aboutsummaryrefslogtreecommitdiffstats
path: root/include/net
diff options
context:
space:
mode:
authorJohannes Berg <johannes@sipsolutions.net>2007-08-28 17:01:55 -0400
committerDavid S. Miller <davem@sunset.davemloft.net>2007-10-10 19:48:53 -0400
commit11a843b7e16062389c53ba393c7913956e034eb2 (patch)
tree7f557a55220a0de38f0eafe1a5147487ec39b790 /include/net
parent3aefaa3294193c931b20a574f718efee6baf27d4 (diff)
[MAC80211]: rework key handling
This moves all the key handling code out from ieee80211_ioctl.c into key.c and also does the following changes including documentation updates in mac80211.h: 1) Turn off hardware acceleration for keys when the interface is down. This is necessary because otherwise monitor interfaces could be decrypting frames for other interfaces that are down at the moment. Also, it should go some way towards better suspend/resume support, in any case the routines used here could be used for that as well. Additionally, this makes the driver interface nicer, keys for a specific local MAC address are only ever present while an interface with that MAC address is enabled. 2) Change driver set_key() callback interface to allow only return values of -ENOSPC, -EOPNOTSUPP and 0, warn on all other return values. This allows debugging the stack when a driver notices it's handed a key while it is down. 3) Invert the flag meaning to KEY_FLAG_UPLOADED_TO_HARDWARE. 4) Remove REMOVE_ALL_KEYS command as it isn't used nor do we want to use it, we'll use DISABLE_KEY for each key. It is hard to use REMOVE_ALL_KEYS because we can handle multiple virtual interfaces with different key configuration, so we'd have to keep track of a lot of state for this and that isn't worth it. 5) Warn when disabling a key fails, it musn't. 6) Remove IEEE80211_HW_NO_TKIP_WMM_HWACCEL in favour of per-key IEEE80211_KEY_FLAG_WMM_STA to let driver sort it out itself. 7) Tell driver that a (non-WEP) key is used only for transmission by using an all-zeroes station MAC address when configuring. 8) Change the set_key() callback to have access to the local MAC address the key is being added for. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Acked-by: Michael Wu <flamingice@sourmilk.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net')
-rw-r--r--include/net/mac80211.h59
1 files changed, 48 insertions, 11 deletions
diff --git a/include/net/mac80211.h b/include/net/mac80211.h
index 3437fa16eea5..ec8c7393956b 100644
--- a/include/net/mac80211.h
+++ b/include/net/mac80211.h
@@ -399,19 +399,34 @@ typedef enum {
399 ALG_CCMP, 399 ALG_CCMP,
400} ieee80211_key_alg; 400} ieee80211_key_alg;
401 401
402/*
403 * This flag indiciates that the station this key is being
404 * configured for may use QoS. If your hardware cannot handle
405 * that situation it should reject that key.
406 */
407#define IEEE80211_KEY_FLAG_WMM_STA (1<<0)
408
402struct ieee80211_key_conf { 409struct ieee80211_key_conf {
403 /* shall be changed by the driver to anything but HW_KEY_IDX_INVALID */ 410 /*
411 * To be set by the driver to the key index it would like to
412 * get in the ieee80211_tx_control.key_idx which defaults
413 * to HW_KEY_IDX_INVALID so that shouldn't be used.
414 */
404 int hw_key_idx; 415 int hw_key_idx;
405 416
417 /* key algorithm, ALG_NONE should never be seen by the driver */
406 ieee80211_key_alg alg; 418 ieee80211_key_alg alg;
407 419
408 int keylen; 420 /* key flags, see above */
421 u8 flags;
422
423 /* key index: 0-3 */
424 s8 keyidx;
409 425
410#define IEEE80211_KEY_FORCE_SW_ENCRYPT (1<<0) /* to be cleared by low-level 426 /* length of key material */
411 driver */ 427 u8 keylen;
412 u32 flags; /* key configuration flags defined above */
413 428
414 s8 keyidx; /* WEP key index */ 429 /* the key material */
415 u8 key[0]; 430 u8 key[0];
416}; 431};
417 432
@@ -419,7 +434,7 @@ struct ieee80211_key_conf {
419#define IEEE80211_SEQ_COUNTER_TX 1 434#define IEEE80211_SEQ_COUNTER_TX 1
420 435
421typedef enum { 436typedef enum {
422 SET_KEY, DISABLE_KEY, REMOVE_ALL_KEYS, 437 SET_KEY, DISABLE_KEY,
423} set_key_cmd; 438} set_key_cmd;
424 439
425/* This is driver-visible part of the per-hw state the stack keeps. */ 440/* This is driver-visible part of the per-hw state the stack keeps. */
@@ -492,8 +507,7 @@ struct ieee80211_hw {
492 507
493/* hole at 6 */ 508/* hole at 6 */
494 509
495 /* Force software encryption for TKIP packets if WMM is enabled. */ 510/* hole at 7 */
496#define IEEE80211_HW_NO_TKIP_WMM_HWACCEL (1<<7)
497 511
498 /* 512 /*
499 * Some devices handle Michael MIC internally and do not include MIC in 513 * Some devices handle Michael MIC internally and do not include MIC in
@@ -627,12 +641,31 @@ struct ieee80211_ops {
627 * 641 *
628 * This is called to enable hardware acceleration of encryption and 642 * This is called to enable hardware acceleration of encryption and
629 * decryption. The address will be the broadcast address for default 643 * decryption. The address will be the broadcast address for default
630 * keys and the other station's hardware address for individual keys. 644 * keys, the other station's hardware address for individual keys or
645 * the zero address for keys that will be used only for transmission.
646 *
647 * The local_address parameter will always be set to our own address,
648 * this is only relevant if you support multiple local addresses.
649 *
631 * When transmitting, the TX control data will use the hw_key_idx 650 * When transmitting, the TX control data will use the hw_key_idx
632 * selected by the low-level driver. 651 * selected by the low-level driver.
652 *
653 * Return 0 if the key is now in use, -EOPNOTSUPP or -ENOSPC if it
654 * couldn't be added; if you return 0 then hw_key_idx must be
655 * assigned to something other than HW_KEY_IDX_INVALID. When the cmd
656 * is DISABLE_KEY then it must succeed.
657 *
658 * This callback can sleep, and is only called between add_interface
659 * and remove_interface calls, i.e. while the interface with the
660 * given local_address is enabled.
661 *
662 * The ieee80211_key_conf structure pointed to by the key parameter
663 * is guaranteed to be valid until another call to set_key removes
664 * it, but it can only be used as a cookie to differentiate keys.
633 */ 665 */
634 int (*set_key)(struct ieee80211_hw *hw, set_key_cmd cmd, 666 int (*set_key)(struct ieee80211_hw *hw, set_key_cmd cmd,
635 u8 *address, struct ieee80211_key_conf *key); 667 const u8 *local_address, const u8 *address,
668 struct ieee80211_key_conf *key);
636 669
637 /* 670 /*
638 * Set TX key index for default/broadcast keys. This is needed in cases 671 * Set TX key index for default/broadcast keys. This is needed in cases
@@ -640,6 +673,10 @@ struct ieee80211_ops {
640 * is not set), in other cases, this function pointer can be set to 673 * is not set), in other cases, this function pointer can be set to
641 * NULL since the IEEE 802.11 module takes care of selecting the key 674 * NULL since the IEEE 802.11 module takes care of selecting the key
642 * index for each TX frame. 675 * index for each TX frame.
676 *
677 * TODO: If you use this callback in your driver tell us if you need
678 * any other information from it to make it easier, like the
679 * key_conf instead.
643 */ 680 */
644 int (*set_key_idx)(struct ieee80211_hw *hw, int idx); 681 int (*set_key_idx)(struct ieee80211_hw *hw, int idx);
645 682