1 /* 2 * Copyright (c) 2017-2018 The Linux Foundation. All rights reserved. 3 * 4 * Permission to use, copy, modify, and/or distribute this software for 5 * any purpose with or without fee is hereby granted, provided that the 6 * above copyright notice and this permission notice appear in all 7 * copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL 10 * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED 11 * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE 12 * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL 13 * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR 14 * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER 15 * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 16 * PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 /** 20 * DOC: Public APIs for crypto service 21 */ 22 #include <qdf_types.h> 23 #include <wlan_cmn.h> 24 #include <wlan_objmgr_cmn.h> 25 #include <wlan_objmgr_global_obj.h> 26 #include <wlan_objmgr_psoc_obj.h> 27 #include <wlan_objmgr_pdev_obj.h> 28 #include <wlan_objmgr_vdev_obj.h> 29 #include <wlan_objmgr_peer_obj.h> 30 31 #include "wlan_crypto_global_def.h" 32 #include "wlan_crypto_global_api.h" 33 #include "wlan_crypto_def_i.h" 34 #include "wlan_crypto_param_handling_i.h" 35 #include "wlan_crypto_obj_mgr_i.h" 36 37 #include <qdf_module.h> 38 39 40 const struct wlan_crypto_cipher *wlan_crypto_cipher_ops[WLAN_CRYPTO_CIPHER_MAX]; 41 42 /** 43 * wlan_crypto_vdev_get_crypto_params - called by mlme to get crypto params 44 * @vdev:vdev 45 * 46 * This function gets called by mlme to get crypto params 47 * 48 * Return: wlan_crypto_params or NULL in case of failure 49 */ 50 static struct wlan_crypto_params *wlan_crypto_vdev_get_comp_params( 51 struct wlan_objmgr_vdev *vdev, 52 struct wlan_crypto_comp_priv **crypto_priv){ 53 *crypto_priv = (struct wlan_crypto_comp_priv *) 54 wlan_get_vdev_crypto_obj(vdev); 55 if (*crypto_priv == NULL) { 56 qdf_print("%s[%d] crypto_priv NULL\n", __func__, __LINE__); 57 return NULL; 58 } 59 60 return &((*crypto_priv)->crypto_params); 61 } 62 63 /** 64 * wlan_crypto_peer_get_crypto_params - called by mlme to get crypto params 65 * @peer:peer 66 * 67 * This function gets called by mlme to get crypto params 68 * 69 * Return: wlan_crypto_params or NULL in case of failure 70 */ 71 static struct wlan_crypto_params *wlan_crypto_peer_get_comp_params( 72 struct wlan_objmgr_peer *peer, 73 struct wlan_crypto_comp_priv **crypto_priv){ 74 75 *crypto_priv = (struct wlan_crypto_comp_priv *) 76 wlan_get_peer_crypto_obj(peer); 77 if (*crypto_priv == NULL) { 78 qdf_print("%s[%d] crypto_priv NULL\n", __func__, __LINE__); 79 return NULL; 80 } 81 82 return &((*crypto_priv)->crypto_params); 83 } 84 85 static QDF_STATUS wlan_crypto_set_igtk_key(struct wlan_crypto_key *key) 86 { 87 return QDF_STATUS_SUCCESS; 88 } 89 90 /** 91 * wlan_crypto_set_param - called by ucfg to set crypto param 92 * @crypto_params: crypto_params 93 * @param: param to be set. 94 * @value: value 95 * 96 * This function gets called from ucfg to set param 97 * 98 * Return: QDF_STATUS_SUCCESS - in case of success 99 */ 100 static QDF_STATUS wlan_crypto_set_param(struct wlan_crypto_params *crypto_params, 101 wlan_crypto_param_type param, 102 uint32_t value){ 103 QDF_STATUS status = QDF_STATUS_E_INVAL; 104 105 switch (param) { 106 case WLAN_CRYPTO_PARAM_AUTH_MODE: 107 status = wlan_crypto_set_authmode(crypto_params, value); 108 break; 109 case WLAN_CRYPTO_PARAM_UCAST_CIPHER: 110 status = wlan_crypto_set_ucastciphers(crypto_params, value); 111 break; 112 case WLAN_CRYPTO_PARAM_MCAST_CIPHER: 113 status = wlan_crypto_set_mcastcipher(crypto_params, value); 114 break; 115 case WLAN_CRYPTO_PARAM_MGMT_CIPHER: 116 status = wlan_crypto_set_mgmtcipher(crypto_params, value); 117 break; 118 case WLAN_CRYPTO_PARAM_CIPHER_CAP: 119 status = wlan_crypto_set_cipher_cap(crypto_params, value); 120 break; 121 case WLAN_CRYPTO_PARAM_RSN_CAP: 122 status = wlan_crypto_set_rsn_cap(crypto_params, value); 123 break; 124 case WLAN_CRYPTO_PARAM_KEY_MGMT: 125 status = wlan_crypto_set_key_mgmt(crypto_params, value); 126 break; 127 default: 128 status = QDF_STATUS_E_INVAL; 129 } 130 return status; 131 } 132 133 /** 134 * wlan_crypto_set_vdev_param - called by ucfg to set crypto param 135 * @vdev: vdev 136 * @param: param to be set. 137 * @value: value 138 * 139 * This function gets called from ucfg to set param 140 * 141 * Return: QDF_STATUS_SUCCESS - in case of success 142 */ 143 QDF_STATUS wlan_crypto_set_vdev_param(struct wlan_objmgr_vdev *vdev, 144 wlan_crypto_param_type param, 145 uint32_t value){ 146 QDF_STATUS status = QDF_STATUS_E_INVAL; 147 struct wlan_crypto_comp_priv *crypto_priv; 148 struct wlan_crypto_params *crypto_params; 149 150 crypto_priv = (struct wlan_crypto_comp_priv *) 151 wlan_get_vdev_crypto_obj(vdev); 152 153 if (crypto_priv == NULL) { 154 qdf_print("%s[%d] crypto_priv NULL\n", __func__, __LINE__); 155 return QDF_STATUS_E_INVAL; 156 } 157 158 crypto_params = &(crypto_priv->crypto_params); 159 160 status = wlan_crypto_set_param(crypto_params, param, value); 161 162 return status; 163 } 164 165 /** 166 * wlan_crypto_set_param - called by ucfg to set crypto param 167 * 168 * @peer: peer 169 * @param: param to be set. 170 * @value: value 171 * 172 * This function gets called from ucfg to set param 173 * 174 * Return: QDF_STATUS_SUCCESS - in case of success 175 */ 176 QDF_STATUS wlan_crypto_set_peer_param(struct wlan_objmgr_peer *peer, 177 wlan_crypto_param_type param, 178 uint32_t value){ 179 QDF_STATUS status = QDF_STATUS_E_INVAL; 180 struct wlan_crypto_comp_priv *crypto_priv; 181 struct wlan_crypto_params *crypto_params; 182 183 crypto_params = wlan_crypto_peer_get_comp_params(peer, 184 &crypto_priv); 185 186 if (crypto_priv == NULL) { 187 qdf_print("%s[%d] crypto_priv NULL\n", __func__, __LINE__); 188 return QDF_STATUS_E_INVAL; 189 } 190 191 crypto_params = &(crypto_priv->crypto_params); 192 193 status = wlan_crypto_set_param(crypto_params, param, value); 194 195 return status; 196 } 197 198 /** 199 * wlan_crypto_get_param_value - called by crypto APIs to get value for param 200 * @param: Crypto param type 201 * @crypto_params: Crypto params struct 202 * 203 * This function gets called from in-within crypto layer 204 * 205 * Return: value or -1 for failure 206 */ 207 static int32_t wlan_crypto_get_param_value(wlan_crypto_param_type param, 208 struct wlan_crypto_params *crypto_params) 209 { 210 int32_t value = -1; 211 212 switch (param) { 213 case WLAN_CRYPTO_PARAM_AUTH_MODE: 214 value = wlan_crypto_get_authmode(crypto_params); 215 break; 216 case WLAN_CRYPTO_PARAM_UCAST_CIPHER: 217 value = wlan_crypto_get_ucastciphers(crypto_params); 218 break; 219 case WLAN_CRYPTO_PARAM_MCAST_CIPHER: 220 value = wlan_crypto_get_mcastcipher(crypto_params); 221 break; 222 case WLAN_CRYPTO_PARAM_MGMT_CIPHER: 223 value = wlan_crypto_get_mgmtciphers(crypto_params); 224 break; 225 case WLAN_CRYPTO_PARAM_CIPHER_CAP: 226 value = wlan_crypto_get_cipher_cap(crypto_params); 227 break; 228 case WLAN_CRYPTO_PARAM_RSN_CAP: 229 value = wlan_crypto_get_rsn_cap(crypto_params); 230 break; 231 case WLAN_CRYPTO_PARAM_KEY_MGMT: 232 value = wlan_crypto_get_key_mgmt(crypto_params); 233 break; 234 default: 235 value = QDF_STATUS_E_INVAL; 236 } 237 238 return value; 239 } 240 241 /** 242 * wlan_crypto_get_param - called to get value for param from vdev 243 * @vdev: vdev 244 * @param: Crypto param type 245 * 246 * This function gets called to get value for param from vdev 247 * 248 * Return: value or -1 for failure 249 */ 250 int32_t wlan_crypto_get_param(struct wlan_objmgr_vdev *vdev, 251 wlan_crypto_param_type param) 252 { 253 int32_t value = -1; 254 struct wlan_crypto_comp_priv *crypto_priv; 255 struct wlan_crypto_params *crypto_params; 256 crypto_priv = (struct wlan_crypto_comp_priv *) 257 wlan_get_vdev_crypto_obj(vdev); 258 259 if (crypto_priv == NULL) { 260 qdf_print("%s[%d] crypto_priv NULL\n", __func__, __LINE__); 261 return QDF_STATUS_E_INVAL; 262 } 263 264 crypto_params = &(crypto_priv->crypto_params); 265 value = wlan_crypto_get_param_value(param, crypto_params); 266 267 return value; 268 } 269 270 /** 271 * wlan_crypto_get_peer_param - called to get value for param from peer 272 * @peer: peer 273 * @param: Crypto param type 274 * 275 * This function gets called to get value for param from peer 276 * 277 * Return: value or -1 for failure 278 */ 279 int32_t wlan_crypto_get_peer_param(struct wlan_objmgr_peer *peer, 280 wlan_crypto_param_type param) 281 { 282 int32_t value = -1; 283 struct wlan_crypto_comp_priv *crypto_priv; 284 struct wlan_crypto_params *crypto_params; 285 286 crypto_params = wlan_crypto_peer_get_comp_params(peer, 287 &crypto_priv); 288 289 if (crypto_params == NULL) { 290 qdf_print("%s[%d] crypto_params NULL\n", __func__, __LINE__); 291 return QDF_STATUS_E_INVAL; 292 } 293 value = wlan_crypto_get_param_value(param, crypto_params); 294 295 return value; 296 } 297 qdf_export_symbol(wlan_crypto_get_peer_param); 298 /** 299 * wlan_crypto_is_htallowed - called to check is HT allowed for cipher 300 * @vdev: vdev 301 * @peer: peer 302 * 303 * This function gets called to check is HT allowed for cipher. 304 * HT is not allowed for wep and tkip. 305 * 306 * Return: 0 - not allowed or 1 - allowed 307 */ 308 uint8_t wlan_crypto_is_htallowed(struct wlan_objmgr_vdev *vdev, 309 struct wlan_objmgr_peer *peer) 310 { 311 int32_t ucast_cipher; 312 313 if (!(vdev || peer)) { 314 qdf_print("%s[%d] Invalid params\n", __func__, __LINE__); 315 return 0; 316 } 317 318 if (vdev) 319 ucast_cipher = wlan_crypto_get_param(vdev, 320 WLAN_CRYPTO_PARAM_UCAST_CIPHER); 321 else 322 ucast_cipher = wlan_crypto_get_peer_param(peer, 323 WLAN_CRYPTO_PARAM_UCAST_CIPHER); 324 325 return (ucast_cipher & (1 << WLAN_CRYPTO_CIPHER_WEP)) || 326 ((ucast_cipher & (1 << WLAN_CRYPTO_CIPHER_TKIP)) && 327 !(ucast_cipher & (1 << WLAN_CRYPTO_CIPHER_AES_CCM)) && 328 !(ucast_cipher & (1 << WLAN_CRYPTO_CIPHER_AES_GCM)) && 329 !(ucast_cipher & (1 << WLAN_CRYPTO_CIPHER_AES_GCM_256)) && 330 !(ucast_cipher & (1 << WLAN_CRYPTO_CIPHER_AES_CCM_256))); 331 } 332 qdf_export_symbol(wlan_crypto_is_htallowed); 333 334 /** 335 * wlan_crypto_setkey - called by ucfg to setkey 336 * @vdev: vdev 337 * @req_key: req_key with cipher type, key macaddress 338 * 339 * This function gets called from ucfg to sey key 340 * 341 * Return: QDF_STATUS_SUCCESS - in case of success 342 */ 343 QDF_STATUS wlan_crypto_setkey(struct wlan_objmgr_vdev *vdev, 344 struct wlan_crypto_req_key *req_key){ 345 346 QDF_STATUS status = QDF_STATUS_E_INVAL; 347 struct wlan_crypto_comp_priv *crypto_priv; 348 struct wlan_crypto_params *crypto_params; 349 struct wlan_objmgr_psoc *psoc; 350 struct wlan_objmgr_peer *peer; 351 struct wlan_crypto_key *key = NULL; 352 const struct wlan_crypto_cipher *cipher; 353 uint8_t macaddr[WLAN_ALEN] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; 354 bool isbcast; 355 enum QDF_OPMODE vdev_mode; 356 uint8_t igtk_idx = 0; 357 358 if (!vdev || !req_key || req_key->keylen > (sizeof(req_key->keydata))) { 359 qdf_print("%s[%d] Invalid params vdev%pK, req_key%pK\n", 360 __func__, __LINE__, vdev, req_key); 361 return QDF_STATUS_E_INVAL; 362 } 363 364 isbcast = qdf_is_macaddr_broadcast( 365 (struct qdf_mac_addr *)req_key->macaddr); 366 if ((req_key->keylen == 0) && !IS_FILS_CIPHER(req_key->type)) { 367 /* zero length keys, only set default key id if flags are set*/ 368 if ((req_key->flags & WLAN_CRYPTO_KEY_DEFAULT) 369 && (req_key->keyix != WLAN_CRYPTO_KEYIX_NONE) 370 && (!IS_MGMT_CIPHER(req_key->type))) { 371 wlan_crypto_default_key(vdev, 372 req_key->macaddr, 373 req_key->keyix, 374 !isbcast); 375 return QDF_STATUS_SUCCESS; 376 } 377 qdf_print("%s[%d] req_key len zero\n", __func__, __LINE__); 378 return QDF_STATUS_E_INVAL; 379 } 380 381 cipher = wlan_crypto_cipher_ops[req_key->type]; 382 383 if (!cipher && !IS_MGMT_CIPHER(req_key->type)) { 384 qdf_print("%s[%d] cipher invalid\n", __func__, __LINE__); 385 return QDF_STATUS_E_INVAL; 386 } 387 388 if (cipher && (!IS_FILS_CIPHER(req_key->type)) && 389 (!IS_MGMT_CIPHER(req_key->type)) && 390 ((req_key->keylen != (cipher->keylen / NBBY)) && 391 (req_key->type != WLAN_CRYPTO_CIPHER_WEP))) { 392 qdf_print("%s[%d] cipher invalid\n", __func__, __LINE__); 393 return QDF_STATUS_E_INVAL; 394 } else if ((req_key->type == WLAN_CRYPTO_CIPHER_WEP) && 395 !((req_key->keylen == WLAN_CRYPTO_KEY_WEP40_LEN) 396 || (req_key->keylen == WLAN_CRYPTO_KEY_WEP104_LEN) 397 || (req_key->keylen == WLAN_CRYPTO_KEY_WEP128_LEN))) { 398 qdf_print("%s[%d] wep key len invalid\n", __func__, __LINE__); 399 return QDF_STATUS_E_INVAL; 400 } 401 402 if (req_key->keyix == WLAN_CRYPTO_KEYIX_NONE) { 403 if (req_key->flags != (WLAN_CRYPTO_KEY_XMIT 404 | WLAN_CRYPTO_KEY_RECV)) { 405 req_key->flags |= (WLAN_CRYPTO_KEY_XMIT 406 | WLAN_CRYPTO_KEY_RECV); 407 } 408 } else { 409 if ((req_key->keyix > WLAN_CRYPTO_MAXKEYIDX) 410 && (!IS_MGMT_CIPHER(req_key->type))) { 411 return QDF_STATUS_E_INVAL; 412 } 413 414 req_key->flags |= (WLAN_CRYPTO_KEY_XMIT 415 | WLAN_CRYPTO_KEY_RECV); 416 if (isbcast) 417 req_key->flags |= WLAN_CRYPTO_KEY_GROUP; 418 } 419 420 vdev_mode = wlan_vdev_mlme_get_opmode(vdev); 421 422 wlan_vdev_obj_lock(vdev); 423 qdf_mem_copy(macaddr, wlan_vdev_mlme_get_macaddr(vdev), WLAN_ALEN); 424 psoc = wlan_vdev_get_psoc(vdev); 425 if (!psoc) { 426 wlan_vdev_obj_unlock(vdev); 427 qdf_print("%s[%d] psoc NULL\n", __func__, __LINE__); 428 return QDF_STATUS_E_INVAL; 429 } 430 wlan_vdev_obj_unlock(vdev); 431 432 if (req_key->type == WLAN_CRYPTO_CIPHER_WEP) { 433 if (wlan_crypto_vdev_has_auth_mode(vdev, 434 (1 << WLAN_CRYPTO_AUTH_8021X))) { 435 req_key->flags |= WLAN_CRYPTO_KEY_DEFAULT; 436 } 437 } 438 439 if (isbcast) { 440 crypto_params = wlan_crypto_vdev_get_comp_params(vdev, 441 &crypto_priv); 442 if (crypto_priv == NULL) { 443 qdf_print("%s[%d] crypto_priv NULL\n", 444 __func__, __LINE__); 445 return QDF_STATUS_E_INVAL; 446 } 447 448 if (IS_MGMT_CIPHER(req_key->type)) { 449 igtk_idx = req_key->keyix - WLAN_CRYPTO_MAXKEYIDX; 450 if (igtk_idx >= WLAN_CRYPTO_MAXIGTKKEYIDX) { 451 qdf_print("%s[%d] igtk key invalid keyid %d \n", 452 __func__, __LINE__, igtk_idx); 453 return QDF_STATUS_E_INVAL; 454 } 455 key = qdf_mem_malloc(sizeof(struct wlan_crypto_key)); 456 if (key == NULL) { 457 qdf_print("%s[%d] igtk key alloc failed\n", 458 __func__, __LINE__); 459 return QDF_STATUS_E_NOMEM; 460 } 461 462 if (crypto_priv->igtk_key[igtk_idx]) 463 qdf_mem_free(crypto_priv->igtk_key[igtk_idx]); 464 465 crypto_priv->igtk_key[igtk_idx] = key; 466 crypto_priv->igtk_key_type = req_key->type; 467 crypto_priv->def_igtk_tx_keyid = igtk_idx; 468 } else { 469 if (IS_FILS_CIPHER(req_key->type)) { 470 qdf_print(FL( 471 "FILS key is not for BroadCast packet\n")); 472 return QDF_STATUS_E_INVAL; 473 } 474 if (!HAS_MCAST_CIPHER(crypto_params, req_key->type) 475 && (req_key->type != WLAN_CRYPTO_CIPHER_WEP)) { 476 return QDF_STATUS_E_INVAL; 477 } 478 if (!crypto_priv->key[req_key->keyix]) { 479 crypto_priv->key[req_key->keyix] 480 = qdf_mem_malloc( 481 sizeof(struct wlan_crypto_key)); 482 if (!crypto_priv->key[req_key->keyix]) 483 return QDF_STATUS_E_NOMEM; 484 } 485 key = crypto_priv->key[req_key->keyix]; 486 } 487 if (vdev_mode == QDF_STA_MODE) { 488 peer = wlan_vdev_get_bsspeer(vdev); 489 if (!(peer && (QDF_STATUS_SUCCESS 490 == wlan_objmgr_peer_try_get_ref(peer, 491 WLAN_CRYPTO_ID)))) { 492 qdf_print("%s[%d] peer %pK failed\n", 493 __func__, __LINE__, peer); 494 if (IS_MGMT_CIPHER(req_key->type)) { 495 crypto_priv->igtk_key[igtk_idx] = NULL; 496 crypto_priv->igtk_key_type 497 = WLAN_CRYPTO_CIPHER_NONE; 498 } else 499 crypto_priv->key[req_key->keyix] = NULL; 500 if (key) 501 qdf_mem_free(key); 502 return QDF_STATUS_E_INVAL; 503 } 504 qdf_mem_copy(macaddr, wlan_peer_get_macaddr(peer), 505 WLAN_ALEN); 506 wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID); 507 } 508 } else { 509 peer = wlan_objmgr_get_peer_by_mac_n_vdev( 510 psoc, 511 req_key->macaddr, 512 macaddr, 513 WLAN_CRYPTO_ID); 514 515 if (peer == NULL) { 516 qdf_print("%s[%d] peer NULL\n", __func__, __LINE__); 517 return QDF_STATUS_E_INVAL; 518 } 519 520 qdf_mem_copy(macaddr, req_key->macaddr, WLAN_ALEN); 521 crypto_params = wlan_crypto_peer_get_comp_params(peer, 522 &crypto_priv); 523 wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID); 524 525 if (crypto_priv == NULL) { 526 qdf_print("%s[%d] crypto_priv NULL\n", 527 __func__, __LINE__); 528 return QDF_STATUS_E_INVAL; 529 } 530 if (IS_MGMT_CIPHER(req_key->type)) { 531 igtk_idx = req_key->keyix - WLAN_CRYPTO_MAXKEYIDX; 532 if (igtk_idx > WLAN_CRYPTO_MAXIGTKKEYIDX) { 533 qdf_print("%s[%d] igtk key invalid keyid %d \n", 534 __func__, __LINE__, igtk_idx); 535 return QDF_STATUS_E_INVAL; 536 } 537 key = qdf_mem_malloc(sizeof(struct wlan_crypto_key)); 538 if (key == NULL) { 539 qdf_print("%s[%d] igtk key alloc failed\n", 540 __func__, __LINE__); 541 return QDF_STATUS_E_NOMEM; 542 } 543 if (crypto_priv->igtk_key[igtk_idx]) 544 qdf_mem_free(crypto_priv->igtk_key[igtk_idx]); 545 546 crypto_priv->igtk_key[igtk_idx] = key; 547 crypto_priv->igtk_key_type = req_key->type; 548 crypto_priv->def_igtk_tx_keyid = igtk_idx; 549 } else { 550 uint16_t kid = req_key->keyix; 551 if (kid == WLAN_CRYPTO_KEYIX_NONE) 552 kid = 0; 553 if (kid >= WLAN_CRYPTO_MAXKEYIDX) { 554 qdf_print("%s[%d] invalid keyid %d \n", 555 __func__, __LINE__, kid); 556 return QDF_STATUS_E_INVAL; 557 } 558 if (!crypto_priv->key[kid]) { 559 crypto_priv->key[kid] 560 = qdf_mem_malloc( 561 sizeof(struct wlan_crypto_key)); 562 if (!crypto_priv->key[kid]) 563 return QDF_STATUS_E_NOMEM; 564 } 565 key = crypto_priv->key[kid]; 566 } 567 } 568 569 /* alloc key might not required as it is already there */ 570 key->cipher_table = (void *)cipher; 571 key->keylen = req_key->keylen; 572 key->flags = req_key->flags; 573 574 if (req_key->keyix == WLAN_CRYPTO_KEYIX_NONE) 575 key->keyix = 0; 576 else 577 key->keyix = req_key->keyix; 578 579 if (req_key->flags & WLAN_CRYPTO_KEY_DEFAULT 580 && (!IS_MGMT_CIPHER(req_key->type))) { 581 crypto_priv->def_tx_keyid = key->keyix; 582 key->flags |= WLAN_CRYPTO_KEY_DEFAULT; 583 } 584 if ((req_key->type == WLAN_CRYPTO_CIPHER_WAPI_SMS4) 585 || (req_key->type == WLAN_CRYPTO_CIPHER_WAPI_GCM4)) { 586 uint8_t iv_AP[16] = { 0x5c, 0x36, 0x5c, 0x36, 587 0x5c, 0x36, 0x5c, 0x36, 588 0x5c, 0x36, 0x5c, 0x36, 589 0x5c, 0x36, 0x5c, 0x37}; 590 uint8_t iv_STA[16] = { 0x5c, 0x36, 0x5c, 0x36, 591 0x5c, 0x36, 0x5c, 0x36, 592 0x5c, 0x36, 0x5c, 0x36, 593 0x5c, 0x36, 0x5c, 0x36}; 594 595 /* During Tx PN should be increment and 596 * send but as per our implementation we increment only after 597 * Tx complete. So First packet PN check will be failed. 598 * To compensate increment the PN here by 2 599 */ 600 if (vdev_mode == QDF_SAP_MODE) { 601 iv_AP[15] += 2; 602 qdf_mem_copy(key->recviv, iv_STA, 603 WLAN_CRYPTO_WAPI_IV_SIZE); 604 qdf_mem_copy(key->txiv, iv_AP, 605 WLAN_CRYPTO_WAPI_IV_SIZE); 606 } else { 607 iv_STA[15] += 2; 608 qdf_mem_copy(key->recviv, iv_AP, 609 WLAN_CRYPTO_WAPI_IV_SIZE); 610 qdf_mem_copy(key->txiv, iv_STA, 611 WLAN_CRYPTO_WAPI_IV_SIZE); 612 } 613 } else { 614 uint8_t i = 0; 615 qdf_mem_copy((uint8_t *)(&key->keytsc), 616 (uint8_t *)(&req_key->keytsc), sizeof(key->keytsc)); 617 for (i = 0; i < WLAN_CRYPTO_TID_SIZE; i++) { 618 qdf_mem_copy((uint8_t *)(&key->keyrsc[i]), 619 (uint8_t *)(&req_key->keyrsc), 620 sizeof(key->keyrsc[0])); 621 } 622 } 623 624 qdf_mem_copy(key->keyval, req_key->keydata, sizeof(key->keyval)); 625 key->valid = 1; 626 if ((IS_MGMT_CIPHER(req_key->type))) { 627 if (HAS_CIPHER_CAP(crypto_params, 628 WLAN_CRYPTO_CAP_PMF_OFFLOAD)) { 629 if (WLAN_CRYPTO_TX_OPS_SETKEY(psoc)) { 630 WLAN_CRYPTO_TX_OPS_SETKEY(psoc)(vdev, 631 key, macaddr, req_key->type); 632 } 633 } 634 status = wlan_crypto_set_igtk_key(key); 635 return status; 636 } else if (IS_FILS_CIPHER(req_key->type)) { 637 /* Take request key object to FILS setkey */ 638 key->private = req_key; 639 } else { 640 if (WLAN_CRYPTO_TX_OPS_SETKEY(psoc)) { 641 WLAN_CRYPTO_TX_OPS_SETKEY(psoc)(vdev, key, 642 macaddr, req_key->type); 643 } 644 } 645 status = cipher->setkey(key); 646 647 return status; 648 } 649 650 /** 651 * wlan_crypto_vdev_getkey - get key from vdev 652 * @vdev: vdev 653 * @keyix: keyix 654 * 655 * This function gets key from vdev 656 * 657 * Return: key or NULL 658 */ 659 struct wlan_crypto_key *wlan_crypto_vdev_getkey(struct wlan_objmgr_vdev *vdev, 660 uint16_t keyix){ 661 struct wlan_crypto_comp_priv *crypto_priv; 662 struct wlan_crypto_params *crypto_params; 663 664 crypto_params = wlan_crypto_vdev_get_comp_params(vdev, &crypto_priv); 665 666 if (crypto_priv == NULL) { 667 qdf_print("%s[%d] crypto_priv NULL\n", __func__, __LINE__); 668 return NULL; 669 } 670 671 if (keyix == WLAN_CRYPTO_KEYIX_NONE || keyix >= WLAN_CRYPTO_MAXKEYIDX) 672 return crypto_priv->key[crypto_priv->def_tx_keyid]; 673 else 674 return crypto_priv->key[keyix]; 675 } 676 677 /** 678 * wlan_crypto_peer_getkey - get key from peer 679 * @peer: peer 680 * @keyix: keyix 681 * 682 * This function gets key from peer 683 * 684 * Return: key or NULL 685 */ 686 struct wlan_crypto_key *wlan_crypto_peer_getkey(struct wlan_objmgr_peer *peer, 687 uint16_t keyix){ 688 struct wlan_crypto_comp_priv *crypto_priv; 689 struct wlan_crypto_params *crypto_params; 690 691 crypto_params = wlan_crypto_peer_get_comp_params(peer, &crypto_priv); 692 693 if (crypto_priv == NULL) { 694 qdf_print("%s[%d] crypto_priv NULL\n", __func__, __LINE__); 695 return NULL; 696 } 697 698 if (keyix == WLAN_CRYPTO_KEYIX_NONE || keyix >= WLAN_CRYPTO_MAXKEYIDX) 699 return crypto_priv->key[crypto_priv->def_tx_keyid]; 700 else 701 return crypto_priv->key[keyix]; 702 } 703 704 /** 705 * wlan_crypto_getkey - called by ucfg to get key 706 * @vdev: vdev 707 * @req_key: key value will be copied in this req_key 708 * @mac_address: mac address of the peer for unicast key 709 * or broadcast address if group key is requested. 710 * 711 * This function gets called from ucfg to get key 712 * 713 * Return: QDF_STATUS_SUCCESS - in case of success 714 */ 715 QDF_STATUS wlan_crypto_getkey(struct wlan_objmgr_vdev *vdev, 716 struct wlan_crypto_req_key *req_key, 717 uint8_t *mac_addr){ 718 struct wlan_crypto_cipher *cipher_table; 719 struct wlan_crypto_key *key; 720 struct wlan_objmgr_psoc *psoc; 721 uint8_t macaddr[WLAN_ALEN] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; 722 723 if ((req_key->keyix != WLAN_CRYPTO_KEYIX_NONE) && 724 (req_key->keyix >= WLAN_CRYPTO_MAXKEYIDX)) { 725 qdf_print("%s[%d] invalid keyix %d\n", __func__, __LINE__, 726 req_key->keyix); 727 return QDF_STATUS_E_INVAL; 728 } 729 730 wlan_vdev_obj_lock(vdev); 731 qdf_mem_copy(macaddr, wlan_vdev_mlme_get_macaddr(vdev), WLAN_ALEN); 732 psoc = wlan_vdev_get_psoc(vdev); 733 if (!psoc) { 734 wlan_vdev_obj_unlock(vdev); 735 qdf_print("%s[%d] psoc NULL\n", __func__, __LINE__); 736 return QDF_STATUS_E_INVAL; 737 } 738 wlan_vdev_obj_unlock(vdev); 739 740 if (qdf_is_macaddr_broadcast((struct qdf_mac_addr *)mac_addr)) { 741 key = wlan_crypto_vdev_getkey(vdev, req_key->keyix); 742 if (!key) 743 return QDF_STATUS_E_INVAL; 744 } else { 745 struct wlan_objmgr_peer *peer; 746 747 peer = wlan_objmgr_get_peer_by_mac_n_vdev( 748 psoc, 749 mac_addr, 750 macaddr, 751 WLAN_CRYPTO_ID); 752 if (peer == NULL) { 753 QDF_TRACE(QDF_MODULE_ID_CRYPTO, QDF_TRACE_LEVEL_ERROR, 754 "%s[%d] peer NULL\n", __func__, __LINE__); 755 return QDF_STATUS_E_NOENT; 756 } 757 wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID); 758 key = wlan_crypto_peer_getkey(peer, req_key->keyix); 759 if (!key) 760 return QDF_STATUS_E_INVAL; 761 } 762 763 if (key->valid) { 764 qdf_mem_copy(req_key->keydata, 765 key->keyval, key->keylen); 766 qdf_mem_copy((uint8_t *)(&req_key->keytsc), 767 (uint8_t *)(&key->keytsc), 768 sizeof(req_key->keytsc)); 769 qdf_mem_copy((uint8_t *)(&req_key->keyrsc), 770 (uint8_t *)(&key->keyrsc[0]), 771 sizeof(req_key->keyrsc)); 772 req_key->keylen = key->keylen; 773 req_key->flags = key->flags; 774 cipher_table = (struct wlan_crypto_cipher *)key->cipher_table; 775 776 if (!cipher_table) 777 return QDF_STATUS_SUCCESS; 778 779 req_key->type = cipher_table->cipher; 780 if (req_key->type == WLAN_CRYPTO_CIPHER_WAPI_SMS4) { 781 qdf_mem_copy((uint8_t *)(&req_key->txiv), 782 (uint8_t *)(key->txiv), 783 sizeof(req_key->txiv)); 784 qdf_mem_copy((uint8_t *)(&req_key->recviv), 785 (uint8_t *)(key->recviv), 786 sizeof(req_key->recviv)); 787 } 788 } 789 790 return QDF_STATUS_SUCCESS; 791 } 792 793 /** 794 * wlan_crypto_delkey - called by ucfg to delete key 795 * @vdev: vdev 796 * @mac_address: mac address of the peer for unicast key 797 * or broadcast address if group key is deleted. 798 * @key_idx: key index to be deleted 799 * 800 * This function gets called from ucfg to delete key 801 * 802 * Return: QDF_STATUS_SUCCESS - in case of success 803 */ 804 QDF_STATUS wlan_crypto_delkey(struct wlan_objmgr_vdev *vdev, 805 uint8_t *macaddr, 806 uint8_t key_idx){ 807 struct wlan_crypto_comp_priv *crypto_priv; 808 struct wlan_crypto_params *crypto_params; 809 struct wlan_crypto_key *key; 810 struct wlan_crypto_cipher *cipher_table; 811 struct wlan_objmgr_psoc *psoc; 812 uint8_t bssid_mac[WLAN_ALEN]; 813 814 if (!vdev || !macaddr || 815 (key_idx >= 816 (WLAN_CRYPTO_MAXKEYIDX + WLAN_CRYPTO_MAXIGTKKEYIDX))) { 817 QDF_TRACE(QDF_MODULE_ID_CRYPTO, QDF_TRACE_LEVEL_ERROR, 818 "%s[%d] Invalid params vdev %pK, macaddr %pK" 819 "keyidx %d\n", __func__, __LINE__, vdev, 820 macaddr, key_idx); 821 return QDF_STATUS_E_INVAL; 822 } 823 824 wlan_vdev_obj_lock(vdev); 825 qdf_mem_copy(bssid_mac, wlan_vdev_mlme_get_macaddr(vdev), WLAN_ALEN); 826 psoc = wlan_vdev_get_psoc(vdev); 827 if (!psoc) { 828 wlan_vdev_obj_unlock(vdev); 829 qdf_print("%s[%d] psoc NULL\n", __func__, __LINE__); 830 return QDF_STATUS_E_INVAL; 831 } 832 wlan_vdev_obj_unlock(vdev); 833 834 if (qdf_is_macaddr_broadcast((struct qdf_mac_addr *)macaddr)) { 835 crypto_params = wlan_crypto_vdev_get_comp_params(vdev, 836 &crypto_priv); 837 if (crypto_priv == NULL) { 838 qdf_print("%s[%d] crypto_priv NULL\n", 839 __func__, __LINE__); 840 return QDF_STATUS_E_INVAL; 841 } 842 } else { 843 struct wlan_objmgr_peer *peer; 844 845 peer = wlan_objmgr_get_peer_by_mac_n_vdev( 846 psoc, macaddr, 847 bssid_mac, 848 WLAN_CRYPTO_ID); 849 if (peer == NULL) { 850 return QDF_STATUS_E_INVAL; 851 } 852 crypto_params = wlan_crypto_peer_get_comp_params(peer, 853 &crypto_priv); 854 wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID); 855 if (crypto_priv == NULL) { 856 qdf_print("%s[%d] crypto_priv NULL\n", 857 __func__, __LINE__); 858 return QDF_STATUS_E_INVAL; 859 } 860 } 861 862 if (key_idx >= WLAN_CRYPTO_MAXKEYIDX) { 863 uint8_t igtk_idx = key_idx - WLAN_CRYPTO_MAXKEYIDX; 864 if (igtk_idx >= WLAN_CRYPTO_MAXIGTKKEYIDX) { 865 qdf_print("%s[%d] Igtk key invalid keyid %d\n", 866 __func__, __LINE__, igtk_idx); 867 return QDF_STATUS_E_INVAL; 868 } 869 key = crypto_priv->igtk_key[igtk_idx]; 870 crypto_priv->igtk_key[igtk_idx] = NULL; 871 if (key) 872 key->valid = 0; 873 } else { 874 key = crypto_priv->key[key_idx]; 875 crypto_priv->key[key_idx] = NULL; 876 } 877 878 if (!key) 879 return QDF_STATUS_E_INVAL; 880 881 if (key->valid) { 882 cipher_table = (struct wlan_crypto_cipher *)key->cipher_table; 883 884 if (WLAN_CRYPTO_TX_OPS_DELKEY(psoc)) { 885 WLAN_CRYPTO_TX_OPS_DELKEY(psoc)(vdev, key, 886 macaddr, cipher_table->cipher); 887 } 888 } 889 qdf_mem_free(key); 890 891 return QDF_STATUS_SUCCESS; 892 } 893 894 /** 895 * wlan_crypto_default_key - called by ucfg to set default tx key 896 * @vdev: vdev 897 * @mac_address: mac address of the peer for unicast key 898 * or broadcast address if group key need to made default. 899 * @key_idx: key index to be made as default key 900 * @unicast: is key was unicast or group key. 901 * 902 * This function gets called from ucfg to set default key 903 * 904 * Return: QDF_STATUS_SUCCESS - in case of success 905 */ 906 QDF_STATUS wlan_crypto_default_key(struct wlan_objmgr_vdev *vdev, 907 uint8_t *macaddr, 908 uint8_t key_idx, 909 bool unicast){ 910 struct wlan_crypto_comp_priv *crypto_priv; 911 struct wlan_crypto_params *crypto_params; 912 struct wlan_crypto_key *key; 913 struct wlan_objmgr_psoc *psoc; 914 uint8_t bssid_mac[WLAN_ALEN]; 915 916 wlan_vdev_obj_lock(vdev); 917 qdf_mem_copy(bssid_mac, wlan_vdev_mlme_get_macaddr(vdev), WLAN_ALEN); 918 psoc = wlan_vdev_get_psoc(vdev); 919 if (!psoc) { 920 wlan_vdev_obj_unlock(vdev); 921 qdf_print("%s[%d] psoc NULL\n", __func__, __LINE__); 922 return QDF_STATUS_E_INVAL; 923 } 924 wlan_vdev_obj_unlock(vdev); 925 926 if (!vdev || !macaddr || (key_idx >= WLAN_CRYPTO_MAXKEYIDX)) { 927 qdf_print("%s[%d] Invalid params vdev %pK, macaddr %pK" 928 "keyidx %d\n", __func__, __LINE__, 929 vdev, macaddr, key_idx); 930 return QDF_STATUS_E_INVAL; 931 } 932 if (qdf_is_macaddr_broadcast((struct qdf_mac_addr *)macaddr)) { 933 crypto_params = wlan_crypto_vdev_get_comp_params(vdev, 934 &crypto_priv); 935 if (crypto_priv == NULL) { 936 qdf_print("%s[%d] crypto_priv NULL\n", 937 __func__, __LINE__); 938 return QDF_STATUS_E_INVAL; 939 } 940 941 key = crypto_priv->key[key_idx]; 942 if (!key) 943 return QDF_STATUS_E_INVAL; 944 } else { 945 struct wlan_objmgr_peer *peer; 946 peer = wlan_objmgr_get_peer_by_mac_n_vdev( 947 psoc, macaddr, 948 bssid_mac, 949 WLAN_CRYPTO_ID); 950 951 if (peer == NULL) { 952 qdf_print("%s[%d] peer NULL\n", __func__, __LINE__); 953 return QDF_STATUS_E_INVAL; 954 } 955 crypto_params = wlan_crypto_peer_get_comp_params(peer, 956 &crypto_priv); 957 wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID); 958 if (crypto_priv == NULL) { 959 qdf_print("%s[%d] crypto_priv NULL\n", 960 __func__, __LINE__); 961 return QDF_STATUS_E_INVAL; 962 } 963 964 key = crypto_priv->key[key_idx]; 965 if (!key) 966 return QDF_STATUS_E_INVAL; 967 } 968 if (!key->valid) 969 return QDF_STATUS_E_INVAL; 970 971 if (WLAN_CRYPTO_TX_OPS_DEFAULTKEY(psoc)) { 972 WLAN_CRYPTO_TX_OPS_DEFAULTKEY(psoc)(vdev, key_idx, 973 macaddr); 974 } 975 crypto_priv->def_tx_keyid = key_idx; 976 977 return QDF_STATUS_SUCCESS; 978 } 979 980 /** 981 * wlan_crypto_encap - called by mgmt for encap the frame based on cipher 982 * @vdev: vdev 983 * @wbuf: wbuf 984 * @macaddr: macaddr 985 * @encapdone: is encapdone already or not. 986 * 987 * This function gets called from mgmt txrx to encap frame. 988 * 989 * Return: QDF_STATUS_SUCCESS - in case of success 990 */ 991 QDF_STATUS wlan_crypto_encap(struct wlan_objmgr_vdev *vdev, 992 qdf_nbuf_t wbuf, 993 uint8_t *mac_addr, 994 uint8_t encapdone){ 995 struct wlan_crypto_comp_priv *crypto_priv; 996 struct wlan_crypto_params *crypto_params; 997 struct wlan_crypto_key *key; 998 QDF_STATUS status; 999 struct wlan_crypto_cipher *cipher_table; 1000 struct wlan_objmgr_psoc *psoc; 1001 struct wlan_objmgr_peer *peer; 1002 uint8_t bssid_mac[WLAN_ALEN]; 1003 1004 wlan_vdev_obj_lock(vdev); 1005 qdf_mem_copy(bssid_mac, wlan_vdev_mlme_get_macaddr(vdev), WLAN_ALEN); 1006 psoc = wlan_vdev_get_psoc(vdev); 1007 if (!psoc) { 1008 wlan_vdev_obj_unlock(vdev); 1009 qdf_print("%s[%d] psoc NULL\n", __func__, __LINE__); 1010 return QDF_STATUS_E_INVAL; 1011 } 1012 wlan_vdev_obj_unlock(vdev); 1013 1014 /* FILS Encap required only for (Re-)Assoc response */ 1015 peer = wlan_objmgr_get_peer(psoc, mac_addr, WLAN_CRYPTO_ID); 1016 1017 if (!wlan_crypto_is_data_protected((uint8_t *)qdf_nbuf_data(wbuf)) && 1018 peer && !wlan_crypto_get_peer_fils_aead(peer)) { 1019 wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID); 1020 return QDF_STATUS_E_INVAL; 1021 } 1022 1023 if (peer) 1024 wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID); 1025 1026 if (qdf_is_macaddr_broadcast((struct qdf_mac_addr *)mac_addr)) { 1027 crypto_params = wlan_crypto_vdev_get_comp_params(vdev, 1028 &crypto_priv); 1029 if (crypto_priv == NULL) { 1030 qdf_print("%s[%d] crypto_priv NULL\n", 1031 __func__, __LINE__); 1032 return QDF_STATUS_E_INVAL; 1033 } 1034 1035 key = crypto_priv->key[crypto_priv->def_tx_keyid]; 1036 if (!key) 1037 return QDF_STATUS_E_INVAL; 1038 1039 } else { 1040 struct wlan_objmgr_peer *peer; 1041 1042 peer = wlan_objmgr_get_peer_by_mac_n_vdev( 1043 psoc, mac_addr, bssid_mac, WLAN_CRYPTO_ID); 1044 1045 if (peer == NULL) { 1046 qdf_print("%s[%d] crypto_priv NULL\n", 1047 __func__, __LINE__); 1048 return QDF_STATUS_E_INVAL; 1049 } 1050 crypto_params = wlan_crypto_peer_get_comp_params(peer, 1051 &crypto_priv); 1052 wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID); 1053 1054 if (crypto_priv == NULL) { 1055 qdf_print("%s[%d] crypto_priv NULL\n", 1056 __func__, __LINE__); 1057 return QDF_STATUS_E_INVAL; 1058 } 1059 1060 key = crypto_priv->key[crypto_priv->def_tx_keyid]; 1061 if (!key) 1062 return QDF_STATUS_E_INVAL; 1063 } 1064 /* if tkip, is counter measures enabled, then drop the frame */ 1065 cipher_table = (struct wlan_crypto_cipher *)key->cipher_table; 1066 status = cipher_table->encap(key, wbuf, encapdone, 1067 ieee80211_hdrsize((uint8_t *)qdf_nbuf_data(wbuf))); 1068 1069 return status; 1070 } 1071 qdf_export_symbol(wlan_crypto_encap); 1072 1073 /** 1074 * wlan_crypto_decap - called by mgmt for decap the frame based on cipher 1075 * @vdev: vdev 1076 * @wbuf: wbuf 1077 * @macaddr: macaddr 1078 * @tid: tid of the frame 1079 * 1080 * This function gets called from mgmt txrx to decap frame. 1081 * 1082 * Return: QDF_STATUS_SUCCESS - in case of success 1083 */ 1084 QDF_STATUS wlan_crypto_decap(struct wlan_objmgr_vdev *vdev, 1085 qdf_nbuf_t wbuf, 1086 uint8_t *mac_addr, 1087 uint8_t tid){ 1088 struct wlan_crypto_comp_priv *crypto_priv; 1089 struct wlan_crypto_params *crypto_params; 1090 struct wlan_crypto_key *key; 1091 QDF_STATUS status; 1092 struct wlan_crypto_cipher *cipher_table; 1093 struct wlan_objmgr_psoc *psoc; 1094 struct wlan_objmgr_peer *peer; 1095 uint8_t bssid_mac[WLAN_ALEN]; 1096 1097 wlan_vdev_obj_lock(vdev); 1098 qdf_mem_copy(bssid_mac, wlan_vdev_mlme_get_macaddr(vdev), WLAN_ALEN); 1099 psoc = wlan_vdev_get_psoc(vdev); 1100 if (!psoc) { 1101 wlan_vdev_obj_unlock(vdev); 1102 qdf_print("%s[%d] psoc NULL\n", __func__, __LINE__); 1103 return QDF_STATUS_E_INVAL; 1104 } 1105 wlan_vdev_obj_unlock(vdev); 1106 1107 /* FILS Decap required only for (Re-)Assoc request */ 1108 peer = wlan_objmgr_get_peer(psoc, mac_addr, WLAN_CRYPTO_ID); 1109 1110 if (!wlan_crypto_is_data_protected((uint8_t *)qdf_nbuf_data(wbuf)) && 1111 peer && !wlan_crypto_get_peer_fils_aead(peer)) { 1112 wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID); 1113 return QDF_STATUS_E_INVAL; 1114 } 1115 1116 if (peer) 1117 wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID); 1118 1119 if (qdf_is_macaddr_broadcast((struct qdf_mac_addr *)mac_addr)) { 1120 crypto_params = wlan_crypto_vdev_get_comp_params(vdev, 1121 &crypto_priv); 1122 if (crypto_priv == NULL) { 1123 qdf_print("%s[%d] crypto_priv NULL\n", 1124 __func__, __LINE__); 1125 return QDF_STATUS_E_INVAL; 1126 } 1127 1128 key = crypto_priv->key[crypto_priv->def_tx_keyid]; 1129 if (!key) 1130 return QDF_STATUS_E_INVAL; 1131 1132 } else { 1133 struct wlan_objmgr_peer *peer; 1134 1135 peer = wlan_objmgr_get_peer_by_mac_n_vdev( 1136 psoc, mac_addr, bssid_mac, 1137 WLAN_CRYPTO_ID); 1138 if (peer == NULL) { 1139 qdf_print("%s[%d] peer NULL\n", __func__, __LINE__); 1140 return QDF_STATUS_E_INVAL; 1141 } 1142 1143 crypto_params = wlan_crypto_peer_get_comp_params(peer, 1144 &crypto_priv); 1145 wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID); 1146 1147 if (crypto_priv == NULL) { 1148 qdf_print("%s[%d] crypto_priv NULL\n", 1149 __func__, __LINE__); 1150 return QDF_STATUS_E_INVAL; 1151 } 1152 1153 key = crypto_priv->key[crypto_priv->def_tx_keyid]; 1154 if (!key) 1155 return QDF_STATUS_E_INVAL; 1156 } 1157 /* if tkip, is counter measures enabled, then drop the frame */ 1158 cipher_table = (struct wlan_crypto_cipher *)key->cipher_table; 1159 status = cipher_table->decap(key, wbuf, tid, 1160 ieee80211_hdrsize((uint8_t *)qdf_nbuf_data(wbuf))); 1161 1162 return status; 1163 } 1164 qdf_export_symbol(wlan_crypto_decap); 1165 /** 1166 * wlan_crypto_enmic - called by mgmt for adding mic in frame based on cipher 1167 * @vdev: vdev 1168 * @wbuf: wbuf 1169 * @macaddr: macaddr 1170 * @encapdone: is encapdone already or not. 1171 * 1172 * This function gets called from mgmt txrx to adding mic to the frame. 1173 * 1174 * Return: QDF_STATUS_SUCCESS - in case of success 1175 */ 1176 QDF_STATUS wlan_crypto_enmic(struct wlan_objmgr_vdev *vdev, 1177 qdf_nbuf_t wbuf, 1178 uint8_t *mac_addr, 1179 uint8_t encapdone){ 1180 struct wlan_crypto_comp_priv *crypto_priv; 1181 struct wlan_crypto_params *crypto_params; 1182 struct wlan_crypto_key *key; 1183 QDF_STATUS status; 1184 struct wlan_crypto_cipher *cipher_table; 1185 struct wlan_objmgr_psoc *psoc; 1186 uint8_t bssid_mac[WLAN_ALEN]; 1187 1188 wlan_vdev_obj_lock(vdev); 1189 qdf_mem_copy(bssid_mac, wlan_vdev_mlme_get_macaddr(vdev), WLAN_ALEN); 1190 psoc = wlan_vdev_get_psoc(vdev); 1191 if (!psoc) { 1192 wlan_vdev_obj_unlock(vdev); 1193 qdf_print("%s[%d] psoc NULL\n", __func__, __LINE__); 1194 return QDF_STATUS_E_INVAL; 1195 } 1196 wlan_vdev_obj_unlock(vdev); 1197 1198 if (qdf_is_macaddr_broadcast((struct qdf_mac_addr *)mac_addr)) { 1199 crypto_params = wlan_crypto_vdev_get_comp_params(vdev, 1200 &crypto_priv); 1201 if (crypto_priv == NULL) { 1202 qdf_print("%s[%d] crypto_priv NULL\n", 1203 __func__, __LINE__); 1204 return QDF_STATUS_E_INVAL; 1205 } 1206 1207 key = crypto_priv->key[crypto_priv->def_tx_keyid]; 1208 if (!key) 1209 return QDF_STATUS_E_INVAL; 1210 1211 } else { 1212 struct wlan_objmgr_peer *peer; 1213 1214 peer = wlan_objmgr_get_peer_by_mac_n_vdev( 1215 psoc, mac_addr, bssid_mac, 1216 WLAN_CRYPTO_ID); 1217 if (peer == NULL) { 1218 qdf_print("%s[%d] crypto_priv NULL\n", 1219 __func__, __LINE__); 1220 return QDF_STATUS_E_INVAL; 1221 } 1222 1223 crypto_params = wlan_crypto_peer_get_comp_params(peer, 1224 &crypto_priv); 1225 wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID); 1226 1227 if (crypto_priv == NULL) { 1228 qdf_print("%s[%d] crypto_priv NULL\n", 1229 __func__, __LINE__); 1230 return QDF_STATUS_E_INVAL; 1231 } 1232 1233 key = crypto_priv->key[crypto_priv->def_tx_keyid]; 1234 if (!key) 1235 return QDF_STATUS_E_INVAL; 1236 } 1237 /* if tkip, is counter measures enabled, then drop the frame */ 1238 cipher_table = (struct wlan_crypto_cipher *)key->cipher_table; 1239 status = cipher_table->enmic(key, wbuf, encapdone, 1240 ieee80211_hdrsize((uint8_t *)qdf_nbuf_data(wbuf))); 1241 1242 return status; 1243 } 1244 1245 /** 1246 * wlan_crypto_demic - called by mgmt for remove and check mic for 1247 * the frame based on cipher 1248 * @vdev: vdev 1249 * @wbuf: wbuf 1250 * @macaddr: macaddr 1251 * @tid: tid of the frame 1252 * 1253 * This function gets called from mgmt txrx to decap frame. 1254 * 1255 * Return: QDF_STATUS_SUCCESS - in case of success 1256 */ 1257 QDF_STATUS wlan_crypto_demic(struct wlan_objmgr_vdev *vdev, 1258 qdf_nbuf_t wbuf, 1259 uint8_t *mac_addr, 1260 uint8_t tid){ 1261 struct wlan_crypto_comp_priv *crypto_priv; 1262 struct wlan_crypto_params *crypto_params; 1263 struct wlan_crypto_key *key; 1264 QDF_STATUS status; 1265 struct wlan_crypto_cipher *cipher_table; 1266 struct wlan_objmgr_psoc *psoc; 1267 uint8_t bssid_mac[WLAN_ALEN]; 1268 1269 wlan_vdev_obj_lock(vdev); 1270 qdf_mem_copy(bssid_mac, wlan_vdev_mlme_get_macaddr(vdev), WLAN_ALEN); 1271 psoc = wlan_vdev_get_psoc(vdev); 1272 if (!psoc) { 1273 wlan_vdev_obj_unlock(vdev); 1274 qdf_print("%s[%d] psoc NULL\n", __func__, __LINE__); 1275 return QDF_STATUS_E_INVAL; 1276 } 1277 wlan_vdev_obj_unlock(vdev); 1278 1279 if (qdf_is_macaddr_broadcast((struct qdf_mac_addr *)mac_addr)) { 1280 crypto_params = wlan_crypto_vdev_get_comp_params(vdev, 1281 &crypto_priv); 1282 if (crypto_priv == NULL) { 1283 qdf_print("%s[%d] crypto_priv NULL\n", 1284 __func__, __LINE__); 1285 return QDF_STATUS_E_INVAL; 1286 } 1287 1288 key = crypto_priv->key[crypto_priv->def_tx_keyid]; 1289 if (!key) 1290 return QDF_STATUS_E_INVAL; 1291 1292 } else { 1293 struct wlan_objmgr_peer *peer; 1294 1295 peer = wlan_objmgr_get_peer_by_mac_n_vdev( 1296 psoc, mac_addr, bssid_mac, 1297 WLAN_CRYPTO_ID); 1298 if (peer == NULL) { 1299 qdf_print("%s[%d] peer NULL\n", __func__, __LINE__); 1300 return QDF_STATUS_E_INVAL; 1301 } 1302 1303 crypto_params = wlan_crypto_peer_get_comp_params(peer, 1304 &crypto_priv); 1305 wlan_objmgr_peer_release_ref(peer, WLAN_CRYPTO_ID); 1306 1307 if (crypto_priv == NULL) { 1308 qdf_print("%s[%d] crypto_priv NULL\n", 1309 __func__, __LINE__); 1310 return QDF_STATUS_E_INVAL; 1311 } 1312 1313 key = crypto_priv->key[crypto_priv->def_tx_keyid]; 1314 if (!key) 1315 return QDF_STATUS_E_INVAL; 1316 } 1317 /* if tkip, is counter measures enabled, then drop the frame */ 1318 cipher_table = (struct wlan_crypto_cipher *)key->cipher_table; 1319 status = cipher_table->demic(key, wbuf, tid, 1320 ieee80211_hdrsize((uint8_t *)qdf_nbuf_data(wbuf))); 1321 1322 return status; 1323 } 1324 1325 /** 1326 * wlan_crypto_vdev_is_pmf_enabled - called to check is pmf enabled in vdev 1327 * @vdev: vdev 1328 * 1329 * This function gets called to check is pmf enabled or not in vdev. 1330 * 1331 * Return: true or false 1332 */ 1333 bool wlan_crypto_vdev_is_pmf_enabled(struct wlan_objmgr_vdev *vdev) 1334 { 1335 1336 struct wlan_crypto_comp_priv *crypto_priv; 1337 struct wlan_crypto_params *vdev_crypto_params; 1338 1339 if (!vdev) 1340 return false; 1341 vdev_crypto_params = wlan_crypto_vdev_get_comp_params(vdev, 1342 &crypto_priv); 1343 if (crypto_priv == NULL) { 1344 qdf_print("%s[%d] crypto_priv NULL\n", __func__, __LINE__); 1345 return QDF_STATUS_E_INVAL; 1346 } 1347 1348 if ((vdev_crypto_params->rsn_caps & 1349 WLAN_CRYPTO_RSN_CAP_MFP_ENABLED) 1350 || (vdev_crypto_params->rsn_caps & 1351 WLAN_CRYPTO_RSN_CAP_MFP_REQUIRED)) { 1352 return true; 1353 } 1354 1355 return false; 1356 } 1357 /** 1358 * wlan_crypto_is_pmf_enabled - called by mgmt txrx to check is pmf enabled 1359 * @vdev: vdev 1360 * @peer: peer 1361 * 1362 * This function gets called by mgmt txrx to check is pmf enabled or not. 1363 * 1364 * Return: true or false 1365 */ 1366 bool wlan_crypto_is_pmf_enabled(struct wlan_objmgr_vdev *vdev, 1367 struct wlan_objmgr_peer *peer){ 1368 1369 struct wlan_crypto_comp_priv *crypto_priv; 1370 struct wlan_crypto_params *vdev_crypto_params; 1371 struct wlan_crypto_params *peer_crypto_params; 1372 1373 if (!vdev || !peer) 1374 return false; 1375 vdev_crypto_params = wlan_crypto_vdev_get_comp_params(vdev, 1376 &crypto_priv); 1377 if (crypto_priv == NULL) { 1378 qdf_print("%s[%d] crypto_priv NULL\n", __func__, __LINE__); 1379 return QDF_STATUS_E_INVAL; 1380 } 1381 1382 peer_crypto_params = wlan_crypto_peer_get_comp_params(peer, 1383 &crypto_priv); 1384 if (crypto_priv == NULL) { 1385 qdf_print("%s[%d] crypto_priv NULL\n", __func__, __LINE__); 1386 return QDF_STATUS_E_INVAL; 1387 } 1388 if (((vdev_crypto_params->rsn_caps & 1389 WLAN_CRYPTO_RSN_CAP_MFP_ENABLED) && 1390 (peer_crypto_params->rsn_caps & 1391 WLAN_CRYPTO_RSN_CAP_MFP_ENABLED)) 1392 || (vdev_crypto_params->rsn_caps & 1393 WLAN_CRYPTO_RSN_CAP_MFP_REQUIRED)) { 1394 return true; 1395 } 1396 1397 return false; 1398 } 1399 1400 static void wlan_crypto_gmac_pn_swap(uint8_t *a, uint8_t *b) 1401 { 1402 a[0] = b[5]; 1403 a[1] = b[4]; 1404 a[2] = b[3]; 1405 a[3] = b[2]; 1406 a[4] = b[1]; 1407 a[5] = b[0]; 1408 } 1409 1410 /** 1411 * wlan_crypto_add_mmie - called by mgmt txrx to add mmie in frame 1412 * @vdev: vdev 1413 * @bfrm: frame starting pointer 1414 * @len: length of the frame 1415 * 1416 * This function gets called by mgmt txrx to add mmie in frame 1417 * 1418 * Return: end of frame or NULL in case failure 1419 */ 1420 uint8_t *wlan_crypto_add_mmie(struct wlan_objmgr_vdev *vdev, 1421 uint8_t *bfrm, 1422 uint32_t len) { 1423 struct wlan_crypto_key *key; 1424 struct wlan_crypto_mmie *mmie; 1425 uint8_t *pn, *aad, *buf, *efrm, nounce[12]; 1426 struct ieee80211_hdr *hdr; 1427 uint32_t i, hdrlen, mic_len, aad_len; 1428 uint8_t mic[16]; 1429 struct wlan_crypto_comp_priv *crypto_priv; 1430 struct wlan_crypto_params *crypto_params; 1431 int32_t ret; 1432 1433 if (!bfrm) { 1434 qdf_print("%s[%d] frame is NULL\n", __func__, __LINE__); 1435 return NULL; 1436 } 1437 1438 crypto_params = wlan_crypto_vdev_get_comp_params(vdev, 1439 &crypto_priv); 1440 if (crypto_priv == NULL) { 1441 qdf_print("%s[%d] crypto_priv NULL\n", __func__, __LINE__); 1442 return NULL; 1443 } 1444 1445 if (crypto_priv->def_igtk_tx_keyid >= WLAN_CRYPTO_MAXIGTKKEYIDX) { 1446 qdf_print("%s[%d] igtk key invalid keyid %d \n", 1447 __func__, __LINE__, crypto_priv->def_igtk_tx_keyid); 1448 return NULL; 1449 } 1450 1451 key = crypto_priv->igtk_key[crypto_priv->def_igtk_tx_keyid]; 1452 if (!key) { 1453 qdf_print("%s[%d] No igtk key present\n", __func__, __LINE__); 1454 return NULL; 1455 } 1456 mic_len = (crypto_priv->igtk_key_type 1457 == WLAN_CRYPTO_CIPHER_AES_CMAC) ? 8 : 16; 1458 1459 efrm = bfrm + len; 1460 aad_len = 20; 1461 hdrlen = sizeof(struct ieee80211_hdr); 1462 len += sizeof(struct wlan_crypto_mmie); 1463 1464 mmie = (struct wlan_crypto_mmie *) efrm; 1465 qdf_mem_zero((unsigned char *)mmie, sizeof(*mmie)); 1466 mmie->element_id = WLAN_ELEMID_MMIE; 1467 mmie->length = sizeof(*mmie) - 2; 1468 mmie->key_id = qdf_cpu_to_le16(key->keyix); 1469 1470 mic_len = (crypto_priv->igtk_key_type 1471 == WLAN_CRYPTO_CIPHER_AES_CMAC) ? 8 : 16; 1472 if (mic_len == 8) { 1473 mmie->length -= 8; 1474 len -= 8; 1475 } 1476 /* PN = PN + 1 */ 1477 pn = (uint8_t *)&key->keytsc; 1478 1479 for (i = 0; i <= 5; i++) { 1480 pn[i]++; 1481 if (pn[i]) 1482 break; 1483 } 1484 1485 /* Copy IPN */ 1486 qdf_mem_copy(mmie->sequence_number, pn, 6); 1487 1488 hdr = (struct ieee80211_hdr *) bfrm; 1489 1490 buf = qdf_mem_malloc(len - hdrlen + 20); 1491 if (!buf) { 1492 qdf_print("%s[%d] malloc failed\n", __func__, __LINE__); 1493 return NULL; 1494 } 1495 qdf_mem_zero(buf, len - hdrlen + 20); 1496 aad = buf; 1497 /* generate BIP AAD: FC(masked) || A1 || A2 || A3 */ 1498 1499 /* FC type/subtype */ 1500 aad[0] = hdr->frame_control & 0xff; 1501 /* Mask FC Retry, PwrMgt, MoreData flags to zero */ 1502 aad[1] = (hdr->frame_control & ~(WLAN_FC_RETRY | WLAN_FC_PWRMGT 1503 | WLAN_FC_MOREDATA)) >> 8; 1504 /* A1 || A2 || A3 */ 1505 qdf_mem_copy(aad + 2, hdr->addr1, WLAN_ALEN); 1506 qdf_mem_copy(aad + 8, hdr->addr2, WLAN_ALEN); 1507 qdf_mem_copy(aad + 14, hdr->addr3, WLAN_ALEN); 1508 qdf_mem_zero(mic, 16); 1509 1510 /* 1511 * MIC = AES-128-CMAC(IGTK, AAD || Management Frame Body || MMIE, 64) 1512 */ 1513 1514 qdf_mem_copy(buf + aad_len, bfrm + hdrlen, len - hdrlen); 1515 if (crypto_priv->igtk_key_type == WLAN_CRYPTO_CIPHER_AES_CMAC) { 1516 1517 ret = omac1_aes_128(key->keyval, buf, 1518 len + aad_len - hdrlen, mic); 1519 qdf_mem_copy(mmie->mic, mic, 8); 1520 1521 } else if (crypto_priv->igtk_key_type 1522 == WLAN_CRYPTO_CIPHER_AES_CMAC_256) { 1523 1524 ret = omac1_aes_256(key->keyval, buf, 1525 len + aad_len - hdrlen, mmie->mic); 1526 } else if ((crypto_priv->igtk_key_type == WLAN_CRYPTO_CIPHER_AES_GMAC) 1527 || (crypto_priv->igtk_key_type 1528 == WLAN_CRYPTO_CIPHER_AES_GMAC_256)) { 1529 1530 qdf_mem_copy(nounce, hdr->addr2, WLAN_ALEN); 1531 wlan_crypto_gmac_pn_swap(nounce + 6, pn); 1532 ret = wlan_crypto_aes_gmac(key->keyval, key->keylen, nounce, 1533 sizeof(nounce), buf, 1534 len + aad_len - hdrlen, mmie->mic); 1535 } 1536 qdf_mem_free(buf); 1537 if (ret < 0) { 1538 qdf_print("%s[%d] add mmie failed\n", __func__, __LINE__); 1539 return NULL; 1540 } 1541 1542 return bfrm + len; 1543 } 1544 1545 /** 1546 * wlan_crypto_is_mmie_valid - called by mgmt txrx to check mmie of the frame 1547 * @vdev: vdev 1548 * @frm: frame starting pointer 1549 * @efrm: end of frame pointer 1550 * 1551 * This function gets called by mgmt txrx to check mmie of the frame 1552 * 1553 * Return: true or false 1554 */ 1555 bool wlan_crypto_is_mmie_valid(struct wlan_objmgr_vdev *vdev, 1556 uint8_t *frm, 1557 uint8_t *efrm){ 1558 struct wlan_crypto_mmie *mmie = NULL; 1559 uint8_t *ipn, *aad, *buf, mic[16], nounce[12]; 1560 struct wlan_crypto_key *key; 1561 struct ieee80211_hdr *hdr; 1562 uint16_t mic_len, hdrlen, len; 1563 struct wlan_crypto_comp_priv *crypto_priv; 1564 struct wlan_crypto_params *crypto_params; 1565 uint8_t aad_len = 20; 1566 int32_t ret; 1567 1568 /* check if frame is illegal length */ 1569 if (!frm || !efrm || (efrm < frm) 1570 || ((efrm - frm) < sizeof(struct ieee80211_hdr))) { 1571 qdf_print("%s[%d] Invalid params\n", __func__, __LINE__); 1572 return false; 1573 } 1574 len = efrm - frm; 1575 crypto_priv = (struct wlan_crypto_comp_priv *) 1576 wlan_get_vdev_crypto_obj(vdev); 1577 if (crypto_priv == NULL) { 1578 qdf_print("%s[%d] crypto_priv NULL\n", __func__, __LINE__); 1579 return false; 1580 } 1581 1582 crypto_params = &(crypto_priv->crypto_params); 1583 1584 1585 mic_len = (crypto_priv->igtk_key_type 1586 == WLAN_CRYPTO_CIPHER_AES_CMAC) ? 8 : 16; 1587 hdrlen = sizeof(struct ieee80211_hdr); 1588 1589 if (mic_len == 8) 1590 mmie = (struct wlan_crypto_mmie *)(efrm - sizeof(*mmie) + 8); 1591 else 1592 mmie = (struct wlan_crypto_mmie *)(efrm - sizeof(*mmie)); 1593 1594 1595 /* check Elem ID*/ 1596 if ((mmie == NULL) || (mmie->element_id != WLAN_ELEMID_MMIE)) { 1597 qdf_print("%s[%d] IE is not MMIE\n", __func__, __LINE__); 1598 return false; 1599 } 1600 1601 if (mmie->key_id >= (WLAN_CRYPTO_MAXKEYIDX + 1602 WLAN_CRYPTO_MAXIGTKKEYIDX)) { 1603 qdf_print("%s[%d] keyid not valid\n", __func__, __LINE__); 1604 return false; 1605 } 1606 1607 key = crypto_priv->igtk_key[mmie->key_id - WLAN_CRYPTO_MAXKEYIDX]; 1608 if (!key) { 1609 qdf_print("%s[%d] No igtk key present\n", __func__, __LINE__); 1610 return false; 1611 } 1612 1613 /* validate ipn */ 1614 ipn = mmie->sequence_number; 1615 if (qdf_mem_cmp(ipn, key->keyrsc, 6) <= 0) { 1616 qdf_print("%s[%d] replay error\n", __func__, __LINE__); 1617 return false; 1618 } 1619 1620 buf = qdf_mem_malloc(len - hdrlen + 20); 1621 if (!buf) { 1622 qdf_print("%s[%d] malloc failed\n", __func__, __LINE__); 1623 return false; 1624 } 1625 aad = buf; 1626 1627 /* construct AAD */ 1628 hdr = (struct ieee80211_hdr *)frm; 1629 /* generate BIP AAD: FC(masked) || A1 || A2 || A3 */ 1630 1631 /* FC type/subtype */ 1632 aad[0] = hdr->frame_control & 0xff; 1633 /* Mask FC Retry, PwrMgt, MoreData flags to zero */ 1634 aad[1] = (hdr->frame_control & ~(WLAN_FC_RETRY | WLAN_FC_PWRMGT 1635 | WLAN_FC_MOREDATA)) >> 8; 1636 /* A1 || A2 || A3 */ 1637 qdf_mem_copy(aad + 2, hdr->addr1, 3 * WLAN_ALEN); 1638 1639 /* 1640 * MIC = AES-128-CMAC(IGTK, AAD || Management Frame Body || MMIE, 64) 1641 */ 1642 qdf_mem_copy(buf + 20, frm + hdrlen, len - hdrlen); 1643 qdf_mem_zero(buf + (len - hdrlen + 20 - mic_len), mic_len); 1644 qdf_mem_zero(mic, 16); 1645 if (crypto_priv->igtk_key_type == WLAN_CRYPTO_CIPHER_AES_CMAC) { 1646 ret = omac1_aes_128(key->keyval, buf, 1647 len - hdrlen + aad_len, mic); 1648 } else if (crypto_priv->igtk_key_type 1649 == WLAN_CRYPTO_CIPHER_AES_CMAC_256) { 1650 ret = omac1_aes_256(key->keyval, buf, 1651 len + aad_len - hdrlen, mic); 1652 } else if ((crypto_priv->igtk_key_type == WLAN_CRYPTO_CIPHER_AES_GMAC) 1653 || (crypto_priv->igtk_key_type 1654 == WLAN_CRYPTO_CIPHER_AES_GMAC_256)) { 1655 qdf_mem_copy(nounce, hdr->addr2, WLAN_ALEN); 1656 wlan_crypto_gmac_pn_swap(nounce + 6, ipn); 1657 ret = wlan_crypto_aes_gmac(key->keyval, key->keylen, nounce, 1658 sizeof(nounce), buf, 1659 len + aad_len - hdrlen, mic); 1660 } 1661 1662 qdf_mem_free(buf); 1663 1664 if (ret < 0) { 1665 qdf_print("%s[%d] genarate mmie failed\n", __func__, __LINE__); 1666 return false; 1667 } 1668 1669 if (qdf_mem_cmp(mic, mmie->mic, mic_len) != 0) { 1670 qdf_print("%s[%d] mmie mismatch\n", __func__, __LINE__); 1671 /* MMIE MIC mismatch */ 1672 return false; 1673 } 1674 1675 /* Update the receive sequence number */ 1676 qdf_mem_copy(key->keyrsc, ipn, 6); 1677 qdf_print("%s[%d] mmie matched\n", __func__, __LINE__); 1678 1679 return true; 1680 } 1681 1682 1683 static int32_t wlan_crypto_wpa_cipher_to_suite(uint32_t cipher) 1684 { 1685 int32_t status = -1; 1686 1687 switch (cipher) { 1688 case WLAN_CRYPTO_CIPHER_TKIP: 1689 return WPA_CIPHER_SUITE_TKIP; 1690 case WLAN_CRYPTO_CIPHER_AES_CCM: 1691 return WPA_CIPHER_SUITE_CCMP; 1692 case WLAN_CRYPTO_CIPHER_NONE: 1693 return WPA_CIPHER_SUITE_NONE; 1694 } 1695 1696 return status; 1697 } 1698 1699 static int32_t wlan_crypto_rsn_cipher_to_suite(uint32_t cipher) 1700 { 1701 int32_t status = -1; 1702 1703 switch (cipher) { 1704 case WLAN_CRYPTO_CIPHER_TKIP: 1705 return RSN_CIPHER_SUITE_TKIP; 1706 case WLAN_CRYPTO_CIPHER_AES_CCM: 1707 return RSN_CIPHER_SUITE_CCMP; 1708 case WLAN_CRYPTO_CIPHER_AES_CCM_256: 1709 return RSN_CIPHER_SUITE_CCMP_256; 1710 case WLAN_CRYPTO_CIPHER_AES_GCM: 1711 return RSN_CIPHER_SUITE_GCMP; 1712 case WLAN_CRYPTO_CIPHER_AES_GCM_256: 1713 return RSN_CIPHER_SUITE_GCMP_256; 1714 case WLAN_CRYPTO_CIPHER_AES_CMAC: 1715 return RSN_CIPHER_SUITE_AES_CMAC; 1716 case WLAN_CRYPTO_CIPHER_AES_CMAC_256: 1717 return RSN_CIPHER_SUITE_BIP_CMAC_256; 1718 case WLAN_CRYPTO_CIPHER_AES_GMAC: 1719 return RSN_CIPHER_SUITE_BIP_GMAC_128; 1720 case WLAN_CRYPTO_CIPHER_AES_GMAC_256: 1721 return RSN_CIPHER_SUITE_BIP_GMAC_256; 1722 case WLAN_CRYPTO_CIPHER_NONE: 1723 return RSN_CIPHER_SUITE_NONE; 1724 } 1725 1726 return status; 1727 } 1728 1729 /* 1730 * Convert an RSN key management/authentication algorithm 1731 * to an internal code. 1732 */ 1733 static int32_t 1734 wlan_crypto_rsn_keymgmt_to_suite(uint32_t keymgmt) 1735 { 1736 int32_t status = -1; 1737 1738 switch (keymgmt) { 1739 case WLAN_CRYPTO_KEY_MGMT_NONE: 1740 return RSN_AUTH_KEY_MGMT_NONE; 1741 case WLAN_CRYPTO_KEY_MGMT_IEEE8021X: 1742 return RSN_AUTH_KEY_MGMT_UNSPEC_802_1X; 1743 case WLAN_CRYPTO_KEY_MGMT_PSK: 1744 return RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X; 1745 case WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X: 1746 return RSN_AUTH_KEY_MGMT_FT_802_1X; 1747 case WLAN_CRYPTO_KEY_MGMT_FT_PSK: 1748 return RSN_AUTH_KEY_MGMT_FT_PSK; 1749 case WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SHA256: 1750 return RSN_AUTH_KEY_MGMT_802_1X_SHA256; 1751 case WLAN_CRYPTO_KEY_MGMT_PSK_SHA256: 1752 return RSN_AUTH_KEY_MGMT_PSK_SHA256; 1753 case WLAN_CRYPTO_KEY_MGMT_SAE: 1754 return RSN_AUTH_KEY_MGMT_SAE; 1755 case WLAN_CRYPTO_KEY_MGMT_FT_SAE: 1756 return RSN_AUTH_KEY_MGMT_FT_SAE; 1757 case WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B: 1758 return RSN_AUTH_KEY_MGMT_802_1X_SUITE_B; 1759 case WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B_192: 1760 return RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192; 1761 case WLAN_CRYPTO_KEY_MGMT_CCKM: 1762 return RSN_AUTH_KEY_MGMT_CCKM; 1763 case WLAN_CRYPTO_KEY_MGMT_OSEN: 1764 return RSN_AUTH_KEY_MGMT_OSEN; 1765 } 1766 1767 return status; 1768 } 1769 1770 /* 1771 * Convert an RSN key management/authentication algorithm 1772 * to an internal code. 1773 */ 1774 static int32_t 1775 wlan_crypto_wpa_keymgmt_to_suite(uint32_t keymgmt) 1776 { 1777 int32_t status = -1; 1778 1779 switch (keymgmt) { 1780 case WLAN_CRYPTO_KEY_MGMT_NONE: 1781 return WPA_AUTH_KEY_MGMT_NONE; 1782 case WLAN_CRYPTO_KEY_MGMT_IEEE8021X: 1783 return WPA_AUTH_KEY_MGMT_UNSPEC_802_1X; 1784 case WLAN_CRYPTO_KEY_MGMT_PSK: 1785 return WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X; 1786 case WLAN_CRYPTO_KEY_MGMT_CCKM: 1787 return WPA_AUTH_KEY_MGMT_CCKM; 1788 } 1789 1790 return status; 1791 } 1792 /** 1793 * Convert a WPA cipher selector OUI to an internal 1794 * cipher algorithm. Where appropriate we also 1795 * record any key length. 1796 */ 1797 static int32_t wlan_crypto_wpa_suite_to_cipher(uint8_t *sel) 1798 { 1799 uint32_t w = LE_READ_4(sel); 1800 int32_t status = -1; 1801 1802 switch (w) { 1803 case WPA_CIPHER_SUITE_TKIP: 1804 return WLAN_CRYPTO_CIPHER_TKIP; 1805 case WPA_CIPHER_SUITE_CCMP: 1806 return WLAN_CRYPTO_CIPHER_AES_CCM; 1807 case WPA_CIPHER_SUITE_NONE: 1808 return WLAN_CRYPTO_CIPHER_NONE; 1809 } 1810 1811 return status; 1812 } 1813 1814 /* 1815 * Convert a WPA key management/authentication algorithm 1816 * to an internal code. 1817 */ 1818 static int32_t wlan_crypto_wpa_suite_to_keymgmt(uint8_t *sel) 1819 { 1820 uint32_t w = LE_READ_4(sel); 1821 int32_t status = -1; 1822 1823 switch (w) { 1824 case WPA_AUTH_KEY_MGMT_UNSPEC_802_1X: 1825 return WLAN_CRYPTO_KEY_MGMT_IEEE8021X; 1826 case WPA_AUTH_KEY_MGMT_PSK_OVER_802_1X: 1827 return WLAN_CRYPTO_KEY_MGMT_PSK; 1828 case WPA_AUTH_KEY_MGMT_CCKM: 1829 return WLAN_CRYPTO_KEY_MGMT_CCKM; 1830 case WPA_AUTH_KEY_MGMT_NONE: 1831 return WLAN_CRYPTO_KEY_MGMT_NONE; 1832 } 1833 return status; 1834 } 1835 1836 /* 1837 * Convert a RSN cipher selector OUI to an internal 1838 * cipher algorithm. Where appropriate we also 1839 * record any key length. 1840 */ 1841 static int32_t wlan_crypto_rsn_suite_to_cipher(uint8_t *sel) 1842 { 1843 uint32_t w = LE_READ_4(sel); 1844 int32_t status = -1; 1845 1846 switch (w) { 1847 case RSN_CIPHER_SUITE_TKIP: 1848 return WLAN_CRYPTO_CIPHER_TKIP; 1849 case RSN_CIPHER_SUITE_CCMP: 1850 return WLAN_CRYPTO_CIPHER_AES_CCM; 1851 case RSN_CIPHER_SUITE_CCMP_256: 1852 return WLAN_CRYPTO_CIPHER_AES_CCM_256; 1853 case RSN_CIPHER_SUITE_GCMP: 1854 return WLAN_CRYPTO_CIPHER_AES_GCM; 1855 case RSN_CIPHER_SUITE_GCMP_256: 1856 return WLAN_CRYPTO_CIPHER_AES_GCM_256; 1857 case RSN_CIPHER_SUITE_AES_CMAC: 1858 return WLAN_CRYPTO_CIPHER_AES_CMAC; 1859 case RSN_CIPHER_SUITE_BIP_CMAC_256: 1860 return WLAN_CRYPTO_CIPHER_AES_CMAC_256; 1861 case RSN_CIPHER_SUITE_BIP_GMAC_128: 1862 return WLAN_CRYPTO_CIPHER_AES_GMAC; 1863 case RSN_CIPHER_SUITE_BIP_GMAC_256: 1864 return WLAN_CRYPTO_CIPHER_AES_GMAC_256; 1865 case RSN_CIPHER_SUITE_NONE: 1866 return WLAN_CRYPTO_CIPHER_NONE; 1867 } 1868 1869 return status; 1870 } 1871 /* 1872 * Convert an RSN key management/authentication algorithm 1873 * to an internal code. 1874 */ 1875 static int32_t wlan_crypto_rsn_suite_to_keymgmt(uint8_t *sel) 1876 { 1877 uint32_t w = LE_READ_4(sel); 1878 int32_t status = -1; 1879 1880 switch (w) { 1881 case RSN_AUTH_KEY_MGMT_UNSPEC_802_1X: 1882 return WLAN_CRYPTO_KEY_MGMT_IEEE8021X; 1883 case RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X: 1884 return WLAN_CRYPTO_KEY_MGMT_PSK; 1885 case RSN_AUTH_KEY_MGMT_FT_802_1X: 1886 return WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X; 1887 case RSN_AUTH_KEY_MGMT_FT_PSK: 1888 return WLAN_CRYPTO_KEY_MGMT_FT_PSK; 1889 case RSN_AUTH_KEY_MGMT_802_1X_SHA256: 1890 return WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SHA256; 1891 case RSN_AUTH_KEY_MGMT_PSK_SHA256: 1892 return WLAN_CRYPTO_KEY_MGMT_PSK_SHA256; 1893 case RSN_AUTH_KEY_MGMT_SAE: 1894 return WLAN_CRYPTO_KEY_MGMT_SAE; 1895 case RSN_AUTH_KEY_MGMT_FT_SAE: 1896 return WLAN_CRYPTO_KEY_MGMT_FT_SAE; 1897 case RSN_AUTH_KEY_MGMT_802_1X_SUITE_B: 1898 return WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B; 1899 case RSN_AUTH_KEY_MGMT_802_1X_SUITE_B_192: 1900 return WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SUITE_B_192; 1901 case RSN_AUTH_KEY_MGMT_CCKM: 1902 return WLAN_CRYPTO_KEY_MGMT_CCKM; 1903 case RSN_AUTH_KEY_MGMT_OSEN: 1904 return WLAN_CRYPTO_KEY_MGMT_OSEN; 1905 } 1906 1907 return status; 1908 } 1909 1910 /** 1911 * wlan_crypto_wpaie_check - called by mlme to check the wpaie 1912 * @crypto params: crypto params 1913 * @iebuf: ie buffer 1914 * 1915 * This function gets called by mlme to check the contents of wpa is 1916 * matching with given crypto params 1917 * 1918 * Return: QDF_STATUS_SUCCESS - in case of success 1919 */ 1920 QDF_STATUS wlan_crypto_wpaie_check(struct wlan_crypto_params *crypto_params, 1921 uint8_t *frm){ 1922 uint8_t len = frm[1]; 1923 int32_t w; 1924 int n; 1925 1926 /* 1927 * Check the length once for fixed parts: OUI, type, 1928 * version, mcast cipher, and 2 selector counts. 1929 * Other, variable-length data, must be checked separately. 1930 */ 1931 RESET_AUTHMODE(crypto_params); 1932 SET_AUTHMODE(crypto_params, WLAN_CRYPTO_AUTH_WPA); 1933 1934 if (len < 14) 1935 return QDF_STATUS_E_INVAL; 1936 1937 frm += 6, len -= 4; 1938 1939 w = LE_READ_2(frm); 1940 if (w != WPA_VERSION) 1941 return QDF_STATUS_E_INVAL; 1942 1943 frm += 2, len -= 2; 1944 1945 /* multicast/group cipher */ 1946 RESET_MCAST_CIPHERS(crypto_params); 1947 w = wlan_crypto_wpa_suite_to_cipher(frm); 1948 if (w < 0) 1949 return QDF_STATUS_E_INVAL; 1950 SET_MCAST_CIPHER(crypto_params, w); 1951 frm += 4, len -= 4; 1952 1953 /* unicast ciphers */ 1954 n = LE_READ_2(frm); 1955 frm += 2, len -= 2; 1956 if (len < n*4+2) 1957 return QDF_STATUS_E_INVAL; 1958 1959 RESET_UCAST_CIPHERS(crypto_params); 1960 for (; n > 0; n--) { 1961 w = wlan_crypto_wpa_suite_to_cipher(frm); 1962 if (w < 0) 1963 return QDF_STATUS_E_INVAL; 1964 SET_UCAST_CIPHER(crypto_params, w); 1965 frm += 4, len -= 4; 1966 } 1967 1968 if (!crypto_params->ucastcipherset) 1969 return QDF_STATUS_E_INVAL; 1970 1971 /* key management algorithms */ 1972 n = LE_READ_2(frm); 1973 frm += 2, len -= 2; 1974 if (len < n*4) 1975 return QDF_STATUS_E_INVAL; 1976 1977 w = 0; 1978 RESET_KEY_MGMT(crypto_params); 1979 for (; n > 0; n--) { 1980 w = wlan_crypto_wpa_suite_to_keymgmt(frm); 1981 if (w < 0) 1982 return QDF_STATUS_E_INVAL; 1983 SET_KEY_MGMT(crypto_params, w); 1984 frm += 4, len -= 4; 1985 } 1986 1987 /* optional capabilities */ 1988 if (len >= 2) { 1989 crypto_params->rsn_caps = LE_READ_2(frm); 1990 frm += 2, len -= 2; 1991 } 1992 1993 return 0; 1994 } 1995 1996 /** 1997 * wlan_crypto_rsnie_check - called by mlme to check the rsnie 1998 * @crypto params: crypto params 1999 * @iebuf: ie buffer 2000 * 2001 * This function gets called by mlme to check the contents of wpa is 2002 * matching with given crypto params 2003 * 2004 * Return: QDF_STATUS_SUCCESS - in case of success 2005 */ 2006 QDF_STATUS wlan_crypto_rsnie_check(struct wlan_crypto_params *crypto_params, 2007 uint8_t *frm){ 2008 uint8_t len = frm[1]; 2009 int32_t w; 2010 int n; 2011 2012 /* 2013 * Check the length once for fixed parts: OUI, type, 2014 * version, mcast cipher, and 2 selector counts. 2015 * Other, variable-length data, must be checked separately. 2016 */ 2017 RESET_AUTHMODE(crypto_params); 2018 SET_AUTHMODE(crypto_params, WLAN_CRYPTO_AUTH_RSNA); 2019 2020 if (len < 14) 2021 return QDF_STATUS_E_INVAL; 2022 2023 frm += 2; 2024 /* NB: iswapoui already validated the OUI and type */ 2025 w = LE_READ_2(frm); 2026 if (w != RSN_VERSION) 2027 return QDF_STATUS_E_INVAL; 2028 2029 frm += 2, len -= 2; 2030 2031 /* multicast/group cipher */ 2032 RESET_MCAST_CIPHERS(crypto_params); 2033 w = wlan_crypto_rsn_suite_to_cipher(frm); 2034 if (w < 0) 2035 return QDF_STATUS_E_INVAL; 2036 SET_MCAST_CIPHER(crypto_params, w); 2037 frm += 4, len -= 4; 2038 2039 /* unicast ciphers */ 2040 n = LE_READ_2(frm); 2041 frm += 2, len -= 2; 2042 if (len < n*4+2) 2043 return QDF_STATUS_E_INVAL; 2044 2045 RESET_UCAST_CIPHERS(crypto_params); 2046 for (; n > 0; n--) { 2047 w = wlan_crypto_rsn_suite_to_cipher(frm); 2048 if (w < 0) 2049 return QDF_STATUS_E_INVAL; 2050 SET_UCAST_CIPHER(crypto_params, w); 2051 frm += 4, len -= 4; 2052 } 2053 2054 if (crypto_params->ucastcipherset == 0) 2055 return QDF_STATUS_E_INVAL; 2056 2057 /* key management algorithms */ 2058 n = LE_READ_2(frm); 2059 frm += 2, len -= 2; 2060 if (len < n*4) 2061 return QDF_STATUS_E_INVAL; 2062 w = 0; 2063 2064 RESET_KEY_MGMT(crypto_params); 2065 for (; n > 0; n--) { 2066 w = wlan_crypto_rsn_suite_to_keymgmt(frm); 2067 if (w < 0) 2068 return QDF_STATUS_E_INVAL; 2069 SET_KEY_MGMT(crypto_params, (1 << w)); 2070 frm += 4, len -= 4; 2071 } 2072 2073 /* optional capabilities */ 2074 if (len >= 2) { 2075 crypto_params->rsn_caps = LE_READ_2(frm); 2076 frm += 2, len -= 2; 2077 } 2078 2079 return QDF_STATUS_SUCCESS; 2080 } 2081 2082 /** 2083 * wlan_crypto_build_wpaie - called by mlme to build wpaie 2084 * @vdev: vdev 2085 * @iebuf: ie buffer 2086 * 2087 * This function gets called by mlme to build wpaie from given vdev 2088 * 2089 * Return: end of buffer 2090 */ 2091 uint8_t *wlan_crypto_build_wpaie(struct wlan_objmgr_vdev *vdev, 2092 uint8_t *iebuf){ 2093 uint8_t *frm = iebuf; 2094 uint8_t *selcnt; 2095 struct wlan_crypto_comp_priv *crypto_priv; 2096 struct wlan_crypto_params *crypto_params; 2097 2098 if (!frm) 2099 return NULL; 2100 2101 crypto_params = wlan_crypto_vdev_get_comp_params(vdev, &crypto_priv); 2102 2103 if (!crypto_params) 2104 return NULL; 2105 2106 *frm++ = WLAN_ELEMID_VENDOR; 2107 *frm++ = 0; 2108 WLAN_CRYPTO_ADDSELECTOR(frm, WPA_TYPE_OUI); 2109 WLAN_CRYPTO_ADDSHORT(frm, WPA_VERSION); 2110 2111 2112 /* multicast cipher */ 2113 if (MCIPHER_IS_TKIP(crypto_params)) { 2114 WLAN_CRYPTO_ADDSELECTOR(frm, 2115 wlan_crypto_wpa_cipher_to_suite( 2116 WLAN_CRYPTO_CIPHER_TKIP)); 2117 } else if (MCIPHER_IS_CCMP128(crypto_params)) { 2118 WLAN_CRYPTO_ADDSELECTOR(frm, 2119 wlan_crypto_wpa_cipher_to_suite( 2120 WLAN_CRYPTO_CIPHER_AES_CCM)); 2121 } 2122 /* unicast cipher list */ 2123 selcnt = frm; 2124 WLAN_CRYPTO_ADDSHORT(frm, 0); 2125 /* do not use CCMP unicast cipher in WPA mode */ 2126 if (UCIPHER_IS_TKIP(crypto_params)) { 2127 selcnt[0]++; 2128 WLAN_CRYPTO_ADDSELECTOR(frm, 2129 wlan_crypto_wpa_cipher_to_suite( 2130 WLAN_CRYPTO_CIPHER_TKIP)); 2131 } 2132 if (UCIPHER_IS_CCMP128(crypto_params)) { 2133 selcnt[0]++; 2134 WLAN_CRYPTO_ADDSELECTOR(frm, 2135 wlan_crypto_wpa_cipher_to_suite( 2136 WLAN_CRYPTO_CIPHER_AES_CCM)); 2137 } 2138 2139 /* authenticator selector list */ 2140 selcnt = frm; 2141 WLAN_CRYPTO_ADDSHORT(frm, 0); 2142 2143 if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_IEEE8021X)) { 2144 selcnt[0]++; 2145 WLAN_CRYPTO_ADDSELECTOR(frm, 2146 wlan_crypto_wpa_keymgmt_to_suite( 2147 WLAN_CRYPTO_KEY_MGMT_IEEE8021X)); 2148 } else if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_PSK)) { 2149 selcnt[0]++; 2150 WLAN_CRYPTO_ADDSELECTOR(frm, 2151 wlan_crypto_wpa_keymgmt_to_suite( 2152 WLAN_CRYPTO_KEY_MGMT_PSK)); 2153 } else if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_CCKM)) { 2154 selcnt[0]++; 2155 WLAN_CRYPTO_ADDSELECTOR(frm, 2156 wlan_crypto_wpa_keymgmt_to_suite( 2157 WLAN_CRYPTO_KEY_MGMT_CCKM)); 2158 } else { 2159 selcnt[0]++; 2160 WLAN_CRYPTO_ADDSELECTOR(frm, 2161 wlan_crypto_wpa_keymgmt_to_suite( 2162 WLAN_CRYPTO_KEY_MGMT_NONE)); 2163 } 2164 /* calculate element length */ 2165 iebuf[1] = frm - iebuf - 2; 2166 2167 return frm; 2168 } 2169 2170 /** 2171 * wlan_crypto_build_rsnie - called by mlme to build rsnie 2172 * @vdev: vdev 2173 * @iebuf: ie buffer 2174 * 2175 * This function gets called by mlme to build rsnie from given vdev 2176 * 2177 * Return: end of buffer 2178 */ 2179 uint8_t *wlan_crypto_build_rsnie(struct wlan_objmgr_vdev *vdev, 2180 uint8_t *iebuf){ 2181 uint8_t *frm = iebuf; 2182 uint8_t *selcnt; 2183 struct wlan_crypto_comp_priv *crypto_priv; 2184 struct wlan_crypto_params *crypto_params; 2185 2186 if (!frm) { 2187 return NULL; 2188 } 2189 2190 crypto_params = wlan_crypto_vdev_get_comp_params(vdev, &crypto_priv); 2191 2192 if (!crypto_params) { 2193 return NULL; 2194 } 2195 2196 *frm++ = WLAN_ELEMID_RSN; 2197 *frm++ = 0; 2198 WLAN_CRYPTO_ADDSHORT(frm, RSN_VERSION); 2199 2200 2201 /* multicast cipher */ 2202 if (MCIPHER_IS_TKIP(crypto_params)) { 2203 WLAN_CRYPTO_ADDSELECTOR(frm, 2204 wlan_crypto_rsn_cipher_to_suite( 2205 WLAN_CRYPTO_CIPHER_TKIP)); 2206 } else if (MCIPHER_IS_CCMP128(crypto_params)) { 2207 WLAN_CRYPTO_ADDSELECTOR(frm, 2208 wlan_crypto_rsn_cipher_to_suite( 2209 WLAN_CRYPTO_CIPHER_AES_CCM)); 2210 } else if (MCIPHER_IS_CCMP256(crypto_params)) { 2211 WLAN_CRYPTO_ADDSELECTOR(frm, 2212 wlan_crypto_rsn_cipher_to_suite( 2213 WLAN_CRYPTO_CIPHER_AES_CCM_256)); 2214 } else if (MCIPHER_IS_GCMP128(crypto_params)) { 2215 WLAN_CRYPTO_ADDSELECTOR(frm, 2216 wlan_crypto_rsn_cipher_to_suite( 2217 WLAN_CRYPTO_CIPHER_AES_GCM)); 2218 } else if (MCIPHER_IS_GCMP256(crypto_params)) { 2219 WLAN_CRYPTO_ADDSELECTOR(frm, 2220 wlan_crypto_rsn_cipher_to_suite( 2221 WLAN_CRYPTO_CIPHER_AES_GCM_256)); 2222 } 2223 2224 /* unicast cipher list */ 2225 selcnt = frm; 2226 WLAN_CRYPTO_ADDSHORT(frm, 0); 2227 /* do not use CCMP unicast cipher in WPA mode */ 2228 if (UCIPHER_IS_TKIP(crypto_params)) { 2229 selcnt[0]++; 2230 WLAN_CRYPTO_ADDSELECTOR(frm, 2231 wlan_crypto_rsn_cipher_to_suite( 2232 WLAN_CRYPTO_CIPHER_TKIP)); 2233 } 2234 if (UCIPHER_IS_CCMP128(crypto_params)) { 2235 selcnt[0]++; 2236 WLAN_CRYPTO_ADDSELECTOR(frm, 2237 wlan_crypto_rsn_cipher_to_suite( 2238 WLAN_CRYPTO_CIPHER_AES_CCM)); 2239 } 2240 if (UCIPHER_IS_CCMP256(crypto_params)) { 2241 selcnt[0]++; 2242 WLAN_CRYPTO_ADDSELECTOR(frm, 2243 wlan_crypto_rsn_cipher_to_suite( 2244 WLAN_CRYPTO_CIPHER_AES_CCM_256)); 2245 } 2246 2247 if (UCIPHER_IS_GCMP128(crypto_params)) { 2248 selcnt[0]++; 2249 WLAN_CRYPTO_ADDSELECTOR(frm, 2250 wlan_crypto_rsn_cipher_to_suite( 2251 WLAN_CRYPTO_CIPHER_AES_GCM)); 2252 } 2253 if (UCIPHER_IS_GCMP256(crypto_params)) { 2254 selcnt[0]++; 2255 WLAN_CRYPTO_ADDSELECTOR(frm, 2256 wlan_crypto_rsn_cipher_to_suite( 2257 WLAN_CRYPTO_CIPHER_AES_GCM_256)); 2258 } 2259 2260 2261 /* authenticator selector list */ 2262 selcnt = frm; 2263 WLAN_CRYPTO_ADDSHORT(frm, 0); 2264 if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_CCKM)) { 2265 selcnt[0]++; 2266 WLAN_CRYPTO_ADDSELECTOR(frm, 2267 wlan_crypto_rsn_keymgmt_to_suite( 2268 WLAN_CRYPTO_KEY_MGMT_CCKM)); 2269 } else { 2270 if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_PSK)) { 2271 selcnt[0]++; 2272 WLAN_CRYPTO_ADDSELECTOR(frm, 2273 wlan_crypto_rsn_keymgmt_to_suite( 2274 WLAN_CRYPTO_KEY_MGMT_PSK)); 2275 } 2276 if (HAS_KEY_MGMT(crypto_params, 2277 WLAN_CRYPTO_KEY_MGMT_IEEE8021X)) { 2278 selcnt[0]++; 2279 WLAN_CRYPTO_ADDSELECTOR(frm, 2280 wlan_crypto_rsn_keymgmt_to_suite( 2281 WLAN_CRYPTO_KEY_MGMT_IEEE8021X)); 2282 } 2283 if (HAS_KEY_MGMT(crypto_params, 2284 WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X)) { 2285 selcnt[0]++; 2286 WLAN_CRYPTO_ADDSELECTOR(frm, 2287 wlan_crypto_rsn_keymgmt_to_suite( 2288 WLAN_CRYPTO_KEY_MGMT_FT_IEEE8021X)); 2289 } 2290 if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_FT_PSK)) { 2291 selcnt[0]++; 2292 WLAN_CRYPTO_ADDSELECTOR(frm, 2293 wlan_crypto_rsn_keymgmt_to_suite( 2294 WLAN_CRYPTO_KEY_MGMT_FT_PSK)); 2295 } 2296 if (HAS_KEY_MGMT(crypto_params, 2297 WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SHA256)) { 2298 selcnt[0]++; 2299 WLAN_CRYPTO_ADDSELECTOR(frm, 2300 wlan_crypto_rsn_keymgmt_to_suite( 2301 WLAN_CRYPTO_KEY_MGMT_IEEE8021X_SHA256)); 2302 } 2303 if (HAS_KEY_MGMT(crypto_params, 2304 WLAN_CRYPTO_KEY_MGMT_PSK_SHA256)) { 2305 selcnt[0]++; 2306 WLAN_CRYPTO_ADDSELECTOR(frm, 2307 wlan_crypto_rsn_keymgmt_to_suite( 2308 WLAN_CRYPTO_KEY_MGMT_PSK_SHA256)); 2309 } 2310 if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_OSEN)) { 2311 selcnt[0]++; 2312 WLAN_CRYPTO_ADDSELECTOR(frm, 2313 wlan_crypto_rsn_keymgmt_to_suite( 2314 WLAN_CRYPTO_KEY_MGMT_OSEN)); 2315 } 2316 } 2317 2318 WLAN_CRYPTO_ADDSHORT(frm, crypto_params->rsn_caps); 2319 /* optional capabilities */ 2320 if (crypto_params->rsn_caps != 0 && 2321 crypto_params->rsn_caps != WLAN_CRYPTO_RSN_CAP_PREAUTH){ 2322 2323 if (HAS_MGMT_CIPHER(crypto_params, 2324 WLAN_CRYPTO_CIPHER_AES_CMAC)) { 2325 selcnt[0]++; 2326 WLAN_CRYPTO_ADDSELECTOR(frm, 2327 wlan_crypto_rsn_cipher_to_suite( 2328 WLAN_CRYPTO_CIPHER_AES_CMAC)); 2329 } 2330 if (HAS_MGMT_CIPHER(crypto_params, 2331 WLAN_CRYPTO_CIPHER_AES_GMAC)) { 2332 selcnt[0]++; 2333 WLAN_CRYPTO_ADDSELECTOR(frm, 2334 wlan_crypto_rsn_cipher_to_suite( 2335 WLAN_CRYPTO_CIPHER_AES_GMAC)); 2336 } 2337 if (HAS_MGMT_CIPHER(crypto_params, 2338 WLAN_CRYPTO_CIPHER_AES_CMAC_256)) { 2339 selcnt[0]++; 2340 WLAN_CRYPTO_ADDSELECTOR(frm, 2341 wlan_crypto_rsn_cipher_to_suite( 2342 WLAN_CRYPTO_CIPHER_AES_CMAC_256)); 2343 } 2344 2345 if (HAS_MGMT_CIPHER(crypto_params, 2346 WLAN_CRYPTO_CIPHER_AES_GMAC_256)) { 2347 selcnt[0]++; 2348 WLAN_CRYPTO_ADDSELECTOR(frm, 2349 wlan_crypto_rsn_cipher_to_suite( 2350 WLAN_CRYPTO_CIPHER_AES_GMAC_256)); 2351 } 2352 } 2353 2354 /* calculate element length */ 2355 iebuf[1] = frm - iebuf - 2; 2356 2357 return frm; 2358 } 2359 2360 bool wlan_crypto_rsn_info(struct wlan_objmgr_vdev *vdev, 2361 struct wlan_crypto_params *crypto_params){ 2362 struct wlan_crypto_params *my_crypto_params; 2363 my_crypto_params = wlan_crypto_vdev_get_crypto_params(vdev); 2364 2365 if (!my_crypto_params) 2366 return false; 2367 /* 2368 * Check peer's pairwise ciphers. 2369 * At least one must match with our unicast cipher 2370 */ 2371 if (!UCAST_CIPHER_MATCH(crypto_params, my_crypto_params)) 2372 return false; 2373 /* 2374 * Check peer's group cipher is our enabled multicast cipher. 2375 */ 2376 if (!MCAST_CIPHER_MATCH(crypto_params, my_crypto_params)) 2377 return false; 2378 /* 2379 * Check peer's key management class set (PSK or UNSPEC) 2380 */ 2381 if (!KEY_MGMTSET_MATCH(crypto_params, my_crypto_params)) 2382 return false; 2383 2384 return true; 2385 } 2386 2387 /* 2388 * Convert an WAPI CIPHER suite to to an internal code. 2389 */ 2390 static int32_t wlan_crypto_wapi_suite_to_cipher(uint8_t *sel) 2391 { 2392 uint32_t w = LE_READ_4(sel); 2393 int32_t status = -1; 2394 2395 switch (w) { 2396 case (WLAN_WAPI_SEL(WLAN_CRYPTO_WAPI_SMS4_CIPHER)): 2397 return WLAN_CRYPTO_CIPHER_WAPI_SMS4; 2398 } 2399 2400 return status; 2401 } 2402 2403 /* 2404 * Convert an WAPI key management/authentication algorithm 2405 * to an internal code. 2406 */ 2407 static int32_t wlan_crypto_wapi_keymgmt(u_int8_t *sel) 2408 { 2409 uint32_t w = LE_READ_4(sel); 2410 int32_t status = -1; 2411 2412 switch (w) { 2413 case (WLAN_WAPI_SEL(WLAN_WAI_PSK)): 2414 return WLAN_CRYPTO_KEY_MGMT_WAPI_PSK; 2415 case (WLAN_WAPI_SEL(WLAN_WAI_CERT_OR_SMS4)): 2416 return WLAN_CRYPTO_KEY_MGMT_WAPI_CERT; 2417 } 2418 2419 return status; 2420 } 2421 /** 2422 * wlan_crypto_wapiie_check - called by mlme to check the wapiie 2423 * @crypto params: crypto params 2424 * @iebuf: ie buffer 2425 * 2426 * This function gets called by mlme to check the contents of wapi is 2427 * matching with given crypto params 2428 * 2429 * Return: QDF_STATUS_SUCCESS - in case of success 2430 */ 2431 QDF_STATUS wlan_crypto_wapiie_check(struct wlan_crypto_params *crypto_params, 2432 uint8_t *frm) 2433 { 2434 uint8_t len = frm[1]; 2435 int32_t w; 2436 int n; 2437 2438 /* 2439 * Check the length once for fixed parts: OUI, type, 2440 * version, mcast cipher, and 2 selector counts. 2441 * Other, variable-length data, must be checked separately. 2442 */ 2443 RESET_AUTHMODE(crypto_params); 2444 SET_AUTHMODE(crypto_params, WLAN_CRYPTO_AUTH_WAPI); 2445 2446 if (len < WLAN_CRYPTO_WAPI_IE_LEN) 2447 return QDF_STATUS_E_INVAL; 2448 2449 2450 frm += 2; 2451 2452 w = LE_READ_2(frm); 2453 frm += 2, len -= 2; 2454 if (w != WAPI_VERSION) 2455 return QDF_STATUS_E_INVAL; 2456 2457 n = LE_READ_2(frm); 2458 frm += 2, len -= 2; 2459 if (len < n*4+2) 2460 return QDF_STATUS_E_INVAL; 2461 2462 RESET_KEY_MGMT(crypto_params); 2463 for (; n > 0; n--) { 2464 w = wlan_crypto_wapi_keymgmt(frm); 2465 if (w < 0) 2466 return QDF_STATUS_E_INVAL; 2467 2468 SET_KEY_MGMT(crypto_params, w); 2469 frm += 4, len -= 4; 2470 } 2471 2472 /* unicast ciphers */ 2473 n = LE_READ_2(frm); 2474 frm += 2, len -= 2; 2475 if (len < n*4+2) 2476 return QDF_STATUS_E_INVAL; 2477 2478 RESET_UCAST_CIPHERS(crypto_params); 2479 for (; n > 0; n--) { 2480 w = wlan_crypto_wapi_suite_to_cipher(frm); 2481 if (w < 0) 2482 return QDF_STATUS_E_INVAL; 2483 SET_UCAST_CIPHER(crypto_params, w); 2484 frm += 4, len -= 4; 2485 } 2486 2487 if (!crypto_params->ucastcipherset) 2488 return QDF_STATUS_E_INVAL; 2489 2490 /* multicast/group cipher */ 2491 RESET_MCAST_CIPHERS(crypto_params); 2492 w = wlan_crypto_wapi_suite_to_cipher(frm); 2493 2494 if (w < 0) 2495 return QDF_STATUS_E_INVAL; 2496 2497 SET_MCAST_CIPHER(crypto_params, w); 2498 frm += 4, len -= 4; 2499 2500 return QDF_STATUS_SUCCESS; 2501 } 2502 2503 /** 2504 * wlan_crypto_build_wapiie - called by mlme to build wapi ie 2505 * @vdev: vdev 2506 * @iebuf: ie buffer 2507 * 2508 * This function gets called by mlme to build wapi ie from given vdev 2509 * 2510 * Return: end of buffer 2511 */ 2512 uint8_t *wlan_crypto_build_wapiie(struct wlan_objmgr_vdev *vdev, 2513 uint8_t *iebuf) 2514 { 2515 uint8_t *frm; 2516 uint8_t *selcnt; 2517 struct wlan_crypto_comp_priv *crypto_priv; 2518 struct wlan_crypto_params *crypto_params; 2519 2520 frm = iebuf; 2521 if (!frm) { 2522 qdf_print("%s[%d] ie buffer NULL\n", __func__, __LINE__); 2523 return NULL; 2524 } 2525 2526 crypto_params = wlan_crypto_vdev_get_comp_params(vdev, &crypto_priv); 2527 2528 if (!crypto_params) { 2529 qdf_print("%s[%d] crypto_params NULL\n", __func__, __LINE__); 2530 return NULL; 2531 } 2532 2533 *frm++ = WLAN_ELEMID_WAPI; 2534 *frm++ = 0; 2535 2536 WLAN_CRYPTO_ADDSHORT(frm, WAPI_VERSION); 2537 2538 /* authenticator selector list */ 2539 selcnt = frm; 2540 WLAN_CRYPTO_ADDSHORT(frm, 0); 2541 2542 if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_WAPI_PSK)) { 2543 selcnt[0]++; 2544 WLAN_CRYPTO_ADDSELECTOR(frm, 2545 WLAN_WAPI_SEL(WLAN_WAI_PSK)); 2546 } 2547 2548 if (HAS_KEY_MGMT(crypto_params, WLAN_CRYPTO_KEY_MGMT_WAPI_CERT)) { 2549 selcnt[0]++; 2550 WLAN_CRYPTO_ADDSELECTOR(frm, 2551 WLAN_WAPI_SEL(WLAN_WAI_CERT_OR_SMS4)); 2552 } 2553 2554 /* unicast cipher list */ 2555 selcnt = frm; 2556 WLAN_CRYPTO_ADDSHORT(frm, 0); 2557 2558 if (UCIPHER_IS_SMS4(crypto_params)) { 2559 selcnt[0]++; 2560 WLAN_CRYPTO_ADDSELECTOR(frm, 2561 WLAN_WAPI_SEL(WLAN_CRYPTO_WAPI_SMS4_CIPHER)); 2562 } 2563 2564 WLAN_CRYPTO_ADDSELECTOR(frm, 2565 WLAN_WAPI_SEL(WLAN_CRYPTO_WAPI_SMS4_CIPHER)); 2566 2567 /* optional capabilities */ 2568 WLAN_CRYPTO_ADDSHORT(frm, crypto_params->rsn_caps); 2569 2570 /* calculate element length */ 2571 iebuf[1] = frm - iebuf - 2; 2572 2573 return frm; 2574 2575 } 2576 2577 /** 2578 * wlan_crypto_pn_check - called by data patch for PN check 2579 * @vdev: vdev 2580 * @wbuf: wbuf 2581 * 2582 * This function gets called by data patch for PN check 2583 * 2584 * Return: QDF_STATUS 2585 */ 2586 QDF_STATUS wlan_crypto_pn_check(struct wlan_objmgr_vdev *vdev, 2587 qdf_nbuf_t wbuf){ 2588 /* Need to check is there real requirement for this function 2589 * as PN check is already handled in decap function. 2590 */ 2591 return QDF_STATUS_SUCCESS; 2592 } 2593 2594 /** 2595 * wlan_crypto_vdev_get_crypto_params - called by mlme to get crypto params 2596 * @vdev:vdev 2597 * 2598 * This function gets called by mlme to get crypto params 2599 * 2600 * Return: wlan_crypto_params or NULL in case of failure 2601 */ 2602 struct wlan_crypto_params *wlan_crypto_vdev_get_crypto_params( 2603 struct wlan_objmgr_vdev *vdev){ 2604 struct wlan_crypto_comp_priv *crypto_priv; 2605 2606 return wlan_crypto_vdev_get_comp_params(vdev, &crypto_priv); 2607 } 2608 2609 /** 2610 * wlan_crypto_peer_get_crypto_params - called by mlme to get crypto params 2611 * @peer:peer 2612 * 2613 * This function gets called by mlme to get crypto params 2614 * 2615 * Return: wlan_crypto_params or NULL in case of failure 2616 */ 2617 struct wlan_crypto_params *wlan_crypto_peer_get_crypto_params( 2618 struct wlan_objmgr_peer *peer){ 2619 struct wlan_crypto_comp_priv *crypto_priv; 2620 2621 return wlan_crypto_peer_get_comp_params(peer, &crypto_priv); 2622 } 2623 2624 2625 QDF_STATUS wlan_crypto_set_peer_wep_keys(struct wlan_objmgr_vdev *vdev, 2626 struct wlan_objmgr_peer *peer) 2627 { 2628 struct wlan_crypto_comp_priv *crypto_priv; 2629 struct wlan_crypto_comp_priv *sta_crypto_priv; 2630 struct wlan_crypto_params *crypto_params; 2631 struct wlan_crypto_key *key; 2632 struct wlan_crypto_key *sta_key; 2633 struct wlan_crypto_cipher *cipher_table; 2634 struct wlan_objmgr_psoc *psoc; 2635 uint8_t *mac_addr; 2636 int i; 2637 enum QDF_OPMODE opmode; 2638 2639 if (!vdev) 2640 return QDF_STATUS_E_NULL_VALUE; 2641 2642 if (!peer) { 2643 qdf_print("%s[%d] peer NULL\n", __func__, __LINE__); 2644 return QDF_STATUS_E_INVAL; 2645 } 2646 2647 opmode = wlan_vdev_mlme_get_opmode(vdev); 2648 psoc = wlan_vdev_get_psoc(vdev); 2649 2650 if (!psoc) { 2651 qdf_print("%s[%d] psoc NULL\n", __func__, __LINE__); 2652 return QDF_STATUS_E_NULL_VALUE; 2653 } 2654 2655 wlan_peer_obj_lock(peer); 2656 mac_addr = wlan_peer_get_macaddr(peer); 2657 wlan_peer_obj_unlock(peer); 2658 2659 crypto_params = wlan_crypto_vdev_get_comp_params(vdev, 2660 &crypto_priv); 2661 if (crypto_priv == NULL) { 2662 qdf_print("%s[%d] crypto_priv NULL\n", __func__, __LINE__); 2663 return QDF_STATUS_E_NULL_VALUE; 2664 } 2665 2666 /* push only valid static WEP keys from vap */ 2667 if (AUTH_IS_8021X(crypto_params)) 2668 return QDF_STATUS_E_INVAL; 2669 2670 if (opmode == QDF_STA_MODE) { 2671 peer = wlan_vdev_get_bsspeer(vdev); 2672 if (!peer) { 2673 qdf_print("%s[%d] peer NULL\n", __func__, __LINE__); 2674 return QDF_STATUS_E_INVAL; 2675 } 2676 } 2677 2678 wlan_crypto_peer_get_comp_params(peer, &sta_crypto_priv); 2679 if (sta_crypto_priv == NULL) { 2680 qdf_print("%s[%d] sta priv is null\n", __func__, __LINE__); 2681 return QDF_STATUS_E_INVAL; 2682 } 2683 2684 for (i = 0; i < WLAN_CRYPTO_MAXKEYIDX; i++) { 2685 if (crypto_priv->key[i]) { 2686 key = crypto_priv->key[i]; 2687 if (!key || !key->valid) 2688 continue; 2689 2690 cipher_table = (struct wlan_crypto_cipher *) 2691 key->cipher_table; 2692 2693 if (cipher_table->cipher == WLAN_CRYPTO_CIPHER_WEP) { 2694 sta_key = qdf_mem_malloc( 2695 sizeof(struct wlan_crypto_key)); 2696 if (!sta_key) { 2697 qdf_print("%s[%d] key alloc failed\n", 2698 __func__, __LINE__); 2699 return QDF_STATUS_E_NOMEM; 2700 } 2701 sta_crypto_priv->key[i] = sta_key; 2702 qdf_mem_copy(sta_key, key, 2703 sizeof(struct wlan_crypto_key)); 2704 2705 sta_key->flags &= ~WLAN_CRYPTO_KEY_DEFAULT; 2706 2707 if (crypto_priv->def_tx_keyid == i) { 2708 sta_key->flags 2709 |= WLAN_CRYPTO_KEY_DEFAULT; 2710 sta_crypto_priv->def_tx_keyid = 2711 crypto_priv->def_tx_keyid; 2712 } 2713 /* setting the broadcast/multicast key for sta*/ 2714 if (opmode == QDF_STA_MODE || 2715 opmode == QDF_IBSS_MODE){ 2716 if (WLAN_CRYPTO_TX_OPS_SETKEY(psoc)) { 2717 WLAN_CRYPTO_TX_OPS_SETKEY(psoc)( 2718 vdev, sta_key, mac_addr, 2719 cipher_table->cipher); 2720 } 2721 } 2722 2723 /* setting unicast key */ 2724 sta_key->flags &= ~WLAN_CRYPTO_KEY_GROUP; 2725 if (WLAN_CRYPTO_TX_OPS_SETKEY(psoc)) { 2726 WLAN_CRYPTO_TX_OPS_SETKEY(psoc)(vdev, 2727 sta_key, mac_addr, 2728 cipher_table->cipher); 2729 } 2730 } 2731 } 2732 } 2733 2734 return QDF_STATUS_SUCCESS; 2735 } 2736 2737 /** 2738 * wlan_crypto_register_crypto_rx_ops - set crypto_rx_ops 2739 * @crypto_rx_ops: crypto_rx_ops 2740 * 2741 * This function gets called by object manger to register crypto rx ops. 2742 * 2743 * Return: QDF_STATUS 2744 */ 2745 QDF_STATUS wlan_crypto_register_crypto_rx_ops( 2746 struct wlan_lmac_if_crypto_rx_ops *crypto_rx_ops){ 2747 crypto_rx_ops->crypto_encap = wlan_crypto_encap; 2748 crypto_rx_ops->crypto_decap = wlan_crypto_decap; 2749 crypto_rx_ops->crypto_enmic = wlan_crypto_enmic; 2750 crypto_rx_ops->crypto_demic = wlan_crypto_demic; 2751 crypto_rx_ops->set_peer_wep_keys = wlan_crypto_set_peer_wep_keys; 2752 2753 return QDF_STATUS_SUCCESS; 2754 } 2755 2756 /** 2757 * wlan_crypto_get_crypto_rx_ops - get crypto_rx_ops from psoc 2758 * @psoc: psoc 2759 * 2760 * This function gets called by umac to get the crypto_rx_ops 2761 * 2762 * Return: crypto_rx_ops 2763 */ 2764 struct wlan_lmac_if_crypto_rx_ops *wlan_crypto_get_crypto_rx_ops( 2765 struct wlan_objmgr_psoc *psoc) 2766 { 2767 2768 return &(psoc->soc_cb.rx_ops.crypto_rx_ops); 2769 } 2770 qdf_export_symbol(wlan_crypto_get_crypto_rx_ops); 2771 2772 /** 2773 * wlan_crypto_vdev_has_auth_mode - check authmode for vdev 2774 * @vdev: vdev 2775 * @authvalue: authvalue to be checked 2776 * 2777 * This function check is authvalue passed is set in vdev or not 2778 * 2779 * Return: true or false 2780 */ 2781 bool wlan_crypto_vdev_has_auth_mode(struct wlan_objmgr_vdev *vdev, 2782 wlan_crypto_auth_mode authvalue) 2783 { 2784 return wlan_crypto_get_param(vdev, WLAN_CRYPTO_PARAM_AUTH_MODE) 2785 & authvalue; 2786 } 2787 qdf_export_symbol(wlan_crypto_vdev_has_auth_mode); 2788 2789 /** 2790 * wlan_crypto_peer_has_auth_mode - check authmode for peer 2791 * @peer: peer 2792 * @authvalue: authvalue to be checked 2793 * 2794 * This function check is authvalue passed is set in peer or not 2795 * 2796 * Return: true or false 2797 */ 2798 bool wlan_crypto_peer_has_auth_mode(struct wlan_objmgr_peer *peer, 2799 wlan_crypto_auth_mode authvalue) 2800 { 2801 return wlan_crypto_get_peer_param(peer, WLAN_CRYPTO_PARAM_AUTH_MODE) 2802 & authvalue; 2803 } 2804 qdf_export_symbol(wlan_crypto_peer_has_auth_mode); 2805 2806 /** 2807 * wlan_crypto_vdev_has_ucastcipher - check ucastcipher for vdev 2808 * @vdev: vdev 2809 * @ucastcipher: ucastcipher to be checked 2810 * 2811 * This function check is ucastcipher passed is set in vdev or not 2812 * 2813 * Return: true or false 2814 */ 2815 bool wlan_crypto_vdev_has_ucastcipher(struct wlan_objmgr_vdev *vdev, 2816 wlan_crypto_cipher_type ucastcipher) 2817 { 2818 return wlan_crypto_get_param(vdev, WLAN_CRYPTO_PARAM_UCAST_CIPHER) 2819 & ucastcipher; 2820 } 2821 qdf_export_symbol(wlan_crypto_vdev_has_ucastcipher); 2822 2823 /** 2824 * wlan_crypto_peer_has_ucastcipher - check ucastcipher for peer 2825 * @peer: peer 2826 * @ucastcipher: ucastcipher to be checked 2827 * 2828 * This function check is ucastcipher passed is set in peer or not 2829 * 2830 * Return: true or false 2831 */ 2832 bool wlan_crypto_peer_has_ucastcipher(struct wlan_objmgr_peer *peer, 2833 wlan_crypto_cipher_type ucastcipher) 2834 { 2835 return wlan_crypto_get_peer_param(peer, WLAN_CRYPTO_PARAM_UCAST_CIPHER) 2836 & ucastcipher; 2837 } 2838 qdf_export_symbol(wlan_crypto_peer_has_ucastcipher); 2839 2840 /** 2841 * wlan_crypto_vdev_has_mcastcipher - check mcastcipher for vdev 2842 * @vdev: vdev 2843 * @mcastcipher: mcastcipher to be checked 2844 * 2845 * This function check is mcastcipher passed is set in vdev or not 2846 * 2847 * Return: true or false 2848 */ 2849 bool wlan_crypto_vdev_has_mcastcipher(struct wlan_objmgr_vdev *vdev, 2850 wlan_crypto_cipher_type mcastcipher) 2851 { 2852 return wlan_crypto_get_param(vdev, WLAN_CRYPTO_PARAM_MCAST_CIPHER) 2853 & mcastcipher; 2854 } 2855 qdf_export_symbol(wlan_crypto_vdev_has_mcastcipher); 2856 2857 /** 2858 * wlan_crypto_peer_has_mcastcipher - check mcastcipher for peer 2859 * @peer: peer 2860 * @mcastcipher: mcastcipher to be checked 2861 * 2862 * This function check is mcastcipher passed is set in peer or not 2863 * 2864 * Return: true or false 2865 */ 2866 bool wlan_crypto_peer_has_mcastcipher(struct wlan_objmgr_peer *peer, 2867 wlan_crypto_cipher_type mcastcipher) 2868 { 2869 return wlan_crypto_get_peer_param(peer, WLAN_CRYPTO_PARAM_UCAST_CIPHER) 2870 & mcastcipher; 2871 } 2872 qdf_export_symbol(wlan_crypto_peer_has_mcastcipher); 2873 2874 uint8_t wlan_crypto_get_peer_fils_aead(struct wlan_objmgr_peer *peer) 2875 { 2876 struct wlan_crypto_comp_priv *crypto_priv = NULL; 2877 2878 if (!peer) { 2879 qdf_print(FL("Invalid Input\n")); 2880 return 0; 2881 } 2882 2883 crypto_priv = wlan_get_peer_crypto_obj(peer); 2884 if (!crypto_priv) { 2885 qdf_print(FL("crypto_priv NULL\n")); 2886 return 0; 2887 } 2888 2889 return crypto_priv->fils_aead_set; 2890 } 2891 2892 void 2893 wlan_crypto_set_peer_fils_aead(struct wlan_objmgr_peer *peer, uint8_t value) 2894 { 2895 struct wlan_crypto_comp_priv *crypto_priv = NULL; 2896 2897 if (!peer) { 2898 qdf_print(FL("Invalid Input\n")); 2899 return; 2900 } 2901 2902 crypto_priv = wlan_get_peer_crypto_obj(peer); 2903 if (!crypto_priv) { 2904 qdf_print(FL("crypto_priv NULL\n")); 2905 return; 2906 } 2907 2908 crypto_priv->fils_aead_set = value; 2909 } 2910