Commit 38ef6235 authored by Prameela Rani Garnepudi's avatar Prameela Rani Garnepudi Committed by Kalle Valo

rsi: security enhancements for AP mode

Station id should be set in load key frame configured to device.
For WEP mode, key is configured once from mac80211. This key is
saved and configured to device every time a station is connected.
Signed-off-by: default avatarPrameela Rani Garnepudi <prameela.j04cs@gmail.com>
Signed-off-by: default avatarKalle Valo <kvalo@codeaurora.org>
parent 32be57a6
...@@ -758,11 +758,14 @@ static int rsi_mac80211_conf_tx(struct ieee80211_hw *hw, ...@@ -758,11 +758,14 @@ static int rsi_mac80211_conf_tx(struct ieee80211_hw *hw,
*/ */
static int rsi_hal_key_config(struct ieee80211_hw *hw, static int rsi_hal_key_config(struct ieee80211_hw *hw,
struct ieee80211_vif *vif, struct ieee80211_vif *vif,
struct ieee80211_key_conf *key) struct ieee80211_key_conf *key,
struct ieee80211_sta *sta)
{ {
struct rsi_hw *adapter = hw->priv; struct rsi_hw *adapter = hw->priv;
struct rsi_sta *rsta = NULL;
int status; int status;
u8 key_type; u8 key_type;
s16 sta_id = 0;
if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
key_type = RSI_PAIRWISE_KEY; key_type = RSI_PAIRWISE_KEY;
...@@ -772,23 +775,35 @@ static int rsi_hal_key_config(struct ieee80211_hw *hw, ...@@ -772,23 +775,35 @@ static int rsi_hal_key_config(struct ieee80211_hw *hw,
rsi_dbg(ERR_ZONE, "%s: Cipher 0x%x key_type: %d key_len: %d\n", rsi_dbg(ERR_ZONE, "%s: Cipher 0x%x key_type: %d key_len: %d\n",
__func__, key->cipher, key_type, key->keylen); __func__, key->cipher, key_type, key->keylen);
if ((key->cipher == WLAN_CIPHER_SUITE_WEP104) || if (vif->type == NL80211_IFTYPE_AP) {
(key->cipher == WLAN_CIPHER_SUITE_WEP40)) { if (sta) {
status = rsi_hal_load_key(adapter->priv, rsta = rsi_find_sta(adapter->priv, sta->addr);
key->key, if (rsta)
key->keylen, sta_id = rsta->sta_id;
RSI_PAIRWISE_KEY, }
key->keyidx, adapter->priv->key = key;
key->cipher); } else {
if (status) if ((key->cipher == WLAN_CIPHER_SUITE_WEP104) ||
return status; (key->cipher == WLAN_CIPHER_SUITE_WEP40)) {
status = rsi_hal_load_key(adapter->priv,
key->key,
key->keylen,
RSI_PAIRWISE_KEY,
key->keyidx,
key->cipher,
sta_id);
if (status)
return status;
}
} }
return rsi_hal_load_key(adapter->priv, return rsi_hal_load_key(adapter->priv,
key->key, key->key,
key->keylen, key->keylen,
key_type, key_type,
key->keyidx, key->keyidx,
key->cipher); key->cipher,
sta_id);
} }
/** /**
...@@ -816,7 +831,7 @@ static int rsi_mac80211_set_key(struct ieee80211_hw *hw, ...@@ -816,7 +831,7 @@ static int rsi_mac80211_set_key(struct ieee80211_hw *hw,
switch (cmd) { switch (cmd) {
case SET_KEY: case SET_KEY:
secinfo->security_enable = true; secinfo->security_enable = true;
status = rsi_hal_key_config(hw, vif, key); status = rsi_hal_key_config(hw, vif, key, sta);
if (status) { if (status) {
mutex_unlock(&common->mutex); mutex_unlock(&common->mutex);
return status; return status;
...@@ -834,10 +849,11 @@ static int rsi_mac80211_set_key(struct ieee80211_hw *hw, ...@@ -834,10 +849,11 @@ static int rsi_mac80211_set_key(struct ieee80211_hw *hw,
break; break;
case DISABLE_KEY: case DISABLE_KEY:
secinfo->security_enable = false; if (vif->type == NL80211_IFTYPE_STATION)
secinfo->security_enable = false;
rsi_dbg(ERR_ZONE, "%s: RSI del key\n", __func__); rsi_dbg(ERR_ZONE, "%s: RSI del key\n", __func__);
memset(key, 0, sizeof(struct ieee80211_key_conf)); memset(key, 0, sizeof(struct ieee80211_key_conf));
status = rsi_hal_key_config(hw, vif, key); status = rsi_hal_key_config(hw, vif, key, sta);
break; break;
default: default:
...@@ -1242,6 +1258,20 @@ static int rsi_mac80211_sta_add(struct ieee80211_hw *hw, ...@@ -1242,6 +1258,20 @@ static int rsi_mac80211_sta_add(struct ieee80211_hw *hw,
rsi_inform_bss_status(common, AP_OPMODE, 1, sta->addr, rsi_inform_bss_status(common, AP_OPMODE, 1, sta->addr,
sta->wme, sta->aid, sta, sta_idx); sta->wme, sta->aid, sta, sta_idx);
if (common->key) {
struct ieee80211_key_conf *key = common->key;
if ((key->cipher == WLAN_CIPHER_SUITE_WEP104) ||
(key->cipher == WLAN_CIPHER_SUITE_WEP40))
rsi_hal_load_key(adapter->priv,
key->key,
key->keylen,
RSI_PAIRWISE_KEY,
key->keyidx,
key->cipher,
sta_idx);
}
common->num_stations++; common->num_stations++;
} }
} }
......
...@@ -715,8 +715,10 @@ int rsi_hal_load_key(struct rsi_common *common, ...@@ -715,8 +715,10 @@ int rsi_hal_load_key(struct rsi_common *common,
u16 key_len, u16 key_len,
u8 key_type, u8 key_type,
u8 key_id, u8 key_id,
u32 cipher) u32 cipher,
s16 sta_id)
{ {
struct ieee80211_vif *vif = common->priv->vifs[0];
struct sk_buff *skb = NULL; struct sk_buff *skb = NULL;
struct rsi_set_key *set_key; struct rsi_set_key *set_key;
u16 key_descriptor = 0; u16 key_descriptor = 0;
...@@ -734,8 +736,11 @@ int rsi_hal_load_key(struct rsi_common *common, ...@@ -734,8 +736,11 @@ int rsi_hal_load_key(struct rsi_common *common,
memset(skb->data, 0, frame_len); memset(skb->data, 0, frame_len);
set_key = (struct rsi_set_key *)skb->data; set_key = (struct rsi_set_key *)skb->data;
if (key_type == RSI_GROUP_KEY) if (key_type == RSI_GROUP_KEY) {
key_descriptor = RSI_KEY_TYPE_BROADCAST; key_descriptor = RSI_KEY_TYPE_BROADCAST;
if (vif->type == NL80211_IFTYPE_AP)
key_descriptor |= RSI_KEY_MODE_AP;
}
if ((cipher == WLAN_CIPHER_SUITE_WEP40) || if ((cipher == WLAN_CIPHER_SUITE_WEP40) ||
(cipher == WLAN_CIPHER_SUITE_WEP104)) { (cipher == WLAN_CIPHER_SUITE_WEP104)) {
key_id = 0; key_id = 0;
...@@ -754,6 +759,7 @@ int rsi_hal_load_key(struct rsi_common *common, ...@@ -754,6 +759,7 @@ int rsi_hal_load_key(struct rsi_common *common,
(frame_len - FRAME_DESC_SZ), RSI_WIFI_MGMT_Q); (frame_len - FRAME_DESC_SZ), RSI_WIFI_MGMT_Q);
set_key->desc_dword0.frame_type = SET_KEY_REQ; set_key->desc_dword0.frame_type = SET_KEY_REQ;
set_key->key_desc = cpu_to_le16(key_descriptor); set_key->key_desc = cpu_to_le16(key_descriptor);
set_key->sta_id = sta_id;
if (data) { if (data) {
if ((cipher == WLAN_CIPHER_SUITE_WEP40) || if ((cipher == WLAN_CIPHER_SUITE_WEP40) ||
......
...@@ -269,6 +269,7 @@ struct rsi_common { ...@@ -269,6 +269,7 @@ struct rsi_common {
struct rsi_sta stations[RSI_MAX_ASSOC_STAS + 1]; struct rsi_sta stations[RSI_MAX_ASSOC_STAS + 1];
int num_stations; int num_stations;
int max_stations; int max_stations;
struct ieee80211_key_conf *key;
}; };
enum host_intf { enum host_intf {
......
...@@ -409,6 +409,7 @@ struct rsi_dynamic_s { ...@@ -409,6 +409,7 @@ struct rsi_dynamic_s {
#define RSI_WEP_KEY_104 BIT(3) #define RSI_WEP_KEY_104 BIT(3)
#define RSI_CIPHER_WPA BIT(4) #define RSI_CIPHER_WPA BIT(4)
#define RSI_CIPHER_TKIP BIT(5) #define RSI_CIPHER_TKIP BIT(5)
#define RSI_KEY_MODE_AP BIT(7)
#define RSI_PROTECT_DATA_FRAMES BIT(13) #define RSI_PROTECT_DATA_FRAMES BIT(13)
#define RSI_KEY_ID_MASK 0xC0 #define RSI_KEY_ID_MASK 0xC0
#define RSI_KEY_ID_OFFSET 14 #define RSI_KEY_ID_OFFSET 14
...@@ -612,7 +613,7 @@ int rsi_send_aggregation_params_frame(struct rsi_common *common, u16 tid, ...@@ -612,7 +613,7 @@ int rsi_send_aggregation_params_frame(struct rsi_common *common, u16 tid,
u16 ssn, u8 buf_size, u8 event, u16 ssn, u8 buf_size, u8 event,
u8 sta_id); u8 sta_id);
int rsi_hal_load_key(struct rsi_common *common, u8 *data, u16 key_len, int rsi_hal_load_key(struct rsi_common *common, u8 *data, u16 key_len,
u8 key_type, u8 key_id, u32 cipher); u8 key_type, u8 key_id, u32 cipher, s16 sta_id);
int rsi_set_channel(struct rsi_common *common, int rsi_set_channel(struct rsi_common *common,
struct ieee80211_channel *channel); struct ieee80211_channel *channel);
int rsi_send_vap_dynamic_update(struct rsi_common *common); int rsi_send_vap_dynamic_update(struct rsi_common *common);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment