1185377Ssam/* 2185377Ssam * Copyright (c) 2002-2008 Sam Leffler, Errno Consulting 3185377Ssam * Copyright (c) 2002-2008 Atheros Communications, Inc. 4185377Ssam * 5185377Ssam * Permission to use, copy, modify, and/or distribute this software for any 6185377Ssam * purpose with or without fee is hereby granted, provided that the above 7185377Ssam * copyright notice and this permission notice appear in all copies. 8185377Ssam * 9185377Ssam * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10185377Ssam * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11185377Ssam * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12185377Ssam * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13185377Ssam * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14185377Ssam * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15185377Ssam * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16185377Ssam * 17204644Srpaulo * $FreeBSD$ 18185377Ssam */ 19185377Ssam#include "opt_ah.h" 20185377Ssam 21185377Ssam#include "ah.h" 22185377Ssam#include "ah_internal.h" 23185377Ssam 24185377Ssam#include "ar5212/ar5212.h" 25185377Ssam#include "ar5212/ar5212reg.h" 26185377Ssam#include "ar5212/ar5212desc.h" 27185377Ssam 28185377Ssam/* 29185377Ssam * Note: The key cache hardware requires that each double-word 30185377Ssam * pair be written in even/odd order (since the destination is 31185377Ssam * a 64-bit register). Don't reorder the writes in this code 32185377Ssam * w/o considering this! 33185377Ssam */ 34185377Ssam#define KEY_XOR 0xaa 35185377Ssam 36185377Ssam#define IS_MIC_ENABLED(ah) \ 37185377Ssam (AH5212(ah)->ah_staId1Defaults & AR_STA_ID1_CRPT_MIC_ENABLE) 38185377Ssam 39185377Ssam/* 40185377Ssam * Return the size of the hardware key cache. 41185377Ssam */ 42185377Ssamuint32_t 43185377Ssamar5212GetKeyCacheSize(struct ath_hal *ah) 44185377Ssam{ 45185377Ssam return AH_PRIVATE(ah)->ah_caps.halKeyCacheSize; 46185377Ssam} 47185377Ssam 48185377Ssam/* 49185377Ssam * Return true if the specific key cache entry is valid. 50185377Ssam */ 51185377SsamHAL_BOOL 52185377Ssamar5212IsKeyCacheEntryValid(struct ath_hal *ah, uint16_t entry) 53185377Ssam{ 54185377Ssam if (entry < AH_PRIVATE(ah)->ah_caps.halKeyCacheSize) { 55185377Ssam uint32_t val = OS_REG_READ(ah, AR_KEYTABLE_MAC1(entry)); 56185377Ssam if (val & AR_KEYTABLE_VALID) 57185377Ssam return AH_TRUE; 58185377Ssam } 59185377Ssam return AH_FALSE; 60185377Ssam} 61185377Ssam 62185377Ssam/* 63185377Ssam * Clear the specified key cache entry and any associated MIC entry. 64185377Ssam */ 65185377SsamHAL_BOOL 66185377Ssamar5212ResetKeyCacheEntry(struct ath_hal *ah, uint16_t entry) 67185377Ssam{ 68185377Ssam uint32_t keyType; 69185377Ssam 70185377Ssam if (entry >= AH_PRIVATE(ah)->ah_caps.halKeyCacheSize) { 71185377Ssam HALDEBUG(ah, HAL_DEBUG_ANY, "%s: entry %u out of range\n", 72185377Ssam __func__, entry); 73185377Ssam return AH_FALSE; 74185377Ssam } 75185377Ssam keyType = OS_REG_READ(ah, AR_KEYTABLE_TYPE(entry)); 76185377Ssam 77185377Ssam /* XXX why not clear key type/valid bit first? */ 78185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(entry), 0); 79185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(entry), 0); 80185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY2(entry), 0); 81185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY3(entry), 0); 82185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY4(entry), 0); 83185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_TYPE(entry), AR_KEYTABLE_TYPE_CLR); 84185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_MAC0(entry), 0); 85185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_MAC1(entry), 0); 86185377Ssam if (keyType == AR_KEYTABLE_TYPE_TKIP && IS_MIC_ENABLED(ah)) { 87185377Ssam uint16_t micentry = entry+64; /* MIC goes at slot+64 */ 88185377Ssam 89185377Ssam HALASSERT(micentry < AH_PRIVATE(ah)->ah_caps.halKeyCacheSize); 90185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(micentry), 0); 91185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(micentry), 0); 92185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY2(micentry), 0); 93185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY3(micentry), 0); 94185377Ssam /* NB: key type and MAC are known to be ok */ 95185377Ssam } 96185377Ssam return AH_TRUE; 97185377Ssam} 98185377Ssam 99185377Ssam/* 100185377Ssam * Sets the mac part of the specified key cache entry (and any 101185377Ssam * associated MIC entry) and mark them valid. 102218483Sadrian * 103218483Sadrian * Since mac[0] is shifted off and not presented to the hardware, 104218483Sadrian * it does double duty as a "don't use for unicast, use for multicast 105218483Sadrian * matching" flag. This interface should later be extended to 106218483Sadrian * explicitly do that rather than overloading a bit in the MAC 107218483Sadrian * address. 108185377Ssam */ 109185377SsamHAL_BOOL 110185377Ssamar5212SetKeyCacheEntryMac(struct ath_hal *ah, uint16_t entry, const uint8_t *mac) 111185377Ssam{ 112185377Ssam uint32_t macHi, macLo; 113218483Sadrian uint32_t unicast_flag = AR_KEYTABLE_VALID; 114185377Ssam 115185377Ssam if (entry >= AH_PRIVATE(ah)->ah_caps.halKeyCacheSize) { 116185377Ssam HALDEBUG(ah, HAL_DEBUG_ANY, "%s: entry %u out of range\n", 117185377Ssam __func__, entry); 118185377Ssam return AH_FALSE; 119185377Ssam } 120185377Ssam /* 121185377Ssam * Set MAC address -- shifted right by 1. MacLo is 122185377Ssam * the 4 MSBs, and MacHi is the 2 LSBs. 123185377Ssam */ 124185377Ssam if (mac != AH_NULL) { 125218483Sadrian /* 126218483Sadrian * AR_KEYTABLE_VALID indicates that the address is a unicast 127218483Sadrian * address, which must match the transmitter address for 128218483Sadrian * decrypting frames. 129218483Sadrian * Not setting this bit allows the hardware to use the key 130218483Sadrian * for multicast frame decryption. 131218483Sadrian */ 132218483Sadrian if (mac[0] & 0x01) 133218483Sadrian unicast_flag = 0; 134218483Sadrian 135185377Ssam macHi = (mac[5] << 8) | mac[4]; 136185377Ssam macLo = (mac[3] << 24)| (mac[2] << 16) 137185377Ssam | (mac[1] << 8) | mac[0]; 138185377Ssam macLo >>= 1; 139185377Ssam macLo |= (macHi & 1) << 31; /* carry */ 140185377Ssam macHi >>= 1; 141185377Ssam } else { 142185377Ssam macLo = macHi = 0; 143185377Ssam } 144185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_MAC0(entry), macLo); 145218483Sadrian OS_REG_WRITE(ah, AR_KEYTABLE_MAC1(entry), macHi | unicast_flag); 146185377Ssam return AH_TRUE; 147185377Ssam} 148185377Ssam 149185377Ssam/* 150185377Ssam * Sets the contents of the specified key cache entry 151185377Ssam * and any associated MIC entry. 152185377Ssam */ 153185377SsamHAL_BOOL 154185377Ssamar5212SetKeyCacheEntry(struct ath_hal *ah, uint16_t entry, 155185377Ssam const HAL_KEYVAL *k, const uint8_t *mac, 156185377Ssam int xorKey) 157185377Ssam{ 158185377Ssam struct ath_hal_5212 *ahp = AH5212(ah); 159185377Ssam const HAL_CAPABILITIES *pCap = &AH_PRIVATE(ah)->ah_caps; 160185377Ssam uint32_t key0, key1, key2, key3, key4; 161185377Ssam uint32_t keyType; 162185377Ssam uint32_t xorMask = xorKey ? 163185377Ssam (KEY_XOR << 24 | KEY_XOR << 16 | KEY_XOR << 8 | KEY_XOR) : 0; 164185377Ssam 165185377Ssam if (entry >= pCap->halKeyCacheSize) { 166185377Ssam HALDEBUG(ah, HAL_DEBUG_ANY, "%s: entry %u out of range\n", 167185377Ssam __func__, entry); 168185377Ssam return AH_FALSE; 169185377Ssam } 170185377Ssam switch (k->kv_type) { 171185377Ssam case HAL_CIPHER_AES_OCB: 172185377Ssam keyType = AR_KEYTABLE_TYPE_AES; 173185377Ssam break; 174185377Ssam case HAL_CIPHER_AES_CCM: 175185377Ssam if (!pCap->halCipherAesCcmSupport) { 176185377Ssam HALDEBUG(ah, HAL_DEBUG_ANY, 177185377Ssam "%s: AES-CCM not supported by mac rev 0x%x\n", 178185377Ssam __func__, AH_PRIVATE(ah)->ah_macRev); 179185377Ssam return AH_FALSE; 180185377Ssam } 181185377Ssam keyType = AR_KEYTABLE_TYPE_CCM; 182185377Ssam break; 183185377Ssam case HAL_CIPHER_TKIP: 184185377Ssam keyType = AR_KEYTABLE_TYPE_TKIP; 185185377Ssam if (IS_MIC_ENABLED(ah) && entry+64 >= pCap->halKeyCacheSize) { 186185377Ssam HALDEBUG(ah, HAL_DEBUG_ANY, 187185377Ssam "%s: entry %u inappropriate for TKIP\n", 188185377Ssam __func__, entry); 189185377Ssam return AH_FALSE; 190185377Ssam } 191185377Ssam break; 192185377Ssam case HAL_CIPHER_WEP: 193185377Ssam if (k->kv_len < 40 / NBBY) { 194185377Ssam HALDEBUG(ah, HAL_DEBUG_ANY, 195185377Ssam "%s: WEP key length %u too small\n", 196185377Ssam __func__, k->kv_len); 197185377Ssam return AH_FALSE; 198185377Ssam } 199185377Ssam if (k->kv_len <= 40 / NBBY) 200185377Ssam keyType = AR_KEYTABLE_TYPE_40; 201185377Ssam else if (k->kv_len <= 104 / NBBY) 202185377Ssam keyType = AR_KEYTABLE_TYPE_104; 203185377Ssam else 204185377Ssam keyType = AR_KEYTABLE_TYPE_128; 205185377Ssam break; 206185377Ssam case HAL_CIPHER_CLR: 207185377Ssam keyType = AR_KEYTABLE_TYPE_CLR; 208185377Ssam break; 209185377Ssam default: 210185377Ssam HALDEBUG(ah, HAL_DEBUG_ANY, "%s: cipher %u not supported\n", 211185377Ssam __func__, k->kv_type); 212185377Ssam return AH_FALSE; 213185377Ssam } 214185377Ssam 215185377Ssam key0 = LE_READ_4(k->kv_val+0) ^ xorMask; 216185377Ssam key1 = (LE_READ_2(k->kv_val+4) ^ xorMask) & 0xffff; 217185377Ssam key2 = LE_READ_4(k->kv_val+6) ^ xorMask; 218185377Ssam key3 = (LE_READ_2(k->kv_val+10) ^ xorMask) & 0xffff; 219185377Ssam key4 = LE_READ_4(k->kv_val+12) ^ xorMask; 220185377Ssam if (k->kv_len <= 104 / NBBY) 221185377Ssam key4 &= 0xff; 222185377Ssam 223185377Ssam /* 224185377Ssam * Note: key cache hardware requires that each double-word 225185377Ssam * pair be written in even/odd order (since the destination is 226185377Ssam * a 64-bit register). Don't reorder these writes w/o 227185377Ssam * considering this! 228185377Ssam */ 229185377Ssam if (keyType == AR_KEYTABLE_TYPE_TKIP && IS_MIC_ENABLED(ah)) { 230185377Ssam uint16_t micentry = entry+64; /* MIC goes at slot+64 */ 231185377Ssam uint32_t mic0, mic1, mic2, mic3, mic4; 232185377Ssam 233185377Ssam /* 234185377Ssam * Invalidate the encrypt/decrypt key until the MIC 235185377Ssam * key is installed so pending rx frames will fail 236185377Ssam * with decrypt errors rather than a MIC error. 237185377Ssam */ 238185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(entry), ~key0); 239185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(entry), ~key1); 240185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY2(entry), key2); 241185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY3(entry), key3); 242185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY4(entry), key4); 243185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_TYPE(entry), keyType); 244185377Ssam (void) ar5212SetKeyCacheEntryMac(ah, entry, mac); 245185377Ssam 246185377Ssam 247185377Ssam /* 248185377Ssam * Write MIC entry according to new or old key layout. 249185377Ssam * The MISC_MODE register is assumed already set so 250185377Ssam * these writes will be handled properly (happens on 251185377Ssam * attach and at every reset). 252185377Ssam */ 253185377Ssam /* RX mic */ 254185377Ssam mic0 = LE_READ_4(k->kv_mic+0); 255185377Ssam mic2 = LE_READ_4(k->kv_mic+4); 256185377Ssam if (ahp->ah_miscMode & AR_MISC_MODE_MIC_NEW_LOC_ENABLE) { 257185377Ssam /* 258185377Ssam * Both RX and TX mic values can be combined into 259185377Ssam * one cache slot entry: 260185377Ssam * 8*N + 800 31:0 RX Michael key 0 261185377Ssam * 8*N + 804 15:0 TX Michael key 0 [31:16] 262185377Ssam * 8*N + 808 31:0 RX Michael key 1 263185377Ssam * 8*N + 80C 15:0 TX Michael key 0 [15:0] 264185377Ssam * 8*N + 810 31:0 TX Michael key 1 265185377Ssam * 8*N + 814 15:0 reserved 266185377Ssam * 8*N + 818 31:0 reserved 267185377Ssam * 8*N + 81C 14:0 reserved 268185377Ssam * 15 key valid == 0 269185377Ssam */ 270185377Ssam /* TX mic */ 271185377Ssam mic1 = LE_READ_2(k->kv_txmic+2) & 0xffff; 272185377Ssam mic3 = LE_READ_2(k->kv_txmic+0) & 0xffff; 273185377Ssam mic4 = LE_READ_4(k->kv_txmic+4); 274185377Ssam } else { 275185377Ssam mic1 = mic3 = mic4 = 0; 276185377Ssam } 277185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(micentry), mic0); 278185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(micentry), mic1); 279185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY2(micentry), mic2); 280185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY3(micentry), mic3); 281185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY4(micentry), mic4); 282185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_TYPE(micentry), 283185377Ssam AR_KEYTABLE_TYPE_CLR); 284185377Ssam /* NB: MIC key is not marked valid and has no MAC address */ 285185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_MAC0(micentry), 0); 286185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_MAC1(micentry), 0); 287185377Ssam 288185377Ssam /* correct intentionally corrupted key */ 289185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(entry), key0); 290185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(entry), key1); 291185377Ssam } else { 292185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(entry), key0); 293185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(entry), key1); 294185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY2(entry), key2); 295185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY3(entry), key3); 296185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_KEY4(entry), key4); 297185377Ssam OS_REG_WRITE(ah, AR_KEYTABLE_TYPE(entry), keyType); 298185377Ssam 299185377Ssam (void) ar5212SetKeyCacheEntryMac(ah, entry, mac); 300185377Ssam } 301185377Ssam return AH_TRUE; 302185377Ssam} 303