1 /* SPDX-License-Identifier: GPL-2.0-only */ 1 /* SPDX-License-Identifier: GPL-2.0-only */
2 /* 2 /*
3 * Copyright 2002-2004, Instant802 Networks, I 3 * Copyright 2002-2004, Instant802 Networks, Inc.
4 * Copyright 2005, Devicescape Software, Inc. 4 * Copyright 2005, Devicescape Software, Inc.
5 * Copyright (C) 2019, 2022-2023 Intel Corpora !! 5 * Copyright (C) 2019 Intel Corporation
6 */ 6 */
7 7
8 #ifndef IEEE80211_KEY_H 8 #ifndef IEEE80211_KEY_H
9 #define IEEE80211_KEY_H 9 #define IEEE80211_KEY_H
10 10
11 #include <linux/types.h> 11 #include <linux/types.h>
12 #include <linux/list.h> 12 #include <linux/list.h>
13 #include <linux/crypto.h> 13 #include <linux/crypto.h>
14 #include <linux/rcupdate.h> 14 #include <linux/rcupdate.h>
15 #include <crypto/arc4.h> 15 #include <crypto/arc4.h>
16 #include <net/mac80211.h> 16 #include <net/mac80211.h>
17 17
18 #define NUM_DEFAULT_KEYS 4 18 #define NUM_DEFAULT_KEYS 4
19 #define NUM_DEFAULT_MGMT_KEYS 2 19 #define NUM_DEFAULT_MGMT_KEYS 2
20 #define NUM_DEFAULT_BEACON_KEYS 2 20 #define NUM_DEFAULT_BEACON_KEYS 2
21 #define INVALID_PTK_KEYIDX 2 /* Keyidx always 21 #define INVALID_PTK_KEYIDX 2 /* Keyidx always pointing to a NULL key for PTK */
22 22
23 struct ieee80211_local; 23 struct ieee80211_local;
24 struct ieee80211_sub_if_data; 24 struct ieee80211_sub_if_data;
25 struct ieee80211_link_data; <<
26 struct sta_info; 25 struct sta_info;
27 26
28 /** 27 /**
29 * enum ieee80211_internal_key_flags - interna 28 * enum ieee80211_internal_key_flags - internal key flags
30 * 29 *
31 * @KEY_FLAG_UPLOADED_TO_HARDWARE: Indicates t 30 * @KEY_FLAG_UPLOADED_TO_HARDWARE: Indicates that this key is present
32 * in the hardware for TX crypto hardware 31 * in the hardware for TX crypto hardware acceleration.
33 * @KEY_FLAG_TAINTED: Key is tainted and packe 32 * @KEY_FLAG_TAINTED: Key is tainted and packets should be dropped.
>> 33 * @KEY_FLAG_CIPHER_SCHEME: This key is for a hardware cipher scheme
34 */ 34 */
35 enum ieee80211_internal_key_flags { 35 enum ieee80211_internal_key_flags {
36 KEY_FLAG_UPLOADED_TO_HARDWARE = BIT( 36 KEY_FLAG_UPLOADED_TO_HARDWARE = BIT(0),
37 KEY_FLAG_TAINTED = BIT( 37 KEY_FLAG_TAINTED = BIT(1),
>> 38 KEY_FLAG_CIPHER_SCHEME = BIT(2),
38 }; 39 };
39 40
40 enum ieee80211_internal_tkip_state { 41 enum ieee80211_internal_tkip_state {
41 TKIP_STATE_NOT_INIT, 42 TKIP_STATE_NOT_INIT,
42 TKIP_STATE_PHASE1_DONE, 43 TKIP_STATE_PHASE1_DONE,
43 TKIP_STATE_PHASE1_HW_UPLOADED, 44 TKIP_STATE_PHASE1_HW_UPLOADED,
44 }; 45 };
45 46
46 struct tkip_ctx { 47 struct tkip_ctx {
47 u16 p1k[5]; /* p1k cache */ 48 u16 p1k[5]; /* p1k cache */
48 u32 p1k_iv32; /* iv32 for which p1k 49 u32 p1k_iv32; /* iv32 for which p1k computed */
49 enum ieee80211_internal_tkip_state sta 50 enum ieee80211_internal_tkip_state state;
50 }; 51 };
51 52
52 struct tkip_ctx_rx { 53 struct tkip_ctx_rx {
53 struct tkip_ctx ctx; 54 struct tkip_ctx ctx;
54 u32 iv32; /* current iv32 */ 55 u32 iv32; /* current iv32 */
55 u16 iv16; /* current iv16 */ 56 u16 iv16; /* current iv16 */
56 }; 57 };
57 58
58 struct ieee80211_key { 59 struct ieee80211_key {
59 struct ieee80211_local *local; 60 struct ieee80211_local *local;
60 struct ieee80211_sub_if_data *sdata; 61 struct ieee80211_sub_if_data *sdata;
61 struct sta_info *sta; 62 struct sta_info *sta;
62 63
63 /* for sdata list */ 64 /* for sdata list */
64 struct list_head list; 65 struct list_head list;
65 66
66 /* protected by key mutex */ 67 /* protected by key mutex */
67 unsigned int flags; 68 unsigned int flags;
68 69
69 union { 70 union {
70 struct { 71 struct {
71 /* protects tx context 72 /* protects tx context */
72 spinlock_t txlock; 73 spinlock_t txlock;
73 74
74 /* last used TSC */ 75 /* last used TSC */
75 struct tkip_ctx tx; 76 struct tkip_ctx tx;
76 77
77 /* last received RSC * 78 /* last received RSC */
78 struct tkip_ctx_rx rx[ 79 struct tkip_ctx_rx rx[IEEE80211_NUM_TIDS];
79 80
80 /* number of mic failu 81 /* number of mic failures */
81 u32 mic_failures; 82 u32 mic_failures;
82 } tkip; 83 } tkip;
83 struct { 84 struct {
84 /* 85 /*
85 * Last received packe 86 * Last received packet number. The first
86 * IEEE80211_NUM_TIDS 87 * IEEE80211_NUM_TIDS counters are used with Data
87 * frames and the last 88 * frames and the last counter is used with Robust
88 * Management frames. 89 * Management frames.
89 */ 90 */
90 u8 rx_pn[IEEE80211_NUM 91 u8 rx_pn[IEEE80211_NUM_TIDS + 1][IEEE80211_CCMP_PN_LEN];
91 struct crypto_aead *tf 92 struct crypto_aead *tfm;
92 u32 replays; /* dot11R 93 u32 replays; /* dot11RSNAStatsCCMPReplays */
93 } ccmp; 94 } ccmp;
94 struct { 95 struct {
95 u8 rx_pn[IEEE80211_CMA 96 u8 rx_pn[IEEE80211_CMAC_PN_LEN];
96 struct crypto_shash *t 97 struct crypto_shash *tfm;
97 u32 replays; /* dot11R 98 u32 replays; /* dot11RSNAStatsCMACReplays */
98 u32 icverrors; /* dot1 99 u32 icverrors; /* dot11RSNAStatsCMACICVErrors */
99 } aes_cmac; 100 } aes_cmac;
100 struct { 101 struct {
101 u8 rx_pn[IEEE80211_GMA 102 u8 rx_pn[IEEE80211_GMAC_PN_LEN];
102 struct crypto_aead *tf 103 struct crypto_aead *tfm;
103 u32 replays; /* dot11R 104 u32 replays; /* dot11RSNAStatsCMACReplays */
104 u32 icverrors; /* dot1 105 u32 icverrors; /* dot11RSNAStatsCMACICVErrors */
105 } aes_gmac; 106 } aes_gmac;
106 struct { 107 struct {
107 /* Last received packe 108 /* Last received packet number. The first
108 * IEEE80211_NUM_TIDS 109 * IEEE80211_NUM_TIDS counters are used with Data
109 * frames and the last 110 * frames and the last counter is used with Robust
110 * Management frames. 111 * Management frames.
111 */ 112 */
112 u8 rx_pn[IEEE80211_NUM 113 u8 rx_pn[IEEE80211_NUM_TIDS + 1][IEEE80211_GCMP_PN_LEN];
113 struct crypto_aead *tf 114 struct crypto_aead *tfm;
114 u32 replays; /* dot11R 115 u32 replays; /* dot11RSNAStatsGCMPReplays */
115 } gcmp; 116 } gcmp;
116 struct { 117 struct {
117 /* generic cipher sche 118 /* generic cipher scheme */
118 u8 rx_pn[IEEE80211_NUM 119 u8 rx_pn[IEEE80211_NUM_TIDS + 1][IEEE80211_MAX_PN_LEN];
119 } gen; 120 } gen;
120 } u; 121 } u;
121 122
122 #ifdef CONFIG_MAC80211_DEBUGFS 123 #ifdef CONFIG_MAC80211_DEBUGFS
123 struct { 124 struct {
124 struct dentry *stalink; 125 struct dentry *stalink;
125 struct dentry *dir; 126 struct dentry *dir;
126 int cnt; 127 int cnt;
127 } debugfs; 128 } debugfs;
128 #endif 129 #endif
129 130
130 unsigned int color; 131 unsigned int color;
131 132
132 /* 133 /*
133 * key config, must be last because it 134 * key config, must be last because it contains key
134 * material as variable length member 135 * material as variable length member
135 */ 136 */
136 struct ieee80211_key_conf conf; 137 struct ieee80211_key_conf conf;
137 }; 138 };
138 139
139 struct ieee80211_key * 140 struct ieee80211_key *
140 ieee80211_key_alloc(u32 cipher, int idx, size_ 141 ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
141 const u8 *key_data, 142 const u8 *key_data,
142 size_t seq_len, const u8 * !! 143 size_t seq_len, const u8 *seq,
>> 144 const struct ieee80211_cipher_scheme *cs);
143 /* 145 /*
144 * Insert a key into data structures (sdata, s 146 * Insert a key into data structures (sdata, sta if necessary)
145 * to make it used, free old key. On failure, 147 * to make it used, free old key. On failure, also free the new key.
146 */ 148 */
147 int ieee80211_key_link(struct ieee80211_key *k 149 int ieee80211_key_link(struct ieee80211_key *key,
148 struct ieee80211_link_d !! 150 struct ieee80211_sub_if_data *sdata,
149 struct sta_info *sta); 151 struct sta_info *sta);
150 int ieee80211_set_tx_key(struct ieee80211_key 152 int ieee80211_set_tx_key(struct ieee80211_key *key);
151 void ieee80211_key_free(struct ieee80211_key * 153 void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom);
152 void ieee80211_key_free_unused(struct ieee8021 154 void ieee80211_key_free_unused(struct ieee80211_key *key);
153 void ieee80211_set_default_key(struct ieee8021 !! 155 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx,
154 bool uni, bool 156 bool uni, bool multi);
155 void ieee80211_set_default_mgmt_key(struct iee !! 157 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
156 int idx); 158 int idx);
157 void ieee80211_set_default_beacon_key(struct i !! 159 void ieee80211_set_default_beacon_key(struct ieee80211_sub_if_data *sdata,
158 int idx) 160 int idx);
159 void ieee80211_remove_link_keys(struct ieee802 <<
160 struct list_he <<
161 void ieee80211_free_key_list(struct ieee80211_ <<
162 struct list_head <<
163 void ieee80211_free_keys(struct ieee80211_sub_ 161 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata,
164 bool force_synchroniz 162 bool force_synchronize);
165 void ieee80211_free_sta_keys(struct ieee80211_ 163 void ieee80211_free_sta_keys(struct ieee80211_local *local,
166 struct sta_info * 164 struct sta_info *sta);
167 void ieee80211_reenable_keys(struct ieee80211_ 165 void ieee80211_reenable_keys(struct ieee80211_sub_if_data *sdata);
168 int ieee80211_key_switch_links(struct ieee8021 !! 166
169 unsigned long d !! 167 #define key_mtx_dereference(local, ref) \
170 unsigned long a !! 168 rcu_dereference_protected(ref, lockdep_is_held(&((local)->key_mtx)))
171 void ieee80211_delayed_tailroom_dec(struct wip !! 169
172 struct wip !! 170 void ieee80211_delayed_tailroom_dec(struct work_struct *wk);
173 171
174 #endif /* IEEE80211_KEY_H */ 172 #endif /* IEEE80211_KEY_H */
175 173
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.