summaryrefslogtreecommitdiffstats
path: root/net/mac80211/wep.c
Commit message (Collapse)AuthorAgeFilesLines
* mac80211: remove weak WEP IV accountingJohannes Berg2014-06-231-20/+0
| | | | | | | Since WEP is practically dead, there seems very little point in keeping WEP weak IV accounting. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* wireless: move crypto constants to ieee80211.hJohannes Berg2013-05-161-23/+25
| | | | | | | | mac80211 and the Intel drivers all define crypto constants, move them to ieee80211.h instead. Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: fix network header location when adding encryption headersArik Nemtsov2012-05-161-0/+1
| | | | | | | | | Update the location of the network header when adding encryption specific headers to a skb. This allows low-level drivers to use the (now correct) location of the network header. Signed-off-by: Arik Nemtsov <arik@wizery.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: Add IV-room in the skb for TKIP and WEPJanusz.Dziedzic@tieto.com2012-05-161-3/+11
| | | | | | | | | Add IV-room in skb also for TKIP and WEP. Extend patch: "mac80211: support adding IV-room in the skb for CCMP keys" Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: linearize SKBs as needed for cryptoJohannes Berg2012-03-131-3/+8
| | | | | | | | | | | Not linearizing every SKB will help actually pass non-linear SKBs all the way up when on an encrypted connection. For now, linearize TKIP completely as it is lower performance and I don't quite grok all the details. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: move RX WEP weak IV countingJohannes Berg2012-03-131-4/+6
| | | | | | | | | | This is better done inside the WEP decrypt function where it doesn't have to check all the conditions any more since they've been tested already. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: use skb list for fragmentsJohannes Berg2011-11-211-3/+2
| | | | | | | | | | | | | We are currently linking the skbs by using skb->next directly. This works, but the preferred way is to use a struct sk_buff_head instead. That also prepares for passing that to drivers directly. While at it I noticed we calculate the duration for fragments twice -- remove one of them. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: remove the dependency on crypto_blkcipherFelix Fietkau2011-04-041-19/+15
| | | | | | | | | | | | | The only thing that using crypto_blkcipher with ecb does over just using arc4 directly is wrapping the encrypt/decrypt function into a for loop, looping over each individual character. To be able to do this, it pulls in around 40 kb worth of unnecessary kernel modules (at least on a MIPS embedded device). Using arc4 directly not only eliminates those dependencies, it also makes the code smaller. Signed-off-by: Felix Fietkau <nbd@openwrt.org> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: don't kmalloc 16 bytesJohannes Berg2010-10-111-7/+1
| | | | | | | | | | Since this small buffer isn't used for DMA, we can simply allocate it on the stack, it just needs to be 16 bytes of which only 8 will be used for WEP40 keys. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: use cipher suite selectorsJohannes Berg2010-08-161-1/+1
| | | | | | | | | | | | | Currently, mac80211 translates the cfg80211 cipher suite selectors into ALG_* values. That isn't all too useful, and some drivers benefit from the distinction between WEP40 and WEP104 as well. Therefore, convert it all to use the cipher suite selectors. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Acked-by: Gertjan van Wingerde <gwingerde@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: improve error checking if WEP fails to initJohn W. Linville2010-07-161-1/+4
| | | | | | | | Do this by poisoning the values of wep_tx_tfm and wep_rx_tfm if either crypto allocation fails. Reported-by: Stanislaw Gruszka <sgruszka@redhat.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: remove wep dependencyJohn W. Linville2010-07-081-8/+16
| | | | | | | | | | | | | The current mac80211 code assumes that WEP is always available. If WEP fails to initialize, ieee80211_register_hw will always fail. In some cases (e.g. FIPS certification), the cryptography used by WEP is unavailable. However, in such cases there is no good reason why CCMP encryption (or even no link level encryption) cannot be used. So, this patch removes mac80211's assumption that WEP (and TKIP) will always be available for use. Signed-off-by: John W. Linville <linville@tuxdriver.com>
* include cleanup: Update gfp.h and slab.h includes to prepare for breaking ↵Tejun Heo2010-03-301-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | implicit slab.h inclusion from percpu.h percpu.h is included by sched.h and module.h and thus ends up being included when building most .c files. percpu.h includes slab.h which in turn includes gfp.h making everything defined by the two files universally available and complicating inclusion dependencies. percpu.h -> slab.h dependency is about to be removed. Prepare for this change by updating users of gfp and slab facilities include those headers directly instead of assuming availability. As this conversion needs to touch large number of source files, the following script is used as the basis of conversion. http://userweb.kernel.org/~tj/misc/slabh-sweep.py The script does the followings. * Scan files for gfp and slab usages and update includes such that only the necessary includes are there. ie. if only gfp is used, gfp.h, if slab is used, slab.h. * When the script inserts a new include, it looks at the include blocks and try to put the new include such that its order conforms to its surrounding. It's put in the include block which contains core kernel includes, in the same order that the rest are ordered - alphabetical, Christmas tree, rev-Xmas-tree or at the end if there doesn't seem to be any matching order. * If the script can't find a place to put a new include (mostly because the file doesn't have fitting include block), it prints out an error message indicating which .h file needs to be added to the file. The conversion was done in the following steps. 1. The initial automatic conversion of all .c files updated slightly over 4000 files, deleting around 700 includes and adding ~480 gfp.h and ~3000 slab.h inclusions. The script emitted errors for ~400 files. 2. Each error was manually checked. Some didn't need the inclusion, some needed manual addition while adding it to implementation .h or embedding .c file was more appropriate for others. This step added inclusions to around 150 files. 3. The script was run again and the output was compared to the edits from #2 to make sure no file was left behind. 4. Several build tests were done and a couple of problems were fixed. e.g. lib/decompress_*.c used malloc/free() wrappers around slab APIs requiring slab.h to be added manually. 5. The script was run on all .h files but without automatically editing them as sprinkling gfp.h and slab.h inclusions around .h files could easily lead to inclusion dependency hell. Most gfp.h inclusion directives were ignored as stuff from gfp.h was usually wildly available and often used in preprocessor macros. Each slab.h inclusion directive was examined and added manually as necessary. 6. percpu.h was updated not to include slab.h. 7. Build test were done on the following configurations and failures were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my distributed build env didn't work with gcov compiles) and a few more options had to be turned off depending on archs to make things build (like ipr on powerpc/64 which failed due to missing writeq). * x86 and x86_64 UP and SMP allmodconfig and a custom test config. * powerpc and powerpc64 SMP allmodconfig * sparc and sparc64 SMP allmodconfig * ia64 SMP allmodconfig * s390 SMP allmodconfig * alpha SMP allmodconfig * um on x86_64 SMP allmodconfig 8. percpu.h modifications were reverted so that it could be applied as a separate patch and serve as bisection point. Given the fact that I had only a couple of failures from tests on step 6, I'm fairly confident about the coverage of this conversion patch. If there is a breakage, it's likely to be something in one of the arch headers which should be easily discoverable easily on most builds of the specific arch. Signed-off-by: Tejun Heo <tj@kernel.org> Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org> Cc: Ingo Molnar <mingo@redhat.com> Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
* mac80211: avoid NULL ptr deref when using WEPJohn W. Linville2010-01-221-3/+2
| | | | | | | | | "mac80211: move control.hw_key assignment" changed an if-else into two separate if statments, but the if-else is needed to prevent dereferencing a null info->control.hw_key. This fixes avoids a lock-up during association on my machine when using WEP. Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: move control.hw_key assignmentJohannes Berg2010-01-191-9/+9
| | | | | | | | | | | | | | | | | When mac80211 asks a driver to encrypt a frame, it must assign the control.hw_key pointer for it to know which key to use etc. Currently, mac80211 does this whenever it would software-encrypt a frame. Change the logic of this code to assign the hw_key pointer when selecting the key, and later check it when deciding whether to encrypt the frame or let it be encrypted by the hardware. This allows us to later simply skip the encryption function since it no longer modifies the TX control. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: trim RX dataJohannes Berg2009-11-181-3/+5
| | | | | | | | | | | | The RX data contains the netdev, which is duplicated since we have the sdata, and the RX status pointer, which is duplicate since we have the skb. Remove those two fields to have fewer fields that depend on each other and simply load them as necessary. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* cfg80211: rework key operationJohannes Berg2009-07-241-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | This reworks the key operation in cfg80211, and now only allows, from userspace, configuring keys (via nl80211) after the connection has been established (in managed mode), the IBSS been joined (in IBSS mode), at any time (in AP[_VLAN] modes) or never for all the other modes. In order to do shared key authentication correctly, it is now possible to give a WEP key to the AUTH command. To configure static WEP keys, these are given to the CONNECT or IBSS_JOIN command directly, for a userspace SME it is assumed it will configure it properly after the connection has been established. Since mac80211 used to check the default key in IBSS mode to see whether or not the network is protected, it needs an update in that area, as well as an update to make use of the WEP key passed to auth() for shared key authentication. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: refactor the WEP code to be directly usableJohannes Berg2009-07-101-29/+23
| | | | | | | | | | | | The new key work for cfg80211 will only give us the WEP key for shared auth to do that authentication, and not via the regular key settings, so we need to be able to encrypt a single frame in software, and that without a key struct. Thus, refactor the WEP code to not require a key structure but use the key, len and idx directly. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: rewrite fragmentationJohannes Berg2009-03-271-14/+7
| | | | | | | | | | | | | | | | | Fragmentation currently uses an allocated array to store the fragment skbs, and then keeps track of which have been sent and which are still pending etc. This is rather complicated; make it simpler by just chaining the fragments into skb->next and removing from that list when sent. Also simplifies all code that needs to touch fragments, since it now only needs to walk the skb->next list. This is a prerequisite for fixing the stored packet code, which I need to do for proper aggregation packet storing. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Reviewed-by: Luis R. Rodriguez <lrodriguez@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: fix unaligned access in ieee80211_wep_encrypt_dataIvan Kuten2008-11-261-3/+4
| | | | | Signed-off-by: Ivan Kuten <ivan.kuten@promwad.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: minor code cleanupsJohannes Berg2008-10-311-13/+13
| | | | | | | | Nothing very interesting, some checkpatch inspired stuff, some other things. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: free up 2 bytes in skb->cbFelix Fietkau2008-10-061-3/+0
| | | | | | | | Free up 2 bytes in skb->cb to be used for multi-rate retry later. Move iv_len and icv_len initialization into key alloc. Signed-off-by: Felix Fietkau <nbd@openwrt.org> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: use ieee80211 frame control directlyHarvey Harrison2008-08-221-3/+4
| | | | | | | | Remove the last users of the rx/tx_data->fc data members and use the le16 frame_control from the header directly. Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: wep.c replace magic numbers in IV/ICV removalHarvey Harrison2008-08-221-4/+3
| | | | | Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: return correct error return from ieee80211_wep_initJeremy Fitzhardinge2008-07-291-2/+2
| | | | | | | | Return the proper error code rather than a hard-coded ENOMEM from ieee80211_wep_init. Also, print the error code on failure. Signed-off-by: Jeremy Fitzhardinge <jeremy@goop.org> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: rework debug settings and make debugging saferJohannes Berg2008-07-021-11/+2
| | | | | | | | | | | | | This patch reworks the mac80211 debug settings making them more focused and adding help text for those that didn't have one. It also removes a number of printks that can be triggered remotely and add no value, e.g. "too short deauthentication frame received - ignoring". If somebody really needs to debug that they should just add a monitor interface and look at the frames in wireshark. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: wep.c use new frame control helpersHarvey Harrison2008-06-271-24/+15
| | | | | Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: fix panic when using hardware WEPPavel Roskin2008-06-031-1/+1
| | | | | | | | | | | e039fa4a4195ac4ee895e6f3d1334beed63256fe ("mac80211: move TX info into skb->cb") misplaced code for setting hardware WEP keys. Move it back. This fixes kernel panic in b43 if WEP is used and hardware encryption is enabled. Signed-off-by: Pavel Roskin <proski@gnu.org> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: clean up skb reallocation codeJohannes Berg2008-06-031-7/+3
| | | | | | | | | | | This cleans up the skb reallocation code to avoid problems with skb->truesize, not resize an skb twice for a single output path because we didn't expand it enough during the first copy and also removes the code to further expand it during crypto operations which will no longer be necessary. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: move TX info into skb->cbJohannes Berg2008-05-211-3/+6
| | | | | | | | | | | | | | | | This patch converts mac80211 and all drivers to have transmit information and status in skb->cb rather than allocating extra memory for it and copying all the data around. To make it fit, a union is used where only data that is necessary for all steps is kept outside of the union. A number of fixes were done by Ivo, as well as the rt2x00 part of this patch. Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: Replace ieee80211_tx_control->key_idx with ieee80211_key_confIvo van Doorn2008-05-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | The hw_key_idx inside the ieee80211_key_conf structure does not provide all the information drivers might need to perform hardware encryption. This is in particular true for rt2x00 who needs to know the key algorithm and whether it is a shared or pairwise key. By passing the ieee80211_key_conf pointer it assures us that drivers can make full use of all information that it should know about a particular key. Additionally this patch updates all drivers to grab the hw_key_idx from the ieee80211_key_conf structure. v2: Removed bogus u16 cast v3: Add warning about ieee80211_tx_control pointers v4: Update warning about ieee80211_tx_control pointers Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: split ieee80211_txrx_dataJohannes Berg2008-03-061-12/+12
| | | | | | | | Split it into ieee80211_tx_data and ieee80211_rx_data to clarify usage/flag usage and remove the stupid union thing. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: split RX_DROPJohannes Berg2008-02-291-1/+1
| | | | | | | | | | Some instances of RX_DROP mean that the frame was useless, others mean that the frame should be visible in userspace on "cooked" monitor interfaces. This patch splits up RX_DROP and changes each instance appropriately. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: split ieee80211_txrx_resultJohannes Berg2008-02-291-8/+8
| | | | | | | | | | The _DROP result will need to be split in the RX path but not in the TX path, so for preparation split up the type into two types, one for RX and one for TX. Also make sure (via sparse) that they cannot be confused. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: move tx crypto decisionJohannes Berg2008-01-281-10/+0
| | | | | | | | | | | | | | This patch moves the decision making about whether a frame is encrypted with a certain algorithm up into the TX handlers rather than having it in the crypto algorithm implementation. This fixes a problem with the radiotap injection code where injecting a non-data packet and requesting encryption could end up asking the driver to encrypt a packet without giving it a key. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* mac80211: rate limit wep decrypt failed messagesAdel Gadllah2007-11-291-1/+2
| | | | | | | | The attached patch rate limits "WEP decrypt failed (ICV)" to avoid flooding the logfiles. Signed-off-by: Adel Gadllah <adel.gadllah@gmx.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: make "decrypt failed" messages conditional upon MAC80211_DEBUGJohn W. Linville2007-11-101-0/+2
| | | | | | | | | | | | | | Make "decrypt failed" and "have no key" debugging messages compile conditionally upon CONFIG_MAC80211_DEBUG. They have been useful for finding certain problems in the past, but in many cases they just clutter a user's logs. A typical example is an enviornment where multiple SSIDs are using a single BSSID but with different protection schemes or different keys for each SSID. In such an environment these messages are just noise. Let's just leave them for those interested enough to turn-on debugging. Signed-off-by: John W. Linville <linville@tuxdriver.com>
* [PATCH] Fix breakage after SG cleanupsRalf Baechle2007-10-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | Commits 58b053e4ce9d2fc3023645c1b96e537c72aa8d9a ("Update arch/ to use sg helpers") 45711f1af6eff1a6d010703b4862e0d2b9afd056 ("[SG] Update drivers to use sg helpers") fa05f1286be25a8ce915c5dd492aea61126b3f33 ("Update net/ to use sg helpers") converted many files to use the scatter gather helpers without ensuring that the necessary headerfile <linux/scatterlist> is included. This happened to work for ia64, powerpc, sparc64 and x86 because they happened to drag in that file via their <asm/dma-mapping.h>. On most of the others this probably broke. Instead of increasing the header file spider web I choose to include <linux/scatterlist.h> directly into the affectes files. Signed-off-by: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: Jens Axboe <jens.axboe@oracle.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* Update net/ to use sg helpersJens Axboe2007-10-221-6/+2
| | | | Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
* [PATCH] mac80211: remove ieee80211_wep_get_keyidxJohannes Berg2007-10-101-19/+0
| | | | | | | This function is not used any more. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* [PATCH] mac80211: consolidate encryptionJohannes Berg2007-10-101-3/+54
| | | | | | | | | | Currently we run through all crypto handlers for each transmitted frame although we already know which one will be used. This changes the code to invoke only the needed handler. It also moves the wep code into wep.c. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* [PATCH] mac80211: consolidate decryptionJohannes Berg2007-10-101-5/+29
| | | | | | | | | | | | Currently, we run through all three crypto algorithms for each received frame even though we have previously determined which key we have and as such already know which algorithm will be used. Change it to invoke only the needed function. Also move the WEP decrypt handler to wep.c so that fewer functions need to be non-static. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* [MAC80211]: embed key conf in key, fix driver interfaceJohannes Berg2007-10-101-9/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch embeds the struct ieee80211_key_conf into struct ieee80211_key and thus avoids allocations and having data present twice. This required some more changes: 1) The removal of the IEEE80211_KEY_DEFAULT_TX_KEY key flag. This flag isn't used by drivers nor should it be since we have a set_key_idx() callback. Maybe that callback needs to be extended to include the key conf, but only a driver that requires it will tell. 2) The removal of the IEEE80211_KEY_DEFAULT_WEP_ONLY key flag. This flag is global, so it shouldn't be passed in the key conf structure. Pass it to the function instead. Also, this patch removes the AID parameter to the set_key() callback because it is currently unused and the hardware currently cannot know about the AID anyway. I suspect this was used with some hardware that actually selected the AID itself, but that functionality was removed. Additionally, I've removed the ALG_NULL key algorithm since we have ALG_NONE. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Acked-by: Michael Wu <flamingice@sourmilk.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [MAC80211]: Add mac80211 wireless stack.Jiri Benc2007-05-051-0/+328
Add mac80211, the IEEE 802.11 software MAC layer. Signed-off-by: Jiri Benc <jbenc@suse.cz> Signed-off-by: John W. Linville <linville@tuxdriver.com>
OpenPOWER on IntegriCloud