1/*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2002-2009 Sam Leffler, Errno Consulting 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer, 12 * without modification. 13 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 14 * similar to the "NO WARRANTY" disclaimer below ("Disclaimer") and any 15 * redistribution must be conditioned upon including a substantially 16 * similar Disclaimer requirement for further binary redistribution. 17 * 18 * NO WARRANTY 19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 * LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTIBILITY 22 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 23 * THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, 24 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER 27 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 29 * THE POSSIBILITY OF SUCH DAMAGES. 30 */ 31 32#include <sys/cdefs.h> 33/* 34 * Driver for the Atheros Wireless LAN controller. 35 * 36 * This software is derived from work of Atsushi Onoe; his contribution 37 * is greatly appreciated. 38 */ 39 40#include "opt_inet.h" 41#include "opt_ath.h" 42#include "opt_wlan.h" 43 44#include <sys/param.h> 45#include <sys/systm.h> 46#include <sys/sysctl.h> 47#include <sys/mbuf.h> 48#include <sys/malloc.h> 49#include <sys/lock.h> 50#include <sys/mutex.h> 51#include <sys/kernel.h> 52#include <sys/socket.h> 53#include <sys/sockio.h> 54#include <sys/errno.h> 55#include <sys/callout.h> 56#include <sys/bus.h> 57#include <sys/endian.h> 58#include <sys/kthread.h> 59#include <sys/taskqueue.h> 60#include <sys/priv.h> 61 62#include <machine/bus.h> 63 64#include <net/if.h> 65#include <net/if_var.h> 66#include <net/if_dl.h> 67#include <net/if_media.h> 68#include <net/if_types.h> 69#include <net/if_arp.h> 70#include <net/ethernet.h> 71#include <net/if_llc.h> 72 73#include <net80211/ieee80211_var.h> 74 75#include <net/bpf.h> 76 77#include <dev/ath/if_athvar.h> 78 79#include <dev/ath/if_ath_debug.h> 80#include <dev/ath/if_ath_keycache.h> 81#include <dev/ath/if_ath_misc.h> 82 83#ifdef ATH_DEBUG 84static void 85ath_keyprint(struct ath_softc *sc, const char *tag, u_int ix, 86 const HAL_KEYVAL *hk, const u_int8_t mac[IEEE80211_ADDR_LEN]) 87{ 88 static const char *ciphers[] = { 89 "WEP", 90 "AES-OCB", 91 "AES-CCM", 92 "CKIP", 93 "TKIP", 94 "CLR", 95 }; 96 int i, n; 97 98 printf("%s: [%02u] %-7s ", tag, ix, ciphers[hk->kv_type]); 99 for (i = 0, n = hk->kv_len; i < n; i++) 100 printf("%02x", hk->kv_val[i]); 101 printf(" mac %s", ether_sprintf(mac)); 102 if (hk->kv_type == HAL_CIPHER_TKIP) { 103 printf(" %s ", sc->sc_splitmic ? "mic" : "rxmic"); 104 for (i = 0; i < sizeof(hk->kv_mic); i++) 105 printf("%02x", hk->kv_mic[i]); 106 if (!sc->sc_splitmic) { 107 printf(" txmic "); 108 for (i = 0; i < sizeof(hk->kv_txmic); i++) 109 printf("%02x", hk->kv_txmic[i]); 110 } 111 } 112 printf("\n"); 113} 114#endif 115 116/* 117 * Set a TKIP key into the hardware. This handles the 118 * potential distribution of key state to multiple key 119 * cache slots for TKIP. 120 */ 121static int 122ath_keyset_tkip(struct ath_softc *sc, const struct ieee80211_key *k, 123 HAL_KEYVAL *hk, const u_int8_t mac[IEEE80211_ADDR_LEN]) 124{ 125#define IEEE80211_KEY_XR (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV) 126 static const u_int8_t zerobssid[IEEE80211_ADDR_LEN]; 127 struct ath_hal *ah = sc->sc_ah; 128 129 KASSERT(k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP, 130 ("got a non-TKIP key, cipher %u", k->wk_cipher->ic_cipher)); 131 if ((k->wk_flags & IEEE80211_KEY_XR) == IEEE80211_KEY_XR) { 132 if (sc->sc_splitmic) { 133 /* 134 * TX key goes at first index, RX key at the rx index. 135 * The hal handles the MIC keys at index+64. 136 */ 137 memcpy(hk->kv_mic, k->wk_txmic, sizeof(hk->kv_mic)); 138 KEYPRINTF(sc, k->wk_keyix, hk, zerobssid); 139 if (!ath_hal_keyset(ah, k->wk_keyix, hk, zerobssid)) 140 return 0; 141 142 memcpy(hk->kv_mic, k->wk_rxmic, sizeof(hk->kv_mic)); 143 KEYPRINTF(sc, k->wk_keyix+32, hk, mac); 144 /* XXX delete tx key on failure? */ 145 return ath_hal_keyset(ah, k->wk_keyix+32, hk, mac); 146 } else { 147 /* 148 * Room for both TX+RX MIC keys in one key cache 149 * slot, just set key at the first index; the hal 150 * will handle the rest. 151 */ 152 memcpy(hk->kv_mic, k->wk_rxmic, sizeof(hk->kv_mic)); 153 memcpy(hk->kv_txmic, k->wk_txmic, sizeof(hk->kv_txmic)); 154 KEYPRINTF(sc, k->wk_keyix, hk, mac); 155 return ath_hal_keyset(ah, k->wk_keyix, hk, mac); 156 } 157 } else if (k->wk_flags & IEEE80211_KEY_XMIT) { 158 if (sc->sc_splitmic) { 159 /* 160 * NB: must pass MIC key in expected location when 161 * the keycache only holds one MIC key per entry. 162 */ 163 memcpy(hk->kv_mic, k->wk_txmic, sizeof(hk->kv_txmic)); 164 } else 165 memcpy(hk->kv_txmic, k->wk_txmic, sizeof(hk->kv_txmic)); 166 KEYPRINTF(sc, k->wk_keyix, hk, mac); 167 return ath_hal_keyset(ah, k->wk_keyix, hk, mac); 168 } else if (k->wk_flags & IEEE80211_KEY_RECV) { 169 memcpy(hk->kv_mic, k->wk_rxmic, sizeof(hk->kv_mic)); 170 KEYPRINTF(sc, k->wk_keyix, hk, mac); 171 return ath_hal_keyset(ah, k->wk_keyix, hk, mac); 172 } 173 return 0; 174#undef IEEE80211_KEY_XR 175} 176 177/* 178 * Set a net80211 key into the hardware. This handles the 179 * potential distribution of key state to multiple key 180 * cache slots for TKIP with hardware MIC support. 181 */ 182int 183ath_keyset(struct ath_softc *sc, struct ieee80211vap *vap, 184 const struct ieee80211_key *k, 185 struct ieee80211_node *bss) 186{ 187 static const u_int8_t ciphermap[] = { 188 HAL_CIPHER_WEP, /* IEEE80211_CIPHER_WEP */ 189 HAL_CIPHER_TKIP, /* IEEE80211_CIPHER_TKIP */ 190 HAL_CIPHER_AES_OCB, /* IEEE80211_CIPHER_AES_OCB */ 191 HAL_CIPHER_AES_CCM, /* IEEE80211_CIPHER_AES_CCM */ 192 (u_int8_t) -1, /* 4 is not allocated */ 193 HAL_CIPHER_CKIP, /* IEEE80211_CIPHER_CKIP */ 194 HAL_CIPHER_CLR, /* IEEE80211_CIPHER_NONE */ 195 }; 196 struct ath_hal *ah = sc->sc_ah; 197 const struct ieee80211_cipher *cip = k->wk_cipher; 198 u_int8_t gmac[IEEE80211_ADDR_LEN]; 199 const u_int8_t *mac; 200 HAL_KEYVAL hk; 201 int ret; 202 203 memset(&hk, 0, sizeof(hk)); 204 /* 205 * Software crypto uses a "clear key" so non-crypto 206 * state kept in the key cache are maintained and 207 * so that rx frames have an entry to match. 208 */ 209 if ((k->wk_flags & IEEE80211_KEY_SWCRYPT) == 0) { 210 KASSERT(cip->ic_cipher < nitems(ciphermap), 211 ("invalid cipher type %u", cip->ic_cipher)); 212 hk.kv_type = ciphermap[cip->ic_cipher]; 213 hk.kv_len = k->wk_keylen; 214 memcpy(hk.kv_val, k->wk_key, k->wk_keylen); 215 } else 216 hk.kv_type = HAL_CIPHER_CLR; 217 218 /* 219 * If we're installing a clear cipher key and 220 * the hardware doesn't support that, just succeed. 221 * Leave it up to the net80211 layer to figure it out. 222 */ 223 if (hk.kv_type == HAL_CIPHER_CLR && sc->sc_hasclrkey == 0) { 224 return (1); 225 } 226 227 /* 228 * XXX TODO: check this: 229 * 230 * Group keys on hardware that supports multicast frame 231 * key search should only be done in adhoc/hostap mode, 232 * not STA mode. 233 * 234 * XXX TODO: what about mesh, tdma? 235 */ 236#if 0 237 if ((vap->iv_opmode == IEEE80211_M_HOSTAP || 238 vap->iv_opmode == IEEE80211_M_IBSS) && 239#else 240 if ( 241#endif 242 (k->wk_flags & IEEE80211_KEY_GROUP) && 243 sc->sc_mcastkey) { 244 /* 245 * Group keys on hardware that supports multicast frame 246 * key search use a MAC that is the sender's address with 247 * the multicast bit set instead of the app-specified address. 248 */ 249 IEEE80211_ADDR_COPY(gmac, bss->ni_macaddr); 250 gmac[0] |= 0x01; 251 mac = gmac; 252 } else 253 mac = k->wk_macaddr; 254 255 ATH_LOCK(sc); 256 ath_power_set_power_state(sc, HAL_PM_AWAKE); 257 if (hk.kv_type == HAL_CIPHER_TKIP && 258 (k->wk_flags & IEEE80211_KEY_SWMIC) == 0) { 259 ret = ath_keyset_tkip(sc, k, &hk, mac); 260 } else { 261 KEYPRINTF(sc, k->wk_keyix, &hk, mac); 262 ret = ath_hal_keyset(ah, k->wk_keyix, &hk, mac); 263 } 264 ath_power_restore_power_state(sc); 265 ATH_UNLOCK(sc); 266 267 return (ret); 268} 269 270/* 271 * Allocate tx/rx key slots for TKIP. We allocate two slots for 272 * each key, one for decrypt/encrypt and the other for the MIC. 273 */ 274static u_int16_t 275key_alloc_2pair(struct ath_softc *sc, 276 ieee80211_keyix *txkeyix, ieee80211_keyix *rxkeyix) 277{ 278 u_int i, keyix; 279 280 KASSERT(sc->sc_splitmic, ("key cache !split")); 281 /* XXX could optimize */ 282 for (i = 0; i < nitems(sc->sc_keymap)/4; i++) { 283 u_int8_t b = sc->sc_keymap[i]; 284 if (b != 0xff) { 285 /* 286 * One or more slots in this byte are free. 287 */ 288 keyix = i*NBBY; 289 while (b & 1) { 290 again: 291 keyix++; 292 b >>= 1; 293 } 294 /* XXX IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV */ 295 if (isset(sc->sc_keymap, keyix+32) || 296 isset(sc->sc_keymap, keyix+64) || 297 isset(sc->sc_keymap, keyix+32+64)) { 298 /* full pair unavailable */ 299 /* XXX statistic */ 300 if (keyix == (i+1)*NBBY) { 301 /* no slots were appropriate, advance */ 302 continue; 303 } 304 goto again; 305 } 306 setbit(sc->sc_keymap, keyix); 307 setbit(sc->sc_keymap, keyix+64); 308 setbit(sc->sc_keymap, keyix+32); 309 setbit(sc->sc_keymap, keyix+32+64); 310 DPRINTF(sc, ATH_DEBUG_KEYCACHE, 311 "%s: key pair %u,%u %u,%u\n", 312 __func__, keyix, keyix+64, 313 keyix+32, keyix+32+64); 314 *txkeyix = keyix; 315 *rxkeyix = keyix+32; 316 return 1; 317 } 318 } 319 DPRINTF(sc, ATH_DEBUG_KEYCACHE, "%s: out of pair space\n", __func__); 320 return 0; 321} 322 323/* 324 * Allocate tx/rx key slots for TKIP. We allocate two slots for 325 * each key, one for decrypt/encrypt and the other for the MIC. 326 */ 327static u_int16_t 328key_alloc_pair(struct ath_softc *sc, 329 ieee80211_keyix *txkeyix, ieee80211_keyix *rxkeyix) 330{ 331 u_int i, keyix; 332 333 KASSERT(!sc->sc_splitmic, ("key cache split")); 334 /* XXX could optimize */ 335 for (i = 0; i < nitems(sc->sc_keymap)/4; i++) { 336 u_int8_t b = sc->sc_keymap[i]; 337 if (b != 0xff) { 338 /* 339 * One or more slots in this byte are free. 340 */ 341 keyix = i*NBBY; 342 while (b & 1) { 343 again: 344 keyix++; 345 b >>= 1; 346 } 347 if (isset(sc->sc_keymap, keyix+64)) { 348 /* full pair unavailable */ 349 /* XXX statistic */ 350 if (keyix == (i+1)*NBBY) { 351 /* no slots were appropriate, advance */ 352 continue; 353 } 354 goto again; 355 } 356 setbit(sc->sc_keymap, keyix); 357 setbit(sc->sc_keymap, keyix+64); 358 DPRINTF(sc, ATH_DEBUG_KEYCACHE, 359 "%s: key pair %u,%u\n", 360 __func__, keyix, keyix+64); 361 *txkeyix = *rxkeyix = keyix; 362 return 1; 363 } 364 } 365 DPRINTF(sc, ATH_DEBUG_KEYCACHE, "%s: out of pair space\n", __func__); 366 return 0; 367} 368 369/* 370 * Allocate a single key cache slot. 371 */ 372static int 373key_alloc_single(struct ath_softc *sc, 374 ieee80211_keyix *txkeyix, ieee80211_keyix *rxkeyix) 375{ 376 u_int i, keyix; 377 378 if (sc->sc_hasclrkey == 0) { 379 /* 380 * Map to slot 0 for the AR5210. 381 */ 382 *txkeyix = *rxkeyix = 0; 383 return (1); 384 } 385 386 /* XXX try i,i+32,i+64,i+32+64 to minimize key pair conflicts */ 387 for (i = 0; i < nitems(sc->sc_keymap); i++) { 388 u_int8_t b = sc->sc_keymap[i]; 389 if (b != 0xff) { 390 /* 391 * One or more slots are free. 392 */ 393 keyix = i*NBBY; 394 while (b & 1) 395 keyix++, b >>= 1; 396 setbit(sc->sc_keymap, keyix); 397 DPRINTF(sc, ATH_DEBUG_KEYCACHE, "%s: key %u\n", 398 __func__, keyix); 399 *txkeyix = *rxkeyix = keyix; 400 return 1; 401 } 402 } 403 DPRINTF(sc, ATH_DEBUG_KEYCACHE, "%s: out of space\n", __func__); 404 return 0; 405} 406 407/* 408 * Allocate one or more key cache slots for a uniacst key. The 409 * key itself is needed only to identify the cipher. For hardware 410 * TKIP with split cipher+MIC keys we allocate two key cache slot 411 * pairs so that we can setup separate TX and RX MIC keys. Note 412 * that the MIC key for a TKIP key at slot i is assumed by the 413 * hardware to be at slot i+64. This limits TKIP keys to the first 414 * 64 entries. 415 */ 416int 417ath_key_alloc(struct ieee80211vap *vap, struct ieee80211_key *k, 418 ieee80211_keyix *keyix, ieee80211_keyix *rxkeyix) 419{ 420 struct ath_softc *sc = vap->iv_ic->ic_softc; 421 422 /* 423 * Group key allocation must be handled specially for 424 * parts that do not support multicast key cache search 425 * functionality. For those parts the key id must match 426 * the h/w key index so lookups find the right key. On 427 * parts w/ the key search facility we install the sender's 428 * mac address (with the high bit set) and let the hardware 429 * find the key w/o using the key id. This is preferred as 430 * it permits us to support multiple users for adhoc and/or 431 * multi-station operation. 432 */ 433 if (k->wk_keyix != IEEE80211_KEYIX_NONE) { 434 /* 435 * Only global keys should have key index assigned. 436 */ 437 if (!(&vap->iv_nw_keys[0] <= k && 438 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID])) { 439 /* should not happen */ 440 DPRINTF(sc, ATH_DEBUG_KEYCACHE, 441 "%s: bogus group key\n", __func__); 442 return 0; 443 } 444 if (vap->iv_opmode != IEEE80211_M_HOSTAP || 445 !(k->wk_flags & IEEE80211_KEY_GROUP) || 446 !sc->sc_mcastkey) { 447 /* 448 * XXX we pre-allocate the global keys so 449 * have no way to check if they've already 450 * been allocated. 451 */ 452 *keyix = *rxkeyix = 453 ieee80211_crypto_get_key_wepidx(vap, k); 454 return 1; 455 } 456 /* 457 * Group key and device supports multicast key search. 458 */ 459 k->wk_keyix = IEEE80211_KEYIX_NONE; 460 } 461 462 /* 463 * We allocate two pair for TKIP when using the h/w to do 464 * the MIC. For everything else, including software crypto, 465 * we allocate a single entry. Note that s/w crypto requires 466 * a pass-through slot on the 5211 and 5212. The 5210 does 467 * not support pass-through cache entries and we map all 468 * those requests to slot 0. 469 */ 470 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) { 471 return key_alloc_single(sc, keyix, rxkeyix); 472 } else if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP && 473 (k->wk_flags & IEEE80211_KEY_SWMIC) == 0) { 474 if (sc->sc_splitmic) 475 return key_alloc_2pair(sc, keyix, rxkeyix); 476 else 477 return key_alloc_pair(sc, keyix, rxkeyix); 478 } else { 479 return key_alloc_single(sc, keyix, rxkeyix); 480 } 481} 482 483/* 484 * Delete an entry in the key cache allocated by ath_key_alloc. 485 */ 486int 487ath_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k) 488{ 489 struct ath_softc *sc = vap->iv_ic->ic_softc; 490 struct ath_hal *ah = sc->sc_ah; 491 const struct ieee80211_cipher *cip = k->wk_cipher; 492 u_int keyix = k->wk_keyix; 493 494 DPRINTF(sc, ATH_DEBUG_KEYCACHE, "%s: delete key %u\n", __func__, keyix); 495 496 ATH_LOCK(sc); 497 ath_power_set_power_state(sc, HAL_PM_AWAKE); 498 ath_hal_keyreset(ah, keyix); 499 /* 500 * Handle split tx/rx keying required for TKIP with h/w MIC. 501 */ 502 if (cip->ic_cipher == IEEE80211_CIPHER_TKIP && 503 (k->wk_flags & IEEE80211_KEY_SWMIC) == 0 && sc->sc_splitmic) 504 ath_hal_keyreset(ah, keyix+32); /* RX key */ 505 if (keyix >= IEEE80211_WEP_NKID) { 506 /* 507 * Don't touch keymap entries for global keys so 508 * they are never considered for dynamic allocation. 509 */ 510 clrbit(sc->sc_keymap, keyix); 511 if (cip->ic_cipher == IEEE80211_CIPHER_TKIP && 512 (k->wk_flags & IEEE80211_KEY_SWMIC) == 0) { 513 clrbit(sc->sc_keymap, keyix+64); /* TX key MIC */ 514 if (sc->sc_splitmic) { 515 /* +32 for RX key, +32+64 for RX key MIC */ 516 clrbit(sc->sc_keymap, keyix+32); 517 clrbit(sc->sc_keymap, keyix+32+64); 518 } 519 } 520 } 521 ath_power_restore_power_state(sc); 522 ATH_UNLOCK(sc); 523 return 1; 524} 525 526/* 527 * Set the key cache contents for the specified key. Key cache 528 * slot(s) must already have been allocated by ath_key_alloc. 529 */ 530int 531ath_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k) 532{ 533 struct ath_softc *sc = vap->iv_ic->ic_softc; 534 535 return ath_keyset(sc, vap, k, vap->iv_bss); 536} 537