieee80211_remove_key(struct ieee80211_key_conf *keyconf)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1255) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1256) struct ieee80211_key *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1257)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1258) key = container_of(keyconf, struct ieee80211_key, conf);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1259)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1260) assert_key_lock(key->local);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1261)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1262) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1263) * if key was uploaded, we assume the driver will/has remove(d)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1264) * it, so adjust bookkeeping accordingly
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1265) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1266) if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1267) key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1268)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1269) if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1270) IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1271) IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1272) increment_tailroom_need_count(key->sdata);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1273) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1274)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1275) ieee80211_key_free(key, false);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1276) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1277) EXPORT_SYMBOL_GPL(ieee80211_remove_key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1278)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1279) struct ieee80211_key_conf *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1280) ieee80211_gtk_rekey_add(struct ieee80211_vif *vif,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1281) struct ieee80211_key_conf *keyconf)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1282) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1283) struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1284) struct ieee80211_local *local = sdata->local;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1285) struct ieee80211_key *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1286) int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1287)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1288) if (WARN_ON(!local->wowlan))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1289) return ERR_PTR(-EINVAL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1290)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1291) if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1292) return ERR_PTR(-EINVAL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1293)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1294) key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1295) keyconf->keylen, keyconf->key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1296) 0, NULL, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1297) if (IS_ERR(key))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1298) return ERR_CAST(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1299)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1300) if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1301) key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1302)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1303) err = ieee80211_key_link(key, sdata, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1304) if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1305) return ERR_PTR(err);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1306)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1307) return &key->conf;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1308) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1309) EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add);
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags