aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2009-01-08 06:32:04 -0500
committerJohn W. Linville <linville@tuxdriver.com>2009-01-29 16:00:04 -0500
commit22787dbaa3b952602542506e0426ea6d5f104042 (patch)
tree47fe44523213bb66857c83faef185044c44c20e7
parent54604d3a827b37525ef017adba313c7112e0f484 (diff)
mac80211: 802.11w - WEXT configuration for IGTK
Added new SIOCSIWENCODEEXT algorithm for configuring BIP (AES-CMAC) keys (IGTK). Signed-off-by: Jouni Malinen <j@w1.fi> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-rw-r--r--include/linux/wireless.h1
-rw-r--r--net/mac80211/wext.c62
2 files changed, 49 insertions, 14 deletions
diff --git a/include/linux/wireless.h b/include/linux/wireless.h
index d426dce47e7c..5d1f3fbffd77 100644
--- a/include/linux/wireless.h
+++ b/include/linux/wireless.h
@@ -615,6 +615,7 @@
615#define IW_ENCODE_ALG_TKIP 2 615#define IW_ENCODE_ALG_TKIP 2
616#define IW_ENCODE_ALG_CCMP 3 616#define IW_ENCODE_ALG_CCMP 3
617#define IW_ENCODE_ALG_PMK 4 617#define IW_ENCODE_ALG_PMK 4
618#define IW_ENCODE_ALG_AES_CMAC 5
618/* struct iw_encode_ext ->ext_flags */ 619/* struct iw_encode_ext ->ext_flags */
619#define IW_ENCODE_EXT_TX_SEQ_VALID 0x00000001 620#define IW_ENCODE_EXT_TX_SEQ_VALID 0x00000001
620#define IW_ENCODE_EXT_RX_SEQ_VALID 0x00000002 621#define IW_ENCODE_EXT_RX_SEQ_VALID 0x00000002
diff --git a/net/mac80211/wext.c b/net/mac80211/wext.c
index c3b2dd5706fb..7ba1d5ba3afa 100644
--- a/net/mac80211/wext.c
+++ b/net/mac80211/wext.c
@@ -37,7 +37,14 @@ static int ieee80211_set_encryption(struct ieee80211_sub_if_data *sdata, u8 *sta
37 struct ieee80211_key *key; 37 struct ieee80211_key *key;
38 int err; 38 int err;
39 39
40 if (idx < 0 || idx >= NUM_DEFAULT_KEYS) { 40 if (alg == ALG_AES_CMAC) {
41 if (idx < NUM_DEFAULT_KEYS ||
42 idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) {
43 printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d "
44 "(BIP)\n", sdata->dev->name, idx);
45 return -EINVAL;
46 }
47 } else if (idx < 0 || idx >= NUM_DEFAULT_KEYS) {
41 printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d\n", 48 printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d\n",
42 sdata->dev->name, idx); 49 sdata->dev->name, idx);
43 return -EINVAL; 50 return -EINVAL;
@@ -103,6 +110,9 @@ static int ieee80211_set_encryption(struct ieee80211_sub_if_data *sdata, u8 *sta
103 110
104 if (set_tx_key || (!sta && !sdata->default_key && key)) 111 if (set_tx_key || (!sta && !sdata->default_key && key))
105 ieee80211_set_default_key(sdata, idx); 112 ieee80211_set_default_key(sdata, idx);
113 if (alg == ALG_AES_CMAC &&
114 (set_tx_key || (!sta && !sdata->default_mgmt_key && key)))
115 ieee80211_set_default_mgmt_key(sdata, idx);
106 } 116 }
107 117
108 out_unlock: 118 out_unlock:
@@ -1048,6 +1058,9 @@ static int ieee80211_ioctl_siwencodeext(struct net_device *dev,
1048 case IW_ENCODE_ALG_CCMP: 1058 case IW_ENCODE_ALG_CCMP:
1049 alg = ALG_CCMP; 1059 alg = ALG_CCMP;
1050 break; 1060 break;
1061 case IW_ENCODE_ALG_AES_CMAC:
1062 alg = ALG_AES_CMAC;
1063 break;
1051 default: 1064 default:
1052 return -EOPNOTSUPP; 1065 return -EOPNOTSUPP;
1053 } 1066 }
@@ -1056,20 +1069,41 @@ static int ieee80211_ioctl_siwencodeext(struct net_device *dev,
1056 remove = 1; 1069 remove = 1;
1057 1070
1058 idx = erq->flags & IW_ENCODE_INDEX; 1071 idx = erq->flags & IW_ENCODE_INDEX;
1059 if (idx < 1 || idx > 4) { 1072 if (alg == ALG_AES_CMAC) {
1060 idx = -1; 1073 if (idx < NUM_DEFAULT_KEYS + 1 ||
1061 if (!sdata->default_key) 1074 idx > NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) {
1062 idx = 0; 1075 idx = -1;
1063 else for (i = 0; i < NUM_DEFAULT_KEYS; i++) { 1076 if (!sdata->default_mgmt_key)
1064 if (sdata->default_key == sdata->keys[i]) { 1077 idx = 0;
1065 idx = i; 1078 else for (i = NUM_DEFAULT_KEYS;
1066 break; 1079 i < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS;
1080 i++) {
1081 if (sdata->default_mgmt_key == sdata->keys[i])
1082 {
1083 idx = i;
1084 break;
1085 }
1067 } 1086 }
1068 } 1087 if (idx < 0)
1069 if (idx < 0) 1088 return -EINVAL;
1070 return -EINVAL; 1089 } else
1071 } else 1090 idx--;
1072 idx--; 1091 } else {
1092 if (idx < 1 || idx > 4) {
1093 idx = -1;
1094 if (!sdata->default_key)
1095 idx = 0;
1096 else for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1097 if (sdata->default_key == sdata->keys[i]) {
1098 idx = i;
1099 break;
1100 }
1101 }
1102 if (idx < 0)
1103 return -EINVAL;
1104 } else
1105 idx--;
1106 }
1073 1107
1074 return ieee80211_set_encryption(sdata, ext->addr.sa_data, idx, alg, 1108 return ieee80211_set_encryption(sdata, ext->addr.sa_data, idx, alg,
1075 remove, 1109 remove,