2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net>
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
12 #include <linux/if_ether.h>
13 #include <linux/etherdevice.h>
14 #include <linux/list.h>
15 #include <linux/rcupdate.h>
16 #include <linux/rtnetlink.h>
17 #include <net/mac80211.h>
18 #include "ieee80211_i.h"
19 #include "debugfs_key.h"
24 * DOC: Key handling basics
26 * Key handling in mac80211 is done based on per-interface (sub_if_data)
27 * keys and per-station keys. Since each station belongs to an interface,
28 * each station key also belongs to that interface.
30 * Hardware acceleration is done on a best-effort basis, for each key
31 * that is eligible the hardware is asked to enable that key but if
32 * it cannot do that they key is simply kept for software encryption.
33 * There is currently no way of knowing this except by looking into
36 * All key operations are protected internally so you can call them at
39 * Within mac80211, key references are, just as STA structure references,
40 * protected by RCU. Note, however, that some things are unprotected,
41 * namely the key->sta dereferences within the hardware acceleration
42 * functions. This means that sta_info_destroy() must flush the key todo
45 * All the direct key list manipulation functions must not sleep because
46 * they can operate on STA info structs that are protected by RCU.
49 static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
51 /* key mutex: used to synchronise todo runners */
52 static DEFINE_MUTEX(key_mutex);
53 static DEFINE_SPINLOCK(todo_lock);
54 static LIST_HEAD(todo_list);
56 static void key_todo(struct work_struct *work)
61 static DECLARE_WORK(todo_work, key_todo);
64 * add_todo - add todo item for a key
66 * @key: key to add to do item for
69 static void add_todo(struct ieee80211_key *key, u32 flag)
74 spin_lock(&todo_lock);
77 * Remove again if already on the list so that we move it to the end.
79 if (!list_empty(&key->todo))
81 list_add_tail(&key->todo, &todo_list);
82 schedule_work(&todo_work);
83 spin_unlock(&todo_lock);
87 * ieee80211_key_lock - lock the mac80211 key operation lock
89 * This locks the (global) mac80211 key operation lock, all
90 * key operations must be done under this lock.
92 static void ieee80211_key_lock(void)
94 mutex_lock(&key_mutex);
98 * ieee80211_key_unlock - unlock the mac80211 key operation lock
100 static void ieee80211_key_unlock(void)
102 mutex_unlock(&key_mutex);
105 static void assert_key_lock(void)
107 WARN_ON(!mutex_is_locked(&key_mutex));
110 static struct ieee80211_sta *get_sta_for_key(struct ieee80211_key *key)
113 return &key->sta->sta;
118 static void ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
120 struct ieee80211_sub_if_data *sdata;
121 struct ieee80211_sta *sta;
127 if (!key->local->ops->set_key)
130 sta = get_sta_for_key(key);
133 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
134 sdata = container_of(sdata->bss,
135 struct ieee80211_sub_if_data,
138 ret = key->local->ops->set_key(local_to_hw(key->local), SET_KEY,
139 &sdata->vif, sta, &key->conf);
142 spin_lock(&todo_lock);
143 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
144 spin_unlock(&todo_lock);
147 if (ret && ret != -ENOSPC && ret != -EOPNOTSUPP)
148 printk(KERN_ERR "mac80211-%s: failed to set key "
149 "(%d, %pM) to hardware (%d)\n",
150 wiphy_name(key->local->hw.wiphy),
151 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret);
154 static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
156 struct ieee80211_sub_if_data *sdata;
157 struct ieee80211_sta *sta;
163 if (!key || !key->local->ops->set_key)
166 spin_lock(&todo_lock);
167 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) {
168 spin_unlock(&todo_lock);
171 spin_unlock(&todo_lock);
173 sta = get_sta_for_key(key);
176 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
177 sdata = container_of(sdata->bss,
178 struct ieee80211_sub_if_data,
181 ret = key->local->ops->set_key(local_to_hw(key->local), DISABLE_KEY,
182 &sdata->vif, sta, &key->conf);
185 printk(KERN_ERR "mac80211-%s: failed to remove key "
186 "(%d, %pM) from hardware (%d)\n",
187 wiphy_name(key->local->hw.wiphy),
188 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret);
190 spin_lock(&todo_lock);
191 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
192 spin_unlock(&todo_lock);
195 static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata,
198 struct ieee80211_key *key = NULL;
200 if (idx >= 0 && idx < NUM_DEFAULT_KEYS)
201 key = sdata->keys[idx];
203 rcu_assign_pointer(sdata->default_key, key);
206 add_todo(key, KEY_FLAG_TODO_DEFKEY);
209 void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx)
213 spin_lock_irqsave(&sdata->local->key_lock, flags);
214 __ieee80211_set_default_key(sdata, idx);
215 spin_unlock_irqrestore(&sdata->local->key_lock, flags);
219 static void __ieee80211_key_replace(struct ieee80211_sub_if_data *sdata,
220 struct sta_info *sta,
221 struct ieee80211_key *old,
222 struct ieee80211_key *new)
227 list_add(&new->list, &sdata->key_list);
230 rcu_assign_pointer(sta->key, new);
232 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx);
235 idx = old->conf.keyidx;
237 idx = new->conf.keyidx;
239 defkey = old && sdata->default_key == old;
242 __ieee80211_set_default_key(sdata, -1);
244 rcu_assign_pointer(sdata->keys[idx], new);
246 __ieee80211_set_default_key(sdata, new->conf.keyidx);
251 * We'll use an empty list to indicate that the key
252 * has already been removed.
254 list_del_init(&old->list);
258 struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg,
263 struct ieee80211_key *key;
265 BUG_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS);
267 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
272 * Default to software encryption; we'll later upload the
273 * key to the hardware if possible.
279 key->conf.keyidx = idx;
280 key->conf.keylen = key_len;
283 key->conf.iv_len = WEP_IV_LEN;
284 key->conf.icv_len = WEP_ICV_LEN;
287 key->conf.iv_len = TKIP_IV_LEN;
288 key->conf.icv_len = TKIP_ICV_LEN;
291 key->conf.iv_len = CCMP_HDR_LEN;
292 key->conf.icv_len = CCMP_MIC_LEN;
295 memcpy(key->conf.key, key_data, key_len);
296 INIT_LIST_HEAD(&key->list);
297 INIT_LIST_HEAD(&key->todo);
299 if (alg == ALG_CCMP) {
301 * Initialize AES key state here as an optimization so that
302 * it does not need to be initialized for every packet.
304 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(key_data);
305 if (!key->u.ccmp.tfm) {
314 void ieee80211_key_link(struct ieee80211_key *key,
315 struct ieee80211_sub_if_data *sdata,
316 struct sta_info *sta)
318 struct ieee80211_key *old_key;
325 idx = key->conf.keyidx;
326 key->local = sdata->local;
332 * some hardware cannot handle TKIP with QoS, so
333 * we indicate whether QoS could be in use.
335 if (test_sta_flags(sta, WLAN_STA_WME))
336 key->conf.flags |= IEEE80211_KEY_FLAG_WMM_STA;
339 * This key is for a specific sta interface,
340 * inform the driver that it should try to store
341 * this key as pairwise key.
343 key->conf.flags |= IEEE80211_KEY_FLAG_PAIRWISE;
345 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
349 * We're getting a sta pointer in,
350 * so must be under RCU read lock.
353 /* same here, the AP could be using QoS */
354 ap = sta_info_get(key->local, key->sdata->u.sta.bssid);
356 if (test_sta_flags(ap, WLAN_STA_WME))
358 IEEE80211_KEY_FLAG_WMM_STA;
363 spin_lock_irqsave(&sdata->local->key_lock, flags);
368 old_key = sdata->keys[idx];
370 __ieee80211_key_replace(sdata, sta, old_key, key);
372 spin_unlock_irqrestore(&sdata->local->key_lock, flags);
374 /* free old key later */
375 add_todo(old_key, KEY_FLAG_TODO_DELETE);
377 add_todo(key, KEY_FLAG_TODO_ADD_DEBUGFS);
378 if (netif_running(sdata->dev))
379 add_todo(key, KEY_FLAG_TODO_HWACCEL_ADD);
382 static void __ieee80211_key_free(struct ieee80211_key *key)
385 * Replace key with nothingness if it was ever used.
388 __ieee80211_key_replace(key->sdata, key->sta,
391 add_todo(key, KEY_FLAG_TODO_DELETE);
394 void ieee80211_key_free(struct ieee80211_key *key)
402 /* The key has not been linked yet, simply free it
404 if (key->conf.alg == ALG_CCMP)
405 ieee80211_aes_key_free(key->u.ccmp.tfm);
410 spin_lock_irqsave(&key->sdata->local->key_lock, flags);
411 __ieee80211_key_free(key);
412 spin_unlock_irqrestore(&key->sdata->local->key_lock, flags);
416 * To be safe against concurrent manipulations of the list (which shouldn't
417 * actually happen) we need to hold the spinlock. But under the spinlock we
418 * can't actually do much, so we defer processing to the todo list. Then run
419 * the todo list to be sure the operation and possibly previously pending
420 * operations are completed.
422 static void ieee80211_todo_for_each_key(struct ieee80211_sub_if_data *sdata,
425 struct ieee80211_key *key;
430 spin_lock_irqsave(&sdata->local->key_lock, flags);
431 list_for_each_entry(key, &sdata->key_list, list)
432 add_todo(key, todo_flags);
433 spin_unlock_irqrestore(&sdata->local->key_lock, flags);
435 ieee80211_key_todo();
438 void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata)
442 if (WARN_ON(!netif_running(sdata->dev)))
445 ieee80211_todo_for_each_key(sdata, KEY_FLAG_TODO_HWACCEL_ADD);
448 void ieee80211_disable_keys(struct ieee80211_sub_if_data *sdata)
452 ieee80211_todo_for_each_key(sdata, KEY_FLAG_TODO_HWACCEL_REMOVE);
455 static void __ieee80211_key_destroy(struct ieee80211_key *key)
460 ieee80211_key_disable_hw_accel(key);
462 if (key->conf.alg == ALG_CCMP)
463 ieee80211_aes_key_free(key->u.ccmp.tfm);
464 ieee80211_debugfs_key_remove(key);
469 static void __ieee80211_key_todo(void)
471 struct ieee80211_key *key;
476 * NB: sta_info_destroy relies on this!
480 spin_lock(&todo_lock);
481 while (!list_empty(&todo_list)) {
482 key = list_first_entry(&todo_list, struct ieee80211_key, todo);
483 list_del_init(&key->todo);
484 todoflags = key->flags & (KEY_FLAG_TODO_ADD_DEBUGFS |
485 KEY_FLAG_TODO_DEFKEY |
486 KEY_FLAG_TODO_HWACCEL_ADD |
487 KEY_FLAG_TODO_HWACCEL_REMOVE |
488 KEY_FLAG_TODO_DELETE);
489 key->flags &= ~todoflags;
490 spin_unlock(&todo_lock);
494 if (todoflags & KEY_FLAG_TODO_ADD_DEBUGFS) {
495 ieee80211_debugfs_key_add(key);
498 if (todoflags & KEY_FLAG_TODO_DEFKEY) {
499 ieee80211_debugfs_key_remove_default(key->sdata);
500 ieee80211_debugfs_key_add_default(key->sdata);
503 if (todoflags & KEY_FLAG_TODO_HWACCEL_ADD) {
504 ieee80211_key_enable_hw_accel(key);
507 if (todoflags & KEY_FLAG_TODO_HWACCEL_REMOVE) {
508 ieee80211_key_disable_hw_accel(key);
511 if (todoflags & KEY_FLAG_TODO_DELETE) {
512 __ieee80211_key_destroy(key);
518 spin_lock(&todo_lock);
520 spin_unlock(&todo_lock);
523 void ieee80211_key_todo(void)
525 ieee80211_key_lock();
526 __ieee80211_key_todo();
527 ieee80211_key_unlock();
530 void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata)
532 struct ieee80211_key *key, *tmp;
535 ieee80211_key_lock();
537 ieee80211_debugfs_key_remove_default(sdata);
539 spin_lock_irqsave(&sdata->local->key_lock, flags);
540 list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
541 __ieee80211_key_free(key);
542 spin_unlock_irqrestore(&sdata->local->key_lock, flags);
544 __ieee80211_key_todo();
546 ieee80211_key_unlock();