aboutsummaryrefslogtreecommitdiffstats
path: root/net/mac80211
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2015-02-04 17:57:45 -0500
committerDavid S. Miller <davem@davemloft.net>2015-02-04 17:57:45 -0500
commit940288b6a560710d4c63bc84d9570779dd7dec2b (patch)
tree349a41e8d8d75239428efcfd299d4b680cc839a1 /net/mac80211
parent541c571fa2fdfd4782d840276c5aedb535349075 (diff)
parent79044f60caa7c377333dc8f13cf1e48c144e2521 (diff)
Merge tag 'mac80211-next-for-davem-2015-02-03' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next
Last round of updates for net-next: * revert a patch that caused a regression with mesh userspace (Bob) * fix a number of suspend/resume related races (from Emmanuel, Luca and myself - we'll look at backporting later) * add software implementations for new ciphers (Jouni) * add a new ACPI ID for Broadcom's rfkill (Mika) * allow using netns FD for wireless (Vadim) * some other cleanups (various) Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/mac80211')
-rw-r--r--net/mac80211/Kconfig1
-rw-r--r--net/mac80211/Makefile2
-rw-r--r--net/mac80211/aes_ccm.c21
-rw-r--r--net/mac80211/aes_ccm.h10
-rw-r--r--net/mac80211/aes_cmac.c34
-rw-r--r--net/mac80211/aes_cmac.h5
-rw-r--r--net/mac80211/aes_gcm.c95
-rw-r--r--net/mac80211/aes_gcm.h22
-rw-r--r--net/mac80211/aes_gmac.c84
-rw-r--r--net/mac80211/aes_gmac.h20
-rw-r--r--net/mac80211/cfg.c50
-rw-r--r--net/mac80211/chan.c4
-rw-r--r--net/mac80211/debugfs_key.c55
-rw-r--r--net/mac80211/ieee80211_i.h36
-rw-r--r--net/mac80211/iface.c12
-rw-r--r--net/mac80211/key.c185
-rw-r--r--net/mac80211/key.h18
-rw-r--r--net/mac80211/main.c107
-rw-r--r--net/mac80211/mesh_plink.c7
-rw-r--r--net/mac80211/mlme.c3
-rw-r--r--net/mac80211/rx.c48
-rw-r--r--net/mac80211/scan.c5
-rw-r--r--net/mac80211/sta_info.c14
-rw-r--r--net/mac80211/tdls.c37
-rw-r--r--net/mac80211/tx.c20
-rw-r--r--net/mac80211/util.c27
-rw-r--r--net/mac80211/wpa.c443
-rw-r--r--net/mac80211/wpa.h19
28 files changed, 1246 insertions, 138 deletions
diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig
index 75cc6801a431..64a012a0c6e5 100644
--- a/net/mac80211/Kconfig
+++ b/net/mac80211/Kconfig
@@ -5,6 +5,7 @@ config MAC80211
5 select CRYPTO_ARC4 5 select CRYPTO_ARC4
6 select CRYPTO_AES 6 select CRYPTO_AES
7 select CRYPTO_CCM 7 select CRYPTO_CCM
8 select CRYPTO_GCM
8 select CRC32 9 select CRC32
9 select AVERAGE 10 select AVERAGE
10 ---help--- 11 ---help---
diff --git a/net/mac80211/Makefile b/net/mac80211/Makefile
index e53671b1105e..3275f01881be 100644
--- a/net/mac80211/Makefile
+++ b/net/mac80211/Makefile
@@ -15,7 +15,9 @@ mac80211-y := \
15 michael.o \ 15 michael.o \
16 tkip.o \ 16 tkip.o \
17 aes_ccm.o \ 17 aes_ccm.o \
18 aes_gcm.o \
18 aes_cmac.o \ 19 aes_cmac.o \
20 aes_gmac.o \
19 cfg.o \ 21 cfg.o \
20 ethtool.o \ 22 ethtool.o \
21 rx.o \ 23 rx.o \
diff --git a/net/mac80211/aes_ccm.c b/net/mac80211/aes_ccm.c
index 09d9caaec591..7869bb40acaa 100644
--- a/net/mac80211/aes_ccm.c
+++ b/net/mac80211/aes_ccm.c
@@ -20,7 +20,8 @@
20#include "aes_ccm.h" 20#include "aes_ccm.h"
21 21
22void ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, 22void ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
23 u8 *data, size_t data_len, u8 *mic) 23 u8 *data, size_t data_len, u8 *mic,
24 size_t mic_len)
24{ 25{
25 struct scatterlist assoc, pt, ct[2]; 26 struct scatterlist assoc, pt, ct[2];
26 27
@@ -35,7 +36,7 @@ void ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
35 sg_init_one(&assoc, &aad[2], be16_to_cpup((__be16 *)aad)); 36 sg_init_one(&assoc, &aad[2], be16_to_cpup((__be16 *)aad));
36 sg_init_table(ct, 2); 37 sg_init_table(ct, 2);
37 sg_set_buf(&ct[0], data, data_len); 38 sg_set_buf(&ct[0], data, data_len);
38 sg_set_buf(&ct[1], mic, IEEE80211_CCMP_MIC_LEN); 39 sg_set_buf(&ct[1], mic, mic_len);
39 40
40 aead_request_set_tfm(aead_req, tfm); 41 aead_request_set_tfm(aead_req, tfm);
41 aead_request_set_assoc(aead_req, &assoc, assoc.length); 42 aead_request_set_assoc(aead_req, &assoc, assoc.length);
@@ -45,7 +46,8 @@ void ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
45} 46}
46 47
47int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, 48int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
48 u8 *data, size_t data_len, u8 *mic) 49 u8 *data, size_t data_len, u8 *mic,
50 size_t mic_len)
49{ 51{
50 struct scatterlist assoc, pt, ct[2]; 52 struct scatterlist assoc, pt, ct[2];
51 char aead_req_data[sizeof(struct aead_request) + 53 char aead_req_data[sizeof(struct aead_request) +
@@ -62,17 +64,18 @@ int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
62 sg_init_one(&assoc, &aad[2], be16_to_cpup((__be16 *)aad)); 64 sg_init_one(&assoc, &aad[2], be16_to_cpup((__be16 *)aad));
63 sg_init_table(ct, 2); 65 sg_init_table(ct, 2);
64 sg_set_buf(&ct[0], data, data_len); 66 sg_set_buf(&ct[0], data, data_len);
65 sg_set_buf(&ct[1], mic, IEEE80211_CCMP_MIC_LEN); 67 sg_set_buf(&ct[1], mic, mic_len);
66 68
67 aead_request_set_tfm(aead_req, tfm); 69 aead_request_set_tfm(aead_req, tfm);
68 aead_request_set_assoc(aead_req, &assoc, assoc.length); 70 aead_request_set_assoc(aead_req, &assoc, assoc.length);
69 aead_request_set_crypt(aead_req, ct, &pt, 71 aead_request_set_crypt(aead_req, ct, &pt, data_len + mic_len, b_0);
70 data_len + IEEE80211_CCMP_MIC_LEN, b_0);
71 72
72 return crypto_aead_decrypt(aead_req); 73 return crypto_aead_decrypt(aead_req);
73} 74}
74 75
75struct crypto_aead *ieee80211_aes_key_setup_encrypt(const u8 key[]) 76struct crypto_aead *ieee80211_aes_key_setup_encrypt(const u8 key[],
77 size_t key_len,
78 size_t mic_len)
76{ 79{
77 struct crypto_aead *tfm; 80 struct crypto_aead *tfm;
78 int err; 81 int err;
@@ -81,9 +84,9 @@ struct crypto_aead *ieee80211_aes_key_setup_encrypt(const u8 key[])
81 if (IS_ERR(tfm)) 84 if (IS_ERR(tfm))
82 return tfm; 85 return tfm;
83 86
84 err = crypto_aead_setkey(tfm, key, WLAN_KEY_LEN_CCMP); 87 err = crypto_aead_setkey(tfm, key, key_len);
85 if (!err) 88 if (!err)
86 err = crypto_aead_setauthsize(tfm, IEEE80211_CCMP_MIC_LEN); 89 err = crypto_aead_setauthsize(tfm, mic_len);
87 if (!err) 90 if (!err)
88 return tfm; 91 return tfm;
89 92
diff --git a/net/mac80211/aes_ccm.h b/net/mac80211/aes_ccm.h
index 2c7ab1948a2e..6a73d1e4d186 100644
--- a/net/mac80211/aes_ccm.h
+++ b/net/mac80211/aes_ccm.h
@@ -12,11 +12,15 @@
12 12
13#include <linux/crypto.h> 13#include <linux/crypto.h>
14 14
15struct crypto_aead *ieee80211_aes_key_setup_encrypt(const u8 key[]); 15struct crypto_aead *ieee80211_aes_key_setup_encrypt(const u8 key[],
16 size_t key_len,
17 size_t mic_len);
16void ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, 18void ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
17 u8 *data, size_t data_len, u8 *mic); 19 u8 *data, size_t data_len, u8 *mic,
20 size_t mic_len);
18int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, 21int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
19 u8 *data, size_t data_len, u8 *mic); 22 u8 *data, size_t data_len, u8 *mic,
23 size_t mic_len);
20void ieee80211_aes_key_free(struct crypto_aead *tfm); 24void ieee80211_aes_key_free(struct crypto_aead *tfm);
21 25
22#endif /* AES_CCM_H */ 26#endif /* AES_CCM_H */
diff --git a/net/mac80211/aes_cmac.c b/net/mac80211/aes_cmac.c
index 9b9009f99551..4192806be3d3 100644
--- a/net/mac80211/aes_cmac.c
+++ b/net/mac80211/aes_cmac.c
@@ -18,8 +18,8 @@
18#include "key.h" 18#include "key.h"
19#include "aes_cmac.h" 19#include "aes_cmac.h"
20 20
21#define AES_CMAC_KEY_LEN 16
22#define CMAC_TLEN 8 /* CMAC TLen = 64 bits (8 octets) */ 21#define CMAC_TLEN 8 /* CMAC TLen = 64 bits (8 octets) */
22#define CMAC_TLEN_256 16 /* CMAC TLen = 128 bits (16 octets) */
23#define AAD_LEN 20 23#define AAD_LEN 20
24 24
25 25
@@ -35,9 +35,9 @@ static void gf_mulx(u8 *pad)
35 pad[AES_BLOCK_SIZE - 1] ^= 0x87; 35 pad[AES_BLOCK_SIZE - 1] ^= 0x87;
36} 36}
37 37
38 38static void aes_cmac_vector(struct crypto_cipher *tfm, size_t num_elem,
39static void aes_128_cmac_vector(struct crypto_cipher *tfm, size_t num_elem, 39 const u8 *addr[], const size_t *len, u8 *mac,
40 const u8 *addr[], const size_t *len, u8 *mac) 40 size_t mac_len)
41{ 41{
42 u8 cbc[AES_BLOCK_SIZE], pad[AES_BLOCK_SIZE]; 42 u8 cbc[AES_BLOCK_SIZE], pad[AES_BLOCK_SIZE];
43 const u8 *pos, *end; 43 const u8 *pos, *end;
@@ -88,7 +88,7 @@ static void aes_128_cmac_vector(struct crypto_cipher *tfm, size_t num_elem,
88 for (i = 0; i < AES_BLOCK_SIZE; i++) 88 for (i = 0; i < AES_BLOCK_SIZE; i++)
89 pad[i] ^= cbc[i]; 89 pad[i] ^= cbc[i];
90 crypto_cipher_encrypt_one(tfm, pad, pad); 90 crypto_cipher_encrypt_one(tfm, pad, pad);
91 memcpy(mac, pad, CMAC_TLEN); 91 memcpy(mac, pad, mac_len);
92} 92}
93 93
94 94
@@ -107,17 +107,35 @@ void ieee80211_aes_cmac(struct crypto_cipher *tfm, const u8 *aad,
107 addr[2] = zero; 107 addr[2] = zero;
108 len[2] = CMAC_TLEN; 108 len[2] = CMAC_TLEN;
109 109
110 aes_128_cmac_vector(tfm, 3, addr, len, mic); 110 aes_cmac_vector(tfm, 3, addr, len, mic, CMAC_TLEN);
111} 111}
112 112
113void ieee80211_aes_cmac_256(struct crypto_cipher *tfm, const u8 *aad,
114 const u8 *data, size_t data_len, u8 *mic)
115{
116 const u8 *addr[3];
117 size_t len[3];
118 u8 zero[CMAC_TLEN_256];
119
120 memset(zero, 0, CMAC_TLEN_256);
121 addr[0] = aad;
122 len[0] = AAD_LEN;
123 addr[1] = data;
124 len[1] = data_len - CMAC_TLEN_256;
125 addr[2] = zero;
126 len[2] = CMAC_TLEN_256;
127
128 aes_cmac_vector(tfm, 3, addr, len, mic, CMAC_TLEN_256);
129}
113 130
114struct crypto_cipher *ieee80211_aes_cmac_key_setup(const u8 key[]) 131struct crypto_cipher *ieee80211_aes_cmac_key_setup(const u8 key[],
132 size_t key_len)
115{ 133{
116 struct crypto_cipher *tfm; 134 struct crypto_cipher *tfm;
117 135
118 tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC); 136 tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
119 if (!IS_ERR(tfm)) 137 if (!IS_ERR(tfm))
120 crypto_cipher_setkey(tfm, key, AES_CMAC_KEY_LEN); 138 crypto_cipher_setkey(tfm, key, key_len);
121 139
122 return tfm; 140 return tfm;
123} 141}
diff --git a/net/mac80211/aes_cmac.h b/net/mac80211/aes_cmac.h
index 0ce6487af795..3702041f44fd 100644
--- a/net/mac80211/aes_cmac.h
+++ b/net/mac80211/aes_cmac.h
@@ -11,9 +11,12 @@
11 11
12#include <linux/crypto.h> 12#include <linux/crypto.h>
13 13
14struct crypto_cipher *ieee80211_aes_cmac_key_setup(const u8 key[]); 14struct crypto_cipher *ieee80211_aes_cmac_key_setup(const u8 key[],
15 size_t key_len);
15void ieee80211_aes_cmac(struct crypto_cipher *tfm, const u8 *aad, 16void ieee80211_aes_cmac(struct crypto_cipher *tfm, const u8 *aad,
16 const u8 *data, size_t data_len, u8 *mic); 17 const u8 *data, size_t data_len, u8 *mic);
18void ieee80211_aes_cmac_256(struct crypto_cipher *tfm, const u8 *aad,
19 const u8 *data, size_t data_len, u8 *mic);
17void ieee80211_aes_cmac_key_free(struct crypto_cipher *tfm); 20void ieee80211_aes_cmac_key_free(struct crypto_cipher *tfm);
18 21
19#endif /* AES_CMAC_H */ 22#endif /* AES_CMAC_H */
diff --git a/net/mac80211/aes_gcm.c b/net/mac80211/aes_gcm.c
new file mode 100644
index 000000000000..c2bf6698d738
--- /dev/null
+++ b/net/mac80211/aes_gcm.c
@@ -0,0 +1,95 @@
1/*
2 * Copyright 2014-2015, Qualcomm Atheros, Inc.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#include <linux/kernel.h>
10#include <linux/types.h>
11#include <linux/crypto.h>
12#include <linux/err.h>
13#include <crypto/aes.h>
14
15#include <net/mac80211.h>
16#include "key.h"
17#include "aes_gcm.h"
18
19void ieee80211_aes_gcm_encrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
20 u8 *data, size_t data_len, u8 *mic)
21{
22 struct scatterlist assoc, pt, ct[2];
23
24 char aead_req_data[sizeof(struct aead_request) +
25 crypto_aead_reqsize(tfm)]
26 __aligned(__alignof__(struct aead_request));
27 struct aead_request *aead_req = (void *)aead_req_data;
28
29 memset(aead_req, 0, sizeof(aead_req_data));
30
31 sg_init_one(&pt, data, data_len);
32 sg_init_one(&assoc, &aad[2], be16_to_cpup((__be16 *)aad));
33 sg_init_table(ct, 2);
34 sg_set_buf(&ct[0], data, data_len);
35 sg_set_buf(&ct[1], mic, IEEE80211_GCMP_MIC_LEN);
36
37 aead_request_set_tfm(aead_req, tfm);
38 aead_request_set_assoc(aead_req, &assoc, assoc.length);
39 aead_request_set_crypt(aead_req, &pt, ct, data_len, j_0);
40
41 crypto_aead_encrypt(aead_req);
42}
43
44int ieee80211_aes_gcm_decrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
45 u8 *data, size_t data_len, u8 *mic)
46{
47 struct scatterlist assoc, pt, ct[2];
48 char aead_req_data[sizeof(struct aead_request) +
49 crypto_aead_reqsize(tfm)]
50 __aligned(__alignof__(struct aead_request));
51 struct aead_request *aead_req = (void *)aead_req_data;
52
53 if (data_len == 0)
54 return -EINVAL;
55
56 memset(aead_req, 0, sizeof(aead_req_data));
57
58 sg_init_one(&pt, data, data_len);
59 sg_init_one(&assoc, &aad[2], be16_to_cpup((__be16 *)aad));
60 sg_init_table(ct, 2);
61 sg_set_buf(&ct[0], data, data_len);
62 sg_set_buf(&ct[1], mic, IEEE80211_GCMP_MIC_LEN);
63
64 aead_request_set_tfm(aead_req, tfm);
65 aead_request_set_assoc(aead_req, &assoc, assoc.length);
66 aead_request_set_crypt(aead_req, ct, &pt,
67 data_len + IEEE80211_GCMP_MIC_LEN, j_0);
68
69 return crypto_aead_decrypt(aead_req);
70}
71
72struct crypto_aead *ieee80211_aes_gcm_key_setup_encrypt(const u8 key[],
73 size_t key_len)
74{
75 struct crypto_aead *tfm;
76 int err;
77
78 tfm = crypto_alloc_aead("gcm(aes)", 0, CRYPTO_ALG_ASYNC);
79 if (IS_ERR(tfm))
80 return tfm;
81
82 err = crypto_aead_setkey(tfm, key, key_len);
83 if (!err)
84 err = crypto_aead_setauthsize(tfm, IEEE80211_GCMP_MIC_LEN);
85 if (!err)
86 return tfm;
87
88 crypto_free_aead(tfm);
89 return ERR_PTR(err);
90}
91
92void ieee80211_aes_gcm_key_free(struct crypto_aead *tfm)
93{
94 crypto_free_aead(tfm);
95}
diff --git a/net/mac80211/aes_gcm.h b/net/mac80211/aes_gcm.h
new file mode 100644
index 000000000000..1347fda6b76a
--- /dev/null
+++ b/net/mac80211/aes_gcm.h
@@ -0,0 +1,22 @@
1/*
2 * Copyright 2014-2015, Qualcomm Atheros, Inc.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#ifndef AES_GCM_H
10#define AES_GCM_H
11
12#include <linux/crypto.h>
13
14void ieee80211_aes_gcm_encrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
15 u8 *data, size_t data_len, u8 *mic);
16int ieee80211_aes_gcm_decrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
17 u8 *data, size_t data_len, u8 *mic);
18struct crypto_aead *ieee80211_aes_gcm_key_setup_encrypt(const u8 key[],
19 size_t key_len);
20void ieee80211_aes_gcm_key_free(struct crypto_aead *tfm);
21
22#endif /* AES_GCM_H */
diff --git a/net/mac80211/aes_gmac.c b/net/mac80211/aes_gmac.c
new file mode 100644
index 000000000000..1c72edcb0083
--- /dev/null
+++ b/net/mac80211/aes_gmac.c
@@ -0,0 +1,84 @@
1/*
2 * AES-GMAC for IEEE 802.11 BIP-GMAC-128 and BIP-GMAC-256
3 * Copyright 2015, Qualcomm Atheros, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/kernel.h>
11#include <linux/types.h>
12#include <linux/crypto.h>
13#include <linux/err.h>
14#include <crypto/aes.h>
15
16#include <net/mac80211.h>
17#include "key.h"
18#include "aes_gmac.h"
19
20#define GMAC_MIC_LEN 16
21#define GMAC_NONCE_LEN 12
22#define AAD_LEN 20
23
24int ieee80211_aes_gmac(struct crypto_aead *tfm, const u8 *aad, u8 *nonce,
25 const u8 *data, size_t data_len, u8 *mic)
26{
27 struct scatterlist sg[3], ct[1];
28 char aead_req_data[sizeof(struct aead_request) +
29 crypto_aead_reqsize(tfm)]
30 __aligned(__alignof__(struct aead_request));
31 struct aead_request *aead_req = (void *)aead_req_data;
32 u8 zero[GMAC_MIC_LEN], iv[AES_BLOCK_SIZE];
33
34 if (data_len < GMAC_MIC_LEN)
35 return -EINVAL;
36
37 memset(aead_req, 0, sizeof(aead_req_data));
38
39 memset(zero, 0, GMAC_MIC_LEN);
40 sg_init_table(sg, 3);
41 sg_set_buf(&sg[0], aad, AAD_LEN);
42 sg_set_buf(&sg[1], data, data_len - GMAC_MIC_LEN);
43 sg_set_buf(&sg[2], zero, GMAC_MIC_LEN);
44
45 memcpy(iv, nonce, GMAC_NONCE_LEN);
46 memset(iv + GMAC_NONCE_LEN, 0, sizeof(iv) - GMAC_NONCE_LEN);
47 iv[AES_BLOCK_SIZE - 1] = 0x01;
48
49 sg_init_table(ct, 1);
50 sg_set_buf(&ct[0], mic, GMAC_MIC_LEN);
51
52 aead_request_set_tfm(aead_req, tfm);
53 aead_request_set_assoc(aead_req, sg, AAD_LEN + data_len);
54 aead_request_set_crypt(aead_req, NULL, ct, 0, iv);
55
56 crypto_aead_encrypt(aead_req);
57
58 return 0;
59}
60
61struct crypto_aead *ieee80211_aes_gmac_key_setup(const u8 key[],
62 size_t key_len)
63{
64 struct crypto_aead *tfm;
65 int err;
66
67 tfm = crypto_alloc_aead("gcm(aes)", 0, CRYPTO_ALG_ASYNC);
68 if (IS_ERR(tfm))
69 return tfm;
70
71 err = crypto_aead_setkey(tfm, key, key_len);
72 if (!err)
73 return tfm;
74 if (!err)
75 err = crypto_aead_setauthsize(tfm, GMAC_MIC_LEN);
76
77 crypto_free_aead(tfm);
78 return ERR_PTR(err);
79}
80
81void ieee80211_aes_gmac_key_free(struct crypto_aead *tfm)
82{
83 crypto_free_aead(tfm);
84}
diff --git a/net/mac80211/aes_gmac.h b/net/mac80211/aes_gmac.h
new file mode 100644
index 000000000000..d328204d73a8
--- /dev/null
+++ b/net/mac80211/aes_gmac.h
@@ -0,0 +1,20 @@
1/*
2 * Copyright 2015, Qualcomm Atheros, Inc.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#ifndef AES_GMAC_H
10#define AES_GMAC_H
11
12#include <linux/crypto.h>
13
14struct crypto_aead *ieee80211_aes_gmac_key_setup(const u8 key[],
15 size_t key_len);
16int ieee80211_aes_gmac(struct crypto_aead *tfm, const u8 *aad, u8 *nonce,
17 const u8 *data, size_t data_len, u8 *mic);
18void ieee80211_aes_gmac_key_free(struct crypto_aead *tfm);
19
20#endif /* AES_GMAC_H */
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index ff090ef1ea2c..dd4ff36c557a 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -162,8 +162,13 @@ static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev,
162 return -EINVAL; 162 return -EINVAL;
163 break; 163 break;
164 case WLAN_CIPHER_SUITE_CCMP: 164 case WLAN_CIPHER_SUITE_CCMP:
165 case WLAN_CIPHER_SUITE_CCMP_256:
165 case WLAN_CIPHER_SUITE_AES_CMAC: 166 case WLAN_CIPHER_SUITE_AES_CMAC:
167 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
168 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
169 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
166 case WLAN_CIPHER_SUITE_GCMP: 170 case WLAN_CIPHER_SUITE_GCMP:
171 case WLAN_CIPHER_SUITE_GCMP_256:
167 break; 172 break;
168 default: 173 default:
169 cs = ieee80211_cs_get(local, params->cipher, sdata->vif.type); 174 cs = ieee80211_cs_get(local, params->cipher, sdata->vif.type);
@@ -348,6 +353,7 @@ static int ieee80211_get_key(struct wiphy *wiphy, struct net_device *dev,
348 params.seq_len = 6; 353 params.seq_len = 6;
349 break; 354 break;
350 case WLAN_CIPHER_SUITE_CCMP: 355 case WLAN_CIPHER_SUITE_CCMP:
356 case WLAN_CIPHER_SUITE_CCMP_256:
351 pn64 = atomic64_read(&key->u.ccmp.tx_pn); 357 pn64 = atomic64_read(&key->u.ccmp.tx_pn);
352 seq[0] = pn64; 358 seq[0] = pn64;
353 seq[1] = pn64 >> 8; 359 seq[1] = pn64 >> 8;
@@ -359,6 +365,7 @@ static int ieee80211_get_key(struct wiphy *wiphy, struct net_device *dev,
359 params.seq_len = 6; 365 params.seq_len = 6;
360 break; 366 break;
361 case WLAN_CIPHER_SUITE_AES_CMAC: 367 case WLAN_CIPHER_SUITE_AES_CMAC:
368 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
362 pn64 = atomic64_read(&key->u.aes_cmac.tx_pn); 369 pn64 = atomic64_read(&key->u.aes_cmac.tx_pn);
363 seq[0] = pn64; 370 seq[0] = pn64;
364 seq[1] = pn64 >> 8; 371 seq[1] = pn64 >> 8;
@@ -369,6 +376,30 @@ static int ieee80211_get_key(struct wiphy *wiphy, struct net_device *dev,
369 params.seq = seq; 376 params.seq = seq;
370 params.seq_len = 6; 377 params.seq_len = 6;
371 break; 378 break;
379 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
380 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
381 pn64 = atomic64_read(&key->u.aes_gmac.tx_pn);
382 seq[0] = pn64;
383 seq[1] = pn64 >> 8;
384 seq[2] = pn64 >> 16;
385 seq[3] = pn64 >> 24;
386 seq[4] = pn64 >> 32;
387 seq[5] = pn64 >> 40;
388 params.seq = seq;
389 params.seq_len = 6;
390 break;
391 case WLAN_CIPHER_SUITE_GCMP:
392 case WLAN_CIPHER_SUITE_GCMP_256:
393 pn64 = atomic64_read(&key->u.gcmp.tx_pn);
394 seq[0] = pn64;
395 seq[1] = pn64 >> 8;
396 seq[2] = pn64 >> 16;
397 seq[3] = pn64 >> 24;
398 seq[4] = pn64 >> 32;
399 seq[5] = pn64 >> 40;
400 params.seq = seq;
401 params.seq_len = 6;
402 break;
372 } 403 }
373 404
374 params.key = key->conf.key; 405 params.key = key->conf.key;
@@ -2110,6 +2141,8 @@ static int ieee80211_set_tx_power(struct wiphy *wiphy,
2110{ 2141{
2111 struct ieee80211_local *local = wiphy_priv(wiphy); 2142 struct ieee80211_local *local = wiphy_priv(wiphy);
2112 struct ieee80211_sub_if_data *sdata; 2143 struct ieee80211_sub_if_data *sdata;
2144 enum nl80211_tx_power_setting txp_type = type;
2145 bool update_txp_type = false;
2113 2146
2114 if (wdev) { 2147 if (wdev) {
2115 sdata = IEEE80211_WDEV_TO_SUB_IF(wdev); 2148 sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
@@ -2117,6 +2150,7 @@ static int ieee80211_set_tx_power(struct wiphy *wiphy,
2117 switch (type) { 2150 switch (type) {
2118 case NL80211_TX_POWER_AUTOMATIC: 2151 case NL80211_TX_POWER_AUTOMATIC:
2119 sdata->user_power_level = IEEE80211_UNSET_POWER_LEVEL; 2152 sdata->user_power_level = IEEE80211_UNSET_POWER_LEVEL;
2153 txp_type = NL80211_TX_POWER_LIMITED;
2120 break; 2154 break;
2121 case NL80211_TX_POWER_LIMITED: 2155 case NL80211_TX_POWER_LIMITED:
2122 case NL80211_TX_POWER_FIXED: 2156 case NL80211_TX_POWER_FIXED:
@@ -2126,7 +2160,12 @@ static int ieee80211_set_tx_power(struct wiphy *wiphy,
2126 break; 2160 break;
2127 } 2161 }
2128 2162
2129 ieee80211_recalc_txpower(sdata); 2163 if (txp_type != sdata->vif.bss_conf.txpower_type) {
2164 update_txp_type = true;
2165 sdata->vif.bss_conf.txpower_type = txp_type;
2166 }
2167
2168 ieee80211_recalc_txpower(sdata, update_txp_type);
2130 2169
2131 return 0; 2170 return 0;
2132 } 2171 }
@@ -2134,6 +2173,7 @@ static int ieee80211_set_tx_power(struct wiphy *wiphy,
2134 switch (type) { 2173 switch (type) {
2135 case NL80211_TX_POWER_AUTOMATIC: 2174 case NL80211_TX_POWER_AUTOMATIC:
2136 local->user_power_level = IEEE80211_UNSET_POWER_LEVEL; 2175 local->user_power_level = IEEE80211_UNSET_POWER_LEVEL;
2176 txp_type = NL80211_TX_POWER_LIMITED;
2137 break; 2177 break;
2138 case NL80211_TX_POWER_LIMITED: 2178 case NL80211_TX_POWER_LIMITED:
2139 case NL80211_TX_POWER_FIXED: 2179 case NL80211_TX_POWER_FIXED:
@@ -2144,10 +2184,14 @@ static int ieee80211_set_tx_power(struct wiphy *wiphy,
2144 } 2184 }
2145 2185
2146 mutex_lock(&local->iflist_mtx); 2186 mutex_lock(&local->iflist_mtx);
2147 list_for_each_entry(sdata, &local->interfaces, list) 2187 list_for_each_entry(sdata, &local->interfaces, list) {
2148 sdata->user_power_level = local->user_power_level; 2188 sdata->user_power_level = local->user_power_level;
2189 if (txp_type != sdata->vif.bss_conf.txpower_type)
2190 update_txp_type = true;
2191 sdata->vif.bss_conf.txpower_type = txp_type;
2192 }
2149 list_for_each_entry(sdata, &local->interfaces, list) 2193 list_for_each_entry(sdata, &local->interfaces, list)
2150 ieee80211_recalc_txpower(sdata); 2194 ieee80211_recalc_txpower(sdata, update_txp_type);
2151 mutex_unlock(&local->iflist_mtx); 2195 mutex_unlock(&local->iflist_mtx);
2152 2196
2153 return 0; 2197 return 0;
diff --git a/net/mac80211/chan.c b/net/mac80211/chan.c
index 35b11e11e0c4..ff0d2db09df9 100644
--- a/net/mac80211/chan.c
+++ b/net/mac80211/chan.c
@@ -655,7 +655,7 @@ out:
655 } 655 }
656 656
657 if (new_ctx && ieee80211_chanctx_num_assigned(local, new_ctx) > 0) { 657 if (new_ctx && ieee80211_chanctx_num_assigned(local, new_ctx) > 0) {
658 ieee80211_recalc_txpower(sdata); 658 ieee80211_recalc_txpower(sdata, false);
659 ieee80211_recalc_chanctx_min_def(local, new_ctx); 659 ieee80211_recalc_chanctx_min_def(local, new_ctx);
660 } 660 }
661 661
@@ -1387,7 +1387,7 @@ static int ieee80211_vif_use_reserved_switch(struct ieee80211_local *local)
1387 ieee80211_bss_info_change_notify(sdata, 1387 ieee80211_bss_info_change_notify(sdata,
1388 changed); 1388 changed);
1389 1389
1390 ieee80211_recalc_txpower(sdata); 1390 ieee80211_recalc_txpower(sdata, false);
1391 } 1391 }
1392 1392
1393 ieee80211_recalc_chanctx_chantype(local, ctx); 1393 ieee80211_recalc_chanctx_chantype(local, ctx);
diff --git a/net/mac80211/debugfs_key.c b/net/mac80211/debugfs_key.c
index 5523b94c7c90..71ac1b5f4da5 100644
--- a/net/mac80211/debugfs_key.c
+++ b/net/mac80211/debugfs_key.c
@@ -94,17 +94,33 @@ static ssize_t key_tx_spec_read(struct file *file, char __user *userbuf,
94 key->u.tkip.tx.iv16); 94 key->u.tkip.tx.iv16);
95 break; 95 break;
96 case WLAN_CIPHER_SUITE_CCMP: 96 case WLAN_CIPHER_SUITE_CCMP:
97 case WLAN_CIPHER_SUITE_CCMP_256:
97 pn = atomic64_read(&key->u.ccmp.tx_pn); 98 pn = atomic64_read(&key->u.ccmp.tx_pn);
98 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n", 99 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
99 (u8)(pn >> 40), (u8)(pn >> 32), (u8)(pn >> 24), 100 (u8)(pn >> 40), (u8)(pn >> 32), (u8)(pn >> 24),
100 (u8)(pn >> 16), (u8)(pn >> 8), (u8)pn); 101 (u8)(pn >> 16), (u8)(pn >> 8), (u8)pn);
101 break; 102 break;
102 case WLAN_CIPHER_SUITE_AES_CMAC: 103 case WLAN_CIPHER_SUITE_AES_CMAC:
104 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
103 pn = atomic64_read(&key->u.aes_cmac.tx_pn); 105 pn = atomic64_read(&key->u.aes_cmac.tx_pn);
104 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n", 106 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
105 (u8)(pn >> 40), (u8)(pn >> 32), (u8)(pn >> 24), 107 (u8)(pn >> 40), (u8)(pn >> 32), (u8)(pn >> 24),
106 (u8)(pn >> 16), (u8)(pn >> 8), (u8)pn); 108 (u8)(pn >> 16), (u8)(pn >> 8), (u8)pn);
107 break; 109 break;
110 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
111 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
112 pn = atomic64_read(&key->u.aes_gmac.tx_pn);
113 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
114 (u8)(pn >> 40), (u8)(pn >> 32), (u8)(pn >> 24),
115 (u8)(pn >> 16), (u8)(pn >> 8), (u8)pn);
116 break;
117 case WLAN_CIPHER_SUITE_GCMP:
118 case WLAN_CIPHER_SUITE_GCMP_256:
119 pn = atomic64_read(&key->u.gcmp.tx_pn);
120 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
121 (u8)(pn >> 40), (u8)(pn >> 32), (u8)(pn >> 24),
122 (u8)(pn >> 16), (u8)(pn >> 8), (u8)pn);
123 break;
108 default: 124 default:
109 return 0; 125 return 0;
110 } 126 }
@@ -134,6 +150,7 @@ static ssize_t key_rx_spec_read(struct file *file, char __user *userbuf,
134 len = p - buf; 150 len = p - buf;
135 break; 151 break;
136 case WLAN_CIPHER_SUITE_CCMP: 152 case WLAN_CIPHER_SUITE_CCMP:
153 case WLAN_CIPHER_SUITE_CCMP_256:
137 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) { 154 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) {
138 rpn = key->u.ccmp.rx_pn[i]; 155 rpn = key->u.ccmp.rx_pn[i];
139 p += scnprintf(p, sizeof(buf)+buf-p, 156 p += scnprintf(p, sizeof(buf)+buf-p,
@@ -144,6 +161,7 @@ static ssize_t key_rx_spec_read(struct file *file, char __user *userbuf,
144 len = p - buf; 161 len = p - buf;
145 break; 162 break;
146 case WLAN_CIPHER_SUITE_AES_CMAC: 163 case WLAN_CIPHER_SUITE_AES_CMAC:
164 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
147 rpn = key->u.aes_cmac.rx_pn; 165 rpn = key->u.aes_cmac.rx_pn;
148 p += scnprintf(p, sizeof(buf)+buf-p, 166 p += scnprintf(p, sizeof(buf)+buf-p,
149 "%02x%02x%02x%02x%02x%02x\n", 167 "%02x%02x%02x%02x%02x%02x\n",
@@ -151,6 +169,26 @@ static ssize_t key_rx_spec_read(struct file *file, char __user *userbuf,
151 rpn[3], rpn[4], rpn[5]); 169 rpn[3], rpn[4], rpn[5]);
152 len = p - buf; 170 len = p - buf;
153 break; 171 break;
172 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
173 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
174 rpn = key->u.aes_gmac.rx_pn;
175 p += scnprintf(p, sizeof(buf)+buf-p,
176 "%02x%02x%02x%02x%02x%02x\n",
177 rpn[0], rpn[1], rpn[2],
178 rpn[3], rpn[4], rpn[5]);
179 len = p - buf;
180 break;
181 case WLAN_CIPHER_SUITE_GCMP:
182 case WLAN_CIPHER_SUITE_GCMP_256:
183 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) {
184 rpn = key->u.gcmp.rx_pn[i];
185 p += scnprintf(p, sizeof(buf)+buf-p,
186 "%02x%02x%02x%02x%02x%02x\n",
187 rpn[0], rpn[1], rpn[2],
188 rpn[3], rpn[4], rpn[5]);
189 }
190 len = p - buf;
191 break;
154 default: 192 default:
155 return 0; 193 return 0;
156 } 194 }
@@ -167,12 +205,23 @@ static ssize_t key_replays_read(struct file *file, char __user *userbuf,
167 205
168 switch (key->conf.cipher) { 206 switch (key->conf.cipher) {
169 case WLAN_CIPHER_SUITE_CCMP: 207 case WLAN_CIPHER_SUITE_CCMP:
208 case WLAN_CIPHER_SUITE_CCMP_256:
170 len = scnprintf(buf, sizeof(buf), "%u\n", key->u.ccmp.replays); 209 len = scnprintf(buf, sizeof(buf), "%u\n", key->u.ccmp.replays);
171 break; 210 break;
172 case WLAN_CIPHER_SUITE_AES_CMAC: 211 case WLAN_CIPHER_SUITE_AES_CMAC:
212 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
173 len = scnprintf(buf, sizeof(buf), "%u\n", 213 len = scnprintf(buf, sizeof(buf), "%u\n",
174 key->u.aes_cmac.replays); 214 key->u.aes_cmac.replays);
175 break; 215 break;
216 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
217 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
218 len = scnprintf(buf, sizeof(buf), "%u\n",
219 key->u.aes_gmac.replays);
220 break;
221 case WLAN_CIPHER_SUITE_GCMP:
222 case WLAN_CIPHER_SUITE_GCMP_256:
223 len = scnprintf(buf, sizeof(buf), "%u\n", key->u.gcmp.replays);
224 break;
176 default: 225 default:
177 return 0; 226 return 0;
178 } 227 }
@@ -189,9 +238,15 @@ static ssize_t key_icverrors_read(struct file *file, char __user *userbuf,
189 238
190 switch (key->conf.cipher) { 239 switch (key->conf.cipher) {
191 case WLAN_CIPHER_SUITE_AES_CMAC: 240 case WLAN_CIPHER_SUITE_AES_CMAC:
241 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
192 len = scnprintf(buf, sizeof(buf), "%u\n", 242 len = scnprintf(buf, sizeof(buf), "%u\n",
193 key->u.aes_cmac.icverrors); 243 key->u.aes_cmac.icverrors);
194 break; 244 break;
245 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
246 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
247 len = scnprintf(buf, sizeof(buf), "%u\n",
248 key->u.aes_gmac.icverrors);
249 break;
195 default: 250 default:
196 return 0; 251 return 0;
197 } 252 }
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index 156ea79e0157..3afe36824703 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -1621,7 +1621,8 @@ int ieee80211_add_virtual_monitor(struct ieee80211_local *local);
1621void ieee80211_del_virtual_monitor(struct ieee80211_local *local); 1621void ieee80211_del_virtual_monitor(struct ieee80211_local *local);
1622 1622
1623bool __ieee80211_recalc_txpower(struct ieee80211_sub_if_data *sdata); 1623bool __ieee80211_recalc_txpower(struct ieee80211_sub_if_data *sdata);
1624void ieee80211_recalc_txpower(struct ieee80211_sub_if_data *sdata); 1624void ieee80211_recalc_txpower(struct ieee80211_sub_if_data *sdata,
1625 bool update_bss);
1625 1626
1626static inline bool ieee80211_sdata_running(struct ieee80211_sub_if_data *sdata) 1627static inline bool ieee80211_sdata_running(struct ieee80211_sub_if_data *sdata)
1627{ 1628{
@@ -1751,7 +1752,8 @@ static inline int __ieee80211_resume(struct ieee80211_hw *hw)
1751{ 1752{
1752 struct ieee80211_local *local = hw_to_local(hw); 1753 struct ieee80211_local *local = hw_to_local(hw);
1753 1754
1754 WARN(test_bit(SCAN_HW_SCANNING, &local->scanning), 1755 WARN(test_bit(SCAN_HW_SCANNING, &local->scanning) &&
1756 !test_bit(SCAN_COMPLETED, &local->scanning),
1755 "%s: resume with hardware scan still in progress\n", 1757 "%s: resume with hardware scan still in progress\n",
1756 wiphy_name(hw->wiphy)); 1758 wiphy_name(hw->wiphy));
1757 1759
@@ -1885,6 +1887,36 @@ void __ieee80211_flush_queues(struct ieee80211_local *local,
1885 struct ieee80211_sub_if_data *sdata, 1887 struct ieee80211_sub_if_data *sdata,
1886 unsigned int queues, bool drop); 1888 unsigned int queues, bool drop);
1887 1889
1890static inline bool ieee80211_can_run_worker(struct ieee80211_local *local)
1891{
1892 /*
1893 * If quiescing is set, we are racing with __ieee80211_suspend.
1894 * __ieee80211_suspend flushes the workers after setting quiescing,
1895 * and we check quiescing / suspended before enqueing new workers.
1896 * We should abort the worker to avoid the races below.
1897 */
1898 if (local->quiescing)
1899 return false;
1900
1901 /*
1902 * We might already be suspended if the following scenario occurs:
1903 * __ieee80211_suspend Control path
1904 *
1905 * if (local->quiescing)
1906 * return;
1907 * local->quiescing = true;
1908 * flush_workqueue();
1909 * queue_work(...);
1910 * local->suspended = true;
1911 * local->quiescing = false;
1912 * worker starts running...
1913 */
1914 if (local->suspended)
1915 return false;
1916
1917 return true;
1918}
1919
1888void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata, 1920void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
1889 u16 transaction, u16 auth_alg, u16 status, 1921 u16 transaction, u16 auth_alg, u16 status,
1890 const u8 *extra, size_t extra_len, const u8 *bssid, 1922 const u8 *extra, size_t extra_len, const u8 *bssid,
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index 677422e11e07..81a27516813e 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -73,9 +73,10 @@ bool __ieee80211_recalc_txpower(struct ieee80211_sub_if_data *sdata)
73 return false; 73 return false;
74} 74}
75 75
76void ieee80211_recalc_txpower(struct ieee80211_sub_if_data *sdata) 76void ieee80211_recalc_txpower(struct ieee80211_sub_if_data *sdata,
77 bool update_bss)
77{ 78{
78 if (__ieee80211_recalc_txpower(sdata)) 79 if (__ieee80211_recalc_txpower(sdata) || update_bss)
79 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_TXPOWER); 80 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_TXPOWER);
80} 81}
81 82
@@ -1169,12 +1170,7 @@ static void ieee80211_iface_work(struct work_struct *work)
1169 if (local->scanning) 1170 if (local->scanning)
1170 return; 1171 return;
1171 1172
1172 /* 1173 if (!ieee80211_can_run_worker(local))
1173 * ieee80211_queue_work() should have picked up most cases,
1174 * here we'll pick the rest.
1175 */
1176 if (WARN(local->suspended,
1177 "interface work scheduled while going to suspend\n"))
1178 return; 1174 return;
1179 1175
1180 /* first process frames */ 1176 /* first process frames */
diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index f8d9f0ee59bf..0825d76edcfc 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -24,6 +24,8 @@
24#include "debugfs_key.h" 24#include "debugfs_key.h"
25#include "aes_ccm.h" 25#include "aes_ccm.h"
26#include "aes_cmac.h" 26#include "aes_cmac.h"
27#include "aes_gmac.h"
28#include "aes_gcm.h"
27 29
28 30
29/** 31/**
@@ -90,7 +92,7 @@ static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
90{ 92{
91 struct ieee80211_sub_if_data *sdata; 93 struct ieee80211_sub_if_data *sdata;
92 struct sta_info *sta; 94 struct sta_info *sta;
93 int ret; 95 int ret = -EOPNOTSUPP;
94 96
95 might_sleep(); 97 might_sleep();
96 98
@@ -150,7 +152,7 @@ static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
150 return 0; 152 return 0;
151 } 153 }
152 154
153 if (ret != -ENOSPC && ret != -EOPNOTSUPP) 155 if (ret != -ENOSPC && ret != -EOPNOTSUPP && ret != 1)
154 sdata_err(sdata, 156 sdata_err(sdata,
155 "failed to set key (%d, %pM) to hardware (%d)\n", 157 "failed to set key (%d, %pM) to hardware (%d)\n",
156 key->conf.keyidx, 158 key->conf.keyidx,
@@ -162,8 +164,18 @@ static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
162 case WLAN_CIPHER_SUITE_WEP104: 164 case WLAN_CIPHER_SUITE_WEP104:
163 case WLAN_CIPHER_SUITE_TKIP: 165 case WLAN_CIPHER_SUITE_TKIP:
164 case WLAN_CIPHER_SUITE_CCMP: 166 case WLAN_CIPHER_SUITE_CCMP:
167 case WLAN_CIPHER_SUITE_CCMP_256:
165 case WLAN_CIPHER_SUITE_AES_CMAC: 168 case WLAN_CIPHER_SUITE_AES_CMAC:
166 /* all of these we can do in software */ 169 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
170 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
171 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
172 case WLAN_CIPHER_SUITE_GCMP:
173 case WLAN_CIPHER_SUITE_GCMP_256:
174 /* all of these we can do in software - if driver can */
175 if (ret == 1)
176 return 0;
177 if (key->local->hw.flags & IEEE80211_HW_SW_CRYPTO_CONTROL)
178 return -EINVAL;
167 return 0; 179 return 0;
168 default: 180 default:
169 return -EINVAL; 181 return -EINVAL;
@@ -382,7 +394,26 @@ ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
382 * Initialize AES key state here as an optimization so that 394 * Initialize AES key state here as an optimization so that
383 * it does not need to be initialized for every packet. 395 * it does not need to be initialized for every packet.
384 */ 396 */
385 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(key_data); 397 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
398 key_data, key_len, IEEE80211_CCMP_MIC_LEN);
399 if (IS_ERR(key->u.ccmp.tfm)) {
400 err = PTR_ERR(key->u.ccmp.tfm);
401 kfree(key);
402 return ERR_PTR(err);
403 }
404 break;
405 case WLAN_CIPHER_SUITE_CCMP_256:
406 key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN;
407 key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN;
408 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
409 for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++)
410 key->u.ccmp.rx_pn[i][j] =
411 seq[IEEE80211_CCMP_256_PN_LEN - j - 1];
412 /* Initialize AES key state here as an optimization so that
413 * it does not need to be initialized for every packet.
414 */
415 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
416 key_data, key_len, IEEE80211_CCMP_256_MIC_LEN);
386 if (IS_ERR(key->u.ccmp.tfm)) { 417 if (IS_ERR(key->u.ccmp.tfm)) {
387 err = PTR_ERR(key->u.ccmp.tfm); 418 err = PTR_ERR(key->u.ccmp.tfm);
388 kfree(key); 419 kfree(key);
@@ -390,8 +421,12 @@ ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
390 } 421 }
391 break; 422 break;
392 case WLAN_CIPHER_SUITE_AES_CMAC: 423 case WLAN_CIPHER_SUITE_AES_CMAC:
424 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
393 key->conf.iv_len = 0; 425 key->conf.iv_len = 0;
394 key->conf.icv_len = sizeof(struct ieee80211_mmie); 426 if (cipher == WLAN_CIPHER_SUITE_AES_CMAC)
427 key->conf.icv_len = sizeof(struct ieee80211_mmie);
428 else
429 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
395 if (seq) 430 if (seq)
396 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++) 431 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
397 key->u.aes_cmac.rx_pn[j] = 432 key->u.aes_cmac.rx_pn[j] =
@@ -401,13 +436,51 @@ ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
401 * it does not need to be initialized for every packet. 436 * it does not need to be initialized for every packet.
402 */ 437 */
403 key->u.aes_cmac.tfm = 438 key->u.aes_cmac.tfm =
404 ieee80211_aes_cmac_key_setup(key_data); 439 ieee80211_aes_cmac_key_setup(key_data, key_len);
405 if (IS_ERR(key->u.aes_cmac.tfm)) { 440 if (IS_ERR(key->u.aes_cmac.tfm)) {
406 err = PTR_ERR(key->u.aes_cmac.tfm); 441 err = PTR_ERR(key->u.aes_cmac.tfm);
407 kfree(key); 442 kfree(key);
408 return ERR_PTR(err); 443 return ERR_PTR(err);
409 } 444 }
410 break; 445 break;
446 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
447 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
448 key->conf.iv_len = 0;
449 key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
450 if (seq)
451 for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++)
452 key->u.aes_gmac.rx_pn[j] =
453 seq[IEEE80211_GMAC_PN_LEN - j - 1];
454 /* Initialize AES key state here as an optimization so that
455 * it does not need to be initialized for every packet.
456 */
457 key->u.aes_gmac.tfm =
458 ieee80211_aes_gmac_key_setup(key_data, key_len);
459 if (IS_ERR(key->u.aes_gmac.tfm)) {
460 err = PTR_ERR(key->u.aes_gmac.tfm);
461 kfree(key);
462 return ERR_PTR(err);
463 }
464 break;
465 case WLAN_CIPHER_SUITE_GCMP:
466 case WLAN_CIPHER_SUITE_GCMP_256:
467 key->conf.iv_len = IEEE80211_GCMP_HDR_LEN;
468 key->conf.icv_len = IEEE80211_GCMP_MIC_LEN;
469 for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
470 for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++)
471 key->u.gcmp.rx_pn[i][j] =
472 seq[IEEE80211_GCMP_PN_LEN - j - 1];
473 /* Initialize AES key state here as an optimization so that
474 * it does not need to be initialized for every packet.
475 */
476 key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data,
477 key_len);
478 if (IS_ERR(key->u.gcmp.tfm)) {
479 err = PTR_ERR(key->u.gcmp.tfm);
480 kfree(key);
481 return ERR_PTR(err);
482 }
483 break;
411 default: 484 default:
412 if (cs) { 485 if (cs) {
413 size_t len = (seq_len > MAX_PN_LEN) ? 486 size_t len = (seq_len > MAX_PN_LEN) ?
@@ -429,10 +502,24 @@ ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
429 502
430static void ieee80211_key_free_common(struct ieee80211_key *key) 503static void ieee80211_key_free_common(struct ieee80211_key *key)
431{ 504{
432 if (key->conf.cipher == WLAN_CIPHER_SUITE_CCMP) 505 switch (key->conf.cipher) {
506 case WLAN_CIPHER_SUITE_CCMP:
507 case WLAN_CIPHER_SUITE_CCMP_256:
433 ieee80211_aes_key_free(key->u.ccmp.tfm); 508 ieee80211_aes_key_free(key->u.ccmp.tfm);
434 if (key->conf.cipher == WLAN_CIPHER_SUITE_AES_CMAC) 509 break;
510 case WLAN_CIPHER_SUITE_AES_CMAC:
511 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
435 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm); 512 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
513 break;
514 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
515 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
516 ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm);
517 break;
518 case WLAN_CIPHER_SUITE_GCMP:
519 case WLAN_CIPHER_SUITE_GCMP_256:
520 ieee80211_aes_gcm_key_free(key->u.gcmp.tfm);
521 break;
522 }
436 kzfree(key); 523 kzfree(key);
437} 524}
438 525
@@ -739,6 +826,7 @@ void ieee80211_get_key_tx_seq(struct ieee80211_key_conf *keyconf,
739 seq->tkip.iv16 = key->u.tkip.tx.iv16; 826 seq->tkip.iv16 = key->u.tkip.tx.iv16;
740 break; 827 break;
741 case WLAN_CIPHER_SUITE_CCMP: 828 case WLAN_CIPHER_SUITE_CCMP:
829 case WLAN_CIPHER_SUITE_CCMP_256:
742 pn64 = atomic64_read(&key->u.ccmp.tx_pn); 830 pn64 = atomic64_read(&key->u.ccmp.tx_pn);
743 seq->ccmp.pn[5] = pn64; 831 seq->ccmp.pn[5] = pn64;
744 seq->ccmp.pn[4] = pn64 >> 8; 832 seq->ccmp.pn[4] = pn64 >> 8;
@@ -748,6 +836,7 @@ void ieee80211_get_key_tx_seq(struct ieee80211_key_conf *keyconf,
748 seq->ccmp.pn[0] = pn64 >> 40; 836 seq->ccmp.pn[0] = pn64 >> 40;
749 break; 837 break;
750 case WLAN_CIPHER_SUITE_AES_CMAC: 838 case WLAN_CIPHER_SUITE_AES_CMAC:
839 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
751 pn64 = atomic64_read(&key->u.aes_cmac.tx_pn); 840 pn64 = atomic64_read(&key->u.aes_cmac.tx_pn);
752 seq->ccmp.pn[5] = pn64; 841 seq->ccmp.pn[5] = pn64;
753 seq->ccmp.pn[4] = pn64 >> 8; 842 seq->ccmp.pn[4] = pn64 >> 8;
@@ -756,6 +845,26 @@ void ieee80211_get_key_tx_seq(struct ieee80211_key_conf *keyconf,
756 seq->ccmp.pn[1] = pn64 >> 32; 845 seq->ccmp.pn[1] = pn64 >> 32;
757 seq->ccmp.pn[0] = pn64 >> 40; 846 seq->ccmp.pn[0] = pn64 >> 40;
758 break; 847 break;
848 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
849 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
850 pn64 = atomic64_read(&key->u.aes_gmac.tx_pn);
851 seq->ccmp.pn[5] = pn64;
852 seq->ccmp.pn[4] = pn64 >> 8;
853 seq->ccmp.pn[3] = pn64 >> 16;
854 seq->ccmp.pn[2] = pn64 >> 24;
855 seq->ccmp.pn[1] = pn64 >> 32;
856 seq->ccmp.pn[0] = pn64 >> 40;
857 break;
858 case WLAN_CIPHER_SUITE_GCMP:
859 case WLAN_CIPHER_SUITE_GCMP_256:
860 pn64 = atomic64_read(&key->u.gcmp.tx_pn);
861 seq->gcmp.pn[5] = pn64;
862 seq->gcmp.pn[4] = pn64 >> 8;
863 seq->gcmp.pn[3] = pn64 >> 16;
864 seq->gcmp.pn[2] = pn64 >> 24;
865 seq->gcmp.pn[1] = pn64 >> 32;
866 seq->gcmp.pn[0] = pn64 >> 40;
867 break;
759 default: 868 default:
760 WARN_ON(1); 869 WARN_ON(1);
761 } 870 }
@@ -778,6 +887,7 @@ void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
778 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16; 887 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
779 break; 888 break;
780 case WLAN_CIPHER_SUITE_CCMP: 889 case WLAN_CIPHER_SUITE_CCMP:
890 case WLAN_CIPHER_SUITE_CCMP_256:
781 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 891 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
782 return; 892 return;
783 if (tid < 0) 893 if (tid < 0)
@@ -787,11 +897,29 @@ void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
787 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN); 897 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
788 break; 898 break;
789 case WLAN_CIPHER_SUITE_AES_CMAC: 899 case WLAN_CIPHER_SUITE_AES_CMAC:
900 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
790 if (WARN_ON(tid != 0)) 901 if (WARN_ON(tid != 0))
791 return; 902 return;
792 pn = key->u.aes_cmac.rx_pn; 903 pn = key->u.aes_cmac.rx_pn;
793 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN); 904 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
794 break; 905 break;
906 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
907 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
908 if (WARN_ON(tid != 0))
909 return;
910 pn = key->u.aes_gmac.rx_pn;
911 memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN);
912 break;
913 case WLAN_CIPHER_SUITE_GCMP:
914 case WLAN_CIPHER_SUITE_GCMP_256:
915 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
916 return;
917 if (tid < 0)
918 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
919 else
920 pn = key->u.gcmp.rx_pn[tid];
921 memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN);
922 break;
795 } 923 }
796} 924}
797EXPORT_SYMBOL(ieee80211_get_key_rx_seq); 925EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
@@ -810,6 +938,7 @@ void ieee80211_set_key_tx_seq(struct ieee80211_key_conf *keyconf,
810 key->u.tkip.tx.iv16 = seq->tkip.iv16; 938 key->u.tkip.tx.iv16 = seq->tkip.iv16;
811 break; 939 break;
812 case WLAN_CIPHER_SUITE_CCMP: 940 case WLAN_CIPHER_SUITE_CCMP:
941 case WLAN_CIPHER_SUITE_CCMP_256:
813 pn64 = (u64)seq->ccmp.pn[5] | 942 pn64 = (u64)seq->ccmp.pn[5] |
814 ((u64)seq->ccmp.pn[4] << 8) | 943 ((u64)seq->ccmp.pn[4] << 8) |
815 ((u64)seq->ccmp.pn[3] << 16) | 944 ((u64)seq->ccmp.pn[3] << 16) |
@@ -819,6 +948,7 @@ void ieee80211_set_key_tx_seq(struct ieee80211_key_conf *keyconf,
819 atomic64_set(&key->u.ccmp.tx_pn, pn64); 948 atomic64_set(&key->u.ccmp.tx_pn, pn64);
820 break; 949 break;
821 case WLAN_CIPHER_SUITE_AES_CMAC: 950 case WLAN_CIPHER_SUITE_AES_CMAC:
951 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
822 pn64 = (u64)seq->aes_cmac.pn[5] | 952 pn64 = (u64)seq->aes_cmac.pn[5] |
823 ((u64)seq->aes_cmac.pn[4] << 8) | 953 ((u64)seq->aes_cmac.pn[4] << 8) |
824 ((u64)seq->aes_cmac.pn[3] << 16) | 954 ((u64)seq->aes_cmac.pn[3] << 16) |
@@ -827,6 +957,26 @@ void ieee80211_set_key_tx_seq(struct ieee80211_key_conf *keyconf,
827 ((u64)seq->aes_cmac.pn[0] << 40); 957 ((u64)seq->aes_cmac.pn[0] << 40);
828 atomic64_set(&key->u.aes_cmac.tx_pn, pn64); 958 atomic64_set(&key->u.aes_cmac.tx_pn, pn64);
829 break; 959 break;
960 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
961 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
962 pn64 = (u64)seq->aes_gmac.pn[5] |
963 ((u64)seq->aes_gmac.pn[4] << 8) |
964 ((u64)seq->aes_gmac.pn[3] << 16) |
965 ((u64)seq->aes_gmac.pn[2] << 24) |
966 ((u64)seq->aes_gmac.pn[1] << 32) |
967 ((u64)seq->aes_gmac.pn[0] << 40);
968 atomic64_set(&key->u.aes_gmac.tx_pn, pn64);
969 break;
970 case WLAN_CIPHER_SUITE_GCMP:
971 case WLAN_CIPHER_SUITE_GCMP_256:
972 pn64 = (u64)seq->gcmp.pn[5] |
973 ((u64)seq->gcmp.pn[4] << 8) |
974 ((u64)seq->gcmp.pn[3] << 16) |
975 ((u64)seq->gcmp.pn[2] << 24) |
976 ((u64)seq->gcmp.pn[1] << 32) |
977 ((u64)seq->gcmp.pn[0] << 40);
978 atomic64_set(&key->u.gcmp.tx_pn, pn64);
979 break;
830 default: 980 default:
831 WARN_ON(1); 981 WARN_ON(1);
832 break; 982 break;
@@ -850,6 +1000,7 @@ void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
850 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16; 1000 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
851 break; 1001 break;
852 case WLAN_CIPHER_SUITE_CCMP: 1002 case WLAN_CIPHER_SUITE_CCMP:
1003 case WLAN_CIPHER_SUITE_CCMP_256:
853 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS)) 1004 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
854 return; 1005 return;
855 if (tid < 0) 1006 if (tid < 0)
@@ -859,11 +1010,29 @@ void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
859 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN); 1010 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
860 break; 1011 break;
861 case WLAN_CIPHER_SUITE_AES_CMAC: 1012 case WLAN_CIPHER_SUITE_AES_CMAC:
1013 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
862 if (WARN_ON(tid != 0)) 1014 if (WARN_ON(tid != 0))
863 return; 1015 return;
864 pn = key->u.aes_cmac.rx_pn; 1016 pn = key->u.aes_cmac.rx_pn;
865 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN); 1017 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
866 break; 1018 break;
1019 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1020 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1021 if (WARN_ON(tid != 0))
1022 return;
1023 pn = key->u.aes_gmac.rx_pn;
1024 memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN);
1025 break;
1026 case WLAN_CIPHER_SUITE_GCMP:
1027 case WLAN_CIPHER_SUITE_GCMP_256:
1028 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1029 return;
1030 if (tid < 0)
1031 pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1032 else
1033 pn = key->u.gcmp.rx_pn[tid];
1034 memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN);
1035 break;
867 default: 1036 default:
868 WARN_ON(1); 1037 WARN_ON(1);
869 break; 1038 break;
diff --git a/net/mac80211/key.h b/net/mac80211/key.h
index 19db68663d75..d57a9915494f 100644
--- a/net/mac80211/key.h
+++ b/net/mac80211/key.h
@@ -95,6 +95,24 @@ struct ieee80211_key {
95 u32 icverrors; /* dot11RSNAStatsCMACICVErrors */ 95 u32 icverrors; /* dot11RSNAStatsCMACICVErrors */
96 } aes_cmac; 96 } aes_cmac;
97 struct { 97 struct {
98 atomic64_t tx_pn;
99 u8 rx_pn[IEEE80211_GMAC_PN_LEN];
100 struct crypto_aead *tfm;
101 u32 replays; /* dot11RSNAStatsCMACReplays */
102 u32 icverrors; /* dot11RSNAStatsCMACICVErrors */
103 } aes_gmac;
104 struct {
105 atomic64_t tx_pn;
106 /* Last received packet number. The first
107 * IEEE80211_NUM_TIDS counters are used with Data
108 * frames and the last counter is used with Robust
109 * Management frames.
110 */
111 u8 rx_pn[IEEE80211_NUM_TIDS + 1][IEEE80211_GCMP_PN_LEN];
112 struct crypto_aead *tfm;
113 u32 replays; /* dot11RSNAStatsGCMPReplays */
114 } gcmp;
115 struct {
98 /* generic cipher scheme */ 116 /* generic cipher scheme */
99 u8 rx_pn[IEEE80211_NUM_TIDS + 1][MAX_PN_LEN]; 117 u8 rx_pn[IEEE80211_NUM_TIDS + 1][MAX_PN_LEN];
100 } gen; 118 } gen;
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index d9ce33663c73..5e09d354c5a5 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -658,7 +658,6 @@ static int ieee80211_init_cipher_suites(struct ieee80211_local *local)
658 bool have_wep = !(IS_ERR(local->wep_tx_tfm) || 658 bool have_wep = !(IS_ERR(local->wep_tx_tfm) ||
659 IS_ERR(local->wep_rx_tfm)); 659 IS_ERR(local->wep_rx_tfm));
660 bool have_mfp = local->hw.flags & IEEE80211_HW_MFP_CAPABLE; 660 bool have_mfp = local->hw.flags & IEEE80211_HW_MFP_CAPABLE;
661 const struct ieee80211_cipher_scheme *cs = local->hw.cipher_schemes;
662 int n_suites = 0, r = 0, w = 0; 661 int n_suites = 0, r = 0, w = 0;
663 u32 *suites; 662 u32 *suites;
664 static const u32 cipher_suites[] = { 663 static const u32 cipher_suites[] = {
@@ -667,79 +666,109 @@ static int ieee80211_init_cipher_suites(struct ieee80211_local *local)
667 WLAN_CIPHER_SUITE_WEP104, 666 WLAN_CIPHER_SUITE_WEP104,
668 WLAN_CIPHER_SUITE_TKIP, 667 WLAN_CIPHER_SUITE_TKIP,
669 WLAN_CIPHER_SUITE_CCMP, 668 WLAN_CIPHER_SUITE_CCMP,
669 WLAN_CIPHER_SUITE_CCMP_256,
670 WLAN_CIPHER_SUITE_GCMP,
671 WLAN_CIPHER_SUITE_GCMP_256,
670 672
671 /* keep last -- depends on hw flags! */ 673 /* keep last -- depends on hw flags! */
672 WLAN_CIPHER_SUITE_AES_CMAC 674 WLAN_CIPHER_SUITE_AES_CMAC,
675 WLAN_CIPHER_SUITE_BIP_CMAC_256,
676 WLAN_CIPHER_SUITE_BIP_GMAC_128,
677 WLAN_CIPHER_SUITE_BIP_GMAC_256,
673 }; 678 };
674 679
675 /* Driver specifies the ciphers, we have nothing to do... */ 680 if (local->hw.flags & IEEE80211_HW_SW_CRYPTO_CONTROL ||
676 if (local->hw.wiphy->cipher_suites && have_wep) 681 local->hw.wiphy->cipher_suites) {
677 return 0; 682 /* If the driver advertises, or doesn't support SW crypto,
683 * we only need to remove WEP if necessary.
684 */
685 if (have_wep)
686 return 0;
687
688 /* well if it has _no_ ciphers ... fine */
689 if (!local->hw.wiphy->n_cipher_suites)
690 return 0;
691
692 /* Driver provides cipher suites, but we need to exclude WEP */
693 suites = kmemdup(local->hw.wiphy->cipher_suites,
694 sizeof(u32) * local->hw.wiphy->n_cipher_suites,
695 GFP_KERNEL);
696 if (!suites)
697 return -ENOMEM;
698
699 for (r = 0; r < local->hw.wiphy->n_cipher_suites; r++) {
700 u32 suite = local->hw.wiphy->cipher_suites[r];
678 701
679 /* Set up cipher suites if driver relies on mac80211 cipher defs */ 702 if (suite == WLAN_CIPHER_SUITE_WEP40 ||
680 if (!local->hw.wiphy->cipher_suites && !cs) { 703 suite == WLAN_CIPHER_SUITE_WEP104)
704 continue;
705 suites[w++] = suite;
706 }
707 } else if (!local->hw.cipher_schemes) {
708 /* If the driver doesn't have cipher schemes, there's nothing
709 * else to do other than assign the (software supported and
710 * perhaps offloaded) cipher suites.
711 */
681 local->hw.wiphy->cipher_suites = cipher_suites; 712 local->hw.wiphy->cipher_suites = cipher_suites;
682 local->hw.wiphy->n_cipher_suites = ARRAY_SIZE(cipher_suites); 713 local->hw.wiphy->n_cipher_suites = ARRAY_SIZE(cipher_suites);
683 714
684 if (!have_mfp) 715 if (!have_mfp)
685 local->hw.wiphy->n_cipher_suites--; 716 local->hw.wiphy->n_cipher_suites -= 4;
686 717
687 if (!have_wep) { 718 if (!have_wep) {
688 local->hw.wiphy->cipher_suites += 2; 719 local->hw.wiphy->cipher_suites += 2;
689 local->hw.wiphy->n_cipher_suites -= 2; 720 local->hw.wiphy->n_cipher_suites -= 2;
690 } 721 }
691 722
723 /* not dynamically allocated, so just return */
692 return 0; 724 return 0;
693 } 725 } else {
726 const struct ieee80211_cipher_scheme *cs;
694 727
695 if (!local->hw.wiphy->cipher_suites) { 728 cs = local->hw.cipher_schemes;
696 /* 729
697 * Driver specifies cipher schemes only 730 /* Driver specifies cipher schemes only (but not cipher suites
698 * We start counting ciphers defined by schemes, TKIP and CCMP 731 * including the schemes)
732 *
733 * We start counting ciphers defined by schemes, TKIP, CCMP,
734 * CCMP-256, GCMP, and GCMP-256
699 */ 735 */
700 n_suites = local->hw.n_cipher_schemes + 2; 736 n_suites = local->hw.n_cipher_schemes + 5;
701 737
702 /* check if we have WEP40 and WEP104 */ 738 /* check if we have WEP40 and WEP104 */
703 if (have_wep) 739 if (have_wep)
704 n_suites += 2; 740 n_suites += 2;
705 741
706 /* check if we have AES_CMAC */ 742 /* check if we have AES_CMAC, BIP-CMAC-256, BIP-GMAC-128,
743 * BIP-GMAC-256
744 */
707 if (have_mfp) 745 if (have_mfp)
708 n_suites++; 746 n_suites += 4;
709 747
710 suites = kmalloc(sizeof(u32) * n_suites, GFP_KERNEL); 748 suites = kmalloc(sizeof(u32) * n_suites, GFP_KERNEL);
711 if (!suites) 749 if (!suites)
712 return -ENOMEM; 750 return -ENOMEM;
713 751
714 suites[w++] = WLAN_CIPHER_SUITE_CCMP; 752 suites[w++] = WLAN_CIPHER_SUITE_CCMP;
753 suites[w++] = WLAN_CIPHER_SUITE_CCMP_256;
715 suites[w++] = WLAN_CIPHER_SUITE_TKIP; 754 suites[w++] = WLAN_CIPHER_SUITE_TKIP;
755 suites[w++] = WLAN_CIPHER_SUITE_GCMP;
756 suites[w++] = WLAN_CIPHER_SUITE_GCMP_256;
716 757
717 if (have_wep) { 758 if (have_wep) {
718 suites[w++] = WLAN_CIPHER_SUITE_WEP40; 759 suites[w++] = WLAN_CIPHER_SUITE_WEP40;
719 suites[w++] = WLAN_CIPHER_SUITE_WEP104; 760 suites[w++] = WLAN_CIPHER_SUITE_WEP104;
720 } 761 }
721 762
722 if (have_mfp) 763 if (have_mfp) {
723 suites[w++] = WLAN_CIPHER_SUITE_AES_CMAC; 764 suites[w++] = WLAN_CIPHER_SUITE_AES_CMAC;
765 suites[w++] = WLAN_CIPHER_SUITE_BIP_CMAC_256;
766 suites[w++] = WLAN_CIPHER_SUITE_BIP_GMAC_128;
767 suites[w++] = WLAN_CIPHER_SUITE_BIP_GMAC_256;
768 }
724 769
725 for (r = 0; r < local->hw.n_cipher_schemes; r++) 770 for (r = 0; r < local->hw.n_cipher_schemes; r++)
726 suites[w++] = cs[r].cipher; 771 suites[w++] = cs[r].cipher;
727 } else {
728 /* Driver provides cipher suites, but we need to exclude WEP */
729 suites = kmemdup(local->hw.wiphy->cipher_suites,
730 sizeof(u32) * local->hw.wiphy->n_cipher_suites,
731 GFP_KERNEL);
732 if (!suites)
733 return -ENOMEM;
734
735 for (r = 0; r < local->hw.wiphy->n_cipher_suites; r++) {
736 u32 suite = local->hw.wiphy->cipher_suites[r];
737
738 if (suite == WLAN_CIPHER_SUITE_WEP40 ||
739 suite == WLAN_CIPHER_SUITE_WEP104)
740 continue;
741 suites[w++] = suite;
742 }
743 } 772 }
744 773
745 local->hw.wiphy->cipher_suites = suites; 774 local->hw.wiphy->cipher_suites = suites;
@@ -1041,10 +1070,8 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
1041 ieee80211_max_network_latency; 1070 ieee80211_max_network_latency;
1042 result = pm_qos_add_notifier(PM_QOS_NETWORK_LATENCY, 1071 result = pm_qos_add_notifier(PM_QOS_NETWORK_LATENCY,
1043 &local->network_latency_notifier); 1072 &local->network_latency_notifier);
1044 if (result) { 1073 if (result)
1045 rtnl_lock();
1046 goto fail_pm_qos; 1074 goto fail_pm_qos;
1047 }
1048 1075
1049#ifdef CONFIG_INET 1076#ifdef CONFIG_INET
1050 local->ifa_notifier.notifier_call = ieee80211_ifa_changed; 1077 local->ifa_notifier.notifier_call = ieee80211_ifa_changed;
@@ -1072,15 +1099,15 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
1072 fail_ifa: 1099 fail_ifa:
1073 pm_qos_remove_notifier(PM_QOS_NETWORK_LATENCY, 1100 pm_qos_remove_notifier(PM_QOS_NETWORK_LATENCY,
1074 &local->network_latency_notifier); 1101 &local->network_latency_notifier);
1075 rtnl_lock();
1076#endif 1102#endif
1077 fail_pm_qos: 1103 fail_pm_qos:
1078 ieee80211_led_exit(local); 1104 rtnl_lock();
1105 rate_control_deinitialize(local);
1079 ieee80211_remove_interfaces(local); 1106 ieee80211_remove_interfaces(local);
1080 fail_rate: 1107 fail_rate:
1081 rtnl_unlock(); 1108 rtnl_unlock();
1109 ieee80211_led_exit(local);
1082 ieee80211_wep_free(local); 1110 ieee80211_wep_free(local);
1083 sta_info_stop(local);
1084 destroy_workqueue(local->workqueue); 1111 destroy_workqueue(local->workqueue);
1085 fail_workqueue: 1112 fail_workqueue:
1086 wiphy_unregister(local->hw.wiphy); 1113 wiphy_unregister(local->hw.wiphy);
@@ -1176,6 +1203,8 @@ void ieee80211_free_hw(struct ieee80211_hw *hw)
1176 1203
1177 kfree(rcu_access_pointer(local->tx_latency)); 1204 kfree(rcu_access_pointer(local->tx_latency));
1178 1205
1206 sta_info_stop(local);
1207
1179 wiphy_free(local->hw.wiphy); 1208 wiphy_free(local->hw.wiphy);
1180} 1209}
1181EXPORT_SYMBOL(ieee80211_free_hw); 1210EXPORT_SYMBOL(ieee80211_free_hw);
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
index fa94ca15ba95..b488e1859b18 100644
--- a/net/mac80211/mesh_plink.c
+++ b/net/mac80211/mesh_plink.c
@@ -523,13 +523,6 @@ void mesh_neighbour_update(struct ieee80211_sub_if_data *sdata,
523 sdata->u.mesh.mshcfg.auto_open_plinks && 523 sdata->u.mesh.mshcfg.auto_open_plinks &&
524 rssi_threshold_check(sdata, sta)) 524 rssi_threshold_check(sdata, sta))
525 changed = mesh_plink_open(sta); 525 changed = mesh_plink_open(sta);
526 else if (sta->plink_state == NL80211_PLINK_LISTEN &&
527 (sdata->u.mesh.user_mpm ||
528 sdata->u.mesh.security & IEEE80211_MESH_SEC_AUTHED))
529 cfg80211_notify_new_peer_candidate(sdata->dev, hw_addr,
530 elems->ie_start,
531 elems->total_len,
532 GFP_ATOMIC);
533 526
534 ieee80211_mps_frame_release(sta, elems); 527 ieee80211_mps_frame_release(sta, elems);
535out: 528out:
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index c1460e635c7f..10ac6324c1d0 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -2011,6 +2011,9 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
2011 /* disable per-vif ps */ 2011 /* disable per-vif ps */
2012 ieee80211_recalc_ps_vif(sdata); 2012 ieee80211_recalc_ps_vif(sdata);
2013 2013
2014 /* make sure ongoing transmission finishes */
2015 synchronize_net();
2016
2014 /* 2017 /*
2015 * drop any frame before deauth/disassoc, this can be data or 2018 * drop any frame before deauth/disassoc, this can be data or
2016 * management frame. Since we are disconnecting, we should not 2019 * management frame. Since we are disconnecting, we should not
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 9491e8689a9d..1101563357ea 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -647,6 +647,7 @@ static int ieee80211_get_mmie_keyidx(struct sk_buff *skb)
647{ 647{
648 struct ieee80211_mgmt *hdr = (struct ieee80211_mgmt *) skb->data; 648 struct ieee80211_mgmt *hdr = (struct ieee80211_mgmt *) skb->data;
649 struct ieee80211_mmie *mmie; 649 struct ieee80211_mmie *mmie;
650 struct ieee80211_mmie_16 *mmie16;
650 651
651 if (skb->len < 24 + sizeof(*mmie) || !is_multicast_ether_addr(hdr->da)) 652 if (skb->len < 24 + sizeof(*mmie) || !is_multicast_ether_addr(hdr->da))
652 return -1; 653 return -1;
@@ -656,11 +657,18 @@ static int ieee80211_get_mmie_keyidx(struct sk_buff *skb)
656 657
657 mmie = (struct ieee80211_mmie *) 658 mmie = (struct ieee80211_mmie *)
658 (skb->data + skb->len - sizeof(*mmie)); 659 (skb->data + skb->len - sizeof(*mmie));
659 if (mmie->element_id != WLAN_EID_MMIE || 660 if (mmie->element_id == WLAN_EID_MMIE &&
660 mmie->length != sizeof(*mmie) - 2) 661 mmie->length == sizeof(*mmie) - 2)
661 return -1; 662 return le16_to_cpu(mmie->key_id);
662 663
663 return le16_to_cpu(mmie->key_id); 664 mmie16 = (struct ieee80211_mmie_16 *)
665 (skb->data + skb->len - sizeof(*mmie16));
666 if (skb->len >= 24 + sizeof(*mmie16) &&
667 mmie16->element_id == WLAN_EID_MMIE &&
668 mmie16->length == sizeof(*mmie16) - 2)
669 return le16_to_cpu(mmie16->key_id);
670
671 return -1;
664} 672}
665 673
666static int iwl80211_get_cs_keyid(const struct ieee80211_cipher_scheme *cs, 674static int iwl80211_get_cs_keyid(const struct ieee80211_cipher_scheme *cs,
@@ -1650,11 +1658,27 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
1650 result = ieee80211_crypto_tkip_decrypt(rx); 1658 result = ieee80211_crypto_tkip_decrypt(rx);
1651 break; 1659 break;
1652 case WLAN_CIPHER_SUITE_CCMP: 1660 case WLAN_CIPHER_SUITE_CCMP:
1653 result = ieee80211_crypto_ccmp_decrypt(rx); 1661 result = ieee80211_crypto_ccmp_decrypt(
1662 rx, IEEE80211_CCMP_MIC_LEN);
1663 break;
1664 case WLAN_CIPHER_SUITE_CCMP_256:
1665 result = ieee80211_crypto_ccmp_decrypt(
1666 rx, IEEE80211_CCMP_256_MIC_LEN);
1654 break; 1667 break;
1655 case WLAN_CIPHER_SUITE_AES_CMAC: 1668 case WLAN_CIPHER_SUITE_AES_CMAC:
1656 result = ieee80211_crypto_aes_cmac_decrypt(rx); 1669 result = ieee80211_crypto_aes_cmac_decrypt(rx);
1657 break; 1670 break;
1671 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1672 result = ieee80211_crypto_aes_cmac_256_decrypt(rx);
1673 break;
1674 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1675 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1676 result = ieee80211_crypto_aes_gmac_decrypt(rx);
1677 break;
1678 case WLAN_CIPHER_SUITE_GCMP:
1679 case WLAN_CIPHER_SUITE_GCMP_256:
1680 result = ieee80211_crypto_gcmp_decrypt(rx);
1681 break;
1658 default: 1682 default:
1659 result = ieee80211_crypto_hw_decrypt(rx); 1683 result = ieee80211_crypto_hw_decrypt(rx);
1660 } 1684 }
@@ -1781,7 +1805,9 @@ ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx)
1781 /* This is the first fragment of a new frame. */ 1805 /* This is the first fragment of a new frame. */
1782 entry = ieee80211_reassemble_add(rx->sdata, frag, seq, 1806 entry = ieee80211_reassemble_add(rx->sdata, frag, seq,
1783 rx->seqno_idx, &(rx->skb)); 1807 rx->seqno_idx, &(rx->skb));
1784 if (rx->key && rx->key->conf.cipher == WLAN_CIPHER_SUITE_CCMP && 1808 if (rx->key &&
1809 (rx->key->conf.cipher == WLAN_CIPHER_SUITE_CCMP ||
1810 rx->key->conf.cipher == WLAN_CIPHER_SUITE_CCMP_256) &&
1785 ieee80211_has_protected(fc)) { 1811 ieee80211_has_protected(fc)) {
1786 int queue = rx->security_idx; 1812 int queue = rx->security_idx;
1787 /* Store CCMP PN so that we can verify that the next 1813 /* Store CCMP PN so that we can verify that the next
@@ -1810,7 +1836,9 @@ ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx)
1810 int i; 1836 int i;
1811 u8 pn[IEEE80211_CCMP_PN_LEN], *rpn; 1837 u8 pn[IEEE80211_CCMP_PN_LEN], *rpn;
1812 int queue; 1838 int queue;
1813 if (!rx->key || rx->key->conf.cipher != WLAN_CIPHER_SUITE_CCMP) 1839 if (!rx->key ||
1840 (rx->key->conf.cipher != WLAN_CIPHER_SUITE_CCMP &&
1841 rx->key->conf.cipher != WLAN_CIPHER_SUITE_CCMP_256))
1814 return RX_DROP_UNUSABLE; 1842 return RX_DROP_UNUSABLE;
1815 memcpy(pn, entry->last_pn, IEEE80211_CCMP_PN_LEN); 1843 memcpy(pn, entry->last_pn, IEEE80211_CCMP_PN_LEN);
1816 for (i = IEEE80211_CCMP_PN_LEN - 1; i >= 0; i--) { 1844 for (i = IEEE80211_CCMP_PN_LEN - 1; i >= 0; i--) {
@@ -2310,12 +2338,12 @@ ieee80211_rx_h_data(struct ieee80211_rx_data *rx)
2310 return RX_DROP_MONITOR; 2338 return RX_DROP_MONITOR;
2311 2339
2312 if (rx->sta) { 2340 if (rx->sta) {
2313 /* The security index has the same property as needed 2341 /* The seqno index has the same property as needed
2314 * for the rx_msdu field, i.e. it is IEEE80211_NUM_TIDS 2342 * for the rx_msdu field, i.e. it is IEEE80211_NUM_TIDS
2315 * for non-QoS-data frames. Here we know it's a data 2343 * for non-QoS-data frames. Here we know it's a data
2316 * frame, so count MSDUs. 2344 * frame, so count MSDUs.
2317 */ 2345 */
2318 rx->sta->rx_msdu[rx->security_idx]++; 2346 rx->sta->rx_msdu[rx->seqno_idx]++;
2319 } 2347 }
2320 2348
2321 /* 2349 /*
diff --git a/net/mac80211/scan.c b/net/mac80211/scan.c
index 7807fa42ed3f..05f0d711b6d8 100644
--- a/net/mac80211/scan.c
+++ b/net/mac80211/scan.c
@@ -828,6 +828,11 @@ void ieee80211_scan_work(struct work_struct *work)
828 828
829 mutex_lock(&local->mtx); 829 mutex_lock(&local->mtx);
830 830
831 if (!ieee80211_can_run_worker(local)) {
832 aborted = true;
833 goto out_complete;
834 }
835
831 sdata = rcu_dereference_protected(local->scan_sdata, 836 sdata = rcu_dereference_protected(local->scan_sdata,
832 lockdep_is_held(&local->mtx)); 837 lockdep_is_held(&local->mtx));
833 scan_req = rcu_dereference_protected(local->scan_req, 838 scan_req = rcu_dereference_protected(local->scan_req,
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 79383ef0c264..00ca8dcc2bcf 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -1764,6 +1764,13 @@ void sta_set_sinfo(struct sta_info *sta, struct station_info *sinfo)
1764 1764
1765 sinfo->generation = sdata->local->sta_generation; 1765 sinfo->generation = sdata->local->sta_generation;
1766 1766
1767 /* do before driver, so beacon filtering drivers have a
1768 * chance to e.g. just add the number of filtered beacons
1769 * (or just modify the value entirely, of course)
1770 */
1771 if (sdata->vif.type == NL80211_IFTYPE_STATION)
1772 sinfo->rx_beacon = sdata->u.mgd.count_beacon_signal;
1773
1767 drv_sta_statistics(local, sdata, &sta->sta, sinfo); 1774 drv_sta_statistics(local, sdata, &sta->sta, sinfo);
1768 1775
1769 sinfo->filled |= BIT(NL80211_STA_INFO_INACTIVE_TIME) | 1776 sinfo->filled |= BIT(NL80211_STA_INFO_INACTIVE_TIME) |
@@ -1816,6 +1823,13 @@ void sta_set_sinfo(struct sta_info *sta, struct station_info *sinfo)
1816 sinfo->rx_dropped_misc = sta->rx_dropped; 1823 sinfo->rx_dropped_misc = sta->rx_dropped;
1817 sinfo->beacon_loss_count = sta->beacon_loss_count; 1824 sinfo->beacon_loss_count = sta->beacon_loss_count;
1818 1825
1826 if (sdata->vif.type == NL80211_IFTYPE_STATION &&
1827 !(sdata->vif.driver_flags & IEEE80211_VIF_BEACON_FILTER)) {
1828 sinfo->filled |= BIT(NL80211_STA_INFO_BEACON_RX) |
1829 BIT(NL80211_STA_INFO_BEACON_SIGNAL_AVG);
1830 sinfo->rx_beacon_signal_avg = ieee80211_ave_rssi(&sdata->vif);
1831 }
1832
1819 if ((sta->local->hw.flags & IEEE80211_HW_SIGNAL_DBM) || 1833 if ((sta->local->hw.flags & IEEE80211_HW_SIGNAL_DBM) ||
1820 (sta->local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC)) { 1834 (sta->local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC)) {
1821 if (!(sinfo->filled & BIT(NL80211_STA_INFO_SIGNAL))) { 1835 if (!(sinfo->filled & BIT(NL80211_STA_INFO_SIGNAL))) {
diff --git a/net/mac80211/tdls.c b/net/mac80211/tdls.c
index 917088dfd696..c9f9752217ac 100644
--- a/net/mac80211/tdls.c
+++ b/net/mac80211/tdls.c
@@ -345,24 +345,24 @@ ieee80211_tdls_add_setup_start_ies(struct ieee80211_sub_if_data *sdata,
345 */ 345 */
346 sband = local->hw.wiphy->bands[band]; 346 sband = local->hw.wiphy->bands[band];
347 memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap)); 347 memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap));
348 if ((action_code == WLAN_TDLS_SETUP_REQUEST || 348
349 action_code == WLAN_TDLS_SETUP_RESPONSE) && 349 if (action_code == WLAN_TDLS_SETUP_REQUEST && ht_cap.ht_supported) {
350 ht_cap.ht_supported && (!sta || sta->sta.ht_cap.ht_supported)) { 350 ieee80211_apply_htcap_overrides(sdata, &ht_cap);
351 if (action_code == WLAN_TDLS_SETUP_REQUEST) { 351
352 ieee80211_apply_htcap_overrides(sdata, &ht_cap); 352 /* disable SMPS in TDLS initiator */
353 353 ht_cap.cap |= WLAN_HT_CAP_SM_PS_DISABLED
354 /* disable SMPS in TDLS initiator */ 354 << IEEE80211_HT_CAP_SM_PS_SHIFT;
355 ht_cap.cap |= (WLAN_HT_CAP_SM_PS_DISABLED 355
356 << IEEE80211_HT_CAP_SM_PS_SHIFT); 356 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap) + 2);
357 } else { 357 ieee80211_ie_build_ht_cap(pos, &ht_cap, ht_cap.cap);
358 /* disable SMPS in TDLS responder */ 358 } else if (action_code == WLAN_TDLS_SETUP_RESPONSE &&
359 sta->sta.ht_cap.cap |= 359 ht_cap.ht_supported && sta->sta.ht_cap.ht_supported) {
360 (WLAN_HT_CAP_SM_PS_DISABLED 360 /* disable SMPS in TDLS responder */
361 << IEEE80211_HT_CAP_SM_PS_SHIFT); 361 sta->sta.ht_cap.cap |= WLAN_HT_CAP_SM_PS_DISABLED
362 362 << IEEE80211_HT_CAP_SM_PS_SHIFT;
363 /* the peer caps are already intersected with our own */ 363
364 memcpy(&ht_cap, &sta->sta.ht_cap, sizeof(ht_cap)); 364 /* the peer caps are already intersected with our own */
365 } 365 memcpy(&ht_cap, &sta->sta.ht_cap, sizeof(ht_cap));
366 366
367 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap) + 2); 367 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap) + 2);
368 ieee80211_ie_build_ht_cap(pos, &ht_cap, ht_cap.cap); 368 ieee80211_ie_build_ht_cap(pos, &ht_cap, ht_cap.cap);
@@ -852,7 +852,6 @@ ieee80211_tdls_prep_mgmt_packet(struct wiphy *wiphy, struct net_device *dev,
852 */ 852 */
853 if ((action_code == WLAN_TDLS_TEARDOWN) && 853 if ((action_code == WLAN_TDLS_TEARDOWN) &&
854 (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)) { 854 (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)) {
855 struct sta_info *sta = NULL;
856 bool try_resend; /* Should we keep skb for possible resend */ 855 bool try_resend; /* Should we keep skb for possible resend */
857 856
858 /* If not sending directly to peer - no point in keeping skb */ 857 /* If not sending directly to peer - no point in keeping skb */
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 02ed6f60629a..88a18ffe2975 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -626,6 +626,9 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
626 tx->key = NULL; 626 tx->key = NULL;
627 break; 627 break;
628 case WLAN_CIPHER_SUITE_CCMP: 628 case WLAN_CIPHER_SUITE_CCMP:
629 case WLAN_CIPHER_SUITE_CCMP_256:
630 case WLAN_CIPHER_SUITE_GCMP:
631 case WLAN_CIPHER_SUITE_GCMP_256:
629 if (!ieee80211_is_data_present(hdr->frame_control) && 632 if (!ieee80211_is_data_present(hdr->frame_control) &&
630 !ieee80211_use_mfp(hdr->frame_control, tx->sta, 633 !ieee80211_use_mfp(hdr->frame_control, tx->sta,
631 tx->skb)) 634 tx->skb))
@@ -636,6 +639,9 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
636 ieee80211_is_mgmt(hdr->frame_control); 639 ieee80211_is_mgmt(hdr->frame_control);
637 break; 640 break;
638 case WLAN_CIPHER_SUITE_AES_CMAC: 641 case WLAN_CIPHER_SUITE_AES_CMAC:
642 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
643 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
644 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
639 if (!ieee80211_is_mgmt(hdr->frame_control)) 645 if (!ieee80211_is_mgmt(hdr->frame_control))
640 tx->key = NULL; 646 tx->key = NULL;
641 break; 647 break;
@@ -1011,9 +1017,21 @@ ieee80211_tx_h_encrypt(struct ieee80211_tx_data *tx)
1011 case WLAN_CIPHER_SUITE_TKIP: 1017 case WLAN_CIPHER_SUITE_TKIP:
1012 return ieee80211_crypto_tkip_encrypt(tx); 1018 return ieee80211_crypto_tkip_encrypt(tx);
1013 case WLAN_CIPHER_SUITE_CCMP: 1019 case WLAN_CIPHER_SUITE_CCMP:
1014 return ieee80211_crypto_ccmp_encrypt(tx); 1020 return ieee80211_crypto_ccmp_encrypt(
1021 tx, IEEE80211_CCMP_MIC_LEN);
1022 case WLAN_CIPHER_SUITE_CCMP_256:
1023 return ieee80211_crypto_ccmp_encrypt(
1024 tx, IEEE80211_CCMP_256_MIC_LEN);
1015 case WLAN_CIPHER_SUITE_AES_CMAC: 1025 case WLAN_CIPHER_SUITE_AES_CMAC:
1016 return ieee80211_crypto_aes_cmac_encrypt(tx); 1026 return ieee80211_crypto_aes_cmac_encrypt(tx);
1027 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1028 return ieee80211_crypto_aes_cmac_256_encrypt(tx);
1029 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1030 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1031 return ieee80211_crypto_aes_gmac_encrypt(tx);
1032 case WLAN_CIPHER_SUITE_GCMP:
1033 case WLAN_CIPHER_SUITE_GCMP_256:
1034 return ieee80211_crypto_gcmp_encrypt(tx);
1017 default: 1035 default:
1018 return ieee80211_crypto_hw_encrypt(tx); 1036 return ieee80211_crypto_hw_encrypt(tx);
1019 } 1037 }
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index fbd37d43dfce..8428f4a95479 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -744,16 +744,19 @@ EXPORT_SYMBOL_GPL(wdev_to_ieee80211_vif);
744 744
745/* 745/*
746 * Nothing should have been stuffed into the workqueue during 746 * Nothing should have been stuffed into the workqueue during
747 * the suspend->resume cycle. If this WARN is seen then there 747 * the suspend->resume cycle. Since we can't check each caller
748 * is a bug with either the driver suspend or something in 748 * of this function if we are already quiescing / suspended,
749 * mac80211 stuffing into the workqueue which we haven't yet 749 * check here and don't WARN since this can actually happen when
750 * cleared during mac80211's suspend cycle. 750 * the rx path (for example) is racing against __ieee80211_suspend
751 * and suspending / quiescing was set after the rx path checked
752 * them.
751 */ 753 */
752static bool ieee80211_can_queue_work(struct ieee80211_local *local) 754static bool ieee80211_can_queue_work(struct ieee80211_local *local)
753{ 755{
754 if (WARN(local->suspended && !local->resuming, 756 if (local->quiescing || (local->suspended && !local->resuming)) {
755 "queueing ieee80211 work while going to suspend\n")) 757 pr_warn("queueing ieee80211 work while going to suspend\n");
756 return false; 758 return false;
759 }
757 760
758 return true; 761 return true;
759} 762}
@@ -2057,6 +2060,18 @@ int ieee80211_reconfig(struct ieee80211_local *local)
2057 mb(); 2060 mb();
2058 local->resuming = false; 2061 local->resuming = false;
2059 2062
2063 /* It's possible that we don't handle the scan completion in
2064 * time during suspend, so if it's still marked as completed
2065 * here, queue the work and flush it to clean things up.
2066 * Instead of calling the worker function directly here, we
2067 * really queue it to avoid potential races with other flows
2068 * scheduling the same work.
2069 */
2070 if (test_bit(SCAN_COMPLETED, &local->scanning)) {
2071 ieee80211_queue_delayed_work(&local->hw, &local->scan_work, 0);
2072 flush_delayed_work(&local->scan_work);
2073 }
2074
2060 if (local->open_count && !reconfig_due_to_wowlan) 2075 if (local->open_count && !reconfig_due_to_wowlan)
2061 drv_reconfig_complete(local, IEEE80211_RECONFIG_TYPE_SUSPEND); 2076 drv_reconfig_complete(local, IEEE80211_RECONFIG_TYPE_SUSPEND);
2062 2077
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index 12398fde02e8..75de6fac40d1 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -22,6 +22,8 @@
22#include "tkip.h" 22#include "tkip.h"
23#include "aes_ccm.h" 23#include "aes_ccm.h"
24#include "aes_cmac.h" 24#include "aes_cmac.h"
25#include "aes_gmac.h"
26#include "aes_gcm.h"
25#include "wpa.h" 27#include "wpa.h"
26 28
27ieee80211_tx_result 29ieee80211_tx_result
@@ -393,7 +395,8 @@ static inline void ccmp_hdr2pn(u8 *pn, u8 *hdr)
393} 395}
394 396
395 397
396static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb) 398static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb,
399 unsigned int mic_len)
397{ 400{
398 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 401 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
399 struct ieee80211_key *key = tx->key; 402 struct ieee80211_key *key = tx->key;
@@ -424,7 +427,7 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
424 if (info->control.hw_key) 427 if (info->control.hw_key)
425 tail = 0; 428 tail = 0;
426 else 429 else
427 tail = IEEE80211_CCMP_MIC_LEN; 430 tail = mic_len;
428 431
429 if (WARN_ON(skb_tailroom(skb) < tail || 432 if (WARN_ON(skb_tailroom(skb) < tail ||
430 skb_headroom(skb) < IEEE80211_CCMP_HDR_LEN)) 433 skb_headroom(skb) < IEEE80211_CCMP_HDR_LEN))
@@ -459,21 +462,22 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
459 pos += IEEE80211_CCMP_HDR_LEN; 462 pos += IEEE80211_CCMP_HDR_LEN;
460 ccmp_special_blocks(skb, pn, b_0, aad); 463 ccmp_special_blocks(skb, pn, b_0, aad);
461 ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, b_0, aad, pos, len, 464 ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, b_0, aad, pos, len,
462 skb_put(skb, IEEE80211_CCMP_MIC_LEN)); 465 skb_put(skb, mic_len), mic_len);
463 466
464 return 0; 467 return 0;
465} 468}
466 469
467 470
468ieee80211_tx_result 471ieee80211_tx_result
469ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx) 472ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx,
473 unsigned int mic_len)
470{ 474{
471 struct sk_buff *skb; 475 struct sk_buff *skb;
472 476
473 ieee80211_tx_set_protected(tx); 477 ieee80211_tx_set_protected(tx);
474 478
475 skb_queue_walk(&tx->skbs, skb) { 479 skb_queue_walk(&tx->skbs, skb) {
476 if (ccmp_encrypt_skb(tx, skb) < 0) 480 if (ccmp_encrypt_skb(tx, skb, mic_len) < 0)
477 return TX_DROP; 481 return TX_DROP;
478 } 482 }
479 483
@@ -482,7 +486,8 @@ ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx)
482 486
483 487
484ieee80211_rx_result 488ieee80211_rx_result
485ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx) 489ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx,
490 unsigned int mic_len)
486{ 491{
487 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data; 492 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
488 int hdrlen; 493 int hdrlen;
@@ -499,8 +504,7 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
499 !ieee80211_is_robust_mgmt_frame(skb)) 504 !ieee80211_is_robust_mgmt_frame(skb))
500 return RX_CONTINUE; 505 return RX_CONTINUE;
501 506
502 data_len = skb->len - hdrlen - IEEE80211_CCMP_HDR_LEN - 507 data_len = skb->len - hdrlen - IEEE80211_CCMP_HDR_LEN - mic_len;
503 IEEE80211_CCMP_MIC_LEN;
504 if (!rx->sta || data_len < 0) 508 if (!rx->sta || data_len < 0)
505 return RX_DROP_UNUSABLE; 509 return RX_DROP_UNUSABLE;
506 510
@@ -531,14 +535,14 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
531 key->u.ccmp.tfm, b_0, aad, 535 key->u.ccmp.tfm, b_0, aad,
532 skb->data + hdrlen + IEEE80211_CCMP_HDR_LEN, 536 skb->data + hdrlen + IEEE80211_CCMP_HDR_LEN,
533 data_len, 537 data_len,
534 skb->data + skb->len - IEEE80211_CCMP_MIC_LEN)) 538 skb->data + skb->len - mic_len, mic_len))
535 return RX_DROP_UNUSABLE; 539 return RX_DROP_UNUSABLE;
536 } 540 }
537 541
538 memcpy(key->u.ccmp.rx_pn[queue], pn, IEEE80211_CCMP_PN_LEN); 542 memcpy(key->u.ccmp.rx_pn[queue], pn, IEEE80211_CCMP_PN_LEN);
539 543
540 /* Remove CCMP header and MIC */ 544 /* Remove CCMP header and MIC */
541 if (pskb_trim(skb, skb->len - IEEE80211_CCMP_MIC_LEN)) 545 if (pskb_trim(skb, skb->len - mic_len))
542 return RX_DROP_UNUSABLE; 546 return RX_DROP_UNUSABLE;
543 memmove(skb->data + IEEE80211_CCMP_HDR_LEN, skb->data, hdrlen); 547 memmove(skb->data + IEEE80211_CCMP_HDR_LEN, skb->data, hdrlen);
544 skb_pull(skb, IEEE80211_CCMP_HDR_LEN); 548 skb_pull(skb, IEEE80211_CCMP_HDR_LEN);
@@ -546,6 +550,229 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
546 return RX_CONTINUE; 550 return RX_CONTINUE;
547} 551}
548 552
553static void gcmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *j_0, u8 *aad)
554{
555 __le16 mask_fc;
556 u8 qos_tid;
557 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
558
559 memcpy(j_0, hdr->addr2, ETH_ALEN);
560 memcpy(&j_0[ETH_ALEN], pn, IEEE80211_GCMP_PN_LEN);
561 j_0[13] = 0;
562 j_0[14] = 0;
563 j_0[AES_BLOCK_SIZE - 1] = 0x01;
564
565 /* AAD (extra authenticate-only data) / masked 802.11 header
566 * FC | A1 | A2 | A3 | SC | [A4] | [QC]
567 */
568 put_unaligned_be16(ieee80211_hdrlen(hdr->frame_control) - 2, &aad[0]);
569 /* Mask FC: zero subtype b4 b5 b6 (if not mgmt)
570 * Retry, PwrMgt, MoreData; set Protected
571 */
572 mask_fc = hdr->frame_control;
573 mask_fc &= ~cpu_to_le16(IEEE80211_FCTL_RETRY |
574 IEEE80211_FCTL_PM | IEEE80211_FCTL_MOREDATA);
575 if (!ieee80211_is_mgmt(hdr->frame_control))
576 mask_fc &= ~cpu_to_le16(0x0070);
577 mask_fc |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
578
579 put_unaligned(mask_fc, (__le16 *)&aad[2]);
580 memcpy(&aad[4], &hdr->addr1, 3 * ETH_ALEN);
581
582 /* Mask Seq#, leave Frag# */
583 aad[22] = *((u8 *)&hdr->seq_ctrl) & 0x0f;
584 aad[23] = 0;
585
586 if (ieee80211_is_data_qos(hdr->frame_control))
587 qos_tid = *ieee80211_get_qos_ctl(hdr) &
588 IEEE80211_QOS_CTL_TID_MASK;
589 else
590 qos_tid = 0;
591
592 if (ieee80211_has_a4(hdr->frame_control)) {
593 memcpy(&aad[24], hdr->addr4, ETH_ALEN);
594 aad[30] = qos_tid;
595 aad[31] = 0;
596 } else {
597 memset(&aad[24], 0, ETH_ALEN + IEEE80211_QOS_CTL_LEN);
598 aad[24] = qos_tid;
599 }
600}
601
602static inline void gcmp_pn2hdr(u8 *hdr, const u8 *pn, int key_id)
603{
604 hdr[0] = pn[5];
605 hdr[1] = pn[4];
606 hdr[2] = 0;
607 hdr[3] = 0x20 | (key_id << 6);
608 hdr[4] = pn[3];
609 hdr[5] = pn[2];
610 hdr[6] = pn[1];
611 hdr[7] = pn[0];
612}
613
614static inline void gcmp_hdr2pn(u8 *pn, const u8 *hdr)
615{
616 pn[0] = hdr[7];
617 pn[1] = hdr[6];
618 pn[2] = hdr[5];
619 pn[3] = hdr[4];
620 pn[4] = hdr[1];
621 pn[5] = hdr[0];
622}
623
624static int gcmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
625{
626 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
627 struct ieee80211_key *key = tx->key;
628 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
629 int hdrlen, len, tail;
630 u8 *pos;
631 u8 pn[6];
632 u64 pn64;
633 u8 aad[2 * AES_BLOCK_SIZE];
634 u8 j_0[AES_BLOCK_SIZE];
635
636 if (info->control.hw_key &&
637 !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_GENERATE_IV) &&
638 !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
639 !((info->control.hw_key->flags &
640 IEEE80211_KEY_FLAG_GENERATE_IV_MGMT) &&
641 ieee80211_is_mgmt(hdr->frame_control))) {
642 /* hwaccel has no need for preallocated room for GCMP
643 * header or MIC fields
644 */
645 return 0;
646 }
647
648 hdrlen = ieee80211_hdrlen(hdr->frame_control);
649 len = skb->len - hdrlen;
650
651 if (info->control.hw_key)
652 tail = 0;
653 else
654 tail = IEEE80211_GCMP_MIC_LEN;
655
656 if (WARN_ON(skb_tailroom(skb) < tail ||
657 skb_headroom(skb) < IEEE80211_GCMP_HDR_LEN))
658 return -1;
659
660 pos = skb_push(skb, IEEE80211_GCMP_HDR_LEN);
661 memmove(pos, pos + IEEE80211_GCMP_HDR_LEN, hdrlen);
662 skb_set_network_header(skb, skb_network_offset(skb) +
663 IEEE80211_GCMP_HDR_LEN);
664
665 /* the HW only needs room for the IV, but not the actual IV */
666 if (info->control.hw_key &&
667 (info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE))
668 return 0;
669
670 hdr = (struct ieee80211_hdr *)pos;
671 pos += hdrlen;
672
673 pn64 = atomic64_inc_return(&key->u.gcmp.tx_pn);
674
675 pn[5] = pn64;
676 pn[4] = pn64 >> 8;
677 pn[3] = pn64 >> 16;
678 pn[2] = pn64 >> 24;
679 pn[1] = pn64 >> 32;
680 pn[0] = pn64 >> 40;
681
682 gcmp_pn2hdr(pos, pn, key->conf.keyidx);
683
684 /* hwaccel - with software GCMP header */
685 if (info->control.hw_key)
686 return 0;
687
688 pos += IEEE80211_GCMP_HDR_LEN;
689 gcmp_special_blocks(skb, pn, j_0, aad);
690 ieee80211_aes_gcm_encrypt(key->u.gcmp.tfm, j_0, aad, pos, len,
691 skb_put(skb, IEEE80211_GCMP_MIC_LEN));
692
693 return 0;
694}
695
696ieee80211_tx_result
697ieee80211_crypto_gcmp_encrypt(struct ieee80211_tx_data *tx)
698{
699 struct sk_buff *skb;
700
701 ieee80211_tx_set_protected(tx);
702
703 skb_queue_walk(&tx->skbs, skb) {
704 if (gcmp_encrypt_skb(tx, skb) < 0)
705 return TX_DROP;
706 }
707
708 return TX_CONTINUE;
709}
710
711ieee80211_rx_result
712ieee80211_crypto_gcmp_decrypt(struct ieee80211_rx_data *rx)
713{
714 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
715 int hdrlen;
716 struct ieee80211_key *key = rx->key;
717 struct sk_buff *skb = rx->skb;
718 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
719 u8 pn[IEEE80211_GCMP_PN_LEN];
720 int data_len;
721 int queue;
722
723 hdrlen = ieee80211_hdrlen(hdr->frame_control);
724
725 if (!ieee80211_is_data(hdr->frame_control) &&
726 !ieee80211_is_robust_mgmt_frame(skb))
727 return RX_CONTINUE;
728
729 data_len = skb->len - hdrlen - IEEE80211_GCMP_HDR_LEN -
730 IEEE80211_GCMP_MIC_LEN;
731 if (!rx->sta || data_len < 0)
732 return RX_DROP_UNUSABLE;
733
734 if (status->flag & RX_FLAG_DECRYPTED) {
735 if (!pskb_may_pull(rx->skb, hdrlen + IEEE80211_GCMP_HDR_LEN))
736 return RX_DROP_UNUSABLE;
737 } else {
738 if (skb_linearize(rx->skb))
739 return RX_DROP_UNUSABLE;
740 }
741
742 gcmp_hdr2pn(pn, skb->data + hdrlen);
743
744 queue = rx->security_idx;
745
746 if (memcmp(pn, key->u.gcmp.rx_pn[queue], IEEE80211_GCMP_PN_LEN) <= 0) {
747 key->u.gcmp.replays++;
748 return RX_DROP_UNUSABLE;
749 }
750
751 if (!(status->flag & RX_FLAG_DECRYPTED)) {
752 u8 aad[2 * AES_BLOCK_SIZE];
753 u8 j_0[AES_BLOCK_SIZE];
754 /* hardware didn't decrypt/verify MIC */
755 gcmp_special_blocks(skb, pn, j_0, aad);
756
757 if (ieee80211_aes_gcm_decrypt(
758 key->u.gcmp.tfm, j_0, aad,
759 skb->data + hdrlen + IEEE80211_GCMP_HDR_LEN,
760 data_len,
761 skb->data + skb->len - IEEE80211_GCMP_MIC_LEN))
762 return RX_DROP_UNUSABLE;
763 }
764
765 memcpy(key->u.gcmp.rx_pn[queue], pn, IEEE80211_GCMP_PN_LEN);
766
767 /* Remove GCMP header and MIC */
768 if (pskb_trim(skb, skb->len - IEEE80211_GCMP_MIC_LEN))
769 return RX_DROP_UNUSABLE;
770 memmove(skb->data + IEEE80211_GCMP_HDR_LEN, skb->data, hdrlen);
771 skb_pull(skb, IEEE80211_GCMP_HDR_LEN);
772
773 return RX_CONTINUE;
774}
775
549static ieee80211_tx_result 776static ieee80211_tx_result
550ieee80211_crypto_cs_encrypt(struct ieee80211_tx_data *tx, 777ieee80211_crypto_cs_encrypt(struct ieee80211_tx_data *tx,
551 struct sk_buff *skb) 778 struct sk_buff *skb)
@@ -729,6 +956,48 @@ ieee80211_crypto_aes_cmac_encrypt(struct ieee80211_tx_data *tx)
729 return TX_CONTINUE; 956 return TX_CONTINUE;
730} 957}
731 958
959ieee80211_tx_result
960ieee80211_crypto_aes_cmac_256_encrypt(struct ieee80211_tx_data *tx)
961{
962 struct sk_buff *skb;
963 struct ieee80211_tx_info *info;
964 struct ieee80211_key *key = tx->key;
965 struct ieee80211_mmie_16 *mmie;
966 u8 aad[20];
967 u64 pn64;
968
969 if (WARN_ON(skb_queue_len(&tx->skbs) != 1))
970 return TX_DROP;
971
972 skb = skb_peek(&tx->skbs);
973
974 info = IEEE80211_SKB_CB(skb);
975
976 if (info->control.hw_key)
977 return TX_CONTINUE;
978
979 if (WARN_ON(skb_tailroom(skb) < sizeof(*mmie)))
980 return TX_DROP;
981
982 mmie = (struct ieee80211_mmie_16 *)skb_put(skb, sizeof(*mmie));
983 mmie->element_id = WLAN_EID_MMIE;
984 mmie->length = sizeof(*mmie) - 2;
985 mmie->key_id = cpu_to_le16(key->conf.keyidx);
986
987 /* PN = PN + 1 */
988 pn64 = atomic64_inc_return(&key->u.aes_cmac.tx_pn);
989
990 bip_ipn_set64(mmie->sequence_number, pn64);
991
992 bip_aad(skb, aad);
993
994 /* MIC = AES-256-CMAC(IGTK, AAD || Management Frame Body || MMIE, 128)
995 */
996 ieee80211_aes_cmac_256(key->u.aes_cmac.tfm, aad,
997 skb->data + 24, skb->len - 24, mmie->mic);
998
999 return TX_CONTINUE;
1000}
732 1001
733ieee80211_rx_result 1002ieee80211_rx_result
734ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx) 1003ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx)
@@ -780,6 +1049,160 @@ ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx)
780 return RX_CONTINUE; 1049 return RX_CONTINUE;
781} 1050}
782 1051
1052ieee80211_rx_result
1053ieee80211_crypto_aes_cmac_256_decrypt(struct ieee80211_rx_data *rx)
1054{
1055 struct sk_buff *skb = rx->skb;
1056 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
1057 struct ieee80211_key *key = rx->key;
1058 struct ieee80211_mmie_16 *mmie;
1059 u8 aad[20], mic[16], ipn[6];
1060 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1061
1062 if (!ieee80211_is_mgmt(hdr->frame_control))
1063 return RX_CONTINUE;
1064
1065 /* management frames are already linear */
1066
1067 if (skb->len < 24 + sizeof(*mmie))
1068 return RX_DROP_UNUSABLE;
1069
1070 mmie = (struct ieee80211_mmie_16 *)
1071 (skb->data + skb->len - sizeof(*mmie));
1072 if (mmie->element_id != WLAN_EID_MMIE ||
1073 mmie->length != sizeof(*mmie) - 2)
1074 return RX_DROP_UNUSABLE; /* Invalid MMIE */
1075
1076 bip_ipn_swap(ipn, mmie->sequence_number);
1077
1078 if (memcmp(ipn, key->u.aes_cmac.rx_pn, 6) <= 0) {
1079 key->u.aes_cmac.replays++;
1080 return RX_DROP_UNUSABLE;
1081 }
1082
1083 if (!(status->flag & RX_FLAG_DECRYPTED)) {
1084 /* hardware didn't decrypt/verify MIC */
1085 bip_aad(skb, aad);
1086 ieee80211_aes_cmac_256(key->u.aes_cmac.tfm, aad,
1087 skb->data + 24, skb->len - 24, mic);
1088 if (memcmp(mic, mmie->mic, sizeof(mmie->mic)) != 0) {
1089 key->u.aes_cmac.icverrors++;
1090 return RX_DROP_UNUSABLE;
1091 }
1092 }
1093
1094 memcpy(key->u.aes_cmac.rx_pn, ipn, 6);
1095
1096 /* Remove MMIE */
1097 skb_trim(skb, skb->len - sizeof(*mmie));
1098
1099 return RX_CONTINUE;
1100}
1101
1102ieee80211_tx_result
1103ieee80211_crypto_aes_gmac_encrypt(struct ieee80211_tx_data *tx)
1104{
1105 struct sk_buff *skb;
1106 struct ieee80211_tx_info *info;
1107 struct ieee80211_key *key = tx->key;
1108 struct ieee80211_mmie_16 *mmie;
1109 struct ieee80211_hdr *hdr;
1110 u8 aad[20];
1111 u64 pn64;
1112 u8 nonce[12];
1113
1114 if (WARN_ON(skb_queue_len(&tx->skbs) != 1))
1115 return TX_DROP;
1116
1117 skb = skb_peek(&tx->skbs);
1118
1119 info = IEEE80211_SKB_CB(skb);
1120
1121 if (info->control.hw_key)
1122 return TX_CONTINUE;
1123
1124 if (WARN_ON(skb_tailroom(skb) < sizeof(*mmie)))
1125 return TX_DROP;
1126
1127 mmie = (struct ieee80211_mmie_16 *)skb_put(skb, sizeof(*mmie));
1128 mmie->element_id = WLAN_EID_MMIE;
1129 mmie->length = sizeof(*mmie) - 2;
1130 mmie->key_id = cpu_to_le16(key->conf.keyidx);
1131
1132 /* PN = PN + 1 */
1133 pn64 = atomic64_inc_return(&key->u.aes_gmac.tx_pn);
1134
1135 bip_ipn_set64(mmie->sequence_number, pn64);
1136
1137 bip_aad(skb, aad);
1138
1139 hdr = (struct ieee80211_hdr *)skb->data;
1140 memcpy(nonce, hdr->addr2, ETH_ALEN);
1141 bip_ipn_swap(nonce + ETH_ALEN, mmie->sequence_number);
1142
1143 /* MIC = AES-GMAC(IGTK, AAD || Management Frame Body || MMIE, 128) */
1144 if (ieee80211_aes_gmac(key->u.aes_gmac.tfm, aad, nonce,
1145 skb->data + 24, skb->len - 24, mmie->mic) < 0)
1146 return TX_DROP;
1147
1148 return TX_CONTINUE;
1149}
1150
1151ieee80211_rx_result
1152ieee80211_crypto_aes_gmac_decrypt(struct ieee80211_rx_data *rx)
1153{
1154 struct sk_buff *skb = rx->skb;
1155 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
1156 struct ieee80211_key *key = rx->key;
1157 struct ieee80211_mmie_16 *mmie;
1158 u8 aad[20], mic[16], ipn[6], nonce[12];
1159 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1160
1161 if (!ieee80211_is_mgmt(hdr->frame_control))
1162 return RX_CONTINUE;
1163
1164 /* management frames are already linear */
1165
1166 if (skb->len < 24 + sizeof(*mmie))
1167 return RX_DROP_UNUSABLE;
1168
1169 mmie = (struct ieee80211_mmie_16 *)
1170 (skb->data + skb->len - sizeof(*mmie));
1171 if (mmie->element_id != WLAN_EID_MMIE ||
1172 mmie->length != sizeof(*mmie) - 2)
1173 return RX_DROP_UNUSABLE; /* Invalid MMIE */
1174
1175 bip_ipn_swap(ipn, mmie->sequence_number);
1176
1177 if (memcmp(ipn, key->u.aes_gmac.rx_pn, 6) <= 0) {
1178 key->u.aes_gmac.replays++;
1179 return RX_DROP_UNUSABLE;
1180 }
1181
1182 if (!(status->flag & RX_FLAG_DECRYPTED)) {
1183 /* hardware didn't decrypt/verify MIC */
1184 bip_aad(skb, aad);
1185
1186 memcpy(nonce, hdr->addr2, ETH_ALEN);
1187 memcpy(nonce + ETH_ALEN, ipn, 6);
1188
1189 if (ieee80211_aes_gmac(key->u.aes_gmac.tfm, aad, nonce,
1190 skb->data + 24, skb->len - 24,
1191 mic) < 0 ||
1192 memcmp(mic, mmie->mic, sizeof(mmie->mic)) != 0) {
1193 key->u.aes_gmac.icverrors++;
1194 return RX_DROP_UNUSABLE;
1195 }
1196 }
1197
1198 memcpy(key->u.aes_gmac.rx_pn, ipn, 6);
1199
1200 /* Remove MMIE */
1201 skb_trim(skb, skb->len - sizeof(*mmie));
1202
1203 return RX_CONTINUE;
1204}
1205
783ieee80211_tx_result 1206ieee80211_tx_result
784ieee80211_crypto_hw_encrypt(struct ieee80211_tx_data *tx) 1207ieee80211_crypto_hw_encrypt(struct ieee80211_tx_data *tx)
785{ 1208{
diff --git a/net/mac80211/wpa.h b/net/mac80211/wpa.h
index 62e5a12dfe0a..d98011ee8f55 100644
--- a/net/mac80211/wpa.h
+++ b/net/mac80211/wpa.h
@@ -24,17 +24,32 @@ ieee80211_rx_result
24ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx); 24ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx);
25 25
26ieee80211_tx_result 26ieee80211_tx_result
27ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx); 27ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx,
28 unsigned int mic_len);
28ieee80211_rx_result 29ieee80211_rx_result
29ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx); 30ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx,
31 unsigned int mic_len);
30 32
31ieee80211_tx_result 33ieee80211_tx_result
32ieee80211_crypto_aes_cmac_encrypt(struct ieee80211_tx_data *tx); 34ieee80211_crypto_aes_cmac_encrypt(struct ieee80211_tx_data *tx);
35ieee80211_tx_result
36ieee80211_crypto_aes_cmac_256_encrypt(struct ieee80211_tx_data *tx);
33ieee80211_rx_result 37ieee80211_rx_result
34ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx); 38ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx);
39ieee80211_rx_result
40ieee80211_crypto_aes_cmac_256_decrypt(struct ieee80211_rx_data *rx);
41ieee80211_tx_result
42ieee80211_crypto_aes_gmac_encrypt(struct ieee80211_tx_data *tx);
43ieee80211_rx_result
44ieee80211_crypto_aes_gmac_decrypt(struct ieee80211_rx_data *rx);
35ieee80211_tx_result 45ieee80211_tx_result
36ieee80211_crypto_hw_encrypt(struct ieee80211_tx_data *tx); 46ieee80211_crypto_hw_encrypt(struct ieee80211_tx_data *tx);
37ieee80211_rx_result 47ieee80211_rx_result
38ieee80211_crypto_hw_decrypt(struct ieee80211_rx_data *rx); 48ieee80211_crypto_hw_decrypt(struct ieee80211_rx_data *rx);
39 49
50ieee80211_tx_result
51ieee80211_crypto_gcmp_encrypt(struct ieee80211_tx_data *tx);
52ieee80211_rx_result
53ieee80211_crypto_gcmp_decrypt(struct ieee80211_rx_data *rx);
54
40#endif /* WPA_H */ 55#endif /* WPA_H */
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-18 08:10:56 -0500