Received: by 2002:a05:6a10:c7c6:0:0:0:0 with SMTP id h6csp1668445pxy; Mon, 2 Aug 2021 07:29:03 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx5tYO/Z9Bph5NOAwzWXLl/WNnzQAzPYWNQJ42TzxNUrzBxNWEtWi9Ct4zMIOLXU9mjVJJC X-Received: by 2002:a17:906:58c7:: with SMTP id e7mr15327190ejs.197.1627914542967; Mon, 02 Aug 2021 07:29:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1627914542; cv=none; d=google.com; s=arc-20160816; b=rVcAboYFwiKx/IHCqRAe3ETy7pP4B4ZdnX59+2nJ4K1UFdE/Is8Oabq5UffNAWn1l3 EV2yBemHzIuvyFd5slxfJ5pUjGbNJOECPB0AJK866yCVavsv7fxirxLdumx4HyjEjMcf RzmuV/HuQP+XcpJejqrKuTP648Hb3lBhtPzBhRSQIebRDwmTAxTNRKaNGzUZ0zAfujIH kzTQ268h/Nl0sPNJXBnaWIxtlNf2L2FVYINnwD8wEcKZp+U5tDCJZ2SZrOZ5KXp7Ng/s AhZSCIQkLtPRm8Bxw0ypRLK7G3fXHqv0cFPOfQAWrYr/OG31mspIY25kHWPEzZah8xvJ BJXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:subject:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:cc:to:from; bh=Ahg/xl3iskQoebP6qnHifSyErQ6y+ErlsRfFu6gB9BM=; b=q0HrXCXfSEWP7q+J2eQqRgUtcunZtmC4fJnSADB7KfX32JUmZVZ8FXvZ+BswnwGpwe 5viKdhVO8ze3Dr+bMTt49A+mtNN5614zB6xJcfSyxSEUuzlZjgSOZ+cCZhTh72wkqF5U iJ6yVu8Kum3acY34AL1kVqDKyguSva/GGsDHvHCVzSMQe5nE7C6Ekcpz3/wroVkG+m9t H9xmsGD69yxKCkl9CM5WOmbjYykkYWqw/utsAQk8l1gA1trTnVjlMPpTN8AAp5bVvDmV U7uLvGv5GkP5gvMk9CYrb4U/j3bnLgw0L5D7kK8OW3I2ZXh+cfbhorfuhfSw8zRPxgf2 DrLQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g20si10161809ejm.455.2021.08.02.07.28.40; Mon, 02 Aug 2021 07:29:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234078AbhHBO2p (ORCPT + 99 others); Mon, 2 Aug 2021 10:28:45 -0400 Received: from paleale.coelho.fi ([176.9.41.70]:50912 "EHLO farmhouse.coelho.fi" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S233940AbhHBO2o (ORCPT ); Mon, 2 Aug 2021 10:28:44 -0400 Received: from 91-156-6-193.elisa-laajakaista.fi ([91.156.6.193] helo=kveik.ger.corp.intel.com) by farmhouse.coelho.fi with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94) (envelope-from ) id 1mAYvf-001xts-Ul; Mon, 02 Aug 2021 17:28:33 +0300 From: Luca Coelho To: kvalo@codeaurora.org Cc: luca@coelho.fi, linux-wireless@vger.kernel.org Date: Mon, 2 Aug 2021 17:28:19 +0300 Message-Id: X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210802142829.109448-1-luca@coelho.fi> References: <20210802142829.109448-1-luca@coelho.fi> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Checker-Version: SpamAssassin 3.4.5-pre1 (2020-06-20) on farmhouse.coelho.fi X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00, TVD_RCVD_IP,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.5-pre1 Subject: [PATCH 02/12] iwlwifi: mvm: set replay counter on key install Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org From: Johannes Berg When installing a (new) key, set the replay counter so that after FW restart the firmware has the correct value of the replay counters. This doesn't have a large effect - for frames that reach the driver, it will do a replay check, and when installing a new key, the counter is normally zero to start with (not for GTK though, if joining the BSS for the first time). Since this only affects frames handled entirely by the FW, and that's restricted to a few unicast management frames, the only affect here is for those after a firmware restart. Signed-off-by: Johannes Berg Signed-off-by: Luca Coelho --- drivers/net/wireless/intel/iwlwifi/mvm/sta.c | 53 ++++++++++++++++++++ 1 file changed, 53 insertions(+) diff --git a/drivers/net/wireless/intel/iwlwifi/mvm/sta.c b/drivers/net/wireless/intel/iwlwifi/mvm/sta.c index 9c45a64c5009..0ec84d8ff9e6 100644 --- a/drivers/net/wireless/intel/iwlwifi/mvm/sta.c +++ b/drivers/net/wireless/intel/iwlwifi/mvm/sta.c @@ -3190,6 +3190,20 @@ static struct iwl_mvm_sta *iwl_mvm_get_key_sta(struct iwl_mvm *mvm, return NULL; } +static int iwl_mvm_pn_cmp(const u8 *pn1, const u8 *pn2, int len) +{ + int i; + + for (i = len - 1; i >= 0; i--) { + if (pn1[i] > pn2[i]) + return 1; + if (pn1[i] < pn2[i]) + return -1; + } + + return 0; +} + static int iwl_mvm_send_sta_key(struct iwl_mvm *mvm, u32 sta_id, struct ieee80211_key_conf *key, bool mcast, @@ -3274,6 +3288,45 @@ static int iwl_mvm_send_sta_key(struct iwl_mvm *mvm, u.cmd.common.key_flags = key_flags; u.cmd.common.sta_id = sta_id; + if (key->cipher == WLAN_CIPHER_SUITE_TKIP) + i = 0; + else + i = -1; + + for (; i < IEEE80211_NUM_TIDS; i++) { + struct ieee80211_key_seq seq = {}; + u8 _rx_pn[IEEE80211_MAX_PN_LEN] = {}, *rx_pn = _rx_pn; + int rx_pn_len = 8; + + ieee80211_get_key_rx_seq(key, i, &seq); + + if (key->cipher == WLAN_CIPHER_SUITE_TKIP) { + rx_pn[0] = seq.tkip.iv16; + rx_pn[1] = seq.tkip.iv16 >> 8; + /* hole at 2/3 in FW format */ + rx_pn[4] = seq.tkip.iv32; + rx_pn[5] = seq.tkip.iv32 >> 8; + rx_pn[6] = seq.tkip.iv32 >> 16; + rx_pn[7] = seq.tkip.iv32 >> 24; + } else if (key_flags & cpu_to_le16(STA_KEY_FLG_EXT)) { + rx_pn = seq.hw.seq; + rx_pn_len = seq.hw.seq_len; + } else { + rx_pn[0] = seq.ccmp.pn[0]; + rx_pn[1] = seq.ccmp.pn[1]; + /* hole at 2/3 in FW format */ + rx_pn[4] = seq.ccmp.pn[2]; + rx_pn[5] = seq.ccmp.pn[3]; + rx_pn[6] = seq.ccmp.pn[4]; + rx_pn[7] = seq.ccmp.pn[5]; + } + + if (iwl_mvm_pn_cmp(rx_pn, (u8 *)&u.cmd.common.rx_secur_seq_cnt, + rx_pn_len) > 0) + memcpy(&u.cmd.common.rx_secur_seq_cnt, rx_pn, + rx_pn_len); + } + if (new_api) { u.cmd.transmit_seq_cnt = cpu_to_le64(pn); size = sizeof(u.cmd); -- 2.32.0