1*5113495bSYour Name /*
2*5113495bSYour Name * Copyright (c) 2019-2021 The Linux Foundation. All rights reserved.
3*5113495bSYour Name * Copyright (c) 2022-2023 Qualcomm Innovation Center, Inc. All rights reserved.
4*5113495bSYour Name *
5*5113495bSYour Name * Permission to use, copy, modify, and/or distribute this software for
6*5113495bSYour Name * any purpose with or without fee is hereby granted, provided that the
7*5113495bSYour Name * above copyright notice and this permission notice appear in all
8*5113495bSYour Name * copies.
9*5113495bSYour Name *
10*5113495bSYour Name * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
11*5113495bSYour Name * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
12*5113495bSYour Name * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
13*5113495bSYour Name * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
14*5113495bSYour Name * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
15*5113495bSYour Name * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
16*5113495bSYour Name * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
17*5113495bSYour Name * PERFORMANCE OF THIS SOFTWARE.
18*5113495bSYour Name */
19*5113495bSYour Name
20*5113495bSYour Name /**
21*5113495bSYour Name * DOC: defines crypto driver functions interfacing with linux kernel
22*5113495bSYour Name */
23*5113495bSYour Name #include <wlan_crypto_global_def.h>
24*5113495bSYour Name #include <wlan_crypto_global_api.h>
25*5113495bSYour Name #include <wlan_objmgr_vdev_obj.h>
26*5113495bSYour Name #include <wlan_crypto_main_i.h>
27*5113495bSYour Name #include <wlan_objmgr_pdev_obj.h>
28*5113495bSYour Name #include <wlan_objmgr_peer_obj.h>
29*5113495bSYour Name #include <wlan_crypto_def_i.h>
30*5113495bSYour Name #include <wlan_crypto_obj_mgr_i.h>
31*5113495bSYour Name #include <net/cfg80211.h>
32*5113495bSYour Name #include <wlan_nl_to_crypto_params.h>
33*5113495bSYour Name #include "wlan_cfg80211_crypto.h"
34*5113495bSYour Name #include <wlan_cfg80211.h>
35*5113495bSYour Name #include <wlan_osif_request_manager.h>
36*5113495bSYour Name
wlan_cfg80211_translate_ml_sta_key(uint8_t key_index,enum wlan_crypto_key_type key_type,const u8 * mac_addr,struct key_params * params,struct wlan_crypto_key * crypto_key)37*5113495bSYour Name void wlan_cfg80211_translate_ml_sta_key(uint8_t key_index,
38*5113495bSYour Name enum wlan_crypto_key_type key_type,
39*5113495bSYour Name const u8 *mac_addr,
40*5113495bSYour Name struct key_params *params,
41*5113495bSYour Name struct wlan_crypto_key *crypto_key)
42*5113495bSYour Name {
43*5113495bSYour Name qdf_mem_zero(crypto_key, sizeof(*crypto_key));
44*5113495bSYour Name crypto_key->keylen = params->key_len;
45*5113495bSYour Name crypto_key->keyix = key_index;
46*5113495bSYour Name osif_debug("key_type %d, key_len %d, seq_len %d",
47*5113495bSYour Name key_type,
48*5113495bSYour Name params->key_len, params->seq_len);
49*5113495bSYour Name qdf_mem_copy(&crypto_key->keyval[0], params->key, params->key_len);
50*5113495bSYour Name qdf_mem_copy(&crypto_key->keyrsc[0], params->seq, params->seq_len);
51*5113495bSYour Name
52*5113495bSYour Name crypto_key->key_type = key_type;
53*5113495bSYour Name crypto_key->cipher_type = osif_nl_to_crypto_cipher_type(params->cipher);
54*5113495bSYour Name
55*5113495bSYour Name if (IS_WEP_CIPHER(crypto_key->cipher_type) && !mac_addr) {
56*5113495bSYour Name /*
57*5113495bSYour Name * This is a valid scenario in case of WEP, where-in the
58*5113495bSYour Name * keys are passed by the user space during the connect request
59*5113495bSYour Name * but since we did not connect yet, so we do not know the peer
60*5113495bSYour Name * address yet.
61*5113495bSYour Name */
62*5113495bSYour Name osif_debug("No Mac Address to copy");
63*5113495bSYour Name return;
64*5113495bSYour Name }
65*5113495bSYour Name qdf_mem_copy(&crypto_key->macaddr, mac_addr,
66*5113495bSYour Name QDF_MAC_ADDR_SIZE);
67*5113495bSYour Name osif_debug("crypto key mac " QDF_MAC_ADDR_FMT,
68*5113495bSYour Name QDF_MAC_ADDR_REF(crypto_key->macaddr));
69*5113495bSYour Name }
70*5113495bSYour Name
wlan_cfg80211_translate_key(struct wlan_objmgr_vdev * vdev,uint8_t key_index,enum wlan_crypto_key_type key_type,const u8 * mac_addr,struct key_params * params,struct wlan_crypto_key * crypto_key)71*5113495bSYour Name void wlan_cfg80211_translate_key(struct wlan_objmgr_vdev *vdev,
72*5113495bSYour Name uint8_t key_index,
73*5113495bSYour Name enum wlan_crypto_key_type key_type,
74*5113495bSYour Name const u8 *mac_addr,
75*5113495bSYour Name struct key_params *params,
76*5113495bSYour Name struct wlan_crypto_key *crypto_key)
77*5113495bSYour Name {
78*5113495bSYour Name qdf_mem_zero(crypto_key, sizeof(*crypto_key));
79*5113495bSYour Name crypto_key->keylen = params->key_len;
80*5113495bSYour Name crypto_key->keyix = key_index;
81*5113495bSYour Name osif_debug("key_type %d, opmode %d, key_len %d, seq_len %d",
82*5113495bSYour Name key_type, vdev->vdev_mlme.vdev_opmode,
83*5113495bSYour Name params->key_len, params->seq_len);
84*5113495bSYour Name qdf_mem_copy(&crypto_key->keyval[0], params->key, params->key_len);
85*5113495bSYour Name qdf_mem_copy(&crypto_key->keyrsc[0], params->seq, params->seq_len);
86*5113495bSYour Name
87*5113495bSYour Name crypto_key->key_type = key_type;
88*5113495bSYour Name crypto_key->cipher_type = osif_nl_to_crypto_cipher_type(params->cipher);
89*5113495bSYour Name if (IS_WEP_CIPHER(crypto_key->cipher_type) && !mac_addr) {
90*5113495bSYour Name /*
91*5113495bSYour Name * This is a valid scenario in case of WEP, where-in the
92*5113495bSYour Name * keys are passed by the user space during the connect request
93*5113495bSYour Name * but since we did not connect yet, so we do not know the peer
94*5113495bSYour Name * address yet.
95*5113495bSYour Name */
96*5113495bSYour Name osif_debug("No Mac Address to copy");
97*5113495bSYour Name return;
98*5113495bSYour Name }
99*5113495bSYour Name if (key_type == WLAN_CRYPTO_KEY_TYPE_UNICAST) {
100*5113495bSYour Name qdf_mem_copy(&crypto_key->macaddr, mac_addr, QDF_MAC_ADDR_SIZE);
101*5113495bSYour Name } else {
102*5113495bSYour Name if ((vdev->vdev_mlme.vdev_opmode == QDF_STA_MODE) ||
103*5113495bSYour Name (vdev->vdev_mlme.vdev_opmode == QDF_P2P_CLIENT_MODE))
104*5113495bSYour Name qdf_mem_copy(&crypto_key->macaddr, mac_addr,
105*5113495bSYour Name QDF_MAC_ADDR_SIZE);
106*5113495bSYour Name else
107*5113495bSYour Name qdf_mem_copy(&crypto_key->macaddr,
108*5113495bSYour Name vdev->vdev_mlme.macaddr,
109*5113495bSYour Name QDF_MAC_ADDR_SIZE);
110*5113495bSYour Name }
111*5113495bSYour Name osif_debug("mac "QDF_MAC_ADDR_FMT,
112*5113495bSYour Name QDF_MAC_ADDR_REF(crypto_key->macaddr));
113*5113495bSYour Name }
114*5113495bSYour Name
wlan_cfg80211_store_link_key(struct wlan_objmgr_psoc * psoc,uint8_t key_index,enum wlan_crypto_key_type key_type,const u8 * mac_addr,struct key_params * params,struct qdf_mac_addr * link_addr,uint8_t link_id)115*5113495bSYour Name int wlan_cfg80211_store_link_key(struct wlan_objmgr_psoc *psoc,
116*5113495bSYour Name uint8_t key_index,
117*5113495bSYour Name enum wlan_crypto_key_type key_type,
118*5113495bSYour Name const u8 *mac_addr, struct key_params *params,
119*5113495bSYour Name struct qdf_mac_addr *link_addr,
120*5113495bSYour Name uint8_t link_id)
121*5113495bSYour Name {
122*5113495bSYour Name struct wlan_crypto_key *crypto_key = NULL;
123*5113495bSYour Name enum wlan_crypto_cipher_type cipher;
124*5113495bSYour Name int cipher_len;
125*5113495bSYour Name QDF_STATUS status;
126*5113495bSYour Name
127*5113495bSYour Name if (!psoc) {
128*5113495bSYour Name osif_err("psoc is NULL");
129*5113495bSYour Name return -EINVAL;
130*5113495bSYour Name }
131*5113495bSYour Name if (!params) {
132*5113495bSYour Name osif_err("Key params is NULL");
133*5113495bSYour Name return -EINVAL;
134*5113495bSYour Name }
135*5113495bSYour Name cipher_len = osif_nl_to_crypto_cipher_len(params->cipher);
136*5113495bSYour Name if (cipher_len < 0 || params->key_len < cipher_len) {
137*5113495bSYour Name osif_err("cipher length %d less than reqd len %d",
138*5113495bSYour Name params->key_len, cipher_len);
139*5113495bSYour Name return -EINVAL;
140*5113495bSYour Name }
141*5113495bSYour Name cipher = osif_nl_to_crypto_cipher_type(params->cipher);
142*5113495bSYour Name if (!IS_WEP_CIPHER(cipher)) {
143*5113495bSYour Name if ((key_type == WLAN_CRYPTO_KEY_TYPE_UNICAST) &&
144*5113495bSYour Name !mac_addr) {
145*5113495bSYour Name osif_err("mac_addr is NULL for pairwise Key");
146*5113495bSYour Name return -EINVAL;
147*5113495bSYour Name }
148*5113495bSYour Name }
149*5113495bSYour Name status = wlan_crypto_validate_key_params(cipher, key_index,
150*5113495bSYour Name params->key_len,
151*5113495bSYour Name params->seq_len);
152*5113495bSYour Name if (QDF_IS_STATUS_ERROR(status)) {
153*5113495bSYour Name osif_err("Invalid key params");
154*5113495bSYour Name return -EINVAL;
155*5113495bSYour Name }
156*5113495bSYour Name
157*5113495bSYour Name /*
158*5113495bSYour Name * key may already exist at times and may be retrieved only to
159*5113495bSYour Name * update it.
160*5113495bSYour Name */
161*5113495bSYour Name wlan_crypto_aquire_lock();
162*5113495bSYour Name crypto_key = wlan_crypto_get_ml_sta_link_key(psoc, key_index,
163*5113495bSYour Name link_addr, link_id);
164*5113495bSYour Name if (!crypto_key) {
165*5113495bSYour Name wlan_crypto_release_lock();
166*5113495bSYour Name crypto_key = qdf_mem_malloc(sizeof(*crypto_key));
167*5113495bSYour Name if (!crypto_key)
168*5113495bSYour Name return -EINVAL;
169*5113495bSYour Name wlan_crypto_aquire_lock();
170*5113495bSYour Name }
171*5113495bSYour Name
172*5113495bSYour Name wlan_cfg80211_translate_ml_sta_key(key_index, key_type, mac_addr,
173*5113495bSYour Name params, crypto_key);
174*5113495bSYour Name
175*5113495bSYour Name status = wlan_crypto_save_ml_sta_key(psoc, key_index, crypto_key,
176*5113495bSYour Name link_addr, link_id);
177*5113495bSYour Name if (QDF_IS_STATUS_ERROR(status)) {
178*5113495bSYour Name wlan_crypto_release_lock();
179*5113495bSYour Name osif_err("Failed to save key");
180*5113495bSYour Name qdf_mem_free(crypto_key);
181*5113495bSYour Name return -EINVAL;
182*5113495bSYour Name }
183*5113495bSYour Name wlan_crypto_release_lock();
184*5113495bSYour Name return 0;
185*5113495bSYour Name }
186*5113495bSYour Name
wlan_cfg80211_store_key(struct wlan_objmgr_vdev * vdev,uint8_t key_index,enum wlan_crypto_key_type key_type,const u8 * mac_addr,struct key_params * params)187*5113495bSYour Name int wlan_cfg80211_store_key(struct wlan_objmgr_vdev *vdev,
188*5113495bSYour Name uint8_t key_index,
189*5113495bSYour Name enum wlan_crypto_key_type key_type,
190*5113495bSYour Name const u8 *mac_addr, struct key_params *params)
191*5113495bSYour Name {
192*5113495bSYour Name struct wlan_crypto_key *crypto_key = NULL;
193*5113495bSYour Name enum wlan_crypto_cipher_type cipher;
194*5113495bSYour Name int cipher_len;
195*5113495bSYour Name QDF_STATUS status;
196*5113495bSYour Name
197*5113495bSYour Name if (!vdev) {
198*5113495bSYour Name osif_err("vdev is NULL");
199*5113495bSYour Name return -EINVAL;
200*5113495bSYour Name }
201*5113495bSYour Name if (!params) {
202*5113495bSYour Name osif_err("Key params is NULL");
203*5113495bSYour Name return -EINVAL;
204*5113495bSYour Name }
205*5113495bSYour Name cipher_len = osif_nl_to_crypto_cipher_len(params->cipher);
206*5113495bSYour Name if (cipher_len < 0 || params->key_len < cipher_len) {
207*5113495bSYour Name osif_err("cipher length %d less than reqd len %d",
208*5113495bSYour Name params->key_len, cipher_len);
209*5113495bSYour Name return -EINVAL;
210*5113495bSYour Name }
211*5113495bSYour Name cipher = osif_nl_to_crypto_cipher_type(params->cipher);
212*5113495bSYour Name if (!IS_WEP_CIPHER(cipher)) {
213*5113495bSYour Name if ((key_type == WLAN_CRYPTO_KEY_TYPE_UNICAST) &&
214*5113495bSYour Name !mac_addr) {
215*5113495bSYour Name osif_err("mac_addr is NULL for pairwise Key");
216*5113495bSYour Name return -EINVAL;
217*5113495bSYour Name }
218*5113495bSYour Name }
219*5113495bSYour Name status = wlan_crypto_validate_key_params(cipher, key_index,
220*5113495bSYour Name params->key_len,
221*5113495bSYour Name params->seq_len);
222*5113495bSYour Name if (QDF_IS_STATUS_ERROR(status)) {
223*5113495bSYour Name osif_err("Invalid key params");
224*5113495bSYour Name return -EINVAL;
225*5113495bSYour Name }
226*5113495bSYour Name
227*5113495bSYour Name /*
228*5113495bSYour Name * key may already exist at times and may be retrieved only to
229*5113495bSYour Name * update it.
230*5113495bSYour Name */
231*5113495bSYour Name wlan_crypto_aquire_lock();
232*5113495bSYour Name crypto_key = wlan_crypto_get_key(vdev, key_index);
233*5113495bSYour Name if (!crypto_key) {
234*5113495bSYour Name wlan_crypto_release_lock();
235*5113495bSYour Name crypto_key = qdf_mem_malloc(sizeof(*crypto_key));
236*5113495bSYour Name if (!crypto_key)
237*5113495bSYour Name return -EINVAL;
238*5113495bSYour Name wlan_crypto_aquire_lock();
239*5113495bSYour Name }
240*5113495bSYour Name
241*5113495bSYour Name wlan_cfg80211_translate_key(vdev, key_index, key_type, mac_addr,
242*5113495bSYour Name params, crypto_key);
243*5113495bSYour Name
244*5113495bSYour Name status = wlan_crypto_save_key(vdev, key_index, crypto_key);
245*5113495bSYour Name if (QDF_IS_STATUS_ERROR(status)) {
246*5113495bSYour Name wlan_crypto_release_lock();
247*5113495bSYour Name osif_err("Failed to save key");
248*5113495bSYour Name qdf_mem_free(crypto_key);
249*5113495bSYour Name return -EINVAL;
250*5113495bSYour Name }
251*5113495bSYour Name wlan_crypto_release_lock();
252*5113495bSYour Name return 0;
253*5113495bSYour Name }
254*5113495bSYour Name
255*5113495bSYour Name #define WLAN_WAIT_TIME_ADD_KEY 100
256*5113495bSYour Name
257*5113495bSYour Name static void
wlan_cfg80211_crypto_add_key_cb(void * context,struct crypto_add_key_result * result)258*5113495bSYour Name wlan_cfg80211_crypto_add_key_cb(void *context,
259*5113495bSYour Name struct crypto_add_key_result *result)
260*5113495bSYour Name {
261*5113495bSYour Name struct osif_request *request;
262*5113495bSYour Name struct crypto_add_key_result *priv;
263*5113495bSYour Name
264*5113495bSYour Name request = osif_request_get(context);
265*5113495bSYour Name if (!request) {
266*5113495bSYour Name osif_err("Obsolete request");
267*5113495bSYour Name return;
268*5113495bSYour Name }
269*5113495bSYour Name
270*5113495bSYour Name priv = osif_request_priv(request);
271*5113495bSYour Name qdf_mem_copy(priv, result, sizeof(*priv));
272*5113495bSYour Name osif_request_complete(request);
273*5113495bSYour Name osif_request_put(request);
274*5113495bSYour Name }
275*5113495bSYour Name
wlan_cfg80211_crypto_add_key(struct wlan_objmgr_vdev * vdev,enum wlan_crypto_key_type key_type,uint8_t key_index,bool sync)276*5113495bSYour Name int wlan_cfg80211_crypto_add_key(struct wlan_objmgr_vdev *vdev,
277*5113495bSYour Name enum wlan_crypto_key_type key_type,
278*5113495bSYour Name uint8_t key_index, bool sync)
279*5113495bSYour Name {
280*5113495bSYour Name struct wlan_crypto_key *crypto_key;
281*5113495bSYour Name QDF_STATUS status;
282*5113495bSYour Name struct osif_request *request;
283*5113495bSYour Name struct crypto_add_key_result *result;
284*5113495bSYour Name struct wlan_crypto_comp_priv *priv;
285*5113495bSYour Name int ret;
286*5113495bSYour Name static const struct osif_request_params params = {
287*5113495bSYour Name .priv_size = sizeof(*result),
288*5113495bSYour Name .timeout_ms = WLAN_WAIT_TIME_ADD_KEY,
289*5113495bSYour Name };
290*5113495bSYour Name
291*5113495bSYour Name wlan_crypto_aquire_lock();
292*5113495bSYour Name crypto_key = wlan_crypto_get_key(vdev, key_index);
293*5113495bSYour Name if (!crypto_key) {
294*5113495bSYour Name wlan_crypto_release_lock();
295*5113495bSYour Name osif_err("Crypto KEY is NULL");
296*5113495bSYour Name return -EINVAL;
297*5113495bSYour Name }
298*5113495bSYour Name wlan_crypto_release_lock();
299*5113495bSYour Name
300*5113495bSYour Name if (sync) {
301*5113495bSYour Name priv = wlan_get_vdev_crypto_obj(vdev);
302*5113495bSYour Name if (!priv) {
303*5113495bSYour Name osif_err("Invalid crypto_priv");
304*5113495bSYour Name return -EINVAL;
305*5113495bSYour Name }
306*5113495bSYour Name
307*5113495bSYour Name request = osif_request_alloc(¶ms);
308*5113495bSYour Name if (!request) {
309*5113495bSYour Name osif_err("Request allocation failure");
310*5113495bSYour Name return -ENOMEM;
311*5113495bSYour Name }
312*5113495bSYour Name
313*5113495bSYour Name priv->add_key_ctx = osif_request_cookie(request);;
314*5113495bSYour Name priv->add_key_cb = wlan_cfg80211_crypto_add_key_cb;
315*5113495bSYour Name
316*5113495bSYour Name status = ucfg_crypto_set_key_req(vdev, crypto_key, key_type);
317*5113495bSYour Name if (QDF_IS_STATUS_SUCCESS(status)) {
318*5113495bSYour Name ret = osif_request_wait_for_response(request);
319*5113495bSYour Name if (ret) {
320*5113495bSYour Name osif_err("Target response timed out");
321*5113495bSYour Name } else {
322*5113495bSYour Name result = osif_request_priv(request);
323*5113495bSYour Name osif_debug("complete, vdev_id %u, ix: %u, flags: %u, status: %u",
324*5113495bSYour Name result->vdev_id, result->key_ix,
325*5113495bSYour Name result->key_flags, result->status);
326*5113495bSYour Name }
327*5113495bSYour Name }
328*5113495bSYour Name
329*5113495bSYour Name priv->add_key_ctx = NULL;
330*5113495bSYour Name priv->add_key_cb = NULL;
331*5113495bSYour Name osif_request_put(request);
332*5113495bSYour Name } else {
333*5113495bSYour Name status = ucfg_crypto_set_key_req(vdev, crypto_key, key_type);
334*5113495bSYour Name }
335*5113495bSYour Name return qdf_status_to_os_return(status);
336*5113495bSYour Name }
337*5113495bSYour Name
wlan_cfg80211_set_default_key(struct wlan_objmgr_vdev * vdev,uint8_t key_index,struct qdf_mac_addr * bssid)338*5113495bSYour Name int wlan_cfg80211_set_default_key(struct wlan_objmgr_vdev *vdev,
339*5113495bSYour Name uint8_t key_index, struct qdf_mac_addr *bssid)
340*5113495bSYour Name {
341*5113495bSYour Name return wlan_crypto_default_key(vdev, (uint8_t *)bssid,
342*5113495bSYour Name key_index, true);
343*5113495bSYour Name }
344