Gitiles
Code Review Sign In
192.168.1.100 / T108 / e958203796650e3959a43708d67534bf36f4c83b / . / marvell / linux / net / mac80211 / key.c
blob: 5889a590b3edd38b7b18e55a1f9e9556607d0999 [file] [log] [blame]
b.liue9582032025-04-17 19:18:16 +0800[diff] [blame^]1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * Copyright 2002-2005, Instant802 Networks, Inc.
4 * Copyright 2005-2006, Devicescape Software, Inc.
5 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
6 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
7 * Copyright 2013-2014 Intel Mobile Communications GmbH
8 * Copyright 2015-2017 Intel Deutschland GmbH
9 * Copyright 2018-2020 Intel Corporation
10 */
11
12#include <linux/if_ether.h>
13#include <linux/etherdevice.h>
14#include <linux/list.h>
15#include <linux/rcupdate.h>
16#include <linux/rtnetlink.h>
17#include <linux/slab.h>
18#include <linux/export.h>
19#include <net/mac80211.h>
20#include <crypto/algapi.h>
21#include <asm/unaligned.h>
22#include "ieee80211_i.h"
23#include "driver-ops.h"
24#include "debugfs_key.h"
25#include "aes_ccm.h"
26#include "aes_cmac.h"
27#include "aes_gmac.h"
28#include "aes_gcm.h"
29
30
31/**
32 * DOC: Key handling basics
33 *
34 * Key handling in mac80211 is done based on per-interface (sub_if_data)
35 * keys and per-station keys. Since each station belongs to an interface,
36 * each station key also belongs to that interface.
37 *
38 * Hardware acceleration is done on a best-effort basis for algorithms
39 * that are implemented in software, for each key the hardware is asked
40 * to enable that key for offloading but if it cannot do that the key is
41 * simply kept for software encryption (unless it is for an algorithm
42 * that isn't implemented in software).
43 * There is currently no way of knowing whether a key is handled in SW
44 * or HW except by looking into debugfs.
45 *
46 * All key management is internally protected by a mutex. Within all
47 * other parts of mac80211, key references are, just as STA structure
48 * references, protected by RCU. Note, however, that some things are
49 * unprotected, namely the key->sta dereferences within the hardware
50 * acceleration functions. This means that sta_info_destroy() must
51 * remove the key which waits for an RCU grace period.
52 */
53
54static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
55
56static void assert_key_lock(struct ieee80211_local *local)
57{
58 lockdep_assert_held(&local->key_mtx);
59}
60
61static void
62update_vlan_tailroom_need_count(struct ieee80211_sub_if_data *sdata, int delta)
63{
64 struct ieee80211_sub_if_data *vlan;
65
66 if (sdata->vif.type != NL80211_IFTYPE_AP)
67 return;
68
69 /* crypto_tx_tailroom_needed_cnt is protected by this */
70 assert_key_lock(sdata->local);
71
72 rcu_read_lock();
73
74 list_for_each_entry_rcu(vlan, &sdata->u.ap.vlans, u.vlan.list)
75 vlan->crypto_tx_tailroom_needed_cnt += delta;
76
77 rcu_read_unlock();
78}
79
80static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
81{
82 /*
83 * When this count is zero, SKB resizing for allocating tailroom
84 * for IV or MMIC is skipped. But, this check has created two race
85 * cases in xmit path while transiting from zero count to one:
86 *
87 * 1. SKB resize was skipped because no key was added but just before
88 * the xmit key is added and SW encryption kicks off.
89 *
90 * 2. SKB resize was skipped because all the keys were hw planted but
91 * just before xmit one of the key is deleted and SW encryption kicks
92 * off.
93 *
94 * In both the above case SW encryption will find not enough space for
95 * tailroom and exits with WARN_ON. (See WARN_ONs at wpa.c)
96 *
97 * Solution has been explained at
98 * http://mid.gmane.org/1308590980.4322.19.camel@jlt3.sipsolutions.net
99 */
100
101 assert_key_lock(sdata->local);
102
103 update_vlan_tailroom_need_count(sdata, 1);
104
105 if (!sdata->crypto_tx_tailroom_needed_cnt++) {
106 /*
107 * Flush all XMIT packets currently using HW encryption or no
108 * encryption at all if the count transition is from 0 -> 1.
109 */
110 synchronize_net();
111 }
112}
113
114static void decrease_tailroom_need_count(struct ieee80211_sub_if_data *sdata,
115 int delta)
116{
117 assert_key_lock(sdata->local);
118
119 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt < delta);
120
121 update_vlan_tailroom_need_count(sdata, -delta);
122 sdata->crypto_tx_tailroom_needed_cnt -= delta;
123}
124
125static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
126{
127 struct ieee80211_sub_if_data *sdata = key->sdata;
128 struct sta_info *sta;
129 int ret = -EOPNOTSUPP;
130
131 might_sleep();
132
133 if (key->flags & KEY_FLAG_TAINTED) {
134 /* If we get here, it's during resume and the key is
135 * tainted so shouldn't be used/programmed any more.
136 * However, its flags may still indicate that it was
137 * programmed into the device (since we're in resume)
138 * so clear that flag now to avoid trying to remove
139 * it again later.
140 */
141 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE &&
142 !(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
143 IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
144 IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
145 increment_tailroom_need_count(sdata);
146
147 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
148 return -EINVAL;
149 }
150
151 if (!key->local->ops->set_key)
152 goto out_unsupported;
153
154 assert_key_lock(key->local);
155
156 sta = key->sta;
157
158 /*
159 * If this is a per-STA GTK, check if it
160 * is supported; if not, return.
161 */
162 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) &&
163 !ieee80211_hw_check(&key->local->hw, SUPPORTS_PER_STA_GTK))
164 goto out_unsupported;
165
166 if (sta && !sta->uploaded)
167 goto out_unsupported;
168
169 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
170 /*
171 * The driver doesn't know anything about VLAN interfaces.
172 * Hence, don't send GTKs for VLAN interfaces to the driver.
173 */
174 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
175 ret = 1;
176 goto out_unsupported;
177 }
178 }
179
180 ret = drv_set_key(key->local, SET_KEY, sdata,
181 sta ? &sta->sta : NULL, &key->conf);
182
183 if (!ret) {
184 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
185
186 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
187 IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
188 IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
189 decrease_tailroom_need_count(sdata, 1);
190
191 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
192 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV));
193
194 WARN_ON((key->conf.flags & IEEE80211_KEY_FLAG_PUT_MIC_SPACE) &&
195 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC));
196
197 return 0;
198 }
199
200 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1)
201 sdata_err(sdata,
202 "failed to set key (%d, %pM) to hardware (%d)\n",
203 key->conf.keyidx,
204 sta ? sta->sta.addr : bcast_addr, ret);
205
206 out_unsupported:
207 switch (key->conf.cipher) {
208 case WLAN_CIPHER_SUITE_WEP40:
209 case WLAN_CIPHER_SUITE_WEP104:
210 case WLAN_CIPHER_SUITE_TKIP:
211 case WLAN_CIPHER_SUITE_CCMP:
212 case WLAN_CIPHER_SUITE_CCMP_256:
213 case WLAN_CIPHER_SUITE_AES_CMAC:
214 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
215 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
216 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
217 case WLAN_CIPHER_SUITE_GCMP:
218 case WLAN_CIPHER_SUITE_GCMP_256:
219 /* all of these we can do in software - if driver can */
220 if (ret == 1)
221 return 0;
222 if (ieee80211_hw_check(&key->local->hw, SW_CRYPTO_CONTROL))
223 return -EINVAL;
224 return 0;
225 default:
226 return -EINVAL;
227 }
228}
229
230static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
231{
232 struct ieee80211_sub_if_data *sdata;
233 struct sta_info *sta;
234 int ret;
235
236 might_sleep();
237
238 if (!key || !key->local->ops->set_key)
239 return;
240
241 assert_key_lock(key->local);
242
243 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
244 return;
245
246 sta = key->sta;
247 sdata = key->sdata;
248
249 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
250 IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
251 IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
252 increment_tailroom_need_count(sdata);
253
254 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
255 ret = drv_set_key(key->local, DISABLE_KEY, sdata,
256 sta ? &sta->sta : NULL, &key->conf);
257
258 if (ret)
259 sdata_err(sdata,
260 "failed to remove key (%d, %pM) from hardware (%d)\n",
261 key->conf.keyidx,
262 sta ? sta->sta.addr : bcast_addr, ret);
263}
264
265static int _ieee80211_set_tx_key(struct ieee80211_key *key, bool force)
266{
267 struct sta_info *sta = key->sta;
268 struct ieee80211_local *local = key->local;
269
270 assert_key_lock(local);
271
272 set_sta_flag(sta, WLAN_STA_USES_ENCRYPTION);
273
274 sta->ptk_idx = key->conf.keyidx;
275
276 if (force || !ieee80211_hw_check(&local->hw, AMPDU_KEYBORDER_SUPPORT))
277 clear_sta_flag(sta, WLAN_STA_BLOCK_BA);
278 ieee80211_check_fast_xmit(sta);
279
280 return 0;
281}
282
283int ieee80211_set_tx_key(struct ieee80211_key *key)
284{
285 return _ieee80211_set_tx_key(key, false);
286}
287
288static void ieee80211_pairwise_rekey(struct ieee80211_key *old,
289 struct ieee80211_key *new)
290{
291 struct ieee80211_local *local = new->local;
292 struct sta_info *sta = new->sta;
293 int i;
294
295 assert_key_lock(local);
296
297 if (new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX) {
298 /* Extended Key ID key install, initial one or rekey */
299
300 if (sta->ptk_idx != INVALID_PTK_KEYIDX &&
301 !ieee80211_hw_check(&local->hw, AMPDU_KEYBORDER_SUPPORT)) {
302 /* Aggregation Sessions with Extended Key ID must not
303 * mix MPDUs with different keyIDs within one A-MPDU.
304 * Tear down running Tx aggregation sessions and block
305 * new Rx/Tx aggregation requests during rekey to
306 * ensure there are no A-MPDUs when the driver is not
307 * supporting A-MPDU key borders. (Blocking Tx only
308 * would be sufficient but WLAN_STA_BLOCK_BA gets the
309 * job done for the few ms we need it.)
310 */
311 set_sta_flag(sta, WLAN_STA_BLOCK_BA);
312 mutex_lock(&sta->ampdu_mlme.mtx);
313 for (i = 0; i < IEEE80211_NUM_TIDS; i++)
314 ___ieee80211_stop_tx_ba_session(sta, i,
315 AGG_STOP_LOCAL_REQUEST);
316 mutex_unlock(&sta->ampdu_mlme.mtx);
317 }
318 } else if (old) {
319 /* Rekey without Extended Key ID.
320 * Aggregation sessions are OK when running on SW crypto.
321 * A broken remote STA may cause issues not observed with HW
322 * crypto, though.
323 */
324 if (!(old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
325 return;
326
327 /* Stop Tx till we are on the new key */
328 old->flags |= KEY_FLAG_TAINTED;
329 ieee80211_clear_fast_xmit(sta);
330 if (ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION)) {
331 set_sta_flag(sta, WLAN_STA_BLOCK_BA);
332 ieee80211_sta_tear_down_BA_sessions(sta,
333 AGG_STOP_LOCAL_REQUEST);
334 }
335 if (!wiphy_ext_feature_isset(local->hw.wiphy,
336 NL80211_EXT_FEATURE_CAN_REPLACE_PTK0)) {
337 pr_warn_ratelimited("Rekeying PTK for STA %pM but driver can't safely do that.",
338 sta->sta.addr);
339 /* Flushing the driver queues *may* help prevent
340 * the clear text leaks and freezes.
341 */
342 ieee80211_flush_queues(local, old->sdata, false);
343 }
344 }
345}
346
347static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
348 int idx, bool uni, bool multi)
349{
350 struct ieee80211_key *key = NULL;
351
352 assert_key_lock(sdata->local);
353
354 if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
355 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
356
357 if (uni) {
358 rcu_assign_pointer(sdata->default_unicast_key, key);
359 ieee80211_check_fast_xmit_iface(sdata);
360 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN)
361 drv_set_default_unicast_key(sdata->local, sdata, idx);
362 }
363
364 if (multi)
365 rcu_assign_pointer(sdata->default_multicast_key, key);
366
367 ieee80211_debugfs_key_update_default(sdata);
368}
369
370void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
371 bool uni, bool multi)
372{
373 mutex_lock(&sdata->local->key_mtx);
374 __ieee80211_set_default_key(sdata, idx, uni, multi);
375 mutex_unlock(&sdata->local->key_mtx);
376}
377
378static void
379__ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
380{
381 struct ieee80211_key *key = NULL;
382
383 assert_key_lock(sdata->local);
384
385 if (idx >= NUM_DEFAULT_KEYS &&
386 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
387 key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
388
389 rcu_assign_pointer(sdata->default_mgmt_key, key);
390
391 ieee80211_debugfs_key_update_default(sdata);
392}
393
394void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
395 int idx)
396{
397 mutex_lock(&sdata->local->key_mtx);
398 __ieee80211_set_default_mgmt_key(sdata, idx);
399 mutex_unlock(&sdata->local->key_mtx);
400}
401
402static int ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
403 struct sta_info *sta,
404 bool pairwise,
405 struct ieee80211_key *old,
406 struct ieee80211_key *new)
407{
408 int idx;
409 int ret = 0;
410 bool defunikey, defmultikey, defmgmtkey;
411
412 /* caller must provide at least one old/new */
413 if (WARN_ON(!new && !old))
414 return 0;
415
416 if (new)
417 list_add_tail_rcu(&new->list, &sdata->key_list);
418
419 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
420
421 if (new && sta && pairwise) {
422 /* Unicast rekey needs special handling. With Extended Key ID
423 * old is still NULL for the first rekey.
424 */
425 ieee80211_pairwise_rekey(old, new);
426 }
427
428 if (old) {
429 idx = old->conf.keyidx;
430
431 if (old->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
432 ieee80211_key_disable_hw_accel(old);
433
434 if (new)
435 ret = ieee80211_key_enable_hw_accel(new);
436 }
437 } else {
438 /* new must be provided in case old is not */
439 idx = new->conf.keyidx;
440 if (!new->local->wowlan)
441 ret = ieee80211_key_enable_hw_accel(new);
442 }
443
444 if (ret)
445 return ret;
446
447 if (sta) {
448 if (pairwise) {
449 rcu_assign_pointer(sta->ptk[idx], new);
450 if (new &&
451 !(new->conf.flags & IEEE80211_KEY_FLAG_NO_AUTO_TX))
452 _ieee80211_set_tx_key(new, true);
453 } else {
454 rcu_assign_pointer(sta->gtk[idx], new);
455 }
456 /* Only needed for transition from no key -> key.
457 * Still triggers unnecessary when using Extended Key ID
458 * and installing the second key ID the first time.
459 */
460 if (new && !old)
461 ieee80211_check_fast_rx(sta);
462 } else {
463 defunikey = old &&
464 old == key_mtx_dereference(sdata->local,
465 sdata->default_unicast_key);
466 defmultikey = old &&
467 old == key_mtx_dereference(sdata->local,
468 sdata->default_multicast_key);
469 defmgmtkey = old &&
470 old == key_mtx_dereference(sdata->local,
471 sdata->default_mgmt_key);
472
473 if (defunikey && !new)
474 __ieee80211_set_default_key(sdata, -1, true, false);
475 if (defmultikey && !new)
476 __ieee80211_set_default_key(sdata, -1, false, true);
477 if (defmgmtkey && !new)
478 __ieee80211_set_default_mgmt_key(sdata, -1);
479
480 rcu_assign_pointer(sdata->keys[idx], new);
481 if (defunikey && new)
482 __ieee80211_set_default_key(sdata, new->conf.keyidx,
483 true, false);
484 if (defmultikey && new)
485 __ieee80211_set_default_key(sdata, new->conf.keyidx,
486 false, true);
487 if (defmgmtkey && new)
488 __ieee80211_set_default_mgmt_key(sdata,
489 new->conf.keyidx);
490 }
491
492 if (old)
493 list_del_rcu(&old->list);
494
495 return 0;
496}
497
498struct ieee80211_key *
499ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
500 const u8 *key_data,
501 size_t seq_len, const u8 *seq,
502 const struct ieee80211_cipher_scheme *cs)
503{
504 struct ieee80211_key *key;
505 int i, j, err;
506
507 if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS))
508 return ERR_PTR(-EINVAL);
509
510 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
511 if (!key)
512 return ERR_PTR(-ENOMEM);
513
514 /*
515 * Default to software encryption; we'll later upload the
516 * key to the hardware if possible.
517 */
518 key->conf.flags = 0;
519 key->flags = 0;
520
521 key->conf.cipher = cipher;
522 key->conf.keyidx = idx;
523 key->conf.keylen = key_len;
524 switch (cipher) {
525 case WLAN_CIPHER_SUITE_WEP40:
526 case WLAN_CIPHER_SUITE_WEP104:
527 key->conf.iv_len = IEEE80211_WEP_IV_LEN;
528 key->conf.icv_len = IEEE80211_WEP_ICV_LEN;
529 break;
530 case WLAN_CIPHER_SUITE_TKIP:
531 key->conf.iv_len = IEEE80211_TKIP_IV_LEN;
532 key->conf.icv_len = IEEE80211_TKIP_ICV_LEN;
533 if (seq) {
534 for (i = 0; i < IEEE80211_NUM_TIDS; i++) {
535 key->u.tkip.rx[i].iv32 =
536 get_unaligned_le32(&seq[2]);
537 key->u.tkip.rx[i].iv16 =
538 get_unaligned_le16(seq);
539 }
540 }
541 spin_lock_init(&key->u.tkip.txlock);
542 break;
543 case WLAN_CIPHER_SUITE_CCMP:
544 key->conf.iv_len = IEEE80211_CCMP_HDR_LEN;
545 key->conf.icv_len = IEEE80211_CCMP_MIC_LEN;
546 if (seq) {
547 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
548 for (j = 0; j < IEEE80211_CCMP_PN_LEN; j++)
549 key->u.ccmp.rx_pn[i][j] =
550 seq[IEEE80211_CCMP_PN_LEN - j - 1];
551 }
552 /*
553 * Initialize AES key state here as an optimization so that
554 * it does not need to be initialized for every packet.
555 */
556 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
557 key_data, key_len, IEEE80211_CCMP_MIC_LEN);
558 if (IS_ERR(key->u.ccmp.tfm)) {
559 err = PTR_ERR(key->u.ccmp.tfm);
560 kfree(key);
561 return ERR_PTR(err);
562 }
563 break;
564 case WLAN_CIPHER_SUITE_CCMP_256:
565 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN;
566 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN;
567 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
568 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++)
569 key->u.ccmp.rx_pn[i][j] =
570 seq[IEEE80211_CCMP_256_PN_LEN - j - 1];
571 /* Initialize AES key state here as an optimization so that
572 * it does not need to be initialized for every packet.
573 */
574 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
575 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN);
576 if (IS_ERR(key->u.ccmp.tfm)) {
577 err = PTR_ERR(key->u.ccmp.tfm);
578 kfree(key);
579 return ERR_PTR(err);
580 }
581 break;
582 case WLAN_CIPHER_SUITE_AES_CMAC:
583 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
584 key->conf.iv_len = 0;
585 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC)
586 key->conf.icv_len = sizeof(struct ieee80211_mmie);
587 else
588 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
589 if (seq)
590 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
591 key->u.aes_cmac.rx_pn[j] =
592 seq[IEEE80211_CMAC_PN_LEN - j - 1];
593 /*
594 * Initialize AES key state here as an optimization so that
595 * it does not need to be initialized for every packet.
596 */
597 key->u.aes_cmac.tfm =
598 ieee80211_aes_cmac_key_setup(key_data, key_len);
599 if (IS_ERR(key->u.aes_cmac.tfm)) {
600 err = PTR_ERR(key->u.aes_cmac.tfm);
601 kfree(key);
602 return ERR_PTR(err);
603 }
604 break;
605 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
606 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
607 key->conf.iv_len = 0;
608 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
609 if (seq)
610 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++)
611 key->u.aes_gmac.rx_pn[j] =
612 seq[IEEE80211_GMAC_PN_LEN - j - 1];
613 /* Initialize AES key state here as an optimization so that
614 * it does not need to be initialized for every packet.
615 */
616 key->u.aes_gmac.tfm =
617 ieee80211_aes_gmac_key_setup(key_data, key_len);
618 if (IS_ERR(key->u.aes_gmac.tfm)) {
619 err = PTR_ERR(key->u.aes_gmac.tfm);
620 kfree(key);
621 return ERR_PTR(err);
622 }
623 break;
624 case WLAN_CIPHER_SUITE_GCMP:
625 case WLAN_CIPHER_SUITE_GCMP_256:
626 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN;
627 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN;
628 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
629 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++)
630 key->u.gcmp.rx_pn[i][j] =
631 seq[IEEE80211_GCMP_PN_LEN - j - 1];
632 /* Initialize AES key state here as an optimization so that
633 * it does not need to be initialized for every packet.
634 */
635 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data,
636 key_len);
637 if (IS_ERR(key->u.gcmp.tfm)) {
638 err = PTR_ERR(key->u.gcmp.tfm);
639 kfree(key);
640 return ERR_PTR(err);
641 }
642 break;
643 default:
644 if (cs) {
645 if (seq_len && seq_len != cs->pn_len) {
646 kfree(key);
647 return ERR_PTR(-EINVAL);
648 }
649
650 key->conf.iv_len = cs->hdr_len;
651 key->conf.icv_len = cs->mic_len;
652 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++)
653 for (j = 0; j < seq_len; j++)
654 key->u.gen.rx_pn[i][j] =
655 seq[seq_len - j - 1];
656 key->flags |= KEY_FLAG_CIPHER_SCHEME;
657 }
658 }
659 memcpy(key->conf.key, key_data, key_len);
660 INIT_LIST_HEAD(&key->list);
661
662 return key;
663}
664
665static void ieee80211_key_free_common(struct ieee80211_key *key)
666{
667 switch (key->conf.cipher) {
668 case WLAN_CIPHER_SUITE_CCMP:
669 case WLAN_CIPHER_SUITE_CCMP_256:
670 ieee80211_aes_key_free(key->u.ccmp.tfm);
671 break;
672 case WLAN_CIPHER_SUITE_AES_CMAC:
673 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
674 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
675 break;
676 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
677 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
678 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm);
679 break;
680 case WLAN_CIPHER_SUITE_GCMP:
681 case WLAN_CIPHER_SUITE_GCMP_256:
682 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm);
683 break;
684 }
685 kzfree(key);
686}
687
688static void __ieee80211_key_destroy(struct ieee80211_key *key,
689 bool delay_tailroom)
690{
691 if (key->local) {
692 struct ieee80211_sub_if_data *sdata = key->sdata;
693
694 ieee80211_debugfs_key_remove(key);
695
696 if (delay_tailroom) {
697 /* see ieee80211_delayed_tailroom_dec */
698 sdata->crypto_tx_tailroom_pending_dec++;
699 schedule_delayed_work(&sdata->dec_tailroom_needed_wk,
700 HZ/2);
701 } else {
702 decrease_tailroom_need_count(sdata, 1);
703 }
704 }
705
706 ieee80211_key_free_common(key);
707}
708
709static void ieee80211_key_destroy(struct ieee80211_key *key,
710 bool delay_tailroom)
711{
712 if (!key)
713 return;
714
715 /*
716 * Synchronize so the TX path and rcu key iterators
717 * can no longer be using this key before we free/remove it.
718 */
719 synchronize_net();
720
721 __ieee80211_key_destroy(key, delay_tailroom);
722}
723
724void ieee80211_key_free_unused(struct ieee80211_key *key)
725{
726 WARN_ON(key->sdata || key->local);
727 ieee80211_key_free_common(key);
728}
729
730static bool ieee80211_key_identical(struct ieee80211_sub_if_data *sdata,
731 struct ieee80211_key *old,
732 struct ieee80211_key *new)
733{
734 u8 tkip_old[WLAN_KEY_LEN_TKIP], tkip_new[WLAN_KEY_LEN_TKIP];
735 u8 *tk_old, *tk_new;
736
737 if (!old || new->conf.keylen != old->conf.keylen)
738 return false;
739
740 tk_old = old->conf.key;
741 tk_new = new->conf.key;
742
743 /*
744 * In station mode, don't compare the TX MIC key, as it's never used
745 * and offloaded rekeying may not care to send it to the host. This
746 * is the case in iwlwifi, for example.
747 */
748 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
749 new->conf.cipher == WLAN_CIPHER_SUITE_TKIP &&
750 new->conf.keylen == WLAN_KEY_LEN_TKIP &&
751 !(new->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
752 memcpy(tkip_old, tk_old, WLAN_KEY_LEN_TKIP);
753 memcpy(tkip_new, tk_new, WLAN_KEY_LEN_TKIP);
754 memset(tkip_old + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
755 memset(tkip_new + NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY, 0, 8);
756 tk_old = tkip_old;
757 tk_new = tkip_new;
758 }
759
760 return !crypto_memneq(tk_old, tk_new, new->conf.keylen);
761}
762
763int ieee80211_key_link(struct ieee80211_key *key,
764 struct ieee80211_sub_if_data *sdata,
765 struct sta_info *sta)
766{
767 static atomic_t key_color = ATOMIC_INIT(0);
768 struct ieee80211_key *old_key;
769 int idx = key->conf.keyidx;
770 bool pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
771 /*
772 * We want to delay tailroom updates only for station - in that
773 * case it helps roaming speed, but in other cases it hurts and
774 * can cause warnings to appear.
775 */
776 bool delay_tailroom = sdata->vif.type == NL80211_IFTYPE_STATION;
777 int ret = -EOPNOTSUPP;
778
779 mutex_lock(&sdata->local->key_mtx);
780
781 if (sta && pairwise) {
782 struct ieee80211_key *alt_key;
783
784 old_key = key_mtx_dereference(sdata->local, sta->ptk[idx]);
785 alt_key = key_mtx_dereference(sdata->local, sta->ptk[idx ^ 1]);
786
787 /* The rekey code assumes that the old and new key are using
788 * the same cipher. Enforce the assumption for pairwise keys.
789 */
790 if ((alt_key && alt_key->conf.cipher != key->conf.cipher) ||
791 (old_key && old_key->conf.cipher != key->conf.cipher))
792 goto out;
793 } else if (sta) {
794 old_key = key_mtx_dereference(sdata->local, sta->gtk[idx]);
795 } else {
796 old_key = key_mtx_dereference(sdata->local, sdata->keys[idx]);
797 }
798
799 /* Non-pairwise keys must also not switch the cipher on rekey */
800 if (!pairwise) {
801 if (old_key && old_key->conf.cipher != key->conf.cipher)
802 goto out;
803 }
804
805 /*
806 * Silently accept key re-installation without really installing the
807 * new version of the key to avoid nonce reuse or replay issues.
808 */
809 if (ieee80211_key_identical(sdata, old_key, key)) {
810 ieee80211_key_free_unused(key);
811 ret = -EALREADY;
812 goto out;
813 }
814
815 key->local = sdata->local;
816 key->sdata = sdata;
817 key->sta = sta;
818
819 /*
820 * Assign a unique ID to every key so we can easily prevent mixed
821 * key and fragment cache attacks.
822 */
823 key->color = atomic_inc_return(&key_color);
824
825 increment_tailroom_need_count(sdata);
826
827 ret = ieee80211_key_replace(sdata, sta, pairwise, old_key, key);
828
829 if (!ret) {
830 ieee80211_debugfs_key_add(key);
831 ieee80211_key_destroy(old_key, delay_tailroom);
832 } else {
833 ieee80211_key_free(key, delay_tailroom);
834 }
835
836 out:
837 mutex_unlock(&sdata->local->key_mtx);
838
839 return ret;
840}
841
842void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom)
843{
844 if (!key)
845 return;
846
847 /*
848 * Replace key with nothingness if it was ever used.
849 */
850 if (key->sdata)
851 ieee80211_key_replace(key->sdata, key->sta,
852 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
853 key, NULL);
854 ieee80211_key_destroy(key, delay_tailroom);
855}
856
857void ieee80211_reenable_keys(struct ieee80211_sub_if_data *sdata)
858{
859 struct ieee80211_key *key;
860 struct ieee80211_sub_if_data *vlan;
861
862 ASSERT_RTNL();
863
864 mutex_lock(&sdata->local->key_mtx);
865
866 sdata->crypto_tx_tailroom_needed_cnt = 0;
867 sdata->crypto_tx_tailroom_pending_dec = 0;
868
869 if (sdata->vif.type == NL80211_IFTYPE_AP) {
870 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) {
871 vlan->crypto_tx_tailroom_needed_cnt = 0;
872 vlan->crypto_tx_tailroom_pending_dec = 0;
873 }
874 }
875
876 if (ieee80211_sdata_running(sdata)) {
877 list_for_each_entry(key, &sdata->key_list, list) {
878 increment_tailroom_need_count(sdata);
879 ieee80211_key_enable_hw_accel(key);
880 }
881 }
882
883 mutex_unlock(&sdata->local->key_mtx);
884}
885
886static void
887ieee80211_key_iter(struct ieee80211_hw *hw,
888 struct ieee80211_vif *vif,
889 struct ieee80211_key *key,
890 void (*iter)(struct ieee80211_hw *hw,
891 struct ieee80211_vif *vif,
892 struct ieee80211_sta *sta,
893 struct ieee80211_key_conf *key,
894 void *data),
895 void *iter_data)
896{
897 /* skip keys of station in removal process */
898 if (key->sta && key->sta->removed)
899 return;
900 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
901 return;
902 iter(hw, vif, key->sta ? &key->sta->sta : NULL,
903 &key->conf, iter_data);
904}
905
906void ieee80211_iter_keys(struct ieee80211_hw *hw,
907 struct ieee80211_vif *vif,
908 void (*iter)(struct ieee80211_hw *hw,
909 struct ieee80211_vif *vif,
910 struct ieee80211_sta *sta,
911 struct ieee80211_key_conf *key,
912 void *data),
913 void *iter_data)
914{
915 struct ieee80211_local *local = hw_to_local(hw);
916 struct ieee80211_key *key, *tmp;
917 struct ieee80211_sub_if_data *sdata;
918
919 ASSERT_RTNL();
920
921 mutex_lock(&local->key_mtx);
922 if (vif) {
923 sdata = vif_to_sdata(vif);
924 list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
925 ieee80211_key_iter(hw, vif, key, iter, iter_data);
926 } else {
927 list_for_each_entry(sdata, &local->interfaces, list)
928 list_for_each_entry_safe(key, tmp,
929 &sdata->key_list, list)
930 ieee80211_key_iter(hw, &sdata->vif, key,
931 iter, iter_data);
932 }
933 mutex_unlock(&local->key_mtx);
934}
935EXPORT_SYMBOL(ieee80211_iter_keys);
936
937static void
938_ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
939 struct ieee80211_sub_if_data *sdata,
940 void (*iter)(struct ieee80211_hw *hw,
941 struct ieee80211_vif *vif,
942 struct ieee80211_sta *sta,
943 struct ieee80211_key_conf *key,
944 void *data),
945 void *iter_data)
946{
947 struct ieee80211_key *key;
948
949 list_for_each_entry_rcu(key, &sdata->key_list, list)
950 ieee80211_key_iter(hw, &sdata->vif, key, iter, iter_data);
951}
952
953void ieee80211_iter_keys_rcu(struct ieee80211_hw *hw,
954 struct ieee80211_vif *vif,
955 void (*iter)(struct ieee80211_hw *hw,
956 struct ieee80211_vif *vif,
957 struct ieee80211_sta *sta,
958 struct ieee80211_key_conf *key,
959 void *data),
960 void *iter_data)
961{
962 struct ieee80211_local *local = hw_to_local(hw);
963 struct ieee80211_sub_if_data *sdata;
964
965 if (vif) {
966 sdata = vif_to_sdata(vif);
967 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
968 } else {
969 list_for_each_entry_rcu(sdata, &local->interfaces, list)
970 _ieee80211_iter_keys_rcu(hw, sdata, iter, iter_data);
971 }
972}
973EXPORT_SYMBOL(ieee80211_iter_keys_rcu);
974
975static void ieee80211_free_keys_iface(struct ieee80211_sub_if_data *sdata,
976 struct list_head *keys)
977{
978 struct ieee80211_key *key, *tmp;
979
980 decrease_tailroom_need_count(sdata,
981 sdata->crypto_tx_tailroom_pending_dec);
982 sdata->crypto_tx_tailroom_pending_dec = 0;
983
984 ieee80211_debugfs_key_remove_mgmt_default(sdata);
985
986 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) {
987 ieee80211_key_replace(key->sdata, key->sta,
988 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
989 key, NULL);
990 list_add_tail(&key->list, keys);
991 }
992
993 ieee80211_debugfs_key_update_default(sdata);
994}
995
996void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata,
997 bool force_synchronize)
998{
999 struct ieee80211_local *local = sdata->local;
1000 struct ieee80211_sub_if_data *vlan;
1001 struct ieee80211_sub_if_data *master;
1002 struct ieee80211_key *key, *tmp;
1003 LIST_HEAD(keys);
1004
1005 cancel_delayed_work_sync(&sdata->dec_tailroom_needed_wk);
1006
1007 mutex_lock(&local->key_mtx);
1008
1009 ieee80211_free_keys_iface(sdata, &keys);
1010
1011 if (sdata->vif.type == NL80211_IFTYPE_AP) {
1012 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
1013 ieee80211_free_keys_iface(vlan, &keys);
1014 }
1015
1016 if (!list_empty(&keys) || force_synchronize)
1017 synchronize_net();
1018 list_for_each_entry_safe(key, tmp, &keys, list)
1019 __ieee80211_key_destroy(key, false);
1020
1021 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
1022 if (sdata->bss) {
1023 master = container_of(sdata->bss,
1024 struct ieee80211_sub_if_data,
1025 u.ap);
1026
1027 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt !=
1028 master->crypto_tx_tailroom_needed_cnt);
1029 }
1030 } else {
1031 WARN_ON_ONCE(sdata->crypto_tx_tailroom_needed_cnt ||
1032 sdata->crypto_tx_tailroom_pending_dec);
1033 }
1034
1035 if (sdata->vif.type == NL80211_IFTYPE_AP) {
1036 list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
1037 WARN_ON_ONCE(vlan->crypto_tx_tailroom_needed_cnt ||
1038 vlan->crypto_tx_tailroom_pending_dec);
1039 }
1040
1041 mutex_unlock(&local->key_mtx);
1042}
1043
1044void ieee80211_free_sta_keys(struct ieee80211_local *local,
1045 struct sta_info *sta)
1046{
1047 struct ieee80211_key *key;
1048 int i;
1049
1050 mutex_lock(&local->key_mtx);
1051 for (i = 0; i < ARRAY_SIZE(sta->gtk); i++) {
1052 key = key_mtx_dereference(local, sta->gtk[i]);
1053 if (!key)
1054 continue;
1055 ieee80211_key_replace(key->sdata, key->sta,
1056 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
1057 key, NULL);
1058 __ieee80211_key_destroy(key, key->sdata->vif.type ==
1059 NL80211_IFTYPE_STATION);
1060 }
1061
1062 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1063 key = key_mtx_dereference(local, sta->ptk[i]);
1064 if (!key)
1065 continue;
1066 ieee80211_key_replace(key->sdata, key->sta,
1067 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE,
1068 key, NULL);
1069 __ieee80211_key_destroy(key, key->sdata->vif.type ==
1070 NL80211_IFTYPE_STATION);
1071 }
1072
1073 mutex_unlock(&local->key_mtx);
1074}
1075
1076void ieee80211_delayed_tailroom_dec(struct work_struct *wk)
1077{
1078 struct ieee80211_sub_if_data *sdata;
1079
1080 sdata = container_of(wk, struct ieee80211_sub_if_data,
1081 dec_tailroom_needed_wk.work);
1082
1083 /*
1084 * The reason for the delayed tailroom needed decrementing is to
1085 * make roaming faster: during roaming, all keys are first deleted
1086 * and then new keys are installed. The first new key causes the
1087 * crypto_tx_tailroom_needed_cnt to go from 0 to 1, which invokes
1088 * the cost of synchronize_net() (which can be slow). Avoid this
1089 * by deferring the crypto_tx_tailroom_needed_cnt decrementing on
1090 * key removal for a while, so if we roam the value is larger than
1091 * zero and no 0->1 transition happens.
1092 *
1093 * The cost is that if the AP switching was from an AP with keys
1094 * to one without, we still allocate tailroom while it would no
1095 * longer be needed. However, in the typical (fast) roaming case
1096 * within an ESS this usually won't happen.
1097 */
1098
1099 mutex_lock(&sdata->local->key_mtx);
1100 decrease_tailroom_need_count(sdata,
1101 sdata->crypto_tx_tailroom_pending_dec);
1102 sdata->crypto_tx_tailroom_pending_dec = 0;
1103 mutex_unlock(&sdata->local->key_mtx);
1104}
1105
1106void ieee80211_gtk_rekey_notify(struct ieee80211_vif *vif, const u8 *bssid,
1107 const u8 *replay_ctr, gfp_t gfp)
1108{
1109 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1110
1111 trace_api_gtk_rekey_notify(sdata, bssid, replay_ctr);
1112
1113 cfg80211_gtk_rekey_notify(sdata->dev, bssid, replay_ctr, gfp);
1114}
1115EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_notify);
1116
1117void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
1118 int tid, struct ieee80211_key_seq *seq)
1119{
1120 struct ieee80211_key *key;
1121 const u8 *pn;
1122
1123 key = container_of(keyconf, struct ieee80211_key, conf);
1124
1125 switch (key->conf.cipher) {
1126 case WLAN_CIPHER_SUITE_TKIP:
1127 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1128 return;
1129 seq->tkip.iv32 = key->u.tkip.rx[tid].iv32;
1130 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
1131 break;
1132 case WLAN_CIPHER_SUITE_CCMP:
1133 case WLAN_CIPHER_SUITE_CCMP_256:
1134 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1135 return;
1136 if (tid < 0)
1137 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1138 else
1139 pn = key->u.ccmp.rx_pn[tid];
1140 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
1141 break;
1142 case WLAN_CIPHER_SUITE_AES_CMAC:
1143 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1144 if (WARN_ON(tid != 0))
1145 return;
1146 pn = key->u.aes_cmac.rx_pn;
1147 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
1148 break;
1149 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1150 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1151 if (WARN_ON(tid != 0))
1152 return;
1153 pn = key->u.aes_gmac.rx_pn;
1154 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN);
1155 break;
1156 case WLAN_CIPHER_SUITE_GCMP:
1157 case WLAN_CIPHER_SUITE_GCMP_256:
1158 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1159 return;
1160 if (tid < 0)
1161 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1162 else
1163 pn = key->u.gcmp.rx_pn[tid];
1164 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN);
1165 break;
1166 }
1167}
1168EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
1169
1170void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
1171 int tid, struct ieee80211_key_seq *seq)
1172{
1173 struct ieee80211_key *key;
1174 u8 *pn;
1175
1176 key = container_of(keyconf, struct ieee80211_key, conf);
1177
1178 switch (key->conf.cipher) {
1179 case WLAN_CIPHER_SUITE_TKIP:
1180 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
1181 return;
1182 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32;
1183 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
1184 break;
1185 case WLAN_CIPHER_SUITE_CCMP:
1186 case WLAN_CIPHER_SUITE_CCMP_256:
1187 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1188 return;
1189 if (tid < 0)
1190 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
1191 else
1192 pn = key->u.ccmp.rx_pn[tid];
1193 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
1194 break;
1195 case WLAN_CIPHER_SUITE_AES_CMAC:
1196 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1197 if (WARN_ON(tid != 0))
1198 return;
1199 pn = key->u.aes_cmac.rx_pn;
1200 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
1201 break;
1202 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1203 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1204 if (WARN_ON(tid != 0))
1205 return;
1206 pn = key->u.aes_gmac.rx_pn;
1207 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN);
1208 break;
1209 case WLAN_CIPHER_SUITE_GCMP:
1210 case WLAN_CIPHER_SUITE_GCMP_256:
1211 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1212 return;
1213 if (tid < 0)
1214 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1215 else
1216 pn = key->u.gcmp.rx_pn[tid];
1217 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN);
1218 break;
1219 default:
1220 WARN_ON(1);
1221 break;
1222 }
1223}
1224EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq);
1225
1226void ieee80211_remove_key(struct ieee80211_key_conf *keyconf)
1227{
1228 struct ieee80211_key *key;
1229
1230 key = container_of(keyconf, struct ieee80211_key, conf);
1231
1232 assert_key_lock(key->local);
1233
1234 /*
1235 * if key was uploaded, we assume the driver will/has remove(d)
1236 * it, so adjust bookkeeping accordingly
1237 */
1238 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
1239 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
1240
1241 if (!(key->conf.flags & (IEEE80211_KEY_FLAG_GENERATE_MMIC |
1242 IEEE80211_KEY_FLAG_PUT_MIC_SPACE |
1243 IEEE80211_KEY_FLAG_RESERVE_TAILROOM)))
1244 increment_tailroom_need_count(key->sdata);
1245 }
1246
1247 ieee80211_key_free(key, false);
1248}
1249EXPORT_SYMBOL_GPL(ieee80211_remove_key);
1250
1251struct ieee80211_key_conf *
1252ieee80211_gtk_rekey_add(struct ieee80211_vif *vif,
1253 struct ieee80211_key_conf *keyconf)
1254{
1255 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1256 struct ieee80211_local *local = sdata->local;
1257 struct ieee80211_key *key;
1258 int err;
1259
1260 if (WARN_ON(!local->wowlan))
1261 return ERR_PTR(-EINVAL);
1262
1263 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
1264 return ERR_PTR(-EINVAL);
1265
1266 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx,
1267 keyconf->keylen, keyconf->key,
1268 0, NULL, NULL);
1269 if (IS_ERR(key))
1270 return ERR_CAST(key);
1271
1272 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
1273 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
1274
1275 err = ieee80211_key_link(key, sdata, NULL);
1276 if (err)
1277 return ERR_PTR(err);
1278
1279 return &key->conf;
1280}
1281EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add);