1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright (c) 2002-2009 Sam Leffler, Errno Consulting
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer,
12 * without modification.
13 * 2. Redistributions in binary form must reproduce at minimum a disclaimer
14 * similar to the "NO WARRANTY" disclaimer below ("Disclaimer") and any
15 * redistribution must be conditioned upon including a substantially
16 * similar Disclaimer requirement for further binary redistribution.
17 *
18 * NO WARRANTY
19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 * LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTIBILITY
22 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
23 * THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY,
24 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
27 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
29 * THE POSSIBILITY OF SUCH DAMAGES.
30 */
31
32 #include <sys/cdefs.h>
33 /*
34 * Driver for the Atheros Wireless LAN controller.
35 *
36 * This software is derived from work of Atsushi Onoe; his contribution
37 * is greatly appreciated.
38 */
39
40 #include "opt_inet.h"
41 #include "opt_ath.h"
42 #include "opt_wlan.h"
43
44 #include <sys/param.h>
45 #include <sys/systm.h>
46 #include <sys/sysctl.h>
47 #include <sys/mbuf.h>
48 #include <sys/malloc.h>
49 #include <sys/lock.h>
50 #include <sys/mutex.h>
51 #include <sys/kernel.h>
52 #include <sys/socket.h>
53 #include <sys/sockio.h>
54 #include <sys/errno.h>
55 #include <sys/callout.h>
56 #include <sys/bus.h>
57 #include <sys/endian.h>
58 #include <sys/kthread.h>
59 #include <sys/taskqueue.h>
60 #include <sys/priv.h>
61
62 #include <machine/bus.h>
63
64 #include <net/if.h>
65 #include <net/if_var.h>
66 #include <net/if_dl.h>
67 #include <net/if_media.h>
68 #include <net/if_types.h>
69 #include <net/if_arp.h>
70 #include <net/ethernet.h>
71 #include <net/if_llc.h>
72
73 #include <net80211/ieee80211_var.h>
74
75 #include <net/bpf.h>
76
77 #include <dev/ath/if_athvar.h>
78
79 #include <dev/ath/if_ath_debug.h>
80 #include <dev/ath/if_ath_keycache.h>
81 #include <dev/ath/if_ath_misc.h>
82
83 #ifdef ATH_DEBUG
84 static void
ath_keyprint(struct ath_softc * sc,const char * tag,u_int ix,const HAL_KEYVAL * hk,const u_int8_t mac[IEEE80211_ADDR_LEN])85 ath_keyprint(struct ath_softc *sc, const char *tag, u_int ix,
86 const HAL_KEYVAL *hk, const u_int8_t mac[IEEE80211_ADDR_LEN])
87 {
88 static const char *ciphers[] = {
89 "WEP",
90 "AES-OCB",
91 "AES-CCM",
92 "CKIP",
93 "TKIP",
94 "CLR",
95 };
96 int i, n;
97
98 printf("%s: [%02u] %-7s ", tag, ix, ciphers[hk->kv_type]);
99 for (i = 0, n = hk->kv_len; i < n; i++)
100 printf("%02x", hk->kv_val[i]);
101 printf(" mac %s", ether_sprintf(mac));
102 if (hk->kv_type == HAL_CIPHER_TKIP) {
103 printf(" %s ", sc->sc_splitmic ? "mic" : "rxmic");
104 for (i = 0; i < sizeof(hk->kv_mic); i++)
105 printf("%02x", hk->kv_mic[i]);
106 if (!sc->sc_splitmic) {
107 printf(" txmic ");
108 for (i = 0; i < sizeof(hk->kv_txmic); i++)
109 printf("%02x", hk->kv_txmic[i]);
110 }
111 }
112 printf("\n");
113 }
114 #endif
115
116 /*
117 * Set a TKIP key into the hardware. This handles the
118 * potential distribution of key state to multiple key
119 * cache slots for TKIP.
120 */
121 static int
ath_keyset_tkip(struct ath_softc * sc,const struct ieee80211_key * k,HAL_KEYVAL * hk,const u_int8_t mac[IEEE80211_ADDR_LEN])122 ath_keyset_tkip(struct ath_softc *sc, const struct ieee80211_key *k,
123 HAL_KEYVAL *hk, const u_int8_t mac[IEEE80211_ADDR_LEN])
124 {
125 #define IEEE80211_KEY_XR (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV)
126 static const u_int8_t zerobssid[IEEE80211_ADDR_LEN];
127 struct ath_hal *ah = sc->sc_ah;
128
129 KASSERT(k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP,
130 ("got a non-TKIP key, cipher %u", k->wk_cipher->ic_cipher));
131 if ((k->wk_flags & IEEE80211_KEY_XR) == IEEE80211_KEY_XR) {
132 if (sc->sc_splitmic) {
133 /*
134 * TX key goes at first index, RX key at the rx index.
135 * The hal handles the MIC keys at index+64.
136 */
137 memcpy(hk->kv_mic, k->wk_txmic, sizeof(hk->kv_mic));
138 KEYPRINTF(sc, k->wk_keyix, hk, zerobssid);
139 if (!ath_hal_keyset(ah, k->wk_keyix, hk, zerobssid))
140 return 0;
141
142 memcpy(hk->kv_mic, k->wk_rxmic, sizeof(hk->kv_mic));
143 KEYPRINTF(sc, k->wk_keyix+32, hk, mac);
144 /* XXX delete tx key on failure? */
145 return ath_hal_keyset(ah, k->wk_keyix+32, hk, mac);
146 } else {
147 /*
148 * Room for both TX+RX MIC keys in one key cache
149 * slot, just set key at the first index; the hal
150 * will handle the rest.
151 */
152 memcpy(hk->kv_mic, k->wk_rxmic, sizeof(hk->kv_mic));
153 memcpy(hk->kv_txmic, k->wk_txmic, sizeof(hk->kv_txmic));
154 KEYPRINTF(sc, k->wk_keyix, hk, mac);
155 return ath_hal_keyset(ah, k->wk_keyix, hk, mac);
156 }
157 } else if (k->wk_flags & IEEE80211_KEY_XMIT) {
158 if (sc->sc_splitmic) {
159 /*
160 * NB: must pass MIC key in expected location when
161 * the keycache only holds one MIC key per entry.
162 */
163 memcpy(hk->kv_mic, k->wk_txmic, sizeof(hk->kv_txmic));
164 } else
165 memcpy(hk->kv_txmic, k->wk_txmic, sizeof(hk->kv_txmic));
166 KEYPRINTF(sc, k->wk_keyix, hk, mac);
167 return ath_hal_keyset(ah, k->wk_keyix, hk, mac);
168 } else if (k->wk_flags & IEEE80211_KEY_RECV) {
169 memcpy(hk->kv_mic, k->wk_rxmic, sizeof(hk->kv_mic));
170 KEYPRINTF(sc, k->wk_keyix, hk, mac);
171 return ath_hal_keyset(ah, k->wk_keyix, hk, mac);
172 }
173 return 0;
174 #undef IEEE80211_KEY_XR
175 }
176
177 /*
178 * Set a net80211 key into the hardware. This handles the
179 * potential distribution of key state to multiple key
180 * cache slots for TKIP with hardware MIC support.
181 */
182 int
ath_keyset(struct ath_softc * sc,struct ieee80211vap * vap,const struct ieee80211_key * k,struct ieee80211_node * bss)183 ath_keyset(struct ath_softc *sc, struct ieee80211vap *vap,
184 const struct ieee80211_key *k,
185 struct ieee80211_node *bss)
186 {
187 static const u_int8_t ciphermap[] = {
188 HAL_CIPHER_WEP, /* IEEE80211_CIPHER_WEP */
189 HAL_CIPHER_TKIP, /* IEEE80211_CIPHER_TKIP */
190 HAL_CIPHER_AES_OCB, /* IEEE80211_CIPHER_AES_OCB */
191 HAL_CIPHER_AES_CCM, /* IEEE80211_CIPHER_AES_CCM */
192 (u_int8_t) -1, /* 4 is not allocated */
193 HAL_CIPHER_CKIP, /* IEEE80211_CIPHER_CKIP */
194 HAL_CIPHER_CLR, /* IEEE80211_CIPHER_NONE */
195 };
196 struct ath_hal *ah = sc->sc_ah;
197 const struct ieee80211_cipher *cip = k->wk_cipher;
198 u_int8_t gmac[IEEE80211_ADDR_LEN];
199 const u_int8_t *mac;
200 HAL_KEYVAL hk;
201 int ret;
202
203 memset(&hk, 0, sizeof(hk));
204 /*
205 * Software crypto uses a "clear key" so non-crypto
206 * state kept in the key cache are maintained and
207 * so that rx frames have an entry to match.
208 */
209 if ((k->wk_flags & IEEE80211_KEY_SWCRYPT) == 0) {
210 KASSERT(cip->ic_cipher < nitems(ciphermap),
211 ("invalid cipher type %u", cip->ic_cipher));
212 hk.kv_type = ciphermap[cip->ic_cipher];
213 hk.kv_len = k->wk_keylen;
214 memcpy(hk.kv_val, k->wk_key, k->wk_keylen);
215 } else
216 hk.kv_type = HAL_CIPHER_CLR;
217
218 /*
219 * If we're installing a clear cipher key and
220 * the hardware doesn't support that, just succeed.
221 * Leave it up to the net80211 layer to figure it out.
222 */
223 if (hk.kv_type == HAL_CIPHER_CLR && sc->sc_hasclrkey == 0) {
224 return (1);
225 }
226
227 /*
228 * XXX TODO: check this:
229 *
230 * Group keys on hardware that supports multicast frame
231 * key search should only be done in adhoc/hostap mode,
232 * not STA mode.
233 *
234 * XXX TODO: what about mesh, tdma?
235 */
236 #if 0
237 if ((vap->iv_opmode == IEEE80211_M_HOSTAP ||
238 vap->iv_opmode == IEEE80211_M_IBSS) &&
239 #else
240 if (
241 #endif
242 (k->wk_flags & IEEE80211_KEY_GROUP) &&
243 sc->sc_mcastkey) {
244 /*
245 * Group keys on hardware that supports multicast frame
246 * key search use a MAC that is the sender's address with
247 * the multicast bit set instead of the app-specified address.
248 */
249 IEEE80211_ADDR_COPY(gmac, bss->ni_macaddr);
250 gmac[0] |= 0x01;
251 mac = gmac;
252 } else
253 mac = k->wk_macaddr;
254
255 ATH_LOCK(sc);
256 ath_power_set_power_state(sc, HAL_PM_AWAKE);
257 if (hk.kv_type == HAL_CIPHER_TKIP &&
258 (k->wk_flags & IEEE80211_KEY_SWMIC) == 0) {
259 ret = ath_keyset_tkip(sc, k, &hk, mac);
260 } else {
261 KEYPRINTF(sc, k->wk_keyix, &hk, mac);
262 ret = ath_hal_keyset(ah, k->wk_keyix, &hk, mac);
263 }
264 ath_power_restore_power_state(sc);
265 ATH_UNLOCK(sc);
266
267 return (ret);
268 }
269
270 /*
271 * Allocate tx/rx key slots for TKIP. We allocate two slots for
272 * each key, one for decrypt/encrypt and the other for the MIC.
273 */
274 static u_int16_t
key_alloc_2pair(struct ath_softc * sc,ieee80211_keyix * txkeyix,ieee80211_keyix * rxkeyix)275 key_alloc_2pair(struct ath_softc *sc,
276 ieee80211_keyix *txkeyix, ieee80211_keyix *rxkeyix)
277 {
278 u_int i, keyix;
279
280 KASSERT(sc->sc_splitmic, ("key cache !split"));
281 /* XXX could optimize */
282 for (i = 0; i < nitems(sc->sc_keymap)/4; i++) {
283 u_int8_t b = sc->sc_keymap[i];
284 if (b != 0xff) {
285 /*
286 * One or more slots in this byte are free.
287 */
288 keyix = i*NBBY;
289 while (b & 1) {
290 again:
291 keyix++;
292 b >>= 1;
293 }
294 /* XXX IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV */
295 if (isset(sc->sc_keymap, keyix+32) ||
296 isset(sc->sc_keymap, keyix+64) ||
297 isset(sc->sc_keymap, keyix+32+64)) {
298 /* full pair unavailable */
299 /* XXX statistic */
300 if (keyix == (i+1)*NBBY) {
301 /* no slots were appropriate, advance */
302 continue;
303 }
304 goto again;
305 }
306 setbit(sc->sc_keymap, keyix);
307 setbit(sc->sc_keymap, keyix+64);
308 setbit(sc->sc_keymap, keyix+32);
309 setbit(sc->sc_keymap, keyix+32+64);
310 DPRINTF(sc, ATH_DEBUG_KEYCACHE,
311 "%s: key pair %u,%u %u,%u\n",
312 __func__, keyix, keyix+64,
313 keyix+32, keyix+32+64);
314 *txkeyix = keyix;
315 *rxkeyix = keyix+32;
316 return 1;
317 }
318 }
319 DPRINTF(sc, ATH_DEBUG_KEYCACHE, "%s: out of pair space\n", __func__);
320 return 0;
321 }
322
323 /*
324 * Allocate tx/rx key slots for TKIP. We allocate two slots for
325 * each key, one for decrypt/encrypt and the other for the MIC.
326 */
327 static u_int16_t
key_alloc_pair(struct ath_softc * sc,ieee80211_keyix * txkeyix,ieee80211_keyix * rxkeyix)328 key_alloc_pair(struct ath_softc *sc,
329 ieee80211_keyix *txkeyix, ieee80211_keyix *rxkeyix)
330 {
331 u_int i, keyix;
332
333 KASSERT(!sc->sc_splitmic, ("key cache split"));
334 /* XXX could optimize */
335 for (i = 0; i < nitems(sc->sc_keymap)/4; i++) {
336 u_int8_t b = sc->sc_keymap[i];
337 if (b != 0xff) {
338 /*
339 * One or more slots in this byte are free.
340 */
341 keyix = i*NBBY;
342 while (b & 1) {
343 again:
344 keyix++;
345 b >>= 1;
346 }
347 if (isset(sc->sc_keymap, keyix+64)) {
348 /* full pair unavailable */
349 /* XXX statistic */
350 if (keyix == (i+1)*NBBY) {
351 /* no slots were appropriate, advance */
352 continue;
353 }
354 goto again;
355 }
356 setbit(sc->sc_keymap, keyix);
357 setbit(sc->sc_keymap, keyix+64);
358 DPRINTF(sc, ATH_DEBUG_KEYCACHE,
359 "%s: key pair %u,%u\n",
360 __func__, keyix, keyix+64);
361 *txkeyix = *rxkeyix = keyix;
362 return 1;
363 }
364 }
365 DPRINTF(sc, ATH_DEBUG_KEYCACHE, "%s: out of pair space\n", __func__);
366 return 0;
367 }
368
369 /*
370 * Allocate a single key cache slot.
371 */
372 static int
key_alloc_single(struct ath_softc * sc,ieee80211_keyix * txkeyix,ieee80211_keyix * rxkeyix)373 key_alloc_single(struct ath_softc *sc,
374 ieee80211_keyix *txkeyix, ieee80211_keyix *rxkeyix)
375 {
376 u_int i, keyix;
377
378 if (sc->sc_hasclrkey == 0) {
379 /*
380 * Map to slot 0 for the AR5210.
381 */
382 *txkeyix = *rxkeyix = 0;
383 return (1);
384 }
385
386 /* XXX try i,i+32,i+64,i+32+64 to minimize key pair conflicts */
387 for (i = 0; i < nitems(sc->sc_keymap); i++) {
388 u_int8_t b = sc->sc_keymap[i];
389 if (b != 0xff) {
390 /*
391 * One or more slots are free.
392 */
393 keyix = i*NBBY;
394 while (b & 1)
395 keyix++, b >>= 1;
396 setbit(sc->sc_keymap, keyix);
397 DPRINTF(sc, ATH_DEBUG_KEYCACHE, "%s: key %u\n",
398 __func__, keyix);
399 *txkeyix = *rxkeyix = keyix;
400 return 1;
401 }
402 }
403 DPRINTF(sc, ATH_DEBUG_KEYCACHE, "%s: out of space\n", __func__);
404 return 0;
405 }
406
407 /*
408 * Allocate one or more key cache slots for a uniacst key. The
409 * key itself is needed only to identify the cipher. For hardware
410 * TKIP with split cipher+MIC keys we allocate two key cache slot
411 * pairs so that we can setup separate TX and RX MIC keys. Note
412 * that the MIC key for a TKIP key at slot i is assumed by the
413 * hardware to be at slot i+64. This limits TKIP keys to the first
414 * 64 entries.
415 */
416 int
ath_key_alloc(struct ieee80211vap * vap,struct ieee80211_key * k,ieee80211_keyix * keyix,ieee80211_keyix * rxkeyix)417 ath_key_alloc(struct ieee80211vap *vap, struct ieee80211_key *k,
418 ieee80211_keyix *keyix, ieee80211_keyix *rxkeyix)
419 {
420 struct ath_softc *sc = vap->iv_ic->ic_softc;
421
422 /*
423 * Group key allocation must be handled specially for
424 * parts that do not support multicast key cache search
425 * functionality. For those parts the key id must match
426 * the h/w key index so lookups find the right key. On
427 * parts w/ the key search facility we install the sender's
428 * mac address (with the high bit set) and let the hardware
429 * find the key w/o using the key id. This is preferred as
430 * it permits us to support multiple users for adhoc and/or
431 * multi-station operation.
432 */
433 if (k->wk_keyix != IEEE80211_KEYIX_NONE) {
434 /*
435 * Only global keys should have key index assigned.
436 */
437 if (!(&vap->iv_nw_keys[0] <= k &&
438 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID])) {
439 /* should not happen */
440 DPRINTF(sc, ATH_DEBUG_KEYCACHE,
441 "%s: bogus group key\n", __func__);
442 return 0;
443 }
444 if (vap->iv_opmode != IEEE80211_M_HOSTAP ||
445 !(k->wk_flags & IEEE80211_KEY_GROUP) ||
446 !sc->sc_mcastkey) {
447 /*
448 * XXX we pre-allocate the global keys so
449 * have no way to check if they've already
450 * been allocated.
451 */
452 *keyix = *rxkeyix =
453 ieee80211_crypto_get_key_wepidx(vap, k);
454 return 1;
455 }
456 /*
457 * Group key and device supports multicast key search.
458 */
459 k->wk_keyix = IEEE80211_KEYIX_NONE;
460 }
461
462 /*
463 * We allocate two pair for TKIP when using the h/w to do
464 * the MIC. For everything else, including software crypto,
465 * we allocate a single entry. Note that s/w crypto requires
466 * a pass-through slot on the 5211 and 5212. The 5210 does
467 * not support pass-through cache entries and we map all
468 * those requests to slot 0.
469 */
470 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) {
471 return key_alloc_single(sc, keyix, rxkeyix);
472 } else if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP &&
473 (k->wk_flags & IEEE80211_KEY_SWMIC) == 0) {
474 if (sc->sc_splitmic)
475 return key_alloc_2pair(sc, keyix, rxkeyix);
476 else
477 return key_alloc_pair(sc, keyix, rxkeyix);
478 } else {
479 return key_alloc_single(sc, keyix, rxkeyix);
480 }
481 }
482
483 /*
484 * Delete an entry in the key cache allocated by ath_key_alloc.
485 */
486 int
ath_key_delete(struct ieee80211vap * vap,const struct ieee80211_key * k)487 ath_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k)
488 {
489 struct ath_softc *sc = vap->iv_ic->ic_softc;
490 struct ath_hal *ah = sc->sc_ah;
491 const struct ieee80211_cipher *cip = k->wk_cipher;
492 u_int keyix = k->wk_keyix;
493
494 DPRINTF(sc, ATH_DEBUG_KEYCACHE, "%s: delete key %u\n", __func__, keyix);
495
496 ATH_LOCK(sc);
497 ath_power_set_power_state(sc, HAL_PM_AWAKE);
498 ath_hal_keyreset(ah, keyix);
499 /*
500 * Handle split tx/rx keying required for TKIP with h/w MIC.
501 */
502 if (cip->ic_cipher == IEEE80211_CIPHER_TKIP &&
503 (k->wk_flags & IEEE80211_KEY_SWMIC) == 0 && sc->sc_splitmic)
504 ath_hal_keyreset(ah, keyix+32); /* RX key */
505 if (keyix >= IEEE80211_WEP_NKID) {
506 /*
507 * Don't touch keymap entries for global keys so
508 * they are never considered for dynamic allocation.
509 */
510 clrbit(sc->sc_keymap, keyix);
511 if (cip->ic_cipher == IEEE80211_CIPHER_TKIP &&
512 (k->wk_flags & IEEE80211_KEY_SWMIC) == 0) {
513 clrbit(sc->sc_keymap, keyix+64); /* TX key MIC */
514 if (sc->sc_splitmic) {
515 /* +32 for RX key, +32+64 for RX key MIC */
516 clrbit(sc->sc_keymap, keyix+32);
517 clrbit(sc->sc_keymap, keyix+32+64);
518 }
519 }
520 }
521 ath_power_restore_power_state(sc);
522 ATH_UNLOCK(sc);
523 return 1;
524 }
525
526 /*
527 * Set the key cache contents for the specified key. Key cache
528 * slot(s) must already have been allocated by ath_key_alloc.
529 */
530 int
ath_key_set(struct ieee80211vap * vap,const struct ieee80211_key * k)531 ath_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k)
532 {
533 struct ath_softc *sc = vap->iv_ic->ic_softc;
534
535 return ath_keyset(sc, vap, k, vap->iv_bss);
536 }
537