aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorJohannes Berg <johannes.berg@intel.com>2011-07-06 15:59:39 -0400
committerJohn W. Linville <linville@tuxdriver.com>2011-07-08 11:11:19 -0400
commitaba83a0b301c32dbb91c017f33307611e1a1d384 (patch)
tree9f8478ddf2160c9b4c50666e037e6239ea52e274 /net
parent523b02ea23b175dd3e46e3daf1bc9354376640a3 (diff)
mac80211: fix CCMP races
Since we can process multiple packets at the same time for different ACs, but the PN is allocated from a single counter, we need to use an atomic value there. Use atomic64_t to make this cheaper on 64-bit platforms, other platforms will support this through software emulation, see lib/atomic64.c. We also need to use an on-stack scratch buf so that multiple packets won't corrupt each others scratch buffers. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'net')
-rw-r--r--net/mac80211/cfg.c14
-rw-r--r--net/mac80211/debugfs_key.c6
-rw-r--r--net/mac80211/key.h5
-rw-r--r--net/mac80211/wpa.c32
4 files changed, 32 insertions, 25 deletions
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index 295ab747663f..3000b4c3b525 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -209,6 +209,7 @@ static int ieee80211_get_key(struct wiphy *wiphy, struct net_device *dev,
209 u8 seq[6] = {0}; 209 u8 seq[6] = {0};
210 struct key_params params; 210 struct key_params params;
211 struct ieee80211_key *key = NULL; 211 struct ieee80211_key *key = NULL;
212 u64 pn64;
212 u32 iv32; 213 u32 iv32;
213 u16 iv16; 214 u16 iv16;
214 int err = -ENOENT; 215 int err = -ENOENT;
@@ -256,12 +257,13 @@ static int ieee80211_get_key(struct wiphy *wiphy, struct net_device *dev,
256 params.seq_len = 6; 257 params.seq_len = 6;
257 break; 258 break;
258 case WLAN_CIPHER_SUITE_CCMP: 259 case WLAN_CIPHER_SUITE_CCMP:
259 seq[0] = key->u.ccmp.tx_pn[5]; 260 pn64 = atomic64_read(&key->u.ccmp.tx_pn);
260 seq[1] = key->u.ccmp.tx_pn[4]; 261 seq[0] = pn64;
261 seq[2] = key->u.ccmp.tx_pn[3]; 262 seq[1] = pn64 >> 8;
262 seq[3] = key->u.ccmp.tx_pn[2]; 263 seq[2] = pn64 >> 16;
263 seq[4] = key->u.ccmp.tx_pn[1]; 264 seq[3] = pn64 >> 24;
264 seq[5] = key->u.ccmp.tx_pn[0]; 265 seq[4] = pn64 >> 32;
266 seq[5] = pn64 >> 40;
265 params.seq = seq; 267 params.seq = seq;
266 params.seq_len = 6; 268 params.seq_len = 6;
267 break; 269 break;
diff --git a/net/mac80211/debugfs_key.c b/net/mac80211/debugfs_key.c
index 33c58b85c911..4433760db4c7 100644
--- a/net/mac80211/debugfs_key.c
+++ b/net/mac80211/debugfs_key.c
@@ -79,6 +79,7 @@ static ssize_t key_tx_spec_read(struct file *file, char __user *userbuf,
79 size_t count, loff_t *ppos) 79 size_t count, loff_t *ppos)
80{ 80{
81 const u8 *tpn; 81 const u8 *tpn;
82 u64 pn;
82 char buf[20]; 83 char buf[20];
83 int len; 84 int len;
84 struct ieee80211_key *key = file->private_data; 85 struct ieee80211_key *key = file->private_data;
@@ -94,9 +95,10 @@ static ssize_t key_tx_spec_read(struct file *file, char __user *userbuf,
94 key->u.tkip.tx.iv16); 95 key->u.tkip.tx.iv16);
95 break; 96 break;
96 case WLAN_CIPHER_SUITE_CCMP: 97 case WLAN_CIPHER_SUITE_CCMP:
97 tpn = key->u.ccmp.tx_pn; 98 pn = atomic64_read(&key->u.ccmp.tx_pn);
98 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n", 99 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
99 tpn[0], tpn[1], tpn[2], tpn[3], tpn[4], tpn[5]); 100 (u8)(pn >> 40), (u8)(pn >> 32), (u8)(pn >> 24),
101 (u8)(pn >> 16), (u8)(pn >> 8), (u8)pn);
100 break; 102 break;
101 case WLAN_CIPHER_SUITE_AES_CMAC: 103 case WLAN_CIPHER_SUITE_AES_CMAC:
102 tpn = key->u.aes_cmac.tx_pn; 104 tpn = key->u.aes_cmac.tx_pn;
diff --git a/net/mac80211/key.h b/net/mac80211/key.h
index 1493c3e56b9f..05ce4c0203fc 100644
--- a/net/mac80211/key.h
+++ b/net/mac80211/key.h
@@ -82,7 +82,7 @@ struct ieee80211_key {
82 struct tkip_ctx rx[NUM_RX_DATA_QUEUES]; 82 struct tkip_ctx rx[NUM_RX_DATA_QUEUES];
83 } tkip; 83 } tkip;
84 struct { 84 struct {
85 u8 tx_pn[6]; 85 atomic64_t tx_pn;
86 /* 86 /*
87 * Last received packet number. The first 87 * Last received packet number. The first
88 * NUM_RX_DATA_QUEUES counters are used with Data 88 * NUM_RX_DATA_QUEUES counters are used with Data
@@ -92,12 +92,9 @@ struct ieee80211_key {
92 u8 rx_pn[NUM_RX_DATA_QUEUES + 1][6]; 92 u8 rx_pn[NUM_RX_DATA_QUEUES + 1][6];
93 struct crypto_cipher *tfm; 93 struct crypto_cipher *tfm;
94 u32 replays; /* dot11RSNAStatsCCMPReplays */ 94 u32 replays; /* dot11RSNAStatsCCMPReplays */
95 /* scratch buffers for virt_to_page() (crypto API) */
96#ifndef AES_BLOCK_LEN 95#ifndef AES_BLOCK_LEN
97#define AES_BLOCK_LEN 16 96#define AES_BLOCK_LEN 16
98#endif 97#endif
99 u8 tx_crypto_buf[6 * AES_BLOCK_LEN];
100 u8 rx_crypto_buf[6 * AES_BLOCK_LEN];
101 } ccmp; 98 } ccmp;
102 struct { 99 struct {
103 u8 tx_pn[6]; 100 u8 tx_pn[6];
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index 4ded2ae48a5f..7691e4edc74a 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -15,6 +15,7 @@
15#include <linux/gfp.h> 15#include <linux/gfp.h>
16#include <asm/unaligned.h> 16#include <asm/unaligned.h>
17#include <net/mac80211.h> 17#include <net/mac80211.h>
18#include <crypto/aes.h>
18 19
19#include "ieee80211_i.h" 20#include "ieee80211_i.h"
20#include "michael.h" 21#include "michael.h"
@@ -290,6 +291,8 @@ static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *scratch,
290 unsigned int hdrlen; 291 unsigned int hdrlen;
291 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 292 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
292 293
294 memset(scratch, 0, 6 * AES_BLOCK_LEN);
295
293 b_0 = scratch + 3 * AES_BLOCK_LEN; 296 b_0 = scratch + 3 * AES_BLOCK_LEN;
294 aad = scratch + 4 * AES_BLOCK_LEN; 297 aad = scratch + 4 * AES_BLOCK_LEN;
295 298
@@ -380,8 +383,10 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
380 struct ieee80211_key *key = tx->key; 383 struct ieee80211_key *key = tx->key;
381 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 384 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
382 int hdrlen, len, tail; 385 int hdrlen, len, tail;
383 u8 *pos, *pn; 386 u8 *pos;
384 int i; 387 u8 pn[6];
388 u64 pn64;
389 u8 scratch[6 * AES_BLOCK_LEN];
385 390
386 if (info->control.hw_key && 391 if (info->control.hw_key &&
387 !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_GENERATE_IV)) { 392 !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_GENERATE_IV)) {
@@ -409,14 +414,14 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
409 hdr = (struct ieee80211_hdr *) pos; 414 hdr = (struct ieee80211_hdr *) pos;
410 pos += hdrlen; 415 pos += hdrlen;
411 416
412 /* PN = PN + 1 */ 417 pn64 = atomic64_inc_return(&key->u.ccmp.tx_pn);
413 pn = key->u.ccmp.tx_pn;
414 418
415 for (i = CCMP_PN_LEN - 1; i >= 0; i--) { 419 pn[5] = pn64;
416 pn[i]++; 420 pn[4] = pn64 >> 8;
417 if (pn[i]) 421 pn[3] = pn64 >> 16;
418 break; 422 pn[2] = pn64 >> 24;
419 } 423 pn[1] = pn64 >> 32;
424 pn[0] = pn64 >> 40;
420 425
421 ccmp_pn2hdr(pos, pn, key->conf.keyidx); 426 ccmp_pn2hdr(pos, pn, key->conf.keyidx);
422 427
@@ -425,8 +430,8 @@ static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
425 return 0; 430 return 0;
426 431
427 pos += CCMP_HDR_LEN; 432 pos += CCMP_HDR_LEN;
428 ccmp_special_blocks(skb, pn, key->u.ccmp.tx_crypto_buf, 0); 433 ccmp_special_blocks(skb, pn, scratch, 0);
429 ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, key->u.ccmp.tx_crypto_buf, pos, len, 434 ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, scratch, pos, len,
430 pos, skb_put(skb, CCMP_MIC_LEN)); 435 pos, skb_put(skb, CCMP_MIC_LEN));
431 436
432 return 0; 437 return 0;
@@ -482,11 +487,12 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
482 } 487 }
483 488
484 if (!(status->flag & RX_FLAG_DECRYPTED)) { 489 if (!(status->flag & RX_FLAG_DECRYPTED)) {
490 u8 scratch[6 * AES_BLOCK_LEN];
485 /* hardware didn't decrypt/verify MIC */ 491 /* hardware didn't decrypt/verify MIC */
486 ccmp_special_blocks(skb, pn, key->u.ccmp.rx_crypto_buf, 1); 492 ccmp_special_blocks(skb, pn, scratch, 1);
487 493
488 if (ieee80211_aes_ccm_decrypt( 494 if (ieee80211_aes_ccm_decrypt(
489 key->u.ccmp.tfm, key->u.ccmp.rx_crypto_buf, 495 key->u.ccmp.tfm, scratch,
490 skb->data + hdrlen + CCMP_HDR_LEN, data_len, 496 skb->data + hdrlen + CCMP_HDR_LEN, data_len,
491 skb->data + skb->len - CCMP_MIC_LEN, 497 skb->data + skb->len - CCMP_MIC_LEN,
492 skb->data + hdrlen + CCMP_HDR_LEN)) 498 skb->data + hdrlen + CCMP_HDR_LEN))