Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
tjh.dev
kernel
os
linux
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * Key management related functions.
4 *
5 * Copyright (c) 2017-2019, Silicon Laboratories, Inc.
6 * Copyright (c) 2010, ST-Ericsson
7 */
8#include <linux/etherdevice.h>
9#include <net/mac80211.h>
10
11#include "key.h"
12#include "wfx.h"
13#include "hif_tx_mib.h"
14
15static int wfx_alloc_key(struct wfx_dev *wdev)
16{
17 int idx;
18
19 idx = ffs(~wdev->key_map) - 1;
20 if (idx < 0 || idx >= MAX_KEY_ENTRIES)
21 return -1;
22
23 wdev->key_map |= BIT(idx);
24 return idx;
25}
26
27static void wfx_free_key(struct wfx_dev *wdev, int idx)
28{
29 WARN(!(wdev->key_map & BIT(idx)), "inconsistent key allocation");
30 wdev->key_map &= ~BIT(idx);
31}
32
33static u8 fill_wep_pair(struct hif_wep_pairwise_key *msg,
34 struct ieee80211_key_conf *key, u8 *peer_addr)
35{
36 WARN(key->keylen > sizeof(msg->key_data), "inconsistent data");
37 msg->key_length = key->keylen;
38 memcpy(msg->key_data, key->key, key->keylen);
39 ether_addr_copy(msg->peer_address, peer_addr);
40 return HIF_KEY_TYPE_WEP_PAIRWISE;
41}
42
43static u8 fill_wep_group(struct hif_wep_group_key *msg,
44 struct ieee80211_key_conf *key)
45{
46 WARN(key->keylen > sizeof(msg->key_data), "inconsistent data");
47 msg->key_id = key->keyidx;
48 msg->key_length = key->keylen;
49 memcpy(msg->key_data, key->key, key->keylen);
50 return HIF_KEY_TYPE_WEP_DEFAULT;
51}
52
53static u8 fill_tkip_pair(struct hif_tkip_pairwise_key *msg,
54 struct ieee80211_key_conf *key, u8 *peer_addr)
55{
56 u8 *keybuf = key->key;
57
58 WARN(key->keylen != sizeof(msg->tkip_key_data)
59 + sizeof(msg->tx_mic_key)
60 + sizeof(msg->rx_mic_key), "inconsistent data");
61 memcpy(msg->tkip_key_data, keybuf, sizeof(msg->tkip_key_data));
62 keybuf += sizeof(msg->tkip_key_data);
63 memcpy(msg->tx_mic_key, keybuf, sizeof(msg->tx_mic_key));
64 keybuf += sizeof(msg->tx_mic_key);
65 memcpy(msg->rx_mic_key, keybuf, sizeof(msg->rx_mic_key));
66 ether_addr_copy(msg->peer_address, peer_addr);
67 return HIF_KEY_TYPE_TKIP_PAIRWISE;
68}
69
70static u8 fill_tkip_group(struct hif_tkip_group_key *msg,
71 struct ieee80211_key_conf *key,
72 struct ieee80211_key_seq *seq,
73 enum nl80211_iftype iftype)
74{
75 u8 *keybuf = key->key;
76
77 WARN(key->keylen != sizeof(msg->tkip_key_data)
78 + 2 * sizeof(msg->rx_mic_key), "inconsistent data");
79 msg->key_id = key->keyidx;
80 memcpy(msg->rx_sequence_counter,
81 &seq->tkip.iv16, sizeof(seq->tkip.iv16));
82 memcpy(msg->rx_sequence_counter + sizeof(u16),
83 &seq->tkip.iv32, sizeof(seq->tkip.iv32));
84 memcpy(msg->tkip_key_data, keybuf, sizeof(msg->tkip_key_data));
85 keybuf += sizeof(msg->tkip_key_data);
86 if (iftype == NL80211_IFTYPE_AP)
87 // Use Tx MIC Key
88 memcpy(msg->rx_mic_key, keybuf + 0, sizeof(msg->rx_mic_key));
89 else
90 // Use Rx MIC Key
91 memcpy(msg->rx_mic_key, keybuf + 8, sizeof(msg->rx_mic_key));
92 return HIF_KEY_TYPE_TKIP_GROUP;
93}
94
95static u8 fill_ccmp_pair(struct hif_aes_pairwise_key *msg,
96 struct ieee80211_key_conf *key, u8 *peer_addr)
97{
98 WARN(key->keylen != sizeof(msg->aes_key_data), "inconsistent data");
99 ether_addr_copy(msg->peer_address, peer_addr);
100 memcpy(msg->aes_key_data, key->key, key->keylen);
101 return HIF_KEY_TYPE_AES_PAIRWISE;
102}
103
104static u8 fill_ccmp_group(struct hif_aes_group_key *msg,
105 struct ieee80211_key_conf *key,
106 struct ieee80211_key_seq *seq)
107{
108 WARN(key->keylen != sizeof(msg->aes_key_data), "inconsistent data");
109 memcpy(msg->aes_key_data, key->key, key->keylen);
110 memcpy(msg->rx_sequence_counter, seq->ccmp.pn, sizeof(seq->ccmp.pn));
111 memreverse(msg->rx_sequence_counter, sizeof(seq->ccmp.pn));
112 msg->key_id = key->keyidx;
113 return HIF_KEY_TYPE_AES_GROUP;
114}
115
116static u8 fill_sms4_pair(struct hif_wapi_pairwise_key *msg,
117 struct ieee80211_key_conf *key, u8 *peer_addr)
118{
119 u8 *keybuf = key->key;
120
121 WARN(key->keylen != sizeof(msg->wapi_key_data)
122 + sizeof(msg->mic_key_data), "inconsistent data");
123 ether_addr_copy(msg->peer_address, peer_addr);
124 memcpy(msg->wapi_key_data, keybuf, sizeof(msg->wapi_key_data));
125 keybuf += sizeof(msg->wapi_key_data);
126 memcpy(msg->mic_key_data, keybuf, sizeof(msg->mic_key_data));
127 msg->key_id = key->keyidx;
128 return HIF_KEY_TYPE_WAPI_PAIRWISE;
129}
130
131static u8 fill_sms4_group(struct hif_wapi_group_key *msg,
132 struct ieee80211_key_conf *key)
133{
134 u8 *keybuf = key->key;
135
136 WARN(key->keylen != sizeof(msg->wapi_key_data)
137 + sizeof(msg->mic_key_data), "inconsistent data");
138 memcpy(msg->wapi_key_data, keybuf, sizeof(msg->wapi_key_data));
139 keybuf += sizeof(msg->wapi_key_data);
140 memcpy(msg->mic_key_data, keybuf, sizeof(msg->mic_key_data));
141 msg->key_id = key->keyidx;
142 return HIF_KEY_TYPE_WAPI_GROUP;
143}
144
145static u8 fill_aes_cmac_group(struct hif_igtk_group_key *msg,
146 struct ieee80211_key_conf *key,
147 struct ieee80211_key_seq *seq)
148{
149 WARN(key->keylen != sizeof(msg->igtk_key_data), "inconsistent data");
150 memcpy(msg->igtk_key_data, key->key, key->keylen);
151 memcpy(msg->ipn, seq->aes_cmac.pn, sizeof(seq->aes_cmac.pn));
152 memreverse(msg->ipn, sizeof(seq->aes_cmac.pn));
153 msg->key_id = key->keyidx;
154 return HIF_KEY_TYPE_IGTK_GROUP;
155}
156
157static int wfx_add_key(struct wfx_vif *wvif, struct ieee80211_sta *sta,
158 struct ieee80211_key_conf *key)
159{
160 int ret;
161 struct hif_req_add_key k = { };
162 struct ieee80211_key_seq seq;
163 struct wfx_dev *wdev = wvif->wdev;
164 int idx = wfx_alloc_key(wvif->wdev);
165 bool pairwise = key->flags & IEEE80211_KEY_FLAG_PAIRWISE;
166
167 WARN(key->flags & IEEE80211_KEY_FLAG_PAIRWISE && !sta, "inconsistent data");
168 ieee80211_get_key_rx_seq(key, 0, &seq);
169 if (idx < 0)
170 return -EINVAL;
171 k.int_id = wvif->id;
172 k.entry_index = idx;
173 if (key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
174 key->cipher == WLAN_CIPHER_SUITE_WEP104) {
175 if (pairwise)
176 k.type = fill_wep_pair(&k.key.wep_pairwise_key, key,
177 sta->addr);
178 else
179 k.type = fill_wep_group(&k.key.wep_group_key, key);
180 } else if (key->cipher == WLAN_CIPHER_SUITE_TKIP) {
181 if (pairwise)
182 k.type = fill_tkip_pair(&k.key.tkip_pairwise_key, key,
183 sta->addr);
184 else
185 k.type = fill_tkip_group(&k.key.tkip_group_key, key,
186 &seq, wvif->vif->type);
187 } else if (key->cipher == WLAN_CIPHER_SUITE_CCMP) {
188 if (pairwise)
189 k.type = fill_ccmp_pair(&k.key.aes_pairwise_key, key,
190 sta->addr);
191 else
192 k.type = fill_ccmp_group(&k.key.aes_group_key, key,
193 &seq);
194 } else if (key->cipher == WLAN_CIPHER_SUITE_SMS4) {
195 if (pairwise)
196 k.type = fill_sms4_pair(&k.key.wapi_pairwise_key, key,
197 sta->addr);
198 else
199 k.type = fill_sms4_group(&k.key.wapi_group_key, key);
200 } else if (key->cipher == WLAN_CIPHER_SUITE_AES_CMAC) {
201 k.type = fill_aes_cmac_group(&k.key.igtk_group_key, key,
202 &seq);
203 } else {
204 dev_warn(wdev->dev, "unsupported key type %d\n", key->cipher);
205 wfx_free_key(wdev, idx);
206 return -EOPNOTSUPP;
207 }
208 ret = hif_add_key(wdev, &k);
209 if (ret) {
210 wfx_free_key(wdev, idx);
211 return -EOPNOTSUPP;
212 }
213 key->flags |= IEEE80211_KEY_FLAG_PUT_IV_SPACE |
214 IEEE80211_KEY_FLAG_RESERVE_TAILROOM;
215 key->hw_key_idx = idx;
216 return 0;
217}
218
219static int wfx_remove_key(struct wfx_vif *wvif, struct ieee80211_key_conf *key)
220{
221 WARN(key->hw_key_idx >= MAX_KEY_ENTRIES, "corrupted hw_key_idx");
222 wfx_free_key(wvif->wdev, key->hw_key_idx);
223 return hif_remove_key(wvif->wdev, key->hw_key_idx);
224}
225
226int wfx_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
227 struct ieee80211_vif *vif, struct ieee80211_sta *sta,
228 struct ieee80211_key_conf *key)
229{
230 int ret = -EOPNOTSUPP;
231 struct wfx_vif *wvif = (struct wfx_vif *)vif->drv_priv;
232
233 mutex_lock(&wvif->wdev->conf_mutex);
234 if (cmd == SET_KEY)
235 ret = wfx_add_key(wvif, sta, key);
236 if (cmd == DISABLE_KEY)
237 ret = wfx_remove_key(wvif, key);
238 mutex_unlock(&wvif->wdev->conf_mutex);
239 return ret;
240}
241