git: a7131a748483 - main - LinuxKPI: 802.11: fill ieee80211_get_key_rx_seq() also for TKIP/GCMP

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Bjoern A. Zeeb <bz_at_FreeBSD.org>
Date: Wed, 23 Apr 2025 16:25:15 UTC
The branch main has been updated by bz:

URL: https://cgit.FreeBSD.org/src/commit/?id=a7131a748483adf783ff7ac2a8ab71d5c17eb925

commit a7131a748483adf783ff7ac2a8ab71d5c17eb925
Author:     Bjoern A. Zeeb <bz@FreeBSD.org>
AuthorDate: 2025-04-15 19:36:53 +0000
Commit:     Bjoern A. Zeeb <bz@FreeBSD.org>
CommitDate: 2025-04-23 16:24:20 +0000

    LinuxKPI: 802.11: fill ieee80211_get_key_rx_seq() also for TKIP/GCMP
    
    In addition to CCMP add TKIP and GCMP support.  The others are still
    TODO() until we do suport them natively.
    Also refine checks for tid and narrow them down (also don't assert but
    gratiously fail).
    
    Sponsored by:   The FreeBSD Foundation
    MFC after:      3 days
---
 sys/compat/linuxkpi/common/include/net/mac80211.h | 30 ++++++++++++++++++-----
 1 file changed, 24 insertions(+), 6 deletions(-)

diff --git a/sys/compat/linuxkpi/common/include/net/mac80211.h b/sys/compat/linuxkpi/common/include/net/mac80211.h
index 568695dc2a45..b79a6056684d 100644
--- a/sys/compat/linuxkpi/common/include/net/mac80211.h
+++ b/sys/compat/linuxkpi/common/include/net/mac80211.h
@@ -2446,28 +2446,46 @@ ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf, int8_t tid,
 
 	KASSERT(keyconf != NULL && seq != NULL, ("%s: keyconf %p seq %p\n",
 	    __func__, keyconf, seq));
-	KASSERT(tid <= IEEE80211_NUM_TIDS, ("%s: tid out of bounds %d\n",
-	    __func__, tid));
 	k = keyconf->_k;
 	KASSERT(k != NULL, ("%s: keyconf %p ieee80211_key is NULL\n", __func__, keyconf));
 
 	switch (keyconf->cipher) {
+	case WLAN_CIPHER_SUITE_TKIP:
+		if (tid < 0 || tid >= IEEE80211_NUM_TIDS)
+			return;
+		/* See net80211::tkip_decrypt() */
+		seq->tkip.iv32 = TKIP_PN_TO_IV32(k->wk_keyrsc[tid]);
+		seq->tkip.iv16 = TKIP_PN_TO_IV16(k->wk_keyrsc[tid]);
+		break;
 	case WLAN_CIPHER_SUITE_CCMP:
 	case WLAN_CIPHER_SUITE_CCMP_256:
-		if (tid < 0)
+		if (tid < -1 || tid >= IEEE80211_NUM_TIDS)
+			return;
+		if (tid == -1)
 			p = (const uint8_t *)&k->wk_keyrsc[IEEE80211_NUM_TIDS];	/* IEEE80211_NONQOS_TID */
 		else
 			p = (const uint8_t *)&k->wk_keyrsc[tid];
 		memcpy(seq->ccmp.pn, p, sizeof(seq->ccmp.pn));
 		break;
+	case WLAN_CIPHER_SUITE_GCMP:
+	case WLAN_CIPHER_SUITE_GCMP_256:
+		if (tid < -1 || tid >= IEEE80211_NUM_TIDS)
+			return;
+		if (tid == -1)
+			p = (const uint8_t *)&k->wk_keyrsc[IEEE80211_NUM_TIDS];	/* IEEE80211_NONQOS_TID */
+		else
+			p = (const uint8_t *)&k->wk_keyrsc[tid];
+		memcpy(seq->gcmp.pn, p, sizeof(seq->gcmp.pn));
+		break;
 	case WLAN_CIPHER_SUITE_AES_CMAC:
+	case WLAN_CIPHER_SUITE_BIP_CMAC_256:
 		TODO();
 		memset(seq->aes_cmac.pn, 0xfa, sizeof(seq->aes_cmac.pn));	/* XXX TODO */
 		break;
-	case WLAN_CIPHER_SUITE_TKIP:
+	case WLAN_CIPHER_SUITE_BIP_GMAC_128:
+	case WLAN_CIPHER_SUITE_BIP_GMAC_256:
 		TODO();
-		seq->tkip.iv32 = 0xfa;		/* XXX TODO */
-		seq->tkip.iv16 = 0xfa;		/* XXX TODO */
+		memset(seq->aes_gmac.pn, 0xfa, sizeof(seq->aes_gmac.pn));	/* XXX TODO */
 		break;
 	default:
 		pr_debug("%s: unsupported cipher suite %d\n", __func__, keyconf->cipher);