diff options
author | Jouni Malinen <j@w1.fi> | 2009-01-08 06:32:04 -0500 |
---|---|---|
committer | John W. Linville <linville@tuxdriver.com> | 2009-01-29 16:00:04 -0500 |
commit | 22787dbaa3b952602542506e0426ea6d5f104042 (patch) | |
tree | 47fe44523213bb66857c83faef185044c44c20e7 | |
parent | 54604d3a827b37525ef017adba313c7112e0f484 (diff) |
mac80211: 802.11w - WEXT configuration for IGTK
Added new SIOCSIWENCODEEXT algorithm for configuring BIP (AES-CMAC)
keys (IGTK).
Signed-off-by: Jouni Malinen <j@w1.fi>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
-rw-r--r-- | include/linux/wireless.h | 1 | ||||
-rw-r--r-- | net/mac80211/wext.c | 62 |
2 files changed, 49 insertions, 14 deletions
diff --git a/include/linux/wireless.h b/include/linux/wireless.h index d426dce47e7c..5d1f3fbffd77 100644 --- a/include/linux/wireless.h +++ b/include/linux/wireless.h | |||
@@ -615,6 +615,7 @@ | |||
615 | #define IW_ENCODE_ALG_TKIP 2 | 615 | #define IW_ENCODE_ALG_TKIP 2 |
616 | #define IW_ENCODE_ALG_CCMP 3 | 616 | #define IW_ENCODE_ALG_CCMP 3 |
617 | #define IW_ENCODE_ALG_PMK 4 | 617 | #define IW_ENCODE_ALG_PMK 4 |
618 | #define IW_ENCODE_ALG_AES_CMAC 5 | ||
618 | /* struct iw_encode_ext ->ext_flags */ | 619 | /* struct iw_encode_ext ->ext_flags */ |
619 | #define IW_ENCODE_EXT_TX_SEQ_VALID 0x00000001 | 620 | #define IW_ENCODE_EXT_TX_SEQ_VALID 0x00000001 |
620 | #define IW_ENCODE_EXT_RX_SEQ_VALID 0x00000002 | 621 | #define IW_ENCODE_EXT_RX_SEQ_VALID 0x00000002 |
diff --git a/net/mac80211/wext.c b/net/mac80211/wext.c index c3b2dd5706fb..7ba1d5ba3afa 100644 --- a/net/mac80211/wext.c +++ b/net/mac80211/wext.c | |||
@@ -37,7 +37,14 @@ static int ieee80211_set_encryption(struct ieee80211_sub_if_data *sdata, u8 *sta | |||
37 | struct ieee80211_key *key; | 37 | struct ieee80211_key *key; |
38 | int err; | 38 | int err; |
39 | 39 | ||
40 | if (idx < 0 || idx >= NUM_DEFAULT_KEYS) { | 40 | if (alg == ALG_AES_CMAC) { |
41 | if (idx < NUM_DEFAULT_KEYS || | ||
42 | idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) { | ||
43 | printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d " | ||
44 | "(BIP)\n", sdata->dev->name, idx); | ||
45 | return -EINVAL; | ||
46 | } | ||
47 | } else if (idx < 0 || idx >= NUM_DEFAULT_KEYS) { | ||
41 | printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d\n", | 48 | printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d\n", |
42 | sdata->dev->name, idx); | 49 | sdata->dev->name, idx); |
43 | return -EINVAL; | 50 | return -EINVAL; |
@@ -103,6 +110,9 @@ static int ieee80211_set_encryption(struct ieee80211_sub_if_data *sdata, u8 *sta | |||
103 | 110 | ||
104 | if (set_tx_key || (!sta && !sdata->default_key && key)) | 111 | if (set_tx_key || (!sta && !sdata->default_key && key)) |
105 | ieee80211_set_default_key(sdata, idx); | 112 | ieee80211_set_default_key(sdata, idx); |
113 | if (alg == ALG_AES_CMAC && | ||
114 | (set_tx_key || (!sta && !sdata->default_mgmt_key && key))) | ||
115 | ieee80211_set_default_mgmt_key(sdata, idx); | ||
106 | } | 116 | } |
107 | 117 | ||
108 | out_unlock: | 118 | out_unlock: |
@@ -1048,6 +1058,9 @@ static int ieee80211_ioctl_siwencodeext(struct net_device *dev, | |||
1048 | case IW_ENCODE_ALG_CCMP: | 1058 | case IW_ENCODE_ALG_CCMP: |
1049 | alg = ALG_CCMP; | 1059 | alg = ALG_CCMP; |
1050 | break; | 1060 | break; |
1061 | case IW_ENCODE_ALG_AES_CMAC: | ||
1062 | alg = ALG_AES_CMAC; | ||
1063 | break; | ||
1051 | default: | 1064 | default: |
1052 | return -EOPNOTSUPP; | 1065 | return -EOPNOTSUPP; |
1053 | } | 1066 | } |
@@ -1056,20 +1069,41 @@ static int ieee80211_ioctl_siwencodeext(struct net_device *dev, | |||
1056 | remove = 1; | 1069 | remove = 1; |
1057 | 1070 | ||
1058 | idx = erq->flags & IW_ENCODE_INDEX; | 1071 | idx = erq->flags & IW_ENCODE_INDEX; |
1059 | if (idx < 1 || idx > 4) { | 1072 | if (alg == ALG_AES_CMAC) { |
1060 | idx = -1; | 1073 | if (idx < NUM_DEFAULT_KEYS + 1 || |
1061 | if (!sdata->default_key) | 1074 | idx > NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) { |
1062 | idx = 0; | 1075 | idx = -1; |
1063 | else for (i = 0; i < NUM_DEFAULT_KEYS; i++) { | 1076 | if (!sdata->default_mgmt_key) |
1064 | if (sdata->default_key == sdata->keys[i]) { | 1077 | idx = 0; |
1065 | idx = i; | 1078 | else for (i = NUM_DEFAULT_KEYS; |
1066 | break; | 1079 | i < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS; |
1080 | i++) { | ||
1081 | if (sdata->default_mgmt_key == sdata->keys[i]) | ||
1082 | { | ||
1083 | idx = i; | ||
1084 | break; | ||
1085 | } | ||
1067 | } | 1086 | } |
1068 | } | 1087 | if (idx < 0) |
1069 | if (idx < 0) | 1088 | return -EINVAL; |
1070 | return -EINVAL; | 1089 | } else |
1071 | } else | 1090 | idx--; |
1072 | idx--; | 1091 | } else { |
1092 | if (idx < 1 || idx > 4) { | ||
1093 | idx = -1; | ||
1094 | if (!sdata->default_key) | ||
1095 | idx = 0; | ||
1096 | else for (i = 0; i < NUM_DEFAULT_KEYS; i++) { | ||
1097 | if (sdata->default_key == sdata->keys[i]) { | ||
1098 | idx = i; | ||
1099 | break; | ||
1100 | } | ||
1101 | } | ||
1102 | if (idx < 0) | ||
1103 | return -EINVAL; | ||
1104 | } else | ||
1105 | idx--; | ||
1106 | } | ||
1073 | 1107 | ||
1074 | return ieee80211_set_encryption(sdata, ext->addr.sa_data, idx, alg, | 1108 | return ieee80211_set_encryption(sdata, ext->addr.sa_data, idx, alg, |
1075 | remove, | 1109 | remove, |