* [PATCH 0/5] mac80211 crypto cleanups
@ 2010-08-10 7:46 Johannes Berg
2010-08-10 7:46 ` [PATCH 1/5] mac80211: use cipher suite selectors Johannes Berg
` (4 more replies)
0 siblings, 5 replies; 10+ messages in thread
From: Johannes Berg @ 2010-08-10 7:46 UTC (permalink / raw)
To: John Linville; +Cc: linux-wireless
This has a bunch of crypto code cleanups.
The last two might be applicable to .36
if that got the WEP thing you (John) did?
But they'd have to be rebased due to the
first patch in this series.
johannes
^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH 1/5] mac80211: use cipher suite selectors
2010-08-10 7:46 [PATCH 0/5] mac80211 crypto cleanups Johannes Berg
@ 2010-08-10 7:46 ` Johannes Berg
2010-08-10 7:46 ` [PATCH 2/5] mac80211: move key tfm setup Johannes Berg
` (3 subsequent siblings)
4 siblings, 0 replies; 10+ messages in thread
From: Johannes Berg @ 2010-08-10 7:46 UTC (permalink / raw)
To: John Linville; +Cc: linux-wireless
From: Johannes Berg <johannes.berg@intel.com>
Currently, mac80211 translates the cfg80211
cipher suite selectors into ALG_* values.
That isn't all too useful, and some drivers
benefit from the distinction between WEP40
and WEP104 as well. Therefore, convert it
all to use the cipher suite selectors.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
---
drivers/net/wireless/ath/ar9170/main.c | 31 +++++++-------
drivers/net/wireless/ath/ath5k/base.c | 9 ++--
drivers/net/wireless/ath/ath5k/pcu.c | 19 +++-----
drivers/net/wireless/ath/ath9k/common.c | 36 +++++++++--------
drivers/net/wireless/ath/ath9k/htc_drv_main.c | 5 +-
drivers/net/wireless/ath/ath9k/main.c | 5 +-
drivers/net/wireless/ath/ath9k/xmit.c | 18 --------
drivers/net/wireless/b43/main.c | 16 +++----
drivers/net/wireless/iwlwifi/iwl-agn-tx.c | 16 +++----
drivers/net/wireless/iwlwifi/iwl-agn.c | 4 +
drivers/net/wireless/iwlwifi/iwl-dev.h | 2
drivers/net/wireless/iwlwifi/iwl-sta.c | 24 ++++++-----
drivers/net/wireless/iwlwifi/iwl3945-base.c | 43 +++++++++++---------
drivers/net/wireless/p54/main.c | 9 ++--
drivers/net/wireless/p54/txrx.c | 17 ++++----
drivers/net/wireless/rt2x00/rt2500usb.c | 4 +
drivers/net/wireless/rt2x00/rt2x00crypto.c | 17 +++-----
drivers/net/wireless/wl12xx/wl1251_main.c | 13 +++---
drivers/net/wireless/wl12xx/wl1251_tx.c | 4 -
drivers/net/wireless/wl12xx/wl1271_main.c | 13 +++---
drivers/net/wireless/wl12xx/wl1271_tx.c | 4 -
include/net/mac80211.h | 18 --------
net/mac80211/cfg.c | 44 +++++---------------
net/mac80211/debugfs_key.c | 55 ++++++++++----------------
net/mac80211/driver-trace.h | 4 -
net/mac80211/key.c | 25 +++++------
net/mac80211/key.h | 4 -
net/mac80211/rx.c | 18 ++++----
net/mac80211/tx.c | 22 +++++-----
net/mac80211/wep.c | 2
net/mac80211/wpa.c | 6 +-
31 files changed, 233 insertions(+), 274 deletions(-)
--- wireless-testing.orig/include/net/mac80211.h 2010-08-05 23:30:24.000000000 +0200
+++ wireless-testing/include/net/mac80211.h 2010-08-05 23:30:25.000000000 +0200
@@ -789,20 +789,6 @@ static inline bool ieee80211_vif_is_mesh
}
/**
- * enum ieee80211_key_alg - key algorithm
- * @ALG_WEP: WEP40 or WEP104
- * @ALG_TKIP: TKIP
- * @ALG_CCMP: CCMP (AES)
- * @ALG_AES_CMAC: AES-128-CMAC
- */
-enum ieee80211_key_alg {
- ALG_WEP,
- ALG_TKIP,
- ALG_CCMP,
- ALG_AES_CMAC,
-};
-
-/**
* enum ieee80211_key_flags - key flags
*
* These flags are used for communication about keys between the driver
@@ -839,7 +825,7 @@ enum ieee80211_key_flags {
* @hw_key_idx: To be set by the driver, this is the key index the driver
* wants to be given when a frame is transmitted and needs to be
* encrypted in hardware.
- * @alg: The key algorithm.
+ * @cipher: The key's cipher suite selector.
* @flags: key flags, see &enum ieee80211_key_flags.
* @keyidx: the key index (0-3)
* @keylen: key material length
@@ -852,7 +838,7 @@ enum ieee80211_key_flags {
* @iv_len: The IV length for this key type
*/
struct ieee80211_key_conf {
- enum ieee80211_key_alg alg;
+ u32 cipher;
u8 icv_len;
u8 iv_len;
u8 hw_key_idx;
--- wireless-testing.orig/net/mac80211/cfg.c 2010-08-05 23:30:24.000000000 +0200
+++ wireless-testing/net/mac80211/cfg.c 2010-08-06 09:01:49.000000000 +0200
@@ -116,7 +116,6 @@ static int ieee80211_add_key(struct wiph
{
struct ieee80211_sub_if_data *sdata;
struct sta_info *sta = NULL;
- enum ieee80211_key_alg alg;
struct ieee80211_key *key;
int err;
@@ -125,31 +124,20 @@ static int ieee80211_add_key(struct wiph
sdata = IEEE80211_DEV_TO_SUB_IF(dev);
+ /* reject WEP and TKIP keys if WEP failed to initialize */
switch (params->cipher) {
case WLAN_CIPHER_SUITE_WEP40:
- case WLAN_CIPHER_SUITE_WEP104:
- alg = ALG_WEP;
- break;
case WLAN_CIPHER_SUITE_TKIP:
- alg = ALG_TKIP;
- break;
- case WLAN_CIPHER_SUITE_CCMP:
- alg = ALG_CCMP;
- break;
- case WLAN_CIPHER_SUITE_AES_CMAC:
- alg = ALG_AES_CMAC;
+ case WLAN_CIPHER_SUITE_WEP104:
+ if (IS_ERR(sdata->local->wep_tx_tfm))
+ return -EINVAL;
break;
default:
- return -EINVAL;
+ break;
}
- /* reject WEP and TKIP keys if WEP failed to initialize */
- if ((alg == ALG_WEP || alg == ALG_TKIP) &&
- IS_ERR(sdata->local->wep_tx_tfm))
- return -EINVAL;
-
- key = ieee80211_key_alloc(alg, key_idx, params->key_len, params->key,
- params->seq_len, params->seq);
+ key = ieee80211_key_alloc(params->cipher, key_idx, params->key_len,
+ params->key, params->seq_len, params->seq);
if (!key)
return -ENOMEM;
@@ -247,10 +235,10 @@ static int ieee80211_get_key(struct wiph
memset(¶ms, 0, sizeof(params));
- switch (key->conf.alg) {
- case ALG_TKIP:
- params.cipher = WLAN_CIPHER_SUITE_TKIP;
+ params.cipher = key->conf.cipher;
+ switch (key->conf.cipher) {
+ case WLAN_CIPHER_SUITE_TKIP:
iv32 = key->u.tkip.tx.iv32;
iv16 = key->u.tkip.tx.iv16;
@@ -268,8 +256,7 @@ static int ieee80211_get_key(struct wiph
params.seq = seq;
params.seq_len = 6;
break;
- case ALG_CCMP:
- params.cipher = WLAN_CIPHER_SUITE_CCMP;
+ case WLAN_CIPHER_SUITE_CCMP:
seq[0] = key->u.ccmp.tx_pn[5];
seq[1] = key->u.ccmp.tx_pn[4];
seq[2] = key->u.ccmp.tx_pn[3];
@@ -279,14 +266,7 @@ static int ieee80211_get_key(struct wiph
params.seq = seq;
params.seq_len = 6;
break;
- case ALG_WEP:
- if (key->conf.keylen == 5)
- params.cipher = WLAN_CIPHER_SUITE_WEP40;
- else
- params.cipher = WLAN_CIPHER_SUITE_WEP104;
- break;
- case ALG_AES_CMAC:
- params.cipher = WLAN_CIPHER_SUITE_AES_CMAC;
+ case WLAN_CIPHER_SUITE_AES_CMAC:
seq[0] = key->u.aes_cmac.tx_pn[5];
seq[1] = key->u.aes_cmac.tx_pn[4];
seq[2] = key->u.aes_cmac.tx_pn[3];
--- wireless-testing.orig/net/mac80211/key.c 2010-08-05 23:30:24.000000000 +0200
+++ wireless-testing/net/mac80211/key.c 2010-08-06 09:01:49.000000000 +0200
@@ -227,9 +227,7 @@ static void __ieee80211_key_replace(stru
}
}
-struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg,
- int idx,
- size_t key_len,
+struct ieee80211_key *ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
const u8 *key_data,
size_t seq_len, const u8 *seq)
{
@@ -249,15 +247,16 @@ struct ieee80211_key *ieee80211_key_allo
key->conf.flags = 0;
key->flags = 0;
- key->conf.alg = alg;
+ key->conf.cipher = cipher;
key->conf.keyidx = idx;
key->conf.keylen = key_len;
- switch (alg) {
- case ALG_WEP:
+ switch (cipher) {
+ case WLAN_CIPHER_SUITE_WEP40:
+ case WLAN_CIPHER_SUITE_WEP104:
key->conf.iv_len = WEP_IV_LEN;
key->conf.icv_len = WEP_ICV_LEN;
break;
- case ALG_TKIP:
+ case WLAN_CIPHER_SUITE_TKIP:
key->conf.iv_len = TKIP_IV_LEN;
key->conf.icv_len = TKIP_ICV_LEN;
if (seq) {
@@ -269,7 +268,7 @@ struct ieee80211_key *ieee80211_key_allo
}
}
break;
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
key->conf.iv_len = CCMP_HDR_LEN;
key->conf.icv_len = CCMP_MIC_LEN;
if (seq) {
@@ -279,7 +278,7 @@ struct ieee80211_key *ieee80211_key_allo
seq[CCMP_PN_LEN - j - 1];
}
break;
- case ALG_AES_CMAC:
+ case WLAN_CIPHER_SUITE_AES_CMAC:
key->conf.iv_len = 0;
key->conf.icv_len = sizeof(struct ieee80211_mmie);
if (seq)
@@ -290,7 +289,7 @@ struct ieee80211_key *ieee80211_key_allo
memcpy(key->conf.key, key_data, key_len);
INIT_LIST_HEAD(&key->list);
- if (alg == ALG_CCMP) {
+ if (cipher == WLAN_CIPHER_SUITE_CCMP) {
/*
* Initialize AES key state here as an optimization so that
* it does not need to be initialized for every packet.
@@ -302,7 +301,7 @@ struct ieee80211_key *ieee80211_key_allo
}
}
- if (alg == ALG_AES_CMAC) {
+ if (cipher == WLAN_CIPHER_SUITE_AES_CMAC) {
/*
* Initialize AES key state here as an optimization so that
* it does not need to be initialized for every packet.
@@ -326,9 +325,9 @@ static void __ieee80211_key_destroy(stru
if (key->local)
ieee80211_key_disable_hw_accel(key);
- if (key->conf.alg == ALG_CCMP)
+ if (key->conf.cipher == WLAN_CIPHER_SUITE_CCMP)
ieee80211_aes_key_free(key->u.ccmp.tfm);
- if (key->conf.alg == ALG_AES_CMAC)
+ if (key->conf.cipher == WLAN_CIPHER_SUITE_AES_CMAC)
ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
if (key->local)
ieee80211_debugfs_key_remove(key);
--- wireless-testing.orig/net/mac80211/key.h 2010-08-05 23:30:24.000000000 +0200
+++ wireless-testing/net/mac80211/key.h 2010-08-06 09:01:49.000000000 +0200
@@ -123,9 +123,7 @@ struct ieee80211_key {
struct ieee80211_key_conf conf;
};
-struct ieee80211_key *ieee80211_key_alloc(enum ieee80211_key_alg alg,
- int idx,
- size_t key_len,
+struct ieee80211_key *ieee80211_key_alloc(u32 cipher, int idx, size_t key_len,
const u8 *key_data,
size_t seq_len, const u8 *seq);
/*
--- wireless-testing.orig/net/mac80211/rx.c 2010-08-05 23:30:24.000000000 +0200
+++ wireless-testing/net/mac80211/rx.c 2010-08-06 09:01:49.000000000 +0200
@@ -935,7 +935,8 @@ ieee80211_rx_h_decrypt(struct ieee80211_
* pairwise or station-to-station keys, but for WEP we allow
* using a key index as well.
*/
- if (rx->key && rx->key->conf.alg != ALG_WEP &&
+ if (rx->key && rx->key->conf.cipher != WLAN_CIPHER_SUITE_WEP40 &&
+ rx->key->conf.cipher != WLAN_CIPHER_SUITE_WEP104 &&
!is_multicast_ether_addr(hdr->addr1))
rx->key = NULL;
}
@@ -951,8 +952,9 @@ ieee80211_rx_h_decrypt(struct ieee80211_
return RX_DROP_UNUSABLE;
/* the hdr variable is invalid now! */
- switch (rx->key->conf.alg) {
- case ALG_WEP:
+ switch (rx->key->conf.cipher) {
+ case WLAN_CIPHER_SUITE_WEP40:
+ case WLAN_CIPHER_SUITE_WEP104:
/* Check for weak IVs if possible */
if (rx->sta && ieee80211_is_data(fc) &&
(!(status->flag & RX_FLAG_IV_STRIPPED) ||
@@ -962,13 +964,13 @@ ieee80211_rx_h_decrypt(struct ieee80211_
result = ieee80211_crypto_wep_decrypt(rx);
break;
- case ALG_TKIP:
+ case WLAN_CIPHER_SUITE_TKIP:
result = ieee80211_crypto_tkip_decrypt(rx);
break;
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
result = ieee80211_crypto_ccmp_decrypt(rx);
break;
- case ALG_AES_CMAC:
+ case WLAN_CIPHER_SUITE_AES_CMAC:
result = ieee80211_crypto_aes_cmac_decrypt(rx);
break;
}
@@ -1265,7 +1267,7 @@ ieee80211_rx_h_defragment(struct ieee802
/* This is the first fragment of a new frame. */
entry = ieee80211_reassemble_add(rx->sdata, frag, seq,
rx->queue, &(rx->skb));
- if (rx->key && rx->key->conf.alg == ALG_CCMP &&
+ if (rx->key && rx->key->conf.cipher == WLAN_CIPHER_SUITE_CCMP &&
ieee80211_has_protected(fc)) {
int queue = ieee80211_is_mgmt(fc) ?
NUM_RX_DATA_QUEUES : rx->queue;
@@ -1294,7 +1296,7 @@ ieee80211_rx_h_defragment(struct ieee802
int i;
u8 pn[CCMP_PN_LEN], *rpn;
int queue;
- if (!rx->key || rx->key->conf.alg != ALG_CCMP)
+ if (!rx->key || rx->key->conf.cipher != WLAN_CIPHER_SUITE_CCMP)
return RX_DROP_UNUSABLE;
memcpy(pn, entry->last_pn, CCMP_PN_LEN);
for (i = CCMP_PN_LEN - 1; i >= 0; i--) {
--- wireless-testing.orig/net/mac80211/tx.c 2010-08-05 23:30:24.000000000 +0200
+++ wireless-testing/net/mac80211/tx.c 2010-08-06 09:01:49.000000000 +0200
@@ -543,15 +543,16 @@ ieee80211_tx_h_select_key(struct ieee802
tx->key->tx_rx_count++;
/* TODO: add threshold stuff again */
- switch (tx->key->conf.alg) {
- case ALG_WEP:
+ switch (tx->key->conf.cipher) {
+ case WLAN_CIPHER_SUITE_WEP40:
+ case WLAN_CIPHER_SUITE_WEP104:
if (ieee80211_is_auth(hdr->frame_control))
break;
- case ALG_TKIP:
+ case WLAN_CIPHER_SUITE_TKIP:
if (!ieee80211_is_data_present(hdr->frame_control))
tx->key = NULL;
break;
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
if (!ieee80211_is_data_present(hdr->frame_control) &&
!ieee80211_use_mfp(hdr->frame_control, tx->sta,
tx->skb))
@@ -561,7 +562,7 @@ ieee80211_tx_h_select_key(struct ieee802
IEEE80211_KEY_FLAG_SW_MGMT) &&
ieee80211_is_mgmt(hdr->frame_control);
break;
- case ALG_AES_CMAC:
+ case WLAN_CIPHER_SUITE_AES_CMAC:
if (!ieee80211_is_mgmt(hdr->frame_control))
tx->key = NULL;
break;
@@ -949,14 +950,15 @@ ieee80211_tx_h_encrypt(struct ieee80211_
if (!tx->key)
return TX_CONTINUE;
- switch (tx->key->conf.alg) {
- case ALG_WEP:
+ switch (tx->key->conf.cipher) {
+ case WLAN_CIPHER_SUITE_WEP40:
+ case WLAN_CIPHER_SUITE_WEP104:
return ieee80211_crypto_wep_encrypt(tx);
- case ALG_TKIP:
+ case WLAN_CIPHER_SUITE_TKIP:
return ieee80211_crypto_tkip_encrypt(tx);
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
return ieee80211_crypto_ccmp_encrypt(tx);
- case ALG_AES_CMAC:
+ case WLAN_CIPHER_SUITE_AES_CMAC:
return ieee80211_crypto_aes_cmac_encrypt(tx);
}
--- wireless-testing.orig/net/mac80211/wep.c 2010-08-05 23:30:24.000000000 +0200
+++ wireless-testing/net/mac80211/wep.c 2010-08-05 23:30:25.000000000 +0200
@@ -240,7 +240,7 @@ static int ieee80211_wep_decrypt(struct
keyidx = skb->data[hdrlen + 3] >> 6;
- if (!key || keyidx != key->conf.keyidx || key->conf.alg != ALG_WEP)
+ if (!key || keyidx != key->conf.keyidx)
return -1;
klen = 3 + key->conf.keylen;
--- wireless-testing.orig/net/mac80211/wpa.c 2010-08-05 23:30:24.000000000 +0200
+++ wireless-testing/net/mac80211/wpa.c 2010-08-05 23:30:25.000000000 +0200
@@ -36,8 +36,8 @@ ieee80211_tx_h_michael_mic_add(struct ie
int tail;
hdr = (struct ieee80211_hdr *)skb->data;
- if (!tx->key || tx->key->conf.alg != ALG_TKIP || skb->len < 24 ||
- !ieee80211_is_data_present(hdr->frame_control))
+ if (!tx->key || tx->key->conf.cipher != WLAN_CIPHER_SUITE_TKIP ||
+ skb->len < 24 || !ieee80211_is_data_present(hdr->frame_control))
return TX_CONTINUE;
hdrlen = ieee80211_hdrlen(hdr->frame_control);
@@ -94,7 +94,7 @@ ieee80211_rx_h_michael_mic_verify(struct
if (status->flag & RX_FLAG_MMIC_STRIPPED)
return RX_CONTINUE;
- if (!rx->key || rx->key->conf.alg != ALG_TKIP ||
+ if (!rx->key || rx->key->conf.cipher != WLAN_CIPHER_SUITE_TKIP ||
!ieee80211_has_protected(hdr->frame_control) ||
!ieee80211_is_data_present(hdr->frame_control))
return RX_CONTINUE;
--- wireless-testing.orig/net/mac80211/debugfs_key.c 2010-08-05 23:30:24.000000000 +0200
+++ wireless-testing/net/mac80211/debugfs_key.c 2010-08-05 23:30:25.000000000 +0200
@@ -64,26 +64,13 @@ static ssize_t key_algorithm_read(struct
char __user *userbuf,
size_t count, loff_t *ppos)
{
- char *alg;
+ char buf[15];
struct ieee80211_key *key = file->private_data;
+ u32 c = key->conf.cipher;
- switch (key->conf.alg) {
- case ALG_WEP:
- alg = "WEP\n";
- break;
- case ALG_TKIP:
- alg = "TKIP\n";
- break;
- case ALG_CCMP:
- alg = "CCMP\n";
- break;
- case ALG_AES_CMAC:
- alg = "AES-128-CMAC\n";
- break;
- default:
- return 0;
- }
- return simple_read_from_buffer(userbuf, count, ppos, alg, strlen(alg));
+ sprintf(buf, "%.2x-%.2x-%.2x:%d\n",
+ c >> 24, (c >> 16) & 0xff, (c >> 8) & 0xff, c & 0xff);
+ return simple_read_from_buffer(userbuf, count, ppos, buf, strlen(buf));
}
KEY_OPS(algorithm);
@@ -95,21 +82,22 @@ static ssize_t key_tx_spec_read(struct f
int len;
struct ieee80211_key *key = file->private_data;
- switch (key->conf.alg) {
- case ALG_WEP:
+ switch (key->conf.cipher) {
+ case WLAN_CIPHER_SUITE_WEP40:
+ case WLAN_CIPHER_SUITE_WEP104:
len = scnprintf(buf, sizeof(buf), "\n");
break;
- case ALG_TKIP:
+ case WLAN_CIPHER_SUITE_TKIP:
len = scnprintf(buf, sizeof(buf), "%08x %04x\n",
key->u.tkip.tx.iv32,
key->u.tkip.tx.iv16);
break;
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
tpn = key->u.ccmp.tx_pn;
len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
tpn[0], tpn[1], tpn[2], tpn[3], tpn[4], tpn[5]);
break;
- case ALG_AES_CMAC:
+ case WLAN_CIPHER_SUITE_AES_CMAC:
tpn = key->u.aes_cmac.tx_pn;
len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
tpn[0], tpn[1], tpn[2], tpn[3], tpn[4],
@@ -130,11 +118,12 @@ static ssize_t key_rx_spec_read(struct f
int i, len;
const u8 *rpn;
- switch (key->conf.alg) {
- case ALG_WEP:
+ switch (key->conf.cipher) {
+ case WLAN_CIPHER_SUITE_WEP40:
+ case WLAN_CIPHER_SUITE_WEP104:
len = scnprintf(buf, sizeof(buf), "\n");
break;
- case ALG_TKIP:
+ case WLAN_CIPHER_SUITE_TKIP:
for (i = 0; i < NUM_RX_DATA_QUEUES; i++)
p += scnprintf(p, sizeof(buf)+buf-p,
"%08x %04x\n",
@@ -142,7 +131,7 @@ static ssize_t key_rx_spec_read(struct f
key->u.tkip.rx[i].iv16);
len = p - buf;
break;
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
for (i = 0; i < NUM_RX_DATA_QUEUES + 1; i++) {
rpn = key->u.ccmp.rx_pn[i];
p += scnprintf(p, sizeof(buf)+buf-p,
@@ -152,7 +141,7 @@ static ssize_t key_rx_spec_read(struct f
}
len = p - buf;
break;
- case ALG_AES_CMAC:
+ case WLAN_CIPHER_SUITE_AES_CMAC:
rpn = key->u.aes_cmac.rx_pn;
p += scnprintf(p, sizeof(buf)+buf-p,
"%02x%02x%02x%02x%02x%02x\n",
@@ -174,11 +163,11 @@ static ssize_t key_replays_read(struct f
char buf[20];
int len;
- switch (key->conf.alg) {
- case ALG_CCMP:
+ switch (key->conf.cipher) {
+ case WLAN_CIPHER_SUITE_CCMP:
len = scnprintf(buf, sizeof(buf), "%u\n", key->u.ccmp.replays);
break;
- case ALG_AES_CMAC:
+ case WLAN_CIPHER_SUITE_AES_CMAC:
len = scnprintf(buf, sizeof(buf), "%u\n",
key->u.aes_cmac.replays);
break;
@@ -196,8 +185,8 @@ static ssize_t key_icverrors_read(struct
char buf[20];
int len;
- switch (key->conf.alg) {
- case ALG_AES_CMAC:
+ switch (key->conf.cipher) {
+ case WLAN_CIPHER_SUITE_AES_CMAC:
len = scnprintf(buf, sizeof(buf), "%u\n",
key->u.aes_cmac.icverrors);
break;
--- wireless-testing.orig/net/mac80211/driver-trace.h 2010-08-05 23:30:24.000000000 +0200
+++ wireless-testing/net/mac80211/driver-trace.h 2010-08-05 23:30:25.000000000 +0200
@@ -336,7 +336,7 @@ TRACE_EVENT(drv_set_key,
LOCAL_ENTRY
VIF_ENTRY
STA_ENTRY
- __field(enum ieee80211_key_alg, alg)
+ __field(u32, cipher)
__field(u8, hw_key_idx)
__field(u8, flags)
__field(s8, keyidx)
@@ -346,7 +346,7 @@ TRACE_EVENT(drv_set_key,
LOCAL_ASSIGN;
VIF_ASSIGN;
STA_ASSIGN;
- __entry->alg = key->alg;
+ __entry->cipher = key->cipher;
__entry->flags = key->flags;
__entry->keyidx = key->keyidx;
__entry->hw_key_idx = key->hw_key_idx;
--- wireless-testing.orig/drivers/net/wireless/ath/ar9170/main.c 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/ath/ar9170/main.c 2010-08-05 23:30:25.000000000 +0200
@@ -1190,14 +1190,13 @@ static int ar9170_tx_prepare(struct ar91
if (info->control.hw_key) {
icv = info->control.hw_key->icv_len;
- switch (info->control.hw_key->alg) {
- case ALG_WEP:
+ switch (info->control.hw_key->cipher) {
+ case WLAN_CIPHER_SUITE_WEP40:
+ case WLAN_CIPHER_SUITE_WEP104:
+ case WLAN_CIPHER_SUITE_TKIP:
keytype = AR9170_TX_MAC_ENCR_RC4;
break;
- case ALG_TKIP:
- keytype = AR9170_TX_MAC_ENCR_RC4;
- break;
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
keytype = AR9170_TX_MAC_ENCR_AES;
break;
default:
@@ -1778,17 +1777,17 @@ static int ar9170_set_key(struct ieee802
if ((!ar->vif) || (ar->disable_offload))
return -EOPNOTSUPP;
- switch (key->alg) {
- case ALG_WEP:
- if (key->keylen == WLAN_KEY_LEN_WEP40)
- ktype = AR9170_ENC_ALG_WEP64;
- else
- ktype = AR9170_ENC_ALG_WEP128;
+ switch (key->cipher) {
+ case WLAN_CIPHER_SUITE_WEP40:
+ ktype = AR9170_ENC_ALG_WEP64;
+ break;
+ case WLAN_CIPHER_SUITE_WEP104:
+ ktype = AR9170_ENC_ALG_WEP128;
break;
- case ALG_TKIP:
+ case WLAN_CIPHER_SUITE_TKIP:
ktype = AR9170_ENC_ALG_TKIP;
break;
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
ktype = AR9170_ENC_ALG_AESCCMP;
break;
default:
@@ -1827,7 +1826,7 @@ static int ar9170_set_key(struct ieee802
if (err)
goto out;
- if (key->alg == ALG_TKIP) {
+ if (key->cipher == WLAN_CIPHER_SUITE_TKIP) {
err = ar9170_upload_key(ar, i, sta ? sta->addr : NULL,
ktype, 1, key->key + 16, 16);
if (err)
@@ -1864,7 +1863,7 @@ static int ar9170_set_key(struct ieee802
if (err)
goto out;
- if (key->alg == ALG_TKIP) {
+ if (key->cipher == WLAN_CIPHER_SUITE_TKIP) {
err = ar9170_upload_key(ar, key->hw_key_idx,
NULL,
AR9170_ENC_ALG_NONE, 1,
--- wireless-testing.orig/drivers/net/wireless/ath/ath5k/base.c 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/ath/ath5k/base.c 2010-08-05 23:30:25.000000000 +0200
@@ -3276,11 +3276,12 @@ ath5k_set_key(struct ieee80211_hw *hw, e
if (sc->opmode == NL80211_IFTYPE_AP)
return -EOPNOTSUPP;
- switch (key->alg) {
- case ALG_WEP:
- case ALG_TKIP:
+ switch (key->cipher) {
+ case WLAN_CIPHER_SUITE_WEP40:
+ case WLAN_CIPHER_SUITE_WEP104:
+ case WLAN_CIPHER_SUITE_TKIP:
break;
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
if (sc->ah->ah_aes_support)
break;
--- wireless-testing.orig/drivers/net/wireless/ath/ath5k/pcu.c 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/ath/ath5k/pcu.c 2010-08-05 23:30:25.000000000 +0200
@@ -695,21 +695,18 @@ int ath5k_hw_reset_key(struct ath5k_hw *
static
int ath5k_keycache_type(const struct ieee80211_key_conf *key)
{
- switch (key->alg) {
- case ALG_TKIP:
+ switch (key->cipher) {
+ case WLAN_CIPHER_SUITE_TKIP:
return AR5K_KEYTABLE_TYPE_TKIP;
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
return AR5K_KEYTABLE_TYPE_CCM;
- case ALG_WEP:
- if (key->keylen == WLAN_KEY_LEN_WEP40)
- return AR5K_KEYTABLE_TYPE_40;
- else if (key->keylen == WLAN_KEY_LEN_WEP104)
- return AR5K_KEYTABLE_TYPE_104;
- return -EINVAL;
+ case WLAN_CIPHER_SUITE_WEP40:
+ return AR5K_KEYTABLE_TYPE_40;
+ case WLAN_CIPHER_SUITE_WEP104:
+ return AR5K_KEYTABLE_TYPE_104;
default:
return -EINVAL;
}
- return -EINVAL;
}
/*
@@ -728,7 +725,7 @@ int ath5k_hw_set_key(struct ath5k_hw *ah
bool is_tkip;
const u8 *key_ptr;
- is_tkip = (key->alg == ALG_TKIP);
+ is_tkip = (key->cipher == WLAN_CIPHER_SUITE_TKIP);
/*
* key->keylen comes in from mac80211 in bytes.
--- wireless-testing.orig/drivers/net/wireless/ath/ath9k/main.c 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/ath/ath9k/main.c 2010-08-05 23:30:25.000000000 +0200
@@ -1776,9 +1776,10 @@ static int ath9k_set_key(struct ieee8021
key->hw_key_idx = ret;
/* push IV and Michael MIC generation to stack */
key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
- if (key->alg == ALG_TKIP)
+ if (key->cipher == WLAN_CIPHER_SUITE_TKIP)
key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
- if (sc->sc_ah->sw_mgmt_crypto && key->alg == ALG_CCMP)
+ if (sc->sc_ah->sw_mgmt_crypto &&
+ key->cipher == WLAN_CIPHER_SUITE_CCMP)
key->flags |= IEEE80211_KEY_FLAG_SW_MGMT;
ret = 0;
}
--- wireless-testing.orig/drivers/net/wireless/ath/ath9k/xmit.c 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/ath/ath9k/xmit.c 2010-08-06 08:56:43.000000000 +0200
@@ -1407,22 +1407,6 @@ static enum ath9k_pkt_type get_hw_packet
return htype;
}
-static int get_hw_crypto_keytype(struct sk_buff *skb)
-{
- struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
-
- if (tx_info->control.hw_key) {
- if (tx_info->control.hw_key->alg == ALG_WEP)
- return ATH9K_KEY_TYPE_WEP;
- else if (tx_info->control.hw_key->alg == ALG_TKIP)
- return ATH9K_KEY_TYPE_TKIP;
- else if (tx_info->control.hw_key->alg == ALG_CCMP)
- return ATH9K_KEY_TYPE_AES;
- }
-
- return ATH9K_KEY_TYPE_CLEAR;
-}
-
static void assign_aggr_tid_seqno(struct sk_buff *skb,
struct ath_buf *bf)
{
@@ -1661,7 +1645,7 @@ static int ath_tx_setup_buffer(struct ie
bf->bf_state.bfs_paprd_timestamp = jiffies;
bf->bf_flags = setup_tx_flags(skb, use_ldpc);
- bf->bf_keytype = get_hw_crypto_keytype(skb);
+ bf->bf_keytype = ath9k_cmn_get_hw_crypto_keytype(skb);
if (bf->bf_keytype != ATH9K_KEY_TYPE_CLEAR) {
bf->bf_frmlen += tx_info->control.hw_key->icv_len;
bf->bf_keyix = tx_info->control.hw_key->hw_key_idx;
--- wireless-testing.orig/drivers/net/wireless/ath/ath9k/common.c 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/ath/ath9k/common.c 2010-08-05 23:30:25.000000000 +0200
@@ -46,12 +46,17 @@ int ath9k_cmn_get_hw_crypto_keytype(stru
struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
if (tx_info->control.hw_key) {
- if (tx_info->control.hw_key->alg == ALG_WEP)
+ switch (tx_info->control.hw_key->cipher) {
+ case WLAN_CIPHER_SUITE_WEP40:
+ case WLAN_CIPHER_SUITE_WEP104:
return ATH9K_KEY_TYPE_WEP;
- else if (tx_info->control.hw_key->alg == ALG_TKIP)
+ case WLAN_CIPHER_SUITE_TKIP:
return ATH9K_KEY_TYPE_TKIP;
- else if (tx_info->control.hw_key->alg == ALG_CCMP)
+ case WLAN_CIPHER_SUITE_CCMP:
return ATH9K_KEY_TYPE_AES;
+ default:
+ break;
+ }
}
return ATH9K_KEY_TYPE_CLEAR;
@@ -212,11 +217,11 @@ static int ath_reserve_key_cache_slot_tk
}
static int ath_reserve_key_cache_slot(struct ath_common *common,
- enum ieee80211_key_alg alg)
+ u32 cipher)
{
int i;
- if (alg == ALG_TKIP)
+ if (cipher == WLAN_CIPHER_SUITE_TKIP)
return ath_reserve_key_cache_slot_tkip(common);
/* First, try to find slots that would not be available for TKIP. */
@@ -293,14 +298,15 @@ int ath9k_cmn_key_config(struct ath_comm
memset(&hk, 0, sizeof(hk));
- switch (key->alg) {
- case ALG_WEP:
+ switch (key->cipher) {
+ case WLAN_CIPHER_SUITE_WEP40:
+ case WLAN_CIPHER_SUITE_WEP104:
hk.kv_type = ATH9K_CIPHER_WEP;
break;
- case ALG_TKIP:
+ case WLAN_CIPHER_SUITE_TKIP:
hk.kv_type = ATH9K_CIPHER_TKIP;
break;
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
hk.kv_type = ATH9K_CIPHER_AES_CCM;
break;
default:
@@ -316,7 +322,7 @@ int ath9k_cmn_key_config(struct ath_comm
memcpy(gmac, vif->addr, ETH_ALEN);
gmac[0] |= 0x01;
mac = gmac;
- idx = ath_reserve_key_cache_slot(common, key->alg);
+ idx = ath_reserve_key_cache_slot(common, key->cipher);
break;
case NL80211_IFTYPE_ADHOC:
if (!sta) {
@@ -326,7 +332,7 @@ int ath9k_cmn_key_config(struct ath_comm
memcpy(gmac, sta->addr, ETH_ALEN);
gmac[0] |= 0x01;
mac = gmac;
- idx = ath_reserve_key_cache_slot(common, key->alg);
+ idx = ath_reserve_key_cache_slot(common, key->cipher);
break;
default:
idx = key->keyidx;
@@ -348,13 +354,13 @@ int ath9k_cmn_key_config(struct ath_comm
return -EOPNOTSUPP;
mac = sta->addr;
- idx = ath_reserve_key_cache_slot(common, key->alg);
+ idx = ath_reserve_key_cache_slot(common, key->cipher);
}
if (idx < 0)
return -ENOSPC; /* no free key cache entries */
- if (key->alg == ALG_TKIP)
+ if (key->cipher == WLAN_CIPHER_SUITE_TKIP)
ret = ath_setkey_tkip(common, idx, key->key, &hk, mac,
vif->type == NL80211_IFTYPE_AP);
else
@@ -364,7 +370,7 @@ int ath9k_cmn_key_config(struct ath_comm
return -EIO;
set_bit(idx, common->keymap);
- if (key->alg == ALG_TKIP) {
+ if (key->cipher == WLAN_CIPHER_SUITE_TKIP) {
set_bit(idx + 64, common->keymap);
if (common->splitmic) {
set_bit(idx + 32, common->keymap);
@@ -389,7 +395,7 @@ void ath9k_cmn_key_delete(struct ath_com
return;
clear_bit(key->hw_key_idx, common->keymap);
- if (key->alg != ALG_TKIP)
+ if (key->cipher != WLAN_CIPHER_SUITE_TKIP)
return;
clear_bit(key->hw_key_idx + 64, common->keymap);
--- wireless-testing.orig/drivers/net/wireless/ath/ath9k/htc_drv_main.c 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/ath/ath9k/htc_drv_main.c 2010-08-05 23:30:25.000000000 +0200
@@ -1584,9 +1584,10 @@ static int ath9k_htc_set_key(struct ieee
key->hw_key_idx = ret;
/* push IV and Michael MIC generation to stack */
key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
- if (key->alg == ALG_TKIP)
+ if (key->cipher == WLAN_CIPHER_SUITE_TKIP)
key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
- if (priv->ah->sw_mgmt_crypto && key->alg == ALG_CCMP)
+ if (priv->ah->sw_mgmt_crypto &&
+ key->cipher == WLAN_CIPHER_SUITE_CCMP)
key->flags |= IEEE80211_KEY_FLAG_SW_MGMT;
ret = 0;
}
--- wireless-testing.orig/drivers/net/wireless/b43/main.c 2010-08-05 23:30:24.000000000 +0200
+++ wireless-testing/drivers/net/wireless/b43/main.c 2010-08-05 23:30:25.000000000 +0200
@@ -3754,17 +3754,17 @@ static int b43_op_set_key(struct ieee802
}
err = -EINVAL;
- switch (key->alg) {
- case ALG_WEP:
- if (key->keylen == WLAN_KEY_LEN_WEP40)
- algorithm = B43_SEC_ALGO_WEP40;
- else
- algorithm = B43_SEC_ALGO_WEP104;
+ switch (key->cipher) {
+ case WLAN_CIPHER_SUITE_WEP40:
+ algorithm = B43_SEC_ALGO_WEP40;
break;
- case ALG_TKIP:
+ case WLAN_CIPHER_SUITE_WEP104:
+ algorithm = B43_SEC_ALGO_WEP104;
+ break;
+ case WLAN_CIPHER_SUITE_TKIP:
algorithm = B43_SEC_ALGO_TKIP;
break;
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
algorithm = B43_SEC_ALGO_AES;
break;
default:
--- wireless-testing.orig/drivers/net/wireless/iwlwifi/iwl-agn-tx.c 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/iwlwifi/iwl-agn-tx.c 2010-08-05 23:30:25.000000000 +0200
@@ -488,8 +488,8 @@ static void iwlagn_tx_cmd_build_hwcrypto
{
struct ieee80211_key_conf *keyconf = info->control.hw_key;
- switch (keyconf->alg) {
- case ALG_CCMP:
+ switch (keyconf->cipher) {
+ case WLAN_CIPHER_SUITE_CCMP:
tx_cmd->sec_ctl = TX_CMD_SEC_CCM;
memcpy(tx_cmd->key, keyconf->key, keyconf->keylen);
if (info->flags & IEEE80211_TX_CTL_AMPDU)
@@ -497,20 +497,20 @@ static void iwlagn_tx_cmd_build_hwcrypto
IWL_DEBUG_TX(priv, "tx_cmd with AES hwcrypto\n");
break;
- case ALG_TKIP:
+ case WLAN_CIPHER_SUITE_TKIP:
tx_cmd->sec_ctl = TX_CMD_SEC_TKIP;
ieee80211_get_tkip_key(keyconf, skb_frag,
IEEE80211_TKIP_P2_KEY, tx_cmd->key);
IWL_DEBUG_TX(priv, "tx_cmd with tkip hwcrypto\n");
break;
- case ALG_WEP:
+ case WLAN_CIPHER_SUITE_WEP104:
+ tx_cmd->sec_ctl |= TX_CMD_SEC_KEY128;
+ /* fall through */
+ case WLAN_CIPHER_SUITE_WEP40:
tx_cmd->sec_ctl |= (TX_CMD_SEC_WEP |
(keyconf->keyidx & TX_CMD_SEC_MSK) << TX_CMD_SEC_SHIFT);
- if (keyconf->keylen == WEP_KEY_LEN_128)
- tx_cmd->sec_ctl |= TX_CMD_SEC_KEY128;
-
memcpy(&tx_cmd->key[3], keyconf->key, keyconf->keylen);
IWL_DEBUG_TX(priv, "Configuring packet for WEP encryption "
@@ -518,7 +518,7 @@ static void iwlagn_tx_cmd_build_hwcrypto
break;
default:
- IWL_ERR(priv, "Unknown encode alg %d\n", keyconf->alg);
+ IWL_ERR(priv, "Unknown encode cipher %x\n", keyconf->cipher);
break;
}
}
--- wireless-testing.orig/drivers/net/wireless/iwlwifi/iwl-dev.h 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/iwlwifi/iwl-dev.h 2010-08-05 23:30:25.000000000 +0200
@@ -420,7 +420,7 @@ struct iwl_tid_data {
};
struct iwl_hw_key {
- enum ieee80211_key_alg alg;
+ u32 cipher;
int keylen;
u8 keyidx;
u8 key[32];
--- wireless-testing.orig/drivers/net/wireless/iwlwifi/iwl3945-base.c 2010-08-05 23:30:24.000000000 +0200
+++ wireless-testing/drivers/net/wireless/iwlwifi/iwl3945-base.c 2010-08-05 23:30:25.000000000 +0200
@@ -151,7 +151,7 @@ static int iwl3945_set_ccmp_dynamic_key_
key_flags &= ~STA_KEY_FLG_INVALID;
spin_lock_irqsave(&priv->sta_lock, flags);
- priv->stations[sta_id].keyinfo.alg = keyconf->alg;
+ priv->stations[sta_id].keyinfo.cipher = keyconf->cipher;
priv->stations[sta_id].keyinfo.keylen = keyconf->keylen;
memcpy(priv->stations[sta_id].keyinfo.key, keyconf->key,
keyconf->keylen);
@@ -222,23 +222,25 @@ static int iwl3945_set_dynamic_key(struc
keyconf->hw_key_idx = HW_KEY_DYNAMIC;
- switch (keyconf->alg) {
- case ALG_CCMP:
+ switch (keyconf->cipher) {
+ case WLAN_CIPHER_SUITE_CCMP:
ret = iwl3945_set_ccmp_dynamic_key_info(priv, keyconf, sta_id);
break;
- case ALG_TKIP:
+ case WLAN_CIPHER_SUITE_TKIP:
ret = iwl3945_set_tkip_dynamic_key_info(priv, keyconf, sta_id);
break;
- case ALG_WEP:
+ case WLAN_CIPHER_SUITE_WEP40:
+ case WLAN_CIPHER_SUITE_WEP104:
ret = iwl3945_set_wep_dynamic_key_info(priv, keyconf, sta_id);
break;
default:
- IWL_ERR(priv, "Unknown alg: %s alg = %d\n", __func__, keyconf->alg);
+ IWL_ERR(priv, "Unknown alg: %s alg=%x\n", __func__,
+ keyconf->cipher);
ret = -EINVAL;
}
- IWL_DEBUG_WEP(priv, "Set dynamic key: alg= %d len=%d idx=%d sta=%d ret=%d\n",
- keyconf->alg, keyconf->keylen, keyconf->keyidx,
+ IWL_DEBUG_WEP(priv, "Set dynamic key: alg=%x len=%d idx=%d sta=%d ret=%d\n",
+ keyconf->cipher, keyconf->keylen, keyconf->keyidx,
sta_id, ret);
return ret;
@@ -254,10 +256,11 @@ static int iwl3945_remove_static_key(str
static int iwl3945_set_static_key(struct iwl_priv *priv,
struct ieee80211_key_conf *key)
{
- if (key->alg == ALG_WEP)
+ if (key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
+ key->cipher == WLAN_CIPHER_SUITE_WEP104)
return -EOPNOTSUPP;
- IWL_ERR(priv, "Static key invalid: alg %d\n", key->alg);
+ IWL_ERR(priv, "Static key invalid: cipher %x\n", key->cipher);
return -EINVAL;
}
@@ -369,23 +372,25 @@ static void iwl3945_build_tx_cmd_hwcrypt
struct iwl3945_tx_cmd *tx_cmd = (struct iwl3945_tx_cmd *)cmd->cmd.payload;
struct iwl_hw_key *keyinfo = &priv->stations[sta_id].keyinfo;
- switch (keyinfo->alg) {
- case ALG_CCMP:
+ tx_cmd->sec_ctl = 0;
+
+ switch (keyinfo->cipher) {
+ case WLAN_CIPHER_SUITE_CCMP:
tx_cmd->sec_ctl = TX_CMD_SEC_CCM;
memcpy(tx_cmd->key, keyinfo->key, keyinfo->keylen);
IWL_DEBUG_TX(priv, "tx_cmd with AES hwcrypto\n");
break;
- case ALG_TKIP:
+ case WLAN_CIPHER_SUITE_TKIP:
break;
- case ALG_WEP:
- tx_cmd->sec_ctl = TX_CMD_SEC_WEP |
+ case WLAN_CIPHER_SUITE_WEP104:
+ tx_cmd->sec_ctl |= TX_CMD_SEC_KEY128;
+ /* fall through */
+ case WLAN_CIPHER_SUITE_WEP40:
+ tx_cmd->sec_ctl |= TX_CMD_SEC_WEP |
(info->control.hw_key->hw_key_idx & TX_CMD_SEC_MSK) << TX_CMD_SEC_SHIFT;
- if (keyinfo->keylen == 13)
- tx_cmd->sec_ctl |= TX_CMD_SEC_KEY128;
-
memcpy(&tx_cmd->key[3], keyinfo->key, keyinfo->keylen);
IWL_DEBUG_TX(priv, "Configuring packet for WEP encryption "
@@ -393,7 +398,7 @@ static void iwl3945_build_tx_cmd_hwcrypt
break;
default:
- IWL_ERR(priv, "Unknown encode alg %d\n", keyinfo->alg);
+ IWL_ERR(priv, "Unknown encode cipher %x\n", keyinfo->cipher);
break;
}
}
--- wireless-testing.orig/drivers/net/wireless/iwlwifi/iwl-agn.c 2010-08-05 23:30:24.000000000 +0200
+++ wireless-testing/drivers/net/wireless/iwlwifi/iwl-agn.c 2010-08-05 23:30:25.000000000 +0200
@@ -3429,7 +3429,9 @@ static int iwl_mac_set_key(struct ieee80
* in 1X mode.
* In legacy wep mode, we use another host command to the uCode.
*/
- if (key->alg == ALG_WEP && !sta && vif->type != NL80211_IFTYPE_AP) {
+ if ((key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
+ key->cipher == WLAN_CIPHER_SUITE_WEP104) &&
+ !sta && vif->type != NL80211_IFTYPE_AP) {
if (cmd == SET_KEY)
is_default_wep_key = !priv->key_mapping_key;
else
--- wireless-testing.orig/drivers/net/wireless/iwlwifi/iwl-sta.c 2010-08-05 23:30:24.000000000 +0200
+++ wireless-testing/drivers/net/wireless/iwlwifi/iwl-sta.c 2010-08-05 23:30:25.000000000 +0200
@@ -818,7 +818,7 @@ int iwl_set_default_wep_key(struct iwl_p
keyconf->flags &= ~IEEE80211_KEY_FLAG_GENERATE_IV;
keyconf->hw_key_idx = HW_KEY_DEFAULT;
- priv->stations[IWL_AP_ID].keyinfo.alg = ALG_WEP;
+ priv->stations[IWL_AP_ID].keyinfo.cipher = keyconf->cipher;
priv->wep_keys[keyconf->keyidx].key_size = keyconf->keylen;
memcpy(&priv->wep_keys[keyconf->keyidx].key, &keyconf->key,
@@ -856,7 +856,7 @@ static int iwl_set_wep_dynamic_key_info(
spin_lock_irqsave(&priv->sta_lock, flags);
- priv->stations[sta_id].keyinfo.alg = keyconf->alg;
+ priv->stations[sta_id].keyinfo.cipher = keyconf->cipher;
priv->stations[sta_id].keyinfo.keylen = keyconf->keylen;
priv->stations[sta_id].keyinfo.keyidx = keyconf->keyidx;
@@ -906,7 +906,7 @@ static int iwl_set_ccmp_dynamic_key_info
keyconf->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
spin_lock_irqsave(&priv->sta_lock, flags);
- priv->stations[sta_id].keyinfo.alg = keyconf->alg;
+ priv->stations[sta_id].keyinfo.cipher = keyconf->cipher;
priv->stations[sta_id].keyinfo.keylen = keyconf->keylen;
memcpy(priv->stations[sta_id].keyinfo.key, keyconf->key,
@@ -955,7 +955,7 @@ static int iwl_set_tkip_dynamic_key_info
spin_lock_irqsave(&priv->sta_lock, flags);
- priv->stations[sta_id].keyinfo.alg = keyconf->alg;
+ priv->stations[sta_id].keyinfo.cipher = keyconf->cipher;
priv->stations[sta_id].keyinfo.keylen = 16;
if ((priv->stations[sta_id].sta.key.key_flags & STA_KEY_FLG_ENCRYPT_MSK)
@@ -1090,24 +1090,26 @@ int iwl_set_dynamic_key(struct iwl_priv
priv->key_mapping_key++;
keyconf->hw_key_idx = HW_KEY_DYNAMIC;
- switch (keyconf->alg) {
- case ALG_CCMP:
+ switch (keyconf->cipher) {
+ case WLAN_CIPHER_SUITE_CCMP:
ret = iwl_set_ccmp_dynamic_key_info(priv, keyconf, sta_id);
break;
- case ALG_TKIP:
+ case WLAN_CIPHER_SUITE_TKIP:
ret = iwl_set_tkip_dynamic_key_info(priv, keyconf, sta_id);
break;
- case ALG_WEP:
+ case WLAN_CIPHER_SUITE_WEP40:
+ case WLAN_CIPHER_SUITE_WEP104:
ret = iwl_set_wep_dynamic_key_info(priv, keyconf, sta_id);
break;
default:
IWL_ERR(priv,
- "Unknown alg: %s alg = %d\n", __func__, keyconf->alg);
+ "Unknown alg: %s cipher = %x\n", __func__,
+ keyconf->cipher);
ret = -EINVAL;
}
- IWL_DEBUG_WEP(priv, "Set dynamic key: alg= %d len=%d idx=%d sta=%d ret=%d\n",
- keyconf->alg, keyconf->keylen, keyconf->keyidx,
+ IWL_DEBUG_WEP(priv, "Set dynamic key: cipher=%x len=%d idx=%d sta=%d ret=%d\n",
+ keyconf->cipher, keyconf->keylen, keyconf->keyidx,
sta_id, ret);
return ret;
--- wireless-testing.orig/drivers/net/wireless/p54/main.c 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/p54/main.c 2010-08-05 23:30:25.000000000 +0200
@@ -429,8 +429,8 @@ static int p54_set_key(struct ieee80211_
mutex_lock(&priv->conf_mutex);
if (cmd == SET_KEY) {
- switch (key->alg) {
- case ALG_TKIP:
+ switch (key->cipher) {
+ case WLAN_CIPHER_SUITE_TKIP:
if (!(priv->privacy_caps & (BR_DESC_PRIV_CAP_MICHAEL |
BR_DESC_PRIV_CAP_TKIP))) {
ret = -EOPNOTSUPP;
@@ -439,7 +439,8 @@ static int p54_set_key(struct ieee80211_
key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
algo = P54_CRYPTO_TKIPMICHAEL;
break;
- case ALG_WEP:
+ case WLAN_CIPHER_SUITE_WEP40:
+ case WLAN_CIPHER_SUITE_WEP104:
if (!(priv->privacy_caps & BR_DESC_PRIV_CAP_WEP)) {
ret = -EOPNOTSUPP;
goto out_unlock;
@@ -447,7 +448,7 @@ static int p54_set_key(struct ieee80211_
key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
algo = P54_CRYPTO_WEP;
break;
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
if (!(priv->privacy_caps & BR_DESC_PRIV_CAP_AESCCMP)) {
ret = -EOPNOTSUPP;
goto out_unlock;
--- wireless-testing.orig/drivers/net/wireless/p54/txrx.c 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/p54/txrx.c 2010-08-05 23:30:25.000000000 +0200
@@ -683,14 +683,15 @@ static void p54_tx_80211_header(struct p
}
}
-static u8 p54_convert_algo(enum ieee80211_key_alg alg)
+static u8 p54_convert_algo(u32 cipher)
{
- switch (alg) {
- case ALG_WEP:
+ switch (cipher) {
+ case WLAN_CIPHER_SUITE_WEP40:
+ case WLAN_CIPHER_SUITE_WEP104:
return P54_CRYPTO_WEP;
- case ALG_TKIP:
+ case WLAN_CIPHER_SUITE_TKIP:
return P54_CRYPTO_TKIPMICHAEL;
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
return P54_CRYPTO_AESCCMP;
default:
return 0;
@@ -731,7 +732,7 @@ int p54_tx_80211(struct ieee80211_hw *de
if (info->control.hw_key) {
crypt_offset = ieee80211_get_hdrlen_from_skb(skb);
- if (info->control.hw_key->alg == ALG_TKIP) {
+ if (info->control.hw_key->cipher == WLAN_CIPHER_SUITE_TKIP) {
u8 *iv = (u8 *)(skb->data + crypt_offset);
/*
* The firmware excepts that the IV has to have
@@ -827,10 +828,10 @@ int p54_tx_80211(struct ieee80211_hw *de
hdr->tries = ridx;
txhdr->rts_rate_idx = 0;
if (info->control.hw_key) {
- txhdr->key_type = p54_convert_algo(info->control.hw_key->alg);
+ txhdr->key_type = p54_convert_algo(info->control.hw_key->cipher);
txhdr->key_len = min((u8)16, info->control.hw_key->keylen);
memcpy(txhdr->key, info->control.hw_key->key, txhdr->key_len);
- if (info->control.hw_key->alg == ALG_TKIP) {
+ if (info->control.hw_key->cipher == WLAN_CIPHER_SUITE_TKIP) {
/* reserve space for the MIC key */
len += 8;
memcpy(skb_put(skb, 8), &(info->control.hw_key->key
--- wireless-testing.orig/drivers/net/wireless/rt2x00/rt2500usb.c 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/rt2x00/rt2500usb.c 2010-08-05 23:30:25.000000000 +0200
@@ -355,7 +355,9 @@ static int rt2500usb_config_key(struct r
* it is known that not work at least on some hardware.
* SW crypto will be used in that case.
*/
- if (key->alg == ALG_WEP && key->keyidx != 0)
+ if ((key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
+ key->cipher == WLAN_CIPHER_SUITE_WEP104) &&
+ key->keyidx != 0)
return -EOPNOTSUPP;
/*
--- wireless-testing.orig/drivers/net/wireless/rt2x00/rt2x00crypto.c 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/rt2x00/rt2x00crypto.c 2010-08-05 23:30:25.000000000 +0200
@@ -31,15 +31,14 @@
enum cipher rt2x00crypto_key_to_cipher(struct ieee80211_key_conf *key)
{
- switch (key->alg) {
- case ALG_WEP:
- if (key->keylen == WLAN_KEY_LEN_WEP40)
- return CIPHER_WEP64;
- else
- return CIPHER_WEP128;
- case ALG_TKIP:
+ switch (key->cipher) {
+ case WLAN_CIPHER_SUITE_WEP40:
+ return CIPHER_WEP64;
+ case WLAN_CIPHER_SUITE_WEP104:
+ return CIPHER_WEP128;
+ case WLAN_CIPHER_SUITE_TKIP:
return CIPHER_TKIP;
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
return CIPHER_AES;
default:
return CIPHER_NONE;
@@ -95,7 +94,7 @@ unsigned int rt2x00crypto_tx_overhead(st
overhead += key->iv_len;
if (!(key->flags & IEEE80211_KEY_FLAG_GENERATE_MMIC)) {
- if (key->alg == ALG_TKIP)
+ if (key->cipher == WLAN_CIPHER_SUITE_TKIP)
overhead += 8;
}
--- wireless-testing.orig/drivers/net/wireless/wl12xx/wl1251_main.c 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/wl12xx/wl1251_main.c 2010-08-05 23:30:25.000000000 +0200
@@ -725,8 +725,9 @@ static int wl1251_set_key_type(struct wl
struct ieee80211_key_conf *mac80211_key,
const u8 *addr)
{
- switch (mac80211_key->alg) {
- case ALG_WEP:
+ switch (mac80211_key->cipher) {
+ case WLAN_CIPHER_SUITE_WEP40:
+ case WLAN_CIPHER_SUITE_WEP104:
if (is_broadcast_ether_addr(addr))
key->key_type = KEY_WEP_DEFAULT;
else
@@ -734,7 +735,7 @@ static int wl1251_set_key_type(struct wl
mac80211_key->hw_key_idx = mac80211_key->keyidx;
break;
- case ALG_TKIP:
+ case WLAN_CIPHER_SUITE_TKIP:
if (is_broadcast_ether_addr(addr))
key->key_type = KEY_TKIP_MIC_GROUP;
else
@@ -742,7 +743,7 @@ static int wl1251_set_key_type(struct wl
mac80211_key->hw_key_idx = mac80211_key->keyidx;
break;
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
if (is_broadcast_ether_addr(addr))
key->key_type = KEY_AES_GROUP;
else
@@ -750,7 +751,7 @@ static int wl1251_set_key_type(struct wl
mac80211_key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
break;
default:
- wl1251_error("Unknown key algo 0x%x", mac80211_key->alg);
+ wl1251_error("Unknown key cipher 0x%x", mac80211_key->cipher);
return -EOPNOTSUPP;
}
@@ -783,7 +784,7 @@ static int wl1251_op_set_key(struct ieee
wl1251_debug(DEBUG_CRYPT, "CMD: 0x%x", cmd);
wl1251_dump(DEBUG_CRYPT, "ADDR: ", addr, ETH_ALEN);
wl1251_debug(DEBUG_CRYPT, "Key: algo:0x%x, id:%d, len:%d flags 0x%x",
- key->alg, key->keyidx, key->keylen, key->flags);
+ key->cipher, key->keyidx, key->keylen, key->flags);
wl1251_dump(DEBUG_CRYPT, "KEY: ", key->key, key->keylen);
if (is_zero_ether_addr(addr)) {
--- wireless-testing.orig/drivers/net/wireless/wl12xx/wl1251_tx.c 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/wl12xx/wl1251_tx.c 2010-08-05 23:30:25.000000000 +0200
@@ -189,7 +189,7 @@ static int wl1251_tx_send_packet(struct
tx_hdr = (struct tx_double_buffer_desc *) skb->data;
if (control->control.hw_key &&
- control->control.hw_key->alg == ALG_TKIP) {
+ control->control.hw_key->cipher == WLAN_CIPHER_SUITE_TKIP) {
int hdrlen;
__le16 fc;
u16 length;
@@ -399,7 +399,7 @@ static void wl1251_tx_packet_cb(struct w
*/
frame = skb_pull(skb, sizeof(struct tx_double_buffer_desc));
if (info->control.hw_key &&
- info->control.hw_key->alg == ALG_TKIP) {
+ info->control.hw_key->cipher == WLAN_CIPHER_SUITE_TKIP) {
hdrlen = ieee80211_get_hdrlen_from_skb(skb);
memmove(frame + WL1251_TKIP_IV_SPACE, frame, hdrlen);
skb_pull(skb, WL1251_TKIP_IV_SPACE);
--- wireless-testing.orig/drivers/net/wireless/wl12xx/wl1271_main.c 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/wl12xx/wl1271_main.c 2010-08-05 23:30:25.000000000 +0200
@@ -1439,7 +1439,7 @@ static int wl1271_op_set_key(struct ieee
wl1271_debug(DEBUG_CRYPT, "CMD: 0x%x", cmd);
wl1271_dump(DEBUG_CRYPT, "ADDR: ", addr, ETH_ALEN);
wl1271_debug(DEBUG_CRYPT, "Key: algo:0x%x, id:%d, len:%d flags 0x%x",
- key_conf->alg, key_conf->keyidx,
+ key_conf->cipher, key_conf->keyidx,
key_conf->keylen, key_conf->flags);
wl1271_dump(DEBUG_CRYPT, "KEY: ", key_conf->key, key_conf->keylen);
@@ -1455,20 +1455,21 @@ static int wl1271_op_set_key(struct ieee
if (ret < 0)
goto out_unlock;
- switch (key_conf->alg) {
- case ALG_WEP:
+ switch (key_conf->cipher) {
+ case WLAN_CIPHER_SUITE_WEP40:
+ case WLAN_CIPHER_SUITE_WEP104:
key_type = KEY_WEP;
key_conf->hw_key_idx = key_conf->keyidx;
break;
- case ALG_TKIP:
+ case WLAN_CIPHER_SUITE_TKIP:
key_type = KEY_TKIP;
key_conf->hw_key_idx = key_conf->keyidx;
tx_seq_32 = WL1271_TX_SECURITY_HI32(wl->tx_security_seq);
tx_seq_16 = WL1271_TX_SECURITY_LO16(wl->tx_security_seq);
break;
- case ALG_CCMP:
+ case WLAN_CIPHER_SUITE_CCMP:
key_type = KEY_AES;
key_conf->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
@@ -1476,7 +1477,7 @@ static int wl1271_op_set_key(struct ieee
tx_seq_16 = WL1271_TX_SECURITY_LO16(wl->tx_security_seq);
break;
default:
- wl1271_error("Unknown key algo 0x%x", key_conf->alg);
+ wl1271_error("Unknown key algo 0x%x", key_conf->cipher);
ret = -EOPNOTSUPP;
goto out_sleep;
--- wireless-testing.orig/drivers/net/wireless/wl12xx/wl1271_tx.c 2010-08-05 23:30:25.000000000 +0200
+++ wireless-testing/drivers/net/wireless/wl12xx/wl1271_tx.c 2010-08-05 23:30:25.000000000 +0200
@@ -193,7 +193,7 @@ static int wl1271_tx_frame(struct wl1271
info = IEEE80211_SKB_CB(skb);
if (info->control.hw_key &&
- info->control.hw_key->alg == ALG_TKIP)
+ info->control.hw_key->cipher == WLAN_CIPHER_SUITE_TKIP)
extra = WL1271_TKIP_IV_SPACE;
if (info->control.hw_key) {
@@ -347,7 +347,7 @@ static void wl1271_tx_complete_packet(st
/* remove TKIP header space if present */
if (info->control.hw_key &&
- info->control.hw_key->alg == ALG_TKIP) {
+ info->control.hw_key->cipher == WLAN_CIPHER_SUITE_TKIP) {
int hdrlen = ieee80211_get_hdrlen_from_skb(skb);
memmove(skb->data + WL1271_TKIP_IV_SPACE, skb->data, hdrlen);
skb_pull(skb, WL1271_TKIP_IV_SPACE);
^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH 2/5] mac80211: move key tfm setup
2010-08-10 7:46 [PATCH 0/5] mac80211 crypto cleanups Johannes Berg
2010-08-10 7:46 ` [PATCH 1/5] mac80211: use cipher suite selectors Johannes Berg
@ 2010-08-10 7:46 ` Johannes Berg
2010-08-10 7:46 ` [PATCH 3/5] mac80211: remove unused status flag checks Johannes Berg
` (2 subsequent siblings)
4 siblings, 0 replies; 10+ messages in thread
From: Johannes Berg @ 2010-08-10 7:46 UTC (permalink / raw)
To: John Linville; +Cc: linux-wireless
From: Johannes Berg <johannes.berg@intel.com>
There's no need to keep separate if statements
for setting up the CCMP/AES-CMAC tfm structs;
move that into the existing switch statement.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
---
net/mac80211/key.c | 26 ++++++++++----------------
1 file changed, 10 insertions(+), 16 deletions(-)
--- wireless-testing.orig/net/mac80211/key.c 2010-08-08 11:03:25.000000000 +0200
+++ wireless-testing/net/mac80211/key.c 2010-08-08 11:03:26.000000000 +0200
@@ -277,19 +277,6 @@ struct ieee80211_key *ieee80211_key_allo
key->u.ccmp.rx_pn[i][j] =
seq[CCMP_PN_LEN - j - 1];
}
- break;
- case WLAN_CIPHER_SUITE_AES_CMAC:
- key->conf.iv_len = 0;
- key->conf.icv_len = sizeof(struct ieee80211_mmie);
- if (seq)
- for (j = 0; j < 6; j++)
- key->u.aes_cmac.rx_pn[j] = seq[6 - j - 1];
- break;
- }
- memcpy(key->conf.key, key_data, key_len);
- INIT_LIST_HEAD(&key->list);
-
- if (cipher == WLAN_CIPHER_SUITE_CCMP) {
/*
* Initialize AES key state here as an optimization so that
* it does not need to be initialized for every packet.
@@ -299,9 +286,13 @@ struct ieee80211_key *ieee80211_key_allo
kfree(key);
return NULL;
}
- }
-
- if (cipher == WLAN_CIPHER_SUITE_AES_CMAC) {
+ break;
+ case WLAN_CIPHER_SUITE_AES_CMAC:
+ key->conf.iv_len = 0;
+ key->conf.icv_len = sizeof(struct ieee80211_mmie);
+ if (seq)
+ for (j = 0; j < 6; j++)
+ key->u.aes_cmac.rx_pn[j] = seq[6 - j - 1];
/*
* Initialize AES key state here as an optimization so that
* it does not need to be initialized for every packet.
@@ -312,7 +303,10 @@ struct ieee80211_key *ieee80211_key_allo
kfree(key);
return NULL;
}
+ break;
}
+ memcpy(key->conf.key, key_data, key_len);
+ INIT_LIST_HEAD(&key->list);
return key;
}
^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH 3/5] mac80211: remove unused status flag checks
2010-08-10 7:46 [PATCH 0/5] mac80211 crypto cleanups Johannes Berg
2010-08-10 7:46 ` [PATCH 1/5] mac80211: use cipher suite selectors Johannes Berg
2010-08-10 7:46 ` [PATCH 2/5] mac80211: move key tfm setup Johannes Berg
@ 2010-08-10 7:46 ` Johannes Berg
2010-08-11 11:51 ` Juuso Oikarinen
2010-08-10 7:46 ` [PATCH 4/5] mac80211: dont advertise WEP if unavailable Johannes Berg
2010-08-10 7:46 ` [PATCH 5/5] cfg80211: check if WEP is available for shared key auth Johannes Berg
4 siblings, 1 reply; 10+ messages in thread
From: Johannes Berg @ 2010-08-10 7:46 UTC (permalink / raw)
To: John Linville; +Cc: linux-wireless
From: Johannes Berg <johannes.berg@intel.com>
The decryption code verifies whether or not
a given frame was decrypted and verified by
hardware. This is unnecessary, as the crypto
RX handler already does it long before the
decryption code is even invoked, so remove
that code to avoid confusion.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
---
net/mac80211/wpa.c | 26 ++++++--------------------
1 file changed, 6 insertions(+), 20 deletions(-)
--- wireless-testing.orig/net/mac80211/wpa.c 2010-08-08 10:38:47.000000000 +0200
+++ wireless-testing/net/mac80211/wpa.c 2010-08-08 10:40:03.000000000 +0200
@@ -221,19 +221,13 @@ ieee80211_crypto_tkip_decrypt(struct iee
if (!rx->sta || skb->len - hdrlen < 12)
return RX_DROP_UNUSABLE;
- if (status->flag & RX_FLAG_DECRYPTED) {
- if (status->flag & RX_FLAG_IV_STRIPPED) {
- /*
- * Hardware took care of all processing, including
- * replay protection, and stripped the ICV/IV so
- * we cannot do any checks here.
- */
- return RX_CONTINUE;
- }
-
- /* let TKIP code verify IV, but skip decryption */
+ /*
+ * Let TKIP code verify IV, but skip decryption.
+ * In the case where hardware checks the IV as well,
+ * we don't even get here, see ieee80211_rx_h_decrypt()
+ */
+ if (status->flag & RX_FLAG_DECRYPTED)
hwaccel = 1;
- }
res = ieee80211_tkip_decrypt_data(rx->local->wep_rx_tfm,
key, skb->data + hdrlen,
@@ -447,10 +441,6 @@ ieee80211_crypto_ccmp_decrypt(struct iee
if (!rx->sta || data_len < 0)
return RX_DROP_UNUSABLE;
- if ((status->flag & RX_FLAG_DECRYPTED) &&
- (status->flag & RX_FLAG_IV_STRIPPED))
- return RX_CONTINUE;
-
ccmp_hdr2pn(pn, skb->data + hdrlen);
queue = ieee80211_is_mgmt(hdr->frame_control) ?
@@ -564,10 +554,6 @@ ieee80211_crypto_aes_cmac_decrypt(struct
if (!ieee80211_is_mgmt(hdr->frame_control))
return RX_CONTINUE;
- if ((status->flag & RX_FLAG_DECRYPTED) &&
- (status->flag & RX_FLAG_IV_STRIPPED))
- return RX_CONTINUE;
-
if (skb->len < 24 + sizeof(*mmie))
return RX_DROP_UNUSABLE;
^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH 4/5] mac80211: dont advertise WEP if unavailable
2010-08-10 7:46 [PATCH 0/5] mac80211 crypto cleanups Johannes Berg
` (2 preceding siblings ...)
2010-08-10 7:46 ` [PATCH 3/5] mac80211: remove unused status flag checks Johannes Berg
@ 2010-08-10 7:46 ` Johannes Berg
2010-08-10 7:46 ` [PATCH 5/5] cfg80211: check if WEP is available for shared key auth Johannes Berg
4 siblings, 0 replies; 10+ messages in thread
From: Johannes Berg @ 2010-08-10 7:46 UTC (permalink / raw)
To: John Linville; +Cc: linux-wireless
From: Johannes Berg <johannes.berg@intel.com>
When WEP is unavailable, don't advertise it
to cfg80211.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
---
net/mac80211/main.c | 5 +++++
1 file changed, 5 insertions(+)
--- wireless-testing.orig/net/mac80211/main.c 2010-08-08 11:11:08.000000000 +0200
+++ wireless-testing/net/mac80211/main.c 2010-08-08 11:21:24.000000000 +0200
@@ -509,6 +509,7 @@ int ieee80211_register_hw(struct ieee802
int channels, max_bitrates;
bool supp_ht;
static const u32 cipher_suites[] = {
+ /* keep WEP first, it may be removed below */
WLAN_CIPHER_SUITE_WEP40,
WLAN_CIPHER_SUITE_WEP104,
WLAN_CIPHER_SUITE_TKIP,
@@ -596,6 +597,10 @@ int ieee80211_register_hw(struct ieee802
local->hw.wiphy->n_cipher_suites = ARRAY_SIZE(cipher_suites);
if (!(local->hw.flags & IEEE80211_HW_MFP_CAPABLE))
local->hw.wiphy->n_cipher_suites--;
+ if (IS_ERR(local->wep_tx_tfm) || IS_ERR(local->wep_rx_tfm)) {
+ local->hw.wiphy->cipher_suites += 2;
+ local->hw.wiphy->n_cipher_suites -= 2;
+ }
result = wiphy_register(local->hw.wiphy);
if (result < 0)
^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH 5/5] cfg80211: check if WEP is available for shared key auth
2010-08-10 7:46 [PATCH 0/5] mac80211 crypto cleanups Johannes Berg
` (3 preceding siblings ...)
2010-08-10 7:46 ` [PATCH 4/5] mac80211: dont advertise WEP if unavailable Johannes Berg
@ 2010-08-10 7:46 ` Johannes Berg
4 siblings, 0 replies; 10+ messages in thread
From: Johannes Berg @ 2010-08-10 7:46 UTC (permalink / raw)
To: John Linville; +Cc: linux-wireless
From: Johannes Berg <johannes.berg@intel.com>
When shared key auth is requested, cfg80211
should verify that the device is capable of
WEP crypto which is required.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
---
net/wireless/nl80211.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)
--- wireless-testing.orig/net/wireless/nl80211.c 2010-08-08 11:32:20.000000000 +0200
+++ wireless-testing/net/wireless/nl80211.c 2010-08-08 11:32:28.000000000 +0200
@@ -3604,6 +3604,21 @@ static int nl80211_authenticate(struct s
if (err)
goto unlock_rtnl;
+ if (key.idx >= 0) {
+ int i;
+ bool ok = false;
+ for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) {
+ if (key.p.cipher == rdev->wiphy.cipher_suites[i]) {
+ ok = true;
+ break;
+ }
+ }
+ if (!ok) {
+ err = -EINVAL;
+ goto out;
+ }
+ }
+
if (!rdev->ops->auth) {
err = -EOPNOTSUPP;
goto out;
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH 3/5] mac80211: remove unused status flag checks
2010-08-10 7:46 ` [PATCH 3/5] mac80211: remove unused status flag checks Johannes Berg
@ 2010-08-11 11:51 ` Juuso Oikarinen
2010-08-11 12:12 ` Juuso Oikarinen
0 siblings, 1 reply; 10+ messages in thread
From: Juuso Oikarinen @ 2010-08-11 11:51 UTC (permalink / raw)
To: ext Johannes Berg; +Cc: John Linville, linux-wireless
On Tue, 2010-08-10 at 09:46 +0200, ext Johannes Berg wrote:
> From: Johannes Berg <johannes.berg@intel.com>
>
> The decryption code verifies whether or not
> a given frame was decrypted and verified by
> hardware. This is unnecessary, as the crypto
> RX handler already does it long before the
> decryption code is even invoked, so remove
> that code to avoid confusion.
>
> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
> ---
> net/mac80211/wpa.c | 26 ++++++--------------------
> 1 file changed, 6 insertions(+), 20 deletions(-)
>
This patch for some reason seems to break wl1271 WPA - association
succeeds but encrypted data transfer fails.
I still don't know why, but I'm looking into it.
-Juuso
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH 3/5] mac80211: remove unused status flag checks
2010-08-11 11:51 ` Juuso Oikarinen
@ 2010-08-11 12:12 ` Juuso Oikarinen
2010-08-11 12:39 ` Johannes Berg
0 siblings, 1 reply; 10+ messages in thread
From: Juuso Oikarinen @ 2010-08-11 12:12 UTC (permalink / raw)
To: ext Johannes Berg; +Cc: John Linville, linux-wireless
On Wed, 2010-08-11 at 13:51 +0200, Oikarinen Juuso (Nokia-MS/Tampere)
wrote:
> On Tue, 2010-08-10 at 09:46 +0200, ext Johannes Berg wrote:
> > From: Johannes Berg <johannes.berg@intel.com>
> >
> > The decryption code verifies whether or not
> > a given frame was decrypted and verified by
> > hardware. This is unnecessary, as the crypto
> > RX handler already does it long before the
> > decryption code is even invoked, so remove
> > that code to avoid confusion.
> >
> > Signed-off-by: Johannes Berg <johannes.berg@intel.com>
> > ---
> > net/mac80211/wpa.c | 26 ++++++--------------------
> > 1 file changed, 6 insertions(+), 20 deletions(-)
> >
>
> This patch for some reason seems to break wl1271 WPA - association
> succeeds but encrypted data transfer fails.
>
> I still don't know why, but I'm looking into it.
>
It appears, that in function ieee80211_rx_h_decrypt we go here:
if (!is_multicast_ether_addr(hdr->addr1) && stakey) {
rx->key = stakey;
/* Skip decryption if the frame is not protected. */
if (!ieee80211_has_protected(hdr->frame_control))
return RX_CONTINUE;
And here, as the frame is protected, we go out of the if, and end up in
tkip_decrypt, which with this patch no longer checks whether the frame
is already decrypted.
The frame then ends up dropped.
> -Juuso
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH 3/5] mac80211: remove unused status flag checks
2010-08-11 12:12 ` Juuso Oikarinen
@ 2010-08-11 12:39 ` Johannes Berg
2010-08-12 4:57 ` Juuso Oikarinen
0 siblings, 1 reply; 10+ messages in thread
From: Johannes Berg @ 2010-08-11 12:39 UTC (permalink / raw)
To: Juuso Oikarinen; +Cc: John Linville, linux-wireless
On Wed, 2010-08-11 at 15:12 +0300, Juuso Oikarinen wrote:
> > > The decryption code verifies whether or not
> > > a given frame was decrypted and verified by
> > > hardware. This is unnecessary, as the crypto
> > > RX handler already does it long before the
> > > decryption code is even invoked, so remove
> > > that code to avoid confusion.
> > >
> > > Signed-off-by: Johannes Berg <johannes.berg@intel.com>
> > > ---
> > > net/mac80211/wpa.c | 26 ++++++--------------------
> > > 1 file changed, 6 insertions(+), 20 deletions(-)
> > >
> >
> > This patch for some reason seems to break wl1271 WPA - association
> > succeeds but encrypted data transfer fails.
> >
> > I still don't know why, but I'm looking into it.
> >
>
> It appears, that in function ieee80211_rx_h_decrypt we go here:
>
> if (!is_multicast_ether_addr(hdr->addr1) && stakey) {
> rx->key = stakey;
> /* Skip decryption if the frame is not protected. */
> if (!ieee80211_has_protected(hdr->frame_control))
> return RX_CONTINUE;
>
> And here, as the frame is protected, we go out of the if, and end up in
> tkip_decrypt, which with this patch no longer checks whether the frame
> is already decrypted.
>
> The frame then ends up dropped.
Err, you're right, sorry about that. There are too many paths here. How
about this patch?
johannes
--- wireless-testing.orig/net/mac80211/rx.c 2010-08-11 14:37:13.000000000 +0200
+++ wireless-testing/net/mac80211/rx.c 2010-08-11 14:38:13.000000000 +0200
@@ -873,6 +873,9 @@ ieee80211_rx_h_decrypt(struct ieee80211_
if (!is_multicast_ether_addr(hdr->addr1) && stakey) {
rx->key = stakey;
+ if ((status->flag & RX_FLAG_DECRYPTED) &&
+ (status->flag & RX_FLAG_IV_STRIPPED))
+ return RX_CONTINUE;
/* Skip decryption if the frame is not protected. */
if (!ieee80211_has_protected(fc))
return RX_CONTINUE;
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH 3/5] mac80211: remove unused status flag checks
2010-08-11 12:39 ` Johannes Berg
@ 2010-08-12 4:57 ` Juuso Oikarinen
0 siblings, 0 replies; 10+ messages in thread
From: Juuso Oikarinen @ 2010-08-12 4:57 UTC (permalink / raw)
To: ext Johannes Berg; +Cc: John Linville, linux-wireless
On Wed, 2010-08-11 at 14:39 +0200, ext Johannes Berg wrote:
> On Wed, 2010-08-11 at 15:12 +0300, Juuso Oikarinen wrote:
>
> > > > The decryption code verifies whether or not
> > > > a given frame was decrypted and verified by
> > > > hardware. This is unnecessary, as the crypto
> > > > RX handler already does it long before the
> > > > decryption code is even invoked, so remove
> > > > that code to avoid confusion.
> > > >
> > > > Signed-off-by: Johannes Berg <johannes.berg@intel.com>
> > > > ---
> > > > net/mac80211/wpa.c | 26 ++++++--------------------
> > > > 1 file changed, 6 insertions(+), 20 deletions(-)
> > > >
> > >
> > > This patch for some reason seems to break wl1271 WPA - association
> > > succeeds but encrypted data transfer fails.
> > >
> > > I still don't know why, but I'm looking into it.
> > >
> >
> > It appears, that in function ieee80211_rx_h_decrypt we go here:
> >
> > if (!is_multicast_ether_addr(hdr->addr1) && stakey) {
> > rx->key = stakey;
> > /* Skip decryption if the frame is not protected. */
> > if (!ieee80211_has_protected(hdr->frame_control))
> > return RX_CONTINUE;
> >
> > And here, as the frame is protected, we go out of the if, and end up in
> > tkip_decrypt, which with this patch no longer checks whether the frame
> > is already decrypted.
> >
> > The frame then ends up dropped.
>
> Err, you're right, sorry about that. There are too many paths here. How
> about this patch?
>
> johannes
>
> --- wireless-testing.orig/net/mac80211/rx.c 2010-08-11 14:37:13.000000000 +0200
> +++ wireless-testing/net/mac80211/rx.c 2010-08-11 14:38:13.000000000 +0200
> @@ -873,6 +873,9 @@ ieee80211_rx_h_decrypt(struct ieee80211_
>
> if (!is_multicast_ether_addr(hdr->addr1) && stakey) {
> rx->key = stakey;
> + if ((status->flag & RX_FLAG_DECRYPTED) &&
> + (status->flag & RX_FLAG_IV_STRIPPED))
> + return RX_CONTINUE;
> /* Skip decryption if the frame is not protected. */
> if (!ieee80211_has_protected(fc))
> return RX_CONTINUE;
>
>
This appears to work.
-Juus
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2010-08-12 4:58 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-08-10 7:46 [PATCH 0/5] mac80211 crypto cleanups Johannes Berg
2010-08-10 7:46 ` [PATCH 1/5] mac80211: use cipher suite selectors Johannes Berg
2010-08-10 7:46 ` [PATCH 2/5] mac80211: move key tfm setup Johannes Berg
2010-08-10 7:46 ` [PATCH 3/5] mac80211: remove unused status flag checks Johannes Berg
2010-08-11 11:51 ` Juuso Oikarinen
2010-08-11 12:12 ` Juuso Oikarinen
2010-08-11 12:39 ` Johannes Berg
2010-08-12 4:57 ` Juuso Oikarinen
2010-08-10 7:46 ` [PATCH 4/5] mac80211: dont advertise WEP if unavailable Johannes Berg
2010-08-10 7:46 ` [PATCH 5/5] cfg80211: check if WEP is available for shared key auth Johannes Berg
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).