tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge tag 'mac80211-next-for-davem-2015-02-03' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next
Last round of updates for net-next:
* revert a patch that caused a regression with mesh userspace (Bob)
* fix a number of suspend/resume related races
(from Emmanuel, Luca and myself - we'll look at backporting later)
* add software implementations for new ciphers (Jouni)
* add a new ACPI ID for Broadcom's rfkill (Mika)
* allow using netns FD for wireless (Vadim)
* some other cleanups (various)
Signed-off-by: David S. Miller <davem@davemloft.net>
+1441
-191
+2
-2
Documentation/DocBook/80211.tmpl
+2
-2
Documentation/DocBook/80211.tmpl
···
434
434
<section id="ps-client">
435
435
<title>support for powersaving clients</title>
436
436
!Pinclude/net/mac80211.h AP support for powersaving clients
437
-
</section>
438
437
!Finclude/net/mac80211.h ieee80211_get_buffered_bc
439
438
!Finclude/net/mac80211.h ieee80211_beacon_get
440
439
!Finclude/net/mac80211.h ieee80211_sta_eosp
···
442
443
!Finclude/net/mac80211.h ieee80211_sta_ps_transition_ni
443
444
!Finclude/net/mac80211.h ieee80211_sta_set_buffered
444
445
!Finclude/net/mac80211.h ieee80211_sta_block_awake
446
+
</section>
445
447
</chapter>
446
448
447
449
<chapter id="multi-iface">
···
487
487
<title>RX A-MPDU aggregation</title>
488
488
!Pnet/mac80211/agg-rx.c RX A-MPDU aggregation
489
489
!Cnet/mac80211/agg-rx.c
490
-
</sect1>
491
490
!Finclude/net/mac80211.h ieee80211_ampdu_mlme_action
491
+
</sect1>
492
492
</chapter>
493
493
494
494
<chapter id="smps">
+15
-1
drivers/net/wireless/ath/ath10k/mac.c
+15
-1
drivers/net/wireless/ath/ath10k/mac.c
···
76
76
if (memcmp(macaddr, arvif->vif->addr, ETH_ALEN))
77
77
arg.key_flags = WMI_KEY_PAIRWISE;
78
78
break;
79
+
case WLAN_CIPHER_SUITE_AES_CMAC:
80
+
/* this one needs to be done in software */
81
+
return 1;
79
82
default:
80
83
ath10k_warn(ar, "cipher %d is not supported\n", key->cipher);
81
84
return -EOPNOTSUPP;
···
5038
5035
5039
5036
int ath10k_mac_register(struct ath10k *ar)
5040
5037
{
5038
+
static const u32 cipher_suites[] = {
5039
+
WLAN_CIPHER_SUITE_WEP40,
5040
+
WLAN_CIPHER_SUITE_WEP104,
5041
+
WLAN_CIPHER_SUITE_TKIP,
5042
+
WLAN_CIPHER_SUITE_CCMP,
5043
+
WLAN_CIPHER_SUITE_AES_CMAC,
5044
+
};
5041
5045
struct ieee80211_supported_band *band;
5042
5046
struct ieee80211_sta_vht_cap vht_cap;
5043
5047
struct ieee80211_sta_ht_cap ht_cap;
···
5118
5108
IEEE80211_HW_REPORTS_TX_ACK_STATUS |
5119
5109
IEEE80211_HW_HAS_RATE_CONTROL |
5120
5110
IEEE80211_HW_AP_LINK_PS |
5121
-
IEEE80211_HW_SPECTRUM_MGMT;
5111
+
IEEE80211_HW_SPECTRUM_MGMT |
5112
+
IEEE80211_HW_SW_CRYPTO_CONTROL;
5122
5113
5123
5114
ar->hw->wiphy->features |= NL80211_FEATURE_STATIC_SMPS;
5124
5115
···
5192
5181
ath10k_err(ar, "failed to initialise regulatory: %i\n", ret);
5193
5182
goto err_free;
5194
5183
}
5184
+
5185
+
ar->hw->wiphy->cipher_suites = cipher_suites;
5186
+
ar->hw->wiphy->n_cipher_suites = ARRAY_SIZE(cipher_suites);
5195
5187
5196
5188
ret = ieee80211_register_hw(ar->hw);
5197
5189
if (ret) {
+27
include/linux/ieee80211.h
+27
include/linux/ieee80211.h
···
1017
1017
u8 mic[8];
1018
1018
} __packed;
1019
1019
1020
+
/* Management MIC information element (IEEE 802.11w) for GMAC and CMAC-256 */
1021
+
struct ieee80211_mmie_16 {
1022
+
u8 element_id;
1023
+
u8 length;
1024
+
__le16 key_id;
1025
+
u8 sequence_number[6];
1026
+
u8 mic[16];
1027
+
} __packed;
1028
+
1020
1029
struct ieee80211_vendor_ie {
1021
1030
u8 element_id;
1022
1031
u8 len;
···
2003
1994
WLAN_KEY_LEN_WEP40 = 5,
2004
1995
WLAN_KEY_LEN_WEP104 = 13,
2005
1996
WLAN_KEY_LEN_CCMP = 16,
1997
+
WLAN_KEY_LEN_CCMP_256 = 32,
2006
1998
WLAN_KEY_LEN_TKIP = 32,
2007
1999
WLAN_KEY_LEN_AES_CMAC = 16,
2008
2000
WLAN_KEY_LEN_SMS4 = 32,
2001
+
WLAN_KEY_LEN_GCMP = 16,
2002
+
WLAN_KEY_LEN_GCMP_256 = 32,
2003
+
WLAN_KEY_LEN_BIP_CMAC_256 = 32,
2004
+
WLAN_KEY_LEN_BIP_GMAC_128 = 16,
2005
+
WLAN_KEY_LEN_BIP_GMAC_256 = 32,
2009
2006
};
2010
2007
2011
2008
#define IEEE80211_WEP_IV_LEN 4
···
2019
2004
#define IEEE80211_CCMP_HDR_LEN 8
2020
2005
#define IEEE80211_CCMP_MIC_LEN 8
2021
2006
#define IEEE80211_CCMP_PN_LEN 6
2007
+
#define IEEE80211_CCMP_256_HDR_LEN 8
2008
+
#define IEEE80211_CCMP_256_MIC_LEN 16
2009
+
#define IEEE80211_CCMP_256_PN_LEN 6
2022
2010
#define IEEE80211_TKIP_IV_LEN 8
2023
2011
#define IEEE80211_TKIP_ICV_LEN 4
2024
2012
#define IEEE80211_CMAC_PN_LEN 6
2013
+
#define IEEE80211_GMAC_PN_LEN 6
2014
+
#define IEEE80211_GCMP_HDR_LEN 8
2015
+
#define IEEE80211_GCMP_MIC_LEN 16
2016
+
#define IEEE80211_GCMP_PN_LEN 6
2025
2017
2026
2018
/* Public action codes */
2027
2019
enum ieee80211_pub_actioncode {
···
2252
2230
#define WLAN_CIPHER_SUITE_WEP104 0x000FAC05
2253
2231
#define WLAN_CIPHER_SUITE_AES_CMAC 0x000FAC06
2254
2232
#define WLAN_CIPHER_SUITE_GCMP 0x000FAC08
2233
+
#define WLAN_CIPHER_SUITE_GCMP_256 0x000FAC09
2234
+
#define WLAN_CIPHER_SUITE_CCMP_256 0x000FAC0A
2235
+
#define WLAN_CIPHER_SUITE_BIP_GMAC_128 0x000FAC0B
2236
+
#define WLAN_CIPHER_SUITE_BIP_GMAC_256 0x000FAC0C
2237
+
#define WLAN_CIPHER_SUITE_BIP_CMAC_256 0x000FAC0D
2255
2238
2256
2239
#define WLAN_CIPHER_SUITE_SMS4 0x00147201
2257
2240
+5
include/net/cfg80211.h
+5
include/net/cfg80211.h
···
1493
1493
* @rcu_head: RCU callback used to free the struct
1494
1494
* @owner_nlportid: netlink portid of owner (if this should is a request
1495
1495
* owned by a particular socket)
1496
+
* @delay: delay in seconds to use before starting the first scan
1497
+
* cycle. The driver may ignore this parameter and start
1498
+
* immediately (or at any other time), if this feature is not
1499
+
* supported.
1496
1500
*/
1497
1501
struct cfg80211_sched_scan_request {
1498
1502
struct cfg80211_ssid *ssids;
···
1510
1506
struct cfg80211_match_set *match_sets;
1511
1507
int n_match_sets;
1512
1508
s32 min_rssi_thold;
1509
+
u32 delay;
1513
1510
1514
1511
u8 mac_addr[ETH_ALEN] __aligned(2);
1515
1512
u8 mac_addr_mask[ETH_ALEN] __aligned(2);
+34
-5
include/net/mac80211.h
+34
-5
include/net/mac80211.h
···
376
376
* @ssid_len: Length of SSID given in @ssid.
377
377
* @hidden_ssid: The SSID of the current vif is hidden. Only valid in AP-mode.
378
378
* @txpower: TX power in dBm
379
+
* @txpower_type: TX power adjustment used to control per packet Transmit
380
+
* Power Control (TPC) in lower driver for the current vif. In particular
381
+
* TPC is enabled if value passed in %txpower_type is
382
+
* NL80211_TX_POWER_LIMITED (allow using less than specified from
383
+
* userspace), whereas TPC is disabled if %txpower_type is set to
384
+
* NL80211_TX_POWER_FIXED (use value configured from userspace)
379
385
* @p2p_noa_attr: P2P NoA attribute for P2P powersave
380
386
*/
381
387
struct ieee80211_bss_conf {
···
417
411
size_t ssid_len;
418
412
bool hidden_ssid;
419
413
int txpower;
414
+
enum nl80211_tx_power_setting txpower_type;
420
415
struct ieee80211_p2p_noa_attr p2p_noa_attr;
421
416
};
422
417
···
1294
1287
* @IEEE80211_KEY_FLAG_PAIRWISE: Set by mac80211, this flag indicates
1295
1288
* that the key is pairwise rather then a shared key.
1296
1289
* @IEEE80211_KEY_FLAG_SW_MGMT_TX: This flag should be set by the driver for a
1297
-
* CCMP key if it requires CCMP encryption of management frames (MFP) to
1298
-
* be done in software.
1290
+
* CCMP/GCMP key if it requires CCMP/GCMP encryption of management frames
1291
+
* (MFP) to be done in software.
1299
1292
* @IEEE80211_KEY_FLAG_PUT_IV_SPACE: This flag should be set by the driver
1300
1293
* if space should be prepared for the IV, but the IV
1301
1294
* itself should not be generated. Do not set together with
···
1310
1303
* RX, if your crypto engine can't deal with TX you can also set the
1311
1304
* %IEEE80211_KEY_FLAG_SW_MGMT_TX flag to encrypt such frames in SW.
1312
1305
* @IEEE80211_KEY_FLAG_GENERATE_IV_MGMT: This flag should be set by the
1313
-
* driver for a CCMP key to indicate that is requires IV generation
1306
+
* driver for a CCMP/GCMP key to indicate that is requires IV generation
1314
1307
* only for managment frames (MFP).
1315
1308
* @IEEE80211_KEY_FLAG_RESERVE_TAILROOM: This flag should be set by the
1316
1309
* driver for a key to indicate that sufficient tailroom must always
···
1641
1634
* be created. It is expected user-space will create vifs as
1642
1635
* desired (and thus have them named as desired).
1643
1636
*
1637
+
* @IEEE80211_HW_SW_CRYPTO_CONTROL: The driver wants to control which of the
1638
+
* crypto algorithms can be done in software - so don't automatically
1639
+
* try to fall back to it if hardware crypto fails, but do so only if
1640
+
* the driver returns 1. This also forces the driver to advertise its
1641
+
* supported cipher suites.
1642
+
*
1644
1643
* @IEEE80211_HW_QUEUE_CONTROL: The driver wants to control per-interface
1645
1644
* queue mapping in order to use different queues (not just one per AC)
1646
1645
* for different virtual interfaces. See the doc section on HW queue
···
1694
1681
IEEE80211_HW_MFP_CAPABLE = 1<<13,
1695
1682
IEEE80211_HW_WANT_MONITOR_VIF = 1<<14,
1696
1683
IEEE80211_HW_NO_AUTO_VIF = 1<<15,
1684
+
IEEE80211_HW_SW_CRYPTO_CONTROL = 1<<16,
1697
1685
/* free slots */
1698
1686
IEEE80211_HW_REPORTS_TX_ACK_STATUS = 1<<18,
1699
1687
IEEE80211_HW_CONNECTION_MONITOR = 1<<19,
···
1968
1954
* the key is now in use, -%EOPNOTSUPP or -%ENOSPC if it couldn't be
1969
1955
* added; if you return 0 then hw_key_idx must be assigned to the
1970
1956
* hardware key index, you are free to use the full u8 range.
1957
+
*
1958
+
* Note that in the case that the @IEEE80211_HW_SW_CRYPTO_CONTROL flag is
1959
+
* set, mac80211 will not automatically fall back to software crypto if
1960
+
* enabling hardware crypto failed. The set_key() call may also return the
1961
+
* value 1 to permit this specific key/algorithm to be done in software.
1971
1962
*
1972
1963
* When the cmd is %DISABLE_KEY then it must succeed.
1973
1964
*
···
4098
4079
* reverse order than in packet)
4099
4080
* @aes_cmac: PN data, most significant byte first (big endian,
4100
4081
* reverse order than in packet)
4082
+
* @aes_gmac: PN data, most significant byte first (big endian,
4083
+
* reverse order than in packet)
4084
+
* @gcmp: PN data, most significant byte first (big endian,
4085
+
* reverse order than in packet)
4101
4086
*/
4102
4087
struct ieee80211_key_seq {
4103
4088
union {
···
4115
4092
struct {
4116
4093
u8 pn[6];
4117
4094
} aes_cmac;
4095
+
struct {
4096
+
u8 pn[6];
4097
+
} aes_gmac;
4098
+
struct {
4099
+
u8 pn[6];
4100
+
} gcmp;
4118
4101
};
4119
4102
};
4120
4103
···
4145
4116
* ieee80211_get_key_rx_seq - get key RX sequence counter
4146
4117
*
4147
4118
* @keyconf: the parameter passed with the set key
4148
-
* @tid: The TID, or -1 for the management frame value (CCMP only);
4119
+
* @tid: The TID, or -1 for the management frame value (CCMP/GCMP only);
4149
4120
* the value on TID 0 is also used for non-QoS frames. For
4150
4121
* CMAC, only TID 0 is valid.
4151
4122
* @seq: buffer to receive the sequence data
···
4181
4152
* ieee80211_set_key_rx_seq - set key RX sequence counter
4182
4153
*
4183
4154
* @keyconf: the parameter passed with the set key
4184
-
* @tid: The TID, or -1 for the management frame value (CCMP only);
4155
+
* @tid: The TID, or -1 for the management frame value (CCMP/GCMP only);
4185
4156
* the value on TID 0 is also used for non-QoS frames. For
4186
4157
* CMAC, only TID 0 is valid.
4187
4158
* @seq: new sequence data
+18
-8
include/uapi/linux/nl80211.h
+18
-8
include/uapi/linux/nl80211.h
···
180
180
* %NL80211_ATTR_WIPHY and %NL80211_ATTR_WIPHY_NAME.
181
181
*
182
182
* @NL80211_CMD_GET_INTERFACE: Request an interface's configuration;
183
-
* either a dump request on a %NL80211_ATTR_WIPHY or a specific get
184
-
* on an %NL80211_ATTR_IFINDEX is supported.
183
+
* either a dump request for all interfaces or a specific get with a
184
+
* single %NL80211_ATTR_IFINDEX is supported.
185
185
* @NL80211_CMD_SET_INTERFACE: Set type of a virtual interface, requires
186
186
* %NL80211_ATTR_IFINDEX and %NL80211_ATTR_IFTYPE.
187
187
* @NL80211_CMD_NEW_INTERFACE: Newly created virtual interface or response
···
324
324
* if passed, define which channels should be scanned; if not
325
325
* passed, all channels allowed for the current regulatory domain
326
326
* are used. Extra IEs can also be passed from the userspace by
327
-
* using the %NL80211_ATTR_IE attribute.
327
+
* using the %NL80211_ATTR_IE attribute. The first cycle of the
328
+
* scheduled scan can be delayed by %NL80211_ATTR_SCHED_SCAN_DELAY
329
+
* is supplied.
328
330
* @NL80211_CMD_STOP_SCHED_SCAN: stop a scheduled scan. Returns -ENOENT if
329
331
* scheduled scan is not running. The caller may assume that as soon
330
332
* as the call returns, it is safe to start a new scheduled scan again.
···
1737
1735
* should be contained in the result as the sum of the respective counters
1738
1736
* over all channels.
1739
1737
*
1738
+
* @NL80211_ATTR_SCHED_SCAN_DELAY: delay before a scheduled scan (or a
1739
+
* WoWLAN net-detect scan) is started, u32 in seconds.
1740
+
*
1740
1741
* @NUM_NL80211_ATTR: total number of nl80211_attrs available
1741
1742
* @NL80211_ATTR_MAX: highest attribute number currently defined
1742
1743
* @__NL80211_ATTR_AFTER_LAST: internal use
···
2102
2097
NL80211_ATTR_EXT_FEATURES,
2103
2098
2104
2099
NL80211_ATTR_SURVEY_RADIO_STATS,
2100
+
2101
+
NL80211_ATTR_NETNS_FD,
2102
+
2103
+
NL80211_ATTR_SCHED_SCAN_DELAY,
2105
2104
2106
2105
/* add attributes here, update the policy in nl80211.c */
2107
2106
···
3750
3741
* @NL80211_WOWLAN_TRIG_NET_DETECT: wake up when a configured network
3751
3742
* is detected. This is a nested attribute that contains the
3752
3743
* same attributes used with @NL80211_CMD_START_SCHED_SCAN. It
3753
-
* specifies how the scan is performed (e.g. the interval and the
3754
-
* channels to scan) as well as the scan results that will
3755
-
* trigger a wake (i.e. the matchsets). This attribute is also
3756
-
* sent in a response to @NL80211_CMD_GET_WIPHY, indicating the
3757
-
* number of match sets supported by the driver (u32).
3744
+
* specifies how the scan is performed (e.g. the interval, the
3745
+
* channels to scan and the initial delay) as well as the scan
3746
+
* results that will trigger a wake (i.e. the matchsets). This
3747
+
* attribute is also sent in a response to
3748
+
* @NL80211_CMD_GET_WIPHY, indicating the number of match sets
3749
+
* supported by the driver (u32).
3758
3750
* @NL80211_WOWLAN_TRIG_NET_DETECT_RESULTS: nested attribute
3759
3751
* containing an array with information about what triggered the
3760
3752
* wake up. If no elements are present in the array, it means
+1
net/core/net_namespace.c
+1
net/core/net_namespace.c
+1
net/mac80211/Kconfig
+1
net/mac80211/Kconfig
+2
net/mac80211/Makefile
+2
net/mac80211/Makefile
+12
-9
net/mac80211/aes_ccm.c
+12
-9
net/mac80211/aes_ccm.c
···
20
20
#include "aes_ccm.h"
21
21
22
22
void ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
23
-
u8 *data, size_t data_len, u8 *mic)
23
+
u8 *data, size_t data_len, u8 *mic,
24
+
size_t mic_len)
24
25
{
25
26
struct scatterlist assoc, pt, ct[2];
26
27
···
36
35
sg_init_one(&assoc, &aad[2], be16_to_cpup((__be16 *)aad));
37
36
sg_init_table(ct, 2);
38
37
sg_set_buf(&ct[0], data, data_len);
39
-
sg_set_buf(&ct[1], mic, IEEE80211_CCMP_MIC_LEN);
38
+
sg_set_buf(&ct[1], mic, mic_len);
40
39
41
40
aead_request_set_tfm(aead_req, tfm);
42
41
aead_request_set_assoc(aead_req, &assoc, assoc.length);
···
46
45
}
47
46
48
47
int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
49
-
u8 *data, size_t data_len, u8 *mic)
48
+
u8 *data, size_t data_len, u8 *mic,
49
+
size_t mic_len)
50
50
{
51
51
struct scatterlist assoc, pt, ct[2];
52
52
char aead_req_data[sizeof(struct aead_request) +
···
64
62
sg_init_one(&assoc, &aad[2], be16_to_cpup((__be16 *)aad));
65
63
sg_init_table(ct, 2);
66
64
sg_set_buf(&ct[0], data, data_len);
67
-
sg_set_buf(&ct[1], mic, IEEE80211_CCMP_MIC_LEN);
65
+
sg_set_buf(&ct[1], mic, mic_len);
68
66
69
67
aead_request_set_tfm(aead_req, tfm);
70
68
aead_request_set_assoc(aead_req, &assoc, assoc.length);
71
-
aead_request_set_crypt(aead_req, ct, &pt,
72
-
data_len + IEEE80211_CCMP_MIC_LEN, b_0);
69
+
aead_request_set_crypt(aead_req, ct, &pt, data_len + mic_len, b_0);
73
70
74
71
return crypto_aead_decrypt(aead_req);
75
72
}
76
73
77
-
struct crypto_aead *ieee80211_aes_key_setup_encrypt(const u8 key[])
74
+
struct crypto_aead *ieee80211_aes_key_setup_encrypt(const u8 key[],
75
+
size_t key_len,
76
+
size_t mic_len)
78
77
{
79
78
struct crypto_aead *tfm;
80
79
int err;
···
84
81
if (IS_ERR(tfm))
85
82
return tfm;
86
83
87
-
err = crypto_aead_setkey(tfm, key, WLAN_KEY_LEN_CCMP);
84
+
err = crypto_aead_setkey(tfm, key, key_len);
88
85
if (!err)
89
-
err = crypto_aead_setauthsize(tfm, IEEE80211_CCMP_MIC_LEN);
86
+
err = crypto_aead_setauthsize(tfm, mic_len);
90
87
if (!err)
91
88
return tfm;
92
89
+7
-3
net/mac80211/aes_ccm.h
+7
-3
net/mac80211/aes_ccm.h
···
12
12
13
13
#include <linux/crypto.h>
14
14
15
-
struct crypto_aead *ieee80211_aes_key_setup_encrypt(const u8 key[]);
15
+
struct crypto_aead *ieee80211_aes_key_setup_encrypt(const u8 key[],
16
+
size_t key_len,
17
+
size_t mic_len);
16
18
void ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
17
-
u8 *data, size_t data_len, u8 *mic);
19
+
u8 *data, size_t data_len, u8 *mic,
20
+
size_t mic_len);
18
21
int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
19
-
u8 *data, size_t data_len, u8 *mic);
22
+
u8 *data, size_t data_len, u8 *mic,
23
+
size_t mic_len);
20
24
void ieee80211_aes_key_free(struct crypto_aead *tfm);
21
25
22
26
#endif /* AES_CCM_H */
+26
-8
net/mac80211/aes_cmac.c
+26
-8
net/mac80211/aes_cmac.c
···
18
18
#include "key.h"
19
19
#include "aes_cmac.h"
20
20
21
-
#define AES_CMAC_KEY_LEN 16
22
21
#define CMAC_TLEN 8 /* CMAC TLen = 64 bits (8 octets) */
22
+
#define CMAC_TLEN_256 16 /* CMAC TLen = 128 bits (16 octets) */
23
23
#define AAD_LEN 20
24
24
25
25
···
35
35
pad[AES_BLOCK_SIZE - 1] ^= 0x87;
36
36
}
37
37
38
-
39
-
static void aes_128_cmac_vector(struct crypto_cipher *tfm, size_t num_elem,
40
-
const u8 *addr[], const size_t *len, u8 *mac)
38
+
static void aes_cmac_vector(struct crypto_cipher *tfm, size_t num_elem,
39
+
const u8 *addr[], const size_t *len, u8 *mac,
40
+
size_t mac_len)
41
41
{
42
42
u8 cbc[AES_BLOCK_SIZE], pad[AES_BLOCK_SIZE];
43
43
const u8 *pos, *end;
···
88
88
for (i = 0; i < AES_BLOCK_SIZE; i++)
89
89
pad[i] ^= cbc[i];
90
90
crypto_cipher_encrypt_one(tfm, pad, pad);
91
-
memcpy(mac, pad, CMAC_TLEN);
91
+
memcpy(mac, pad, mac_len);
92
92
}
93
93
94
94
···
107
107
addr[2] = zero;
108
108
len[2] = CMAC_TLEN;
109
109
110
-
aes_128_cmac_vector(tfm, 3, addr, len, mic);
110
+
aes_cmac_vector(tfm, 3, addr, len, mic, CMAC_TLEN);
111
111
}
112
112
113
+
void ieee80211_aes_cmac_256(struct crypto_cipher *tfm, const u8 *aad,
114
+
const u8 *data, size_t data_len, u8 *mic)
115
+
{
116
+
const u8 *addr[3];
117
+
size_t len[3];
118
+
u8 zero[CMAC_TLEN_256];
113
119
114
-
struct crypto_cipher *ieee80211_aes_cmac_key_setup(const u8 key[])
120
+
memset(zero, 0, CMAC_TLEN_256);
121
+
addr[0] = aad;
122
+
len[0] = AAD_LEN;
123
+
addr[1] = data;
124
+
len[1] = data_len - CMAC_TLEN_256;
125
+
addr[2] = zero;
126
+
len[2] = CMAC_TLEN_256;
127
+
128
+
aes_cmac_vector(tfm, 3, addr, len, mic, CMAC_TLEN_256);
129
+
}
130
+
131
+
struct crypto_cipher *ieee80211_aes_cmac_key_setup(const u8 key[],
132
+
size_t key_len)
115
133
{
116
134
struct crypto_cipher *tfm;
117
135
118
136
tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
119
137
if (!IS_ERR(tfm))
120
-
crypto_cipher_setkey(tfm, key, AES_CMAC_KEY_LEN);
138
+
crypto_cipher_setkey(tfm, key, key_len);
121
139
122
140
return tfm;
123
141
}
+4
-1
net/mac80211/aes_cmac.h
+4
-1
net/mac80211/aes_cmac.h
···
11
11
12
12
#include <linux/crypto.h>
13
13
14
-
struct crypto_cipher *ieee80211_aes_cmac_key_setup(const u8 key[]);
14
+
struct crypto_cipher *ieee80211_aes_cmac_key_setup(const u8 key[],
15
+
size_t key_len);
15
16
void ieee80211_aes_cmac(struct crypto_cipher *tfm, const u8 *aad,
16
17
const u8 *data, size_t data_len, u8 *mic);
18
+
void ieee80211_aes_cmac_256(struct crypto_cipher *tfm, const u8 *aad,
19
+
const u8 *data, size_t data_len, u8 *mic);
17
20
void ieee80211_aes_cmac_key_free(struct crypto_cipher *tfm);
18
21
19
22
#endif /* AES_CMAC_H */
+95
net/mac80211/aes_gcm.c
+95
net/mac80211/aes_gcm.c
···
1
+
/*
2
+
* Copyright 2014-2015, Qualcomm Atheros, Inc.
3
+
*
4
+
* This program is free software; you can redistribute it and/or modify
5
+
* it under the terms of the GNU General Public License version 2 as
6
+
* published by the Free Software Foundation.
7
+
*/
8
+
9
+
#include <linux/kernel.h>
10
+
#include <linux/types.h>
11
+
#include <linux/crypto.h>
12
+
#include <linux/err.h>
13
+
#include <crypto/aes.h>
14
+
15
+
#include <net/mac80211.h>
16
+
#include "key.h"
17
+
#include "aes_gcm.h"
18
+
19
+
void ieee80211_aes_gcm_encrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
20
+
u8 *data, size_t data_len, u8 *mic)
21
+
{
22
+
struct scatterlist assoc, pt, ct[2];
23
+
24
+
char aead_req_data[sizeof(struct aead_request) +
25
+
crypto_aead_reqsize(tfm)]
26
+
__aligned(__alignof__(struct aead_request));
27
+
struct aead_request *aead_req = (void *)aead_req_data;
28
+
29
+
memset(aead_req, 0, sizeof(aead_req_data));
30
+
31
+
sg_init_one(&pt, data, data_len);
32
+
sg_init_one(&assoc, &aad[2], be16_to_cpup((__be16 *)aad));
33
+
sg_init_table(ct, 2);
34
+
sg_set_buf(&ct[0], data, data_len);
35
+
sg_set_buf(&ct[1], mic, IEEE80211_GCMP_MIC_LEN);
36
+
37
+
aead_request_set_tfm(aead_req, tfm);
38
+
aead_request_set_assoc(aead_req, &assoc, assoc.length);
39
+
aead_request_set_crypt(aead_req, &pt, ct, data_len, j_0);
40
+
41
+
crypto_aead_encrypt(aead_req);
42
+
}
43
+
44
+
int ieee80211_aes_gcm_decrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
45
+
u8 *data, size_t data_len, u8 *mic)
46
+
{
47
+
struct scatterlist assoc, pt, ct[2];
48
+
char aead_req_data[sizeof(struct aead_request) +
49
+
crypto_aead_reqsize(tfm)]
50
+
__aligned(__alignof__(struct aead_request));
51
+
struct aead_request *aead_req = (void *)aead_req_data;
52
+
53
+
if (data_len == 0)
54
+
return -EINVAL;
55
+
56
+
memset(aead_req, 0, sizeof(aead_req_data));
57
+
58
+
sg_init_one(&pt, data, data_len);
59
+
sg_init_one(&assoc, &aad[2], be16_to_cpup((__be16 *)aad));
60
+
sg_init_table(ct, 2);
61
+
sg_set_buf(&ct[0], data, data_len);
62
+
sg_set_buf(&ct[1], mic, IEEE80211_GCMP_MIC_LEN);
63
+
64
+
aead_request_set_tfm(aead_req, tfm);
65
+
aead_request_set_assoc(aead_req, &assoc, assoc.length);
66
+
aead_request_set_crypt(aead_req, ct, &pt,
67
+
data_len + IEEE80211_GCMP_MIC_LEN, j_0);
68
+
69
+
return crypto_aead_decrypt(aead_req);
70
+
}
71
+
72
+
struct crypto_aead *ieee80211_aes_gcm_key_setup_encrypt(const u8 key[],
73
+
size_t key_len)
74
+
{
75
+
struct crypto_aead *tfm;
76
+
int err;
77
+
78
+
tfm = crypto_alloc_aead("gcm(aes)", 0, CRYPTO_ALG_ASYNC);
79
+
if (IS_ERR(tfm))
80
+
return tfm;
81
+
82
+
err = crypto_aead_setkey(tfm, key, key_len);
83
+
if (!err)
84
+
err = crypto_aead_setauthsize(tfm, IEEE80211_GCMP_MIC_LEN);
85
+
if (!err)
86
+
return tfm;
87
+
88
+
crypto_free_aead(tfm);
89
+
return ERR_PTR(err);
90
+
}
91
+
92
+
void ieee80211_aes_gcm_key_free(struct crypto_aead *tfm)
93
+
{
94
+
crypto_free_aead(tfm);
95
+
}
+22
net/mac80211/aes_gcm.h
+22
net/mac80211/aes_gcm.h
···
1
+
/*
2
+
* Copyright 2014-2015, Qualcomm Atheros, Inc.
3
+
*
4
+
* This program is free software; you can redistribute it and/or modify
5
+
* it under the terms of the GNU General Public License version 2 as
6
+
* published by the Free Software Foundation.
7
+
*/
8
+
9
+
#ifndef AES_GCM_H
10
+
#define AES_GCM_H
11
+
12
+
#include <linux/crypto.h>
13
+
14
+
void ieee80211_aes_gcm_encrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
15
+
u8 *data, size_t data_len, u8 *mic);
16
+
int ieee80211_aes_gcm_decrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
17
+
u8 *data, size_t data_len, u8 *mic);
18
+
struct crypto_aead *ieee80211_aes_gcm_key_setup_encrypt(const u8 key[],
19
+
size_t key_len);
20
+
void ieee80211_aes_gcm_key_free(struct crypto_aead *tfm);
21
+
22
+
#endif /* AES_GCM_H */
+84
net/mac80211/aes_gmac.c
+84
net/mac80211/aes_gmac.c
···
1
+
/*
2
+
* AES-GMAC for IEEE 802.11 BIP-GMAC-128 and BIP-GMAC-256
3
+
* Copyright 2015, Qualcomm Atheros, Inc.
4
+
*
5
+
* This program is free software; you can redistribute it and/or modify
6
+
* it under the terms of the GNU General Public License version 2 as
7
+
* published by the Free Software Foundation.
8
+
*/
9
+
10
+
#include <linux/kernel.h>
11
+
#include <linux/types.h>
12
+
#include <linux/crypto.h>
13
+
#include <linux/err.h>
14
+
#include <crypto/aes.h>
15
+
16
+
#include <net/mac80211.h>
17
+
#include "key.h"
18
+
#include "aes_gmac.h"
19
+
20
+
#define GMAC_MIC_LEN 16
21
+
#define GMAC_NONCE_LEN 12
22
+
#define AAD_LEN 20
23
+
24
+
int ieee80211_aes_gmac(struct crypto_aead *tfm, const u8 *aad, u8 *nonce,
25
+
const u8 *data, size_t data_len, u8 *mic)
26
+
{
27
+
struct scatterlist sg[3], ct[1];
28
+
char aead_req_data[sizeof(struct aead_request) +
29
+
crypto_aead_reqsize(tfm)]
30
+
__aligned(__alignof__(struct aead_request));
31
+
struct aead_request *aead_req = (void *)aead_req_data;
32
+
u8 zero[GMAC_MIC_LEN], iv[AES_BLOCK_SIZE];
33
+
34
+
if (data_len < GMAC_MIC_LEN)
35
+
return -EINVAL;
36
+
37
+
memset(aead_req, 0, sizeof(aead_req_data));
38
+
39
+
memset(zero, 0, GMAC_MIC_LEN);
40
+
sg_init_table(sg, 3);
41
+
sg_set_buf(&sg[0], aad, AAD_LEN);
42
+
sg_set_buf(&sg[1], data, data_len - GMAC_MIC_LEN);
43
+
sg_set_buf(&sg[2], zero, GMAC_MIC_LEN);
44
+
45
+
memcpy(iv, nonce, GMAC_NONCE_LEN);
46
+
memset(iv + GMAC_NONCE_LEN, 0, sizeof(iv) - GMAC_NONCE_LEN);
47
+
iv[AES_BLOCK_SIZE - 1] = 0x01;
48
+
49
+
sg_init_table(ct, 1);
50
+
sg_set_buf(&ct[0], mic, GMAC_MIC_LEN);
51
+
52
+
aead_request_set_tfm(aead_req, tfm);
53
+
aead_request_set_assoc(aead_req, sg, AAD_LEN + data_len);
54
+
aead_request_set_crypt(aead_req, NULL, ct, 0, iv);
55
+
56
+
crypto_aead_encrypt(aead_req);
57
+
58
+
return 0;
59
+
}
60
+
61
+
struct crypto_aead *ieee80211_aes_gmac_key_setup(const u8 key[],
62
+
size_t key_len)
63
+
{
64
+
struct crypto_aead *tfm;
65
+
int err;
66
+
67
+
tfm = crypto_alloc_aead("gcm(aes)", 0, CRYPTO_ALG_ASYNC);
68
+
if (IS_ERR(tfm))
69
+
return tfm;
70
+
71
+
err = crypto_aead_setkey(tfm, key, key_len);
72
+
if (!err)
73
+
return tfm;
74
+
if (!err)
75
+
err = crypto_aead_setauthsize(tfm, GMAC_MIC_LEN);
76
+
77
+
crypto_free_aead(tfm);
78
+
return ERR_PTR(err);
79
+
}
80
+
81
+
void ieee80211_aes_gmac_key_free(struct crypto_aead *tfm)
82
+
{
83
+
crypto_free_aead(tfm);
84
+
}
+20
net/mac80211/aes_gmac.h
+20
net/mac80211/aes_gmac.h
···
1
+
/*
2
+
* Copyright 2015, Qualcomm Atheros, Inc.
3
+
*
4
+
* This program is free software; you can redistribute it and/or modify
5
+
* it under the terms of the GNU General Public License version 2 as
6
+
* published by the Free Software Foundation.
7
+
*/
8
+
9
+
#ifndef AES_GMAC_H
10
+
#define AES_GMAC_H
11
+
12
+
#include <linux/crypto.h>
13
+
14
+
struct crypto_aead *ieee80211_aes_gmac_key_setup(const u8 key[],
15
+
size_t key_len);
16
+
int ieee80211_aes_gmac(struct crypto_aead *tfm, const u8 *aad, u8 *nonce,
17
+
const u8 *data, size_t data_len, u8 *mic);
18
+
void ieee80211_aes_gmac_key_free(struct crypto_aead *tfm);
19
+
20
+
#endif /* AES_GMAC_H */
+47
-3
net/mac80211/cfg.c
+47
-3
net/mac80211/cfg.c
···
162
162
return -EINVAL;
163
163
break;
164
164
case WLAN_CIPHER_SUITE_CCMP:
165
+
case WLAN_CIPHER_SUITE_CCMP_256:
165
166
case WLAN_CIPHER_SUITE_AES_CMAC:
167
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
168
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
169
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
166
170
case WLAN_CIPHER_SUITE_GCMP:
171
+
case WLAN_CIPHER_SUITE_GCMP_256:
167
172
break;
168
173
default:
169
174
cs = ieee80211_cs_get(local, params->cipher, sdata->vif.type);
···
353
348
params.seq_len = 6;
354
349
break;
355
350
case WLAN_CIPHER_SUITE_CCMP:
351
+
case WLAN_CIPHER_SUITE_CCMP_256:
356
352
pn64 = atomic64_read(&key->u.ccmp.tx_pn);
357
353
seq[0] = pn64;
358
354
seq[1] = pn64 >> 8;
···
365
359
params.seq_len = 6;
366
360
break;
367
361
case WLAN_CIPHER_SUITE_AES_CMAC:
362
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
368
363
pn64 = atomic64_read(&key->u.aes_cmac.tx_pn);
364
+
seq[0] = pn64;
365
+
seq[1] = pn64 >> 8;
366
+
seq[2] = pn64 >> 16;
367
+
seq[3] = pn64 >> 24;
368
+
seq[4] = pn64 >> 32;
369
+
seq[5] = pn64 >> 40;
370
+
params.seq = seq;
371
+
params.seq_len = 6;
372
+
break;
373
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
374
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
375
+
pn64 = atomic64_read(&key->u.aes_gmac.tx_pn);
376
+
seq[0] = pn64;
377
+
seq[1] = pn64 >> 8;
378
+
seq[2] = pn64 >> 16;
379
+
seq[3] = pn64 >> 24;
380
+
seq[4] = pn64 >> 32;
381
+
seq[5] = pn64 >> 40;
382
+
params.seq = seq;
383
+
params.seq_len = 6;
384
+
break;
385
+
case WLAN_CIPHER_SUITE_GCMP:
386
+
case WLAN_CIPHER_SUITE_GCMP_256:
387
+
pn64 = atomic64_read(&key->u.gcmp.tx_pn);
369
388
seq[0] = pn64;
370
389
seq[1] = pn64 >> 8;
371
390
seq[2] = pn64 >> 16;
···
2141
2110
{
2142
2111
struct ieee80211_local *local = wiphy_priv(wiphy);
2143
2112
struct ieee80211_sub_if_data *sdata;
2113
+
enum nl80211_tx_power_setting txp_type = type;
2114
+
bool update_txp_type = false;
2144
2115
2145
2116
if (wdev) {
2146
2117
sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
···
2150
2117
switch (type) {
2151
2118
case NL80211_TX_POWER_AUTOMATIC:
2152
2119
sdata->user_power_level = IEEE80211_UNSET_POWER_LEVEL;
2120
+
txp_type = NL80211_TX_POWER_LIMITED;
2153
2121
break;
2154
2122
case NL80211_TX_POWER_LIMITED:
2155
2123
case NL80211_TX_POWER_FIXED:
···
2160
2126
break;
2161
2127
}
2162
2128
2163
-
ieee80211_recalc_txpower(sdata);
2129
+
if (txp_type != sdata->vif.bss_conf.txpower_type) {
2130
+
update_txp_type = true;
2131
+
sdata->vif.bss_conf.txpower_type = txp_type;
2132
+
}
2133
+
2134
+
ieee80211_recalc_txpower(sdata, update_txp_type);
2164
2135
2165
2136
return 0;
2166
2137
}
···
2173
2134
switch (type) {
2174
2135
case NL80211_TX_POWER_AUTOMATIC:
2175
2136
local->user_power_level = IEEE80211_UNSET_POWER_LEVEL;
2137
+
txp_type = NL80211_TX_POWER_LIMITED;
2176
2138
break;
2177
2139
case NL80211_TX_POWER_LIMITED:
2178
2140
case NL80211_TX_POWER_FIXED:
···
2184
2144
}
2185
2145
2186
2146
mutex_lock(&local->iflist_mtx);
2187
-
list_for_each_entry(sdata, &local->interfaces, list)
2147
+
list_for_each_entry(sdata, &local->interfaces, list) {
2188
2148
sdata->user_power_level = local->user_power_level;
2149
+
if (txp_type != sdata->vif.bss_conf.txpower_type)
2150
+
update_txp_type = true;
2151
+
sdata->vif.bss_conf.txpower_type = txp_type;
2152
+
}
2189
2153
list_for_each_entry(sdata, &local->interfaces, list)
2190
-
ieee80211_recalc_txpower(sdata);
2154
+
ieee80211_recalc_txpower(sdata, update_txp_type);
2191
2155
mutex_unlock(&local->iflist_mtx);
2192
2156
2193
2157
return 0;
+2
-2
net/mac80211/chan.c
+2
-2
net/mac80211/chan.c
···
655
655
}
656
656
657
657
if (new_ctx && ieee80211_chanctx_num_assigned(local, new_ctx) > 0) {
658
-
ieee80211_recalc_txpower(sdata);
658
+
ieee80211_recalc_txpower(sdata, false);
659
659
ieee80211_recalc_chanctx_min_def(local, new_ctx);
660
660
}
661
661
···
1387
1387
ieee80211_bss_info_change_notify(sdata,
1388
1388
changed);
1389
1389
1390
-
ieee80211_recalc_txpower(sdata);
1390
+
ieee80211_recalc_txpower(sdata, false);
1391
1391
}
1392
1392
1393
1393
ieee80211_recalc_chanctx_chantype(local, ctx);
+55
net/mac80211/debugfs_key.c
+55
net/mac80211/debugfs_key.c
···
94
94
key->u.tkip.tx.iv16);
95
95
break;
96
96
case WLAN_CIPHER_SUITE_CCMP:
97
+
case WLAN_CIPHER_SUITE_CCMP_256:
97
98
pn = atomic64_read(&key->u.ccmp.tx_pn);
98
99
len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
99
100
(u8)(pn >> 40), (u8)(pn >> 32), (u8)(pn >> 24),
100
101
(u8)(pn >> 16), (u8)(pn >> 8), (u8)pn);
101
102
break;
102
103
case WLAN_CIPHER_SUITE_AES_CMAC:
104
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
103
105
pn = atomic64_read(&key->u.aes_cmac.tx_pn);
106
+
len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
107
+
(u8)(pn >> 40), (u8)(pn >> 32), (u8)(pn >> 24),
108
+
(u8)(pn >> 16), (u8)(pn >> 8), (u8)pn);
109
+
break;
110
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
111
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
112
+
pn = atomic64_read(&key->u.aes_gmac.tx_pn);
113
+
len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
114
+
(u8)(pn >> 40), (u8)(pn >> 32), (u8)(pn >> 24),
115
+
(u8)(pn >> 16), (u8)(pn >> 8), (u8)pn);
116
+
break;
117
+
case WLAN_CIPHER_SUITE_GCMP:
118
+
case WLAN_CIPHER_SUITE_GCMP_256:
119
+
pn = atomic64_read(&key->u.gcmp.tx_pn);
104
120
len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
105
121
(u8)(pn >> 40), (u8)(pn >> 32), (u8)(pn >> 24),
106
122
(u8)(pn >> 16), (u8)(pn >> 8), (u8)pn);
···
150
134
len = p - buf;
151
135
break;
152
136
case WLAN_CIPHER_SUITE_CCMP:
137
+
case WLAN_CIPHER_SUITE_CCMP_256:
153
138
for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) {
154
139
rpn = key->u.ccmp.rx_pn[i];
155
140
p += scnprintf(p, sizeof(buf)+buf-p,
···
161
144
len = p - buf;
162
145
break;
163
146
case WLAN_CIPHER_SUITE_AES_CMAC:
147
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
164
148
rpn = key->u.aes_cmac.rx_pn;
165
149
p += scnprintf(p, sizeof(buf)+buf-p,
166
150
"%02x%02x%02x%02x%02x%02x\n",
167
151
rpn[0], rpn[1], rpn[2],
168
152
rpn[3], rpn[4], rpn[5]);
153
+
len = p - buf;
154
+
break;
155
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
156
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
157
+
rpn = key->u.aes_gmac.rx_pn;
158
+
p += scnprintf(p, sizeof(buf)+buf-p,
159
+
"%02x%02x%02x%02x%02x%02x\n",
160
+
rpn[0], rpn[1], rpn[2],
161
+
rpn[3], rpn[4], rpn[5]);
162
+
len = p - buf;
163
+
break;
164
+
case WLAN_CIPHER_SUITE_GCMP:
165
+
case WLAN_CIPHER_SUITE_GCMP_256:
166
+
for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) {
167
+
rpn = key->u.gcmp.rx_pn[i];
168
+
p += scnprintf(p, sizeof(buf)+buf-p,
169
+
"%02x%02x%02x%02x%02x%02x\n",
170
+
rpn[0], rpn[1], rpn[2],
171
+
rpn[3], rpn[4], rpn[5]);
172
+
}
169
173
len = p - buf;
170
174
break;
171
175
default:
···
205
167
206
168
switch (key->conf.cipher) {
207
169
case WLAN_CIPHER_SUITE_CCMP:
170
+
case WLAN_CIPHER_SUITE_CCMP_256:
208
171
len = scnprintf(buf, sizeof(buf), "%u\n", key->u.ccmp.replays);
209
172
break;
210
173
case WLAN_CIPHER_SUITE_AES_CMAC:
174
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
211
175
len = scnprintf(buf, sizeof(buf), "%u\n",
212
176
key->u.aes_cmac.replays);
177
+
break;
178
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
179
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
180
+
len = scnprintf(buf, sizeof(buf), "%u\n",
181
+
key->u.aes_gmac.replays);
182
+
break;
183
+
case WLAN_CIPHER_SUITE_GCMP:
184
+
case WLAN_CIPHER_SUITE_GCMP_256:
185
+
len = scnprintf(buf, sizeof(buf), "%u\n", key->u.gcmp.replays);
213
186
break;
214
187
default:
215
188
return 0;
···
238
189
239
190
switch (key->conf.cipher) {
240
191
case WLAN_CIPHER_SUITE_AES_CMAC:
192
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
241
193
len = scnprintf(buf, sizeof(buf), "%u\n",
242
194
key->u.aes_cmac.icverrors);
195
+
break;
196
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
197
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
198
+
len = scnprintf(buf, sizeof(buf), "%u\n",
199
+
key->u.aes_gmac.icverrors);
243
200
break;
244
201
default:
245
202
return 0;
+34
-2
net/mac80211/ieee80211_i.h
+34
-2
net/mac80211/ieee80211_i.h
···
1621
1621
void ieee80211_del_virtual_monitor(struct ieee80211_local *local);
1622
1622
1623
1623
bool __ieee80211_recalc_txpower(struct ieee80211_sub_if_data *sdata);
1624
-
void ieee80211_recalc_txpower(struct ieee80211_sub_if_data *sdata);
1624
+
void ieee80211_recalc_txpower(struct ieee80211_sub_if_data *sdata,
1625
+
bool update_bss);
1625
1626
1626
1627
static inline bool ieee80211_sdata_running(struct ieee80211_sub_if_data *sdata)
1627
1628
{
···
1752
1751
{
1753
1752
struct ieee80211_local *local = hw_to_local(hw);
1754
1753
1755
-
WARN(test_bit(SCAN_HW_SCANNING, &local->scanning),
1754
+
WARN(test_bit(SCAN_HW_SCANNING, &local->scanning) &&
1755
+
!test_bit(SCAN_COMPLETED, &local->scanning),
1756
1756
"%s: resume with hardware scan still in progress\n",
1757
1757
wiphy_name(hw->wiphy));
1758
1758
···
1886
1884
void __ieee80211_flush_queues(struct ieee80211_local *local,
1887
1885
struct ieee80211_sub_if_data *sdata,
1888
1886
unsigned int queues, bool drop);
1887
+
1888
+
static inline bool ieee80211_can_run_worker(struct ieee80211_local *local)
1889
+
{
1890
+
/*
1891
+
* If quiescing is set, we are racing with __ieee80211_suspend.
1892
+
* __ieee80211_suspend flushes the workers after setting quiescing,
1893
+
* and we check quiescing / suspended before enqueing new workers.
1894
+
* We should abort the worker to avoid the races below.
1895
+
*/
1896
+
if (local->quiescing)
1897
+
return false;
1898
+
1899
+
/*
1900
+
* We might already be suspended if the following scenario occurs:
1901
+
* __ieee80211_suspend Control path
1902
+
*
1903
+
* if (local->quiescing)
1904
+
* return;
1905
+
* local->quiescing = true;
1906
+
* flush_workqueue();
1907
+
* queue_work(...);
1908
+
* local->suspended = true;
1909
+
* local->quiescing = false;
1910
+
* worker starts running...
1911
+
*/
1912
+
if (local->suspended)
1913
+
return false;
1914
+
1915
+
return true;
1916
+
}
1889
1917
1890
1918
void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
1891
1919
u16 transaction, u16 auth_alg, u16 status,
+4
-8
net/mac80211/iface.c
+4
-8
net/mac80211/iface.c
···
73
73
return false;
74
74
}
75
75
76
-
void ieee80211_recalc_txpower(struct ieee80211_sub_if_data *sdata)
76
+
void ieee80211_recalc_txpower(struct ieee80211_sub_if_data *sdata,
77
+
bool update_bss)
77
78
{
78
-
if (__ieee80211_recalc_txpower(sdata))
79
+
if (__ieee80211_recalc_txpower(sdata) || update_bss)
79
80
ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_TXPOWER);
80
81
}
81
82
···
1170
1169
if (local->scanning)
1171
1170
return;
1172
1171
1173
-
/*
1174
-
* ieee80211_queue_work() should have picked up most cases,
1175
-
* here we'll pick the rest.
1176
-
*/
1177
-
if (WARN(local->suspended,
1178
-
"interface work scheduled while going to suspend\n"))
1172
+
if (!ieee80211_can_run_worker(local))
1179
1173
return;
1180
1174
1181
1175
/* first process frames */
+177
-8
net/mac80211/key.c
+177
-8
net/mac80211/key.c
···
24
24
#include "debugfs_key.h"
25
25
#include "aes_ccm.h"
26
26
#include "aes_cmac.h"
27
+
#include "aes_gmac.h"
28
+
#include "aes_gcm.h"
27
29
28
30
29
31
/**
···
92
90
{
93
91
struct ieee80211_sub_if_data *sdata;
94
92
struct sta_info *sta;
95
-
int ret;
93
+
int ret = -EOPNOTSUPP;
96
94
97
95
might_sleep();
98
96
···
152
150
return 0;
153
151
}
154
152
155
-
if (ret != -ENOSPC && ret != -EOPNOTSUPP)
153
+
if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1)
156
154
sdata_err(sdata,
157
155
"failed to set key (%d, %pM) to hardware (%d)\n",
158
156
key->conf.keyidx,
···
164
162
case WLAN_CIPHER_SUITE_WEP104:
165
163
case WLAN_CIPHER_SUITE_TKIP:
166
164
case WLAN_CIPHER_SUITE_CCMP:
165
+
case WLAN_CIPHER_SUITE_CCMP_256:
167
166
case WLAN_CIPHER_SUITE_AES_CMAC:
168
-
/* all of these we can do in software */
167
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
168
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
169
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
170
+
case WLAN_CIPHER_SUITE_GCMP:
171
+
case WLAN_CIPHER_SUITE_GCMP_256:
172
+
/* all of these we can do in software - if driver can */
173
+
if (ret == 1)
174
+
return 0;
175
+
if (key->local->hw.flags & IEEE80211_HW_SW_CRYPTO_CONTROL)
176
+
return -EINVAL;
169
177
return 0;
170
178
default:
171
179
return -EINVAL;
···
394
382
* Initialize AES key state here as an optimization so that
395
383
* it does not need to be initialized for every packet.
396
384
*/
397
-
key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(key_data);
385
+
key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
386
+
key_data, key_len, IEEE80211_CCMP_MIC_LEN);
387
+
if (IS_ERR(key->u.ccmp.tfm)) {
388
+
err = PTR_ERR(key->u.ccmp.tfm);
389
+
kfree(key);
390
+
return ERR_PTR(err);
391
+
}
392
+
break;
393
+
case WLAN_CIPHER_SUITE_CCMP_256:
394
+
key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN;
395
+
key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN;
396
+
for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
397
+
for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++)
398
+
key->u.ccmp.rx_pn[i][j] =
399
+
seq[IEEE80211_CCMP_256_PN_LEN - j - 1];
400
+
/* Initialize AES key state here as an optimization so that
401
+
* it does not need to be initialized for every packet.
402
+
*/
403
+
key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
404
+
key_data, key_len, IEEE80211_CCMP_256_MIC_LEN);
398
405
if (IS_ERR(key->u.ccmp.tfm)) {
399
406
err = PTR_ERR(key->u.ccmp.tfm);
400
407
kfree(key);
···
421
390
}
422
391
break;
423
392
case WLAN_CIPHER_SUITE_AES_CMAC:
393
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
424
394
key->conf.iv_len = 0;
425
-
key->conf.icv_len = sizeof(struct ieee80211_mmie);
395
+
if (cipher == WLAN_CIPHER_SUITE_AES_CMAC)
396
+
key->conf.icv_len = sizeof(struct ieee80211_mmie);
397
+
else
398
+
key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
426
399
if (seq)
427
400
for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
428
401
key->u.aes_cmac.rx_pn[j] =
···
436
401
* it does not need to be initialized for every packet.
437
402
*/
438
403
key->u.aes_cmac.tfm =
439
-
ieee80211_aes_cmac_key_setup(key_data);
404
+
ieee80211_aes_cmac_key_setup(key_data, key_len);
440
405
if (IS_ERR(key->u.aes_cmac.tfm)) {
441
406
err = PTR_ERR(key->u.aes_cmac.tfm);
407
+
kfree(key);
408
+
return ERR_PTR(err);
409
+
}
410
+
break;
411
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
412
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
413
+
key->conf.iv_len = 0;
414
+
key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
415
+
if (seq)
416
+
for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++)
417
+
key->u.aes_gmac.rx_pn[j] =
418
+
seq[IEEE80211_GMAC_PN_LEN - j - 1];
419
+
/* Initialize AES key state here as an optimization so that
420
+
* it does not need to be initialized for every packet.
421
+
*/
422
+
key->u.aes_gmac.tfm =
423
+
ieee80211_aes_gmac_key_setup(key_data, key_len);
424
+
if (IS_ERR(key->u.aes_gmac.tfm)) {
425
+
err = PTR_ERR(key->u.aes_gmac.tfm);
426
+
kfree(key);
427
+
return ERR_PTR(err);
428
+
}
429
+
break;
430
+
case WLAN_CIPHER_SUITE_GCMP:
431
+
case WLAN_CIPHER_SUITE_GCMP_256:
432
+
key->conf.iv_len = IEEE80211_GCMP_HDR_LEN;
433
+
key->conf.icv_len = IEEE80211_GCMP_MIC_LEN;
434
+
for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
435
+
for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++)
436
+
key->u.gcmp.rx_pn[i][j] =
437
+
seq[IEEE80211_GCMP_PN_LEN - j - 1];
438
+
/* Initialize AES key state here as an optimization so that
439
+
* it does not need to be initialized for every packet.
440
+
*/
441
+
key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data,
442
+
key_len);
443
+
if (IS_ERR(key->u.gcmp.tfm)) {
444
+
err = PTR_ERR(key->u.gcmp.tfm);
442
445
kfree(key);
443
446
return ERR_PTR(err);
444
447
}
···
502
429
503
430
static void ieee80211_key_free_common(struct ieee80211_key *key)
504
431
{
505
-
if (key->conf.cipher == WLAN_CIPHER_SUITE_CCMP)
432
+
switch (key->conf.cipher) {
433
+
case WLAN_CIPHER_SUITE_CCMP:
434
+
case WLAN_CIPHER_SUITE_CCMP_256:
506
435
ieee80211_aes_key_free(key->u.ccmp.tfm);
507
-
if (key->conf.cipher == WLAN_CIPHER_SUITE_AES_CMAC)
436
+
break;
437
+
case WLAN_CIPHER_SUITE_AES_CMAC:
438
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
508
439
ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
440
+
break;
441
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
442
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
443
+
ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm);
444
+
break;
445
+
case WLAN_CIPHER_SUITE_GCMP:
446
+
case WLAN_CIPHER_SUITE_GCMP_256:
447
+
ieee80211_aes_gcm_key_free(key->u.gcmp.tfm);
448
+
break;
449
+
}
509
450
kzfree(key);
510
451
}
511
452
···
826
739
seq->tkip.iv16 = key->u.tkip.tx.iv16;
827
740
break;
828
741
case WLAN_CIPHER_SUITE_CCMP:
742
+
case WLAN_CIPHER_SUITE_CCMP_256:
829
743
pn64 = atomic64_read(&key->u.ccmp.tx_pn);
830
744
seq->ccmp.pn[5] = pn64;
831
745
seq->ccmp.pn[4] = pn64 >> 8;
···
836
748
seq->ccmp.pn[0] = pn64 >> 40;
837
749
break;
838
750
case WLAN_CIPHER_SUITE_AES_CMAC:
751
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
839
752
pn64 = atomic64_read(&key->u.aes_cmac.tx_pn);
840
753
seq->ccmp.pn[5] = pn64;
841
754
seq->ccmp.pn[4] = pn64 >> 8;
···
844
755
seq->ccmp.pn[2] = pn64 >> 24;
845
756
seq->ccmp.pn[1] = pn64 >> 32;
846
757
seq->ccmp.pn[0] = pn64 >> 40;
758
+
break;
759
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
760
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
761
+
pn64 = atomic64_read(&key->u.aes_gmac.tx_pn);
762
+
seq->ccmp.pn[5] = pn64;
763
+
seq->ccmp.pn[4] = pn64 >> 8;
764
+
seq->ccmp.pn[3] = pn64 >> 16;
765
+
seq->ccmp.pn[2] = pn64 >> 24;
766
+
seq->ccmp.pn[1] = pn64 >> 32;
767
+
seq->ccmp.pn[0] = pn64 >> 40;
768
+
break;
769
+
case WLAN_CIPHER_SUITE_GCMP:
770
+
case WLAN_CIPHER_SUITE_GCMP_256:
771
+
pn64 = atomic64_read(&key->u.gcmp.tx_pn);
772
+
seq->gcmp.pn[5] = pn64;
773
+
seq->gcmp.pn[4] = pn64 >> 8;
774
+
seq->gcmp.pn[3] = pn64 >> 16;
775
+
seq->gcmp.pn[2] = pn64 >> 24;
776
+
seq->gcmp.pn[1] = pn64 >> 32;
777
+
seq->gcmp.pn[0] = pn64 >> 40;
847
778
break;
848
779
default:
849
780
WARN_ON(1);
···
887
778
seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
888
779
break;
889
780
case WLAN_CIPHER_SUITE_CCMP:
781
+
case WLAN_CIPHER_SUITE_CCMP_256:
890
782
if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
891
783
return;
892
784
if (tid < 0)
···
897
787
memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
898
788
break;
899
789
case WLAN_CIPHER_SUITE_AES_CMAC:
790
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
900
791
if (WARN_ON(tid != 0))
901
792
return;
902
793
pn = key->u.aes_cmac.rx_pn;
903
794
memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
795
+
break;
796
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
797
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
798
+
if (WARN_ON(tid != 0))
799
+
return;
800
+
pn = key->u.aes_gmac.rx_pn;
801
+
memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN);
802
+
break;
803
+
case WLAN_CIPHER_SUITE_GCMP:
804
+
case WLAN_CIPHER_SUITE_GCMP_256:
805
+
if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
806
+
return;
807
+
if (tid < 0)
808
+
pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
809
+
else
810
+
pn = key->u.gcmp.rx_pn[tid];
811
+
memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN);
904
812
break;
905
813
}
906
814
}
···
938
810
key->u.tkip.tx.iv16 = seq->tkip.iv16;
939
811
break;
940
812
case WLAN_CIPHER_SUITE_CCMP:
813
+
case WLAN_CIPHER_SUITE_CCMP_256:
941
814
pn64 = (u64)seq->ccmp.pn[5] |
942
815
((u64)seq->ccmp.pn[4] << 8) |
943
816
((u64)seq->ccmp.pn[3] << 16) |
···
948
819
atomic64_set(&key->u.ccmp.tx_pn, pn64);
949
820
break;
950
821
case WLAN_CIPHER_SUITE_AES_CMAC:
822
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
951
823
pn64 = (u64)seq->aes_cmac.pn[5] |
952
824
((u64)seq->aes_cmac.pn[4] << 8) |
953
825
((u64)seq->aes_cmac.pn[3] << 16) |
···
956
826
((u64)seq->aes_cmac.pn[1] << 32) |
957
827
((u64)seq->aes_cmac.pn[0] << 40);
958
828
atomic64_set(&key->u.aes_cmac.tx_pn, pn64);
829
+
break;
830
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
831
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
832
+
pn64 = (u64)seq->aes_gmac.pn[5] |
833
+
((u64)seq->aes_gmac.pn[4] << 8) |
834
+
((u64)seq->aes_gmac.pn[3] << 16) |
835
+
((u64)seq->aes_gmac.pn[2] << 24) |
836
+
((u64)seq->aes_gmac.pn[1] << 32) |
837
+
((u64)seq->aes_gmac.pn[0] << 40);
838
+
atomic64_set(&key->u.aes_gmac.tx_pn, pn64);
839
+
break;
840
+
case WLAN_CIPHER_SUITE_GCMP:
841
+
case WLAN_CIPHER_SUITE_GCMP_256:
842
+
pn64 = (u64)seq->gcmp.pn[5] |
843
+
((u64)seq->gcmp.pn[4] << 8) |
844
+
((u64)seq->gcmp.pn[3] << 16) |
845
+
((u64)seq->gcmp.pn[2] << 24) |
846
+
((u64)seq->gcmp.pn[1] << 32) |
847
+
((u64)seq->gcmp.pn[0] << 40);
848
+
atomic64_set(&key->u.gcmp.tx_pn, pn64);
959
849
break;
960
850
default:
961
851
WARN_ON(1);
···
1000
850
key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
1001
851
break;
1002
852
case WLAN_CIPHER_SUITE_CCMP:
853
+
case WLAN_CIPHER_SUITE_CCMP_256:
1003
854
if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1004
855
return;
1005
856
if (tid < 0)
···
1010
859
memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
1011
860
break;
1012
861
case WLAN_CIPHER_SUITE_AES_CMAC:
862
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1013
863
if (WARN_ON(tid != 0))
1014
864
return;
1015
865
pn = key->u.aes_cmac.rx_pn;
1016
866
memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
867
+
break;
868
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
869
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
870
+
if (WARN_ON(tid != 0))
871
+
return;
872
+
pn = key->u.aes_gmac.rx_pn;
873
+
memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN);
874
+
break;
875
+
case WLAN_CIPHER_SUITE_GCMP:
876
+
case WLAN_CIPHER_SUITE_GCMP_256:
877
+
if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
878
+
return;
879
+
if (tid < 0)
880
+
pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
881
+
else
882
+
pn = key->u.gcmp.rx_pn[tid];
883
+
memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN);
1017
884
break;
1018
885
default:
1019
886
WARN_ON(1);
+18
net/mac80211/key.h
+18
net/mac80211/key.h
···
95
95
u32 icverrors; /* dot11RSNAStatsCMACICVErrors */
96
96
} aes_cmac;
97
97
struct {
98
+
atomic64_t tx_pn;
99
+
u8 rx_pn[IEEE80211_GMAC_PN_LEN];
100
+
struct crypto_aead *tfm;
101
+
u32 replays; /* dot11RSNAStatsCMACReplays */
102
+
u32 icverrors; /* dot11RSNAStatsCMACICVErrors */
103
+
} aes_gmac;
104
+
struct {
105
+
atomic64_t tx_pn;
106
+
/* Last received packet number. The first
107
+
* IEEE80211_NUM_TIDS counters are used with Data
108
+
* frames and the last counter is used with Robust
109
+
* Management frames.
110
+
*/
111
+
u8 rx_pn[IEEE80211_NUM_TIDS + 1][IEEE80211_GCMP_PN_LEN];
112
+
struct crypto_aead *tfm;
113
+
u32 replays; /* dot11RSNAStatsGCMPReplays */
114
+
} gcmp;
115
+
struct {
98
116
/* generic cipher scheme */
99
117
u8 rx_pn[IEEE80211_NUM_TIDS + 1][MAX_PN_LEN];
100
118
} gen;
+86
-57
net/mac80211/main.c
+86
-57
net/mac80211/main.c
···
658
658
bool have_wep = !(IS_ERR(local->wep_tx_tfm) ||
659
659
IS_ERR(local->wep_rx_tfm));
660
660
bool have_mfp = local->hw.flags & IEEE80211_HW_MFP_CAPABLE;
661
-
const struct ieee80211_cipher_scheme *cs = local->hw.cipher_schemes;
662
661
int n_suites = 0, r = 0, w = 0;
663
662
u32 *suites;
664
663
static const u32 cipher_suites[] = {
···
666
667
WLAN_CIPHER_SUITE_WEP104,
667
668
WLAN_CIPHER_SUITE_TKIP,
668
669
WLAN_CIPHER_SUITE_CCMP,
670
+
WLAN_CIPHER_SUITE_CCMP_256,
671
+
WLAN_CIPHER_SUITE_GCMP,
672
+
WLAN_CIPHER_SUITE_GCMP_256,
669
673
670
674
/* keep last -- depends on hw flags! */
671
-
WLAN_CIPHER_SUITE_AES_CMAC
675
+
WLAN_CIPHER_SUITE_AES_CMAC,
676
+
WLAN_CIPHER_SUITE_BIP_CMAC_256,
677
+
WLAN_CIPHER_SUITE_BIP_GMAC_128,
678
+
WLAN_CIPHER_SUITE_BIP_GMAC_256,
672
679
};
673
680
674
-
/* Driver specifies the ciphers, we have nothing to do... */
675
-
if (local->hw.wiphy->cipher_suites && have_wep)
676
-
return 0;
677
-
678
-
/* Set up cipher suites if driver relies on mac80211 cipher defs */
679
-
if (!local->hw.wiphy->cipher_suites && !cs) {
680
-
local->hw.wiphy->cipher_suites = cipher_suites;
681
-
local->hw.wiphy->n_cipher_suites = ARRAY_SIZE(cipher_suites);
682
-
683
-
if (!have_mfp)
684
-
local->hw.wiphy->n_cipher_suites--;
685
-
686
-
if (!have_wep) {
687
-
local->hw.wiphy->cipher_suites += 2;
688
-
local->hw.wiphy->n_cipher_suites -= 2;
689
-
}
690
-
691
-
return 0;
692
-
}
693
-
694
-
if (!local->hw.wiphy->cipher_suites) {
695
-
/*
696
-
* Driver specifies cipher schemes only
697
-
* We start counting ciphers defined by schemes, TKIP and CCMP
681
+
if (local->hw.flags & IEEE80211_HW_SW_CRYPTO_CONTROL ||
682
+
local->hw.wiphy->cipher_suites) {
683
+
/* If the driver advertises, or doesn't support SW crypto,
684
+
* we only need to remove WEP if necessary.
698
685
*/
699
-
n_suites = local->hw.n_cipher_schemes + 2;
700
-
701
-
/* check if we have WEP40 and WEP104 */
702
686
if (have_wep)
703
-
n_suites += 2;
687
+
return 0;
704
688
705
-
/* check if we have AES_CMAC */
706
-
if (have_mfp)
707
-
n_suites++;
689
+
/* well if it has _no_ ciphers ... fine */
690
+
if (!local->hw.wiphy->n_cipher_suites)
691
+
return 0;
708
692
709
-
suites = kmalloc(sizeof(u32) * n_suites, GFP_KERNEL);
710
-
if (!suites)
711
-
return -ENOMEM;
712
-
713
-
suites[w++] = WLAN_CIPHER_SUITE_CCMP;
714
-
suites[w++] = WLAN_CIPHER_SUITE_TKIP;
715
-
716
-
if (have_wep) {
717
-
suites[w++] = WLAN_CIPHER_SUITE_WEP40;
718
-
suites[w++] = WLAN_CIPHER_SUITE_WEP104;
719
-
}
720
-
721
-
if (have_mfp)
722
-
suites[w++] = WLAN_CIPHER_SUITE_AES_CMAC;
723
-
724
-
for (r = 0; r < local->hw.n_cipher_schemes; r++)
725
-
suites[w++] = cs[r].cipher;
726
-
} else {
727
693
/* Driver provides cipher suites, but we need to exclude WEP */
728
694
suites = kmemdup(local->hw.wiphy->cipher_suites,
729
695
sizeof(u32) * local->hw.wiphy->n_cipher_suites,
···
704
740
continue;
705
741
suites[w++] = suite;
706
742
}
743
+
} else if (!local->hw.cipher_schemes) {
744
+
/* If the driver doesn't have cipher schemes, there's nothing
745
+
* else to do other than assign the (software supported and
746
+
* perhaps offloaded) cipher suites.
747
+
*/
748
+
local->hw.wiphy->cipher_suites = cipher_suites;
749
+
local->hw.wiphy->n_cipher_suites = ARRAY_SIZE(cipher_suites);
750
+
751
+
if (!have_mfp)
752
+
local->hw.wiphy->n_cipher_suites -= 4;
753
+
754
+
if (!have_wep) {
755
+
local->hw.wiphy->cipher_suites += 2;
756
+
local->hw.wiphy->n_cipher_suites -= 2;
757
+
}
758
+
759
+
/* not dynamically allocated, so just return */
760
+
return 0;
761
+
} else {
762
+
const struct ieee80211_cipher_scheme *cs;
763
+
764
+
cs = local->hw.cipher_schemes;
765
+
766
+
/* Driver specifies cipher schemes only (but not cipher suites
767
+
* including the schemes)
768
+
*
769
+
* We start counting ciphers defined by schemes, TKIP, CCMP,
770
+
* CCMP-256, GCMP, and GCMP-256
771
+
*/
772
+
n_suites = local->hw.n_cipher_schemes + 5;
773
+
774
+
/* check if we have WEP40 and WEP104 */
775
+
if (have_wep)
776
+
n_suites += 2;
777
+
778
+
/* check if we have AES_CMAC, BIP-CMAC-256, BIP-GMAC-128,
779
+
* BIP-GMAC-256
780
+
*/
781
+
if (have_mfp)
782
+
n_suites += 4;
783
+
784
+
suites = kmalloc(sizeof(u32) * n_suites, GFP_KERNEL);
785
+
if (!suites)
786
+
return -ENOMEM;
787
+
788
+
suites[w++] = WLAN_CIPHER_SUITE_CCMP;
789
+
suites[w++] = WLAN_CIPHER_SUITE_CCMP_256;
790
+
suites[w++] = WLAN_CIPHER_SUITE_TKIP;
791
+
suites[w++] = WLAN_CIPHER_SUITE_GCMP;
792
+
suites[w++] = WLAN_CIPHER_SUITE_GCMP_256;
793
+
794
+
if (have_wep) {
795
+
suites[w++] = WLAN_CIPHER_SUITE_WEP40;
796
+
suites[w++] = WLAN_CIPHER_SUITE_WEP104;
797
+
}
798
+
799
+
if (have_mfp) {
800
+
suites[w++] = WLAN_CIPHER_SUITE_AES_CMAC;
801
+
suites[w++] = WLAN_CIPHER_SUITE_BIP_CMAC_256;
802
+
suites[w++] = WLAN_CIPHER_SUITE_BIP_GMAC_128;
803
+
suites[w++] = WLAN_CIPHER_SUITE_BIP_GMAC_256;
804
+
}
805
+
806
+
for (r = 0; r < local->hw.n_cipher_schemes; r++)
807
+
suites[w++] = cs[r].cipher;
707
808
}
708
809
709
810
local->hw.wiphy->cipher_suites = suites;
···
1070
1041
ieee80211_max_network_latency;
1071
1042
result = pm_qos_add_notifier(PM_QOS_NETWORK_LATENCY,
1072
1043
&local->network_latency_notifier);
1073
-
if (result) {
1074
-
rtnl_lock();
1044
+
if (result)
1075
1045
goto fail_pm_qos;
1076
-
}
1077
1046
1078
1047
#ifdef CONFIG_INET
1079
1048
local->ifa_notifier.notifier_call = ieee80211_ifa_changed;
···
1099
1072
fail_ifa:
1100
1073
pm_qos_remove_notifier(PM_QOS_NETWORK_LATENCY,
1101
1074
&local->network_latency_notifier);
1102
-
rtnl_lock();
1103
1075
#endif
1104
1076
fail_pm_qos:
1105
-
ieee80211_led_exit(local);
1077
+
rtnl_lock();
1078
+
rate_control_deinitialize(local);
1106
1079
ieee80211_remove_interfaces(local);
1107
1080
fail_rate:
1108
1081
rtnl_unlock();
1082
+
ieee80211_led_exit(local);
1109
1083
ieee80211_wep_free(local);
1110
-
sta_info_stop(local);
1111
1084
destroy_workqueue(local->workqueue);
1112
1085
fail_workqueue:
1113
1086
wiphy_unregister(local->hw.wiphy);
···
1202
1175
idr_destroy(&local->ack_status_frames);
1203
1176
1204
1177
kfree(rcu_access_pointer(local->tx_latency));
1178
+
1179
+
sta_info_stop(local);
1205
1180
1206
1181
wiphy_free(local->hw.wiphy);
1207
1182
}
-7
net/mac80211/mesh_plink.c
-7
net/mac80211/mesh_plink.c
···
523
523
sdata->u.mesh.mshcfg.auto_open_plinks &&
524
524
rssi_threshold_check(sdata, sta))
525
525
changed = mesh_plink_open(sta);
526
-
else if (sta->plink_state == NL80211_PLINK_LISTEN &&
527
-
(sdata->u.mesh.user_mpm ||
528
-
sdata->u.mesh.security & IEEE80211_MESH_SEC_AUTHED))
529
-
cfg80211_notify_new_peer_candidate(sdata->dev, hw_addr,
530
-
elems->ie_start,
531
-
elems->total_len,
532
-
GFP_ATOMIC);
533
526
534
527
ieee80211_mps_frame_release(sta, elems);
535
528
out:
+3
net/mac80211/mlme.c
+3
net/mac80211/mlme.c
···
2011
2011
/* disable per-vif ps */
2012
2012
ieee80211_recalc_ps_vif(sdata);
2013
2013
2014
+
/* make sure ongoing transmission finishes */
2015
+
synchronize_net();
2016
+
2014
2017
/*
2015
2018
* drop any frame before deauth/disassoc, this can be data or
2016
2019
* management frame. Since we are disconnecting, we should not
+37
-9
net/mac80211/rx.c
+37
-9
net/mac80211/rx.c
···
647
647
{
648
648
struct ieee80211_mgmt *hdr = (struct ieee80211_mgmt *) skb->data;
649
649
struct ieee80211_mmie *mmie;
650
+
struct ieee80211_mmie_16 *mmie16;
650
651
651
652
if (skb->len < 24 + sizeof(*mmie) || !is_multicast_ether_addr(hdr->da))
652
653
return -1;
···
657
656
658
657
mmie = (struct ieee80211_mmie *)
659
658
(skb->data + skb->len - sizeof(*mmie));
660
-
if (mmie->element_id != WLAN_EID_MMIE ||
661
-
mmie->length != sizeof(*mmie) - 2)
662
-
return -1;
659
+
if (mmie->element_id == WLAN_EID_MMIE &&
660
+
mmie->length == sizeof(*mmie) - 2)
661
+
return le16_to_cpu(mmie->key_id);
663
662
664
-
return le16_to_cpu(mmie->key_id);
663
+
mmie16 = (struct ieee80211_mmie_16 *)
664
+
(skb->data + skb->len - sizeof(*mmie16));
665
+
if (skb->len >= 24 + sizeof(*mmie16) &&
666
+
mmie16->element_id == WLAN_EID_MMIE &&
667
+
mmie16->length == sizeof(*mmie16) - 2)
668
+
return le16_to_cpu(mmie16->key_id);
669
+
670
+
return -1;
665
671
}
666
672
667
673
static int iwl80211_get_cs_keyid(const struct ieee80211_cipher_scheme *cs,
···
1658
1650
result = ieee80211_crypto_tkip_decrypt(rx);
1659
1651
break;
1660
1652
case WLAN_CIPHER_SUITE_CCMP:
1661
-
result = ieee80211_crypto_ccmp_decrypt(rx);
1653
+
result = ieee80211_crypto_ccmp_decrypt(
1654
+
rx, IEEE80211_CCMP_MIC_LEN);
1655
+
break;
1656
+
case WLAN_CIPHER_SUITE_CCMP_256:
1657
+
result = ieee80211_crypto_ccmp_decrypt(
1658
+
rx, IEEE80211_CCMP_256_MIC_LEN);
1662
1659
break;
1663
1660
case WLAN_CIPHER_SUITE_AES_CMAC:
1664
1661
result = ieee80211_crypto_aes_cmac_decrypt(rx);
1662
+
break;
1663
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1664
+
result = ieee80211_crypto_aes_cmac_256_decrypt(rx);
1665
+
break;
1666
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1667
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1668
+
result = ieee80211_crypto_aes_gmac_decrypt(rx);
1669
+
break;
1670
+
case WLAN_CIPHER_SUITE_GCMP:
1671
+
case WLAN_CIPHER_SUITE_GCMP_256:
1672
+
result = ieee80211_crypto_gcmp_decrypt(rx);
1665
1673
break;
1666
1674
default:
1667
1675
result = ieee80211_crypto_hw_decrypt(rx);
···
1805
1781
/* This is the first fragment of a new frame. */
1806
1782
entry = ieee80211_reassemble_add(rx->sdata, frag, seq,
1807
1783
rx->seqno_idx, &(rx->skb));
1808
-
if (rx->key && rx->key->conf.cipher == WLAN_CIPHER_SUITE_CCMP &&
1784
+
if (rx->key &&
1785
+
(rx->key->conf.cipher == WLAN_CIPHER_SUITE_CCMP ||
1786
+
rx->key->conf.cipher == WLAN_CIPHER_SUITE_CCMP_256) &&
1809
1787
ieee80211_has_protected(fc)) {
1810
1788
int queue = rx->security_idx;
1811
1789
/* Store CCMP PN so that we can verify that the next
···
1836
1810
int i;
1837
1811
u8 pn[IEEE80211_CCMP_PN_LEN], *rpn;
1838
1812
int queue;
1839
-
if (!rx->key || rx->key->conf.cipher != WLAN_CIPHER_SUITE_CCMP)
1813
+
if (!rx->key ||
1814
+
(rx->key->conf.cipher != WLAN_CIPHER_SUITE_CCMP &&
1815
+
rx->key->conf.cipher != WLAN_CIPHER_SUITE_CCMP_256))
1840
1816
return RX_DROP_UNUSABLE;
1841
1817
memcpy(pn, entry->last_pn, IEEE80211_CCMP_PN_LEN);
1842
1818
for (i = IEEE80211_CCMP_PN_LEN - 1; i >= 0; i--) {
···
2338
2310
return RX_DROP_MONITOR;
2339
2311
2340
2312
if (rx->sta) {
2341
-
/* The security index has the same property as needed
2313
+
/* The seqno index has the same property as needed
2342
2314
* for the rx_msdu field, i.e. it is IEEE80211_NUM_TIDS
2343
2315
* for non-QoS-data frames. Here we know it's a data
2344
2316
* frame, so count MSDUs.
2345
2317
*/
2346
-
rx->sta->rx_msdu[rx->security_idx]++;
2318
+
rx->sta->rx_msdu[rx->seqno_idx]++;
2347
2319
}
2348
2320
2349
2321
/*
+5
net/mac80211/scan.c
+5
net/mac80211/scan.c
···
828
828
829
829
mutex_lock(&local->mtx);
830
830
831
+
if (!ieee80211_can_run_worker(local)) {
832
+
aborted = true;
833
+
goto out_complete;
834
+
}
835
+
831
836
sdata = rcu_dereference_protected(local->scan_sdata,
832
837
lockdep_is_held(&local->mtx));
833
838
scan_req = rcu_dereference_protected(local->scan_req,
+14
net/mac80211/sta_info.c
+14
net/mac80211/sta_info.c
···
1764
1764
1765
1765
sinfo->generation = sdata->local->sta_generation;
1766
1766
1767
+
/* do before driver, so beacon filtering drivers have a
1768
+
* chance to e.g. just add the number of filtered beacons
1769
+
* (or just modify the value entirely, of course)
1770
+
*/
1771
+
if (sdata->vif.type == NL80211_IFTYPE_STATION)
1772
+
sinfo->rx_beacon = sdata->u.mgd.count_beacon_signal;
1773
+
1767
1774
drv_sta_statistics(local, sdata, &sta->sta, sinfo);
1768
1775
1769
1776
sinfo->filled |= BIT(NL80211_STA_INFO_INACTIVE_TIME) |
···
1822
1815
1823
1816
sinfo->rx_dropped_misc = sta->rx_dropped;
1824
1817
sinfo->beacon_loss_count = sta->beacon_loss_count;
1818
+
1819
+
if (sdata->vif.type == NL80211_IFTYPE_STATION &&
1820
+
!(sdata->vif.driver_flags & IEEE80211_VIF_BEACON_FILTER)) {
1821
+
sinfo->filled |= BIT(NL80211_STA_INFO_BEACON_RX) |
1822
+
BIT(NL80211_STA_INFO_BEACON_SIGNAL_AVG);
1823
+
sinfo->rx_beacon_signal_avg = ieee80211_ave_rssi(&sdata->vif);
1824
+
}
1825
1825
1826
1826
if ((sta->local->hw.flags & IEEE80211_HW_SIGNAL_DBM) ||
1827
1827
(sta->local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC)) {
+16
-17
net/mac80211/tdls.c
+16
-17
net/mac80211/tdls.c
···
345
345
*/
346
346
sband = local->hw.wiphy->bands[band];
347
347
memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap));
348
-
if ((action_code == WLAN_TDLS_SETUP_REQUEST ||
349
-
action_code == WLAN_TDLS_SETUP_RESPONSE) &&
350
-
ht_cap.ht_supported && (!sta || sta->sta.ht_cap.ht_supported)) {
351
-
if (action_code == WLAN_TDLS_SETUP_REQUEST) {
352
-
ieee80211_apply_htcap_overrides(sdata, &ht_cap);
353
348
354
-
/* disable SMPS in TDLS initiator */
355
-
ht_cap.cap |= (WLAN_HT_CAP_SM_PS_DISABLED
356
-
<< IEEE80211_HT_CAP_SM_PS_SHIFT);
357
-
} else {
358
-
/* disable SMPS in TDLS responder */
359
-
sta->sta.ht_cap.cap |=
360
-
(WLAN_HT_CAP_SM_PS_DISABLED
361
-
<< IEEE80211_HT_CAP_SM_PS_SHIFT);
349
+
if (action_code == WLAN_TDLS_SETUP_REQUEST && ht_cap.ht_supported) {
350
+
ieee80211_apply_htcap_overrides(sdata, &ht_cap);
362
351
363
-
/* the peer caps are already intersected with our own */
364
-
memcpy(&ht_cap, &sta->sta.ht_cap, sizeof(ht_cap));
365
-
}
352
+
/* disable SMPS in TDLS initiator */
353
+
ht_cap.cap |= WLAN_HT_CAP_SM_PS_DISABLED
354
+
<< IEEE80211_HT_CAP_SM_PS_SHIFT;
355
+
356
+
pos = skb_put(skb, sizeof(struct ieee80211_ht_cap) + 2);
357
+
ieee80211_ie_build_ht_cap(pos, &ht_cap, ht_cap.cap);
358
+
} else if (action_code == WLAN_TDLS_SETUP_RESPONSE &&
359
+
ht_cap.ht_supported && sta->sta.ht_cap.ht_supported) {
360
+
/* disable SMPS in TDLS responder */
361
+
sta->sta.ht_cap.cap |= WLAN_HT_CAP_SM_PS_DISABLED
362
+
<< IEEE80211_HT_CAP_SM_PS_SHIFT;
363
+
364
+
/* the peer caps are already intersected with our own */
365
+
memcpy(&ht_cap, &sta->sta.ht_cap, sizeof(ht_cap));
366
366
367
367
pos = skb_put(skb, sizeof(struct ieee80211_ht_cap) + 2);
368
368
ieee80211_ie_build_ht_cap(pos, &ht_cap, ht_cap.cap);
···
852
852
*/
853
853
if ((action_code == WLAN_TDLS_TEARDOWN) &&
854
854
(sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)) {
855
-
struct sta_info *sta = NULL;
856
855
bool try_resend; /* Should we keep skb for possible resend */
857
856
858
857
/* If not sending directly to peer - no point in keeping skb */
+19
-1
net/mac80211/tx.c
+19
-1
net/mac80211/tx.c
···
626
626
tx->key = NULL;
627
627
break;
628
628
case WLAN_CIPHER_SUITE_CCMP:
629
+
case WLAN_CIPHER_SUITE_CCMP_256:
630
+
case WLAN_CIPHER_SUITE_GCMP:
631
+
case WLAN_CIPHER_SUITE_GCMP_256:
629
632
if (!ieee80211_is_data_present(hdr->frame_control) &&
630
633
!ieee80211_use_mfp(hdr->frame_control, tx->sta,
631
634
tx->skb))
···
639
636
ieee80211_is_mgmt(hdr->frame_control);
640
637
break;
641
638
case WLAN_CIPHER_SUITE_AES_CMAC:
639
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
640
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
641
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
642
642
if (!ieee80211_is_mgmt(hdr->frame_control))
643
643
tx->key = NULL;
644
644
break;
···
1017
1011
case WLAN_CIPHER_SUITE_TKIP:
1018
1012
return ieee80211_crypto_tkip_encrypt(tx);
1019
1013
case WLAN_CIPHER_SUITE_CCMP:
1020
-
return ieee80211_crypto_ccmp_encrypt(tx);
1014
+
return ieee80211_crypto_ccmp_encrypt(
1015
+
tx, IEEE80211_CCMP_MIC_LEN);
1016
+
case WLAN_CIPHER_SUITE_CCMP_256:
1017
+
return ieee80211_crypto_ccmp_encrypt(
1018
+
tx, IEEE80211_CCMP_256_MIC_LEN);
1021
1019
case WLAN_CIPHER_SUITE_AES_CMAC:
1022
1020
return ieee80211_crypto_aes_cmac_encrypt(tx);
1021
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1022
+
return ieee80211_crypto_aes_cmac_256_encrypt(tx);
1023
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1024
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1025
+
return ieee80211_crypto_aes_gmac_encrypt(tx);
1026
+
case WLAN_CIPHER_SUITE_GCMP:
1027
+
case WLAN_CIPHER_SUITE_GCMP_256:
1028
+
return ieee80211_crypto_gcmp_encrypt(tx);
1023
1029
default:
1024
1030
return ieee80211_crypto_hw_encrypt(tx);
1025
1031
}
+21
-6
net/mac80211/util.c
+21
-6
net/mac80211/util.c
···
744
744
745
745
/*
746
746
* Nothing should have been stuffed into the workqueue during
747
-
* the suspend->resume cycle. If this WARN is seen then there
748
-
* is a bug with either the driver suspend or something in
749
-
* mac80211 stuffing into the workqueue which we haven't yet
750
-
* cleared during mac80211's suspend cycle.
747
+
* the suspend->resume cycle. Since we can't check each caller
748
+
* of this function if we are already quiescing / suspended,
749
+
* check here and don't WARN since this can actually happen when
750
+
* the rx path (for example) is racing against __ieee80211_suspend
751
+
* and suspending / quiescing was set after the rx path checked
752
+
* them.
751
753
*/
752
754
static bool ieee80211_can_queue_work(struct ieee80211_local *local)
753
755
{
754
-
if (WARN(local->suspended && !local->resuming,
755
-
"queueing ieee80211 work while going to suspend\n"))
756
+
if (local->quiescing || (local->suspended && !local->resuming)) {
757
+
pr_warn("queueing ieee80211 work while going to suspend\n");
756
758
return false;
759
+
}
757
760
758
761
return true;
759
762
}
···
2059
2056
local->suspended = false;
2060
2057
mb();
2061
2058
local->resuming = false;
2059
+
2060
+
/* It's possible that we don't handle the scan completion in
2061
+
* time during suspend, so if it's still marked as completed
2062
+
* here, queue the work and flush it to clean things up.
2063
+
* Instead of calling the worker function directly here, we
2064
+
* really queue it to avoid potential races with other flows
2065
+
* scheduling the same work.
2066
+
*/
2067
+
if (test_bit(SCAN_COMPLETED, &local->scanning)) {
2068
+
ieee80211_queue_delayed_work(&local->hw, &local->scan_work, 0);
2069
+
flush_delayed_work(&local->scan_work);
2070
+
}
2062
2071
2063
2072
if (local->open_count && !reconfig_due_to_wowlan)
2064
2073
drv_reconfig_complete(local, IEEE80211_RECONFIG_TYPE_SUSPEND);
+433
-10
net/mac80211/wpa.c
+433
-10
net/mac80211/wpa.c
···
22
22
#include "tkip.h"
23
23
#include "aes_ccm.h"
24
24
#include "aes_cmac.h"
25
+
#include "aes_gmac.h"
26
+
#include "aes_gcm.h"
25
27
#include "wpa.h"
26
28
27
29
ieee80211_tx_result
···
395
393
}
396
394
397
395
398
-
static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
396
+
static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb,
397
+
unsigned int mic_len)
399
398
{
400
399
struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
401
400
struct ieee80211_key *key = tx->key;
···
427
424
if (info->control.hw_key)
428
425
tail = 0;
429
426
else
430
-
tail = IEEE80211_CCMP_MIC_LEN;
427
+
tail = mic_len;
431
428
432
429
if (WARN_ON(skb_tailroom(skb) < tail ||
433
430
skb_headroom(skb) < IEEE80211_CCMP_HDR_LEN))
···
462
459
pos += IEEE80211_CCMP_HDR_LEN;
463
460
ccmp_special_blocks(skb, pn, b_0, aad);
464
461
ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, b_0, aad, pos, len,
465
-
skb_put(skb, IEEE80211_CCMP_MIC_LEN));
462
+
skb_put(skb, mic_len), mic_len);
466
463
467
464
return 0;
468
465
}
469
466
470
467
471
468
ieee80211_tx_result
472
-
ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx)
469
+
ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx,
470
+
unsigned int mic_len)
473
471
{
474
472
struct sk_buff *skb;
475
473
476
474
ieee80211_tx_set_protected(tx);
477
475
478
476
skb_queue_walk(&tx->skbs, skb) {
479
-
if (ccmp_encrypt_skb(tx, skb) < 0)
477
+
if (ccmp_encrypt_skb(tx, skb, mic_len) < 0)
480
478
return TX_DROP;
481
479
}
482
480
···
486
482
487
483
488
484
ieee80211_rx_result
489
-
ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
485
+
ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx,
486
+
unsigned int mic_len)
490
487
{
491
488
struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
492
489
int hdrlen;
···
504
499
!ieee80211_is_robust_mgmt_frame(skb))
505
500
return RX_CONTINUE;
506
501
507
-
data_len = skb->len - hdrlen - IEEE80211_CCMP_HDR_LEN -
508
-
IEEE80211_CCMP_MIC_LEN;
502
+
data_len = skb->len - hdrlen - IEEE80211_CCMP_HDR_LEN - mic_len;
509
503
if (!rx->sta || data_len < 0)
510
504
return RX_DROP_UNUSABLE;
511
505
···
535
531
key->u.ccmp.tfm, b_0, aad,
536
532
skb->data + hdrlen + IEEE80211_CCMP_HDR_LEN,
537
533
data_len,
538
-
skb->data + skb->len - IEEE80211_CCMP_MIC_LEN))
534
+
skb->data + skb->len - mic_len, mic_len))
539
535
return RX_DROP_UNUSABLE;
540
536
}
541
537
542
538
memcpy(key->u.ccmp.rx_pn[queue], pn, IEEE80211_CCMP_PN_LEN);
543
539
544
540
/* Remove CCMP header and MIC */
545
-
if (pskb_trim(skb, skb->len - IEEE80211_CCMP_MIC_LEN))
541
+
if (pskb_trim(skb, skb->len - mic_len))
546
542
return RX_DROP_UNUSABLE;
547
543
memmove(skb->data + IEEE80211_CCMP_HDR_LEN, skb->data, hdrlen);
548
544
skb_pull(skb, IEEE80211_CCMP_HDR_LEN);
545
+
546
+
return RX_CONTINUE;
547
+
}
548
+
549
+
static void gcmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *j_0, u8 *aad)
550
+
{
551
+
__le16 mask_fc;
552
+
u8 qos_tid;
553
+
struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
554
+
555
+
memcpy(j_0, hdr->addr2, ETH_ALEN);
556
+
memcpy(&j_0[ETH_ALEN], pn, IEEE80211_GCMP_PN_LEN);
557
+
j_0[13] = 0;
558
+
j_0[14] = 0;
559
+
j_0[AES_BLOCK_SIZE - 1] = 0x01;
560
+
561
+
/* AAD (extra authenticate-only data) / masked 802.11 header
562
+
* FC | A1 | A2 | A3 | SC | [A4] | [QC]
563
+
*/
564
+
put_unaligned_be16(ieee80211_hdrlen(hdr->frame_control) - 2, &aad[0]);
565
+
/* Mask FC: zero subtype b4 b5 b6 (if not mgmt)
566
+
* Retry, PwrMgt, MoreData; set Protected
567
+
*/
568
+
mask_fc = hdr->frame_control;
569
+
mask_fc &= ~cpu_to_le16(IEEE80211_FCTL_RETRY |
570
+
IEEE80211_FCTL_PM | IEEE80211_FCTL_MOREDATA);
571
+
if (!ieee80211_is_mgmt(hdr->frame_control))
572
+
mask_fc &= ~cpu_to_le16(0x0070);
573
+
mask_fc |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
574
+
575
+
put_unaligned(mask_fc, (__le16 *)&aad[2]);
576
+
memcpy(&aad[4], &hdr->addr1, 3 * ETH_ALEN);
577
+
578
+
/* Mask Seq#, leave Frag# */
579
+
aad[22] = *((u8 *)&hdr->seq_ctrl) & 0x0f;
580
+
aad[23] = 0;
581
+
582
+
if (ieee80211_is_data_qos(hdr->frame_control))
583
+
qos_tid = *ieee80211_get_qos_ctl(hdr) &
584
+
IEEE80211_QOS_CTL_TID_MASK;
585
+
else
586
+
qos_tid = 0;
587
+
588
+
if (ieee80211_has_a4(hdr->frame_control)) {
589
+
memcpy(&aad[24], hdr->addr4, ETH_ALEN);
590
+
aad[30] = qos_tid;
591
+
aad[31] = 0;
592
+
} else {
593
+
memset(&aad[24], 0, ETH_ALEN + IEEE80211_QOS_CTL_LEN);
594
+
aad[24] = qos_tid;
595
+
}
596
+
}
597
+
598
+
static inline void gcmp_pn2hdr(u8 *hdr, const u8 *pn, int key_id)
599
+
{
600
+
hdr[0] = pn[5];
601
+
hdr[1] = pn[4];
602
+
hdr[2] = 0;
603
+
hdr[3] = 0x20 | (key_id << 6);
604
+
hdr[4] = pn[3];
605
+
hdr[5] = pn[2];
606
+
hdr[6] = pn[1];
607
+
hdr[7] = pn[0];
608
+
}
609
+
610
+
static inline void gcmp_hdr2pn(u8 *pn, const u8 *hdr)
611
+
{
612
+
pn[0] = hdr[7];
613
+
pn[1] = hdr[6];
614
+
pn[2] = hdr[5];
615
+
pn[3] = hdr[4];
616
+
pn[4] = hdr[1];
617
+
pn[5] = hdr[0];
618
+
}
619
+
620
+
static int gcmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
621
+
{
622
+
struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
623
+
struct ieee80211_key *key = tx->key;
624
+
struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
625
+
int hdrlen, len, tail;
626
+
u8 *pos;
627
+
u8 pn[6];
628
+
u64 pn64;
629
+
u8 aad[2 * AES_BLOCK_SIZE];
630
+
u8 j_0[AES_BLOCK_SIZE];
631
+
632
+
if (info->control.hw_key &&
633
+
!(info->control.hw_key->flags & IEEE80211_KEY_FLAG_GENERATE_IV) &&
634
+
!(info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
635
+
!((info->control.hw_key->flags &
636
+
IEEE80211_KEY_FLAG_GENERATE_IV_MGMT) &&
637
+
ieee80211_is_mgmt(hdr->frame_control))) {
638
+
/* hwaccel has no need for preallocated room for GCMP
639
+
* header or MIC fields
640
+
*/
641
+
return 0;
642
+
}
643
+
644
+
hdrlen = ieee80211_hdrlen(hdr->frame_control);
645
+
len = skb->len - hdrlen;
646
+
647
+
if (info->control.hw_key)
648
+
tail = 0;
649
+
else
650
+
tail = IEEE80211_GCMP_MIC_LEN;
651
+
652
+
if (WARN_ON(skb_tailroom(skb) < tail ||
653
+
skb_headroom(skb) < IEEE80211_GCMP_HDR_LEN))
654
+
return -1;
655
+
656
+
pos = skb_push(skb, IEEE80211_GCMP_HDR_LEN);
657
+
memmove(pos, pos + IEEE80211_GCMP_HDR_LEN, hdrlen);
658
+
skb_set_network_header(skb, skb_network_offset(skb) +
659
+
IEEE80211_GCMP_HDR_LEN);
660
+
661
+
/* the HW only needs room for the IV, but not the actual IV */
662
+
if (info->control.hw_key &&
663
+
(info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE))
664
+
return 0;
665
+
666
+
hdr = (struct ieee80211_hdr *)pos;
667
+
pos += hdrlen;
668
+
669
+
pn64 = atomic64_inc_return(&key->u.gcmp.tx_pn);
670
+
671
+
pn[5] = pn64;
672
+
pn[4] = pn64 >> 8;
673
+
pn[3] = pn64 >> 16;
674
+
pn[2] = pn64 >> 24;
675
+
pn[1] = pn64 >> 32;
676
+
pn[0] = pn64 >> 40;
677
+
678
+
gcmp_pn2hdr(pos, pn, key->conf.keyidx);
679
+
680
+
/* hwaccel - with software GCMP header */
681
+
if (info->control.hw_key)
682
+
return 0;
683
+
684
+
pos += IEEE80211_GCMP_HDR_LEN;
685
+
gcmp_special_blocks(skb, pn, j_0, aad);
686
+
ieee80211_aes_gcm_encrypt(key->u.gcmp.tfm, j_0, aad, pos, len,
687
+
skb_put(skb, IEEE80211_GCMP_MIC_LEN));
688
+
689
+
return 0;
690
+
}
691
+
692
+
ieee80211_tx_result
693
+
ieee80211_crypto_gcmp_encrypt(struct ieee80211_tx_data *tx)
694
+
{
695
+
struct sk_buff *skb;
696
+
697
+
ieee80211_tx_set_protected(tx);
698
+
699
+
skb_queue_walk(&tx->skbs, skb) {
700
+
if (gcmp_encrypt_skb(tx, skb) < 0)
701
+
return TX_DROP;
702
+
}
703
+
704
+
return TX_CONTINUE;
705
+
}
706
+
707
+
ieee80211_rx_result
708
+
ieee80211_crypto_gcmp_decrypt(struct ieee80211_rx_data *rx)
709
+
{
710
+
struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
711
+
int hdrlen;
712
+
struct ieee80211_key *key = rx->key;
713
+
struct sk_buff *skb = rx->skb;
714
+
struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
715
+
u8 pn[IEEE80211_GCMP_PN_LEN];
716
+
int data_len;
717
+
int queue;
718
+
719
+
hdrlen = ieee80211_hdrlen(hdr->frame_control);
720
+
721
+
if (!ieee80211_is_data(hdr->frame_control) &&
722
+
!ieee80211_is_robust_mgmt_frame(skb))
723
+
return RX_CONTINUE;
724
+
725
+
data_len = skb->len - hdrlen - IEEE80211_GCMP_HDR_LEN -
726
+
IEEE80211_GCMP_MIC_LEN;
727
+
if (!rx->sta || data_len < 0)
728
+
return RX_DROP_UNUSABLE;
729
+
730
+
if (status->flag & RX_FLAG_DECRYPTED) {
731
+
if (!pskb_may_pull(rx->skb, hdrlen + IEEE80211_GCMP_HDR_LEN))
732
+
return RX_DROP_UNUSABLE;
733
+
} else {
734
+
if (skb_linearize(rx->skb))
735
+
return RX_DROP_UNUSABLE;
736
+
}
737
+
738
+
gcmp_hdr2pn(pn, skb->data + hdrlen);
739
+
740
+
queue = rx->security_idx;
741
+
742
+
if (memcmp(pn, key->u.gcmp.rx_pn[queue], IEEE80211_GCMP_PN_LEN) <= 0) {
743
+
key->u.gcmp.replays++;
744
+
return RX_DROP_UNUSABLE;
745
+
}
746
+
747
+
if (!(status->flag & RX_FLAG_DECRYPTED)) {
748
+
u8 aad[2 * AES_BLOCK_SIZE];
749
+
u8 j_0[AES_BLOCK_SIZE];
750
+
/* hardware didn't decrypt/verify MIC */
751
+
gcmp_special_blocks(skb, pn, j_0, aad);
752
+
753
+
if (ieee80211_aes_gcm_decrypt(
754
+
key->u.gcmp.tfm, j_0, aad,
755
+
skb->data + hdrlen + IEEE80211_GCMP_HDR_LEN,
756
+
data_len,
757
+
skb->data + skb->len - IEEE80211_GCMP_MIC_LEN))
758
+
return RX_DROP_UNUSABLE;
759
+
}
760
+
761
+
memcpy(key->u.gcmp.rx_pn[queue], pn, IEEE80211_GCMP_PN_LEN);
762
+
763
+
/* Remove GCMP header and MIC */
764
+
if (pskb_trim(skb, skb->len - IEEE80211_GCMP_MIC_LEN))
765
+
return RX_DROP_UNUSABLE;
766
+
memmove(skb->data + IEEE80211_GCMP_HDR_LEN, skb->data, hdrlen);
767
+
skb_pull(skb, IEEE80211_GCMP_HDR_LEN);
549
768
550
769
return RX_CONTINUE;
551
770
}
···
956
729
return TX_CONTINUE;
957
730
}
958
731
732
+
ieee80211_tx_result
733
+
ieee80211_crypto_aes_cmac_256_encrypt(struct ieee80211_tx_data *tx)
734
+
{
735
+
struct sk_buff *skb;
736
+
struct ieee80211_tx_info *info;
737
+
struct ieee80211_key *key = tx->key;
738
+
struct ieee80211_mmie_16 *mmie;
739
+
u8 aad[20];
740
+
u64 pn64;
741
+
742
+
if (WARN_ON(skb_queue_len(&tx->skbs) != 1))
743
+
return TX_DROP;
744
+
745
+
skb = skb_peek(&tx->skbs);
746
+
747
+
info = IEEE80211_SKB_CB(skb);
748
+
749
+
if (info->control.hw_key)
750
+
return TX_CONTINUE;
751
+
752
+
if (WARN_ON(skb_tailroom(skb) < sizeof(*mmie)))
753
+
return TX_DROP;
754
+
755
+
mmie = (struct ieee80211_mmie_16 *)skb_put(skb, sizeof(*mmie));
756
+
mmie->element_id = WLAN_EID_MMIE;
757
+
mmie->length = sizeof(*mmie) - 2;
758
+
mmie->key_id = cpu_to_le16(key->conf.keyidx);
759
+
760
+
/* PN = PN + 1 */
761
+
pn64 = atomic64_inc_return(&key->u.aes_cmac.tx_pn);
762
+
763
+
bip_ipn_set64(mmie->sequence_number, pn64);
764
+
765
+
bip_aad(skb, aad);
766
+
767
+
/* MIC = AES-256-CMAC(IGTK, AAD || Management Frame Body || MMIE, 128)
768
+
*/
769
+
ieee80211_aes_cmac_256(key->u.aes_cmac.tfm, aad,
770
+
skb->data + 24, skb->len - 24, mmie->mic);
771
+
772
+
return TX_CONTINUE;
773
+
}
959
774
960
775
ieee80211_rx_result
961
776
ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx)
···
1042
773
}
1043
774
1044
775
memcpy(key->u.aes_cmac.rx_pn, ipn, 6);
776
+
777
+
/* Remove MMIE */
778
+
skb_trim(skb, skb->len - sizeof(*mmie));
779
+
780
+
return RX_CONTINUE;
781
+
}
782
+
783
+
ieee80211_rx_result
784
+
ieee80211_crypto_aes_cmac_256_decrypt(struct ieee80211_rx_data *rx)
785
+
{
786
+
struct sk_buff *skb = rx->skb;
787
+
struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
788
+
struct ieee80211_key *key = rx->key;
789
+
struct ieee80211_mmie_16 *mmie;
790
+
u8 aad[20], mic[16], ipn[6];
791
+
struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
792
+
793
+
if (!ieee80211_is_mgmt(hdr->frame_control))
794
+
return RX_CONTINUE;
795
+
796
+
/* management frames are already linear */
797
+
798
+
if (skb->len < 24 + sizeof(*mmie))
799
+
return RX_DROP_UNUSABLE;
800
+
801
+
mmie = (struct ieee80211_mmie_16 *)
802
+
(skb->data + skb->len - sizeof(*mmie));
803
+
if (mmie->element_id != WLAN_EID_MMIE ||
804
+
mmie->length != sizeof(*mmie) - 2)
805
+
return RX_DROP_UNUSABLE; /* Invalid MMIE */
806
+
807
+
bip_ipn_swap(ipn, mmie->sequence_number);
808
+
809
+
if (memcmp(ipn, key->u.aes_cmac.rx_pn, 6) <= 0) {
810
+
key->u.aes_cmac.replays++;
811
+
return RX_DROP_UNUSABLE;
812
+
}
813
+
814
+
if (!(status->flag & RX_FLAG_DECRYPTED)) {
815
+
/* hardware didn't decrypt/verify MIC */
816
+
bip_aad(skb, aad);
817
+
ieee80211_aes_cmac_256(key->u.aes_cmac.tfm, aad,
818
+
skb->data + 24, skb->len - 24, mic);
819
+
if (memcmp(mic, mmie->mic, sizeof(mmie->mic)) != 0) {
820
+
key->u.aes_cmac.icverrors++;
821
+
return RX_DROP_UNUSABLE;
822
+
}
823
+
}
824
+
825
+
memcpy(key->u.aes_cmac.rx_pn, ipn, 6);
826
+
827
+
/* Remove MMIE */
828
+
skb_trim(skb, skb->len - sizeof(*mmie));
829
+
830
+
return RX_CONTINUE;
831
+
}
832
+
833
+
ieee80211_tx_result
834
+
ieee80211_crypto_aes_gmac_encrypt(struct ieee80211_tx_data *tx)
835
+
{
836
+
struct sk_buff *skb;
837
+
struct ieee80211_tx_info *info;
838
+
struct ieee80211_key *key = tx->key;
839
+
struct ieee80211_mmie_16 *mmie;
840
+
struct ieee80211_hdr *hdr;
841
+
u8 aad[20];
842
+
u64 pn64;
843
+
u8 nonce[12];
844
+
845
+
if (WARN_ON(skb_queue_len(&tx->skbs) != 1))
846
+
return TX_DROP;
847
+
848
+
skb = skb_peek(&tx->skbs);
849
+
850
+
info = IEEE80211_SKB_CB(skb);
851
+
852
+
if (info->control.hw_key)
853
+
return TX_CONTINUE;
854
+
855
+
if (WARN_ON(skb_tailroom(skb) < sizeof(*mmie)))
856
+
return TX_DROP;
857
+
858
+
mmie = (struct ieee80211_mmie_16 *)skb_put(skb, sizeof(*mmie));
859
+
mmie->element_id = WLAN_EID_MMIE;
860
+
mmie->length = sizeof(*mmie) - 2;
861
+
mmie->key_id = cpu_to_le16(key->conf.keyidx);
862
+
863
+
/* PN = PN + 1 */
864
+
pn64 = atomic64_inc_return(&key->u.aes_gmac.tx_pn);
865
+
866
+
bip_ipn_set64(mmie->sequence_number, pn64);
867
+
868
+
bip_aad(skb, aad);
869
+
870
+
hdr = (struct ieee80211_hdr *)skb->data;
871
+
memcpy(nonce, hdr->addr2, ETH_ALEN);
872
+
bip_ipn_swap(nonce + ETH_ALEN, mmie->sequence_number);
873
+
874
+
/* MIC = AES-GMAC(IGTK, AAD || Management Frame Body || MMIE, 128) */
875
+
if (ieee80211_aes_gmac(key->u.aes_gmac.tfm, aad, nonce,
876
+
skb->data + 24, skb->len - 24, mmie->mic) < 0)
877
+
return TX_DROP;
878
+
879
+
return TX_CONTINUE;
880
+
}
881
+
882
+
ieee80211_rx_result
883
+
ieee80211_crypto_aes_gmac_decrypt(struct ieee80211_rx_data *rx)
884
+
{
885
+
struct sk_buff *skb = rx->skb;
886
+
struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
887
+
struct ieee80211_key *key = rx->key;
888
+
struct ieee80211_mmie_16 *mmie;
889
+
u8 aad[20], mic[16], ipn[6], nonce[12];
890
+
struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
891
+
892
+
if (!ieee80211_is_mgmt(hdr->frame_control))
893
+
return RX_CONTINUE;
894
+
895
+
/* management frames are already linear */
896
+
897
+
if (skb->len < 24 + sizeof(*mmie))
898
+
return RX_DROP_UNUSABLE;
899
+
900
+
mmie = (struct ieee80211_mmie_16 *)
901
+
(skb->data + skb->len - sizeof(*mmie));
902
+
if (mmie->element_id != WLAN_EID_MMIE ||
903
+
mmie->length != sizeof(*mmie) - 2)
904
+
return RX_DROP_UNUSABLE; /* Invalid MMIE */
905
+
906
+
bip_ipn_swap(ipn, mmie->sequence_number);
907
+
908
+
if (memcmp(ipn, key->u.aes_gmac.rx_pn, 6) <= 0) {
909
+
key->u.aes_gmac.replays++;
910
+
return RX_DROP_UNUSABLE;
911
+
}
912
+
913
+
if (!(status->flag & RX_FLAG_DECRYPTED)) {
914
+
/* hardware didn't decrypt/verify MIC */
915
+
bip_aad(skb, aad);
916
+
917
+
memcpy(nonce, hdr->addr2, ETH_ALEN);
918
+
memcpy(nonce + ETH_ALEN, ipn, 6);
919
+
920
+
if (ieee80211_aes_gmac(key->u.aes_gmac.tfm, aad, nonce,
921
+
skb->data + 24, skb->len - 24,
922
+
mic) < 0 ||
923
+
memcmp(mic, mmie->mic, sizeof(mmie->mic)) != 0) {
924
+
key->u.aes_gmac.icverrors++;
925
+
return RX_DROP_UNUSABLE;
926
+
}
927
+
}
928
+
929
+
memcpy(key->u.aes_gmac.rx_pn, ipn, 6);
1045
930
1046
931
/* Remove MMIE */
1047
932
skb_trim(skb, skb->len - sizeof(*mmie));
+17
-2
net/mac80211/wpa.h
+17
-2
net/mac80211/wpa.h
···
24
24
ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx);
25
25
26
26
ieee80211_tx_result
27
-
ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx);
27
+
ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx,
28
+
unsigned int mic_len);
28
29
ieee80211_rx_result
29
-
ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx);
30
+
ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx,
31
+
unsigned int mic_len);
30
32
31
33
ieee80211_tx_result
32
34
ieee80211_crypto_aes_cmac_encrypt(struct ieee80211_tx_data *tx);
35
+
ieee80211_tx_result
36
+
ieee80211_crypto_aes_cmac_256_encrypt(struct ieee80211_tx_data *tx);
33
37
ieee80211_rx_result
34
38
ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx);
39
+
ieee80211_rx_result
40
+
ieee80211_crypto_aes_cmac_256_decrypt(struct ieee80211_rx_data *rx);
41
+
ieee80211_tx_result
42
+
ieee80211_crypto_aes_gmac_encrypt(struct ieee80211_tx_data *tx);
43
+
ieee80211_rx_result
44
+
ieee80211_crypto_aes_gmac_decrypt(struct ieee80211_rx_data *rx);
35
45
ieee80211_tx_result
36
46
ieee80211_crypto_hw_encrypt(struct ieee80211_tx_data *tx);
37
47
ieee80211_rx_result
38
48
ieee80211_crypto_hw_decrypt(struct ieee80211_rx_data *rx);
49
+
50
+
ieee80211_tx_result
51
+
ieee80211_crypto_gcmp_encrypt(struct ieee80211_tx_data *tx);
52
+
ieee80211_rx_result
53
+
ieee80211_crypto_gcmp_decrypt(struct ieee80211_rx_data *rx);
39
54
40
55
#endif /* WPA_H */
+1
net/rfkill/rfkill-gpio.c
+1
net/rfkill/rfkill-gpio.c
···
170
170
{ "BCM2E1A", RFKILL_TYPE_BLUETOOTH },
171
171
{ "BCM2E39", RFKILL_TYPE_BLUETOOTH },
172
172
{ "BCM2E3D", RFKILL_TYPE_BLUETOOTH },
173
+
{ "BCM2E40", RFKILL_TYPE_BLUETOOTH },
173
174
{ "BCM2E64", RFKILL_TYPE_BLUETOOTH },
174
175
{ "BCM4752", RFKILL_TYPE_GPS },
175
176
{ "LNV4752", RFKILL_TYPE_GPS },
+21
-10
net/wireless/nl80211.c
+21
-10
net/wireless/nl80211.c
···
397
397
[NL80211_ATTR_SMPS_MODE] = { .type = NLA_U8 },
398
398
[NL80211_ATTR_MAC_MASK] = { .len = ETH_ALEN },
399
399
[NL80211_ATTR_WIPHY_SELF_MANAGED_REG] = { .type = NLA_FLAG },
400
+
[NL80211_ATTR_NETNS_FD] = { .type = NLA_U32 },
401
+
[NL80211_ATTR_SCHED_SCAN_DELAY] = { .type = NLA_U32 },
400
402
};
401
403
402
404
/* policy for the key attributes */
···
5780
5778
request->ssids = (void *)&request->channels[n_channels];
5781
5779
request->n_ssids = n_ssids;
5782
5780
if (ie_len) {
5783
-
if (request->ssids)
5781
+
if (n_ssids)
5784
5782
request->ie = (void *)(request->ssids + n_ssids);
5785
5783
else
5786
5784
request->ie = (void *)(request->channels + n_channels);
···
5836
5834
request->n_channels = i;
5837
5835
5838
5836
i = 0;
5839
-
if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) {
5837
+
if (n_ssids) {
5840
5838
nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) {
5841
5839
if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) {
5842
5840
err = -EINVAL;
···
6034
6032
request->ssids = (void *)&request->channels[n_channels];
6035
6033
request->n_ssids = n_ssids;
6036
6034
if (ie_len) {
6037
-
if (request->ssids)
6035
+
if (n_ssids)
6038
6036
request->ie = (void *)(request->ssids + n_ssids);
6039
6037
else
6040
6038
request->ie = (void *)(request->channels + n_channels);
···
6043
6041
if (n_match_sets) {
6044
6042
if (request->ie)
6045
6043
request->match_sets = (void *)(request->ie + ie_len);
6046
-
else if (request->ssids)
6044
+
else if (n_ssids)
6047
6045
request->match_sets =
6048
6046
(void *)(request->ssids + n_ssids);
6049
6047
else
···
6102
6100
request->n_channels = i;
6103
6101
6104
6102
i = 0;
6105
-
if (attrs[NL80211_ATTR_SCAN_SSIDS]) {
6103
+
if (n_ssids) {
6106
6104
nla_for_each_nested(attr, attrs[NL80211_ATTR_SCAN_SSIDS],
6107
6105
tmp) {
6108
6106
if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) {
···
6209
6207
goto out_free;
6210
6208
}
6211
6209
}
6210
+
6211
+
if (attrs[NL80211_ATTR_SCHED_SCAN_DELAY])
6212
+
request->delay =
6213
+
nla_get_u32(attrs[NL80211_ATTR_SCHED_SCAN_DELAY]);
6212
6214
6213
6215
request->interval = interval;
6214
6216
request->scan_start = jiffies;
···
7774
7768
struct cfg80211_registered_device *rdev = info->user_ptr[0];
7775
7769
struct net *net;
7776
7770
int err;
7777
-
u32 pid;
7778
7771
7779
-
if (!info->attrs[NL80211_ATTR_PID])
7772
+
if (info->attrs[NL80211_ATTR_PID]) {
7773
+
u32 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]);
7774
+
7775
+
net = get_net_ns_by_pid(pid);
7776
+
} else if (info->attrs[NL80211_ATTR_NETNS_FD]) {
7777
+
u32 fd = nla_get_u32(info->attrs[NL80211_ATTR_NETNS_FD]);
7778
+
7779
+
net = get_net_ns_by_fd(fd);
7780
+
} else {
7780
7781
return -EINVAL;
7782
+
}
7781
7783
7782
-
pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]);
7783
-
7784
-
net = get_net_ns_by_pid(pid);
7785
7784
if (IS_ERR(net))
7786
7785
return PTR_ERR(net);
7787
7786
+56
-12
net/wireless/util.c
+56
-12
net/wireless/util.c
···
227
227
if (pairwise && !mac_addr)
228
228
return -EINVAL;
229
229
230
-
/*
231
-
* Disallow pairwise keys with non-zero index unless it's WEP
232
-
* or a vendor specific cipher (because current deployments use
233
-
* pairwise WEP keys with non-zero indices and for vendor specific
234
-
* ciphers this should be validated in the driver or hardware level
235
-
* - but 802.11i clearly specifies to use zero)
236
-
*/
237
-
if (pairwise && key_idx &&
238
-
((params->cipher == WLAN_CIPHER_SUITE_TKIP) ||
239
-
(params->cipher == WLAN_CIPHER_SUITE_CCMP) ||
240
-
(params->cipher == WLAN_CIPHER_SUITE_AES_CMAC)))
241
-
return -EINVAL;
230
+
switch (params->cipher) {
231
+
case WLAN_CIPHER_SUITE_TKIP:
232
+
case WLAN_CIPHER_SUITE_CCMP:
233
+
case WLAN_CIPHER_SUITE_CCMP_256:
234
+
case WLAN_CIPHER_SUITE_GCMP:
235
+
case WLAN_CIPHER_SUITE_GCMP_256:
236
+
/* Disallow pairwise keys with non-zero index unless it's WEP
237
+
* or a vendor specific cipher (because current deployments use
238
+
* pairwise WEP keys with non-zero indices and for vendor
239
+
* specific ciphers this should be validated in the driver or
240
+
* hardware level - but 802.11i clearly specifies to use zero)
241
+
*/
242
+
if (pairwise && key_idx)
243
+
return -EINVAL;
244
+
break;
245
+
case WLAN_CIPHER_SUITE_AES_CMAC:
246
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
247
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
248
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
249
+
/* Disallow BIP (group-only) cipher as pairwise cipher */
250
+
if (pairwise)
251
+
return -EINVAL;
252
+
break;
253
+
default:
254
+
break;
255
+
}
242
256
243
257
switch (params->cipher) {
244
258
case WLAN_CIPHER_SUITE_WEP40:
···
267
253
if (params->key_len != WLAN_KEY_LEN_CCMP)
268
254
return -EINVAL;
269
255
break;
256
+
case WLAN_CIPHER_SUITE_CCMP_256:
257
+
if (params->key_len != WLAN_KEY_LEN_CCMP_256)
258
+
return -EINVAL;
259
+
break;
260
+
case WLAN_CIPHER_SUITE_GCMP:
261
+
if (params->key_len != WLAN_KEY_LEN_GCMP)
262
+
return -EINVAL;
263
+
break;
264
+
case WLAN_CIPHER_SUITE_GCMP_256:
265
+
if (params->key_len != WLAN_KEY_LEN_GCMP_256)
266
+
return -EINVAL;
267
+
break;
270
268
case WLAN_CIPHER_SUITE_WEP104:
271
269
if (params->key_len != WLAN_KEY_LEN_WEP104)
272
270
return -EINVAL;
273
271
break;
274
272
case WLAN_CIPHER_SUITE_AES_CMAC:
275
273
if (params->key_len != WLAN_KEY_LEN_AES_CMAC)
274
+
return -EINVAL;
275
+
break;
276
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
277
+
if (params->key_len != WLAN_KEY_LEN_BIP_CMAC_256)
278
+
return -EINVAL;
279
+
break;
280
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
281
+
if (params->key_len != WLAN_KEY_LEN_BIP_GMAC_128)
282
+
return -EINVAL;
283
+
break;
284
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
285
+
if (params->key_len != WLAN_KEY_LEN_BIP_GMAC_256)
276
286
return -EINVAL;
277
287
break;
278
288
default:
···
318
280
return -EINVAL;
319
281
case WLAN_CIPHER_SUITE_TKIP:
320
282
case WLAN_CIPHER_SUITE_CCMP:
283
+
case WLAN_CIPHER_SUITE_CCMP_256:
284
+
case WLAN_CIPHER_SUITE_GCMP:
285
+
case WLAN_CIPHER_SUITE_GCMP_256:
321
286
case WLAN_CIPHER_SUITE_AES_CMAC:
287
+
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
288
+
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
289
+
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
322
290
if (params->seq_len != 6)
323
291
return -EINVAL;
324
292
break;