search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Alpha: Fix a missing comma in sys_osf_statfs()
[linux-2.6/x86.git] / net / mac80211 / key.c
blob1b9d87ed143a1a3b3e46e31f5649ba67f68321b2
1 /*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
10 */
11
12 #include <linux/if_ether.h>
13 #include <linux/etherdevice.h>
14 #include <linux/list.h>
15 #include <linux/rcupdate.h>
16 #include <linux/rtnetlink.h>
17 #include <linux/slab.h>
18 #include <net/mac80211.h>
19 #include "ieee80211_i.h"
20 #include "driver-ops.h"
21 #include "debugfs_key.h"
22 #include "aes_ccm.h"
23 #include "aes_cmac.h"
24
25
26 /**
27 * DOC: Key handling basics
28 *
29 * Key handling in mac80211 is done based on per-interface (sub_if_data)
30 * keys and per-station keys. Since each station belongs to an interface,
31 * each station key also belongs to that interface.
32 *
33 * Hardware acceleration is done on a best-effort basis, for each key
34 * that is eligible the hardware is asked to enable that key but if
35 * it cannot do that they key is simply kept for software encryption.
36 * There is currently no way of knowing this except by looking into
37 * debugfs.
38 *
39 * All key operations are protected internally.
40 *
41 * Within mac80211, key references are, just as STA structure references,
42 * protected by RCU. Note, however, that some things are unprotected,
43 * namely the key->sta dereferences within the hardware acceleration
44 * functions. This means that sta_info_destroy() must remove the key
45 * which waits for an RCU grace period.
46 */
47
48 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
49
50 static void assert_key_lock(struct ieee80211_local *local)
51 {
52 WARN_ON(!mutex_is_locked(&local->key_mtx));
53 }
54
55 static struct ieee80211_sta *get_sta_for_key(struct ieee80211_key *key)
56 {
57 if (key->sta)
58 return &key->sta->sta;
59
60 return NULL;
61 }
62
63 static void ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
64 {
65 struct ieee80211_sub_if_data *sdata;
66 struct ieee80211_sta *sta;
67 int ret;
68
69 might_sleep();
70
71 if (!key->local->ops->set_key)
72 return;
73
74 assert_key_lock(key->local);
75
76 sta = get_sta_for_key(key);
77
78 sdata = key->sdata;
79 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
80 sdata = container_of(sdata->bss,
81 struct ieee80211_sub_if_data,
82 u.ap);
83
84 ret = drv_set_key(key->local, SET_KEY, sdata, sta, &key->conf);
85
86 if (!ret)
87 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
88
89 if (ret && ret != -ENOSPC && ret != -EOPNOTSUPP)
90 printk(KERN_ERR "mac80211-%s: failed to set key "
91 "(%d, %pM) to hardware (%d)\n",
92 wiphy_name(key->local->hw.wiphy),
93 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret);
94 }
95
96 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
97 {
98 struct ieee80211_sub_if_data *sdata;
99 struct ieee80211_sta *sta;
100 int ret;
101
102 might_sleep();
103
104 if (!key || !key->local->ops->set_key)
105 return;
106
107 assert_key_lock(key->local);
108
109 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
110 return;
111
112 sta = get_sta_for_key(key);
113 sdata = key->sdata;
114
115 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
116 sdata = container_of(sdata->bss,
117 struct ieee80211_sub_if_data,
118 u.ap);
119
120 ret = drv_set_key(key->local, DISABLE_KEY, sdata,
121 sta, &key->conf);
122
123 if (ret)
124 printk(KERN_ERR "mac80211-%s: failed to remove key "
125 "(%d, %pM) from hardware (%d)\n",
126 wiphy_name(key->local->hw.wiphy),
127 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret);
128
129 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
130 }
131
132 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
133 int idx)
134 {
135 struct ieee80211_key *key = NULL;
136
137 assert_key_lock(sdata->local);
138
139 if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
140 key = sdata->keys[idx];
141
142 rcu_assign_pointer(sdata->default_key, key);
143
144 if (key) {
145 ieee80211_debugfs_key_remove_default(key->sdata);
146 ieee80211_debugfs_key_add_default(key->sdata);
147 }
148 }
149
150 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx)
151 {
152 mutex_lock(&sdata->local->key_mtx);
153 __ieee80211_set_default_key(sdata, idx);
154 mutex_unlock(&sdata->local->key_mtx);
155 }
156
157 static void
158 __ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx)
159 {
160 struct ieee80211_key *key = NULL;
161
162 assert_key_lock(sdata->local);
163
164 if (idx >= NUM_DEFAULT_KEYS &&
165 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
166 key = sdata->keys[idx];
167
168 rcu_assign_pointer(sdata->default_mgmt_key, key);
169
170 if (key) {
171 ieee80211_debugfs_key_remove_mgmt_default(key->sdata);
172 ieee80211_debugfs_key_add_mgmt_default(key->sdata);
173 }
174 }
175
176 void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata,
177 int idx)
178 {
179 mutex_lock(&sdata->local->key_mtx);
180 __ieee80211_set_default_mgmt_key(sdata, idx);
181 mutex_unlock(&sdata->local->key_mtx);
182 }
183
184
185 static void __ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
186 struct sta_info *sta,
187 struct ieee80211_key *old,
188 struct ieee80211_key *new)
189 {
190 int idx, defkey, defmgmtkey;
191
192 if (new)
193 list_add(&new->list, &sdata->key_list);
194
195 if (sta) {
196 rcu_assign_pointer(sta->key, new);
197 } else {
198 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
199
200 if (old)
201 idx = old->conf.keyidx;
202 else
203 idx = new->conf.keyidx;
204
205 defkey = old && sdata->default_key == old;
206 defmgmtkey = old && sdata->default_mgmt_key == old;
207
208 if (defkey && !new)
209 __ieee80211_set_default_key(sdata, -1);
210 if (defmgmtkey && !new)
211 __ieee80211_set_default_mgmt_key(sdata, -1);
212
213 rcu_assign_pointer(sdata->keys[idx], new);
214 if (defkey && new)
215 __ieee80211_set_default_key(sdata, new->conf.keyidx);
216 if (defmgmtkey && new)
217 __ieee80211_set_default_mgmt_key(sdata,
218 new->conf.keyidx);
219 }
220
221 if (old) {
222 /*
223 * We'll use an empty list to indicate that the key
224 * has already been removed.
225 */
226 list_del_init(&old->list);
227 }
228 }
229
230 struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg,
231 int idx,
232 size_t key_len,
233 const u8 *key_data,
234 size_t seq_len, const u8 *seq)
235 {
236 struct ieee80211_key *key;
237 int i, j;
238
239 BUG_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS);
240
241 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
242 if (!key)
243 return NULL;
244
245 /*
246 * Default to software encryption; we'll later upload the
247 * key to the hardware if possible.
248 */
249 key->conf.flags = 0;
250 key->flags = 0;
251
252 key->conf.alg = alg;
253 key->conf.keyidx = idx;
254 key->conf.keylen = key_len;
255 switch (alg) {
256 case ALG_WEP:
257 key->conf.iv_len = WEP_IV_LEN;
258 key->conf.icv_len = WEP_ICV_LEN;
259 break;
260 case ALG_TKIP:
261 key->conf.iv_len = TKIP_IV_LEN;
262 key->conf.icv_len = TKIP_ICV_LEN;
263 if (seq) {
264 for (i = 0; i < NUM_RX_DATA_QUEUES; i++) {
265 key->u.tkip.rx[i].iv32 =
266 get_unaligned_le32(&seq[2]);
267 key->u.tkip.rx[i].iv16 =
268 get_unaligned_le16(seq);
269 }
270 }
271 break;
272 case ALG_CCMP:
273 key->conf.iv_len = CCMP_HDR_LEN;
274 key->conf.icv_len = CCMP_MIC_LEN;
275 if (seq) {
276 for (i = 0; i < NUM_RX_DATA_QUEUES + 1; i++)
277 for (j = 0; j < CCMP_PN_LEN; j++)
278 key->u.ccmp.rx_pn[i][j] =
279 seq[CCMP_PN_LEN - j - 1];
280 }
281 break;
282 case ALG_AES_CMAC:
283 key->conf.iv_len = 0;
284 key->conf.icv_len = sizeof(struct ieee80211_mmie);
285 if (seq)
286 for (j = 0; j < 6; j++)
287 key->u.aes_cmac.rx_pn[j] = seq[6 - j - 1];
288 break;
289 }
290 memcpy(key->conf.key, key_data, key_len);
291 INIT_LIST_HEAD(&key->list);
292
293 if (alg == ALG_CCMP) {
294 /*
295 * Initialize AES key state here as an optimization so that
296 * it does not need to be initialized for every packet.
297 */
298 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(key_data);
299 if (!key->u.ccmp.tfm) {
300 kfree(key);
301 return NULL;
302 }
303 }
304
305 if (alg == ALG_AES_CMAC) {
306 /*
307 * Initialize AES key state here as an optimization so that
308 * it does not need to be initialized for every packet.
309 */
310 key->u.aes_cmac.tfm =
311 ieee80211_aes_cmac_key_setup(key_data);
312 if (!key->u.aes_cmac.tfm) {
313 kfree(key);
314 return NULL;
315 }
316 }
317
318 return key;
319 }
320
321 static void __ieee80211_key_destroy(struct ieee80211_key *key)
322 {
323 if (!key)
324 return;
325
326 if (key->local)
327 ieee80211_key_disable_hw_accel(key);
328
329 if (key->conf.alg == ALG_CCMP)
330 ieee80211_aes_key_free(key->u.ccmp.tfm);
331 if (key->conf.alg == ALG_AES_CMAC)
332 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
333 if (key->local)
334 ieee80211_debugfs_key_remove(key);
335
336 kfree(key);
337 }
338
339 void ieee80211_key_link(struct ieee80211_key *key,
340 struct ieee80211_sub_if_data *sdata,
341 struct sta_info *sta)
342 {
343 struct ieee80211_key *old_key;
344 int idx;
345
346 BUG_ON(!sdata);
347 BUG_ON(!key);
348
349 idx = key->conf.keyidx;
350 key->local = sdata->local;
351 key->sdata = sdata;
352 key->sta = sta;
353
354 if (sta) {
355 /*
356 * some hardware cannot handle TKIP with QoS, so
357 * we indicate whether QoS could be in use.
358 */
359 if (test_sta_flags(sta, WLAN_STA_WME))
360 key->conf.flags |= IEEE80211_KEY_FLAG_WMM_STA;
361
362 /*
363 * This key is for a specific sta interface,
364 * inform the driver that it should try to store
365 * this key as pairwise key.
366 */
367 key->conf.flags |= IEEE80211_KEY_FLAG_PAIRWISE;
368 } else {
369 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
370 struct sta_info *ap;
371
372 /*
373 * We're getting a sta pointer in,
374 * so must be under RCU read lock.
375 */
376
377 /* same here, the AP could be using QoS */
378 ap = sta_info_get(key->sdata, key->sdata->u.mgd.bssid);
379 if (ap) {
380 if (test_sta_flags(ap, WLAN_STA_WME))
381 key->conf.flags |=
382 IEEE80211_KEY_FLAG_WMM_STA;
383 }
384 }
385 }
386
387 mutex_lock(&sdata->local->key_mtx);
388
389 if (sta)
390 old_key = sta->key;
391 else
392 old_key = sdata->keys[idx];
393
394 __ieee80211_key_replace(sdata, sta, old_key, key);
395 __ieee80211_key_destroy(old_key);
396
397 ieee80211_debugfs_key_add(key);
398
399 ieee80211_key_enable_hw_accel(key);
400
401 mutex_unlock(&sdata->local->key_mtx);
402 }
403
404 static void __ieee80211_key_free(struct ieee80211_key *key)
405 {
406 /*
407 * Replace key with nothingness if it was ever used.
408 */
409 if (key->sdata)
410 __ieee80211_key_replace(key->sdata, key->sta,
411 key, NULL);
412 __ieee80211_key_destroy(key);
413 }
414
415 void ieee80211_key_free(struct ieee80211_local *local,
416 struct ieee80211_key *key)
417 {
418 if (!key)
419 return;
420
421 mutex_lock(&local->key_mtx);
422 __ieee80211_key_free(key);
423 mutex_unlock(&local->key_mtx);
424 }
425
426 void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata)
427 {
428 struct ieee80211_key *key;
429
430 ASSERT_RTNL();
431
432 if (WARN_ON(!ieee80211_sdata_running(sdata)))
433 return;
434
435 mutex_lock(&sdata->local->key_mtx);
436
437 list_for_each_entry(key, &sdata->key_list, list)
438 ieee80211_key_enable_hw_accel(key);
439
440 mutex_unlock(&sdata->local->key_mtx);
441 }
442
443 void ieee80211_disable_keys(struct ieee80211_sub_if_data *sdata)
444 {
445 struct ieee80211_key *key;
446
447 ASSERT_RTNL();
448
449 mutex_lock(&sdata->local->key_mtx);
450
451 list_for_each_entry(key, &sdata->key_list, list)
452 ieee80211_key_disable_hw_accel(key);
453
454 mutex_unlock(&sdata->local->key_mtx);
455 }
456
457 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata)
458 {
459 struct ieee80211_key *key, *tmp;
460
461 mutex_lock(&sdata->local->key_mtx);
462
463 ieee80211_debugfs_key_remove_default(sdata);
464 ieee80211_debugfs_key_remove_mgmt_default(sdata);
465
466 list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
467 __ieee80211_key_free(key);
468
469 mutex_unlock(&sdata->local->key_mtx);
470 }
x86 "subsystem" repository