1185377Ssam/*
2185377Ssam * Copyright (c) 2002-2008 Sam Leffler, Errno Consulting
3185377Ssam * Copyright (c) 2002-2008 Atheros Communications, Inc.
4185377Ssam *
5185377Ssam * Permission to use, copy, modify, and/or distribute this software for any
6185377Ssam * purpose with or without fee is hereby granted, provided that the above
7185377Ssam * copyright notice and this permission notice appear in all copies.
8185377Ssam *
9185377Ssam * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10185377Ssam * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11185377Ssam * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12185377Ssam * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13185377Ssam * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14185377Ssam * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15185377Ssam * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16185377Ssam *
17204644Srpaulo * $FreeBSD$
18185377Ssam */
19185377Ssam#include "opt_ah.h"
20185377Ssam
21185377Ssam#include "ah.h"
22185377Ssam#include "ah_internal.h"
23185377Ssam
24185377Ssam#include "ar5212/ar5212.h"
25185377Ssam#include "ar5212/ar5212reg.h"
26185377Ssam#include "ar5212/ar5212desc.h"
27185377Ssam
28185377Ssam/*
29185377Ssam * Note: The key cache hardware requires that each double-word
30185377Ssam * pair be written in even/odd order (since the destination is
31185377Ssam * a 64-bit register).  Don't reorder the writes in this code
32185377Ssam * w/o considering this!
33185377Ssam */
34185377Ssam#define	KEY_XOR			0xaa
35185377Ssam
36185377Ssam#define	IS_MIC_ENABLED(ah) \
37185377Ssam	(AH5212(ah)->ah_staId1Defaults & AR_STA_ID1_CRPT_MIC_ENABLE)
38185377Ssam
39185377Ssam/*
40185377Ssam * Return the size of the hardware key cache.
41185377Ssam */
42185377Ssamuint32_t
43185377Ssamar5212GetKeyCacheSize(struct ath_hal *ah)
44185377Ssam{
45185377Ssam	return AH_PRIVATE(ah)->ah_caps.halKeyCacheSize;
46185377Ssam}
47185377Ssam
48185377Ssam/*
49185377Ssam * Return true if the specific key cache entry is valid.
50185377Ssam */
51185377SsamHAL_BOOL
52185377Ssamar5212IsKeyCacheEntryValid(struct ath_hal *ah, uint16_t entry)
53185377Ssam{
54185377Ssam	if (entry < AH_PRIVATE(ah)->ah_caps.halKeyCacheSize) {
55185377Ssam		uint32_t val = OS_REG_READ(ah, AR_KEYTABLE_MAC1(entry));
56185377Ssam		if (val & AR_KEYTABLE_VALID)
57185377Ssam			return AH_TRUE;
58185377Ssam	}
59185377Ssam	return AH_FALSE;
60185377Ssam}
61185377Ssam
62185377Ssam/*
63185377Ssam * Clear the specified key cache entry and any associated MIC entry.
64185377Ssam */
65185377SsamHAL_BOOL
66185377Ssamar5212ResetKeyCacheEntry(struct ath_hal *ah, uint16_t entry)
67185377Ssam{
68185377Ssam	uint32_t keyType;
69185377Ssam
70185377Ssam	if (entry >= AH_PRIVATE(ah)->ah_caps.halKeyCacheSize) {
71185377Ssam		HALDEBUG(ah, HAL_DEBUG_ANY, "%s: entry %u out of range\n",
72185377Ssam		    __func__, entry);
73185377Ssam		return AH_FALSE;
74185377Ssam	}
75185377Ssam	keyType = OS_REG_READ(ah, AR_KEYTABLE_TYPE(entry));
76185377Ssam
77185377Ssam	/* XXX why not clear key type/valid bit first? */
78185377Ssam	OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(entry), 0);
79185377Ssam	OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(entry), 0);
80185377Ssam	OS_REG_WRITE(ah, AR_KEYTABLE_KEY2(entry), 0);
81185377Ssam	OS_REG_WRITE(ah, AR_KEYTABLE_KEY3(entry), 0);
82185377Ssam	OS_REG_WRITE(ah, AR_KEYTABLE_KEY4(entry), 0);
83185377Ssam	OS_REG_WRITE(ah, AR_KEYTABLE_TYPE(entry), AR_KEYTABLE_TYPE_CLR);
84185377Ssam	OS_REG_WRITE(ah, AR_KEYTABLE_MAC0(entry), 0);
85185377Ssam	OS_REG_WRITE(ah, AR_KEYTABLE_MAC1(entry), 0);
86185377Ssam	if (keyType == AR_KEYTABLE_TYPE_TKIP && IS_MIC_ENABLED(ah)) {
87185377Ssam		uint16_t micentry = entry+64;	/* MIC goes at slot+64 */
88185377Ssam
89185377Ssam		HALASSERT(micentry < AH_PRIVATE(ah)->ah_caps.halKeyCacheSize);
90185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(micentry), 0);
91185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(micentry), 0);
92185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY2(micentry), 0);
93185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY3(micentry), 0);
94185377Ssam		/* NB: key type and MAC are known to be ok */
95185377Ssam	}
96185377Ssam	return AH_TRUE;
97185377Ssam}
98185377Ssam
99185377Ssam/*
100185377Ssam * Sets the mac part of the specified key cache entry (and any
101185377Ssam * associated MIC entry) and mark them valid.
102218483Sadrian *
103218483Sadrian * Since mac[0] is shifted off and not presented to the hardware,
104218483Sadrian * it does double duty as a "don't use for unicast, use for multicast
105218483Sadrian * matching" flag. This interface should later be extended to
106218483Sadrian * explicitly do that rather than overloading a bit in the MAC
107218483Sadrian * address.
108185377Ssam */
109185377SsamHAL_BOOL
110185377Ssamar5212SetKeyCacheEntryMac(struct ath_hal *ah, uint16_t entry, const uint8_t *mac)
111185377Ssam{
112185377Ssam	uint32_t macHi, macLo;
113218483Sadrian	uint32_t unicast_flag = AR_KEYTABLE_VALID;
114185377Ssam
115185377Ssam	if (entry >= AH_PRIVATE(ah)->ah_caps.halKeyCacheSize) {
116185377Ssam		HALDEBUG(ah, HAL_DEBUG_ANY, "%s: entry %u out of range\n",
117185377Ssam		    __func__, entry);
118185377Ssam		return AH_FALSE;
119185377Ssam	}
120185377Ssam	/*
121185377Ssam	 * Set MAC address -- shifted right by 1.  MacLo is
122185377Ssam	 * the 4 MSBs, and MacHi is the 2 LSBs.
123185377Ssam	 */
124185377Ssam	if (mac != AH_NULL) {
125218483Sadrian		/*
126218483Sadrian		 * AR_KEYTABLE_VALID indicates that the address is a unicast
127218483Sadrian		 * address, which must match the transmitter address for
128218483Sadrian		 * decrypting frames.
129218483Sadrian		 * Not setting this bit allows the hardware to use the key
130218483Sadrian		 * for multicast frame decryption.
131218483Sadrian		 */
132218483Sadrian		if (mac[0] & 0x01)
133218483Sadrian			unicast_flag = 0;
134218483Sadrian
135185377Ssam		macHi = (mac[5] << 8) | mac[4];
136185377Ssam		macLo = (mac[3] << 24)| (mac[2] << 16)
137185377Ssam		      | (mac[1] << 8) | mac[0];
138185377Ssam		macLo >>= 1;
139185377Ssam		macLo |= (macHi & 1) << 31;	/* carry */
140185377Ssam		macHi >>= 1;
141185377Ssam	} else {
142185377Ssam		macLo = macHi = 0;
143185377Ssam	}
144185377Ssam	OS_REG_WRITE(ah, AR_KEYTABLE_MAC0(entry), macLo);
145218483Sadrian	OS_REG_WRITE(ah, AR_KEYTABLE_MAC1(entry), macHi | unicast_flag);
146185377Ssam	return AH_TRUE;
147185377Ssam}
148185377Ssam
149185377Ssam/*
150185377Ssam * Sets the contents of the specified key cache entry
151185377Ssam * and any associated MIC entry.
152185377Ssam */
153185377SsamHAL_BOOL
154185377Ssamar5212SetKeyCacheEntry(struct ath_hal *ah, uint16_t entry,
155185377Ssam                       const HAL_KEYVAL *k, const uint8_t *mac,
156185377Ssam                       int xorKey)
157185377Ssam{
158185377Ssam	struct ath_hal_5212 *ahp = AH5212(ah);
159185377Ssam	const HAL_CAPABILITIES *pCap = &AH_PRIVATE(ah)->ah_caps;
160185377Ssam	uint32_t key0, key1, key2, key3, key4;
161185377Ssam	uint32_t keyType;
162185377Ssam	uint32_t xorMask = xorKey ?
163185377Ssam		(KEY_XOR << 24 | KEY_XOR << 16 | KEY_XOR << 8 | KEY_XOR) : 0;
164185377Ssam
165185377Ssam	if (entry >= pCap->halKeyCacheSize) {
166185377Ssam		HALDEBUG(ah, HAL_DEBUG_ANY, "%s: entry %u out of range\n",
167185377Ssam		    __func__, entry);
168185377Ssam		return AH_FALSE;
169185377Ssam	}
170185377Ssam	switch (k->kv_type) {
171185377Ssam	case HAL_CIPHER_AES_OCB:
172185377Ssam		keyType = AR_KEYTABLE_TYPE_AES;
173185377Ssam		break;
174185377Ssam	case HAL_CIPHER_AES_CCM:
175185377Ssam		if (!pCap->halCipherAesCcmSupport) {
176185377Ssam			HALDEBUG(ah, HAL_DEBUG_ANY,
177185377Ssam			    "%s: AES-CCM not supported by mac rev 0x%x\n",
178185377Ssam			    __func__, AH_PRIVATE(ah)->ah_macRev);
179185377Ssam			return AH_FALSE;
180185377Ssam		}
181185377Ssam		keyType = AR_KEYTABLE_TYPE_CCM;
182185377Ssam		break;
183185377Ssam	case HAL_CIPHER_TKIP:
184185377Ssam		keyType = AR_KEYTABLE_TYPE_TKIP;
185185377Ssam		if (IS_MIC_ENABLED(ah) && entry+64 >= pCap->halKeyCacheSize) {
186185377Ssam			HALDEBUG(ah, HAL_DEBUG_ANY,
187185377Ssam			    "%s: entry %u inappropriate for TKIP\n",
188185377Ssam			    __func__, entry);
189185377Ssam			return AH_FALSE;
190185377Ssam		}
191185377Ssam		break;
192185377Ssam	case HAL_CIPHER_WEP:
193185377Ssam		if (k->kv_len < 40 / NBBY) {
194185377Ssam			HALDEBUG(ah, HAL_DEBUG_ANY,
195185377Ssam			    "%s: WEP key length %u too small\n",
196185377Ssam			    __func__, k->kv_len);
197185377Ssam			return AH_FALSE;
198185377Ssam		}
199185377Ssam		if (k->kv_len <= 40 / NBBY)
200185377Ssam			keyType = AR_KEYTABLE_TYPE_40;
201185377Ssam		else if (k->kv_len <= 104 / NBBY)
202185377Ssam			keyType = AR_KEYTABLE_TYPE_104;
203185377Ssam		else
204185377Ssam			keyType = AR_KEYTABLE_TYPE_128;
205185377Ssam		break;
206185377Ssam	case HAL_CIPHER_CLR:
207185377Ssam		keyType = AR_KEYTABLE_TYPE_CLR;
208185377Ssam		break;
209185377Ssam	default:
210185377Ssam		HALDEBUG(ah, HAL_DEBUG_ANY, "%s: cipher %u not supported\n",
211185377Ssam		    __func__, k->kv_type);
212185377Ssam		return AH_FALSE;
213185377Ssam	}
214185377Ssam
215185377Ssam	key0 = LE_READ_4(k->kv_val+0) ^ xorMask;
216185377Ssam	key1 = (LE_READ_2(k->kv_val+4) ^ xorMask) & 0xffff;
217185377Ssam	key2 = LE_READ_4(k->kv_val+6) ^ xorMask;
218185377Ssam	key3 = (LE_READ_2(k->kv_val+10) ^ xorMask) & 0xffff;
219185377Ssam	key4 = LE_READ_4(k->kv_val+12) ^ xorMask;
220185377Ssam	if (k->kv_len <= 104 / NBBY)
221185377Ssam		key4 &= 0xff;
222185377Ssam
223185377Ssam	/*
224185377Ssam	 * Note: key cache hardware requires that each double-word
225185377Ssam	 * pair be written in even/odd order (since the destination is
226185377Ssam	 * a 64-bit register).  Don't reorder these writes w/o
227185377Ssam	 * considering this!
228185377Ssam	 */
229185377Ssam	if (keyType == AR_KEYTABLE_TYPE_TKIP && IS_MIC_ENABLED(ah)) {
230185377Ssam		uint16_t micentry = entry+64;	/* MIC goes at slot+64 */
231185377Ssam		uint32_t mic0, mic1, mic2, mic3, mic4;
232185377Ssam
233185377Ssam		/*
234185377Ssam		 * Invalidate the encrypt/decrypt key until the MIC
235185377Ssam		 * key is installed so pending rx frames will fail
236185377Ssam		 * with decrypt errors rather than a MIC error.
237185377Ssam		 */
238185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(entry), ~key0);
239185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(entry), ~key1);
240185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY2(entry), key2);
241185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY3(entry), key3);
242185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY4(entry), key4);
243185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_TYPE(entry), keyType);
244185377Ssam		(void) ar5212SetKeyCacheEntryMac(ah, entry, mac);
245185377Ssam
246185377Ssam
247185377Ssam		/*
248185377Ssam		 * Write MIC entry according to new or old key layout.
249185377Ssam		 * The MISC_MODE register is assumed already set so
250185377Ssam		 * these writes will be handled properly (happens on
251185377Ssam		 * attach and at every reset).
252185377Ssam		 */
253185377Ssam		/* RX mic */
254185377Ssam		mic0 = LE_READ_4(k->kv_mic+0);
255185377Ssam		mic2 = LE_READ_4(k->kv_mic+4);
256185377Ssam		if (ahp->ah_miscMode & AR_MISC_MODE_MIC_NEW_LOC_ENABLE) {
257185377Ssam			/*
258185377Ssam			 * Both RX and TX mic values can be combined into
259185377Ssam			 * one cache slot entry:
260185377Ssam			 *  8*N + 800         31:0    RX Michael key 0
261185377Ssam			 *  8*N + 804         15:0    TX Michael key 0 [31:16]
262185377Ssam			 *  8*N + 808         31:0    RX Michael key 1
263185377Ssam			 *  8*N + 80C         15:0    TX Michael key 0 [15:0]
264185377Ssam			 *  8*N + 810         31:0    TX Michael key 1
265185377Ssam			 *  8*N + 814         15:0    reserved
266185377Ssam			 *  8*N + 818         31:0    reserved
267185377Ssam			 *  8*N + 81C         14:0    reserved
268185377Ssam			 *                    15      key valid == 0
269185377Ssam			 */
270185377Ssam			/* TX mic */
271185377Ssam			mic1 = LE_READ_2(k->kv_txmic+2) & 0xffff;
272185377Ssam			mic3 = LE_READ_2(k->kv_txmic+0) & 0xffff;
273185377Ssam			mic4 = LE_READ_4(k->kv_txmic+4);
274185377Ssam		} else {
275185377Ssam			mic1 = mic3 = mic4 = 0;
276185377Ssam		}
277185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(micentry), mic0);
278185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(micentry), mic1);
279185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY2(micentry), mic2);
280185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY3(micentry), mic3);
281185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY4(micentry), mic4);
282185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_TYPE(micentry),
283185377Ssam			AR_KEYTABLE_TYPE_CLR);
284185377Ssam		/* NB: MIC key is not marked valid and has no MAC address */
285185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_MAC0(micentry), 0);
286185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_MAC1(micentry), 0);
287185377Ssam
288185377Ssam		/* correct intentionally corrupted key */
289185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(entry), key0);
290185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(entry), key1);
291185377Ssam	} else {
292185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(entry), key0);
293185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(entry), key1);
294185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY2(entry), key2);
295185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY3(entry), key3);
296185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_KEY4(entry), key4);
297185377Ssam		OS_REG_WRITE(ah, AR_KEYTABLE_TYPE(entry), keyType);
298185377Ssam
299185377Ssam		(void) ar5212SetKeyCacheEntryMac(ah, entry, mac);
300185377Ssam	}
301185377Ssam	return AH_TRUE;
302185377Ssam}
303