key.h (4815B)
1/* SPDX-License-Identifier: GPL-2.0-only */ 2/* 3 * Copyright 2002-2004, Instant802 Networks, Inc. 4 * Copyright 2005, Devicescape Software, Inc. 5 * Copyright (C) 2019 Intel Corporation 6 */ 7 8#ifndef IEEE80211_KEY_H 9#define IEEE80211_KEY_H 10 11#include <linux/types.h> 12#include <linux/list.h> 13#include <linux/crypto.h> 14#include <linux/rcupdate.h> 15#include <crypto/arc4.h> 16#include <net/mac80211.h> 17 18#define NUM_DEFAULT_KEYS 4 19#define NUM_DEFAULT_MGMT_KEYS 2 20#define NUM_DEFAULT_BEACON_KEYS 2 21#define INVALID_PTK_KEYIDX 2 /* Keyidx always pointing to a NULL key for PTK */ 22 23struct ieee80211_local; 24struct ieee80211_sub_if_data; 25struct sta_info; 26 27/** 28 * enum ieee80211_internal_key_flags - internal key flags 29 * 30 * @KEY_FLAG_UPLOADED_TO_HARDWARE: Indicates that this key is present 31 * in the hardware for TX crypto hardware acceleration. 32 * @KEY_FLAG_TAINTED: Key is tainted and packets should be dropped. 33 * @KEY_FLAG_CIPHER_SCHEME: This key is for a hardware cipher scheme 34 */ 35enum ieee80211_internal_key_flags { 36 KEY_FLAG_UPLOADED_TO_HARDWARE = BIT(0), 37 KEY_FLAG_TAINTED = BIT(1), 38 KEY_FLAG_CIPHER_SCHEME = BIT(2), 39}; 40 41enum ieee80211_internal_tkip_state { 42 TKIP_STATE_NOT_INIT, 43 TKIP_STATE_PHASE1_DONE, 44 TKIP_STATE_PHASE1_HW_UPLOADED, 45}; 46 47struct tkip_ctx { 48 u16 p1k[5]; /* p1k cache */ 49 u32 p1k_iv32; /* iv32 for which p1k computed */ 50 enum ieee80211_internal_tkip_state state; 51}; 52 53struct tkip_ctx_rx { 54 struct tkip_ctx ctx; 55 u32 iv32; /* current iv32 */ 56 u16 iv16; /* current iv16 */ 57}; 58 59struct ieee80211_key { 60 struct ieee80211_local *local; 61 struct ieee80211_sub_if_data *sdata; 62 struct sta_info *sta; 63 64 /* for sdata list */ 65 struct list_head list; 66 67 /* protected by key mutex */ 68 unsigned int flags; 69 70 union { 71 struct { 72 /* protects tx context */ 73 spinlock_t txlock; 74 75 /* last used TSC */ 76 struct tkip_ctx tx; 77 78 /* last received RSC */ 79 struct tkip_ctx_rx rx[IEEE80211_NUM_TIDS]; 80 81 /* number of mic failures */ 82 u32 mic_failures; 83 } tkip; 84 struct { 85 /* 86 * Last received packet number. The first 87 * IEEE80211_NUM_TIDS counters are used with Data 88 * frames and the last counter is used with Robust 89 * Management frames. 90 */ 91 u8 rx_pn[IEEE80211_NUM_TIDS + 1][IEEE80211_CCMP_PN_LEN]; 92 struct crypto_aead *tfm; 93 u32 replays; /* dot11RSNAStatsCCMPReplays */ 94 } ccmp; 95 struct { 96 u8 rx_pn[IEEE80211_CMAC_PN_LEN]; 97 struct crypto_shash *tfm; 98 u32 replays; /* dot11RSNAStatsCMACReplays */ 99 u32 icverrors; /* dot11RSNAStatsCMACICVErrors */ 100 } aes_cmac; 101 struct { 102 u8 rx_pn[IEEE80211_GMAC_PN_LEN]; 103 struct crypto_aead *tfm; 104 u32 replays; /* dot11RSNAStatsCMACReplays */ 105 u32 icverrors; /* dot11RSNAStatsCMACICVErrors */ 106 } aes_gmac; 107 struct { 108 /* Last received packet number. The first 109 * IEEE80211_NUM_TIDS counters are used with Data 110 * frames and the last counter is used with Robust 111 * Management frames. 112 */ 113 u8 rx_pn[IEEE80211_NUM_TIDS + 1][IEEE80211_GCMP_PN_LEN]; 114 struct crypto_aead *tfm; 115 u32 replays; /* dot11RSNAStatsGCMPReplays */ 116 } gcmp; 117 struct { 118 /* generic cipher scheme */ 119 u8 rx_pn[IEEE80211_NUM_TIDS + 1][IEEE80211_MAX_PN_LEN]; 120 } gen; 121 } u; 122 123#ifdef CONFIG_MAC80211_DEBUGFS 124 struct { 125 struct dentry *stalink; 126 struct dentry *dir; 127 int cnt; 128 } debugfs; 129#endif 130 131 unsigned int color; 132 133 /* 134 * key config, must be last because it contains key 135 * material as variable length member 136 */ 137 struct ieee80211_key_conf conf; 138}; 139 140struct ieee80211_key * 141ieee80211_key_alloc(u32 cipher, int idx, size_t key_len, 142 const u8 *key_data, 143 size_t seq_len, const u8 *seq, 144 const struct ieee80211_cipher_scheme *cs); 145/* 146 * Insert a key into data structures (sdata, sta if necessary) 147 * to make it used, free old key. On failure, also free the new key. 148 */ 149int ieee80211_key_link(struct ieee80211_key *key, 150 struct ieee80211_sub_if_data *sdata, 151 struct sta_info *sta); 152int ieee80211_set_tx_key(struct ieee80211_key *key); 153void ieee80211_key_free(struct ieee80211_key *key, bool delay_tailroom); 154void ieee80211_key_free_unused(struct ieee80211_key *key); 155void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx, 156 bool uni, bool multi); 157void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, 158 int idx); 159void ieee80211_set_default_beacon_key(struct ieee80211_sub_if_data *sdata, 160 int idx); 161void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata, 162 bool force_synchronize); 163void ieee80211_free_sta_keys(struct ieee80211_local *local, 164 struct sta_info *sta); 165void ieee80211_reenable_keys(struct ieee80211_sub_if_data *sdata); 166 167#define key_mtx_dereference(local, ref) \ 168 rcu_dereference_protected(ref, lockdep_is_held(&((local)->key_mtx))) 169 170void ieee80211_delayed_tailroom_dec(struct work_struct *wk); 171 172#endif /* IEEE80211_KEY_H */