From patchwork Sun Jun 9 11:55:04 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 10983619 X-Patchwork-Delegate: johannes@sipsolutions.net Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 37C8F14B6 for ; Sun, 9 Jun 2019 11:55:23 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 290BA28A14 for ; Sun, 9 Jun 2019 11:55:23 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1CEA428A85; Sun, 9 Jun 2019 11:55:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 157A428A14 for ; Sun, 9 Jun 2019 11:55:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728480AbfFILzU (ORCPT ); Sun, 9 Jun 2019 07:55:20 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:32876 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728341AbfFILzS (ORCPT ); Sun, 9 Jun 2019 07:55:18 -0400 Received: by mail-wm1-f65.google.com with SMTP id h19so7102787wme.0 for ; Sun, 09 Jun 2019 04:55:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=m7UhOxgARbzvIpvGJsH+8xfyECyhVNgpNuXvREMAdUk=; b=LdMw4mKwhoebxNiqcNGFSv7xzG1IwE6qJqc/D3FkPNS0IxeiCPNn2GbRCPID+Fo197 f6A1jgHMbAXQaReQlOAw25NZva4Zu9/4w+BTX1vdCK1V5nWMmRiztDDI57jDnIBxPmY+ vPjMfi3U94ZkP6TcnDTwwPSKwQGGeNICAdpoaNP8eeWHdjq6vl6yK5JelEEtBd+u330Z e99GOmHK1o+pK7o01kRImVt9BgX7tj0gwAnhN1GzElox98X2QLWtEtNPJ12qjMFcG/17 zv/91XatZ3XMzvUYZdfd2qd52vAdw6tXLU+VxZm8o6/gtou1QnxU3OOIZf2C3zmC69Gu SlLw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=m7UhOxgARbzvIpvGJsH+8xfyECyhVNgpNuXvREMAdUk=; b=nvjAXRGl5wbljfUA7BpIf2pKT7rvAat+nJj7pqacI13PucIfRfW/olL0nYz3fs4BsL hElQm9N8UMEEllfpYTHDkEB+op3UzEoIUUdyt0+OwL1zjO1yXuIZrMWNPEq8dYZpqUXj J4R7QxCKpwK8sXrEBD/GNHVmOGCKwUq5wKc1b8M35oETmQWnqr56TkppW0hoTgkhBFAu 7MS1RgvMnHeNLNfJ8CLQ8jQZkPi+O6hn02Wku34LFmKRCW9srB8jqZSIS5zjqzJB7JFR 4J7hxipYBbLX/s0JBq/V1qgpbTkUUdtWU672ZBMEq7Umr2zcNmyVoOOnfXHvj8hwyyx9 QXJQ== X-Gm-Message-State: APjAAAXL9zY7TJ0rXJnpSAyNENGMJwWIQ/Le6ZPhnhLdx+OWZKXzRZWU SlKxUm+oPrsg9IGqfJpNJUFnjA== X-Google-Smtp-Source: APXvYqzkDUYLGREAyz+3qR8U7QtCV5/vUFm9w/8UDHy2RXt9ROt8yhxVZM/CBPSrK8O+2Ip+rhLEyw== X-Received: by 2002:a1c:f319:: with SMTP id q25mr9491998wmq.129.1560081315279; Sun, 09 Jun 2019 04:55:15 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:5129:23cd:5870:89d4]) by smtp.gmail.com with ESMTPSA id r5sm14954317wrg.10.2019.06.09.04.55.14 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 09 Jun 2019 04:55:14 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , linux-wireless@vger.kernel.org, Johannes Berg Subject: [PATCH v2 2/7] net/mac80211: move WEP handling to ARC4 library interface Date: Sun, 9 Jun 2019 13:55:04 +0200 Message-Id: <20190609115509.26260-3-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190609115509.26260-1-ard.biesheuvel@linaro.org> References: <20190609115509.26260-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-wireless-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The WEP code in the mac80211 subsystem currently uses the crypto API to access the arc4 (RC4) cipher, which is overly complicated, and doesn't really have an upside in this particular case, since ciphers are always synchronous and therefore always implemented in software. Given that we have no accelerated software implementations either, it is much more straightforward to invoke a generic library interface directly. Cc: linux-wireless@vger.kernel.org Cc: Johannes Berg Signed-off-by: Ard Biesheuvel --- net/mac80211/Kconfig | 2 +- net/mac80211/cfg.c | 3 -- net/mac80211/ieee80211_i.h | 4 +- net/mac80211/key.h | 1 + net/mac80211/main.c | 48 ++------------------ net/mac80211/mlme.c | 2 - net/mac80211/tkip.c | 8 ++-- net/mac80211/tkip.h | 4 +- net/mac80211/wep.c | 47 ++++--------------- net/mac80211/wep.h | 4 +- net/mac80211/wpa.c | 4 +- 11 files changed, 26 insertions(+), 101 deletions(-) diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig index 0227cce9685e..0c93b1b7a826 100644 --- a/net/mac80211/Kconfig +++ b/net/mac80211/Kconfig @@ -3,7 +3,7 @@ config MAC80211 tristate "Generic IEEE 802.11 Networking Stack (mac80211)" depends on CFG80211 select CRYPTO - select CRYPTO_ARC4 + select CRYPTO_LIB_ARC4 select CRYPTO_AES select CRYPTO_CCM select CRYPTO_GCM diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c index a1973a26c7fc..9d8a8878a487 100644 --- a/net/mac80211/cfg.c +++ b/net/mac80211/cfg.c @@ -402,9 +402,6 @@ static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev, case WLAN_CIPHER_SUITE_WEP40: case WLAN_CIPHER_SUITE_TKIP: case WLAN_CIPHER_SUITE_WEP104: - if (IS_ERR(local->wep_tx_tfm)) - return -EINVAL; - break; case WLAN_CIPHER_SUITE_CCMP: case WLAN_CIPHER_SUITE_CCMP_256: case WLAN_CIPHER_SUITE_AES_CMAC: diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h index 073a8235ae1b..b2862e73f1fc 100644 --- a/net/mac80211/ieee80211_i.h +++ b/net/mac80211/ieee80211_i.h @@ -1258,8 +1258,8 @@ struct ieee80211_local { struct rate_control_ref *rate_ctrl; - struct crypto_cipher *wep_tx_tfm; - struct crypto_cipher *wep_rx_tfm; + struct crypto_arc4_ctx wep_tx_ctx; + struct crypto_arc4_ctx wep_rx_ctx; u32 wep_iv; /* see iface.c */ diff --git a/net/mac80211/key.h b/net/mac80211/key.h index f06fbd03d235..6c5bbaebd02c 100644 --- a/net/mac80211/key.h +++ b/net/mac80211/key.h @@ -14,6 +14,7 @@ #include #include #include +#include #include #define NUM_DEFAULT_KEYS 4 diff --git a/net/mac80211/main.c b/net/mac80211/main.c index 2b608044ae23..b339307035d2 100644 --- a/net/mac80211/main.c +++ b/net/mac80211/main.c @@ -733,8 +733,6 @@ EXPORT_SYMBOL(ieee80211_alloc_hw_nm); static int ieee80211_init_cipher_suites(struct ieee80211_local *local) { - bool have_wep = !(IS_ERR(local->wep_tx_tfm) || - IS_ERR(local->wep_rx_tfm)); bool have_mfp = ieee80211_hw_check(&local->hw, MFP_CAPABLE); int n_suites = 0, r = 0, w = 0; u32 *suites; @@ -757,31 +755,7 @@ static int ieee80211_init_cipher_suites(struct ieee80211_local *local) if (ieee80211_hw_check(&local->hw, SW_CRYPTO_CONTROL) || local->hw.wiphy->cipher_suites) { - /* If the driver advertises, or doesn't support SW crypto, - * we only need to remove WEP if necessary. - */ - if (have_wep) - return 0; - - /* well if it has _no_ ciphers ... fine */ - if (!local->hw.wiphy->n_cipher_suites) - return 0; - - /* Driver provides cipher suites, but we need to exclude WEP */ - suites = kmemdup(local->hw.wiphy->cipher_suites, - sizeof(u32) * local->hw.wiphy->n_cipher_suites, - GFP_KERNEL); - if (!suites) - return -ENOMEM; - - for (r = 0; r < local->hw.wiphy->n_cipher_suites; r++) { - u32 suite = local->hw.wiphy->cipher_suites[r]; - - if (suite == WLAN_CIPHER_SUITE_WEP40 || - suite == WLAN_CIPHER_SUITE_WEP104) - continue; - suites[w++] = suite; - } + return 0; } else if (!local->hw.cipher_schemes) { /* If the driver doesn't have cipher schemes, there's nothing * else to do other than assign the (software supported and @@ -793,11 +767,6 @@ static int ieee80211_init_cipher_suites(struct ieee80211_local *local) if (!have_mfp) local->hw.wiphy->n_cipher_suites -= 4; - if (!have_wep) { - local->hw.wiphy->cipher_suites += 2; - local->hw.wiphy->n_cipher_suites -= 2; - } - /* not dynamically allocated, so just return */ return 0; } else { @@ -811,11 +780,7 @@ static int ieee80211_init_cipher_suites(struct ieee80211_local *local) * We start counting ciphers defined by schemes, TKIP, CCMP, * CCMP-256, GCMP, and GCMP-256 */ - n_suites = local->hw.n_cipher_schemes + 5; - - /* check if we have WEP40 and WEP104 */ - if (have_wep) - n_suites += 2; + n_suites = local->hw.n_cipher_schemes + 7; /* check if we have AES_CMAC, BIP-CMAC-256, BIP-GMAC-128, * BIP-GMAC-256 @@ -832,11 +797,8 @@ static int ieee80211_init_cipher_suites(struct ieee80211_local *local) suites[w++] = WLAN_CIPHER_SUITE_TKIP; suites[w++] = WLAN_CIPHER_SUITE_GCMP; suites[w++] = WLAN_CIPHER_SUITE_GCMP_256; - - if (have_wep) { - suites[w++] = WLAN_CIPHER_SUITE_WEP40; - suites[w++] = WLAN_CIPHER_SUITE_WEP104; - } + suites[w++] = WLAN_CIPHER_SUITE_WEP40; + suites[w++] = WLAN_CIPHER_SUITE_WEP104; if (have_mfp) { suites[w++] = WLAN_CIPHER_SUITE_AES_CMAC; @@ -1301,7 +1263,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw) fail_rate: rtnl_unlock(); ieee80211_led_exit(local); - ieee80211_wep_free(local); fail_flows: destroy_workqueue(local->workqueue); fail_workqueue: @@ -1358,7 +1319,6 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw) destroy_workqueue(local->workqueue); wiphy_unregister(local->hw.wiphy); - ieee80211_wep_free(local); ieee80211_led_exit(local); kfree(local->int_scan_req); } diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index b7a9fe3d5fcb..cf8b87cfd619 100644 --- a/net/mac80211/mlme.c +++ b/net/mac80211/mlme.c @@ -5038,8 +5038,6 @@ int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata, auth_alg = WLAN_AUTH_OPEN; break; case NL80211_AUTHTYPE_SHARED_KEY: - if (IS_ERR(local->wep_tx_tfm)) - return -EOPNOTSUPP; auth_alg = WLAN_AUTH_SHARED_KEY; break; case NL80211_AUTHTYPE_FT: diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c index b3622823bad2..580b5c3e837e 100644 --- a/net/mac80211/tkip.c +++ b/net/mac80211/tkip.c @@ -222,7 +222,7 @@ EXPORT_SYMBOL(ieee80211_get_tkip_p2k); * @payload_len is the length of payload (_not_ including IV/ICV length). * @ta is the transmitter addresses. */ -int ieee80211_tkip_encrypt_data(struct crypto_cipher *tfm, +int ieee80211_tkip_encrypt_data(struct crypto_arc4_ctx *ctx, struct ieee80211_key *key, struct sk_buff *skb, u8 *payload, size_t payload_len) @@ -231,7 +231,7 @@ int ieee80211_tkip_encrypt_data(struct crypto_cipher *tfm, ieee80211_get_tkip_p2k(&key->conf, skb, rc4key); - return ieee80211_wep_encrypt_data(tfm, rc4key, 16, + return ieee80211_wep_encrypt_data(ctx, rc4key, 16, payload, payload_len); } @@ -239,7 +239,7 @@ int ieee80211_tkip_encrypt_data(struct crypto_cipher *tfm, * beginning of the buffer containing IEEE 802.11 header payload, i.e., * including IV, Ext. IV, real data, Michael MIC, ICV. @payload_len is the * length of payload, including IV, Ext. IV, MIC, ICV. */ -int ieee80211_tkip_decrypt_data(struct crypto_cipher *tfm, +int ieee80211_tkip_decrypt_data(struct crypto_arc4_ctx *ctx, struct ieee80211_key *key, u8 *payload, size_t payload_len, u8 *ta, u8 *ra, int only_iv, int queue, @@ -297,7 +297,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_cipher *tfm, tkip_mixing_phase2(tk, &rx_ctx->ctx, iv16, rc4key); - res = ieee80211_wep_decrypt_data(tfm, rc4key, 16, pos, payload_len - 12); + res = ieee80211_wep_decrypt_data(ctx, rc4key, 16, pos, payload_len - 12); done: if (res == TKIP_DECRYPT_OK) { /* diff --git a/net/mac80211/tkip.h b/net/mac80211/tkip.h index a1bcbfbefe7c..42b300773c58 100644 --- a/net/mac80211/tkip.h +++ b/net/mac80211/tkip.h @@ -13,7 +13,7 @@ #include #include "key.h" -int ieee80211_tkip_encrypt_data(struct crypto_cipher *tfm, +int ieee80211_tkip_encrypt_data(struct crypto_arc4_ctx *ctx, struct ieee80211_key *key, struct sk_buff *skb, u8 *payload, size_t payload_len); @@ -24,7 +24,7 @@ enum { TKIP_DECRYPT_INVALID_KEYIDX = -2, TKIP_DECRYPT_REPLAY = -3, }; -int ieee80211_tkip_decrypt_data(struct crypto_cipher *tfm, +int ieee80211_tkip_decrypt_data(struct crypto_arc4_ctx *ctx, struct ieee80211_key *key, u8 *payload, size_t payload_len, u8 *ta, u8 *ra, int only_iv, int queue, diff --git a/net/mac80211/wep.c b/net/mac80211/wep.c index bfe9ed9f4c48..9aad40e28374 100644 --- a/net/mac80211/wep.c +++ b/net/mac80211/wep.c @@ -30,30 +30,9 @@ int ieee80211_wep_init(struct ieee80211_local *local) /* start WEP IV from a random value */ get_random_bytes(&local->wep_iv, IEEE80211_WEP_IV_LEN); - local->wep_tx_tfm = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(local->wep_tx_tfm)) { - local->wep_rx_tfm = ERR_PTR(-EINVAL); - return PTR_ERR(local->wep_tx_tfm); - } - - local->wep_rx_tfm = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(local->wep_rx_tfm)) { - crypto_free_cipher(local->wep_tx_tfm); - local->wep_tx_tfm = ERR_PTR(-EINVAL); - return PTR_ERR(local->wep_rx_tfm); - } - return 0; } -void ieee80211_wep_free(struct ieee80211_local *local) -{ - if (!IS_ERR(local->wep_tx_tfm)) - crypto_free_cipher(local->wep_tx_tfm); - if (!IS_ERR(local->wep_rx_tfm)) - crypto_free_cipher(local->wep_rx_tfm); -} - static inline bool ieee80211_wep_weak_iv(u32 iv, int keylen) { /* @@ -131,21 +110,16 @@ static void ieee80211_wep_remove_iv(struct ieee80211_local *local, /* Perform WEP encryption using given key. data buffer must have tailroom * for 4-byte ICV. data_len must not include this ICV. Note: this function * does _not_ add IV. data = RC4(data | CRC32(data)) */ -int ieee80211_wep_encrypt_data(struct crypto_cipher *tfm, u8 *rc4key, +int ieee80211_wep_encrypt_data(struct crypto_arc4_ctx *ctx, u8 *rc4key, size_t klen, u8 *data, size_t data_len) { __le32 icv; - int i; - - if (IS_ERR(tfm)) - return -1; icv = cpu_to_le32(~crc32_le(~0, data, data_len)); put_unaligned(icv, (__le32 *)(data + data_len)); - crypto_cipher_setkey(tfm, rc4key, klen); - for (i = 0; i < data_len + IEEE80211_WEP_ICV_LEN; i++) - crypto_cipher_encrypt_one(tfm, data + i, data + i); + crypto_arc4_set_key(ctx, rc4key, klen); + crypto_arc4_crypt(ctx, data, data, data_len + IEEE80211_WEP_ICV_LEN); return 0; } @@ -184,7 +158,7 @@ int ieee80211_wep_encrypt(struct ieee80211_local *local, /* Add room for ICV */ skb_put(skb, IEEE80211_WEP_ICV_LEN); - return ieee80211_wep_encrypt_data(local->wep_tx_tfm, rc4key, keylen + 3, + return ieee80211_wep_encrypt_data(&local->wep_tx_ctx, rc4key, keylen + 3, iv + IEEE80211_WEP_IV_LEN, len); } @@ -192,18 +166,13 @@ int ieee80211_wep_encrypt(struct ieee80211_local *local, /* Perform WEP decryption using given key. data buffer includes encrypted * payload, including 4-byte ICV, but _not_ IV. data_len must not include ICV. * Return 0 on success and -1 on ICV mismatch. */ -int ieee80211_wep_decrypt_data(struct crypto_cipher *tfm, u8 *rc4key, +int ieee80211_wep_decrypt_data(struct crypto_arc4_ctx *ctx, u8 *rc4key, size_t klen, u8 *data, size_t data_len) { __le32 crc; - int i; - - if (IS_ERR(tfm)) - return -1; - crypto_cipher_setkey(tfm, rc4key, klen); - for (i = 0; i < data_len + IEEE80211_WEP_ICV_LEN; i++) - crypto_cipher_decrypt_one(tfm, data + i, data + i); + crypto_arc4_set_key(ctx, rc4key, klen); + crypto_arc4_crypt(ctx, data, data, data_len + IEEE80211_WEP_ICV_LEN); crc = cpu_to_le32(~crc32_le(~0, data, data_len)); if (memcmp(&crc, data + data_len, IEEE80211_WEP_ICV_LEN) != 0) @@ -256,7 +225,7 @@ static int ieee80211_wep_decrypt(struct ieee80211_local *local, /* Copy rest of the WEP key (the secret part) */ memcpy(rc4key + 3, key->conf.key, key->conf.keylen); - if (ieee80211_wep_decrypt_data(local->wep_rx_tfm, rc4key, klen, + if (ieee80211_wep_decrypt_data(&local->wep_rx_ctx, rc4key, klen, skb->data + hdrlen + IEEE80211_WEP_IV_LEN, len)) ret = -1; diff --git a/net/mac80211/wep.h b/net/mac80211/wep.h index 9615749d1f65..b63dda9dd442 100644 --- a/net/mac80211/wep.h +++ b/net/mac80211/wep.h @@ -18,12 +18,12 @@ int ieee80211_wep_init(struct ieee80211_local *local); void ieee80211_wep_free(struct ieee80211_local *local); -int ieee80211_wep_encrypt_data(struct crypto_cipher *tfm, u8 *rc4key, +int ieee80211_wep_encrypt_data(struct crypto_arc4_ctx *ctx, u8 *rc4key, size_t klen, u8 *data, size_t data_len); int ieee80211_wep_encrypt(struct ieee80211_local *local, struct sk_buff *skb, const u8 *key, int keylen, int keyidx); -int ieee80211_wep_decrypt_data(struct crypto_cipher *tfm, u8 *rc4key, +int ieee80211_wep_decrypt_data(struct crypto_arc4_ctx *ctx, u8 *rc4key, size_t klen, u8 *data, size_t data_len); ieee80211_rx_result diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c index 58d0b258b684..02e8ab7b2b4c 100644 --- a/net/mac80211/wpa.c +++ b/net/mac80211/wpa.c @@ -242,7 +242,7 @@ static int tkip_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb) /* Add room for ICV */ skb_put(skb, IEEE80211_TKIP_ICV_LEN); - return ieee80211_tkip_encrypt_data(tx->local->wep_tx_tfm, + return ieee80211_tkip_encrypt_data(&tx->local->wep_tx_ctx, key, skb, pos, len); } @@ -293,7 +293,7 @@ ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx) if (status->flag & RX_FLAG_DECRYPTED) hwaccel = 1; - res = ieee80211_tkip_decrypt_data(rx->local->wep_rx_tfm, + res = ieee80211_tkip_decrypt_data(&rx->local->wep_rx_ctx, key, skb->data + hdrlen, skb->len - hdrlen, rx->sta->sta.addr, hdr->addr1, hwaccel, rx->security_idx, From patchwork Sun Jun 9 11:55:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 10983633 X-Patchwork-Delegate: johannes@sipsolutions.net Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9DA1D14C0 for ; Sun, 9 Jun 2019 11:55:29 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8E5CE201F5 for ; Sun, 9 Jun 2019 11:55:29 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7F37028A89; Sun, 9 Jun 2019 11:55:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 22AF828A14 for ; Sun, 9 Jun 2019 11:55:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728472AbfFILz2 (ORCPT ); Sun, 9 Jun 2019 07:55:28 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:44469 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728365AbfFILzS (ORCPT ); Sun, 9 Jun 2019 07:55:18 -0400 Received: by mail-wr1-f67.google.com with SMTP id b17so6354029wrq.11 for ; Sun, 09 Jun 2019 04:55:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=RrqId75ysoE9z88I4uq9u9pu8GvMT3RxAtvppEowQeg=; b=DuzTQmf5LsIklRp0smJvKrXxUAxdk1/eUn7byiT81TlJonmNvpjxt1TT/VYq+xolR8 cKTRTPbnSOjqcpHQUnzzZB/x++8yJdQggr3jLB7Y3uSsO0rwp5Q3695RUDIBROeFnkVd OC8m/+DJ47E5MM9xv3/iCuunztKvIn94OfKvgSsU5VpVrumY3U6ir30opJeY72/TpSOG 4Im/uietlHmLeGPkX7fnhUXw5dh5WCsGWNzhzx8w0EYF3mqCBQzfqf826U66IxUrKxfy QbS1a5l29kPuy1u2VKGIYpYDjFy+nhqT8+uvOez3NkNjI6AOTULVhSr+Hk8b2c9d/h+2 OBYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=RrqId75ysoE9z88I4uq9u9pu8GvMT3RxAtvppEowQeg=; b=GEfEQaWxPje6hs/lATV2DBUih0p8EMfoJwkxTMO/mSlS33DkrLIAtUZejwbpqZCGQQ XpSHKJbDSnC8En5JQXfQVXEdWFTvr500k0dOqO2OLTOWUoVywsO8UPMAwE0b4jgLB5QB /v9Z/0oeANczeEuuuFLi5ddPlDLji/6fvj7Z1IPhERkZc6Y6GGIC2EOYycyXV3pOXbWh ALxe8SfgVEkxeGU3P/BXQ2/HjJT5Puf/jpAgNaxc0QkV8ICtjAcPENrJ3jpl7F0G/cF5 hglZpLUBDZkCQ6d78y40tbDGOvBZ8sjEBVo86UmFcI/7RFW4NoaJbCitnN5zt868SHoQ lTLg== X-Gm-Message-State: APjAAAVp5sKtq9+JkrNreUM3qgfATZC7sxw4at+xqqMHj3bUb6pXgQ0w 1Xw3j+QTpUUSOPK5vP7ZpPpNFQ== X-Google-Smtp-Source: APXvYqx2jJmtY4XDAq6ILYjeRnRcWHQdYWF9GOzwWuWy/vTtlmz1i6U8UP8FZ0IX6D1y70GZganrXA== X-Received: by 2002:a5d:4f8b:: with SMTP id d11mr5519809wru.264.1560081316553; Sun, 09 Jun 2019 04:55:16 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:5129:23cd:5870:89d4]) by smtp.gmail.com with ESMTPSA id r5sm14954317wrg.10.2019.06.09.04.55.15 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 09 Jun 2019 04:55:15 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , linux-wireless@vger.kernel.org, Johannes Berg Subject: [PATCH v2 3/7] net/lib80211: move WEP handling to ARC4 library code Date: Sun, 9 Jun 2019 13:55:05 +0200 Message-Id: <20190609115509.26260-4-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190609115509.26260-1-ard.biesheuvel@linaro.org> References: <20190609115509.26260-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-wireless-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The crypto API abstraction is not very useful for invoking ciphers directly, especially in the case of arc4, which only has a generic implementation in C. So let's invoke the library code directly. Cc: linux-wireless@vger.kernel.org Cc: Johannes Berg Signed-off-by: Ard Biesheuvel --- net/wireless/Kconfig | 1 + net/wireless/lib80211_crypt_wep.c | 43 ++++---------------- 2 files changed, 9 insertions(+), 35 deletions(-) diff --git a/net/wireless/Kconfig b/net/wireless/Kconfig index 6310ddede220..6d9c48cea07e 100644 --- a/net/wireless/Kconfig +++ b/net/wireless/Kconfig @@ -213,6 +213,7 @@ config LIB80211 config LIB80211_CRYPT_WEP tristate + select CRYPTO_LIB_ARC4 config LIB80211_CRYPT_CCMP tristate diff --git a/net/wireless/lib80211_crypt_wep.c b/net/wireless/lib80211_crypt_wep.c index 20c1ad63ad44..3db1b2e6a25a 100644 --- a/net/wireless/lib80211_crypt_wep.c +++ b/net/wireless/lib80211_crypt_wep.c @@ -22,7 +22,7 @@ #include -#include +#include #include MODULE_AUTHOR("Jouni Malinen"); @@ -35,8 +35,8 @@ struct lib80211_wep_data { u8 key[WEP_KEY_LEN + 1]; u8 key_len; u8 key_idx; - struct crypto_cipher *tx_tfm; - struct crypto_cipher *rx_tfm; + struct crypto_arc4_ctx tx_ctx; + struct crypto_arc4_ctx rx_ctx; }; static void *lib80211_wep_init(int keyidx) @@ -45,41 +45,17 @@ static void *lib80211_wep_init(int keyidx) priv = kzalloc(sizeof(*priv), GFP_ATOMIC); if (priv == NULL) - goto fail; + return NULL; priv->key_idx = keyidx; - priv->tx_tfm = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(priv->tx_tfm)) { - priv->tx_tfm = NULL; - goto fail; - } - - priv->rx_tfm = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(priv->rx_tfm)) { - priv->rx_tfm = NULL; - goto fail; - } /* start WEP IV from a random value */ get_random_bytes(&priv->iv, 4); return priv; - - fail: - if (priv) { - crypto_free_cipher(priv->tx_tfm); - crypto_free_cipher(priv->rx_tfm); - kfree(priv); - } - return NULL; } static void lib80211_wep_deinit(void *priv) { - struct lib80211_wep_data *_priv = priv; - if (_priv) { - crypto_free_cipher(_priv->tx_tfm); - crypto_free_cipher(_priv->rx_tfm); - } kfree(priv); } @@ -160,10 +136,8 @@ static int lib80211_wep_encrypt(struct sk_buff *skb, int hdr_len, void *priv) icv[2] = crc >> 16; icv[3] = crc >> 24; - crypto_cipher_setkey(wep->tx_tfm, key, klen); - - for (i = 0; i < len + 4; i++) - crypto_cipher_encrypt_one(wep->tx_tfm, pos + i, pos + i); + crypto_arc4_set_key(&wep->tx_ctx, key, klen); + crypto_arc4_crypt(&wep->tx_ctx, pos, pos, len + 4); return 0; } @@ -202,9 +176,8 @@ static int lib80211_wep_decrypt(struct sk_buff *skb, int hdr_len, void *priv) /* Apply RC4 to data and compute CRC32 over decrypted data */ plen = skb->len - hdr_len - 8; - crypto_cipher_setkey(wep->rx_tfm, key, klen); - for (i = 0; i < plen + 4; i++) - crypto_cipher_decrypt_one(wep->rx_tfm, pos + i, pos + i); + crypto_arc4_set_key(&wep->rx_ctx, key, klen); + crypto_arc4_crypt(&wep->rx_ctx, pos, pos, plen + 4); crc = ~crc32_le(~0, pos, plen); icv[0] = crc; From patchwork Sun Jun 9 11:55:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 10983621 X-Patchwork-Delegate: johannes@sipsolutions.net Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 68A6B1515 for ; Sun, 9 Jun 2019 11:55:23 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 566F7201F5 for ; Sun, 9 Jun 2019 11:55:23 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 4A6C328A37; Sun, 9 Jun 2019 11:55:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D09EF201F5 for ; Sun, 9 Jun 2019 11:55:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728490AbfFILzW (ORCPT ); Sun, 9 Jun 2019 07:55:22 -0400 Received: from mail-wr1-f65.google.com ([209.85.221.65]:37656 "EHLO mail-wr1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728462AbfFILzU (ORCPT ); Sun, 9 Jun 2019 07:55:20 -0400 Received: by mail-wr1-f65.google.com with SMTP id v14so6370365wrr.4 for ; Sun, 09 Jun 2019 04:55:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=umqQnyDMdpEn6zwG2IG1Sf2HS5jaOEmJ4ynU8GI2sJ0=; b=aZXX2qvytl/4knmSgzfZg5z5r0fH5+eQJXF4y2kQoK+eP4tWCQ/DAZNt26x1uPdETu oxqpSnoaNRZ2mr4sHsb1ew5Dq39v4zvCxbNb2jU5ak+Tpkliqi6dMVGjLqKSVRmdYi3U L1OZnE++kxTVwNHR50tC/x4LlQkGs97gXs+N56yp7RbnYIH2O5+7RRRMluZgDIFagiWy bpl705rrhWxdtnFTrYX0RyBWEOCfSXNFvQANnJQM20j+2Cf1Ib+VOgUsrtaXEpa+Hv7r 4vn+M/MZm9rzPuvFYiJMsVI8s3RgckLc7aCb4mJcOw+qogz/5dWcrgwsrYVSd1XYiTdP TOXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=umqQnyDMdpEn6zwG2IG1Sf2HS5jaOEmJ4ynU8GI2sJ0=; b=KLfaL2rMuIzqQsoDt2uEWaafsfuTGxTG5RKZn7raGpGh1CsqgZtv/5ziiG11ikpVAb drfvHs2hrVa+nRp+yABtEL5gMbSobtb3B1JoLT8bZyeW7Y4d9YAYeSGu1scEohXwP18t aZRUMQAlL99XVaHCWnZv3QjVa4iUDSW/mMxi7ommGboQz2Og5h100pmpK1rK9M/Qxq5x VVNwZicVSjuIsbGV9LL8waksvKnwkr64NbgbrqMkWmIOeQJtfjJDDmycYZVFwVkCeLTm y3tRyNQAfPYE1yzyJO7x2/RjpgnRXMazgJLfwZ6FkBYnOALkZZeNAtCtLVqjapRROf6j OB7w== X-Gm-Message-State: APjAAAUyspx+4HzeKWXIQRYV+f4+Fn7qy8dGnMLFSUNQaMULcqonmRt9 Ia95o5Vlkp7tKdKd0VvQaXOHZg== X-Google-Smtp-Source: APXvYqwnkDftuk/fTsX9PFoxotJ5q2AhQ7Q1SlqB2SyHIuLCIxuAB25BRbHn9SPE0+RbcuZoOF+Rdg== X-Received: by 2002:adf:e808:: with SMTP id o8mr8767859wrm.191.1560081317763; Sun, 09 Jun 2019 04:55:17 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:5129:23cd:5870:89d4]) by smtp.gmail.com with ESMTPSA id r5sm14954317wrg.10.2019.06.09.04.55.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 09 Jun 2019 04:55:17 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , linux-wireless@vger.kernel.org, Johannes Berg Subject: [PATCH v2 4/7] net/lib80211: move TKIP handling to ARC4 library code Date: Sun, 9 Jun 2019 13:55:06 +0200 Message-Id: <20190609115509.26260-5-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190609115509.26260-1-ard.biesheuvel@linaro.org> References: <20190609115509.26260-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-wireless-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The crypto API abstraction is not very useful for invoking ciphers directly, especially in the case of arc4, which only has a generic implementation in C. So let's invoke the library code directly. Cc: linux-wireless@vger.kernel.org Cc: Johannes Berg Signed-off-by: Ard Biesheuvel --- net/wireless/lib80211_crypt_tkip.c | 42 ++++++-------------- 1 file changed, 12 insertions(+), 30 deletions(-) diff --git a/net/wireless/lib80211_crypt_tkip.c b/net/wireless/lib80211_crypt_tkip.c index 11eaa5956f00..c19528a39563 100644 --- a/net/wireless/lib80211_crypt_tkip.c +++ b/net/wireless/lib80211_crypt_tkip.c @@ -29,6 +29,7 @@ #include #include +#include #include #include #include @@ -64,9 +65,9 @@ struct lib80211_tkip_data { int key_idx; - struct crypto_cipher *rx_tfm_arc4; + struct crypto_arc4_ctx rx_ctx_arc4; + struct crypto_arc4_ctx tx_ctx_arc4; struct crypto_shash *rx_tfm_michael; - struct crypto_cipher *tx_tfm_arc4; struct crypto_shash *tx_tfm_michael; /* scratch buffers for virt_to_page() (crypto API) */ @@ -99,24 +100,12 @@ static void *lib80211_tkip_init(int key_idx) priv->key_idx = key_idx; - priv->tx_tfm_arc4 = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(priv->tx_tfm_arc4)) { - priv->tx_tfm_arc4 = NULL; - goto fail; - } - priv->tx_tfm_michael = crypto_alloc_shash("michael_mic", 0, 0); if (IS_ERR(priv->tx_tfm_michael)) { priv->tx_tfm_michael = NULL; goto fail; } - priv->rx_tfm_arc4 = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(priv->rx_tfm_arc4)) { - priv->rx_tfm_arc4 = NULL; - goto fail; - } - priv->rx_tfm_michael = crypto_alloc_shash("michael_mic", 0, 0); if (IS_ERR(priv->rx_tfm_michael)) { priv->rx_tfm_michael = NULL; @@ -128,9 +117,7 @@ static void *lib80211_tkip_init(int key_idx) fail: if (priv) { crypto_free_shash(priv->tx_tfm_michael); - crypto_free_cipher(priv->tx_tfm_arc4); crypto_free_shash(priv->rx_tfm_michael); - crypto_free_cipher(priv->rx_tfm_arc4); kfree(priv); } @@ -142,9 +129,7 @@ static void lib80211_tkip_deinit(void *priv) struct lib80211_tkip_data *_priv = priv; if (_priv) { crypto_free_shash(_priv->tx_tfm_michael); - crypto_free_cipher(_priv->tx_tfm_arc4); crypto_free_shash(_priv->rx_tfm_michael); - crypto_free_cipher(_priv->rx_tfm_arc4); } kfree(priv); } @@ -345,7 +330,6 @@ static int lib80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) int len; u8 rc4key[16], *pos, *icv; u32 crc; - int i; if (tkey->flags & IEEE80211_CRYPTO_TKIP_COUNTERMEASURES) { struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; @@ -370,9 +354,9 @@ static int lib80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) icv[2] = crc >> 16; icv[3] = crc >> 24; - crypto_cipher_setkey(tkey->tx_tfm_arc4, rc4key, 16); - for (i = 0; i < len + 4; i++) - crypto_cipher_encrypt_one(tkey->tx_tfm_arc4, pos + i, pos + i); + crypto_arc4_set_key(&tkey->tx_ctx_arc4, rc4key, 16); + crypto_arc4_crypt(&tkey->tx_ctx_arc4, pos, pos, len + 4); + return 0; } @@ -400,7 +384,6 @@ static int lib80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) u8 icv[4]; u32 crc; int plen; - int i; hdr = (struct ieee80211_hdr *)skb->data; @@ -453,9 +436,8 @@ static int lib80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) plen = skb->len - hdr_len - 12; - crypto_cipher_setkey(tkey->rx_tfm_arc4, rc4key, 16); - for (i = 0; i < plen + 4; i++) - crypto_cipher_decrypt_one(tkey->rx_tfm_arc4, pos + i, pos + i); + crypto_arc4_set_key(&tkey->rx_ctx_arc4, rc4key, 16); + crypto_arc4_crypt(&tkey->rx_ctx_arc4, pos, pos, plen + 4); crc = ~crc32_le(~0, pos, plen); icv[0] = crc; @@ -640,17 +622,17 @@ static int lib80211_tkip_set_key(void *key, int len, u8 * seq, void *priv) struct lib80211_tkip_data *tkey = priv; int keyidx; struct crypto_shash *tfm = tkey->tx_tfm_michael; - struct crypto_cipher *tfm2 = tkey->tx_tfm_arc4; + struct crypto_arc4_ctx *tfm2 = &tkey->tx_ctx_arc4; struct crypto_shash *tfm3 = tkey->rx_tfm_michael; - struct crypto_cipher *tfm4 = tkey->rx_tfm_arc4; + struct crypto_arc4_ctx *tfm4 = &tkey->rx_ctx_arc4; keyidx = tkey->key_idx; memset(tkey, 0, sizeof(*tkey)); tkey->key_idx = keyidx; tkey->tx_tfm_michael = tfm; - tkey->tx_tfm_arc4 = tfm2; + tkey->tx_ctx_arc4 = *tfm2; tkey->rx_tfm_michael = tfm3; - tkey->rx_tfm_arc4 = tfm4; + tkey->rx_ctx_arc4 = *tfm4; if (len == TKIP_KEY_LEN) { memcpy(tkey->key, key, TKIP_KEY_LEN); tkey->key_set = 1;