1 This patch reverts the following commits from wireless-testing:
3 8ade538bf39b1ee53418528fdacd36b8e65621b9
4 56c52da2d554f081e8fce58ecbcf6a40c605b95b
5 2b2ba0db1c820d04d5143452d70012cd44d7b578
6 00b9cfa3ff38401bd70c34b250ca13e5ea347b4a
7 4f031fa9f188b2b0641ac20087d9e16bcfb4e49d
8 6e1ee5d2e9e411892b5d84e3ea93e3fc88ac786c
9 30ef7ef9672d92ab2cac37f60a31955c118321e7
10 f359d3fe832e49eeec2232b2af5a9e3aee6b4862 (only the changes in aes_cmac.{c,h})
11 7ec7c4a9a686c608315739ab6a2b0527a240883c
14 --- a/include/linux/ieee80211.h
15 +++ b/include/linux/ieee80211.h
16 @@ -1017,15 +1017,6 @@ struct ieee80211_mmie {
20 -/* Management MIC information element (IEEE 802.11w) for GMAC and CMAC-256 */
21 -struct ieee80211_mmie_16 {
25 - u8 sequence_number[6];
29 struct ieee80211_vendor_ie {
32 --- a/include/net/mac80211.h
33 +++ b/include/net/mac80211.h
34 @@ -1306,8 +1306,8 @@ struct ieee80211_vif *wdev_to_ieee80211_
35 * @IEEE80211_KEY_FLAG_PAIRWISE: Set by mac80211, this flag indicates
36 * that the key is pairwise rather then a shared key.
37 * @IEEE80211_KEY_FLAG_SW_MGMT_TX: This flag should be set by the driver for a
38 - * CCMP/GCMP key if it requires CCMP/GCMP encryption of management frames
39 - * (MFP) to be done in software.
40 + * CCMP key if it requires CCMP encryption of management frames (MFP) to
41 + * be done in software.
42 * @IEEE80211_KEY_FLAG_PUT_IV_SPACE: This flag should be set by the driver
43 * if space should be prepared for the IV, but the IV
44 * itself should not be generated. Do not set together with
45 @@ -1322,7 +1322,7 @@ struct ieee80211_vif *wdev_to_ieee80211_
46 * RX, if your crypto engine can't deal with TX you can also set the
47 * %IEEE80211_KEY_FLAG_SW_MGMT_TX flag to encrypt such frames in SW.
48 * @IEEE80211_KEY_FLAG_GENERATE_IV_MGMT: This flag should be set by the
49 - * driver for a CCMP/GCMP key to indicate that is requires IV generation
50 + * driver for a CCMP key to indicate that is requires IV generation
51 * only for managment frames (MFP).
52 * @IEEE80211_KEY_FLAG_RESERVE_TAILROOM: This flag should be set by the
53 * driver for a key to indicate that sufficient tailroom must always
54 @@ -4112,10 +4112,6 @@ void ieee80211_aes_cmac_calculate_k1_k2(
55 * reverse order than in packet)
56 * @aes_cmac: PN data, most significant byte first (big endian,
57 * reverse order than in packet)
58 - * @aes_gmac: PN data, most significant byte first (big endian,
59 - * reverse order than in packet)
60 - * @gcmp: PN data, most significant byte first (big endian,
61 - * reverse order than in packet)
63 struct ieee80211_key_seq {
65 @@ -4129,12 +4125,6 @@ struct ieee80211_key_seq {
78 @@ -4159,7 +4149,7 @@ void ieee80211_get_key_tx_seq(struct iee
79 * ieee80211_get_key_rx_seq - get key RX sequence counter
81 * @keyconf: the parameter passed with the set key
82 - * @tid: The TID, or -1 for the management frame value (CCMP/GCMP only);
83 + * @tid: The TID, or -1 for the management frame value (CCMP only);
84 * the value on TID 0 is also used for non-QoS frames. For
85 * CMAC, only TID 0 is valid.
86 * @seq: buffer to receive the sequence data
87 @@ -4195,7 +4185,7 @@ void ieee80211_set_key_tx_seq(struct iee
88 * ieee80211_set_key_rx_seq - set key RX sequence counter
90 * @keyconf: the parameter passed with the set key
91 - * @tid: The TID, or -1 for the management frame value (CCMP/GCMP only);
92 + * @tid: The TID, or -1 for the management frame value (CCMP only);
93 * the value on TID 0 is also used for non-QoS frames. For
94 * CMAC, only TID 0 is valid.
95 * @seq: new sequence data
96 --- a/net/mac80211/Kconfig
97 +++ b/net/mac80211/Kconfig
98 @@ -5,8 +5,6 @@ config MAC80211
100 depends on CRYPTO_ARC4
101 depends on CRYPTO_AES
102 - select BPAUTO_CRYPTO_CCM
103 - depends on CRYPTO_GCM
105 select BPAUTO_AVERAGE
107 --- a/net/mac80211/Makefile
108 +++ b/net/mac80211/Makefile
109 @@ -15,9 +15,7 @@ mac80211-y := \
119 --- a/net/mac80211/aes_ccm.c
120 +++ b/net/mac80211/aes_ccm.c
122 * Copyright 2003-2004, Instant802 Networks, Inc.
123 * Copyright 2005-2006, Devicescape Software, Inc.
125 - * Rewrite: Copyright (C) 2013 Linaro Ltd <ard.biesheuvel@linaro.org>
127 * This program is free software; you can redistribute it and/or modify
128 * it under the terms of the GNU General Public License version 2 as
129 * published by the Free Software Foundation.
134 -void ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
135 - u8 *data, size_t data_len, u8 *mic,
137 +static void aes_ccm_prepare(struct crypto_cipher *tfm, u8 *scratch, u8 *a)
140 + u8 *b_0, *aad, *b, *s_0;
142 + b_0 = scratch + 3 * AES_BLOCK_SIZE;
143 + aad = scratch + 4 * AES_BLOCK_SIZE;
145 + s_0 = scratch + AES_BLOCK_SIZE;
147 + crypto_cipher_encrypt_one(tfm, b, b_0);
149 + /* Extra Authenticate-only data (always two AES blocks) */
150 + for (i = 0; i < AES_BLOCK_SIZE; i++)
152 + crypto_cipher_encrypt_one(tfm, b, aad);
154 + aad += AES_BLOCK_SIZE;
156 + for (i = 0; i < AES_BLOCK_SIZE; i++)
158 + crypto_cipher_encrypt_one(tfm, a, aad);
160 + /* Mask out bits from auth-only-b_0 */
163 + /* S_0 is used to encrypt T (= MIC) */
166 + crypto_cipher_encrypt_one(tfm, s_0, b_0);
170 +void ieee80211_aes_ccm_encrypt(struct crypto_cipher *tfm, u8 *scratch,
171 + u8 *data, size_t data_len,
172 + u8 *cdata, u8 *mic)
174 - struct scatterlist assoc, pt, ct[2];
175 + int i, j, last_len, num_blocks;
176 + u8 *pos, *cpos, *b, *s_0, *e, *b_0;
178 - char aead_req_data[sizeof(struct aead_request) +
179 - crypto_aead_reqsize(tfm)]
180 - __aligned(__alignof__(struct aead_request));
181 - struct aead_request *aead_req = (void *) aead_req_data;
183 - memset(aead_req, 0, sizeof(aead_req_data));
185 - sg_init_one(&pt, data, data_len);
186 - sg_init_one(&assoc, &aad[2], be16_to_cpup((__be16 *)aad));
187 - sg_init_table(ct, 2);
188 - sg_set_buf(&ct[0], data, data_len);
189 - sg_set_buf(&ct[1], mic, mic_len);
191 - aead_request_set_tfm(aead_req, tfm);
192 - aead_request_set_assoc(aead_req, &assoc, assoc.length);
193 - aead_request_set_crypt(aead_req, &pt, ct, data_len, b_0);
195 + s_0 = scratch + AES_BLOCK_SIZE;
196 + e = scratch + 2 * AES_BLOCK_SIZE;
197 + b_0 = scratch + 3 * AES_BLOCK_SIZE;
199 + num_blocks = DIV_ROUND_UP(data_len, AES_BLOCK_SIZE);
200 + last_len = data_len % AES_BLOCK_SIZE;
201 + aes_ccm_prepare(tfm, scratch, b);
203 + /* Process payload blocks */
206 + for (j = 1; j <= num_blocks; j++) {
207 + int blen = (j == num_blocks && last_len) ?
208 + last_len : AES_BLOCK_SIZE;
210 + /* Authentication followed by encryption */
211 + for (i = 0; i < blen; i++)
213 + crypto_cipher_encrypt_one(tfm, b, b);
215 + b_0[14] = (j >> 8) & 0xff;
216 + b_0[15] = j & 0xff;
217 + crypto_cipher_encrypt_one(tfm, e, b_0);
218 + for (i = 0; i < blen; i++)
219 + *cpos++ = *pos++ ^ e[i];
222 - crypto_aead_encrypt(aead_req);
223 + for (i = 0; i < IEEE80211_CCMP_MIC_LEN; i++)
224 + mic[i] = b[i] ^ s_0[i];
227 -int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
228 - u8 *data, size_t data_len, u8 *mic,
231 +int ieee80211_aes_ccm_decrypt(struct crypto_cipher *tfm, u8 *scratch,
232 + u8 *cdata, size_t data_len, u8 *mic, u8 *data)
234 - struct scatterlist assoc, pt, ct[2];
235 - char aead_req_data[sizeof(struct aead_request) +
236 - crypto_aead_reqsize(tfm)]
237 - __aligned(__alignof__(struct aead_request));
238 - struct aead_request *aead_req = (void *) aead_req_data;
243 - memset(aead_req, 0, sizeof(aead_req_data));
245 - sg_init_one(&pt, data, data_len);
246 - sg_init_one(&assoc, &aad[2], be16_to_cpup((__be16 *)aad));
247 - sg_init_table(ct, 2);
248 - sg_set_buf(&ct[0], data, data_len);
249 - sg_set_buf(&ct[1], mic, mic_len);
251 - aead_request_set_tfm(aead_req, tfm);
252 - aead_request_set_assoc(aead_req, &assoc, assoc.length);
253 - aead_request_set_crypt(aead_req, ct, &pt, data_len + mic_len, b_0);
254 + int i, j, last_len, num_blocks;
255 + u8 *pos, *cpos, *b, *s_0, *a, *b_0;
258 + s_0 = scratch + AES_BLOCK_SIZE;
259 + a = scratch + 2 * AES_BLOCK_SIZE;
260 + b_0 = scratch + 3 * AES_BLOCK_SIZE;
262 + num_blocks = DIV_ROUND_UP(data_len, AES_BLOCK_SIZE);
263 + last_len = data_len % AES_BLOCK_SIZE;
264 + aes_ccm_prepare(tfm, scratch, a);
266 + /* Process payload blocks */
269 + for (j = 1; j <= num_blocks; j++) {
270 + int blen = (j == num_blocks && last_len) ?
271 + last_len : AES_BLOCK_SIZE;
273 + /* Decryption followed by authentication */
274 + b_0[14] = (j >> 8) & 0xff;
275 + b_0[15] = j & 0xff;
276 + crypto_cipher_encrypt_one(tfm, b, b_0);
277 + for (i = 0; i < blen; i++) {
278 + *pos = *cpos++ ^ b[i];
281 + crypto_cipher_encrypt_one(tfm, a, a);
284 + for (i = 0; i < IEEE80211_CCMP_MIC_LEN; i++) {
285 + if ((mic[i] ^ s_0[i]) != a[i])
289 - return crypto_aead_decrypt(aead_req);
293 -struct crypto_aead *ieee80211_aes_key_setup_encrypt(const u8 key[],
297 +struct crypto_cipher *ieee80211_aes_key_setup_encrypt(const u8 key[])
299 - struct crypto_aead *tfm;
301 + struct crypto_cipher *tfm;
303 - tfm = crypto_alloc_aead("ccm(aes)", 0, CRYPTO_ALG_ASYNC);
307 - err = crypto_aead_setkey(tfm, key, key_len);
309 - err = crypto_aead_setauthsize(tfm, mic_len);
312 + tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
314 + crypto_cipher_setkey(tfm, key, WLAN_KEY_LEN_CCMP);
316 - crypto_free_aead(tfm);
317 - return ERR_PTR(err);
321 -void ieee80211_aes_key_free(struct crypto_aead *tfm)
323 +void ieee80211_aes_key_free(struct crypto_cipher *tfm)
325 - crypto_free_aead(tfm);
326 + crypto_free_cipher(tfm);
328 --- a/net/mac80211/aes_ccm.h
329 +++ b/net/mac80211/aes_ccm.h
332 #include <linux/crypto.h>
334 -struct crypto_aead *ieee80211_aes_key_setup_encrypt(const u8 key[],
337 -void ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
338 - u8 *data, size_t data_len, u8 *mic,
340 -int ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad,
341 - u8 *data, size_t data_len, u8 *mic,
343 -void ieee80211_aes_key_free(struct crypto_aead *tfm);
344 +struct crypto_cipher *ieee80211_aes_key_setup_encrypt(const u8 key[]);
345 +void ieee80211_aes_ccm_encrypt(struct crypto_cipher *tfm, u8 *scratch,
346 + u8 *data, size_t data_len,
347 + u8 *cdata, u8 *mic);
348 +int ieee80211_aes_ccm_decrypt(struct crypto_cipher *tfm, u8 *scratch,
349 + u8 *cdata, size_t data_len,
350 + u8 *mic, u8 *data);
351 +void ieee80211_aes_key_free(struct crypto_cipher *tfm);
353 #endif /* AES_CCM_H */
354 --- a/net/mac80211/aes_cmac.c
355 +++ b/net/mac80211/aes_cmac.c
358 #include "aes_cmac.h"
360 +#define AES_CMAC_KEY_LEN 16
361 #define CMAC_TLEN 8 /* CMAC TLen = 64 bits (8 octets) */
362 -#define CMAC_TLEN_256 16 /* CMAC TLen = 128 bits (16 octets) */
366 @@ -35,9 +35,9 @@ static void gf_mulx(u8 *pad)
367 pad[AES_BLOCK_SIZE - 1] ^= 0x87;
370 -static void aes_cmac_vector(struct crypto_cipher *tfm, size_t num_elem,
371 - const u8 *addr[], const size_t *len, u8 *mac,
374 +static void aes_128_cmac_vector(struct crypto_cipher *tfm, size_t num_elem,
375 + const u8 *addr[], const size_t *len, u8 *mac)
377 u8 cbc[AES_BLOCK_SIZE], pad[AES_BLOCK_SIZE];
379 @@ -88,7 +88,7 @@ static void aes_cmac_vector(struct crypt
380 for (i = 0; i < AES_BLOCK_SIZE; i++)
382 crypto_cipher_encrypt_one(tfm, pad, pad);
383 - memcpy(mac, pad, mac_len);
384 + memcpy(mac, pad, CMAC_TLEN);
388 @@ -107,35 +107,17 @@ void ieee80211_aes_cmac(struct crypto_ci
392 - aes_cmac_vector(tfm, 3, addr, len, mic, CMAC_TLEN);
393 + aes_128_cmac_vector(tfm, 3, addr, len, mic);
396 -void ieee80211_aes_cmac_256(struct crypto_cipher *tfm, const u8 *aad,
397 - const u8 *data, size_t data_len, u8 *mic)
401 - u8 zero[CMAC_TLEN_256];
403 - memset(zero, 0, CMAC_TLEN_256);
407 - len[1] = data_len - CMAC_TLEN_256;
409 - len[2] = CMAC_TLEN_256;
411 - aes_cmac_vector(tfm, 3, addr, len, mic, CMAC_TLEN_256);
414 -struct crypto_cipher *ieee80211_aes_cmac_key_setup(const u8 key[],
416 +struct crypto_cipher * ieee80211_aes_cmac_key_setup(const u8 key[])
418 struct crypto_cipher *tfm;
420 tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
422 - crypto_cipher_setkey(tfm, key, key_len);
423 + crypto_cipher_setkey(tfm, key, AES_CMAC_KEY_LEN);
427 --- a/net/mac80211/aes_cmac.h
428 +++ b/net/mac80211/aes_cmac.h
431 #include <linux/crypto.h>
433 -struct crypto_cipher *ieee80211_aes_cmac_key_setup(const u8 key[],
435 +struct crypto_cipher * ieee80211_aes_cmac_key_setup(const u8 key[]);
436 void ieee80211_aes_cmac(struct crypto_cipher *tfm, const u8 *aad,
437 const u8 *data, size_t data_len, u8 *mic);
438 -void ieee80211_aes_cmac_256(struct crypto_cipher *tfm, const u8 *aad,
439 - const u8 *data, size_t data_len, u8 *mic);
440 void ieee80211_aes_cmac_key_free(struct crypto_cipher *tfm);
442 #endif /* AES_CMAC_H */
443 --- a/net/mac80211/aes_gcm.c
447 - * Copyright 2014-2015, Qualcomm Atheros, Inc.
449 - * This program is free software; you can redistribute it and/or modify
450 - * it under the terms of the GNU General Public License version 2 as
451 - * published by the Free Software Foundation.
454 -#include <linux/kernel.h>
455 -#include <linux/types.h>
456 -#include <linux/crypto.h>
457 -#include <linux/err.h>
458 -#include <crypto/aes.h>
460 -#include <net/mac80211.h>
462 -#include "aes_gcm.h"
464 -void ieee80211_aes_gcm_encrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
465 - u8 *data, size_t data_len, u8 *mic)
467 - struct scatterlist assoc, pt, ct[2];
469 - char aead_req_data[sizeof(struct aead_request) +
470 - crypto_aead_reqsize(tfm)]
471 - __aligned(__alignof__(struct aead_request));
472 - struct aead_request *aead_req = (void *)aead_req_data;
474 - memset(aead_req, 0, sizeof(aead_req_data));
476 - sg_init_one(&pt, data, data_len);
477 - sg_init_one(&assoc, &aad[2], be16_to_cpup((__be16 *)aad));
478 - sg_init_table(ct, 2);
479 - sg_set_buf(&ct[0], data, data_len);
480 - sg_set_buf(&ct[1], mic, IEEE80211_GCMP_MIC_LEN);
482 - aead_request_set_tfm(aead_req, tfm);
483 - aead_request_set_assoc(aead_req, &assoc, assoc.length);
484 - aead_request_set_crypt(aead_req, &pt, ct, data_len, j_0);
486 - crypto_aead_encrypt(aead_req);
489 -int ieee80211_aes_gcm_decrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
490 - u8 *data, size_t data_len, u8 *mic)
492 - struct scatterlist assoc, pt, ct[2];
493 - char aead_req_data[sizeof(struct aead_request) +
494 - crypto_aead_reqsize(tfm)]
495 - __aligned(__alignof__(struct aead_request));
496 - struct aead_request *aead_req = (void *)aead_req_data;
501 - memset(aead_req, 0, sizeof(aead_req_data));
503 - sg_init_one(&pt, data, data_len);
504 - sg_init_one(&assoc, &aad[2], be16_to_cpup((__be16 *)aad));
505 - sg_init_table(ct, 2);
506 - sg_set_buf(&ct[0], data, data_len);
507 - sg_set_buf(&ct[1], mic, IEEE80211_GCMP_MIC_LEN);
509 - aead_request_set_tfm(aead_req, tfm);
510 - aead_request_set_assoc(aead_req, &assoc, assoc.length);
511 - aead_request_set_crypt(aead_req, ct, &pt,
512 - data_len + IEEE80211_GCMP_MIC_LEN, j_0);
514 - return crypto_aead_decrypt(aead_req);
517 -struct crypto_aead *ieee80211_aes_gcm_key_setup_encrypt(const u8 key[],
520 - struct crypto_aead *tfm;
523 - tfm = crypto_alloc_aead("gcm(aes)", 0, CRYPTO_ALG_ASYNC);
527 - err = crypto_aead_setkey(tfm, key, key_len);
529 - err = crypto_aead_setauthsize(tfm, IEEE80211_GCMP_MIC_LEN);
533 - crypto_free_aead(tfm);
534 - return ERR_PTR(err);
537 -void ieee80211_aes_gcm_key_free(struct crypto_aead *tfm)
539 - crypto_free_aead(tfm);
541 --- a/net/mac80211/aes_gcm.h
545 - * Copyright 2014-2015, Qualcomm Atheros, Inc.
547 - * This program is free software; you can redistribute it and/or modify
548 - * it under the terms of the GNU General Public License version 2 as
549 - * published by the Free Software Foundation.
555 -#include <linux/crypto.h>
557 -void ieee80211_aes_gcm_encrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
558 - u8 *data, size_t data_len, u8 *mic);
559 -int ieee80211_aes_gcm_decrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
560 - u8 *data, size_t data_len, u8 *mic);
561 -struct crypto_aead *ieee80211_aes_gcm_key_setup_encrypt(const u8 key[],
563 -void ieee80211_aes_gcm_key_free(struct crypto_aead *tfm);
565 -#endif /* AES_GCM_H */
566 --- a/net/mac80211/aes_gmac.c
570 - * AES-GMAC for IEEE 802.11 BIP-GMAC-128 and BIP-GMAC-256
571 - * Copyright 2015, Qualcomm Atheros, Inc.
573 - * This program is free software; you can redistribute it and/or modify
574 - * it under the terms of the GNU General Public License version 2 as
575 - * published by the Free Software Foundation.
578 -#include <linux/kernel.h>
579 -#include <linux/types.h>
580 -#include <linux/crypto.h>
581 -#include <linux/err.h>
582 -#include <crypto/aes.h>
584 -#include <net/mac80211.h>
586 -#include "aes_gmac.h"
588 -#define GMAC_MIC_LEN 16
589 -#define GMAC_NONCE_LEN 12
592 -int ieee80211_aes_gmac(struct crypto_aead *tfm, const u8 *aad, u8 *nonce,
593 - const u8 *data, size_t data_len, u8 *mic)
595 - struct scatterlist sg[3], ct[1];
596 - char aead_req_data[sizeof(struct aead_request) +
597 - crypto_aead_reqsize(tfm)]
598 - __aligned(__alignof__(struct aead_request));
599 - struct aead_request *aead_req = (void *)aead_req_data;
600 - u8 zero[GMAC_MIC_LEN], iv[AES_BLOCK_SIZE];
602 - if (data_len < GMAC_MIC_LEN)
605 - memset(aead_req, 0, sizeof(aead_req_data));
607 - memset(zero, 0, GMAC_MIC_LEN);
608 - sg_init_table(sg, 3);
609 - sg_set_buf(&sg[0], aad, AAD_LEN);
610 - sg_set_buf(&sg[1], data, data_len - GMAC_MIC_LEN);
611 - sg_set_buf(&sg[2], zero, GMAC_MIC_LEN);
613 - memcpy(iv, nonce, GMAC_NONCE_LEN);
614 - memset(iv + GMAC_NONCE_LEN, 0, sizeof(iv) - GMAC_NONCE_LEN);
615 - iv[AES_BLOCK_SIZE - 1] = 0x01;
617 - sg_init_table(ct, 1);
618 - sg_set_buf(&ct[0], mic, GMAC_MIC_LEN);
620 - aead_request_set_tfm(aead_req, tfm);
621 - aead_request_set_assoc(aead_req, sg, AAD_LEN + data_len);
622 - aead_request_set_crypt(aead_req, NULL, ct, 0, iv);
624 - crypto_aead_encrypt(aead_req);
629 -struct crypto_aead *ieee80211_aes_gmac_key_setup(const u8 key[],
632 - struct crypto_aead *tfm;
635 - tfm = crypto_alloc_aead("gcm(aes)", 0, CRYPTO_ALG_ASYNC);
639 - err = crypto_aead_setkey(tfm, key, key_len);
643 - err = crypto_aead_setauthsize(tfm, GMAC_MIC_LEN);
645 - crypto_free_aead(tfm);
646 - return ERR_PTR(err);
649 -void ieee80211_aes_gmac_key_free(struct crypto_aead *tfm)
651 - crypto_free_aead(tfm);
653 --- a/net/mac80211/aes_gmac.h
657 - * Copyright 2015, Qualcomm Atheros, Inc.
659 - * This program is free software; you can redistribute it and/or modify
660 - * it under the terms of the GNU General Public License version 2 as
661 - * published by the Free Software Foundation.
667 -#include <linux/crypto.h>
669 -struct crypto_aead *ieee80211_aes_gmac_key_setup(const u8 key[],
671 -int ieee80211_aes_gmac(struct crypto_aead *tfm, const u8 *aad, u8 *nonce,
672 - const u8 *data, size_t data_len, u8 *mic);
673 -void ieee80211_aes_gmac_key_free(struct crypto_aead *tfm);
675 -#endif /* AES_GMAC_H */
676 --- a/net/mac80211/cfg.c
677 +++ b/net/mac80211/cfg.c
678 @@ -162,13 +162,8 @@ static int ieee80211_add_key(struct wiph
681 case WLAN_CIPHER_SUITE_CCMP:
682 - case WLAN_CIPHER_SUITE_CCMP_256:
683 case WLAN_CIPHER_SUITE_AES_CMAC:
684 - case WLAN_CIPHER_SUITE_BIP_CMAC_256:
685 - case WLAN_CIPHER_SUITE_BIP_GMAC_128:
686 - case WLAN_CIPHER_SUITE_BIP_GMAC_256:
687 case WLAN_CIPHER_SUITE_GCMP:
688 - case WLAN_CIPHER_SUITE_GCMP_256:
691 cs = ieee80211_cs_get(local, params->cipher, sdata->vif.type);
692 @@ -353,7 +348,6 @@ static int ieee80211_get_key(struct wiph
695 case WLAN_CIPHER_SUITE_CCMP:
696 - case WLAN_CIPHER_SUITE_CCMP_256:
697 pn64 = atomic64_read(&key->u.ccmp.tx_pn);
700 @@ -365,35 +359,10 @@ static int ieee80211_get_key(struct wiph
703 case WLAN_CIPHER_SUITE_AES_CMAC:
704 - case WLAN_CIPHER_SUITE_BIP_CMAC_256:
705 pn64 = atomic64_read(&key->u.aes_cmac.tx_pn);
709 - seq[3] = pn64 >> 24;
710 - seq[4] = pn64 >> 32;
711 - seq[5] = pn64 >> 40;
713 - params.seq_len = 6;
715 - case WLAN_CIPHER_SUITE_BIP_GMAC_128:
716 - case WLAN_CIPHER_SUITE_BIP_GMAC_256:
717 - pn64 = atomic64_read(&key->u.aes_gmac.tx_pn);
719 - seq[1] = pn64 >> 8;
720 - seq[2] = pn64 >> 16;
721 - seq[3] = pn64 >> 24;
722 - seq[4] = pn64 >> 32;
723 - seq[5] = pn64 >> 40;
725 - params.seq_len = 6;
727 - case WLAN_CIPHER_SUITE_GCMP:
728 - case WLAN_CIPHER_SUITE_GCMP_256:
729 - pn64 = atomic64_read(&key->u.gcmp.tx_pn);
731 - seq[1] = pn64 >> 8;
732 - seq[2] = pn64 >> 16;
736 --- a/net/mac80211/debugfs_key.c
737 +++ b/net/mac80211/debugfs_key.c
738 @@ -94,33 +94,17 @@ static ssize_t key_tx_spec_read(struct f
739 key->u.tkip.tx.iv16);
741 case WLAN_CIPHER_SUITE_CCMP:
742 - case WLAN_CIPHER_SUITE_CCMP_256:
743 pn = atomic64_read(&key->u.ccmp.tx_pn);
744 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
745 (u8)(pn >> 40), (u8)(pn >> 32), (u8)(pn >> 24),
746 (u8)(pn >> 16), (u8)(pn >> 8), (u8)pn);
748 case WLAN_CIPHER_SUITE_AES_CMAC:
749 - case WLAN_CIPHER_SUITE_BIP_CMAC_256:
750 pn = atomic64_read(&key->u.aes_cmac.tx_pn);
751 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
752 (u8)(pn >> 40), (u8)(pn >> 32), (u8)(pn >> 24),
753 (u8)(pn >> 16), (u8)(pn >> 8), (u8)pn);
755 - case WLAN_CIPHER_SUITE_BIP_GMAC_128:
756 - case WLAN_CIPHER_SUITE_BIP_GMAC_256:
757 - pn = atomic64_read(&key->u.aes_gmac.tx_pn);
758 - len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
759 - (u8)(pn >> 40), (u8)(pn >> 32), (u8)(pn >> 24),
760 - (u8)(pn >> 16), (u8)(pn >> 8), (u8)pn);
762 - case WLAN_CIPHER_SUITE_GCMP:
763 - case WLAN_CIPHER_SUITE_GCMP_256:
764 - pn = atomic64_read(&key->u.gcmp.tx_pn);
765 - len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
766 - (u8)(pn >> 40), (u8)(pn >> 32), (u8)(pn >> 24),
767 - (u8)(pn >> 16), (u8)(pn >> 8), (u8)pn);
772 @@ -150,7 +134,6 @@ static ssize_t key_rx_spec_read(struct f
775 case WLAN_CIPHER_SUITE_CCMP:
776 - case WLAN_CIPHER_SUITE_CCMP_256:
777 for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) {
778 rpn = key->u.ccmp.rx_pn[i];
779 p += scnprintf(p, sizeof(buf)+buf-p,
780 @@ -161,7 +144,6 @@ static ssize_t key_rx_spec_read(struct f
783 case WLAN_CIPHER_SUITE_AES_CMAC:
784 - case WLAN_CIPHER_SUITE_BIP_CMAC_256:
785 rpn = key->u.aes_cmac.rx_pn;
786 p += scnprintf(p, sizeof(buf)+buf-p,
787 "%02x%02x%02x%02x%02x%02x\n",
788 @@ -169,26 +151,6 @@ static ssize_t key_rx_spec_read(struct f
789 rpn[3], rpn[4], rpn[5]);
792 - case WLAN_CIPHER_SUITE_BIP_GMAC_128:
793 - case WLAN_CIPHER_SUITE_BIP_GMAC_256:
794 - rpn = key->u.aes_gmac.rx_pn;
795 - p += scnprintf(p, sizeof(buf)+buf-p,
796 - "%02x%02x%02x%02x%02x%02x\n",
797 - rpn[0], rpn[1], rpn[2],
798 - rpn[3], rpn[4], rpn[5]);
801 - case WLAN_CIPHER_SUITE_GCMP:
802 - case WLAN_CIPHER_SUITE_GCMP_256:
803 - for (i = 0; i < IEEE80211_NUM_TIDS + 1; i++) {
804 - rpn = key->u.gcmp.rx_pn[i];
805 - p += scnprintf(p, sizeof(buf)+buf-p,
806 - "%02x%02x%02x%02x%02x%02x\n",
807 - rpn[0], rpn[1], rpn[2],
808 - rpn[3], rpn[4], rpn[5]);
815 @@ -205,23 +167,12 @@ static ssize_t key_replays_read(struct f
817 switch (key->conf.cipher) {
818 case WLAN_CIPHER_SUITE_CCMP:
819 - case WLAN_CIPHER_SUITE_CCMP_256:
820 len = scnprintf(buf, sizeof(buf), "%u\n", key->u.ccmp.replays);
822 case WLAN_CIPHER_SUITE_AES_CMAC:
823 - case WLAN_CIPHER_SUITE_BIP_CMAC_256:
824 len = scnprintf(buf, sizeof(buf), "%u\n",
825 key->u.aes_cmac.replays);
827 - case WLAN_CIPHER_SUITE_BIP_GMAC_128:
828 - case WLAN_CIPHER_SUITE_BIP_GMAC_256:
829 - len = scnprintf(buf, sizeof(buf), "%u\n",
830 - key->u.aes_gmac.replays);
832 - case WLAN_CIPHER_SUITE_GCMP:
833 - case WLAN_CIPHER_SUITE_GCMP_256:
834 - len = scnprintf(buf, sizeof(buf), "%u\n", key->u.gcmp.replays);
839 @@ -238,15 +189,9 @@ static ssize_t key_icverrors_read(struct
841 switch (key->conf.cipher) {
842 case WLAN_CIPHER_SUITE_AES_CMAC:
843 - case WLAN_CIPHER_SUITE_BIP_CMAC_256:
844 len = scnprintf(buf, sizeof(buf), "%u\n",
845 key->u.aes_cmac.icverrors);
847 - case WLAN_CIPHER_SUITE_BIP_GMAC_128:
848 - case WLAN_CIPHER_SUITE_BIP_GMAC_256:
849 - len = scnprintf(buf, sizeof(buf), "%u\n",
850 - key->u.aes_gmac.icverrors);
855 --- a/net/mac80211/key.c
856 +++ b/net/mac80211/key.c
858 #include "debugfs_key.h"
860 #include "aes_cmac.h"
861 -#include "aes_gmac.h"
862 -#include "aes_gcm.h"
866 @@ -164,13 +162,7 @@ static int ieee80211_key_enable_hw_accel
867 case WLAN_CIPHER_SUITE_WEP104:
868 case WLAN_CIPHER_SUITE_TKIP:
869 case WLAN_CIPHER_SUITE_CCMP:
870 - case WLAN_CIPHER_SUITE_CCMP_256:
871 case WLAN_CIPHER_SUITE_AES_CMAC:
872 - case WLAN_CIPHER_SUITE_BIP_CMAC_256:
873 - case WLAN_CIPHER_SUITE_BIP_GMAC_128:
874 - case WLAN_CIPHER_SUITE_BIP_GMAC_256:
875 - case WLAN_CIPHER_SUITE_GCMP:
876 - case WLAN_CIPHER_SUITE_GCMP_256:
877 /* all of these we can do in software - if driver can */
880 @@ -394,26 +386,7 @@ ieee80211_key_alloc(u32 cipher, int idx,
881 * Initialize AES key state here as an optimization so that
882 * it does not need to be initialized for every packet.
884 - key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
885 - key_data, key_len, IEEE80211_CCMP_MIC_LEN);
886 - if (IS_ERR(key->u.ccmp.tfm)) {
887 - err = PTR_ERR(key->u.ccmp.tfm);
889 - return ERR_PTR(err);
892 - case WLAN_CIPHER_SUITE_CCMP_256:
893 - key->conf.iv_len = IEEE80211_CCMP_256_HDR_LEN;
894 - key->conf.icv_len = IEEE80211_CCMP_256_MIC_LEN;
895 - for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
896 - for (j = 0; j < IEEE80211_CCMP_256_PN_LEN; j++)
897 - key->u.ccmp.rx_pn[i][j] =
898 - seq[IEEE80211_CCMP_256_PN_LEN - j - 1];
899 - /* Initialize AES key state here as an optimization so that
900 - * it does not need to be initialized for every packet.
902 - key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
903 - key_data, key_len, IEEE80211_CCMP_256_MIC_LEN);
904 + key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(key_data);
905 if (IS_ERR(key->u.ccmp.tfm)) {
906 err = PTR_ERR(key->u.ccmp.tfm);
908 @@ -421,12 +394,8 @@ ieee80211_key_alloc(u32 cipher, int idx,
911 case WLAN_CIPHER_SUITE_AES_CMAC:
912 - case WLAN_CIPHER_SUITE_BIP_CMAC_256:
913 key->conf.iv_len = 0;
914 - if (cipher == WLAN_CIPHER_SUITE_AES_CMAC)
915 - key->conf.icv_len = sizeof(struct ieee80211_mmie);
917 - key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
918 + key->conf.icv_len = sizeof(struct ieee80211_mmie);
920 for (j = 0; j < IEEE80211_CMAC_PN_LEN; j++)
921 key->u.aes_cmac.rx_pn[j] =
922 @@ -436,51 +405,13 @@ ieee80211_key_alloc(u32 cipher, int idx,
923 * it does not need to be initialized for every packet.
925 key->u.aes_cmac.tfm =
926 - ieee80211_aes_cmac_key_setup(key_data, key_len);
927 + ieee80211_aes_cmac_key_setup(key_data);
928 if (IS_ERR(key->u.aes_cmac.tfm)) {
929 err = PTR_ERR(key->u.aes_cmac.tfm);
934 - case WLAN_CIPHER_SUITE_BIP_GMAC_128:
935 - case WLAN_CIPHER_SUITE_BIP_GMAC_256:
936 - key->conf.iv_len = 0;
937 - key->conf.icv_len = sizeof(struct ieee80211_mmie_16);
939 - for (j = 0; j < IEEE80211_GMAC_PN_LEN; j++)
940 - key->u.aes_gmac.rx_pn[j] =
941 - seq[IEEE80211_GMAC_PN_LEN - j - 1];
942 - /* Initialize AES key state here as an optimization so that
943 - * it does not need to be initialized for every packet.
945 - key->u.aes_gmac.tfm =
946 - ieee80211_aes_gmac_key_setup(key_data, key_len);
947 - if (IS_ERR(key->u.aes_gmac.tfm)) {
948 - err = PTR_ERR(key->u.aes_gmac.tfm);
950 - return ERR_PTR(err);
953 - case WLAN_CIPHER_SUITE_GCMP:
954 - case WLAN_CIPHER_SUITE_GCMP_256:
955 - key->conf.iv_len = IEEE80211_GCMP_HDR_LEN;
956 - key->conf.icv_len = IEEE80211_GCMP_MIC_LEN;
957 - for (i = 0; seq && i < IEEE80211_NUM_TIDS + 1; i++)
958 - for (j = 0; j < IEEE80211_GCMP_PN_LEN; j++)
959 - key->u.gcmp.rx_pn[i][j] =
960 - seq[IEEE80211_GCMP_PN_LEN - j - 1];
961 - /* Initialize AES key state here as an optimization so that
962 - * it does not need to be initialized for every packet.
964 - key->u.gcmp.tfm = ieee80211_aes_gcm_key_setup_encrypt(key_data,
966 - if (IS_ERR(key->u.gcmp.tfm)) {
967 - err = PTR_ERR(key->u.gcmp.tfm);
969 - return ERR_PTR(err);
974 size_t len = (seq_len > MAX_PN_LEN) ?
975 @@ -502,24 +433,10 @@ ieee80211_key_alloc(u32 cipher, int idx,
977 static void ieee80211_key_free_common(struct ieee80211_key *key)
979 - switch (key->conf.cipher) {
980 - case WLAN_CIPHER_SUITE_CCMP:
981 - case WLAN_CIPHER_SUITE_CCMP_256:
982 + if (key->conf.cipher == WLAN_CIPHER_SUITE_CCMP)
983 ieee80211_aes_key_free(key->u.ccmp.tfm);
985 - case WLAN_CIPHER_SUITE_AES_CMAC:
986 - case WLAN_CIPHER_SUITE_BIP_CMAC_256:
987 + if (key->conf.cipher == WLAN_CIPHER_SUITE_AES_CMAC)
988 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm);
990 - case WLAN_CIPHER_SUITE_BIP_GMAC_128:
991 - case WLAN_CIPHER_SUITE_BIP_GMAC_256:
992 - ieee80211_aes_gmac_key_free(key->u.aes_gmac.tfm);
994 - case WLAN_CIPHER_SUITE_GCMP:
995 - case WLAN_CIPHER_SUITE_GCMP_256:
996 - ieee80211_aes_gcm_key_free(key->u.gcmp.tfm);
1002 @@ -826,7 +743,6 @@ void ieee80211_get_key_tx_seq(struct iee
1003 seq->tkip.iv16 = key->u.tkip.tx.iv16;
1005 case WLAN_CIPHER_SUITE_CCMP:
1006 - case WLAN_CIPHER_SUITE_CCMP_256:
1007 pn64 = atomic64_read(&key->u.ccmp.tx_pn);
1008 seq->ccmp.pn[5] = pn64;
1009 seq->ccmp.pn[4] = pn64 >> 8;
1010 @@ -836,7 +752,6 @@ void ieee80211_get_key_tx_seq(struct iee
1011 seq->ccmp.pn[0] = pn64 >> 40;
1013 case WLAN_CIPHER_SUITE_AES_CMAC:
1014 - case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1015 pn64 = atomic64_read(&key->u.aes_cmac.tx_pn);
1016 seq->ccmp.pn[5] = pn64;
1017 seq->ccmp.pn[4] = pn64 >> 8;
1018 @@ -845,26 +760,6 @@ void ieee80211_get_key_tx_seq(struct iee
1019 seq->ccmp.pn[1] = pn64 >> 32;
1020 seq->ccmp.pn[0] = pn64 >> 40;
1022 - case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1023 - case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1024 - pn64 = atomic64_read(&key->u.aes_gmac.tx_pn);
1025 - seq->ccmp.pn[5] = pn64;
1026 - seq->ccmp.pn[4] = pn64 >> 8;
1027 - seq->ccmp.pn[3] = pn64 >> 16;
1028 - seq->ccmp.pn[2] = pn64 >> 24;
1029 - seq->ccmp.pn[1] = pn64 >> 32;
1030 - seq->ccmp.pn[0] = pn64 >> 40;
1032 - case WLAN_CIPHER_SUITE_GCMP:
1033 - case WLAN_CIPHER_SUITE_GCMP_256:
1034 - pn64 = atomic64_read(&key->u.gcmp.tx_pn);
1035 - seq->gcmp.pn[5] = pn64;
1036 - seq->gcmp.pn[4] = pn64 >> 8;
1037 - seq->gcmp.pn[3] = pn64 >> 16;
1038 - seq->gcmp.pn[2] = pn64 >> 24;
1039 - seq->gcmp.pn[1] = pn64 >> 32;
1040 - seq->gcmp.pn[0] = pn64 >> 40;
1045 @@ -887,7 +782,6 @@ void ieee80211_get_key_rx_seq(struct iee
1046 seq->tkip.iv16 = key->u.tkip.rx[tid].iv16;
1048 case WLAN_CIPHER_SUITE_CCMP:
1049 - case WLAN_CIPHER_SUITE_CCMP_256:
1050 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1053 @@ -897,29 +791,11 @@ void ieee80211_get_key_rx_seq(struct iee
1054 memcpy(seq->ccmp.pn, pn, IEEE80211_CCMP_PN_LEN);
1056 case WLAN_CIPHER_SUITE_AES_CMAC:
1057 - case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1058 if (WARN_ON(tid != 0))
1060 pn = key->u.aes_cmac.rx_pn;
1061 memcpy(seq->aes_cmac.pn, pn, IEEE80211_CMAC_PN_LEN);
1063 - case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1064 - case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1065 - if (WARN_ON(tid != 0))
1067 - pn = key->u.aes_gmac.rx_pn;
1068 - memcpy(seq->aes_gmac.pn, pn, IEEE80211_GMAC_PN_LEN);
1070 - case WLAN_CIPHER_SUITE_GCMP:
1071 - case WLAN_CIPHER_SUITE_GCMP_256:
1072 - if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1075 - pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1077 - pn = key->u.gcmp.rx_pn[tid];
1078 - memcpy(seq->gcmp.pn, pn, IEEE80211_GCMP_PN_LEN);
1082 EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
1083 @@ -938,7 +814,6 @@ void ieee80211_set_key_tx_seq(struct iee
1084 key->u.tkip.tx.iv16 = seq->tkip.iv16;
1086 case WLAN_CIPHER_SUITE_CCMP:
1087 - case WLAN_CIPHER_SUITE_CCMP_256:
1088 pn64 = (u64)seq->ccmp.pn[5] |
1089 ((u64)seq->ccmp.pn[4] << 8) |
1090 ((u64)seq->ccmp.pn[3] << 16) |
1091 @@ -948,7 +823,6 @@ void ieee80211_set_key_tx_seq(struct iee
1092 atomic64_set(&key->u.ccmp.tx_pn, pn64);
1094 case WLAN_CIPHER_SUITE_AES_CMAC:
1095 - case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1096 pn64 = (u64)seq->aes_cmac.pn[5] |
1097 ((u64)seq->aes_cmac.pn[4] << 8) |
1098 ((u64)seq->aes_cmac.pn[3] << 16) |
1099 @@ -957,26 +831,6 @@ void ieee80211_set_key_tx_seq(struct iee
1100 ((u64)seq->aes_cmac.pn[0] << 40);
1101 atomic64_set(&key->u.aes_cmac.tx_pn, pn64);
1103 - case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1104 - case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1105 - pn64 = (u64)seq->aes_gmac.pn[5] |
1106 - ((u64)seq->aes_gmac.pn[4] << 8) |
1107 - ((u64)seq->aes_gmac.pn[3] << 16) |
1108 - ((u64)seq->aes_gmac.pn[2] << 24) |
1109 - ((u64)seq->aes_gmac.pn[1] << 32) |
1110 - ((u64)seq->aes_gmac.pn[0] << 40);
1111 - atomic64_set(&key->u.aes_gmac.tx_pn, pn64);
1113 - case WLAN_CIPHER_SUITE_GCMP:
1114 - case WLAN_CIPHER_SUITE_GCMP_256:
1115 - pn64 = (u64)seq->gcmp.pn[5] |
1116 - ((u64)seq->gcmp.pn[4] << 8) |
1117 - ((u64)seq->gcmp.pn[3] << 16) |
1118 - ((u64)seq->gcmp.pn[2] << 24) |
1119 - ((u64)seq->gcmp.pn[1] << 32) |
1120 - ((u64)seq->gcmp.pn[0] << 40);
1121 - atomic64_set(&key->u.gcmp.tx_pn, pn64);
1126 @@ -1000,7 +854,6 @@ void ieee80211_set_key_rx_seq(struct iee
1127 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
1129 case WLAN_CIPHER_SUITE_CCMP:
1130 - case WLAN_CIPHER_SUITE_CCMP_256:
1131 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1134 @@ -1010,29 +863,11 @@ void ieee80211_set_key_rx_seq(struct iee
1135 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
1137 case WLAN_CIPHER_SUITE_AES_CMAC:
1138 - case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1139 if (WARN_ON(tid != 0))
1141 pn = key->u.aes_cmac.rx_pn;
1142 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
1144 - case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1145 - case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1146 - if (WARN_ON(tid != 0))
1148 - pn = key->u.aes_gmac.rx_pn;
1149 - memcpy(pn, seq->aes_gmac.pn, IEEE80211_GMAC_PN_LEN);
1151 - case WLAN_CIPHER_SUITE_GCMP:
1152 - case WLAN_CIPHER_SUITE_GCMP_256:
1153 - if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
1156 - pn = key->u.gcmp.rx_pn[IEEE80211_NUM_TIDS];
1158 - pn = key->u.gcmp.rx_pn[tid];
1159 - memcpy(pn, seq->gcmp.pn, IEEE80211_GCMP_PN_LEN);
1164 --- a/net/mac80211/key.h
1165 +++ b/net/mac80211/key.h
1166 @@ -84,7 +84,7 @@ struct ieee80211_key {
1167 * Management frames.
1169 u8 rx_pn[IEEE80211_NUM_TIDS + 1][IEEE80211_CCMP_PN_LEN];
1170 - struct crypto_aead *tfm;
1171 + struct crypto_cipher *tfm;
1172 u32 replays; /* dot11RSNAStatsCCMPReplays */
1175 @@ -95,24 +95,6 @@ struct ieee80211_key {
1176 u32 icverrors; /* dot11RSNAStatsCMACICVErrors */
1180 - u8 rx_pn[IEEE80211_GMAC_PN_LEN];
1181 - struct crypto_aead *tfm;
1182 - u32 replays; /* dot11RSNAStatsCMACReplays */
1183 - u32 icverrors; /* dot11RSNAStatsCMACICVErrors */
1187 - /* Last received packet number. The first
1188 - * IEEE80211_NUM_TIDS counters are used with Data
1189 - * frames and the last counter is used with Robust
1190 - * Management frames.
1192 - u8 rx_pn[IEEE80211_NUM_TIDS + 1][IEEE80211_GCMP_PN_LEN];
1193 - struct crypto_aead *tfm;
1194 - u32 replays; /* dot11RSNAStatsGCMPReplays */
1197 /* generic cipher scheme */
1198 u8 rx_pn[IEEE80211_NUM_TIDS + 1][MAX_PN_LEN];
1200 --- a/net/mac80211/main.c
1201 +++ b/net/mac80211/main.c
1202 @@ -666,15 +666,9 @@ static int ieee80211_init_cipher_suites(
1203 WLAN_CIPHER_SUITE_WEP104,
1204 WLAN_CIPHER_SUITE_TKIP,
1205 WLAN_CIPHER_SUITE_CCMP,
1206 - WLAN_CIPHER_SUITE_CCMP_256,
1207 - WLAN_CIPHER_SUITE_GCMP,
1208 - WLAN_CIPHER_SUITE_GCMP_256,
1210 /* keep last -- depends on hw flags! */
1211 - WLAN_CIPHER_SUITE_AES_CMAC,
1212 - WLAN_CIPHER_SUITE_BIP_CMAC_256,
1213 - WLAN_CIPHER_SUITE_BIP_GMAC_128,
1214 - WLAN_CIPHER_SUITE_BIP_GMAC_256,
1215 + WLAN_CIPHER_SUITE_AES_CMAC
1218 if (local->hw.flags & IEEE80211_HW_SW_CRYPTO_CONTROL ||
1219 @@ -713,7 +707,7 @@ static int ieee80211_init_cipher_suites(
1220 local->hw.wiphy->n_cipher_suites = ARRAY_SIZE(cipher_suites);
1223 - local->hw.wiphy->n_cipher_suites -= 4;
1224 + local->hw.wiphy->n_cipher_suites--;
1227 local->hw.wiphy->cipher_suites += 2;
1228 @@ -730,42 +724,32 @@ static int ieee80211_init_cipher_suites(
1229 /* Driver specifies cipher schemes only (but not cipher suites
1230 * including the schemes)
1232 - * We start counting ciphers defined by schemes, TKIP, CCMP,
1233 - * CCMP-256, GCMP, and GCMP-256
1234 + * We start counting ciphers defined by schemes, TKIP and CCMP
1236 - n_suites = local->hw.n_cipher_schemes + 5;
1237 + n_suites = local->hw.n_cipher_schemes + 2;
1239 /* check if we have WEP40 and WEP104 */
1243 - /* check if we have AES_CMAC, BIP-CMAC-256, BIP-GMAC-128,
1246 + /* check if we have AES_CMAC */
1251 suites = kmalloc(sizeof(u32) * n_suites, GFP_KERNEL);
1255 suites[w++] = WLAN_CIPHER_SUITE_CCMP;
1256 - suites[w++] = WLAN_CIPHER_SUITE_CCMP_256;
1257 suites[w++] = WLAN_CIPHER_SUITE_TKIP;
1258 - suites[w++] = WLAN_CIPHER_SUITE_GCMP;
1259 - suites[w++] = WLAN_CIPHER_SUITE_GCMP_256;
1262 suites[w++] = WLAN_CIPHER_SUITE_WEP40;
1263 suites[w++] = WLAN_CIPHER_SUITE_WEP104;
1268 suites[w++] = WLAN_CIPHER_SUITE_AES_CMAC;
1269 - suites[w++] = WLAN_CIPHER_SUITE_BIP_CMAC_256;
1270 - suites[w++] = WLAN_CIPHER_SUITE_BIP_GMAC_128;
1271 - suites[w++] = WLAN_CIPHER_SUITE_BIP_GMAC_256;
1274 for (r = 0; r < local->hw.n_cipher_schemes; r++)
1275 suites[w++] = cs[r].cipher;
1276 --- a/net/mac80211/rx.c
1277 +++ b/net/mac80211/rx.c
1278 @@ -647,7 +647,6 @@ static int ieee80211_get_mmie_keyidx(str
1280 struct ieee80211_mgmt *hdr = (struct ieee80211_mgmt *) skb->data;
1281 struct ieee80211_mmie *mmie;
1282 - struct ieee80211_mmie_16 *mmie16;
1284 if (skb->len < 24 + sizeof(*mmie) || !is_multicast_ether_addr(hdr->da))
1286 @@ -657,18 +656,11 @@ static int ieee80211_get_mmie_keyidx(str
1288 mmie = (struct ieee80211_mmie *)
1289 (skb->data + skb->len - sizeof(*mmie));
1290 - if (mmie->element_id == WLAN_EID_MMIE &&
1291 - mmie->length == sizeof(*mmie) - 2)
1292 - return le16_to_cpu(mmie->key_id);
1294 - mmie16 = (struct ieee80211_mmie_16 *)
1295 - (skb->data + skb->len - sizeof(*mmie16));
1296 - if (skb->len >= 24 + sizeof(*mmie16) &&
1297 - mmie16->element_id == WLAN_EID_MMIE &&
1298 - mmie16->length == sizeof(*mmie16) - 2)
1299 - return le16_to_cpu(mmie16->key_id);
1300 + if (mmie->element_id != WLAN_EID_MMIE ||
1301 + mmie->length != sizeof(*mmie) - 2)
1305 + return le16_to_cpu(mmie->key_id);
1308 static int iwl80211_get_cs_keyid(const struct ieee80211_cipher_scheme *cs,
1309 @@ -1658,27 +1650,11 @@ ieee80211_rx_h_decrypt(struct ieee80211_
1310 result = ieee80211_crypto_tkip_decrypt(rx);
1312 case WLAN_CIPHER_SUITE_CCMP:
1313 - result = ieee80211_crypto_ccmp_decrypt(
1314 - rx, IEEE80211_CCMP_MIC_LEN);
1316 - case WLAN_CIPHER_SUITE_CCMP_256:
1317 - result = ieee80211_crypto_ccmp_decrypt(
1318 - rx, IEEE80211_CCMP_256_MIC_LEN);
1319 + result = ieee80211_crypto_ccmp_decrypt(rx);
1321 case WLAN_CIPHER_SUITE_AES_CMAC:
1322 result = ieee80211_crypto_aes_cmac_decrypt(rx);
1324 - case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1325 - result = ieee80211_crypto_aes_cmac_256_decrypt(rx);
1327 - case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1328 - case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1329 - result = ieee80211_crypto_aes_gmac_decrypt(rx);
1331 - case WLAN_CIPHER_SUITE_GCMP:
1332 - case WLAN_CIPHER_SUITE_GCMP_256:
1333 - result = ieee80211_crypto_gcmp_decrypt(rx);
1336 result = ieee80211_crypto_hw_decrypt(rx);
1338 @@ -1805,9 +1781,7 @@ ieee80211_rx_h_defragment(struct ieee802
1339 /* This is the first fragment of a new frame. */
1340 entry = ieee80211_reassemble_add(rx->sdata, frag, seq,
1341 rx->seqno_idx, &(rx->skb));
1343 - (rx->key->conf.cipher == WLAN_CIPHER_SUITE_CCMP ||
1344 - rx->key->conf.cipher == WLAN_CIPHER_SUITE_CCMP_256) &&
1345 + if (rx->key && rx->key->conf.cipher == WLAN_CIPHER_SUITE_CCMP &&
1346 ieee80211_has_protected(fc)) {
1347 int queue = rx->security_idx;
1348 /* Store CCMP PN so that we can verify that the next
1349 @@ -1836,9 +1810,7 @@ ieee80211_rx_h_defragment(struct ieee802
1351 u8 pn[IEEE80211_CCMP_PN_LEN], *rpn;
1354 - (rx->key->conf.cipher != WLAN_CIPHER_SUITE_CCMP &&
1355 - rx->key->conf.cipher != WLAN_CIPHER_SUITE_CCMP_256))
1356 + if (!rx->key || rx->key->conf.cipher != WLAN_CIPHER_SUITE_CCMP)
1357 return RX_DROP_UNUSABLE;
1358 memcpy(pn, entry->last_pn, IEEE80211_CCMP_PN_LEN);
1359 for (i = IEEE80211_CCMP_PN_LEN - 1; i >= 0; i--) {
1360 --- a/net/mac80211/tx.c
1361 +++ b/net/mac80211/tx.c
1362 @@ -626,9 +626,6 @@ ieee80211_tx_h_select_key(struct ieee802
1365 case WLAN_CIPHER_SUITE_CCMP:
1366 - case WLAN_CIPHER_SUITE_CCMP_256:
1367 - case WLAN_CIPHER_SUITE_GCMP:
1368 - case WLAN_CIPHER_SUITE_GCMP_256:
1369 if (!ieee80211_is_data_present(hdr->frame_control) &&
1370 !ieee80211_use_mfp(hdr->frame_control, tx->sta,
1372 @@ -639,9 +636,6 @@ ieee80211_tx_h_select_key(struct ieee802
1373 ieee80211_is_mgmt(hdr->frame_control);
1375 case WLAN_CIPHER_SUITE_AES_CMAC:
1376 - case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1377 - case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1378 - case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1379 if (!ieee80211_is_mgmt(hdr->frame_control))
1382 @@ -1017,21 +1011,9 @@ ieee80211_tx_h_encrypt(struct ieee80211_
1383 case WLAN_CIPHER_SUITE_TKIP:
1384 return ieee80211_crypto_tkip_encrypt(tx);
1385 case WLAN_CIPHER_SUITE_CCMP:
1386 - return ieee80211_crypto_ccmp_encrypt(
1387 - tx, IEEE80211_CCMP_MIC_LEN);
1388 - case WLAN_CIPHER_SUITE_CCMP_256:
1389 - return ieee80211_crypto_ccmp_encrypt(
1390 - tx, IEEE80211_CCMP_256_MIC_LEN);
1391 + return ieee80211_crypto_ccmp_encrypt(tx);
1392 case WLAN_CIPHER_SUITE_AES_CMAC:
1393 return ieee80211_crypto_aes_cmac_encrypt(tx);
1394 - case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1395 - return ieee80211_crypto_aes_cmac_256_encrypt(tx);
1396 - case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1397 - case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1398 - return ieee80211_crypto_aes_gmac_encrypt(tx);
1399 - case WLAN_CIPHER_SUITE_GCMP:
1400 - case WLAN_CIPHER_SUITE_GCMP_256:
1401 - return ieee80211_crypto_gcmp_encrypt(tx);
1403 return ieee80211_crypto_hw_encrypt(tx);
1405 --- a/net/mac80211/wpa.c
1406 +++ b/net/mac80211/wpa.c
1409 #include "aes_ccm.h"
1410 #include "aes_cmac.h"
1411 -#include "aes_gmac.h"
1412 -#include "aes_gcm.h"
1416 @@ -304,15 +302,22 @@ ieee80211_crypto_tkip_decrypt(struct iee
1420 -static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *b_0, u8 *aad)
1421 +static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *scratch,
1425 int a4_included, mgmt;
1429 + u16 data_len, len_a;
1430 unsigned int hdrlen;
1431 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1433 + memset(scratch, 0, 6 * AES_BLOCK_SIZE);
1435 + b_0 = scratch + 3 * AES_BLOCK_SIZE;
1436 + aad = scratch + 4 * AES_BLOCK_SIZE;
1439 * Mask FC: zero subtype b4 b5 b6 (if not mgmt)
1440 * Retry, PwrMgt, MoreData; set Protected
1441 @@ -334,21 +339,20 @@ static void ccmp_special_blocks(struct s
1445 - /* In CCM, the initial vectors (IV) used for CTR mode encryption and CBC
1446 - * mode authentication are not allowed to collide, yet both are derived
1447 - * from this vector b_0. We only set L := 1 here to indicate that the
1448 - * data size can be represented in (L+1) bytes. The CCM layer will take
1449 - * care of storing the data length in the top (L+1) bytes and setting
1450 - * and clearing the other bits as is required to derive the two IVs.
1453 + data_len = skb->len - hdrlen - IEEE80211_CCMP_HDR_LEN;
1455 + data_len -= IEEE80211_CCMP_MIC_LEN;
1457 + /* First block, b_0 */
1458 + b_0[0] = 0x59; /* flags: Adata: 1, M: 011, L: 001 */
1459 /* Nonce: Nonce Flags | A2 | PN
1460 * Nonce Flags: Priority (b0..b3) | Management (b4) | Reserved (b5..b7)
1462 b_0[1] = qos_tid | (mgmt << 4);
1463 memcpy(&b_0[2], hdr->addr2, ETH_ALEN);
1464 memcpy(&b_0[8], pn, IEEE80211_CCMP_PN_LEN);
1466 + put_unaligned_be16(data_len, &b_0[14]);
1468 /* AAD (extra authenticate-only data) / masked 802.11 header
1469 * FC | A1 | A2 | A3 | SC | [A4] | [QC] */
1470 @@ -395,8 +399,7 @@ static inline void ccmp_hdr2pn(u8 *pn, u
1474 -static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb,
1475 - unsigned int mic_len)
1476 +static int ccmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
1478 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
1479 struct ieee80211_key *key = tx->key;
1480 @@ -405,8 +408,7 @@ static int ccmp_encrypt_skb(struct ieee8
1484 - u8 aad[2 * AES_BLOCK_SIZE];
1485 - u8 b_0[AES_BLOCK_SIZE];
1486 + u8 scratch[6 * AES_BLOCK_SIZE];
1488 if (info->control.hw_key &&
1489 !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_GENERATE_IV) &&
1490 @@ -427,7 +429,7 @@ static int ccmp_encrypt_skb(struct ieee8
1491 if (info->control.hw_key)
1495 + tail = IEEE80211_CCMP_MIC_LEN;
1497 if (WARN_ON(skb_tailroom(skb) < tail ||
1498 skb_headroom(skb) < IEEE80211_CCMP_HDR_LEN))
1499 @@ -460,24 +462,23 @@ static int ccmp_encrypt_skb(struct ieee8
1502 pos += IEEE80211_CCMP_HDR_LEN;
1503 - ccmp_special_blocks(skb, pn, b_0, aad);
1504 - ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, b_0, aad, pos, len,
1505 - skb_put(skb, mic_len), mic_len);
1506 + ccmp_special_blocks(skb, pn, scratch, 0);
1507 + ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, scratch, pos, len,
1508 + pos, skb_put(skb, IEEE80211_CCMP_MIC_LEN));
1515 -ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx,
1516 - unsigned int mic_len)
1517 +ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx)
1519 struct sk_buff *skb;
1521 ieee80211_tx_set_protected(tx);
1523 skb_queue_walk(&tx->skbs, skb) {
1524 - if (ccmp_encrypt_skb(tx, skb, mic_len) < 0)
1525 + if (ccmp_encrypt_skb(tx, skb) < 0)
1529 @@ -486,8 +487,7 @@ ieee80211_crypto_ccmp_encrypt(struct iee
1533 -ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx,
1534 - unsigned int mic_len)
1535 +ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
1537 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
1539 @@ -504,7 +504,8 @@ ieee80211_crypto_ccmp_decrypt(struct iee
1540 !ieee80211_is_robust_mgmt_frame(skb))
1543 - data_len = skb->len - hdrlen - IEEE80211_CCMP_HDR_LEN - mic_len;
1544 + data_len = skb->len - hdrlen - IEEE80211_CCMP_HDR_LEN -
1545 + IEEE80211_CCMP_MIC_LEN;
1546 if (!rx->sta || data_len < 0)
1547 return RX_DROP_UNUSABLE;
1549 @@ -526,23 +527,23 @@ ieee80211_crypto_ccmp_decrypt(struct iee
1552 if (!(status->flag & RX_FLAG_DECRYPTED)) {
1553 - u8 aad[2 * AES_BLOCK_SIZE];
1554 - u8 b_0[AES_BLOCK_SIZE];
1555 + u8 scratch[6 * AES_BLOCK_SIZE];
1556 /* hardware didn't decrypt/verify MIC */
1557 - ccmp_special_blocks(skb, pn, b_0, aad);
1558 + ccmp_special_blocks(skb, pn, scratch, 1);
1560 if (ieee80211_aes_ccm_decrypt(
1561 - key->u.ccmp.tfm, b_0, aad,
1562 + key->u.ccmp.tfm, scratch,
1563 skb->data + hdrlen + IEEE80211_CCMP_HDR_LEN,
1565 - skb->data + skb->len - mic_len, mic_len))
1566 + skb->data + skb->len - IEEE80211_CCMP_MIC_LEN,
1567 + skb->data + hdrlen + IEEE80211_CCMP_HDR_LEN))
1568 return RX_DROP_UNUSABLE;
1571 memcpy(key->u.ccmp.rx_pn[queue], pn, IEEE80211_CCMP_PN_LEN);
1573 /* Remove CCMP header and MIC */
1574 - if (pskb_trim(skb, skb->len - mic_len))
1575 + if (pskb_trim(skb, skb->len - IEEE80211_CCMP_MIC_LEN))
1576 return RX_DROP_UNUSABLE;
1577 memmove(skb->data + IEEE80211_CCMP_HDR_LEN, skb->data, hdrlen);
1578 skb_pull(skb, IEEE80211_CCMP_HDR_LEN);
1579 @@ -550,229 +551,6 @@ ieee80211_crypto_ccmp_decrypt(struct iee
1583 -static void gcmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *j_0, u8 *aad)
1587 - struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1589 - memcpy(j_0, hdr->addr2, ETH_ALEN);
1590 - memcpy(&j_0[ETH_ALEN], pn, IEEE80211_GCMP_PN_LEN);
1593 - j_0[AES_BLOCK_SIZE - 1] = 0x01;
1595 - /* AAD (extra authenticate-only data) / masked 802.11 header
1596 - * FC | A1 | A2 | A3 | SC | [A4] | [QC]
1598 - put_unaligned_be16(ieee80211_hdrlen(hdr->frame_control) - 2, &aad[0]);
1599 - /* Mask FC: zero subtype b4 b5 b6 (if not mgmt)
1600 - * Retry, PwrMgt, MoreData; set Protected
1602 - mask_fc = hdr->frame_control;
1603 - mask_fc &= ~cpu_to_le16(IEEE80211_FCTL_RETRY |
1604 - IEEE80211_FCTL_PM | IEEE80211_FCTL_MOREDATA);
1605 - if (!ieee80211_is_mgmt(hdr->frame_control))
1606 - mask_fc &= ~cpu_to_le16(0x0070);
1607 - mask_fc |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
1609 - put_unaligned(mask_fc, (__le16 *)&aad[2]);
1610 - memcpy(&aad[4], &hdr->addr1, 3 * ETH_ALEN);
1612 - /* Mask Seq#, leave Frag# */
1613 - aad[22] = *((u8 *)&hdr->seq_ctrl) & 0x0f;
1616 - if (ieee80211_is_data_qos(hdr->frame_control))
1617 - qos_tid = *ieee80211_get_qos_ctl(hdr) &
1618 - IEEE80211_QOS_CTL_TID_MASK;
1622 - if (ieee80211_has_a4(hdr->frame_control)) {
1623 - memcpy(&aad[24], hdr->addr4, ETH_ALEN);
1624 - aad[30] = qos_tid;
1627 - memset(&aad[24], 0, ETH_ALEN + IEEE80211_QOS_CTL_LEN);
1628 - aad[24] = qos_tid;
1632 -static inline void gcmp_pn2hdr(u8 *hdr, const u8 *pn, int key_id)
1637 - hdr[3] = 0x20 | (key_id << 6);
1644 -static inline void gcmp_hdr2pn(u8 *pn, const u8 *hdr)
1654 -static int gcmp_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb)
1656 - struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1657 - struct ieee80211_key *key = tx->key;
1658 - struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1659 - int hdrlen, len, tail;
1663 - u8 aad[2 * AES_BLOCK_SIZE];
1664 - u8 j_0[AES_BLOCK_SIZE];
1666 - if (info->control.hw_key &&
1667 - !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_GENERATE_IV) &&
1668 - !(info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE) &&
1669 - !((info->control.hw_key->flags &
1670 - IEEE80211_KEY_FLAG_GENERATE_IV_MGMT) &&
1671 - ieee80211_is_mgmt(hdr->frame_control))) {
1672 - /* hwaccel has no need for preallocated room for GCMP
1673 - * header or MIC fields
1678 - hdrlen = ieee80211_hdrlen(hdr->frame_control);
1679 - len = skb->len - hdrlen;
1681 - if (info->control.hw_key)
1684 - tail = IEEE80211_GCMP_MIC_LEN;
1686 - if (WARN_ON(skb_tailroom(skb) < tail ||
1687 - skb_headroom(skb) < IEEE80211_GCMP_HDR_LEN))
1690 - pos = skb_push(skb, IEEE80211_GCMP_HDR_LEN);
1691 - memmove(pos, pos + IEEE80211_GCMP_HDR_LEN, hdrlen);
1692 - skb_set_network_header(skb, skb_network_offset(skb) +
1693 - IEEE80211_GCMP_HDR_LEN);
1695 - /* the HW only needs room for the IV, but not the actual IV */
1696 - if (info->control.hw_key &&
1697 - (info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE))
1700 - hdr = (struct ieee80211_hdr *)pos;
1703 - pn64 = atomic64_inc_return(&key->u.gcmp.tx_pn);
1706 - pn[4] = pn64 >> 8;
1707 - pn[3] = pn64 >> 16;
1708 - pn[2] = pn64 >> 24;
1709 - pn[1] = pn64 >> 32;
1710 - pn[0] = pn64 >> 40;
1712 - gcmp_pn2hdr(pos, pn, key->conf.keyidx);
1714 - /* hwaccel - with software GCMP header */
1715 - if (info->control.hw_key)
1718 - pos += IEEE80211_GCMP_HDR_LEN;
1719 - gcmp_special_blocks(skb, pn, j_0, aad);
1720 - ieee80211_aes_gcm_encrypt(key->u.gcmp.tfm, j_0, aad, pos, len,
1721 - skb_put(skb, IEEE80211_GCMP_MIC_LEN));
1726 -ieee80211_tx_result
1727 -ieee80211_crypto_gcmp_encrypt(struct ieee80211_tx_data *tx)
1729 - struct sk_buff *skb;
1731 - ieee80211_tx_set_protected(tx);
1733 - skb_queue_walk(&tx->skbs, skb) {
1734 - if (gcmp_encrypt_skb(tx, skb) < 0)
1738 - return TX_CONTINUE;
1741 -ieee80211_rx_result
1742 -ieee80211_crypto_gcmp_decrypt(struct ieee80211_rx_data *rx)
1744 - struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)rx->skb->data;
1746 - struct ieee80211_key *key = rx->key;
1747 - struct sk_buff *skb = rx->skb;
1748 - struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
1749 - u8 pn[IEEE80211_GCMP_PN_LEN];
1753 - hdrlen = ieee80211_hdrlen(hdr->frame_control);
1755 - if (!ieee80211_is_data(hdr->frame_control) &&
1756 - !ieee80211_is_robust_mgmt_frame(skb))
1757 - return RX_CONTINUE;
1759 - data_len = skb->len - hdrlen - IEEE80211_GCMP_HDR_LEN -
1760 - IEEE80211_GCMP_MIC_LEN;
1761 - if (!rx->sta || data_len < 0)
1762 - return RX_DROP_UNUSABLE;
1764 - if (status->flag & RX_FLAG_DECRYPTED) {
1765 - if (!pskb_may_pull(rx->skb, hdrlen + IEEE80211_GCMP_HDR_LEN))
1766 - return RX_DROP_UNUSABLE;
1768 - if (skb_linearize(rx->skb))
1769 - return RX_DROP_UNUSABLE;
1772 - gcmp_hdr2pn(pn, skb->data + hdrlen);
1774 - queue = rx->security_idx;
1776 - if (memcmp(pn, key->u.gcmp.rx_pn[queue], IEEE80211_GCMP_PN_LEN) <= 0) {
1777 - key->u.gcmp.replays++;
1778 - return RX_DROP_UNUSABLE;
1781 - if (!(status->flag & RX_FLAG_DECRYPTED)) {
1782 - u8 aad[2 * AES_BLOCK_SIZE];
1783 - u8 j_0[AES_BLOCK_SIZE];
1784 - /* hardware didn't decrypt/verify MIC */
1785 - gcmp_special_blocks(skb, pn, j_0, aad);
1787 - if (ieee80211_aes_gcm_decrypt(
1788 - key->u.gcmp.tfm, j_0, aad,
1789 - skb->data + hdrlen + IEEE80211_GCMP_HDR_LEN,
1791 - skb->data + skb->len - IEEE80211_GCMP_MIC_LEN))
1792 - return RX_DROP_UNUSABLE;
1795 - memcpy(key->u.gcmp.rx_pn[queue], pn, IEEE80211_GCMP_PN_LEN);
1797 - /* Remove GCMP header and MIC */
1798 - if (pskb_trim(skb, skb->len - IEEE80211_GCMP_MIC_LEN))
1799 - return RX_DROP_UNUSABLE;
1800 - memmove(skb->data + IEEE80211_GCMP_HDR_LEN, skb->data, hdrlen);
1801 - skb_pull(skb, IEEE80211_GCMP_HDR_LEN);
1803 - return RX_CONTINUE;
1806 static ieee80211_tx_result
1807 ieee80211_crypto_cs_encrypt(struct ieee80211_tx_data *tx,
1808 struct sk_buff *skb)
1809 @@ -956,48 +734,6 @@ ieee80211_crypto_aes_cmac_encrypt(struct
1813 -ieee80211_tx_result
1814 -ieee80211_crypto_aes_cmac_256_encrypt(struct ieee80211_tx_data *tx)
1816 - struct sk_buff *skb;
1817 - struct ieee80211_tx_info *info;
1818 - struct ieee80211_key *key = tx->key;
1819 - struct ieee80211_mmie_16 *mmie;
1823 - if (WARN_ON(skb_queue_len(&tx->skbs) != 1))
1826 - skb = skb_peek(&tx->skbs);
1828 - info = IEEE80211_SKB_CB(skb);
1830 - if (info->control.hw_key)
1831 - return TX_CONTINUE;
1833 - if (WARN_ON(skb_tailroom(skb) < sizeof(*mmie)))
1836 - mmie = (struct ieee80211_mmie_16 *)skb_put(skb, sizeof(*mmie));
1837 - mmie->element_id = WLAN_EID_MMIE;
1838 - mmie->length = sizeof(*mmie) - 2;
1839 - mmie->key_id = cpu_to_le16(key->conf.keyidx);
1842 - pn64 = atomic64_inc_return(&key->u.aes_cmac.tx_pn);
1844 - bip_ipn_set64(mmie->sequence_number, pn64);
1846 - bip_aad(skb, aad);
1848 - /* MIC = AES-256-CMAC(IGTK, AAD || Management Frame Body || MMIE, 128)
1850 - ieee80211_aes_cmac_256(key->u.aes_cmac.tfm, aad,
1851 - skb->data + 24, skb->len - 24, mmie->mic);
1853 - return TX_CONTINUE;
1857 ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx)
1858 @@ -1045,160 +781,6 @@ ieee80211_crypto_aes_cmac_decrypt(struct
1861 skb_trim(skb, skb->len - sizeof(*mmie));
1863 - return RX_CONTINUE;
1866 -ieee80211_rx_result
1867 -ieee80211_crypto_aes_cmac_256_decrypt(struct ieee80211_rx_data *rx)
1869 - struct sk_buff *skb = rx->skb;
1870 - struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
1871 - struct ieee80211_key *key = rx->key;
1872 - struct ieee80211_mmie_16 *mmie;
1873 - u8 aad[20], mic[16], ipn[6];
1874 - struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1876 - if (!ieee80211_is_mgmt(hdr->frame_control))
1877 - return RX_CONTINUE;
1879 - /* management frames are already linear */
1881 - if (skb->len < 24 + sizeof(*mmie))
1882 - return RX_DROP_UNUSABLE;
1884 - mmie = (struct ieee80211_mmie_16 *)
1885 - (skb->data + skb->len - sizeof(*mmie));
1886 - if (mmie->element_id != WLAN_EID_MMIE ||
1887 - mmie->length != sizeof(*mmie) - 2)
1888 - return RX_DROP_UNUSABLE; /* Invalid MMIE */
1890 - bip_ipn_swap(ipn, mmie->sequence_number);
1892 - if (memcmp(ipn, key->u.aes_cmac.rx_pn, 6) <= 0) {
1893 - key->u.aes_cmac.replays++;
1894 - return RX_DROP_UNUSABLE;
1897 - if (!(status->flag & RX_FLAG_DECRYPTED)) {
1898 - /* hardware didn't decrypt/verify MIC */
1899 - bip_aad(skb, aad);
1900 - ieee80211_aes_cmac_256(key->u.aes_cmac.tfm, aad,
1901 - skb->data + 24, skb->len - 24, mic);
1902 - if (memcmp(mic, mmie->mic, sizeof(mmie->mic)) != 0) {
1903 - key->u.aes_cmac.icverrors++;
1904 - return RX_DROP_UNUSABLE;
1908 - memcpy(key->u.aes_cmac.rx_pn, ipn, 6);
1911 - skb_trim(skb, skb->len - sizeof(*mmie));
1913 - return RX_CONTINUE;
1916 -ieee80211_tx_result
1917 -ieee80211_crypto_aes_gmac_encrypt(struct ieee80211_tx_data *tx)
1919 - struct sk_buff *skb;
1920 - struct ieee80211_tx_info *info;
1921 - struct ieee80211_key *key = tx->key;
1922 - struct ieee80211_mmie_16 *mmie;
1923 - struct ieee80211_hdr *hdr;
1928 - if (WARN_ON(skb_queue_len(&tx->skbs) != 1))
1931 - skb = skb_peek(&tx->skbs);
1933 - info = IEEE80211_SKB_CB(skb);
1935 - if (info->control.hw_key)
1936 - return TX_CONTINUE;
1938 - if (WARN_ON(skb_tailroom(skb) < sizeof(*mmie)))
1941 - mmie = (struct ieee80211_mmie_16 *)skb_put(skb, sizeof(*mmie));
1942 - mmie->element_id = WLAN_EID_MMIE;
1943 - mmie->length = sizeof(*mmie) - 2;
1944 - mmie->key_id = cpu_to_le16(key->conf.keyidx);
1947 - pn64 = atomic64_inc_return(&key->u.aes_gmac.tx_pn);
1949 - bip_ipn_set64(mmie->sequence_number, pn64);
1951 - bip_aad(skb, aad);
1953 - hdr = (struct ieee80211_hdr *)skb->data;
1954 - memcpy(nonce, hdr->addr2, ETH_ALEN);
1955 - bip_ipn_swap(nonce + ETH_ALEN, mmie->sequence_number);
1957 - /* MIC = AES-GMAC(IGTK, AAD || Management Frame Body || MMIE, 128) */
1958 - if (ieee80211_aes_gmac(key->u.aes_gmac.tfm, aad, nonce,
1959 - skb->data + 24, skb->len - 24, mmie->mic) < 0)
1962 - return TX_CONTINUE;
1965 -ieee80211_rx_result
1966 -ieee80211_crypto_aes_gmac_decrypt(struct ieee80211_rx_data *rx)
1968 - struct sk_buff *skb = rx->skb;
1969 - struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
1970 - struct ieee80211_key *key = rx->key;
1971 - struct ieee80211_mmie_16 *mmie;
1972 - u8 aad[20], mic[16], ipn[6], nonce[12];
1973 - struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1975 - if (!ieee80211_is_mgmt(hdr->frame_control))
1976 - return RX_CONTINUE;
1978 - /* management frames are already linear */
1980 - if (skb->len < 24 + sizeof(*mmie))
1981 - return RX_DROP_UNUSABLE;
1983 - mmie = (struct ieee80211_mmie_16 *)
1984 - (skb->data + skb->len - sizeof(*mmie));
1985 - if (mmie->element_id != WLAN_EID_MMIE ||
1986 - mmie->length != sizeof(*mmie) - 2)
1987 - return RX_DROP_UNUSABLE; /* Invalid MMIE */
1989 - bip_ipn_swap(ipn, mmie->sequence_number);
1991 - if (memcmp(ipn, key->u.aes_gmac.rx_pn, 6) <= 0) {
1992 - key->u.aes_gmac.replays++;
1993 - return RX_DROP_UNUSABLE;
1996 - if (!(status->flag & RX_FLAG_DECRYPTED)) {
1997 - /* hardware didn't decrypt/verify MIC */
1998 - bip_aad(skb, aad);
2000 - memcpy(nonce, hdr->addr2, ETH_ALEN);
2001 - memcpy(nonce + ETH_ALEN, ipn, 6);
2003 - if (ieee80211_aes_gmac(key->u.aes_gmac.tfm, aad, nonce,
2004 - skb->data + 24, skb->len - 24,
2006 - memcmp(mic, mmie->mic, sizeof(mmie->mic)) != 0) {
2007 - key->u.aes_gmac.icverrors++;
2008 - return RX_DROP_UNUSABLE;
2012 - memcpy(key->u.aes_gmac.rx_pn, ipn, 6);
2015 - skb_trim(skb, skb->len - sizeof(*mmie));
2019 --- a/net/mac80211/wpa.h
2020 +++ b/net/mac80211/wpa.h
2021 @@ -24,32 +24,17 @@ ieee80211_rx_result
2022 ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx);
2025 -ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx,
2026 - unsigned int mic_len);
2027 +ieee80211_crypto_ccmp_encrypt(struct ieee80211_tx_data *tx);
2029 -ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx,
2030 - unsigned int mic_len);
2031 +ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx);
2034 ieee80211_crypto_aes_cmac_encrypt(struct ieee80211_tx_data *tx);
2035 -ieee80211_tx_result
2036 -ieee80211_crypto_aes_cmac_256_encrypt(struct ieee80211_tx_data *tx);
2038 ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx);
2039 -ieee80211_rx_result
2040 -ieee80211_crypto_aes_cmac_256_decrypt(struct ieee80211_rx_data *rx);
2041 -ieee80211_tx_result
2042 -ieee80211_crypto_aes_gmac_encrypt(struct ieee80211_tx_data *tx);
2043 -ieee80211_rx_result
2044 -ieee80211_crypto_aes_gmac_decrypt(struct ieee80211_rx_data *rx);
2046 ieee80211_crypto_hw_encrypt(struct ieee80211_tx_data *tx);
2048 ieee80211_crypto_hw_decrypt(struct ieee80211_rx_data *rx);
2050 -ieee80211_tx_result
2051 -ieee80211_crypto_gcmp_encrypt(struct ieee80211_tx_data *tx);
2052 -ieee80211_rx_result
2053 -ieee80211_crypto_gcmp_decrypt(struct ieee80211_rx_data *rx);