228 lines
7.4 KiB
C
228 lines
7.4 KiB
C
// SPDX-License-Identifier: GPL-2.0-only
|
|
/*
|
|
* Key management related functions.
|
|
*
|
|
* Copyright (c) 2017-2020, Silicon Laboratories, Inc.
|
|
* Copyright (c) 2010, ST-Ericsson
|
|
*/
|
|
#include <linux/etherdevice.h>
|
|
#include <net/mac80211.h>
|
|
|
|
#include "key.h"
|
|
#include "wfx.h"
|
|
#include "hif_tx_mib.h"
|
|
|
|
static int wfx_alloc_key(struct wfx_dev *wdev)
|
|
{
|
|
int idx;
|
|
|
|
idx = ffs(~wdev->key_map) - 1;
|
|
if (idx < 0 || idx >= MAX_KEY_ENTRIES)
|
|
return -1;
|
|
|
|
wdev->key_map |= BIT(idx);
|
|
return idx;
|
|
}
|
|
|
|
static void wfx_free_key(struct wfx_dev *wdev, int idx)
|
|
{
|
|
WARN(!(wdev->key_map & BIT(idx)), "inconsistent key allocation");
|
|
wdev->key_map &= ~BIT(idx);
|
|
}
|
|
|
|
static u8 fill_wep_pair(struct wfx_hif_wep_pairwise_key *msg,
|
|
struct ieee80211_key_conf *key, u8 *peer_addr)
|
|
{
|
|
WARN(key->keylen > sizeof(msg->key_data), "inconsistent data");
|
|
msg->key_length = key->keylen;
|
|
memcpy(msg->key_data, key->key, key->keylen);
|
|
ether_addr_copy(msg->peer_address, peer_addr);
|
|
return HIF_KEY_TYPE_WEP_PAIRWISE;
|
|
}
|
|
|
|
static u8 fill_wep_group(struct wfx_hif_wep_group_key *msg,
|
|
struct ieee80211_key_conf *key)
|
|
{
|
|
WARN(key->keylen > sizeof(msg->key_data), "inconsistent data");
|
|
msg->key_id = key->keyidx;
|
|
msg->key_length = key->keylen;
|
|
memcpy(msg->key_data, key->key, key->keylen);
|
|
return HIF_KEY_TYPE_WEP_DEFAULT;
|
|
}
|
|
|
|
static u8 fill_tkip_pair(struct wfx_hif_tkip_pairwise_key *msg,
|
|
struct ieee80211_key_conf *key, u8 *peer_addr)
|
|
{
|
|
u8 *keybuf = key->key;
|
|
|
|
WARN(key->keylen != sizeof(msg->tkip_key_data) + sizeof(msg->tx_mic_key) +
|
|
sizeof(msg->rx_mic_key), "inconsistent data");
|
|
memcpy(msg->tkip_key_data, keybuf, sizeof(msg->tkip_key_data));
|
|
keybuf += sizeof(msg->tkip_key_data);
|
|
memcpy(msg->tx_mic_key, keybuf, sizeof(msg->tx_mic_key));
|
|
keybuf += sizeof(msg->tx_mic_key);
|
|
memcpy(msg->rx_mic_key, keybuf, sizeof(msg->rx_mic_key));
|
|
ether_addr_copy(msg->peer_address, peer_addr);
|
|
return HIF_KEY_TYPE_TKIP_PAIRWISE;
|
|
}
|
|
|
|
static u8 fill_tkip_group(struct wfx_hif_tkip_group_key *msg, struct ieee80211_key_conf *key,
|
|
struct ieee80211_key_seq *seq, enum nl80211_iftype iftype)
|
|
{
|
|
u8 *keybuf = key->key;
|
|
|
|
WARN(key->keylen != sizeof(msg->tkip_key_data) + 2 * sizeof(msg->rx_mic_key),
|
|
"inconsistent data");
|
|
msg->key_id = key->keyidx;
|
|
memcpy(msg->rx_sequence_counter, &seq->tkip.iv16, sizeof(seq->tkip.iv16));
|
|
memcpy(msg->rx_sequence_counter + sizeof(u16), &seq->tkip.iv32, sizeof(seq->tkip.iv32));
|
|
memcpy(msg->tkip_key_data, keybuf, sizeof(msg->tkip_key_data));
|
|
keybuf += sizeof(msg->tkip_key_data);
|
|
if (iftype == NL80211_IFTYPE_AP)
|
|
/* Use Tx MIC Key */
|
|
memcpy(msg->rx_mic_key, keybuf + 0, sizeof(msg->rx_mic_key));
|
|
else
|
|
/* Use Rx MIC Key */
|
|
memcpy(msg->rx_mic_key, keybuf + 8, sizeof(msg->rx_mic_key));
|
|
return HIF_KEY_TYPE_TKIP_GROUP;
|
|
}
|
|
|
|
static u8 fill_ccmp_pair(struct wfx_hif_aes_pairwise_key *msg,
|
|
struct ieee80211_key_conf *key, u8 *peer_addr)
|
|
{
|
|
WARN(key->keylen != sizeof(msg->aes_key_data), "inconsistent data");
|
|
ether_addr_copy(msg->peer_address, peer_addr);
|
|
memcpy(msg->aes_key_data, key->key, key->keylen);
|
|
return HIF_KEY_TYPE_AES_PAIRWISE;
|
|
}
|
|
|
|
static u8 fill_ccmp_group(struct wfx_hif_aes_group_key *msg,
|
|
struct ieee80211_key_conf *key, struct ieee80211_key_seq *seq)
|
|
{
|
|
WARN(key->keylen != sizeof(msg->aes_key_data), "inconsistent data");
|
|
memcpy(msg->aes_key_data, key->key, key->keylen);
|
|
memcpy(msg->rx_sequence_counter, seq->ccmp.pn, sizeof(seq->ccmp.pn));
|
|
memreverse(msg->rx_sequence_counter, sizeof(seq->ccmp.pn));
|
|
msg->key_id = key->keyidx;
|
|
return HIF_KEY_TYPE_AES_GROUP;
|
|
}
|
|
|
|
static u8 fill_sms4_pair(struct wfx_hif_wapi_pairwise_key *msg,
|
|
struct ieee80211_key_conf *key, u8 *peer_addr)
|
|
{
|
|
u8 *keybuf = key->key;
|
|
|
|
WARN(key->keylen != sizeof(msg->wapi_key_data) + sizeof(msg->mic_key_data),
|
|
"inconsistent data");
|
|
ether_addr_copy(msg->peer_address, peer_addr);
|
|
memcpy(msg->wapi_key_data, keybuf, sizeof(msg->wapi_key_data));
|
|
keybuf += sizeof(msg->wapi_key_data);
|
|
memcpy(msg->mic_key_data, keybuf, sizeof(msg->mic_key_data));
|
|
msg->key_id = key->keyidx;
|
|
return HIF_KEY_TYPE_WAPI_PAIRWISE;
|
|
}
|
|
|
|
static u8 fill_sms4_group(struct wfx_hif_wapi_group_key *msg,
|
|
struct ieee80211_key_conf *key)
|
|
{
|
|
u8 *keybuf = key->key;
|
|
|
|
WARN(key->keylen != sizeof(msg->wapi_key_data) + sizeof(msg->mic_key_data),
|
|
"inconsistent data");
|
|
memcpy(msg->wapi_key_data, keybuf, sizeof(msg->wapi_key_data));
|
|
keybuf += sizeof(msg->wapi_key_data);
|
|
memcpy(msg->mic_key_data, keybuf, sizeof(msg->mic_key_data));
|
|
msg->key_id = key->keyidx;
|
|
return HIF_KEY_TYPE_WAPI_GROUP;
|
|
}
|
|
|
|
static u8 fill_aes_cmac_group(struct wfx_hif_igtk_group_key *msg,
|
|
struct ieee80211_key_conf *key, struct ieee80211_key_seq *seq)
|
|
{
|
|
WARN(key->keylen != sizeof(msg->igtk_key_data), "inconsistent data");
|
|
memcpy(msg->igtk_key_data, key->key, key->keylen);
|
|
memcpy(msg->ipn, seq->aes_cmac.pn, sizeof(seq->aes_cmac.pn));
|
|
memreverse(msg->ipn, sizeof(seq->aes_cmac.pn));
|
|
msg->key_id = key->keyidx;
|
|
return HIF_KEY_TYPE_IGTK_GROUP;
|
|
}
|
|
|
|
static int wfx_add_key(struct wfx_vif *wvif, struct ieee80211_sta *sta,
|
|
struct ieee80211_key_conf *key)
|
|
{
|
|
int ret;
|
|
struct wfx_hif_req_add_key k = { };
|
|
struct ieee80211_key_seq seq;
|
|
struct wfx_dev *wdev = wvif->wdev;
|
|
int idx = wfx_alloc_key(wvif->wdev);
|
|
bool pairwise = key->flags & IEEE80211_KEY_FLAG_PAIRWISE;
|
|
struct ieee80211_vif *vif = wvif_to_vif(wvif);
|
|
|
|
WARN(key->flags & IEEE80211_KEY_FLAG_PAIRWISE && !sta, "inconsistent data");
|
|
ieee80211_get_key_rx_seq(key, 0, &seq);
|
|
if (idx < 0)
|
|
return -EINVAL;
|
|
k.int_id = wvif->id;
|
|
k.entry_index = idx;
|
|
if (key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
|
|
key->cipher == WLAN_CIPHER_SUITE_WEP104) {
|
|
if (pairwise)
|
|
k.type = fill_wep_pair(&k.key.wep_pairwise_key, key, sta->addr);
|
|
else
|
|
k.type = fill_wep_group(&k.key.wep_group_key, key);
|
|
} else if (key->cipher == WLAN_CIPHER_SUITE_TKIP) {
|
|
if (pairwise)
|
|
k.type = fill_tkip_pair(&k.key.tkip_pairwise_key, key, sta->addr);
|
|
else
|
|
k.type = fill_tkip_group(&k.key.tkip_group_key, key, &seq,
|
|
vif->type);
|
|
} else if (key->cipher == WLAN_CIPHER_SUITE_CCMP) {
|
|
if (pairwise)
|
|
k.type = fill_ccmp_pair(&k.key.aes_pairwise_key, key, sta->addr);
|
|
else
|
|
k.type = fill_ccmp_group(&k.key.aes_group_key, key, &seq);
|
|
} else if (key->cipher == WLAN_CIPHER_SUITE_SMS4) {
|
|
if (pairwise)
|
|
k.type = fill_sms4_pair(&k.key.wapi_pairwise_key, key, sta->addr);
|
|
else
|
|
k.type = fill_sms4_group(&k.key.wapi_group_key, key);
|
|
} else if (key->cipher == WLAN_CIPHER_SUITE_AES_CMAC) {
|
|
k.type = fill_aes_cmac_group(&k.key.igtk_group_key, key, &seq);
|
|
key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIE;
|
|
} else {
|
|
dev_warn(wdev->dev, "unsupported key type %d\n", key->cipher);
|
|
wfx_free_key(wdev, idx);
|
|
return -EOPNOTSUPP;
|
|
}
|
|
ret = wfx_hif_add_key(wdev, &k);
|
|
if (ret) {
|
|
wfx_free_key(wdev, idx);
|
|
return -EOPNOTSUPP;
|
|
}
|
|
key->flags |= IEEE80211_KEY_FLAG_PUT_IV_SPACE | IEEE80211_KEY_FLAG_RESERVE_TAILROOM;
|
|
key->hw_key_idx = idx;
|
|
return 0;
|
|
}
|
|
|
|
static int wfx_remove_key(struct wfx_vif *wvif, struct ieee80211_key_conf *key)
|
|
{
|
|
WARN(key->hw_key_idx >= MAX_KEY_ENTRIES, "corrupted hw_key_idx");
|
|
wfx_free_key(wvif->wdev, key->hw_key_idx);
|
|
return wfx_hif_remove_key(wvif->wdev, key->hw_key_idx);
|
|
}
|
|
|
|
int wfx_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd, struct ieee80211_vif *vif,
|
|
struct ieee80211_sta *sta, struct ieee80211_key_conf *key)
|
|
{
|
|
int ret = -EOPNOTSUPP;
|
|
struct wfx_vif *wvif = (struct wfx_vif *)vif->drv_priv;
|
|
|
|
mutex_lock(&wvif->wdev->conf_mutex);
|
|
if (cmd == SET_KEY)
|
|
ret = wfx_add_key(wvif, sta, key);
|
|
if (cmd == DISABLE_KEY)
|
|
ret = wfx_remove_key(wvif, key);
|
|
mutex_unlock(&wvif->wdev->conf_mutex);
|
|
return ret;
|
|
}
|