diff options
author | Yang Zhang <yang.z.zhang@intel.com> | 2015-08-28 09:58:54 +0800 |
---|---|---|
committer | Yang Zhang <yang.z.zhang@intel.com> | 2015-09-01 12:44:00 +0800 |
commit | e44e3482bdb4d0ebde2d8b41830ac2cdb07948fb (patch) | |
tree | 66b09f592c55df2878107a468a91d21506104d3f /qemu/roms/ipxe/src/net/80211 | |
parent | 9ca8dbcc65cfc63d6f5ef3312a33184e1d726e00 (diff) |
Add qemu 2.4.0
Change-Id: Ic99cbad4b61f8b127b7dc74d04576c0bcbaaf4f5
Signed-off-by: Yang Zhang <yang.z.zhang@intel.com>
Diffstat (limited to 'qemu/roms/ipxe/src/net/80211')
-rw-r--r-- | qemu/roms/ipxe/src/net/80211/net80211.c | 2828 | ||||
-rw-r--r-- | qemu/roms/ipxe/src/net/80211/rc80211.c | 372 | ||||
-rw-r--r-- | qemu/roms/ipxe/src/net/80211/sec80211.c | 518 | ||||
-rw-r--r-- | qemu/roms/ipxe/src/net/80211/wep.c | 304 | ||||
-rw-r--r-- | qemu/roms/ipxe/src/net/80211/wpa.c | 915 | ||||
-rw-r--r-- | qemu/roms/ipxe/src/net/80211/wpa_ccmp.c | 530 | ||||
-rw-r--r-- | qemu/roms/ipxe/src/net/80211/wpa_psk.c | 127 | ||||
-rw-r--r-- | qemu/roms/ipxe/src/net/80211/wpa_tkip.c | 588 |
8 files changed, 6182 insertions, 0 deletions
diff --git a/qemu/roms/ipxe/src/net/80211/net80211.c b/qemu/roms/ipxe/src/net/80211/net80211.c new file mode 100644 index 000000000..434944523 --- /dev/null +++ b/qemu/roms/ipxe/src/net/80211/net80211.c @@ -0,0 +1,2828 @@ +/* + * The iPXE 802.11 MAC layer. + * + * Copyright (c) 2009 Joshua Oreman <oremanj@rwcr.net>. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +FILE_LICENCE ( GPL2_OR_LATER ); + +#include <string.h> +#include <byteswap.h> +#include <stdlib.h> +#include <unistd.h> +#include <errno.h> +#include <ipxe/settings.h> +#include <ipxe/if_arp.h> +#include <ipxe/ethernet.h> +#include <ipxe/ieee80211.h> +#include <ipxe/netdevice.h> +#include <ipxe/net80211.h> +#include <ipxe/sec80211.h> +#include <ipxe/timer.h> +#include <ipxe/nap.h> +#include <ipxe/errortab.h> +#include <ipxe/net80211_err.h> + +/** @file + * + * 802.11 device management + */ + +/** List of 802.11 devices */ +static struct list_head net80211_devices = LIST_HEAD_INIT ( net80211_devices ); + +/** Set of device operations that does nothing */ +static struct net80211_device_operations net80211_null_ops; + +/** Information associated with a received management packet + * + * This is used to keep beacon signal strengths in a parallel queue to + * the beacons themselves. + */ +struct net80211_rx_info { + int signal; + struct list_head list; +}; + +/** Context for a probe operation */ +struct net80211_probe_ctx { + /** 802.11 device to probe on */ + struct net80211_device *dev; + + /** Value of keep_mgmt before probe was started */ + int old_keep_mgmt; + + /** If scanning actively, pointer to probe packet to send */ + struct io_buffer *probe; + + /** If non-"", the ESSID to limit ourselves to */ + const char *essid; + + /** Time probe was started */ + u32 ticks_start; + + /** Time last useful beacon was received */ + u32 ticks_beacon; + + /** Time channel was last changed */ + u32 ticks_channel; + + /** Time to stay on each channel */ + u32 hop_time; + + /** Channels to hop by when changing channel */ + int hop_step; + + /** List of best beacons for each network found so far */ + struct list_head *beacons; +}; + +/** Context for the association task */ +struct net80211_assoc_ctx { + /** Next authentication method to try using */ + int method; + + /** Time (in ticks) of the last sent association-related packet */ + int last_packet; + + /** Number of times we have tried sending it */ + int times_tried; +}; + +/** + * Detect secure 802.11 network when security support is not available + * + * @return -ENOTSUP, always. + */ +__weak int sec80211_detect ( struct io_buffer *iob __unused, + enum net80211_security_proto *secprot __unused, + enum net80211_crypto_alg *crypt __unused ) { + return -ENOTSUP; +} + +/** + * @defgroup net80211_netdev Network device interface functions + * @{ + */ +static int net80211_netdev_open ( struct net_device *netdev ); +static void net80211_netdev_close ( struct net_device *netdev ); +static int net80211_netdev_transmit ( struct net_device *netdev, + struct io_buffer *iobuf ); +static void net80211_netdev_poll ( struct net_device *netdev ); +static void net80211_netdev_irq ( struct net_device *netdev, int enable ); +/** @} */ + +/** + * @defgroup net80211_linklayer 802.11 link-layer protocol functions + * @{ + */ +static int net80211_ll_push ( struct net_device *netdev, + struct io_buffer *iobuf, const void *ll_dest, + const void *ll_source, uint16_t net_proto ); +static int net80211_ll_pull ( struct net_device *netdev, + struct io_buffer *iobuf, const void **ll_dest, + const void **ll_source, uint16_t * net_proto, + unsigned int *flags ); +/** @} */ + +/** + * @defgroup net80211_help 802.11 helper functions + * @{ + */ +static void net80211_add_channels ( struct net80211_device *dev, int start, + int len, int txpower ); +static void net80211_filter_hw_channels ( struct net80211_device *dev ); +static void net80211_set_rtscts_rate ( struct net80211_device *dev ); +static int net80211_process_capab ( struct net80211_device *dev, + u16 capab ); +static int net80211_process_ie ( struct net80211_device *dev, + union ieee80211_ie *ie, void *ie_end ); +static union ieee80211_ie * +net80211_marshal_request_info ( struct net80211_device *dev, + union ieee80211_ie *ie ); +/** @} */ + +/** + * @defgroup net80211_assoc_ll 802.11 association handling functions + * @{ + */ +static void net80211_step_associate ( struct net80211_device *dev ); +static void net80211_handle_auth ( struct net80211_device *dev, + struct io_buffer *iob ); +static void net80211_handle_assoc_reply ( struct net80211_device *dev, + struct io_buffer *iob ); +static int net80211_send_disassoc ( struct net80211_device *dev, int reason, + int deauth ); +static void net80211_handle_mgmt ( struct net80211_device *dev, + struct io_buffer *iob, int signal ); +/** @} */ + +/** + * @defgroup net80211_frag 802.11 fragment handling functions + * @{ + */ +static void net80211_free_frags ( struct net80211_device *dev, int fcid ); +static struct io_buffer *net80211_accum_frags ( struct net80211_device *dev, + int fcid, int nfrags, int size ); +static void net80211_rx_frag ( struct net80211_device *dev, + struct io_buffer *iob, int signal ); +/** @} */ + +/** + * @defgroup net80211_settings 802.11 settings handlers + * @{ + */ +static int net80211_check_settings_update ( void ); + +/** 802.11 settings applicator + * + * When the SSID is changed, this will cause any open devices to + * re-associate; when the encryption key is changed, we similarly + * update their state. + */ +struct settings_applicator net80211_applicator __settings_applicator = { + .apply = net80211_check_settings_update, +}; + +/** The network name to associate with + * + * If this is blank, we scan for all networks and use the one with the + * greatest signal strength. + */ +const struct setting net80211_ssid_setting __setting ( SETTING_NETDEV_EXTRA, + ssid ) = { + .name = "ssid", + .description = "Wireless SSID", + .type = &setting_type_string, +}; + +/** Whether to use active scanning + * + * In order to associate with a hidden SSID, it's necessary to use an + * active scan (send probe packets). If this setting is nonzero, an + * active scan on the 2.4GHz band will be used to associate. + */ +const struct setting net80211_active_setting __setting ( SETTING_NETDEV_EXTRA, + active-scan ) = { + .name = "active-scan", + .description = "Actively scan for wireless networks", + .type = &setting_type_int8, +}; + +/** The cryptographic key to use + * + * For hex WEP keys, as is common, this must be entered using the + * normal iPXE method for entering hex settings; an ASCII string of + * hex characters will not behave as expected. + */ +const struct setting net80211_key_setting __setting ( SETTING_NETDEV_EXTRA, + key ) = { + .name = "key", + .description = "Wireless encryption key", + .type = &setting_type_string, +}; + +/** @} */ + + +/* ---------- net_device wrapper ---------- */ + +/** + * Open 802.11 device and start association + * + * @v netdev Wrapping network device + * @ret rc Return status code + * + * This sets up a default conservative set of channels for probing, + * and starts the auto-association task unless the @c + * NET80211_NO_ASSOC flag is set in the wrapped 802.11 device's @c + * state field. + */ +static int net80211_netdev_open ( struct net_device *netdev ) +{ + struct net80211_device *dev = netdev->priv; + int rc = 0; + + if ( dev->op == &net80211_null_ops ) + return -EFAULT; + + if ( dev->op->open ) + rc = dev->op->open ( dev ); + + if ( rc < 0 ) + return rc; + + if ( ! ( dev->state & NET80211_NO_ASSOC ) ) + net80211_autoassociate ( dev ); + + return 0; +} + +/** + * Close 802.11 device + * + * @v netdev Wrapping network device. + * + * If the association task is running, this will stop it. + */ +static void net80211_netdev_close ( struct net_device *netdev ) +{ + struct net80211_device *dev = netdev->priv; + + if ( dev->state & NET80211_WORKING ) + process_del ( &dev->proc_assoc ); + + /* Send disassociation frame to AP, to be polite */ + if ( dev->state & NET80211_ASSOCIATED ) + net80211_send_disassoc ( dev, IEEE80211_REASON_LEAVING, 0 ); + + if ( dev->handshaker && dev->handshaker->stop && + dev->handshaker->started ) + dev->handshaker->stop ( dev ); + + free ( dev->crypto ); + free ( dev->handshaker ); + dev->crypto = NULL; + dev->handshaker = NULL; + + netdev_link_down ( netdev ); + dev->state = 0; + + if ( dev->op->close ) + dev->op->close ( dev ); +} + +/** + * Transmit packet on 802.11 device + * + * @v netdev Wrapping network device + * @v iobuf I/O buffer + * @ret rc Return status code + * + * If encryption is enabled for the currently associated network, the + * packet will be encrypted prior to transmission. + */ +static int net80211_netdev_transmit ( struct net_device *netdev, + struct io_buffer *iobuf ) +{ + struct net80211_device *dev = netdev->priv; + struct ieee80211_frame *hdr = iobuf->data; + int rc = -ENOSYS; + + if ( dev->crypto && ! ( hdr->fc & IEEE80211_FC_PROTECTED ) && + ( ( hdr->fc & IEEE80211_FC_TYPE ) == IEEE80211_TYPE_DATA ) ) { + struct io_buffer *niob = dev->crypto->encrypt ( dev->crypto, + iobuf ); + if ( ! niob ) + return -ENOMEM; /* only reason encryption could fail */ + + /* Free the non-encrypted iob */ + netdev_tx_complete ( netdev, iobuf ); + + /* Transmit the encrypted iob; the Protected flag is + set, so we won't recurse into here again */ + netdev_tx ( netdev, niob ); + + /* Don't transmit the freed packet */ + return 0; + } + + if ( dev->op->transmit ) + rc = dev->op->transmit ( dev, iobuf ); + + return rc; +} + +/** + * Poll 802.11 device for received packets and completed transmissions + * + * @v netdev Wrapping network device + */ +static void net80211_netdev_poll ( struct net_device *netdev ) +{ + struct net80211_device *dev = netdev->priv; + + if ( dev->op->poll ) + dev->op->poll ( dev ); +} + +/** + * Enable or disable interrupts for 802.11 device + * + * @v netdev Wrapping network device + * @v enable Whether to enable interrupts + */ +static void net80211_netdev_irq ( struct net_device *netdev, int enable ) +{ + struct net80211_device *dev = netdev->priv; + + if ( dev->op->irq ) + dev->op->irq ( dev, enable ); +} + +/** Network device operations for a wrapped 802.11 device */ +static struct net_device_operations net80211_netdev_ops = { + .open = net80211_netdev_open, + .close = net80211_netdev_close, + .transmit = net80211_netdev_transmit, + .poll = net80211_netdev_poll, + .irq = net80211_netdev_irq, +}; + + +/* ---------- 802.11 link-layer protocol ---------- */ + +/** + * Determine whether a transmission rate uses ERP/OFDM + * + * @v rate Rate in 100 kbps units + * @ret is_erp TRUE if the rate is an ERP/OFDM rate + * + * 802.11b supports rates of 1.0, 2.0, 5.5, and 11.0 Mbps; any other + * rate than these on the 2.4GHz spectrum is an ERP (802.11g) rate. + */ +static inline int net80211_rate_is_erp ( u16 rate ) +{ + if ( rate == 10 || rate == 20 || rate == 55 || rate == 110 ) + return 0; + return 1; +} + + +/** + * Calculate one frame's contribution to 802.11 duration field + * + * @v dev 802.11 device + * @v bytes Amount of data to calculate duration for + * @ret dur Duration field in microseconds + * + * To avoid multiple stations attempting to transmit at once, 802.11 + * provides that every packet shall include a duration field + * specifying a length of time for which the wireless medium will be + * reserved after it is transmitted. The duration is measured in + * microseconds and is calculated with respect to the current + * physical-layer parameters of the 802.11 device. + * + * For an unfragmented data or management frame, or the last fragment + * of a fragmented frame, the duration captures only the 10 data bytes + * of one ACK; call once with bytes = 10. + * + * For a fragment of a data or management rame that will be followed + * by more fragments, the duration captures an ACK, the following + * fragment, and its ACK; add the results of three calls, two with + * bytes = 10 and one with bytes set to the next fragment's size. + * + * For an RTS control frame, the duration captures the responding CTS, + * the frame being sent, and its ACK; add the results of three calls, + * two with bytes = 10 and one with bytes set to the next frame's size + * (assuming unfragmented). + * + * For a CTS-to-self control frame, the duration captures the frame + * being protected and its ACK; add the results of two calls, one with + * bytes = 10 and one with bytes set to the next frame's size. + * + * No other frame types are currently supported by iPXE. + */ +u16 net80211_duration ( struct net80211_device *dev, int bytes, u16 rate ) +{ + struct net80211_channel *chan = &dev->channels[dev->channel]; + u32 kbps = rate * 100; + + if ( chan->band == NET80211_BAND_5GHZ || net80211_rate_is_erp ( rate ) ) { + /* OFDM encoding (802.11a/g) */ + int bits_per_symbol = ( kbps * 4 ) / 1000; /* 4us/symbol */ + int bits = 22 + ( bytes << 3 ); /* 22-bit PLCP */ + int symbols = ( bits + bits_per_symbol - 1 ) / bits_per_symbol; + + return 16 + 20 + ( symbols * 4 ); /* 16us SIFS, 20us preamble */ + } else { + /* CCK encoding (802.11b) */ + int phy_time = 144 + 48; /* preamble + PLCP */ + int bits = bytes << 3; + int data_time = ( bits * 1000 + kbps - 1 ) / kbps; + + if ( dev->phy_flags & NET80211_PHY_USE_SHORT_PREAMBLE ) + phy_time >>= 1; + + return 10 + phy_time + data_time; /* 10us SIFS */ + } +} + +/** + * Add 802.11 link-layer header + * + * @v netdev Wrapping network device + * @v iobuf I/O buffer + * @v ll_dest Link-layer destination address + * @v ll_source Link-layer source address + * @v net_proto Network-layer protocol, in network byte order + * @ret rc Return status code + * + * This adds both the 802.11 frame header and the 802.2 LLC/SNAP + * header used on data packets. + * + * We also check here for state of the link that would make it invalid + * to send a data packet; every data packet must pass through here, + * and no non-data packet (e.g. management frame) should. + */ +static int net80211_ll_push ( struct net_device *netdev, + struct io_buffer *iobuf, const void *ll_dest, + const void *ll_source, uint16_t net_proto ) +{ + struct net80211_device *dev = netdev->priv; + struct ieee80211_frame *hdr = iob_push ( iobuf, + IEEE80211_LLC_HEADER_LEN + + IEEE80211_TYP_FRAME_HEADER_LEN ); + struct ieee80211_llc_snap_header *lhdr = + ( void * ) hdr + IEEE80211_TYP_FRAME_HEADER_LEN; + + /* We can't send data packets if we're not associated. */ + if ( ! ( dev->state & NET80211_ASSOCIATED ) ) { + if ( dev->assoc_rc ) + return dev->assoc_rc; + return -ENETUNREACH; + } + + hdr->fc = IEEE80211_THIS_VERSION | IEEE80211_TYPE_DATA | + IEEE80211_STYPE_DATA | IEEE80211_FC_TODS; + + /* We don't send fragmented frames, so duration is the time + for an SIFS + 10-byte ACK. */ + hdr->duration = net80211_duration ( dev, 10, dev->rates[dev->rate] ); + + memcpy ( hdr->addr1, dev->bssid, ETH_ALEN ); + memcpy ( hdr->addr2, ll_source, ETH_ALEN ); + memcpy ( hdr->addr3, ll_dest, ETH_ALEN ); + + hdr->seq = IEEE80211_MAKESEQ ( ++dev->last_tx_seqnr, 0 ); + + lhdr->dsap = IEEE80211_LLC_DSAP; + lhdr->ssap = IEEE80211_LLC_SSAP; + lhdr->ctrl = IEEE80211_LLC_CTRL; + memset ( lhdr->oui, 0x00, 3 ); + lhdr->ethertype = net_proto; + + return 0; +} + +/** + * Remove 802.11 link-layer header + * + * @v netdev Wrapping network device + * @v iobuf I/O buffer + * @ret ll_dest Link-layer destination address + * @ret ll_source Link-layer source + * @ret net_proto Network-layer protocol, in network byte order + * @ret flags Packet flags + * @ret rc Return status code + * + * This expects and removes both the 802.11 frame header and the 802.2 + * LLC/SNAP header that are used on data packets. + */ +static int net80211_ll_pull ( struct net_device *netdev __unused, + struct io_buffer *iobuf, + const void **ll_dest, const void **ll_source, + uint16_t * net_proto, unsigned int *flags ) +{ + struct ieee80211_frame *hdr = iobuf->data; + struct ieee80211_llc_snap_header *lhdr = + ( void * ) hdr + IEEE80211_TYP_FRAME_HEADER_LEN; + + /* Bunch of sanity checks */ + if ( iob_len ( iobuf ) < IEEE80211_TYP_FRAME_HEADER_LEN + + IEEE80211_LLC_HEADER_LEN ) { + DBGC ( netdev->priv, "802.11 %p packet too short (%zd bytes)\n", + netdev->priv, iob_len ( iobuf ) ); + return -EINVAL_PKT_TOO_SHORT; + } + + if ( ( hdr->fc & IEEE80211_FC_VERSION ) != IEEE80211_THIS_VERSION ) { + DBGC ( netdev->priv, "802.11 %p packet invalid version %04x\n", + netdev->priv, hdr->fc & IEEE80211_FC_VERSION ); + return -EINVAL_PKT_VERSION; + } + + if ( ( hdr->fc & IEEE80211_FC_TYPE ) != IEEE80211_TYPE_DATA || + ( hdr->fc & IEEE80211_FC_SUBTYPE ) != IEEE80211_STYPE_DATA ) { + DBGC ( netdev->priv, "802.11 %p packet not data/data (fc=%04x)\n", + netdev->priv, hdr->fc ); + return -EINVAL_PKT_NOT_DATA; + } + + if ( ( hdr->fc & ( IEEE80211_FC_TODS | IEEE80211_FC_FROMDS ) ) != + IEEE80211_FC_FROMDS ) { + DBGC ( netdev->priv, "802.11 %p packet not from DS (fc=%04x)\n", + netdev->priv, hdr->fc ); + return -EINVAL_PKT_NOT_FROMDS; + } + + if ( lhdr->dsap != IEEE80211_LLC_DSAP || lhdr->ssap != IEEE80211_LLC_SSAP || + lhdr->ctrl != IEEE80211_LLC_CTRL || lhdr->oui[0] || lhdr->oui[1] || + lhdr->oui[2] ) { + DBGC ( netdev->priv, "802.11 %p LLC header is not plain EtherType " + "encapsulator: %02x->%02x [%02x] %02x:%02x:%02x %04x\n", + netdev->priv, lhdr->dsap, lhdr->ssap, lhdr->ctrl, + lhdr->oui[0], lhdr->oui[1], lhdr->oui[2], lhdr->ethertype ); + return -EINVAL_PKT_LLC_HEADER; + } + + iob_pull ( iobuf, sizeof ( *hdr ) + sizeof ( *lhdr ) ); + + *ll_dest = hdr->addr1; + *ll_source = hdr->addr3; + *net_proto = lhdr->ethertype; + *flags = ( ( is_multicast_ether_addr ( hdr->addr1 ) ? + LL_MULTICAST : 0 ) | + ( is_broadcast_ether_addr ( hdr->addr1 ) ? + LL_BROADCAST : 0 ) ); + return 0; +} + +/** 802.11 link-layer protocol */ +static struct ll_protocol net80211_ll_protocol __ll_protocol = { + .name = "802.11", + .push = net80211_ll_push, + .pull = net80211_ll_pull, + .init_addr = eth_init_addr, + .ntoa = eth_ntoa, + .mc_hash = eth_mc_hash, + .eth_addr = eth_eth_addr, + .eui64 = eth_eui64, + .ll_proto = htons ( ARPHRD_ETHER ), /* "encapsulated Ethernet" */ + .hw_addr_len = ETH_ALEN, + .ll_addr_len = ETH_ALEN, + .ll_header_len = IEEE80211_TYP_FRAME_HEADER_LEN + + IEEE80211_LLC_HEADER_LEN, +}; + + +/* ---------- 802.11 network management API ---------- */ + +/** + * Get 802.11 device from wrapping network device + * + * @v netdev Wrapping network device + * @ret dev 802.11 device wrapped by network device, or NULL + * + * Returns NULL if the network device does not wrap an 802.11 device. + */ +struct net80211_device * net80211_get ( struct net_device *netdev ) +{ + struct net80211_device *dev; + + list_for_each_entry ( dev, &net80211_devices, list ) { + if ( netdev->priv == dev ) + return netdev->priv; + } + + return NULL; +} + +/** + * Set state of 802.11 device keeping management frames + * + * @v dev 802.11 device + * @v enable Whether to keep management frames + * @ret oldenab Whether management frames were enabled before this call + * + * If enable is TRUE, beacon, probe, and action frames will be kept + * and may be retrieved by calling net80211_mgmt_dequeue(). + */ +int net80211_keep_mgmt ( struct net80211_device *dev, int enable ) +{ + int oldenab = dev->keep_mgmt; + + dev->keep_mgmt = enable; + return oldenab; +} + +/** + * Get 802.11 management frame + * + * @v dev 802.11 device + * @ret signal Signal strength of returned management frame + * @ret iob I/O buffer, or NULL if no management frame is queued + * + * Frames will only be returned by this function if + * net80211_keep_mgmt() has been previously called with enable set to + * TRUE. + * + * The calling function takes ownership of the returned I/O buffer. + */ +struct io_buffer * net80211_mgmt_dequeue ( struct net80211_device *dev, + int *signal ) +{ + struct io_buffer *iobuf; + struct net80211_rx_info *rxi; + + list_for_each_entry ( rxi, &dev->mgmt_info_queue, list ) { + list_del ( &rxi->list ); + if ( signal ) + *signal = rxi->signal; + free ( rxi ); + + assert ( ! list_empty ( &dev->mgmt_queue ) ); + iobuf = list_first_entry ( &dev->mgmt_queue, struct io_buffer, + list ); + list_del ( &iobuf->list ); + return iobuf; + } + + return NULL; +} + +/** + * Transmit 802.11 management frame + * + * @v dev 802.11 device + * @v fc Frame Control flags for management frame + * @v dest Destination access point + * @v iob I/O buffer + * @ret rc Return status code + * + * The @a fc argument must contain at least an IEEE 802.11 management + * subtype number (e.g. IEEE80211_STYPE_PROBE_REQ). If it contains + * IEEE80211_FC_PROTECTED, the frame will be encrypted prior to + * transmission. + * + * It is required that @a iob have at least 24 bytes of headroom + * reserved before its data start. + */ +int net80211_tx_mgmt ( struct net80211_device *dev, u16 fc, u8 dest[6], + struct io_buffer *iob ) +{ + struct ieee80211_frame *hdr = iob_push ( iob, + IEEE80211_TYP_FRAME_HEADER_LEN ); + + hdr->fc = IEEE80211_THIS_VERSION | IEEE80211_TYPE_MGMT | + ( fc & ~IEEE80211_FC_PROTECTED ); + hdr->duration = net80211_duration ( dev, 10, dev->rates[dev->rate] ); + hdr->seq = IEEE80211_MAKESEQ ( ++dev->last_tx_seqnr, 0 ); + + memcpy ( hdr->addr1, dest, ETH_ALEN ); /* DA = RA */ + memcpy ( hdr->addr2, dev->netdev->ll_addr, ETH_ALEN ); /* SA = TA */ + memcpy ( hdr->addr3, dest, ETH_ALEN ); /* BSSID */ + + if ( fc & IEEE80211_FC_PROTECTED ) { + if ( ! dev->crypto ) + return -EINVAL_CRYPTO_REQUEST; + + struct io_buffer *eiob = dev->crypto->encrypt ( dev->crypto, + iob ); + free_iob ( iob ); + iob = eiob; + } + + return netdev_tx ( dev->netdev, iob ); +} + + +/* ---------- Driver API ---------- */ + +/** 802.11 association process descriptor */ +static struct process_descriptor net80211_process_desc = + PROC_DESC ( struct net80211_device, proc_assoc, + net80211_step_associate ); + +/** + * Allocate 802.11 device + * + * @v priv_size Size of driver-private allocation area + * @ret dev Newly allocated 802.11 device + * + * This function allocates a net_device with space in its private area + * for both the net80211_device it will wrap and the driver-private + * data space requested. It initializes the link-layer-specific parts + * of the net_device, and links the net80211_device to the net_device + * appropriately. + */ +struct net80211_device * net80211_alloc ( size_t priv_size ) +{ + struct net80211_device *dev; + struct net_device *netdev = + alloc_netdev ( sizeof ( *dev ) + priv_size ); + + if ( ! netdev ) + return NULL; + + netdev->ll_protocol = &net80211_ll_protocol; + netdev->ll_broadcast = eth_broadcast; + netdev->max_pkt_len = IEEE80211_MAX_DATA_LEN; + netdev_init ( netdev, &net80211_netdev_ops ); + + dev = netdev->priv; + dev->netdev = netdev; + dev->priv = ( u8 * ) dev + sizeof ( *dev ); + dev->op = &net80211_null_ops; + + process_init_stopped ( &dev->proc_assoc, &net80211_process_desc, + &netdev->refcnt ); + INIT_LIST_HEAD ( &dev->mgmt_queue ); + INIT_LIST_HEAD ( &dev->mgmt_info_queue ); + + return dev; +} + +/** + * Register 802.11 device with network stack + * + * @v dev 802.11 device + * @v ops 802.11 device operations + * @v hw 802.11 hardware information + * + * This also registers the wrapping net_device with the higher network + * layers. + */ +int net80211_register ( struct net80211_device *dev, + struct net80211_device_operations *ops, + struct net80211_hw_info *hw ) +{ + dev->op = ops; + dev->hw = malloc ( sizeof ( *hw ) ); + if ( ! dev->hw ) + return -ENOMEM; + + memcpy ( dev->hw, hw, sizeof ( *hw ) ); + memcpy ( dev->netdev->hw_addr, hw->hwaddr, ETH_ALEN ); + + /* Set some sensible channel defaults for driver's open() function */ + memcpy ( dev->channels, dev->hw->channels, + NET80211_MAX_CHANNELS * sizeof ( dev->channels[0] ) ); + dev->channel = 0; + + list_add_tail ( &dev->list, &net80211_devices ); + return register_netdev ( dev->netdev ); +} + +/** + * Unregister 802.11 device from network stack + * + * @v dev 802.11 device + * + * After this call, the device operations are cleared so that they + * will not be called. + */ +void net80211_unregister ( struct net80211_device *dev ) +{ + unregister_netdev ( dev->netdev ); + list_del ( &dev->list ); + dev->op = &net80211_null_ops; +} + +/** + * Free 802.11 device + * + * @v dev 802.11 device + * + * The device should be unregistered before this function is called. + */ +void net80211_free ( struct net80211_device *dev ) +{ + free ( dev->hw ); + rc80211_free ( dev->rctl ); + netdev_nullify ( dev->netdev ); + netdev_put ( dev->netdev ); +} + + +/* ---------- 802.11 network management workhorse code ---------- */ + +/** + * Set state of 802.11 device + * + * @v dev 802.11 device + * @v clear Bitmask of flags to clear + * @v set Bitmask of flags to set + * @v status Status or reason code for most recent operation + * + * If @a status represents a reason code, it should be OR'ed with + * NET80211_IS_REASON. + * + * Clearing authentication also clears association; clearing + * association also clears security handshaking state. Clearing + * association removes the link-up flag from the wrapping net_device, + * but setting it does not automatically set the flag; that is left to + * the judgment of higher-level code. + */ +static inline void net80211_set_state ( struct net80211_device *dev, + short clear, short set, + u16 status ) +{ + /* The conditions in this function are deliberately formulated + to be decidable at compile-time in most cases. Since clear + and set are generally passed as constants, the body of this + function can be reduced down to a few statements by the + compiler. */ + + const int statmsk = NET80211_STATUS_MASK | NET80211_IS_REASON; + + if ( clear & NET80211_PROBED ) + clear |= NET80211_AUTHENTICATED; + + if ( clear & NET80211_AUTHENTICATED ) + clear |= NET80211_ASSOCIATED; + + if ( clear & NET80211_ASSOCIATED ) + clear |= NET80211_CRYPTO_SYNCED; + + dev->state = ( dev->state & ~clear ) | set; + dev->state = ( dev->state & ~statmsk ) | ( status & statmsk ); + + if ( clear & NET80211_ASSOCIATED ) + netdev_link_down ( dev->netdev ); + + if ( ( clear | set ) & NET80211_ASSOCIATED ) + dev->op->config ( dev, NET80211_CFG_ASSOC ); + + if ( status != 0 ) { + if ( status & NET80211_IS_REASON ) + dev->assoc_rc = -E80211_REASON ( status ); + else + dev->assoc_rc = -E80211_STATUS ( status ); + netdev_link_err ( dev->netdev, dev->assoc_rc ); + } +} + +/** + * Add channels to 802.11 device + * + * @v dev 802.11 device + * @v start First channel number to add + * @v len Number of channels to add + * @v txpower TX power (dBm) to allow on added channels + * + * To replace the current list of channels instead of adding to it, + * set the nr_channels field of the 802.11 device to 0 before calling + * this function. + */ +static void net80211_add_channels ( struct net80211_device *dev, int start, + int len, int txpower ) +{ + int i, chan = start; + + for ( i = dev->nr_channels; len-- && i < NET80211_MAX_CHANNELS; i++ ) { + dev->channels[i].channel_nr = chan; + dev->channels[i].maxpower = txpower; + dev->channels[i].hw_value = 0; + + if ( chan >= 1 && chan <= 14 ) { + dev->channels[i].band = NET80211_BAND_2GHZ; + if ( chan == 14 ) + dev->channels[i].center_freq = 2484; + else + dev->channels[i].center_freq = 2407 + 5 * chan; + chan++; + } else { + dev->channels[i].band = NET80211_BAND_5GHZ; + dev->channels[i].center_freq = 5000 + 5 * chan; + chan += 4; + } + } + + dev->nr_channels = i; +} + +/** + * Filter 802.11 device channels for hardware capabilities + * + * @v dev 802.11 device + * + * Hardware may support fewer channels than regulatory restrictions + * allow; this function filters out channels in dev->channels that are + * not supported by the hardware list in dev->hwinfo. It also copies + * over the net80211_channel::hw_value and limits maximum TX power + * appropriately. + * + * Channels are matched based on center frequency, ignoring band and + * channel number. + * + * If the driver specifies no supported channels, the effect will be + * as though all were supported. + */ +static void net80211_filter_hw_channels ( struct net80211_device *dev ) +{ + int delta = 0, i = 0; + int old_freq = dev->channels[dev->channel].center_freq; + struct net80211_channel *chan, *hwchan; + + if ( ! dev->hw->nr_channels ) + return; + + dev->channel = 0; + for ( chan = dev->channels; chan < dev->channels + dev->nr_channels; + chan++, i++ ) { + int ok = 0; + for ( hwchan = dev->hw->channels; + hwchan < dev->hw->channels + dev->hw->nr_channels; + hwchan++ ) { + if ( hwchan->center_freq == chan->center_freq ) { + ok = 1; + break; + } + } + + if ( ! ok ) + delta++; + else { + chan->hw_value = hwchan->hw_value; + if ( hwchan->maxpower != 0 && + chan->maxpower > hwchan->maxpower ) + chan->maxpower = hwchan->maxpower; + if ( old_freq == chan->center_freq ) + dev->channel = i - delta; + if ( delta ) + chan[-delta] = *chan; + } + } + + dev->nr_channels -= delta; + + if ( dev->channels[dev->channel].center_freq != old_freq ) + dev->op->config ( dev, NET80211_CFG_CHANNEL ); +} + +/** + * Update 802.11 device state to reflect received capabilities field + * + * @v dev 802.11 device + * @v capab Capabilities field in beacon, probe, or association frame + * @ret rc Return status code + */ +static int net80211_process_capab ( struct net80211_device *dev, + u16 capab ) +{ + u16 old_phy = dev->phy_flags; + + if ( ( capab & ( IEEE80211_CAPAB_MANAGED | IEEE80211_CAPAB_ADHOC ) ) != + IEEE80211_CAPAB_MANAGED ) { + DBGC ( dev, "802.11 %p cannot handle IBSS network\n", dev ); + return -ENOSYS; + } + + dev->phy_flags &= ~( NET80211_PHY_USE_SHORT_PREAMBLE | + NET80211_PHY_USE_SHORT_SLOT ); + + if ( capab & IEEE80211_CAPAB_SHORT_PMBL ) + dev->phy_flags |= NET80211_PHY_USE_SHORT_PREAMBLE; + + if ( capab & IEEE80211_CAPAB_SHORT_SLOT ) + dev->phy_flags |= NET80211_PHY_USE_SHORT_SLOT; + + if ( old_phy != dev->phy_flags ) + dev->op->config ( dev, NET80211_CFG_PHY_PARAMS ); + + return 0; +} + +/** + * Update 802.11 device state to reflect received information elements + * + * @v dev 802.11 device + * @v ie Pointer to first information element + * @v ie_end Pointer to tail of packet I/O buffer + * @ret rc Return status code + */ +static int net80211_process_ie ( struct net80211_device *dev, + union ieee80211_ie *ie, void *ie_end ) +{ + u16 old_rate = dev->rates[dev->rate]; + u16 old_phy = dev->phy_flags; + int have_rates = 0, i; + int ds_channel = 0; + int changed = 0; + int band = dev->channels[dev->channel].band; + + if ( ! ieee80211_ie_bound ( ie, ie_end ) ) + return 0; + + for ( ; ie; ie = ieee80211_next_ie ( ie, ie_end ) ) { + switch ( ie->id ) { + case IEEE80211_IE_SSID: + if ( ie->len <= 32 ) { + memcpy ( dev->essid, ie->ssid, ie->len ); + dev->essid[ie->len] = 0; + } + break; + + case IEEE80211_IE_RATES: + case IEEE80211_IE_EXT_RATES: + if ( ! have_rates ) { + dev->nr_rates = 0; + dev->basic_rates = 0; + have_rates = 1; + } + for ( i = 0; i < ie->len && + dev->nr_rates < NET80211_MAX_RATES; i++ ) { + u8 rid = ie->rates[i]; + u16 rate = ( rid & 0x7f ) * 5; + + if ( rid & 0x80 ) + dev->basic_rates |= + ( 1 << dev->nr_rates ); + + dev->rates[dev->nr_rates++] = rate; + } + + break; + + case IEEE80211_IE_DS_PARAM: + if ( dev->channel < dev->nr_channels && ds_channel == + dev->channels[dev->channel].channel_nr ) + break; + ds_channel = ie->ds_param.current_channel; + net80211_change_channel ( dev, ds_channel ); + break; + + case IEEE80211_IE_COUNTRY: + dev->nr_channels = 0; + + DBGC ( dev, "802.11 %p setting country regulations " + "for %c%c\n", dev, ie->country.name[0], + ie->country.name[1] ); + for ( i = 0; i < ( ie->len - 3 ) / 3; i++ ) { + union ieee80211_ie_country_triplet *t = + &ie->country.triplet[i]; + if ( t->first > 200 ) { + DBGC ( dev, "802.11 %p ignoring regulatory " + "extension information\n", dev ); + } else { + net80211_add_channels ( dev, + t->band.first_channel, + t->band.nr_channels, + t->band.max_txpower ); + } + } + net80211_filter_hw_channels ( dev ); + break; + + case IEEE80211_IE_ERP_INFO: + dev->phy_flags &= ~( NET80211_PHY_USE_PROTECTION | + NET80211_PHY_USE_SHORT_PREAMBLE ); + if ( ie->erp_info & IEEE80211_ERP_USE_PROTECTION ) + dev->phy_flags |= NET80211_PHY_USE_PROTECTION; + if ( ! ( ie->erp_info & IEEE80211_ERP_BARKER_LONG ) ) + dev->phy_flags |= NET80211_PHY_USE_SHORT_PREAMBLE; + break; + } + } + + if ( have_rates ) { + /* Allow only those rates that are also supported by + the hardware. */ + int delta = 0, j; + + dev->rate = 0; + for ( i = 0; i < dev->nr_rates; i++ ) { + int ok = 0; + for ( j = 0; j < dev->hw->nr_rates[band]; j++ ) { + if ( dev->hw->rates[band][j] == dev->rates[i] ){ + ok = 1; + break; + } + } + + if ( ! ok ) + delta++; + else { + dev->rates[i - delta] = dev->rates[i]; + if ( old_rate == dev->rates[i] ) + dev->rate = i - delta; + } + } + + dev->nr_rates -= delta; + + /* Sort available rates - sorted subclumps tend to already + exist, so insertion sort works well. */ + for ( i = 1; i < dev->nr_rates; i++ ) { + u16 rate = dev->rates[i]; + u32 tmp, br, mask; + + for ( j = i - 1; j >= 0 && dev->rates[j] >= rate; j-- ) + dev->rates[j + 1] = dev->rates[j]; + dev->rates[j + 1] = rate; + + /* Adjust basic_rates to match by rotating the + bits from bit j+1 to bit i left one position. */ + mask = ( ( 1 << i ) - 1 ) & ~( ( 1 << ( j + 1 ) ) - 1 ); + br = dev->basic_rates; + tmp = br & ( 1 << i ); + br = ( br & ~( mask | tmp ) ) | ( ( br & mask ) << 1 ); + br |= ( tmp >> ( i - j - 1 ) ); + dev->basic_rates = br; + } + + net80211_set_rtscts_rate ( dev ); + + if ( dev->rates[dev->rate] != old_rate ) + changed |= NET80211_CFG_RATE; + } + + if ( dev->hw->flags & NET80211_HW_NO_SHORT_PREAMBLE ) + dev->phy_flags &= ~NET80211_PHY_USE_SHORT_PREAMBLE; + if ( dev->hw->flags & NET80211_HW_NO_SHORT_SLOT ) + dev->phy_flags &= ~NET80211_PHY_USE_SHORT_SLOT; + + if ( old_phy != dev->phy_flags ) + changed |= NET80211_CFG_PHY_PARAMS; + + if ( changed ) + dev->op->config ( dev, changed ); + + return 0; +} + +/** + * Create information elements for outgoing probe or association packet + * + * @v dev 802.11 device + * @v ie Pointer to start of information element area + * @ret next_ie Pointer to first byte after added information elements + */ +static union ieee80211_ie * +net80211_marshal_request_info ( struct net80211_device *dev, + union ieee80211_ie *ie ) +{ + int i; + + ie->id = IEEE80211_IE_SSID; + ie->len = strlen ( dev->essid ); + memcpy ( ie->ssid, dev->essid, ie->len ); + + ie = ieee80211_next_ie ( ie, NULL ); + + ie->id = IEEE80211_IE_RATES; + ie->len = dev->nr_rates; + if ( ie->len > 8 ) + ie->len = 8; + + for ( i = 0; i < ie->len; i++ ) { + ie->rates[i] = dev->rates[i] / 5; + if ( dev->basic_rates & ( 1 << i ) ) + ie->rates[i] |= 0x80; + } + + ie = ieee80211_next_ie ( ie, NULL ); + + if ( dev->rsn_ie && dev->rsn_ie->id == IEEE80211_IE_RSN ) { + memcpy ( ie, dev->rsn_ie, dev->rsn_ie->len + 2 ); + ie = ieee80211_next_ie ( ie, NULL ); + } + + if ( dev->nr_rates > 8 ) { + /* 802.11 requires we use an Extended Basic Rates IE + for the rates beyond the eighth. */ + + ie->id = IEEE80211_IE_EXT_RATES; + ie->len = dev->nr_rates - 8; + + for ( ; i < dev->nr_rates; i++ ) { + ie->rates[i - 8] = dev->rates[i] / 5; + if ( dev->basic_rates & ( 1 << i ) ) + ie->rates[i - 8] |= 0x80; + } + + ie = ieee80211_next_ie ( ie, NULL ); + } + + if ( dev->rsn_ie && dev->rsn_ie->id == IEEE80211_IE_VENDOR ) { + memcpy ( ie, dev->rsn_ie, dev->rsn_ie->len + 2 ); + ie = ieee80211_next_ie ( ie, NULL ); + } + + return ie; +} + +/** Seconds to wait after finding a network, to possibly find better APs for it + * + * This is used when a specific SSID to scan for is specified. + */ +#define NET80211_PROBE_GATHER 1 + +/** Seconds to wait after finding a network, to possibly find other networks + * + * This is used when an empty SSID is specified, to scan for all + * networks. + */ +#define NET80211_PROBE_GATHER_ALL 2 + +/** Seconds to allow a probe to take if no network has been found */ +#define NET80211_PROBE_TIMEOUT 6 + +/** + * Begin probe of 802.11 networks + * + * @v dev 802.11 device + * @v essid SSID to probe for, or "" to accept any (may not be NULL) + * @v active Whether to use active scanning + * @ret ctx Probe context + * + * Active scanning may only be used on channels 1-11 in the 2.4GHz + * band, due to iPXE's lack of a complete regulatory database. If + * active scanning is used, probe packets will be sent on each + * channel; this can allow association with hidden-SSID networks if + * the SSID is properly specified. + * + * A @c NULL return indicates an out-of-memory condition. + * + * The returned context must be periodically passed to + * net80211_probe_step() until that function returns zero. + */ +struct net80211_probe_ctx * net80211_probe_start ( struct net80211_device *dev, + const char *essid, + int active ) +{ + struct net80211_probe_ctx *ctx = zalloc ( sizeof ( *ctx ) ); + + if ( ! ctx ) + return NULL; + + assert ( netdev_is_open ( dev->netdev ) ); + + ctx->dev = dev; + ctx->old_keep_mgmt = net80211_keep_mgmt ( dev, 1 ); + ctx->essid = essid; + if ( dev->essid != ctx->essid ) + strcpy ( dev->essid, ctx->essid ); + + if ( active ) { + struct ieee80211_probe_req *probe_req; + union ieee80211_ie *ie; + + ctx->probe = alloc_iob ( 128 ); + iob_reserve ( ctx->probe, IEEE80211_TYP_FRAME_HEADER_LEN ); + probe_req = ctx->probe->data; + + ie = net80211_marshal_request_info ( dev, + probe_req->info_element ); + + iob_put ( ctx->probe, ( void * ) ie - ctx->probe->data ); + } + + ctx->ticks_start = currticks(); + ctx->ticks_beacon = 0; + ctx->ticks_channel = currticks(); + ctx->hop_time = ticks_per_sec() / ( active ? 2 : 6 ); + + /* + * Channels on 2.4GHz overlap, and the most commonly used + * are 1, 6, and 11. We'll get a result faster if we check + * every 5 channels, but in order to hit all of them the + * number of channels must be relatively prime to 5. If it's + * not, tweak the hop. + */ + ctx->hop_step = 5; + while ( dev->nr_channels % ctx->hop_step == 0 && ctx->hop_step > 1 ) + ctx->hop_step--; + + ctx->beacons = malloc ( sizeof ( *ctx->beacons ) ); + INIT_LIST_HEAD ( ctx->beacons ); + + dev->channel = 0; + dev->op->config ( dev, NET80211_CFG_CHANNEL ); + + return ctx; +} + +/** + * Continue probe of 802.11 networks + * + * @v ctx Probe context returned by net80211_probe_start() + * @ret rc Probe status + * + * The return code will be 0 if the probe is still going on (and this + * function should be called again), a positive number if the probe + * completed successfully, or a negative error code if the probe + * failed for that reason. + * + * Whether the probe succeeded or failed, you must call + * net80211_probe_finish_all() or net80211_probe_finish_best() + * (depending on whether you want information on all networks or just + * the best-signal one) in order to release the probe context. A + * failed probe may still have acquired some valid data. + */ +int net80211_probe_step ( struct net80211_probe_ctx *ctx ) +{ + struct net80211_device *dev = ctx->dev; + u32 start_timeout = NET80211_PROBE_TIMEOUT * ticks_per_sec(); + u32 gather_timeout = ticks_per_sec(); + u32 now = currticks(); + struct io_buffer *iob; + int signal; + int rc; + char ssid[IEEE80211_MAX_SSID_LEN + 1]; + + gather_timeout *= ( ctx->essid[0] ? NET80211_PROBE_GATHER : + NET80211_PROBE_GATHER_ALL ); + + /* Time out if necessary */ + if ( now >= ctx->ticks_start + start_timeout ) + return list_empty ( ctx->beacons ) ? -ETIMEDOUT : +1; + + if ( ctx->ticks_beacon > 0 && now >= ctx->ticks_start + gather_timeout ) + return +1; + + /* Change channels if necessary */ + if ( now >= ctx->ticks_channel + ctx->hop_time ) { + dev->channel = ( dev->channel + ctx->hop_step ) + % dev->nr_channels; + dev->op->config ( dev, NET80211_CFG_CHANNEL ); + udelay ( dev->hw->channel_change_time ); + + ctx->ticks_channel = now; + + if ( ctx->probe ) { + struct io_buffer *siob = ctx->probe; /* to send */ + + /* make a copy for future use */ + iob = alloc_iob ( siob->tail - siob->head ); + iob_reserve ( iob, iob_headroom ( siob ) ); + memcpy ( iob_put ( iob, iob_len ( siob ) ), + siob->data, iob_len ( siob ) ); + + ctx->probe = iob; + rc = net80211_tx_mgmt ( dev, IEEE80211_STYPE_PROBE_REQ, + eth_broadcast, + iob_disown ( siob ) ); + if ( rc ) { + DBGC ( dev, "802.11 %p send probe failed: " + "%s\n", dev, strerror ( rc ) ); + return rc; + } + } + } + + /* Check for new management packets */ + while ( ( iob = net80211_mgmt_dequeue ( dev, &signal ) ) != NULL ) { + struct ieee80211_frame *hdr; + struct ieee80211_beacon *beacon; + union ieee80211_ie *ie; + struct net80211_wlan *wlan; + u16 type; + + hdr = iob->data; + type = hdr->fc & IEEE80211_FC_SUBTYPE; + beacon = ( struct ieee80211_beacon * ) hdr->data; + + if ( type != IEEE80211_STYPE_BEACON && + type != IEEE80211_STYPE_PROBE_RESP ) { + DBGC2 ( dev, "802.11 %p probe: non-beacon\n", dev ); + goto drop; + } + + if ( ( void * ) beacon->info_element >= iob->tail ) { + DBGC ( dev, "802.11 %p probe: beacon with no IEs\n", + dev ); + goto drop; + } + + ie = beacon->info_element; + + if ( ! ieee80211_ie_bound ( ie, iob->tail ) ) + ie = NULL; + + while ( ie && ie->id != IEEE80211_IE_SSID ) + ie = ieee80211_next_ie ( ie, iob->tail ); + + if ( ! ie ) { + DBGC ( dev, "802.11 %p probe: beacon with no SSID\n", + dev ); + goto drop; + } + + memcpy ( ssid, ie->ssid, ie->len ); + ssid[ie->len] = 0; + + if ( ctx->essid[0] && strcmp ( ctx->essid, ssid ) != 0 ) { + DBGC2 ( dev, "802.11 %p probe: beacon with wrong SSID " + "(%s)\n", dev, ssid ); + goto drop; + } + + /* See if we've got an entry for this network */ + list_for_each_entry ( wlan, ctx->beacons, list ) { + if ( strcmp ( wlan->essid, ssid ) != 0 ) + continue; + + if ( signal < wlan->signal ) { + DBGC2 ( dev, "802.11 %p probe: beacon for %s " + "(%s) with weaker signal %d\n", dev, + ssid, eth_ntoa ( hdr->addr3 ), signal ); + goto drop; + } + + goto fill; + } + + /* No entry yet - make one */ + wlan = zalloc ( sizeof ( *wlan ) ); + strcpy ( wlan->essid, ssid ); + list_add_tail ( &wlan->list, ctx->beacons ); + + /* Whether we're using an old entry or a new one, fill + it with new data. */ + fill: + memcpy ( wlan->bssid, hdr->addr3, ETH_ALEN ); + wlan->signal = signal; + wlan->channel = dev->channels[dev->channel].channel_nr; + + /* Copy this I/O buffer into a new wlan->beacon; the + * iob we've got probably came from the device driver + * and may have the full 2.4k allocation, which we + * don't want to keep around wasting memory. + */ + free_iob ( wlan->beacon ); + wlan->beacon = alloc_iob ( iob_len ( iob ) ); + memcpy ( iob_put ( wlan->beacon, iob_len ( iob ) ), + iob->data, iob_len ( iob ) ); + + if ( ( rc = sec80211_detect ( wlan->beacon, &wlan->handshaking, + &wlan->crypto ) ) == -ENOTSUP ) { + struct ieee80211_beacon *beacon = + ( struct ieee80211_beacon * ) hdr->data; + + if ( beacon->capability & IEEE80211_CAPAB_PRIVACY ) { + DBG ( "802.11 %p probe: secured network %s but " + "encryption support not compiled in\n", + dev, wlan->essid ); + wlan->handshaking = NET80211_SECPROT_UNKNOWN; + wlan->crypto = NET80211_CRYPT_UNKNOWN; + } else { + wlan->handshaking = NET80211_SECPROT_NONE; + wlan->crypto = NET80211_CRYPT_NONE; + } + } else if ( rc != 0 ) { + DBGC ( dev, "802.11 %p probe warning: network " + "%s with unidentifiable security " + "settings: %s\n", dev, wlan->essid, + strerror ( rc ) ); + } + + ctx->ticks_beacon = now; + + DBGC2 ( dev, "802.11 %p probe: good beacon for %s (%s)\n", + dev, wlan->essid, eth_ntoa ( wlan->bssid ) ); + + drop: + free_iob ( iob ); + } + + return 0; +} + + +/** + * Finish probe of 802.11 networks, returning best-signal network found + * + * @v ctx Probe context + * @ret wlan Best-signal network found, or @c NULL if none were found + * + * If net80211_probe_start() was called with a particular SSID + * parameter as filter, only a network with that SSID (matching + * case-sensitively) can be returned from this function. + */ +struct net80211_wlan * +net80211_probe_finish_best ( struct net80211_probe_ctx *ctx ) +{ + struct net80211_wlan *best = NULL, *wlan; + + if ( ! ctx ) + return NULL; + + list_for_each_entry ( wlan, ctx->beacons, list ) { + if ( ! best || best->signal < wlan->signal ) + best = wlan; + } + + if ( best ) + list_del ( &best->list ); + else + DBGC ( ctx->dev, "802.11 %p probe: found nothing for '%s'\n", + ctx->dev, ctx->essid ); + + net80211_free_wlanlist ( ctx->beacons ); + + net80211_keep_mgmt ( ctx->dev, ctx->old_keep_mgmt ); + + if ( ctx->probe ) + free_iob ( ctx->probe ); + + free ( ctx ); + + return best; +} + + +/** + * Finish probe of 802.11 networks, returning all networks found + * + * @v ctx Probe context + * @ret list List of net80211_wlan detailing networks found + * + * If net80211_probe_start() was called with a particular SSID + * parameter as filter, this will always return either an empty or a + * one-element list. + */ +struct list_head *net80211_probe_finish_all ( struct net80211_probe_ctx *ctx ) +{ + struct list_head *beacons = ctx->beacons; + + if ( ! ctx ) + return NULL; + + net80211_keep_mgmt ( ctx->dev, ctx->old_keep_mgmt ); + + if ( ctx->probe ) + free_iob ( ctx->probe ); + + free ( ctx ); + + return beacons; +} + + +/** + * Free WLAN structure + * + * @v wlan WLAN structure to free + */ +void net80211_free_wlan ( struct net80211_wlan *wlan ) +{ + if ( wlan ) { + free_iob ( wlan->beacon ); + free ( wlan ); + } +} + + +/** + * Free list of WLAN structures + * + * @v list List of WLAN structures to free + */ +void net80211_free_wlanlist ( struct list_head *list ) +{ + struct net80211_wlan *wlan, *tmp; + + if ( ! list ) + return; + + list_for_each_entry_safe ( wlan, tmp, list, list ) { + list_del ( &wlan->list ); + net80211_free_wlan ( wlan ); + } + + free ( list ); +} + + +/** Number of ticks to wait for replies to association management frames */ +#define ASSOC_TIMEOUT TICKS_PER_SEC + +/** Number of times to try sending a particular association management frame */ +#define ASSOC_RETRIES 2 + +/** + * Step 802.11 association process + * + * @v dev 802.11 device + */ +static void net80211_step_associate ( struct net80211_device *dev ) +{ + int rc = 0; + int status = dev->state & NET80211_STATUS_MASK; + + /* + * We use a sort of state machine implemented using bits in + * the dev->state variable. At each call, we take the + * logically first step that has not yet succeeded; either it + * has not been tried yet, it's being retried, or it failed. + * If it failed, we return an error indication; otherwise we + * perform the step. If it succeeds, RX handling code will set + * the appropriate status bit for us. + * + * Probe works a bit differently, since we have to step it + * on every call instead of waiting for a packet to arrive + * that will set the completion bit for us. + */ + + /* If we're waiting for a reply, check for timeout condition */ + if ( dev->state & NET80211_WAITING ) { + /* Sanity check */ + if ( ! dev->associating ) + return; + + if ( currticks() - dev->ctx.assoc->last_packet > ASSOC_TIMEOUT ) { + /* Timed out - fail if too many retries, or retry */ + dev->ctx.assoc->times_tried++; + if ( ++dev->ctx.assoc->times_tried > ASSOC_RETRIES ) { + rc = -ETIMEDOUT; + goto fail; + } + } else { + /* Didn't time out - let it keep going */ + return; + } + } else { + if ( dev->state & NET80211_PROBED ) + dev->ctx.assoc->times_tried = 0; + } + + if ( ! ( dev->state & NET80211_PROBED ) ) { + /* state: probe */ + + if ( ! dev->ctx.probe ) { + /* start probe */ + int active = fetch_intz_setting ( NULL, + &net80211_active_setting ); + int band = dev->hw->bands; + + if ( active ) + band &= ~NET80211_BAND_BIT_5GHZ; + + rc = net80211_prepare_probe ( dev, band, active ); + if ( rc ) + goto fail; + + dev->ctx.probe = net80211_probe_start ( dev, dev->essid, + active ); + if ( ! dev->ctx.probe ) { + dev->assoc_rc = -ENOMEM; + goto fail; + } + } + + rc = net80211_probe_step ( dev->ctx.probe ); + if ( ! rc ) { + return; /* still going */ + } + + dev->associating = net80211_probe_finish_best ( dev->ctx.probe ); + dev->ctx.probe = NULL; + if ( ! dev->associating ) { + if ( rc > 0 ) /* "successful" probe found nothing */ + rc = -ETIMEDOUT; + goto fail; + } + + /* If we probed using a broadcast SSID, record that + fact for the settings applicator before we clobber + it with the specific SSID we've chosen. */ + if ( ! dev->essid[0] ) + dev->state |= NET80211_AUTO_SSID; + + DBGC ( dev, "802.11 %p found network %s (%s)\n", dev, + dev->associating->essid, + eth_ntoa ( dev->associating->bssid ) ); + + dev->ctx.assoc = zalloc ( sizeof ( *dev->ctx.assoc ) ); + if ( ! dev->ctx.assoc ) { + rc = -ENOMEM; + goto fail; + } + + dev->state |= NET80211_PROBED; + dev->ctx.assoc->method = IEEE80211_AUTH_OPEN_SYSTEM; + + return; + } + + /* Record time of sending the packet we're about to send, for timeout */ + dev->ctx.assoc->last_packet = currticks(); + + if ( ! ( dev->state & NET80211_AUTHENTICATED ) ) { + /* state: prepare and authenticate */ + + if ( status != IEEE80211_STATUS_SUCCESS ) { + /* we tried authenticating already, but failed */ + int method = dev->ctx.assoc->method; + + if ( method == IEEE80211_AUTH_OPEN_SYSTEM && + ( status == IEEE80211_STATUS_AUTH_CHALL_INVALID || + status == IEEE80211_STATUS_AUTH_ALGO_UNSUPP ) ) { + /* Maybe this network uses Shared Key? */ + dev->ctx.assoc->method = + IEEE80211_AUTH_SHARED_KEY; + } else { + goto fail; + } + } + + DBGC ( dev, "802.11 %p authenticating with method %d\n", dev, + dev->ctx.assoc->method ); + + rc = net80211_prepare_assoc ( dev, dev->associating ); + if ( rc ) + goto fail; + + rc = net80211_send_auth ( dev, dev->associating, + dev->ctx.assoc->method ); + if ( rc ) + goto fail; + + return; + } + + if ( ! ( dev->state & NET80211_ASSOCIATED ) ) { + /* state: associate */ + + if ( status != IEEE80211_STATUS_SUCCESS ) + goto fail; + + DBGC ( dev, "802.11 %p associating\n", dev ); + + if ( dev->handshaker && dev->handshaker->start && + ! dev->handshaker->started ) { + rc = dev->handshaker->start ( dev ); + if ( rc < 0 ) + goto fail; + dev->handshaker->started = 1; + } + + rc = net80211_send_assoc ( dev, dev->associating ); + if ( rc ) + goto fail; + + return; + } + + if ( ! ( dev->state & NET80211_CRYPTO_SYNCED ) ) { + /* state: crypto sync */ + DBGC ( dev, "802.11 %p security handshaking\n", dev ); + + if ( ! dev->handshaker || ! dev->handshaker->step ) { + dev->state |= NET80211_CRYPTO_SYNCED; + return; + } + + rc = dev->handshaker->step ( dev ); + + if ( rc < 0 ) { + /* Only record the returned error if we're + still marked as associated, because an + asynchronous error will have already been + reported to net80211_deauthenticate() and + assoc_rc thereby set. */ + if ( dev->state & NET80211_ASSOCIATED ) + dev->assoc_rc = rc; + rc = 0; + goto fail; + } + + if ( rc > 0 ) { + dev->assoc_rc = 0; + dev->state |= NET80211_CRYPTO_SYNCED; + } + return; + } + + /* state: done! */ + netdev_link_up ( dev->netdev ); + dev->assoc_rc = 0; + dev->state &= ~NET80211_WORKING; + + free ( dev->ctx.assoc ); + dev->ctx.assoc = NULL; + + net80211_free_wlan ( dev->associating ); + dev->associating = NULL; + + dev->rctl = rc80211_init ( dev ); + + process_del ( &dev->proc_assoc ); + + DBGC ( dev, "802.11 %p associated with %s (%s)\n", dev, + dev->essid, eth_ntoa ( dev->bssid ) ); + + return; + + fail: + dev->state &= ~( NET80211_WORKING | NET80211_WAITING ); + if ( rc ) + dev->assoc_rc = rc; + + netdev_link_err ( dev->netdev, dev->assoc_rc ); + + /* We never reach here from the middle of a probe, so we don't + need to worry about freeing dev->ctx.probe. */ + + if ( dev->state & NET80211_PROBED ) { + free ( dev->ctx.assoc ); + dev->ctx.assoc = NULL; + } + + net80211_free_wlan ( dev->associating ); + dev->associating = NULL; + + process_del ( &dev->proc_assoc ); + + DBGC ( dev, "802.11 %p association failed (state=%04x): " + "%s\n", dev, dev->state, strerror ( dev->assoc_rc ) ); + + /* Try it again: */ + net80211_autoassociate ( dev ); +} + +/** + * Check for 802.11 SSID or key updates + * + * This acts as a settings applicator; if the user changes netX/ssid, + * and netX is currently open, the association task will be invoked + * again. If the user changes the encryption key, the current security + * handshaker will be asked to update its state to match; if that is + * impossible without reassociation, we reassociate. + */ +static int net80211_check_settings_update ( void ) +{ + struct net80211_device *dev; + char ssid[IEEE80211_MAX_SSID_LEN + 1]; + int key_reassoc; + + list_for_each_entry ( dev, &net80211_devices, list ) { + if ( ! netdev_is_open ( dev->netdev ) ) + continue; + + key_reassoc = 0; + if ( dev->handshaker && dev->handshaker->change_key && + dev->handshaker->change_key ( dev ) < 0 ) + key_reassoc = 1; + + fetch_string_setting ( netdev_settings ( dev->netdev ), + &net80211_ssid_setting, ssid, + IEEE80211_MAX_SSID_LEN + 1 ); + + if ( key_reassoc || + ( ! ( ! ssid[0] && ( dev->state & NET80211_AUTO_SSID ) ) && + strcmp ( ssid, dev->essid ) != 0 ) ) { + DBGC ( dev, "802.11 %p updating association: " + "%s -> %s\n", dev, dev->essid, ssid ); + net80211_autoassociate ( dev ); + } + } + + return 0; +} + +/** + * Start 802.11 association process + * + * @v dev 802.11 device + * + * If the association process is running, it will be restarted. + */ +void net80211_autoassociate ( struct net80211_device *dev ) +{ + if ( ! ( dev->state & NET80211_WORKING ) ) { + DBGC2 ( dev, "802.11 %p spawning association process\n", dev ); + process_add ( &dev->proc_assoc ); + } else { + DBGC2 ( dev, "802.11 %p restarting association\n", dev ); + } + + /* Clean up everything an earlier association process might + have been in the middle of using */ + if ( dev->associating ) + net80211_free_wlan ( dev->associating ); + + if ( ! ( dev->state & NET80211_PROBED ) ) + net80211_free_wlan ( + net80211_probe_finish_best ( dev->ctx.probe ) ); + else + free ( dev->ctx.assoc ); + + /* Reset to a clean state */ + fetch_string_setting ( netdev_settings ( dev->netdev ), + &net80211_ssid_setting, dev->essid, + IEEE80211_MAX_SSID_LEN + 1 ); + dev->ctx.probe = NULL; + dev->associating = NULL; + dev->assoc_rc = 0; + net80211_set_state ( dev, NET80211_PROBED, NET80211_WORKING, 0 ); +} + +/** + * Pick TX rate for RTS/CTS packets based on data rate + * + * @v dev 802.11 device + * + * The RTS/CTS rate is the fastest TX rate marked as "basic" that is + * not faster than the data rate. + */ +static void net80211_set_rtscts_rate ( struct net80211_device *dev ) +{ + u16 datarate = dev->rates[dev->rate]; + u16 rtsrate = 0; + int rts_idx = -1; + int i; + + for ( i = 0; i < dev->nr_rates; i++ ) { + u16 rate = dev->rates[i]; + + if ( ! ( dev->basic_rates & ( 1 << i ) ) || rate > datarate ) + continue; + + if ( rate > rtsrate ) { + rtsrate = rate; + rts_idx = i; + } + } + + /* If this is in initialization, we might not have any basic + rates; just use the first data rate in that case. */ + if ( rts_idx < 0 ) + rts_idx = 0; + + dev->rtscts_rate = rts_idx; +} + +/** + * Set data transmission rate for 802.11 device + * + * @v dev 802.11 device + * @v rate Rate to set, as index into @c dev->rates array + */ +void net80211_set_rate_idx ( struct net80211_device *dev, int rate ) +{ + assert ( netdev_is_open ( dev->netdev ) ); + + if ( rate >= 0 && rate < dev->nr_rates && rate != dev->rate ) { + DBGC2 ( dev, "802.11 %p changing rate from %d->%d Mbps\n", + dev, dev->rates[dev->rate] / 10, + dev->rates[rate] / 10 ); + + dev->rate = rate; + net80211_set_rtscts_rate ( dev ); + dev->op->config ( dev, NET80211_CFG_RATE ); + } +} + +/** + * Configure 802.11 device to transmit on a certain channel + * + * @v dev 802.11 device + * @v channel Channel number (1-11 for 2.4GHz) to transmit on + */ +int net80211_change_channel ( struct net80211_device *dev, int channel ) +{ + int i, oldchan = dev->channel; + + assert ( netdev_is_open ( dev->netdev ) ); + + for ( i = 0; i < dev->nr_channels; i++ ) { + if ( dev->channels[i].channel_nr == channel ) { + dev->channel = i; + break; + } + } + + if ( i == dev->nr_channels ) + return -ENOENT; + + if ( i != oldchan ) + return dev->op->config ( dev, NET80211_CFG_CHANNEL ); + + return 0; +} + +/** + * Prepare 802.11 device channel and rate set for scanning + * + * @v dev 802.11 device + * @v band RF band(s) on which to prepare for scanning + * @v active Whether the scanning will be active + * @ret rc Return status code + */ +int net80211_prepare_probe ( struct net80211_device *dev, int band, + int active ) +{ + assert ( netdev_is_open ( dev->netdev ) ); + + if ( active && ( band & NET80211_BAND_BIT_5GHZ ) ) { + DBGC ( dev, "802.11 %p cannot perform active scanning on " + "5GHz band\n", dev ); + return -EINVAL_ACTIVE_SCAN; + } + + if ( band == 0 ) { + /* This can happen for a 5GHz-only card with 5GHz + scanning masked out by an active request. */ + DBGC ( dev, "802.11 %p asked to prepare for scanning nothing\n", + dev ); + return -EINVAL_ACTIVE_SCAN; + } + + dev->nr_channels = 0; + + if ( active ) + net80211_add_channels ( dev, 1, 11, NET80211_REG_TXPOWER ); + else { + if ( band & NET80211_BAND_BIT_2GHZ ) + net80211_add_channels ( dev, 1, 14, + NET80211_REG_TXPOWER ); + if ( band & NET80211_BAND_BIT_5GHZ ) + net80211_add_channels ( dev, 36, 8, + NET80211_REG_TXPOWER ); + } + + net80211_filter_hw_channels ( dev ); + + /* Use channel 1 for now */ + dev->channel = 0; + dev->op->config ( dev, NET80211_CFG_CHANNEL ); + + /* Always do active probes at lowest (presumably first) speed */ + dev->rate = 0; + dev->nr_rates = 1; + dev->rates[0] = dev->hw->rates[dev->channels[0].band][0]; + dev->op->config ( dev, NET80211_CFG_RATE ); + + return 0; +} + +/** + * Prepare 802.11 device channel and rate set for communication + * + * @v dev 802.11 device + * @v wlan WLAN to prepare for communication with + * @ret rc Return status code + */ +int net80211_prepare_assoc ( struct net80211_device *dev, + struct net80211_wlan *wlan ) +{ + struct ieee80211_frame *hdr = wlan->beacon->data; + struct ieee80211_beacon *beacon = + ( struct ieee80211_beacon * ) hdr->data; + struct net80211_handshaker *handshaker; + int rc; + + assert ( netdev_is_open ( dev->netdev ) ); + + net80211_set_state ( dev, NET80211_ASSOCIATED, 0, 0 ); + memcpy ( dev->bssid, wlan->bssid, ETH_ALEN ); + strcpy ( dev->essid, wlan->essid ); + + free ( dev->rsn_ie ); + dev->rsn_ie = NULL; + + dev->last_beacon_timestamp = beacon->timestamp; + dev->tx_beacon_interval = 1024 * beacon->beacon_interval; + + /* Barring an IE that tells us the channel outright, assume + the channel we heard this AP best on is the channel it's + communicating on. */ + net80211_change_channel ( dev, wlan->channel ); + + rc = net80211_process_capab ( dev, beacon->capability ); + if ( rc ) + return rc; + + rc = net80211_process_ie ( dev, beacon->info_element, + wlan->beacon->tail ); + if ( rc ) + return rc; + + /* Associate at the lowest rate so we know it'll get through */ + dev->rate = 0; + dev->op->config ( dev, NET80211_CFG_RATE ); + + /* Free old handshaker and crypto, if they exist */ + if ( dev->handshaker && dev->handshaker->stop && + dev->handshaker->started ) + dev->handshaker->stop ( dev ); + free ( dev->handshaker ); + dev->handshaker = NULL; + free ( dev->crypto ); + free ( dev->gcrypto ); + dev->crypto = dev->gcrypto = NULL; + + /* Find new security handshaker to use */ + for_each_table_entry ( handshaker, NET80211_HANDSHAKERS ) { + if ( handshaker->protocol == wlan->handshaking ) { + dev->handshaker = zalloc ( sizeof ( *handshaker ) + + handshaker->priv_len ); + if ( ! dev->handshaker ) + return -ENOMEM; + + memcpy ( dev->handshaker, handshaker, + sizeof ( *handshaker ) ); + dev->handshaker->priv = ( ( void * ) dev->handshaker + + sizeof ( *handshaker ) ); + break; + } + } + + if ( ( wlan->handshaking != NET80211_SECPROT_NONE ) && + ! dev->handshaker ) { + DBGC ( dev, "802.11 %p no support for handshaking scheme %d\n", + dev, wlan->handshaking ); + return -( ENOTSUP | ( wlan->handshaking << 8 ) ); + } + + /* Initialize security handshaker */ + if ( dev->handshaker ) { + rc = dev->handshaker->init ( dev ); + if ( rc < 0 ) + return rc; + } + + return 0; +} + +/** + * Send 802.11 initial authentication frame + * + * @v dev 802.11 device + * @v wlan WLAN to authenticate with + * @v method Authentication method + * @ret rc Return status code + * + * @a method may be 0 for Open System authentication or 1 for Shared + * Key authentication. Open System provides no security in association + * whatsoever, relying on encryption for confidentiality, but Shared + * Key actively introduces security problems and is very rarely used. + */ +int net80211_send_auth ( struct net80211_device *dev, + struct net80211_wlan *wlan, int method ) +{ + struct io_buffer *iob = alloc_iob ( 64 ); + struct ieee80211_auth *auth; + + net80211_set_state ( dev, 0, NET80211_WAITING, 0 ); + iob_reserve ( iob, IEEE80211_TYP_FRAME_HEADER_LEN ); + auth = iob_put ( iob, sizeof ( *auth ) ); + auth->algorithm = method; + auth->tx_seq = 1; + auth->status = 0; + + return net80211_tx_mgmt ( dev, IEEE80211_STYPE_AUTH, wlan->bssid, iob ); +} + +/** + * Handle receipt of 802.11 authentication frame + * + * @v dev 802.11 device + * @v iob I/O buffer + * + * If the authentication method being used is Shared Key, and the + * frame that was received included challenge text, the frame is + * encrypted using the cryptosystem currently in effect and sent back + * to the AP to complete the authentication. + */ +static void net80211_handle_auth ( struct net80211_device *dev, + struct io_buffer *iob ) +{ + struct ieee80211_frame *hdr = iob->data; + struct ieee80211_auth *auth = + ( struct ieee80211_auth * ) hdr->data; + + if ( auth->tx_seq & 1 ) { + DBGC ( dev, "802.11 %p authentication received improperly " + "directed frame (seq. %d)\n", dev, auth->tx_seq ); + net80211_set_state ( dev, NET80211_WAITING, 0, + IEEE80211_STATUS_FAILURE ); + return; + } + + if ( auth->status != IEEE80211_STATUS_SUCCESS ) { + DBGC ( dev, "802.11 %p authentication failed: status %d\n", + dev, auth->status ); + net80211_set_state ( dev, NET80211_WAITING, 0, + auth->status ); + return; + } + + if ( auth->algorithm == IEEE80211_AUTH_SHARED_KEY && ! dev->crypto ) { + DBGC ( dev, "802.11 %p can't perform shared-key authentication " + "without a cryptosystem\n", dev ); + net80211_set_state ( dev, NET80211_WAITING, 0, + IEEE80211_STATUS_FAILURE ); + return; + } + + if ( auth->algorithm == IEEE80211_AUTH_SHARED_KEY && + auth->tx_seq == 2 ) { + /* Since the iob we got is going to be freed as soon + as we return, we can do some in-place + modification. */ + auth->tx_seq = 3; + auth->status = 0; + + memcpy ( hdr->addr2, hdr->addr1, ETH_ALEN ); + memcpy ( hdr->addr1, hdr->addr3, ETH_ALEN ); + + netdev_tx ( dev->netdev, + dev->crypto->encrypt ( dev->crypto, iob ) ); + return; + } + + net80211_set_state ( dev, NET80211_WAITING, NET80211_AUTHENTICATED, + IEEE80211_STATUS_SUCCESS ); + + return; +} + +/** + * Send 802.11 association frame + * + * @v dev 802.11 device + * @v wlan WLAN to associate with + * @ret rc Return status code + */ +int net80211_send_assoc ( struct net80211_device *dev, + struct net80211_wlan *wlan ) +{ + struct io_buffer *iob = alloc_iob ( 128 ); + struct ieee80211_assoc_req *assoc; + union ieee80211_ie *ie; + + net80211_set_state ( dev, 0, NET80211_WAITING, 0 ); + + iob_reserve ( iob, IEEE80211_TYP_FRAME_HEADER_LEN ); + assoc = iob->data; + + assoc->capability = IEEE80211_CAPAB_MANAGED; + if ( ! ( dev->hw->flags & NET80211_HW_NO_SHORT_PREAMBLE ) ) + assoc->capability |= IEEE80211_CAPAB_SHORT_PMBL; + if ( ! ( dev->hw->flags & NET80211_HW_NO_SHORT_SLOT ) ) + assoc->capability |= IEEE80211_CAPAB_SHORT_SLOT; + if ( wlan->crypto ) + assoc->capability |= IEEE80211_CAPAB_PRIVACY; + + assoc->listen_interval = 1; + + ie = net80211_marshal_request_info ( dev, assoc->info_element ); + + DBGP ( "802.11 %p about to send association request:\n", dev ); + DBGP_HD ( iob->data, ( void * ) ie - iob->data ); + + iob_put ( iob, ( void * ) ie - iob->data ); + + return net80211_tx_mgmt ( dev, IEEE80211_STYPE_ASSOC_REQ, + wlan->bssid, iob ); +} + +/** + * Handle receipt of 802.11 association reply frame + * + * @v dev 802.11 device + * @v iob I/O buffer + */ +static void net80211_handle_assoc_reply ( struct net80211_device *dev, + struct io_buffer *iob ) +{ + struct ieee80211_frame *hdr = iob->data; + struct ieee80211_assoc_resp *assoc = + ( struct ieee80211_assoc_resp * ) hdr->data; + + net80211_process_capab ( dev, assoc->capability ); + net80211_process_ie ( dev, assoc->info_element, iob->tail ); + + if ( assoc->status != IEEE80211_STATUS_SUCCESS ) { + DBGC ( dev, "802.11 %p association failed: status %d\n", + dev, assoc->status ); + net80211_set_state ( dev, NET80211_WAITING, 0, + assoc->status ); + return; + } + + /* ESSID was filled before the association request was sent */ + memcpy ( dev->bssid, hdr->addr3, ETH_ALEN ); + dev->aid = assoc->aid; + + net80211_set_state ( dev, NET80211_WAITING, NET80211_ASSOCIATED, + IEEE80211_STATUS_SUCCESS ); +} + + +/** + * Send 802.11 disassociation frame + * + * @v dev 802.11 device + * @v reason Reason for disassociation + * @v deauth If TRUE, send deauthentication instead of disassociation + * @ret rc Return status code + */ +static int net80211_send_disassoc ( struct net80211_device *dev, int reason, + int deauth ) +{ + struct io_buffer *iob = alloc_iob ( 64 ); + struct ieee80211_disassoc *disassoc; + + if ( ! ( dev->state & NET80211_ASSOCIATED ) ) + return -EINVAL; + + net80211_set_state ( dev, NET80211_ASSOCIATED, 0, 0 ); + iob_reserve ( iob, IEEE80211_TYP_FRAME_HEADER_LEN ); + disassoc = iob_put ( iob, sizeof ( *disassoc ) ); + disassoc->reason = reason; + + return net80211_tx_mgmt ( dev, deauth ? IEEE80211_STYPE_DEAUTH : + IEEE80211_STYPE_DISASSOC, dev->bssid, iob ); +} + + +/** + * Deauthenticate from current network and try again + * + * @v dev 802.11 device + * @v rc Return status code indicating reason + * + * The deauthentication will be sent using an 802.11 "unspecified + * reason", as is common, but @a rc will be set as a link-up + * error to aid the user in debugging. + */ +void net80211_deauthenticate ( struct net80211_device *dev, int rc ) +{ + net80211_send_disassoc ( dev, IEEE80211_REASON_UNSPECIFIED, 1 ); + dev->assoc_rc = rc; + netdev_link_err ( dev->netdev, rc ); + + net80211_autoassociate ( dev ); +} + + +/** Smoothing factor (1-7) for link quality calculation */ +#define LQ_SMOOTH 7 + +/** + * Update link quality information based on received beacon + * + * @v dev 802.11 device + * @v iob I/O buffer containing beacon + * @ret rc Return status code + */ +static void net80211_update_link_quality ( struct net80211_device *dev, + struct io_buffer *iob ) +{ + struct ieee80211_frame *hdr = iob->data; + struct ieee80211_beacon *beacon; + u32 dt, rxi; + + if ( ! ( dev->state & NET80211_ASSOCIATED ) ) + return; + + beacon = ( struct ieee80211_beacon * ) hdr->data; + dt = ( u32 ) ( beacon->timestamp - dev->last_beacon_timestamp ); + rxi = dev->rx_beacon_interval; + + rxi = ( LQ_SMOOTH * rxi ) + ( ( 8 - LQ_SMOOTH ) * dt ); + dev->rx_beacon_interval = rxi >> 3; + + dev->last_beacon_timestamp = beacon->timestamp; +} + + +/** + * Handle receipt of 802.11 management frame + * + * @v dev 802.11 device + * @v iob I/O buffer + * @v signal Signal strength of received frame + */ +static void net80211_handle_mgmt ( struct net80211_device *dev, + struct io_buffer *iob, int signal ) +{ + struct ieee80211_frame *hdr = iob->data; + struct ieee80211_disassoc *disassoc; + u16 stype = hdr->fc & IEEE80211_FC_SUBTYPE; + int keep = 0; + int is_deauth = ( stype == IEEE80211_STYPE_DEAUTH ); + + if ( ( hdr->fc & IEEE80211_FC_TYPE ) != IEEE80211_TYPE_MGMT ) { + free_iob ( iob ); + return; /* only handle management frames */ + } + + switch ( stype ) { + /* We reconnect on deauthentication and disassociation. */ + case IEEE80211_STYPE_DEAUTH: + case IEEE80211_STYPE_DISASSOC: + disassoc = ( struct ieee80211_disassoc * ) hdr->data; + net80211_set_state ( dev, is_deauth ? NET80211_AUTHENTICATED : + NET80211_ASSOCIATED, 0, + NET80211_IS_REASON | disassoc->reason ); + DBGC ( dev, "802.11 %p %s: reason %d\n", + dev, is_deauth ? "deauthenticated" : "disassociated", + disassoc->reason ); + + /* Try to reassociate, in case it's transient. */ + net80211_autoassociate ( dev ); + + break; + + /* We handle authentication and association. */ + case IEEE80211_STYPE_AUTH: + if ( ! ( dev->state & NET80211_AUTHENTICATED ) ) + net80211_handle_auth ( dev, iob ); + break; + + case IEEE80211_STYPE_ASSOC_RESP: + case IEEE80211_STYPE_REASSOC_RESP: + if ( ! ( dev->state & NET80211_ASSOCIATED ) ) + net80211_handle_assoc_reply ( dev, iob ); + break; + + /* We pass probes and beacons onto network scanning + code. Pass actions for future extensibility. */ + case IEEE80211_STYPE_BEACON: + net80211_update_link_quality ( dev, iob ); + /* fall through */ + case IEEE80211_STYPE_PROBE_RESP: + case IEEE80211_STYPE_ACTION: + if ( dev->keep_mgmt ) { + struct net80211_rx_info *rxinf; + rxinf = zalloc ( sizeof ( *rxinf ) ); + if ( ! rxinf ) { + DBGC ( dev, "802.11 %p out of memory\n", dev ); + break; + } + rxinf->signal = signal; + list_add_tail ( &iob->list, &dev->mgmt_queue ); + list_add_tail ( &rxinf->list, &dev->mgmt_info_queue ); + keep = 1; + } + break; + + case IEEE80211_STYPE_PROBE_REQ: + /* Some nodes send these broadcast. Ignore them. */ + break; + + case IEEE80211_STYPE_ASSOC_REQ: + case IEEE80211_STYPE_REASSOC_REQ: + /* We should never receive these, only send them. */ + DBGC ( dev, "802.11 %p received strange management request " + "(%04x)\n", dev, stype ); + break; + + default: + DBGC ( dev, "802.11 %p received unimplemented management " + "packet (%04x)\n", dev, stype ); + break; + } + + if ( ! keep ) + free_iob ( iob ); +} + +/* ---------- Packet handling functions ---------- */ + +/** + * Free buffers used by 802.11 fragment cache entry + * + * @v dev 802.11 device + * @v fcid Fragment cache entry index + * + * After this function, the referenced entry will be marked unused. + */ +static void net80211_free_frags ( struct net80211_device *dev, int fcid ) +{ + int j; + struct net80211_frag_cache *frag = &dev->frags[fcid]; + + for ( j = 0; j < 16; j++ ) { + if ( frag->iob[j] ) { + free_iob ( frag->iob[j] ); + frag->iob[j] = NULL; + } + } + + frag->seqnr = 0; + frag->start_ticks = 0; + frag->in_use = 0; +} + +/** + * Accumulate 802.11 fragments into one I/O buffer + * + * @v dev 802.11 device + * @v fcid Fragment cache entry index + * @v nfrags Number of fragments received + * @v size Sum of sizes of all fragments, including headers + * @ret iob I/O buffer containing reassembled packet + * + * This function does not free the fragment buffers. + */ +static struct io_buffer *net80211_accum_frags ( struct net80211_device *dev, + int fcid, int nfrags, int size ) +{ + struct net80211_frag_cache *frag = &dev->frags[fcid]; + int hdrsize = IEEE80211_TYP_FRAME_HEADER_LEN; + int nsize = size - hdrsize * ( nfrags - 1 ); + int i; + + struct io_buffer *niob = alloc_iob ( nsize ); + struct ieee80211_frame *hdr; + + /* Add the header from the first one... */ + memcpy ( iob_put ( niob, hdrsize ), frag->iob[0]->data, hdrsize ); + + /* ... and all the data from all of them. */ + for ( i = 0; i < nfrags; i++ ) { + int len = iob_len ( frag->iob[i] ) - hdrsize; + memcpy ( iob_put ( niob, len ), + frag->iob[i]->data + hdrsize, len ); + } + + /* Turn off the fragment bit. */ + hdr = niob->data; + hdr->fc &= ~IEEE80211_FC_MORE_FRAG; + + return niob; +} + +/** + * Handle receipt of 802.11 fragment + * + * @v dev 802.11 device + * @v iob I/O buffer containing fragment + * @v signal Signal strength with which fragment was received + */ +static void net80211_rx_frag ( struct net80211_device *dev, + struct io_buffer *iob, int signal ) +{ + struct ieee80211_frame *hdr = iob->data; + int fragnr = IEEE80211_FRAG ( hdr->seq ); + + if ( fragnr == 0 && ( hdr->fc & IEEE80211_FC_MORE_FRAG ) ) { + /* start a frag cache entry */ + int i, newest = -1; + u32 curr_ticks = currticks(), newest_ticks = 0; + u32 timeout = ticks_per_sec() * NET80211_FRAG_TIMEOUT; + + for ( i = 0; i < NET80211_NR_CONCURRENT_FRAGS; i++ ) { + if ( dev->frags[i].in_use == 0 ) + break; + + if ( dev->frags[i].start_ticks + timeout >= + curr_ticks ) { + net80211_free_frags ( dev, i ); + break; + } + + if ( dev->frags[i].start_ticks > newest_ticks ) { + newest = i; + newest_ticks = dev->frags[i].start_ticks; + } + } + + /* If we're being sent more concurrent fragmented + packets than we can handle, drop the newest so the + older ones have time to complete. */ + if ( i == NET80211_NR_CONCURRENT_FRAGS ) { + i = newest; + net80211_free_frags ( dev, i ); + } + + dev->frags[i].in_use = 1; + dev->frags[i].seqnr = IEEE80211_SEQNR ( hdr->seq ); + dev->frags[i].start_ticks = currticks(); + dev->frags[i].iob[0] = iob; + return; + } else { + int i; + for ( i = 0; i < NET80211_NR_CONCURRENT_FRAGS; i++ ) { + if ( dev->frags[i].in_use && dev->frags[i].seqnr == + IEEE80211_SEQNR ( hdr->seq ) ) + break; + } + if ( i == NET80211_NR_CONCURRENT_FRAGS ) { + /* Drop non-first not-in-cache fragments */ + DBGC ( dev, "802.11 %p dropped fragment fc=%04x " + "seq=%04x\n", dev, hdr->fc, hdr->seq ); + free_iob ( iob ); + return; + } + + dev->frags[i].iob[fragnr] = iob; + + if ( ! ( hdr->fc & IEEE80211_FC_MORE_FRAG ) ) { + int j, size = 0; + for ( j = 0; j < fragnr; j++ ) { + size += iob_len ( dev->frags[i].iob[j] ); + if ( dev->frags[i].iob[j] == NULL ) + break; + } + if ( j == fragnr ) { + /* We've got everything */ + struct io_buffer *niob = + net80211_accum_frags ( dev, i, fragnr, + size ); + net80211_free_frags ( dev, i ); + net80211_rx ( dev, niob, signal, 0 ); + } else { + DBGC ( dev, "802.11 %p dropping fragmented " + "packet due to out-of-order arrival, " + "fc=%04x seq=%04x\n", dev, hdr->fc, + hdr->seq ); + net80211_free_frags ( dev, i ); + } + } + } +} + +/** + * Handle receipt of 802.11 frame + * + * @v dev 802.11 device + * @v iob I/O buffer + * @v signal Received signal strength + * @v rate Bitrate at which frame was received, in 100 kbps units + * + * If the rate or signal is unknown, 0 should be passed. + */ +void net80211_rx ( struct net80211_device *dev, struct io_buffer *iob, + int signal, u16 rate ) +{ + struct ieee80211_frame *hdr = iob->data; + u16 type = hdr->fc & IEEE80211_FC_TYPE; + if ( ( hdr->fc & IEEE80211_FC_VERSION ) != IEEE80211_THIS_VERSION ) + goto drop; /* drop invalid-version packets */ + + if ( type == IEEE80211_TYPE_CTRL ) + goto drop; /* we don't handle control packets, + the hardware does */ + + if ( dev->last_rx_seq == hdr->seq ) + goto drop; /* avoid duplicate packet */ + dev->last_rx_seq = hdr->seq; + + if ( dev->hw->flags & NET80211_HW_RX_HAS_FCS ) { + /* discard the FCS */ + iob_unput ( iob, 4 ); + } + + /* Only decrypt packets from our BSSID, to avoid spurious errors */ + if ( ( hdr->fc & IEEE80211_FC_PROTECTED ) && + ! memcmp ( hdr->addr2, dev->bssid, ETH_ALEN ) ) { + /* Decrypt packet; record and drop if it fails */ + struct io_buffer *niob; + struct net80211_crypto *crypto = dev->crypto; + + if ( ! dev->crypto ) { + DBGC ( dev, "802.11 %p cannot decrypt packet " + "without a cryptosystem\n", dev ); + goto drop_crypt; + } + + if ( ( hdr->addr1[0] & 1 ) && dev->gcrypto ) { + /* Use group decryption if needed */ + crypto = dev->gcrypto; + } + + niob = crypto->decrypt ( crypto, iob ); + if ( ! niob ) { + DBGC ( dev, "802.11 %p decryption error\n", dev ); + goto drop_crypt; + } + free_iob ( iob ); + iob = niob; + hdr = iob->data; + } + + dev->last_signal = signal; + + /* Fragments go into the frag cache or get dropped. */ + if ( IEEE80211_FRAG ( hdr->seq ) != 0 + || ( hdr->fc & IEEE80211_FC_MORE_FRAG ) ) { + net80211_rx_frag ( dev, iob, signal ); + return; + } + + /* Management frames get handled, enqueued, or dropped. */ + if ( type == IEEE80211_TYPE_MGMT ) { + net80211_handle_mgmt ( dev, iob, signal ); + return; + } + + /* Data frames get dropped or sent to the net_device. */ + if ( ( hdr->fc & IEEE80211_FC_SUBTYPE ) != IEEE80211_STYPE_DATA ) + goto drop; /* drop QoS, CFP, or null data packets */ + + /* Update rate-control algorithm */ + if ( dev->rctl ) + rc80211_update_rx ( dev, hdr->fc & IEEE80211_FC_RETRY, rate ); + + /* Pass packet onward */ + if ( dev->state & NET80211_ASSOCIATED ) { + netdev_rx ( dev->netdev, iob ); + return; + } + + /* No association? Drop it. */ + goto drop; + + drop_crypt: + netdev_rx_err ( dev->netdev, NULL, EINVAL_CRYPTO_REQUEST ); + drop: + DBGC2 ( dev, "802.11 %p dropped packet fc=%04x seq=%04x\n", dev, + hdr->fc, hdr->seq ); + free_iob ( iob ); + return; +} + +/** Indicate an error in receiving a packet + * + * @v dev 802.11 device + * @v iob I/O buffer with received packet, or NULL + * @v rc Error code + * + * This logs the error with the wrapping net_device, and frees iob if + * it is passed. + */ +void net80211_rx_err ( struct net80211_device *dev, + struct io_buffer *iob, int rc ) +{ + netdev_rx_err ( dev->netdev, iob, rc ); +} + +/** Indicate the completed transmission of a packet + * + * @v dev 802.11 device + * @v iob I/O buffer of transmitted packet + * @v retries Number of times this packet was retransmitted + * @v rc Error code, or 0 for success + * + * This logs an error with the wrapping net_device if one occurred, + * and removes and frees the I/O buffer from its TX queue. The + * provided retry information is used to tune our transmission rate. + * + * If the packet did not need to be retransmitted because it was + * properly ACKed the first time, @a retries should be 0. + */ +void net80211_tx_complete ( struct net80211_device *dev, + struct io_buffer *iob, int retries, int rc ) +{ + /* Update rate-control algorithm */ + if ( dev->rctl ) + rc80211_update_tx ( dev, retries, rc ); + + /* Pass completion onward */ + netdev_tx_complete_err ( dev->netdev, iob, rc ); +} + +/** Common 802.11 errors */ +struct errortab common_wireless_errors[] __errortab = { + __einfo_errortab ( EINFO_EINVAL_CRYPTO_REQUEST ), + __einfo_errortab ( EINFO_ECONNRESET_UNSPECIFIED ), + __einfo_errortab ( EINFO_ECONNRESET_INACTIVITY ), + __einfo_errortab ( EINFO_ECONNRESET_4WAY_TIMEOUT ), + __einfo_errortab ( EINFO_ECONNRESET_8021X_FAILURE ), + __einfo_errortab ( EINFO_ECONNREFUSED_FAILURE ), + __einfo_errortab ( EINFO_ECONNREFUSED_ASSOC_DENIED ), + __einfo_errortab ( EINFO_ECONNREFUSED_AUTH_ALGO_UNSUPP ), +}; diff --git a/qemu/roms/ipxe/src/net/80211/rc80211.c b/qemu/roms/ipxe/src/net/80211/rc80211.c new file mode 100644 index 000000000..eea3bc908 --- /dev/null +++ b/qemu/roms/ipxe/src/net/80211/rc80211.c @@ -0,0 +1,372 @@ +/* + * Simple 802.11 rate-control algorithm for iPXE. + * + * Copyright (c) 2009 Joshua Oreman <oremanj@rwcr.net>. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +FILE_LICENCE ( GPL2_OR_LATER ); + +#include <stdlib.h> +#include <ipxe/net80211.h> + +/** + * @file + * + * Simple 802.11 rate-control algorithm + */ + +/** @page rc80211 Rate control philosophy + * + * We want to maximize our transmission speed, to the extent that we + * can do that without dropping undue numbers of packets. We also + * don't want to take up very much code space, so our algorithm has to + * be pretty simple + * + * When we receive a packet, we know what rate it was transmitted at, + * and whether it had to be retransmitted to get to us. + * + * When we send a packet, we hear back how many times it had to be + * retried to get through, and whether it got through at all. + * + * Indications of TX success are more reliable than RX success, but RX + * information helps us know where to start. + * + * To handle all of this, we keep for each rate and each direction (TX + * and RX separately) some state information for the most recent + * packets on that rate and the number of packets for which we have + * information. The state is a 32-bit unsigned integer in which two + * bits represent a packet: 11 if it went through well, 10 if it went + * through with one retry, 01 if it went through with more than one + * retry, or 00 if it didn't go through at all. We define the + * "goodness" for a particular (rate, direction) combination as the + * sum of all the 2-bit fields, times 33, divided by the number of + * 2-bit fields containing valid information (16 except when we're + * starting out). The number produced is between 0 and 99; we use -1 + * for rates with less than 4 RX packets or 1 TX, as an indicator that + * we do not have enough information to rely on them. + * + * In deciding which rates are best, we find the weighted average of + * TX and RX goodness, where the weighting is by number of packets + * with data and TX packets are worth 4 times as much as RX packets. + * The weighted average is called "net goodness" and is also a number + * between 0 and 99. If 3 consecutive packets fail transmission + * outright, we automatically ratchet down the rate; otherwise, we + * switch to the best rate whenever the current rate's goodness falls + * below some threshold, and try increasing our rate when the goodness + * is very high. + * + * This system is optimized for iPXE's style of usage. Because normal + * operation always involves receiving something, we'll make our way + * to the best rate pretty quickly. We tend to follow the lead of the + * sending AP in choosing rates, but we won't use rates for long that + * don't work well for us in transmission. We assume iPXE won't be + * running for long enough that rate patterns will change much, so we + * don't have to keep time counters or the like. And if this doesn't + * work well in practice there are many ways it could be tweaked. + * + * To avoid staying at 1Mbps for a long time, we don't track any + * transmitted packets until we've set our rate based on received + * packets. + */ + +/** Two-bit packet status indicator for a packet with no retries */ +#define RC_PKT_OK 0x3 + +/** Two-bit packet status indicator for a packet with one retry */ +#define RC_PKT_RETRIED_ONCE 0x2 + +/** Two-bit packet status indicator for a TX packet with multiple retries + * + * It is not possible to tell whether an RX packet had one or multiple + * retries; we rely instead on the fact that failed RX packets won't + * get to us at all, so if we receive a lot of RX packets on a certain + * rate it must be pretty good. + */ +#define RC_PKT_RETRIED_MULTI 0x1 + +/** Two-bit packet status indicator for a TX packet that was never ACKed + * + * It is not possible to tell whether an RX packet was setn if it + * didn't get through to us, but if we don't see one we won't increase + * the goodness for its rate. This asymmetry is part of why TX packets + * are weighted much more heavily than RX. + */ +#define RC_PKT_FAILED 0x0 + +/** Number of times to weight TX packets more heavily than RX packets */ +#define RC_TX_FACTOR 4 + +/** Number of consecutive failed TX packets that cause an automatic rate drop */ +#define RC_TX_EMERG_FAIL 3 + +/** Minimum net goodness below which we will search for a better rate */ +#define RC_GOODNESS_MIN 85 + +/** Maximum net goodness above which we will try to increase our rate */ +#define RC_GOODNESS_MAX 95 + +/** Minimum (num RX + @c RC_TX_FACTOR * num TX) to use a certain rate */ +#define RC_UNCERTAINTY_THRESH 4 + +/** TX direction */ +#define TX 0 + +/** RX direction */ +#define RX 1 + +/** A rate control context */ +struct rc80211_ctx +{ + /** Goodness state for each rate, TX and RX */ + u32 goodness[2][NET80211_MAX_RATES]; + + /** Number of packets recorded for each rate */ + u8 count[2][NET80211_MAX_RATES]; + + /** Indication of whether we've set the device rate yet */ + int started; + + /** Counter of all packets sent and received */ + int packets; +}; + +/** + * Initialize rate-control algorithm + * + * @v dev 802.11 device + * @ret ctx Rate-control context, to be stored in @c dev->rctl + */ +struct rc80211_ctx * rc80211_init ( struct net80211_device *dev __unused ) +{ + struct rc80211_ctx *ret = zalloc ( sizeof ( *ret ) ); + return ret; +} + +/** + * Calculate net goodness for a certain rate + * + * @v ctx Rate-control context + * @v rate_idx Index of rate to calculate net goodness for + */ +static int rc80211_calc_net_goodness ( struct rc80211_ctx *ctx, + int rate_idx ) +{ + int sum[2], num[2], dir, pkt; + + for ( dir = 0; dir < 2; dir++ ) { + u32 good = ctx->goodness[dir][rate_idx]; + + num[dir] = ctx->count[dir][rate_idx]; + sum[dir] = 0; + + for ( pkt = 0; pkt < num[dir]; pkt++ ) + sum[dir] += ( good >> ( 2 * pkt ) ) & 0x3; + } + + if ( ( num[TX] * RC_TX_FACTOR + num[RX] ) < RC_UNCERTAINTY_THRESH ) + return -1; + + return ( 33 * ( sum[TX] * RC_TX_FACTOR + sum[RX] ) / + ( num[TX] * RC_TX_FACTOR + num[RX] ) ); +} + +/** + * Determine the best rate to switch to and return it + * + * @v dev 802.11 device + * @ret rate_idx Index of the best rate to switch to + */ +static int rc80211_pick_best ( struct net80211_device *dev ) +{ + struct rc80211_ctx *ctx = dev->rctl; + int best_net_good = 0, best_rate = -1, i; + + for ( i = 0; i < dev->nr_rates; i++ ) { + int net_good = rc80211_calc_net_goodness ( ctx, i ); + + if ( net_good > best_net_good || + ( best_net_good > RC_GOODNESS_MIN && + net_good > RC_GOODNESS_MIN ) ) { + best_net_good = net_good; + best_rate = i; + } + } + + if ( best_rate >= 0 ) { + int old_good = rc80211_calc_net_goodness ( ctx, dev->rate ); + if ( old_good != best_net_good ) + DBGC ( ctx, "802.11 RC %p switching from goodness " + "%d to %d\n", ctx, old_good, best_net_good ); + + ctx->started = 1; + return best_rate; + } + + return dev->rate; +} + +/** + * Set 802.11 device rate + * + * @v dev 802.11 device + * @v rate_idx Index of rate to switch to + * + * This is a thin wrapper around net80211_set_rate_idx to insert a + * debugging message where appropriate. + */ +static inline void rc80211_set_rate ( struct net80211_device *dev, + int rate_idx ) +{ + DBGC ( dev->rctl, "802.11 RC %p changing rate %d->%d Mbps\n", dev->rctl, + dev->rates[dev->rate] / 10, dev->rates[rate_idx] / 10 ); + + net80211_set_rate_idx ( dev, rate_idx ); +} + +/** + * Check rate-control state and change rate if necessary + * + * @v dev 802.11 device + */ +static void rc80211_maybe_set_new ( struct net80211_device *dev ) +{ + struct rc80211_ctx *ctx = dev->rctl; + int net_good; + + net_good = rc80211_calc_net_goodness ( ctx, dev->rate ); + + if ( ! ctx->started ) { + rc80211_set_rate ( dev, rc80211_pick_best ( dev ) ); + return; + } + + if ( net_good < 0 ) /* insufficient data */ + return; + + if ( net_good > RC_GOODNESS_MAX && dev->rate + 1 < dev->nr_rates ) { + int higher = rc80211_calc_net_goodness ( ctx, dev->rate + 1 ); + if ( higher > net_good || higher < 0 ) + rc80211_set_rate ( dev, dev->rate + 1 ); + else + rc80211_set_rate ( dev, rc80211_pick_best ( dev ) ); + } + + if ( net_good < RC_GOODNESS_MIN ) { + rc80211_set_rate ( dev, rc80211_pick_best ( dev ) ); + } +} + +/** + * Update rate-control state + * + * @v dev 802.11 device + * @v direction One of the direction constants TX or RX + * @v rate_idx Index of rate at which packet was sent or received + * @v retries Number of times packet was retried before success + * @v failed If nonzero, the packet failed to get through + */ +static void rc80211_update ( struct net80211_device *dev, int direction, + int rate_idx, int retries, int failed ) +{ + struct rc80211_ctx *ctx = dev->rctl; + u32 goodness = ctx->goodness[direction][rate_idx]; + + if ( ctx->count[direction][rate_idx] < 16 ) + ctx->count[direction][rate_idx]++; + + goodness <<= 2; + if ( failed ) + goodness |= RC_PKT_FAILED; + else if ( retries > 1 ) + goodness |= RC_PKT_RETRIED_MULTI; + else if ( retries ) + goodness |= RC_PKT_RETRIED_ONCE; + else + goodness |= RC_PKT_OK; + + ctx->goodness[direction][rate_idx] = goodness; + + ctx->packets++; + + rc80211_maybe_set_new ( dev ); +} + +/** + * Update rate-control state for transmitted packet + * + * @v dev 802.11 device + * @v retries Number of times packet was transmitted before success + * @v rc Return status code for transmission + */ +void rc80211_update_tx ( struct net80211_device *dev, int retries, int rc ) +{ + struct rc80211_ctx *ctx = dev->rctl; + + if ( ! ctx->started ) + return; + + rc80211_update ( dev, TX, dev->rate, retries, rc ); + + /* Check if the last RC_TX_EMERG_FAIL packets have all failed */ + if ( ! ( ctx->goodness[TX][dev->rate] & + ( ( 1 << ( 2 * RC_TX_EMERG_FAIL ) ) - 1 ) ) ) { + if ( dev->rate == 0 ) + DBGC ( dev->rctl, "802.11 RC %p saw %d consecutive " + "failed TX, but cannot lower rate any further\n", + dev->rctl, RC_TX_EMERG_FAIL ); + else { + DBGC ( dev->rctl, "802.11 RC %p lowering rate (%d->%d " + "Mbps) due to %d consecutive TX failures\n", + dev->rctl, dev->rates[dev->rate] / 10, + dev->rates[dev->rate - 1] / 10, + RC_TX_EMERG_FAIL ); + + rc80211_set_rate ( dev, dev->rate - 1 ); + } + } +} + +/** + * Update rate-control state for received packet + * + * @v dev 802.11 device + * @v retry Whether the received packet had been retransmitted + * @v rate Rate at which packet was received, in 100 kbps units + */ +void rc80211_update_rx ( struct net80211_device *dev, int retry, u16 rate ) +{ + int ridx; + + for ( ridx = 0; ridx < dev->nr_rates && dev->rates[ridx] != rate; + ridx++ ) + ; + if ( ridx >= dev->nr_rates ) + return; /* couldn't find the rate */ + + rc80211_update ( dev, RX, ridx, retry, 0 ); +} + +/** + * Free rate-control context + * + * @v ctx Rate-control context + */ +void rc80211_free ( struct rc80211_ctx *ctx ) +{ + free ( ctx ); +} diff --git a/qemu/roms/ipxe/src/net/80211/sec80211.c b/qemu/roms/ipxe/src/net/80211/sec80211.c new file mode 100644 index 000000000..d1bc75e90 --- /dev/null +++ b/qemu/roms/ipxe/src/net/80211/sec80211.c @@ -0,0 +1,518 @@ +/* + * Copyright (c) 2009 Joshua Oreman <oremanj@rwcr.net>. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +FILE_LICENCE ( GPL2_OR_LATER ); + +#include <stdlib.h> +#include <string.h> +#include <errno.h> +#include <ipxe/ieee80211.h> +#include <ipxe/net80211.h> +#include <ipxe/sec80211.h> + +/** @file + * + * General secured-network routines required whenever any secure + * network support at all is compiled in. This involves things like + * installing keys, determining the type of security used by a probed + * network, and some small helper functions that take advantage of + * static data in this file. + */ + +/* Unsupported cryptosystem error numbers */ +#define ENOTSUP_WEP __einfo_error ( EINFO_ENOTSUP_WEP ) +#define EINFO_ENOTSUP_WEP __einfo_uniqify ( EINFO_ENOTSUP, \ + ( 0x10 | NET80211_CRYPT_WEP ), "WEP not supported" ) +#define ENOTSUP_TKIP __einfo_error ( EINFO_ENOTSUP_TKIP ) +#define EINFO_ENOTSUP_TKIP __einfo_uniqify ( EINFO_ENOTSUP, \ + ( 0x10 | NET80211_CRYPT_TKIP ), "TKIP not supported" ) +#define ENOTSUP_CCMP __einfo_error ( EINFO_ENOTSUP_CCMP ) +#define EINFO_ENOTSUP_CCMP __einfo_uniqify ( EINFO_ENOTSUP, \ + ( 0x10 | NET80211_CRYPT_CCMP ), "CCMP not supported" ) +#define ENOTSUP_CRYPT( crypt ) \ + EUNIQ ( EINFO_ENOTSUP, ( 0x10 | (crypt) ), \ + ENOTSUP_WEP, ENOTSUP_TKIP, ENOTSUP_CCMP ) + +/** Mapping from net80211 crypto/secprot types to RSN OUI descriptors */ +struct descriptor_map { + /** Value of net80211_crypto_alg or net80211_security_proto */ + u32 net80211_type; + + /** OUI+type in appropriate byte order, masked to exclude vendor */ + u32 oui_type; +}; + +/** Magic number in @a oui_type showing end of list */ +#define END_MAGIC 0xFFFFFFFF + +/** Mapping between net80211 cryptosystems and 802.11i cipher IDs */ +static struct descriptor_map rsn_cipher_map[] = { + { .net80211_type = NET80211_CRYPT_WEP, + .oui_type = IEEE80211_RSN_CTYPE_WEP40 }, + + { .net80211_type = NET80211_CRYPT_WEP, + .oui_type = IEEE80211_RSN_CTYPE_WEP104 }, + + { .net80211_type = NET80211_CRYPT_TKIP, + .oui_type = IEEE80211_RSN_CTYPE_TKIP }, + + { .net80211_type = NET80211_CRYPT_CCMP, + .oui_type = IEEE80211_RSN_CTYPE_CCMP }, + + { .net80211_type = NET80211_CRYPT_UNKNOWN, + .oui_type = END_MAGIC }, +}; + +/** Mapping between net80211 handshakers and 802.11i AKM IDs */ +static struct descriptor_map rsn_akm_map[] = { + { .net80211_type = NET80211_SECPROT_EAP, + .oui_type = IEEE80211_RSN_ATYPE_8021X }, + + { .net80211_type = NET80211_SECPROT_PSK, + .oui_type = IEEE80211_RSN_ATYPE_PSK }, + + { .net80211_type = NET80211_SECPROT_UNKNOWN, + .oui_type = END_MAGIC }, +}; + + +/** + * Install 802.11 cryptosystem + * + * @v which Pointer to the cryptosystem structure to install in + * @v crypt Cryptosystem ID number + * @v key Encryption key to use + * @v len Length of encryption key + * @v rsc Initial receive sequence counter, if applicable + * @ret rc Return status code + * + * The encryption key will not be accessed via the provided pointer + * after this function returns, so you may keep it on the stack. + * + * @a which must point to either @c dev->crypto (for the normal case + * of installing a unicast cryptosystem) or @c dev->gcrypto (to + * install a cryptosystem that will be used only for decrypting + * group-source frames). + */ +int sec80211_install ( struct net80211_crypto **which, + enum net80211_crypto_alg crypt, + const void *key, int len, const void *rsc ) +{ + struct net80211_crypto *crypto = *which; + struct net80211_crypto *tbl_crypto; + + /* Remove old crypto if it exists */ + free ( *which ); + *which = NULL; + + if ( crypt == NET80211_CRYPT_NONE ) { + DBG ( "802.11-Sec not installing null cryptography\n" ); + return 0; + } + + /* Find cryptosystem to use */ + for_each_table_entry ( tbl_crypto, NET80211_CRYPTOS ) { + if ( tbl_crypto->algorithm == crypt ) { + crypto = zalloc ( sizeof ( *crypto ) + + tbl_crypto->priv_len ); + if ( ! crypto ) { + DBG ( "802.11-Sec out of memory\n" ); + return -ENOMEM; + } + + memcpy ( crypto, tbl_crypto, sizeof ( *crypto ) ); + crypto->priv = ( ( void * ) crypto + + sizeof ( *crypto ) ); + break; + } + } + + if ( ! crypto ) { + DBG ( "802.11-Sec no support for cryptosystem %d\n", crypt ); + return -ENOTSUP_CRYPT ( crypt ); + } + + *which = crypto; + + DBG ( "802.11-Sec installing cryptosystem %d as %p with key of " + "length %d\n", crypt, crypto, len ); + + return crypto->init ( crypto, key, len, rsc ); +} + + +/** + * Determine net80211 crypto or handshaking type value to return for RSN info + * + * @v rsnp Pointer to next descriptor count field in RSN IE + * @v rsn_end Pointer to end of RSN IE + * @v map Descriptor map to use + * @v tbl_start Start of linker table to examine for iPXE support + * @v tbl_end End of linker table to examine for iPXE support + * @ret rsnp Updated to point to first byte after descriptors + * @ret map_ent Descriptor map entry of translation to use + * + * The entries in the linker table must be either net80211_crypto or + * net80211_handshaker structures, and @a tbl_stride must be set to + * sizeof() the appropriate one. + * + * This function expects @a rsnp to point at a two-byte descriptor + * count followed by a list of four-byte cipher or AKM descriptors; it + * will return @c NULL if the input packet is malformed, and otherwise + * set @a rsnp to the first byte it has not looked at. It will return + * the first cipher in the list that is supported by the current build + * of iPXE, or the first of all if none are supported. + * + * We play rather fast and loose with type checking, because this + * function is only called from two well-defined places in the + * RSN-checking code. Don't try to use it for anything else. + */ +static struct descriptor_map * rsn_pick_desc ( u8 **rsnp, u8 *rsn_end, + struct descriptor_map *map, + void *tbl_start, void *tbl_end ) +{ + int ndesc; + int ok = 0; + struct descriptor_map *map_ent, *map_ret = NULL; + u8 *rsn = *rsnp; + void *tblp; + size_t tbl_stride = ( map == rsn_cipher_map ? + sizeof ( struct net80211_crypto ) : + sizeof ( struct net80211_handshaker ) ); + + if ( map != rsn_cipher_map && map != rsn_akm_map ) + return NULL; + + /* Determine which types we support */ + for ( tblp = tbl_start; tblp < tbl_end; tblp += tbl_stride ) { + struct net80211_crypto *crypto = tblp; + struct net80211_handshaker *hs = tblp; + + if ( map == rsn_cipher_map ) + ok |= ( 1 << crypto->algorithm ); + else + ok |= ( 1 << hs->protocol ); + } + + /* RSN sanity checks */ + if ( rsn + 2 > rsn_end ) { + DBG ( "RSN detect: malformed descriptor count\n" ); + return NULL; + } + + ndesc = *( u16 * ) rsn; + rsn += 2; + + if ( ! ndesc ) { + DBG ( "RSN detect: no descriptors\n" ); + return NULL; + } + + /* Determine which net80211 crypto types are listed */ + while ( ndesc-- ) { + u32 desc; + + if ( rsn + 4 > rsn_end ) { + DBG ( "RSN detect: malformed descriptor (%d left)\n", + ndesc ); + return NULL; + } + + desc = *( u32 * ) rsn; + rsn += 4; + + for ( map_ent = map; map_ent->oui_type != END_MAGIC; map_ent++ ) + if ( map_ent->oui_type == ( desc & OUI_TYPE_MASK ) ) + break; + + /* Use first cipher as a fallback */ + if ( ! map_ret ) + map_ret = map_ent; + + /* Once we find one we support, use it */ + if ( ok & ( 1 << map_ent->net80211_type ) ) { + map_ret = map_ent; + break; + } + } + + if ( ndesc > 0 ) + rsn += 4 * ndesc; + + *rsnp = rsn; + return map_ret; +} + + +/** + * Find the RSN or WPA information element in the provided beacon frame + * + * @v ie Pointer to first information element to check + * @v ie_end Pointer to end of information element space + * @ret is_rsn TRUE if returned IE is RSN, FALSE if it's WPA + * @ret end Pointer to byte immediately after last byte of data + * @ret data Pointer to first byte of data (the `version' field) + * + * If both an RSN and a WPA information element are found, this + * function will return the first one seen, which by ordering rules + * should always prefer the newer RSN IE. + * + * If no RSN or WPA infomration element is found, returns @c NULL and + * leaves @a is_rsn and @a end in an undefined state. + * + * This function will not return a pointer to an information element + * that states it extends past the tail of the io_buffer, or whose @a + * version field is incorrect. + */ +u8 * sec80211_find_rsn ( union ieee80211_ie *ie, void *ie_end, + int *is_rsn, u8 **end ) +{ + u8 *rsn = NULL; + + if ( ! ieee80211_ie_bound ( ie, ie_end ) ) + return NULL; + + while ( ie ) { + if ( ie->id == IEEE80211_IE_VENDOR && + ie->vendor.oui == IEEE80211_WPA_OUI_VEN ) { + DBG ( "RSN detect: old-style WPA IE found\n" ); + rsn = &ie->vendor.data[0]; + *end = rsn + ie->len - 4; + *is_rsn = 0; + } else if ( ie->id == IEEE80211_IE_RSN ) { + DBG ( "RSN detect: 802.11i RSN IE found\n" ); + rsn = ( u8 * ) &ie->rsn.version; + *end = rsn + ie->len; + *is_rsn = 1; + } + + if ( rsn && ( *end > ( u8 * ) ie_end || rsn >= *end || + *( u16 * ) rsn != IEEE80211_RSN_VERSION ) ) { + DBG ( "RSN detect: malformed RSN IE or unknown " + "version, keep trying\n" ); + rsn = NULL; + } + + if ( rsn ) + break; + + ie = ieee80211_next_ie ( ie, ie_end ); + } + + if ( ! ie ) { + DBG ( "RSN detect: no RSN IE found\n" ); + return NULL; + } + + return rsn; +} + + +/** + * Detect crypto and AKM types from RSN information element + * + * @v is_rsn If TRUE, IE is a new-style RSN information element + * @v start Pointer to first byte of @a version field + * @v end Pointer to first byte not in the RSN IE + * @ret secprot Security handshaking protocol used by network + * @ret crypt Cryptosystem used by network + * @ret rc Return status code + * + * If the IE cannot be parsed, returns an error indication and leaves + * @a secprot and @a crypt unchanged. + */ +int sec80211_detect_ie ( int is_rsn, u8 *start, u8 *end, + enum net80211_security_proto *secprot, + enum net80211_crypto_alg *crypt ) +{ + enum net80211_security_proto sp; + enum net80211_crypto_alg cr; + struct descriptor_map *map; + u8 *rsn = start; + + /* Set some defaults */ + cr = ( is_rsn ? NET80211_CRYPT_CCMP : NET80211_CRYPT_TKIP ); + sp = NET80211_SECPROT_EAP; + + rsn += 2; /* version - already checked */ + rsn += 4; /* group cipher - we don't use it here */ + + if ( rsn >= end ) + goto done; + + /* Pick crypto algorithm */ + map = rsn_pick_desc ( &rsn, end, rsn_cipher_map, + table_start ( NET80211_CRYPTOS ), + table_end ( NET80211_CRYPTOS ) ); + if ( ! map ) + goto invalid_rsn; + + cr = map->net80211_type; + + if ( rsn >= end ) + goto done; + + /* Pick handshaking algorithm */ + map = rsn_pick_desc ( &rsn, end, rsn_akm_map, + table_start ( NET80211_HANDSHAKERS ), + table_end ( NET80211_HANDSHAKERS ) ); + if ( ! map ) + goto invalid_rsn; + + sp = map->net80211_type; + + done: + DBG ( "RSN detect: OK, crypto type %d, secprot type %d\n", cr, sp ); + *secprot = sp; + *crypt = cr; + return 0; + + invalid_rsn: + DBG ( "RSN detect: invalid RSN IE\n" ); + return -EINVAL; +} + + +/** + * Detect the cryptosystem and handshaking protocol used by an 802.11 network + * + * @v iob I/O buffer containing beacon frame + * @ret secprot Security handshaking protocol used by network + * @ret crypt Cryptosystem used by network + * @ret rc Return status code + * + * This function uses weak linkage, as it must be called from generic + * contexts but should only be linked in if some encryption is + * supported; you must test its address against @c NULL before calling + * it. If it does not exist, any network with the PRIVACY bit set in + * beacon->capab should be considered unknown. + */ +int sec80211_detect ( struct io_buffer *iob, + enum net80211_security_proto *secprot, + enum net80211_crypto_alg *crypt ) +{ + struct ieee80211_frame *hdr = iob->data; + struct ieee80211_beacon *beacon = + ( struct ieee80211_beacon * ) hdr->data; + u8 *rsn, *rsn_end; + int is_rsn, rc; + + *crypt = NET80211_CRYPT_UNKNOWN; + *secprot = NET80211_SECPROT_UNKNOWN; + + /* Find RSN or WPA IE */ + if ( ! ( rsn = sec80211_find_rsn ( beacon->info_element, iob->tail, + &is_rsn, &rsn_end ) ) ) { + /* No security IE at all; either WEP or no security. */ + *secprot = NET80211_SECPROT_NONE; + + if ( beacon->capability & IEEE80211_CAPAB_PRIVACY ) + *crypt = NET80211_CRYPT_WEP; + else + *crypt = NET80211_CRYPT_NONE; + + return 0; + } + + /* Determine type of security */ + if ( ( rc = sec80211_detect_ie ( is_rsn, rsn, rsn_end, secprot, + crypt ) ) == 0 ) + return 0; + + /* If we get here, the RSN IE was invalid */ + + *crypt = NET80211_CRYPT_UNKNOWN; + *secprot = NET80211_SECPROT_UNKNOWN; + DBG ( "Failed to handle RSN IE:\n" ); + DBG_HD ( rsn, rsn_end - rsn ); + return rc; +} + + +/** + * Determine RSN descriptor for specified net80211 ID + * + * @v id net80211 ID value + * @v rsnie Whether to return a new-format (RSN IE) descriptor + * @v map Map to use in translation + * @ret desc RSN descriptor, or 0 on error + * + * If @a rsnie is false, returns an old-format (WPA vendor IE) + * descriptor. + */ +static u32 rsn_get_desc ( unsigned id, int rsnie, struct descriptor_map *map ) +{ + u32 vendor = ( rsnie ? IEEE80211_RSN_OUI : IEEE80211_WPA_OUI ); + + for ( ; map->oui_type != END_MAGIC; map++ ) { + if ( map->net80211_type == id ) + return map->oui_type | vendor; + } + + return 0; +} + +/** + * Determine RSN descriptor for specified net80211 cryptosystem number + * + * @v crypt Cryptosystem number + * @v rsnie Whether to return a new-format (RSN IE) descriptor + * @ret desc RSN descriptor + * + * If @a rsnie is false, returns an old-format (WPA vendor IE) + * descriptor. + */ +u32 sec80211_rsn_get_crypto_desc ( enum net80211_crypto_alg crypt, int rsnie ) +{ + return rsn_get_desc ( crypt, rsnie, rsn_cipher_map ); +} + +/** + * Determine RSN descriptor for specified net80211 handshaker number + * + * @v secprot Handshaker number + * @v rsnie Whether to return a new-format (RSN IE) descriptor + * @ret desc RSN descriptor + * + * If @a rsnie is false, returns an old-format (WPA vendor IE) + * descriptor. + */ +u32 sec80211_rsn_get_akm_desc ( enum net80211_security_proto secprot, + int rsnie ) +{ + return rsn_get_desc ( secprot, rsnie, rsn_akm_map ); +} + +/** + * Determine net80211 cryptosystem number from RSN descriptor + * + * @v desc RSN descriptor + * @ret crypt net80211 cryptosystem enumeration value + */ +enum net80211_crypto_alg sec80211_rsn_get_net80211_crypt ( u32 desc ) +{ + struct descriptor_map *map = rsn_cipher_map; + + for ( ; map->oui_type != END_MAGIC; map++ ) { + if ( map->oui_type == ( desc & OUI_TYPE_MASK ) ) + break; + } + + return map->net80211_type; +} diff --git a/qemu/roms/ipxe/src/net/80211/wep.c b/qemu/roms/ipxe/src/net/80211/wep.c new file mode 100644 index 000000000..e22ac8998 --- /dev/null +++ b/qemu/roms/ipxe/src/net/80211/wep.c @@ -0,0 +1,304 @@ +/* + * Copyright (c) 2009 Joshua Oreman <oremanj@rwcr.net>. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +FILE_LICENCE ( GPL2_OR_LATER ); + +#include <ipxe/net80211.h> +#include <ipxe/sec80211.h> +#include <ipxe/crypto.h> +#include <ipxe/arc4.h> +#include <ipxe/crc32.h> +#include <stdlib.h> +#include <string.h> +#include <errno.h> + +/** @file + * + * The WEP wireless encryption method (insecure!) + * + * The data field in a WEP-encrypted packet contains a 3-byte + * initialisation vector, one-byte Key ID field (only the bottom two + * bits are ever used), encrypted data, and a 4-byte encrypted CRC of + * the plaintext data, called the ICV. To decrypt it, the IV is + * prepended to the shared key and the data stream (including ICV) is + * run through the ARC4 stream cipher; if the ICV matches a CRC32 + * calculated on the plaintext, the packet is valid. + * + * For efficiency and code-size reasons, this file assumes it is + * running on a little-endian machine. + */ + +/** Length of WEP initialisation vector */ +#define WEP_IV_LEN 3 + +/** Length of WEP key ID byte */ +#define WEP_KID_LEN 1 + +/** Length of WEP ICV checksum */ +#define WEP_ICV_LEN 4 + +/** Maximum length of WEP key */ +#define WEP_MAX_KEY 16 + +/** Amount of data placed before the encrypted bytes */ +#define WEP_HEADER_LEN 4 + +/** Amount of data placed after the encrypted bytes */ +#define WEP_TRAILER_LEN 4 + +/** Total WEP overhead bytes */ +#define WEP_OVERHEAD 8 + +/** Context for WEP encryption and decryption */ +struct wep_ctx +{ + /** Encoded WEP key + * + * The actual key bytes are stored beginning at offset 3, to + * leave room for easily inserting the IV before a particular + * operation. + */ + u8 key[WEP_IV_LEN + WEP_MAX_KEY]; + + /** Length of WEP key (not including IV bytes) */ + int keylen; + + /** ARC4 context */ + struct arc4_ctx arc4; +}; + +/** + * Initialize WEP algorithm + * + * @v crypto 802.11 cryptographic algorithm + * @v key WEP key to use + * @v keylen Length of WEP key + * @v rsc Initial receive sequence counter (unused) + * @ret rc Return status code + * + * Standard key lengths are 5 and 13 bytes; 16-byte keys are + * occasionally supported as an extension to the standard. + */ +static int wep_init ( struct net80211_crypto *crypto, const void *key, + int keylen, const void *rsc __unused ) +{ + struct wep_ctx *ctx = crypto->priv; + + ctx->keylen = ( keylen > WEP_MAX_KEY ? WEP_MAX_KEY : keylen ); + memcpy ( ctx->key + WEP_IV_LEN, key, ctx->keylen ); + + return 0; +} + +/** + * Encrypt packet using WEP + * + * @v crypto 802.11 cryptographic algorithm + * @v iob I/O buffer of plaintext packet + * @ret eiob Newly allocated I/O buffer for encrypted packet, or NULL + * + * If memory allocation fails, @c NULL is returned. + */ +static struct io_buffer * wep_encrypt ( struct net80211_crypto *crypto, + struct io_buffer *iob ) +{ + struct wep_ctx *ctx = crypto->priv; + struct io_buffer *eiob; + struct ieee80211_frame *hdr; + const int hdrlen = IEEE80211_TYP_FRAME_HEADER_LEN; + int datalen = iob_len ( iob ) - hdrlen; + int newlen = hdrlen + datalen + WEP_OVERHEAD; + u32 iv, icv; + + eiob = alloc_iob ( newlen ); + if ( ! eiob ) + return NULL; + + memcpy ( iob_put ( eiob, hdrlen ), iob->data, hdrlen ); + hdr = eiob->data; + hdr->fc |= IEEE80211_FC_PROTECTED; + + /* Calculate IV, put it in the header (with key ID byte = 0), and + set it up at the start of the encryption key. */ + iv = random() & 0xffffff; /* IV in bottom 3 bytes, top byte = KID = 0 */ + memcpy ( iob_put ( eiob, WEP_HEADER_LEN ), &iv, WEP_HEADER_LEN ); + memcpy ( ctx->key, &iv, WEP_IV_LEN ); + + /* Encrypt the data using RC4 */ + cipher_setkey ( &arc4_algorithm, &ctx->arc4, ctx->key, + ctx->keylen + WEP_IV_LEN ); + cipher_encrypt ( &arc4_algorithm, &ctx->arc4, iob->data + hdrlen, + iob_put ( eiob, datalen ), datalen ); + + /* Add ICV */ + icv = ~crc32_le ( ~0, iob->data + hdrlen, datalen ); + cipher_encrypt ( &arc4_algorithm, &ctx->arc4, &icv, + iob_put ( eiob, WEP_ICV_LEN ), WEP_ICV_LEN ); + + return eiob; +} + +/** + * Decrypt packet using WEP + * + * @v crypto 802.11 cryptographic algorithm + * @v eiob I/O buffer of encrypted packet + * @ret iob Newly allocated I/O buffer for plaintext packet, or NULL + * + * If a consistency check for the decryption fails (usually indicating + * an invalid key), @c NULL is returned. + */ +static struct io_buffer * wep_decrypt ( struct net80211_crypto *crypto, + struct io_buffer *eiob ) +{ + struct wep_ctx *ctx = crypto->priv; + struct io_buffer *iob; + struct ieee80211_frame *hdr; + const int hdrlen = IEEE80211_TYP_FRAME_HEADER_LEN; + int datalen = iob_len ( eiob ) - hdrlen - WEP_OVERHEAD; + int newlen = hdrlen + datalen; + u32 iv, icv, crc; + + iob = alloc_iob ( newlen ); + if ( ! iob ) + return NULL; + + memcpy ( iob_put ( iob, hdrlen ), eiob->data, hdrlen ); + hdr = iob->data; + hdr->fc &= ~IEEE80211_FC_PROTECTED; + + /* Strip off IV and use it to initialize cryptosystem */ + memcpy ( &iv, eiob->data + hdrlen, 4 ); + iv &= 0xffffff; /* ignore key ID byte */ + memcpy ( ctx->key, &iv, WEP_IV_LEN ); + + /* Decrypt the data using RC4 */ + cipher_setkey ( &arc4_algorithm, &ctx->arc4, ctx->key, + ctx->keylen + WEP_IV_LEN ); + cipher_decrypt ( &arc4_algorithm, &ctx->arc4, eiob->data + hdrlen + + WEP_HEADER_LEN, iob_put ( iob, datalen ), datalen ); + + /* Strip off ICV and verify it */ + cipher_decrypt ( &arc4_algorithm, &ctx->arc4, eiob->data + hdrlen + + WEP_HEADER_LEN + datalen, &icv, WEP_ICV_LEN ); + crc = ~crc32_le ( ~0, iob->data + hdrlen, datalen ); + if ( crc != icv ) { + DBGC ( crypto, "WEP %p CRC mismatch: expect %08x, get %08x\n", + crypto, icv, crc ); + free_iob ( iob ); + return NULL; + } + return iob; +} + +/** WEP cryptosystem for 802.11 */ +struct net80211_crypto wep_crypto __net80211_crypto = { + .algorithm = NET80211_CRYPT_WEP, + .init = wep_init, + .encrypt = wep_encrypt, + .decrypt = wep_decrypt, + .priv_len = sizeof ( struct wep_ctx ), +}; + +/** + * Initialize trivial 802.11 security handshaker + * + * @v dev 802.11 device + * @v ctx Security handshaker + * + * This simply fetches a WEP key from netX/key, and if it exists, + * installs WEP cryptography on the 802.11 device. No real handshaking + * is performed. + */ +static int trivial_init ( struct net80211_device *dev ) +{ + u8 key[WEP_MAX_KEY]; /* support up to 128-bit keys */ + int len; + int rc; + + if ( dev->associating && + dev->associating->crypto == NET80211_CRYPT_NONE ) + return 0; /* no crypto? OK. */ + + len = fetch_raw_setting ( netdev_settings ( dev->netdev ), + &net80211_key_setting, key, WEP_MAX_KEY ); + + if ( len <= 0 ) { + DBGC ( dev, "802.11 %p cannot do WEP without a key\n", dev ); + return -EACCES; + } + + /* Full 128-bit keys are a nonstandard extension, but they're + utterly trivial to support, so we do. */ + if ( len != 5 && len != 13 && len != 16 ) { + DBGC ( dev, "802.11 %p invalid WEP key length %d\n", + dev, len ); + return -EINVAL; + } + + DBGC ( dev, "802.11 %p installing %d-bit WEP\n", dev, len * 8 ); + + rc = sec80211_install ( &dev->crypto, NET80211_CRYPT_WEP, key, len, + NULL ); + if ( rc < 0 ) + return rc; + + return 0; +} + +/** + * Check for key change on trivial 802.11 security handshaker + * + * @v dev 802.11 device + * @v ctx Security handshaker + */ +static int trivial_change_key ( struct net80211_device *dev ) +{ + u8 key[WEP_MAX_KEY]; + int len; + int change = 0; + + /* If going from WEP to clear, or something else to WEP, reassociate. */ + if ( ! dev->crypto || ( dev->crypto->init != wep_init ) ) + change ^= 1; + + len = fetch_raw_setting ( netdev_settings ( dev->netdev ), + &net80211_key_setting, key, WEP_MAX_KEY ); + if ( len <= 0 ) + change ^= 1; + + /* Changing crypto type => return nonzero to reassociate. */ + if ( change ) + return -EINVAL; + + /* Going from no crypto to still no crypto => nothing to do. */ + if ( len <= 0 ) + return 0; + + /* Otherwise, reinitialise WEP with new key. */ + return wep_init ( dev->crypto, key, len, NULL ); +} + +/** Trivial 802.11 security handshaker */ +struct net80211_handshaker trivial_handshaker __net80211_handshaker = { + .protocol = NET80211_SECPROT_NONE, + .init = trivial_init, + .change_key = trivial_change_key, + .priv_len = 0, +}; diff --git a/qemu/roms/ipxe/src/net/80211/wpa.c b/qemu/roms/ipxe/src/net/80211/wpa.c new file mode 100644 index 000000000..e2c4945f9 --- /dev/null +++ b/qemu/roms/ipxe/src/net/80211/wpa.c @@ -0,0 +1,915 @@ +/* + * Copyright (c) 2009 Joshua Oreman <oremanj@rwcr.net>. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +FILE_LICENCE ( GPL2_OR_LATER ); + +#include <ipxe/net80211.h> +#include <ipxe/sec80211.h> +#include <ipxe/wpa.h> +#include <ipxe/eapol.h> +#include <ipxe/crypto.h> +#include <ipxe/arc4.h> +#include <ipxe/crc32.h> +#include <ipxe/sha1.h> +#include <ipxe/hmac.h> +#include <ipxe/list.h> +#include <ipxe/ethernet.h> +#include <ipxe/rbg.h> +#include <stdlib.h> +#include <string.h> +#include <errno.h> +#include <byteswap.h> + +/** @file + * + * Handler for the aspects of WPA handshaking that are independent of + * 802.1X/PSK or TKIP/CCMP; this mostly involves the 4-Way Handshake. + */ + +/** List of WPA contexts in active use. */ +struct list_head wpa_contexts = LIST_HEAD_INIT ( wpa_contexts ); + + +/** + * Return an error code and deauthenticate + * + * @v ctx WPA common context + * @v rc Return status code + * @ret rc The passed return status code + */ +static int wpa_fail ( struct wpa_common_ctx *ctx, int rc ) +{ + net80211_deauthenticate ( ctx->dev, rc ); + return rc; +} + + +/** + * Find a cryptosystem handler structure from a crypto ID + * + * @v crypt Cryptosystem ID + * @ret crypto Cryptosystem handler structure + * + * If support for @a crypt is not compiled in to iPXE, or if @a crypt + * is NET80211_CRYPT_UNKNOWN, returns @c NULL. + */ +static struct net80211_crypto * +wpa_find_cryptosystem ( enum net80211_crypto_alg crypt ) +{ + struct net80211_crypto *crypto; + + for_each_table_entry ( crypto, NET80211_CRYPTOS ) { + if ( crypto->algorithm == crypt ) + return crypto; + } + + return NULL; +} + + +/** + * Find WPA key integrity and encryption handler from key version field + * + * @v ver Version bits of EAPOL-Key info field + * @ret kie Key integrity and encryption handler + */ +struct wpa_kie * wpa_find_kie ( int version ) +{ + struct wpa_kie *kie; + + for_each_table_entry ( kie, WPA_KIES ) { + if ( kie->version == version ) + return kie; + } + + return NULL; +} + + +/** + * Construct RSN or WPA information element + * + * @v dev 802.11 device + * @ret ie_ret RSN or WPA information element + * @ret rc Return status code + * + * This function allocates, fills, and returns a RSN or WPA + * information element suitable for including in an association + * request frame to the network identified by @c dev->associating. + * If it is impossible to construct an information element consistent + * with iPXE's capabilities that is compatible with that network, or + * if none should be sent because that network's beacon included no + * security information, returns an error indication and leaves + * @a ie_ret unchanged. + * + * The returned IE will be of the same type (RSN or WPA) as was + * included in the beacon for the network it is destined for. + */ +int wpa_make_rsn_ie ( struct net80211_device *dev, union ieee80211_ie **ie_ret ) +{ + u8 *rsn, *rsn_end; + int is_rsn; + u32 group_cipher; + enum net80211_crypto_alg gcrypt; + int ie_len; + u8 *iep; + struct ieee80211_ie_rsn *ie; + struct ieee80211_frame *hdr; + struct ieee80211_beacon *beacon; + + if ( ! dev->associating ) { + DBG ( "WPA: Can't make RSN IE for a non-associating device\n" ); + return -EINVAL; + } + + hdr = dev->associating->beacon->data; + beacon = ( struct ieee80211_beacon * ) hdr->data; + rsn = sec80211_find_rsn ( beacon->info_element, + dev->associating->beacon->tail, &is_rsn, + &rsn_end ); + if ( ! rsn ) { + DBG ( "WPA: Can't make RSN IE when we didn't get one\n" ); + return -EINVAL; + } + + rsn += 2; /* skip version */ + group_cipher = *( u32 * ) rsn; + gcrypt = sec80211_rsn_get_net80211_crypt ( group_cipher ); + + if ( ! wpa_find_cryptosystem ( gcrypt ) || + ! wpa_find_cryptosystem ( dev->associating->crypto ) ) { + DBG ( "WPA: No support for (GC:%d, PC:%d)\n", + gcrypt, dev->associating->crypto ); + return -ENOTSUP; + } + + /* Everything looks good - make our IE. */ + + /* WPA IEs need 4 more bytes for the OUI+type */ + ie_len = ieee80211_rsn_size ( 1, 1, 0, is_rsn ) + ( 4 * ! is_rsn ); + iep = malloc ( ie_len ); + if ( ! iep ) + return -ENOMEM; + + *ie_ret = ( union ieee80211_ie * ) iep; + + /* Store ID and length bytes. */ + *iep++ = ( is_rsn ? IEEE80211_IE_RSN : IEEE80211_IE_VENDOR ); + *iep++ = ie_len - 2; + + /* Store OUI+type for WPA IEs. */ + if ( ! is_rsn ) { + *( u32 * ) iep = IEEE80211_WPA_OUI_VEN; + iep += 4; + } + + /* If this is a WPA IE, the id and len bytes in the + ieee80211_ie_rsn structure will not be valid, but by doing + the cast we can fill all the other fields much more + readily. */ + + ie = ( struct ieee80211_ie_rsn * ) ( iep - 2 ); + ie->version = IEEE80211_RSN_VERSION; + ie->group_cipher = group_cipher; + ie->pairwise_count = 1; + ie->pairwise_cipher[0] = + sec80211_rsn_get_crypto_desc ( dev->associating->crypto, + is_rsn ); + ie->akm_count = 1; + ie->akm_list[0] = + sec80211_rsn_get_akm_desc ( dev->associating->handshaking, + is_rsn ); + if ( is_rsn ) { + ie->rsn_capab = 0; + ie->pmkid_count = 0; + } + + return 0; +} + + +/** + * Set up generic WPA support to handle 4-Way Handshake + * + * @v dev 802.11 device + * @v ctx WPA common context + * @v pmk Pairwise Master Key to use for session + * @v pmk_len Length of PMK, almost always 32 + * @ret rc Return status code + */ +int wpa_start ( struct net80211_device *dev, struct wpa_common_ctx *ctx, + const void *pmk, size_t pmk_len ) +{ + struct io_buffer *iob; + struct ieee80211_frame *hdr; + struct ieee80211_beacon *beacon; + u8 *ap_rsn_ie = NULL, *ap_rsn_ie_end; + + if ( ! dev->rsn_ie || ! dev->associating ) + return -EINVAL; + + ctx->dev = dev; + memcpy ( ctx->pmk, pmk, ctx->pmk_len = pmk_len ); + ctx->state = WPA_READY; + ctx->replay = ~0ULL; + + iob = dev->associating->beacon; + hdr = iob->data; + beacon = ( struct ieee80211_beacon * ) hdr->data; + ap_rsn_ie = sec80211_find_rsn ( beacon->info_element, iob->tail, + &ctx->ap_rsn_is_rsn, &ap_rsn_ie_end ); + if ( ap_rsn_ie ) { + ctx->ap_rsn_ie = malloc ( ap_rsn_ie_end - ap_rsn_ie ); + if ( ! ctx->ap_rsn_ie ) + return -ENOMEM; + memcpy ( ctx->ap_rsn_ie, ap_rsn_ie, ap_rsn_ie_end - ap_rsn_ie ); + ctx->ap_rsn_ie_len = ap_rsn_ie_end - ap_rsn_ie; + } else { + return -ENOENT; + } + + ctx->crypt = dev->associating->crypto; + ctx->gcrypt = NET80211_CRYPT_UNKNOWN; + + list_add_tail ( &ctx->list, &wpa_contexts ); + return 0; +} + + +/** + * Disable handling of received WPA handshake frames + * + * @v dev 802.11 device + */ +void wpa_stop ( struct net80211_device *dev ) +{ + struct wpa_common_ctx *ctx, *tmp; + + list_for_each_entry_safe ( ctx, tmp, &wpa_contexts, list ) { + if ( ctx->dev == dev ) { + free ( ctx->ap_rsn_ie ); + ctx->ap_rsn_ie = NULL; + list_del ( &ctx->list ); + } + } +} + + +/** + * Derive pairwise transient key + * + * @v ctx WPA common context + */ +static void wpa_derive_ptk ( struct wpa_common_ctx *ctx ) +{ + struct { + u8 mac1[ETH_ALEN]; + u8 mac2[ETH_ALEN]; + u8 nonce1[WPA_NONCE_LEN]; + u8 nonce2[WPA_NONCE_LEN]; + } __attribute__ (( packed )) ptk_data; + + /* The addresses and nonces are stored in numerical order (!) */ + + if ( memcmp ( ctx->dev->netdev->ll_addr, ctx->dev->bssid, + ETH_ALEN ) < 0 ) { + memcpy ( ptk_data.mac1, ctx->dev->netdev->ll_addr, ETH_ALEN ); + memcpy ( ptk_data.mac2, ctx->dev->bssid, ETH_ALEN ); + } else { + memcpy ( ptk_data.mac1, ctx->dev->bssid, ETH_ALEN ); + memcpy ( ptk_data.mac2, ctx->dev->netdev->ll_addr, ETH_ALEN ); + } + + if ( memcmp ( ctx->Anonce, ctx->Snonce, WPA_NONCE_LEN ) < 0 ) { + memcpy ( ptk_data.nonce1, ctx->Anonce, WPA_NONCE_LEN ); + memcpy ( ptk_data.nonce2, ctx->Snonce, WPA_NONCE_LEN ); + } else { + memcpy ( ptk_data.nonce1, ctx->Snonce, WPA_NONCE_LEN ); + memcpy ( ptk_data.nonce2, ctx->Anonce, WPA_NONCE_LEN ); + } + + DBGC2 ( ctx, "WPA %p A1 %s, A2 %s\n", ctx, eth_ntoa ( ptk_data.mac1 ), + eth_ntoa ( ptk_data.mac2 ) ); + DBGC2 ( ctx, "WPA %p Nonce1, Nonce2:\n", ctx ); + DBGC2_HD ( ctx, ptk_data.nonce1, WPA_NONCE_LEN ); + DBGC2_HD ( ctx, ptk_data.nonce2, WPA_NONCE_LEN ); + + prf_sha1 ( ctx->pmk, ctx->pmk_len, + "Pairwise key expansion", + &ptk_data, sizeof ( ptk_data ), + &ctx->ptk, sizeof ( ctx->ptk ) ); + + DBGC2 ( ctx, "WPA %p PTK:\n", ctx ); + DBGC2_HD ( ctx, &ctx->ptk, sizeof ( ctx->ptk ) ); +} + + +/** + * Install pairwise transient key + * + * @v ctx WPA common context + * @v len Key length (16 for CCMP, 32 for TKIP) + * @ret rc Return status code + */ +static inline int wpa_install_ptk ( struct wpa_common_ctx *ctx, int len ) +{ + DBGC ( ctx, "WPA %p: installing %d-byte pairwise transient key\n", + ctx, len ); + DBGC2_HD ( ctx, &ctx->ptk.tk, len ); + + return sec80211_install ( &ctx->dev->crypto, ctx->crypt, + &ctx->ptk.tk, len, NULL ); +} + +/** + * Install group transient key + * + * @v ctx WPA common context + * @v len Key length (16 for CCMP, 32 for TKIP) + * @v rsc Receive sequence counter field in EAPOL-Key packet + * @ret rc Return status code + */ +static inline int wpa_install_gtk ( struct wpa_common_ctx *ctx, int len, + const void *rsc ) +{ + DBGC ( ctx, "WPA %p: installing %d-byte group transient key\n", + ctx, len ); + DBGC2_HD ( ctx, &ctx->gtk.tk, len ); + + return sec80211_install ( &ctx->dev->gcrypto, ctx->gcrypt, + &ctx->gtk.tk, len, rsc ); +} + +/** + * Search for group transient key, and install it if found + * + * @v ctx WPA common context + * @v ie Pointer to first IE in key data field + * @v ie_end Pointer to first byte not in key data field + * @v rsc Receive sequence counter field in EAPOL-Key packet + * @ret rc Return status code + */ +static int wpa_maybe_install_gtk ( struct wpa_common_ctx *ctx, + union ieee80211_ie *ie, void *ie_end, + const void *rsc ) +{ + struct wpa_kde *kde; + + if ( ! ieee80211_ie_bound ( ie, ie_end ) ) + return -ENOENT; + + while ( ie ) { + if ( ie->id == IEEE80211_IE_VENDOR && + ie->vendor.oui == WPA_KDE_GTK ) + break; + + ie = ieee80211_next_ie ( ie, ie_end ); + } + + if ( ! ie ) + return -ENOENT; + + if ( ie->len - 6u > sizeof ( ctx->gtk.tk ) ) { + DBGC ( ctx, "WPA %p: GTK KDE is too long (%d bytes, max %zd)\n", + ctx, ie->len - 4, sizeof ( ctx->gtk.tk ) ); + return -EINVAL; + } + + /* XXX We ignore key ID for now. */ + kde = ( struct wpa_kde * ) ie; + memcpy ( &ctx->gtk.tk, &kde->gtk_encap.gtk, kde->len - 6 ); + + return wpa_install_gtk ( ctx, kde->len - 6, rsc ); +} + + +/** + * Allocate I/O buffer for construction of outgoing EAPOL-Key frame + * + * @v kdlen Maximum number of bytes in the Key Data field + * @ret iob Newly allocated I/O buffer + * + * The returned buffer will have space reserved for the link-layer and + * EAPOL headers, and will have @c iob->tail pointing to the start of + * the Key Data field. Thus, it is necessary to use iob_put() in + * filling the Key Data. + */ +static struct io_buffer * wpa_alloc_frame ( int kdlen ) +{ + struct io_buffer *ret = alloc_iob ( sizeof ( struct eapol_key_pkt ) + + kdlen + EAPOL_HDR_LEN + + MAX_LL_HEADER_LEN ); + if ( ! ret ) + return NULL; + + iob_reserve ( ret, MAX_LL_HEADER_LEN + EAPOL_HDR_LEN ); + memset ( iob_put ( ret, sizeof ( struct eapol_key_pkt ) ), 0, + sizeof ( struct eapol_key_pkt ) ); + + return ret; +} + + +/** + * Send EAPOL-Key packet + * + * @v iob I/O buffer, with sufficient headroom for headers + * @v dev 802.11 device + * @v kie Key integrity and encryption handler + * @v is_rsn If TRUE, handshake uses new RSN format + * @ret rc Return status code + * + * If a KIE is specified, the MIC will be filled in before transmission. + */ +static int wpa_send_eapol ( struct io_buffer *iob, struct wpa_common_ctx *ctx, + struct wpa_kie *kie ) +{ + struct eapol_key_pkt *pkt = iob->data; + struct eapol_frame *eapol = iob_push ( iob, EAPOL_HDR_LEN ); + + pkt->info = htons ( pkt->info ); + pkt->keysize = htons ( pkt->keysize ); + pkt->datalen = htons ( pkt->datalen ); + pkt->replay = cpu_to_be64 ( pkt->replay ); + eapol->version = EAPOL_THIS_VERSION; + eapol->type = EAPOL_TYPE_KEY; + eapol->length = htons ( iob->tail - iob->data - sizeof ( *eapol ) ); + + memset ( pkt->mic, 0, sizeof ( pkt->mic ) ); + if ( kie ) + kie->mic ( &ctx->ptk.kck, eapol, EAPOL_HDR_LEN + + sizeof ( *pkt ) + ntohs ( pkt->datalen ), + pkt->mic ); + + return net_tx ( iob, ctx->dev->netdev, &eapol_protocol, + ctx->dev->bssid, ctx->dev->netdev->ll_addr ); +} + + +/** + * Send second frame in 4-Way Handshake + * + * @v ctx WPA common context + * @v pkt First frame, to which this is a reply + * @v is_rsn If TRUE, handshake uses new RSN format + * @v kie Key integrity and encryption handler + * @ret rc Return status code + */ +static int wpa_send_2_of_4 ( struct wpa_common_ctx *ctx, + struct eapol_key_pkt *pkt, int is_rsn, + struct wpa_kie *kie ) +{ + struct io_buffer *iob = wpa_alloc_frame ( ctx->dev->rsn_ie->len + 2 ); + struct eapol_key_pkt *npkt; + + if ( ! iob ) + return -ENOMEM; + + npkt = iob->data; + memcpy ( npkt, pkt, sizeof ( *pkt ) ); + npkt->info &= ~EAPOL_KEY_INFO_KEY_ACK; + npkt->info |= EAPOL_KEY_INFO_KEY_MIC; + if ( is_rsn ) + npkt->keysize = 0; + memcpy ( npkt->nonce, ctx->Snonce, sizeof ( npkt->nonce ) ); + npkt->datalen = ctx->dev->rsn_ie->len + 2; + memcpy ( iob_put ( iob, npkt->datalen ), ctx->dev->rsn_ie, + npkt->datalen ); + + DBGC ( ctx, "WPA %p: sending 2/4\n", ctx ); + + return wpa_send_eapol ( iob, ctx, kie ); +} + + +/** + * Handle receipt of first frame in 4-Way Handshake + * + * @v ctx WPA common context + * @v pkt EAPOL-Key packet + * @v is_rsn If TRUE, frame uses new RSN format + * @v kie Key integrity and encryption handler + * @ret rc Return status code + */ +static int wpa_handle_1_of_4 ( struct wpa_common_ctx *ctx, + struct eapol_key_pkt *pkt, int is_rsn, + struct wpa_kie *kie ) +{ + if ( ctx->state == WPA_WAITING ) + return -EINVAL; + + ctx->state = WPA_WORKING; + memcpy ( ctx->Anonce, pkt->nonce, sizeof ( ctx->Anonce ) ); + if ( ! ctx->have_Snonce ) { + rbg_generate ( NULL, 0, 0, ctx->Snonce, + sizeof ( ctx->Snonce ) ); + ctx->have_Snonce = 1; + } + + DBGC ( ctx, "WPA %p: received 1/4, looks OK\n", ctx ); + + wpa_derive_ptk ( ctx ); + + return wpa_send_2_of_4 ( ctx, pkt, is_rsn, kie ); +} + + +/** + * Send fourth frame in 4-Way Handshake, or second in Group Key Handshake + * + * @v ctx WPA common context + * @v pkt EAPOL-Key packet for frame to which we're replying + * @v is_rsn If TRUE, frame uses new RSN format + * @v kie Key integrity and encryption handler + * @ret rc Return status code + */ +static int wpa_send_final ( struct wpa_common_ctx *ctx, + struct eapol_key_pkt *pkt, int is_rsn, + struct wpa_kie *kie ) +{ + struct io_buffer *iob = wpa_alloc_frame ( 0 ); + struct eapol_key_pkt *npkt; + + if ( ! iob ) + return -ENOMEM; + + npkt = iob->data; + memcpy ( npkt, pkt, sizeof ( *pkt ) ); + npkt->info &= ~( EAPOL_KEY_INFO_KEY_ACK | EAPOL_KEY_INFO_INSTALL | + EAPOL_KEY_INFO_KEY_ENC ); + if ( is_rsn ) + npkt->keysize = 0; + memset ( npkt->nonce, 0, sizeof ( npkt->nonce ) ); + memset ( npkt->iv, 0, sizeof ( npkt->iv ) ); + npkt->datalen = 0; + + if ( npkt->info & EAPOL_KEY_INFO_TYPE ) + DBGC ( ctx, "WPA %p: sending 4/4\n", ctx ); + else + DBGC ( ctx, "WPA %p: sending 2/2\n", ctx ); + + return wpa_send_eapol ( iob, ctx, kie ); + +} + + +/** + * Handle receipt of third frame in 4-Way Handshake + * + * @v ctx WPA common context + * @v pkt EAPOL-Key packet + * @v is_rsn If TRUE, frame uses new RSN format + * @v kie Key integrity and encryption handler + * @ret rc Return status code + */ +static int wpa_handle_3_of_4 ( struct wpa_common_ctx *ctx, + struct eapol_key_pkt *pkt, int is_rsn, + struct wpa_kie *kie ) +{ + int rc; + u8 *this_rsn, *this_rsn_end; + u8 *new_rsn, *new_rsn_end; + int this_is_rsn, new_is_rsn; + + if ( ctx->state == WPA_WAITING ) + return -EINVAL; + + ctx->state = WPA_WORKING; + + /* Check nonce */ + if ( memcmp ( ctx->Anonce, pkt->nonce, WPA_NONCE_LEN ) != 0 ) { + DBGC ( ctx, "WPA %p ALERT: nonce mismatch in 3/4\n", ctx ); + return wpa_fail ( ctx, -EACCES ); + } + + /* Check RSN IE */ + this_rsn = sec80211_find_rsn ( ( union ieee80211_ie * ) pkt->data, + pkt->data + pkt->datalen, + &this_is_rsn, &this_rsn_end ); + if ( this_rsn ) + new_rsn = sec80211_find_rsn ( ( union ieee80211_ie * ) + this_rsn_end, + pkt->data + pkt->datalen, + &new_is_rsn, &new_rsn_end ); + else + new_rsn = NULL; + + if ( ! ctx->ap_rsn_ie || ! this_rsn || + ctx->ap_rsn_ie_len != ( this_rsn_end - this_rsn ) || + ctx->ap_rsn_is_rsn != this_is_rsn || + memcmp ( ctx->ap_rsn_ie, this_rsn, ctx->ap_rsn_ie_len ) != 0 ) { + DBGC ( ctx, "WPA %p ALERT: RSN mismatch in 3/4\n", ctx ); + DBGC2 ( ctx, "WPA %p RSNs (in 3/4, in beacon):\n", ctx ); + DBGC2_HD ( ctx, this_rsn, this_rsn_end - this_rsn ); + DBGC2_HD ( ctx, ctx->ap_rsn_ie, ctx->ap_rsn_ie_len ); + return wpa_fail ( ctx, -EACCES ); + } + + /* Don't switch if they just supplied both styles of IE + simultaneously; we need two RSN IEs or two WPA IEs to + switch ciphers. They'll be immediately consecutive because + of ordering guarantees. */ + if ( new_rsn && this_is_rsn == new_is_rsn ) { + struct net80211_wlan *assoc = ctx->dev->associating; + DBGC ( ctx, "WPA %p: accommodating bait-and-switch tactics\n", + ctx ); + DBGC2 ( ctx, "WPA %p RSNs (in 3/4+beacon, new in 3/4):\n", + ctx ); + DBGC2_HD ( ctx, this_rsn, this_rsn_end - this_rsn ); + DBGC2_HD ( ctx, new_rsn, new_rsn_end - new_rsn ); + + if ( ( rc = sec80211_detect_ie ( new_is_rsn, new_rsn, + new_rsn_end, + &assoc->handshaking, + &assoc->crypto ) ) != 0 ) + DBGC ( ctx, "WPA %p: bait-and-switch invalid, staying " + "with original request\n", ctx ); + } else { + new_rsn = this_rsn; + new_is_rsn = this_is_rsn; + new_rsn_end = this_rsn_end; + } + + /* Grab group cryptosystem ID */ + ctx->gcrypt = sec80211_rsn_get_net80211_crypt ( *( u32 * ) + ( new_rsn + 2 ) ); + + /* Check for a GTK, if info field is encrypted */ + if ( pkt->info & EAPOL_KEY_INFO_KEY_ENC ) { + rc = wpa_maybe_install_gtk ( ctx, + ( union ieee80211_ie * ) pkt->data, + pkt->data + pkt->datalen, + pkt->rsc ); + if ( rc < 0 ) { + DBGC ( ctx, "WPA %p did not install GTK in 3/4: %s\n", + ctx, strerror ( rc ) ); + if ( rc != -ENOENT ) + return wpa_fail ( ctx, rc ); + } + } + + DBGC ( ctx, "WPA %p: received 3/4, looks OK\n", ctx ); + + /* Send final message */ + rc = wpa_send_final ( ctx, pkt, is_rsn, kie ); + if ( rc < 0 ) + return wpa_fail ( ctx, rc ); + + /* Install PTK */ + rc = wpa_install_ptk ( ctx, pkt->keysize ); + if ( rc < 0 ) { + DBGC ( ctx, "WPA %p failed to install PTK: %s\n", ctx, + strerror ( rc ) ); + return wpa_fail ( ctx, rc ); + } + + /* Mark us as needing a new Snonce if we rekey */ + ctx->have_Snonce = 0; + + /* Done! */ + ctx->state = WPA_SUCCESS; + return 0; +} + + +/** + * Handle receipt of first frame in Group Key Handshake + * + * @v ctx WPA common context + * @v pkt EAPOL-Key packet + * @v is_rsn If TRUE, frame uses new RSN format + * @v kie Key integrity and encryption handler + * @ret rc Return status code + */ +static int wpa_handle_1_of_2 ( struct wpa_common_ctx *ctx, + struct eapol_key_pkt *pkt, int is_rsn, + struct wpa_kie *kie ) +{ + int rc; + + /* + * WPA and RSN do this completely differently. + * + * The idea of encoding the GTK (or PMKID, or various other + * things) into a KDE that looks like an information element + * is an RSN innovation; old WPA code never encapsulates + * things like that. If it looks like an info element, it + * really is (for the WPA IE check in frames 2/4 and 3/4). The + * "key data encrypted" bit in the info field is also specific + * to RSN. + * + * So from an old WPA host, 3/4 does not contain an + * encapsulated GTK. The first frame of the GK handshake + * contains it, encrypted, but without a KDE wrapper, and with + * the key ID field (which iPXE doesn't use) shoved away in + * the reserved bits in the info field, and the TxRx bit + * stealing the Install bit's spot. + */ + + if ( is_rsn && ( pkt->info & EAPOL_KEY_INFO_KEY_ENC ) ) { + rc = wpa_maybe_install_gtk ( ctx, + ( union ieee80211_ie * ) pkt->data, + pkt->data + pkt->datalen, + pkt->rsc ); + if ( rc < 0 ) { + DBGC ( ctx, "WPA %p: failed to install GTK in 1/2: " + "%s\n", ctx, strerror ( rc ) ); + return wpa_fail ( ctx, rc ); + } + } else { + rc = kie->decrypt ( &ctx->ptk.kek, pkt->iv, pkt->data, + &pkt->datalen ); + if ( rc < 0 ) { + DBGC ( ctx, "WPA %p: failed to decrypt GTK: %s\n", + ctx, strerror ( rc ) ); + return rc; /* non-fatal */ + } + if ( pkt->datalen > sizeof ( ctx->gtk.tk ) ) { + DBGC ( ctx, "WPA %p: too much GTK data (%d > %zd)\n", + ctx, pkt->datalen, sizeof ( ctx->gtk.tk ) ); + return wpa_fail ( ctx, -EINVAL ); + } + + memcpy ( &ctx->gtk.tk, pkt->data, pkt->datalen ); + wpa_install_gtk ( ctx, pkt->datalen, pkt->rsc ); + } + + DBGC ( ctx, "WPA %p: received 1/2, looks OK\n", ctx ); + + return wpa_send_final ( ctx, pkt, is_rsn, kie ); +} + + +/** + * Handle receipt of EAPOL-Key frame for WPA + * + * @v iob I/O buffer + * @v netdev Network device + * @v ll_dest Link-layer destination address + * @v ll_source Source link-layer address + */ +static int eapol_key_rx ( struct io_buffer *iob, struct net_device *netdev, + const void *ll_dest __unused, + const void *ll_source ) +{ + struct net80211_device *dev = net80211_get ( netdev ); + struct eapol_key_pkt *pkt = iob->data; + int is_rsn, found_ctx; + struct wpa_common_ctx *ctx; + int rc = 0; + struct wpa_kie *kie; + u8 their_mic[16], our_mic[16]; + + if ( pkt->type != EAPOL_KEY_TYPE_WPA && + pkt->type != EAPOL_KEY_TYPE_RSN ) { + DBG ( "EAPOL-Key: packet not of 802.11 type\n" ); + rc = -EINVAL; + goto drop; + } + + is_rsn = ( pkt->type == EAPOL_KEY_TYPE_RSN ); + + if ( ! dev ) { + DBG ( "EAPOL-Key: packet not from 802.11\n" ); + rc = -EINVAL; + goto drop; + } + + if ( memcmp ( dev->bssid, ll_source, ETH_ALEN ) != 0 ) { + DBG ( "EAPOL-Key: packet not from associated AP\n" ); + rc = -EINVAL; + goto drop; + } + + if ( ! ( ntohs ( pkt->info ) & EAPOL_KEY_INFO_KEY_ACK ) ) { + DBG ( "EAPOL-Key: packet sent in wrong direction\n" ); + rc = -EINVAL; + goto drop; + } + + found_ctx = 0; + list_for_each_entry ( ctx, &wpa_contexts, list ) { + if ( ctx->dev == dev ) { + found_ctx = 1; + break; + } + } + + if ( ! found_ctx ) { + DBG ( "EAPOL-Key: no WPA context to handle packet for %p\n", + dev ); + rc = -ENOENT; + goto drop; + } + + if ( ( void * ) ( pkt + 1 ) + ntohs ( pkt->datalen ) > iob->tail ) { + DBGC ( ctx, "WPA %p: packet truncated (has %zd extra bytes, " + "states %d)\n", ctx, iob->tail - ( void * ) ( pkt + 1 ), + ntohs ( pkt->datalen ) ); + rc = -EINVAL; + goto drop; + } + + /* Get a handle on key integrity/encryption handler */ + kie = wpa_find_kie ( ntohs ( pkt->info ) & EAPOL_KEY_INFO_VERSION ); + if ( ! kie ) { + DBGC ( ctx, "WPA %p: no support for packet version %d\n", ctx, + ntohs ( pkt->info ) & EAPOL_KEY_INFO_VERSION ); + rc = wpa_fail ( ctx, -ENOTSUP ); + goto drop; + } + + /* Check MIC */ + if ( ntohs ( pkt->info ) & EAPOL_KEY_INFO_KEY_MIC ) { + memcpy ( their_mic, pkt->mic, sizeof ( pkt->mic ) ); + memset ( pkt->mic, 0, sizeof ( pkt->mic ) ); + kie->mic ( &ctx->ptk.kck, ( void * ) pkt - EAPOL_HDR_LEN, + EAPOL_HDR_LEN + sizeof ( *pkt ) + + ntohs ( pkt->datalen ), our_mic ); + DBGC2 ( ctx, "WPA %p MIC comparison (theirs, ours):\n", ctx ); + DBGC2_HD ( ctx, their_mic, 16 ); + DBGC2_HD ( ctx, our_mic, 16 ); + if ( memcmp ( their_mic, our_mic, sizeof ( pkt->mic ) ) != 0 ) { + DBGC ( ctx, "WPA %p: EAPOL MIC failure\n", ctx ); + goto drop; + } + } + + /* Fix byte order to local */ + pkt->info = ntohs ( pkt->info ); + pkt->keysize = ntohs ( pkt->keysize ); + pkt->datalen = ntohs ( pkt->datalen ); + pkt->replay = be64_to_cpu ( pkt->replay ); + + /* Check replay counter */ + if ( ctx->replay != ~0ULL && ctx->replay >= pkt->replay ) { + DBGC ( ctx, "WPA %p ALERT: Replay detected! " + "(%08x:%08x >= %08x:%08x)\n", ctx, + ( u32 ) ( ctx->replay >> 32 ), ( u32 ) ctx->replay, + ( u32 ) ( pkt->replay >> 32 ), ( u32 ) pkt->replay ); + rc = 0; /* ignore without error */ + goto drop; + } + ctx->replay = pkt->replay; + + /* Decrypt key data */ + if ( pkt->info & EAPOL_KEY_INFO_KEY_ENC ) { + rc = kie->decrypt ( &ctx->ptk.kek, pkt->iv, pkt->data, + &pkt->datalen ); + if ( rc < 0 ) { + DBGC ( ctx, "WPA %p: failed to decrypt packet: %s\n", + ctx, strerror ( rc ) ); + goto drop; + } + } + + /* Hand it off to appropriate handler */ + switch ( pkt->info & ( EAPOL_KEY_INFO_TYPE | + EAPOL_KEY_INFO_KEY_MIC ) ) { + case EAPOL_KEY_TYPE_PTK: + rc = wpa_handle_1_of_4 ( ctx, pkt, is_rsn, kie ); + break; + + case EAPOL_KEY_TYPE_PTK | EAPOL_KEY_INFO_KEY_MIC: + rc = wpa_handle_3_of_4 ( ctx, pkt, is_rsn, kie ); + break; + + case EAPOL_KEY_TYPE_GTK | EAPOL_KEY_INFO_KEY_MIC: + rc = wpa_handle_1_of_2 ( ctx, pkt, is_rsn, kie ); + break; + + default: + DBGC ( ctx, "WPA %p: Invalid combination of key flags %04x\n", + ctx, pkt->info ); + rc = -EINVAL; + break; + } + + drop: + free_iob ( iob ); + return rc; +} + +struct eapol_handler eapol_key_handler __eapol_handler = { + .type = EAPOL_TYPE_KEY, + .rx = eapol_key_rx, +}; + +/* WPA always needs EAPOL in order to be useful */ +REQUIRE_OBJECT ( eapol ); diff --git a/qemu/roms/ipxe/src/net/80211/wpa_ccmp.c b/qemu/roms/ipxe/src/net/80211/wpa_ccmp.c new file mode 100644 index 000000000..f98ebea26 --- /dev/null +++ b/qemu/roms/ipxe/src/net/80211/wpa_ccmp.c @@ -0,0 +1,530 @@ +/* + * Copyright (c) 2009 Joshua Oreman <oremanj@rwcr.net>. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +FILE_LICENCE ( GPL2_OR_LATER ); + +#include <string.h> +#include <ipxe/net80211.h> +#include <ipxe/crypto.h> +#include <ipxe/hmac.h> +#include <ipxe/sha1.h> +#include <ipxe/aes.h> +#include <ipxe/wpa.h> +#include <byteswap.h> +#include <errno.h> + +/** @file + * + * Backend for WPA using the CCMP encryption method + */ + +/** Context for CCMP encryption and decryption */ +struct ccmp_ctx +{ + /** AES context - only ever used for encryption */ + u8 aes_ctx[AES_CTX_SIZE]; + + /** Most recently sent packet number */ + u64 tx_seq; + + /** Most recently received packet number */ + u64 rx_seq; +}; + +/** Header structure at the beginning of CCMP frame data */ +struct ccmp_head +{ + u8 pn_lo[2]; /**< Bytes 0 and 1 of packet number */ + u8 _rsvd; /**< Reserved byte */ + u8 kid; /**< Key ID and ExtIV byte */ + u8 pn_hi[4]; /**< Bytes 2-5 (2 first) of packet number */ +} __attribute__ (( packed )); + + +/** CCMP header overhead */ +#define CCMP_HEAD_LEN 8 + +/** CCMP MIC trailer overhead */ +#define CCMP_MIC_LEN 8 + +/** CCMP nonce length */ +#define CCMP_NONCE_LEN 13 + +/** CCMP nonce structure */ +struct ccmp_nonce +{ + u8 prio; /**< Packet priority, 0 for non-QoS */ + u8 a2[ETH_ALEN]; /**< Address 2 from packet header (sender) */ + u8 pn[6]; /**< Packet number */ +} __attribute__ (( packed )); + +/** CCMP additional authentication data length (for non-QoS, non-WDS frames) */ +#define CCMP_AAD_LEN 22 + +/** CCMP additional authentication data structure */ +struct ccmp_aad +{ + u16 fc; /**< Frame Control field */ + u8 a1[6]; /**< Address 1 */ + u8 a2[6]; /**< Address 2 */ + u8 a3[6]; /**< Address 3 */ + u16 seq; /**< Sequence Control field */ + /* Address 4 and QoS Control are included if present */ +} __attribute__ (( packed )); + +/** Mask for Frame Control field in AAD */ +#define CCMP_AAD_FC_MASK 0xC38F + +/** Mask for Sequence Control field in AAD */ +#define CCMP_AAD_SEQ_MASK 0x000F + + +/** + * Convert 6-byte LSB packet number to 64-bit integer + * + * @v pn Pointer to 6-byte packet number + * @ret v 64-bit integer value of @a pn + */ +static u64 pn_to_u64 ( const u8 *pn ) +{ + int i; + u64 ret = 0; + + for ( i = 5; i >= 0; i-- ) { + ret <<= 8; + ret |= pn[i]; + } + + return ret; +} + +/** + * Convert 64-bit integer to 6-byte packet number + * + * @v v 64-bit integer + * @v msb If TRUE, reverse the output PN to be in MSB order + * @ret pn 6-byte packet number + * + * The PN is stored in LSB order in the packet header and in MSB order + * in the nonce. WHYYYYY? + */ +static void u64_to_pn ( u64 v, u8 *pn, int msb ) +{ + int i; + u8 *pnp = pn + ( msb ? 5 : 0 ); + int delta = ( msb ? -1 : +1 ); + + for ( i = 0; i < 6; i++ ) { + *pnp = v & 0xFF; + pnp += delta; + v >>= 8; + } +} + +/** Value for @a msb argument of u64_to_pn() for MSB output */ +#define PN_MSB 1 + +/** Value for @a msb argument of u64_to_pn() for LSB output */ +#define PN_LSB 0 + + + +/** + * Initialise CCMP state and install key + * + * @v crypto CCMP cryptosystem structure + * @v key Pointer to 16-byte temporal key to install + * @v keylen Length of key (16 bytes) + * @v rsc Initial receive sequence counter + */ +static int ccmp_init ( struct net80211_crypto *crypto, const void *key, + int keylen, const void *rsc ) +{ + struct ccmp_ctx *ctx = crypto->priv; + + if ( keylen != 16 ) + return -EINVAL; + + if ( rsc ) + ctx->rx_seq = pn_to_u64 ( rsc ); + + cipher_setkey ( &aes_algorithm, ctx->aes_ctx, key, keylen ); + + return 0; +} + + +/** + * Encrypt or decrypt data stream using AES in Counter mode + * + * @v ctx CCMP cryptosystem context + * @v nonce Nonce value, 13 bytes + * @v srcv Data to encrypt or decrypt + * @v len Number of bytes pointed to by @a src + * @v msrcv MIC value to encrypt or decrypt (may be NULL) + * @ret destv Encrypted or decrypted data + * @ret mdestv Encrypted or decrypted MIC value + * + * This assumes CCMP parameters of L=2 and M=8. The algorithm is + * defined in RFC 3610. + */ +static void ccmp_ctr_xor ( struct ccmp_ctx *ctx, const void *nonce, + const void *srcv, void *destv, int len, + const void *msrcv, void *mdestv ) +{ + u8 A[16], S[16]; + u16 ctr; + int i; + const u8 *src = srcv, *msrc = msrcv; + u8 *dest = destv, *mdest = mdestv; + + A[0] = 0x01; /* flags, L' = L - 1 = 1, other bits rsvd */ + memcpy ( A + 1, nonce, CCMP_NONCE_LEN ); + + if ( msrcv ) { + A[14] = A[15] = 0; + + cipher_encrypt ( &aes_algorithm, ctx->aes_ctx, A, S, 16 ); + + for ( i = 0; i < 8; i++ ) { + *mdest++ = *msrc++ ^ S[i]; + } + } + + for ( ctr = 1 ;; ctr++ ) { + A[14] = ctr >> 8; + A[15] = ctr & 0xFF; + + cipher_encrypt ( &aes_algorithm, ctx->aes_ctx, A, S, 16 ); + + for ( i = 0; i < len && i < 16; i++ ) + *dest++ = *src++ ^ S[i]; + + if ( len <= 16 ) + break; /* we're done */ + + len -= 16; + } +} + + +/** + * Advance one block in CBC-MAC calculation + * + * @v aes_ctx AES encryption context with key set + * @v B Cleartext block to incorporate (16 bytes) + * @v X Previous ciphertext block (16 bytes) + * @ret B Clobbered + * @ret X New ciphertext block (16 bytes) + * + * This function does X := E[key] ( X ^ B ). + */ +static void ccmp_feed_cbc_mac ( void *aes_ctx, u8 *B, u8 *X ) +{ + int i; + for ( i = 0; i < 16; i++ ) + B[i] ^= X[i]; + cipher_encrypt ( &aes_algorithm, aes_ctx, B, X, 16 ); +} + + +/** + * Calculate MIC on plaintext data using CBC-MAC + * + * @v ctx CCMP cryptosystem context + * @v nonce Nonce value, 13 bytes + * @v data Data to calculate MIC over + * @v datalen Length of @a data + * @v aad Additional authentication data, for MIC but not encryption + * @ret mic MIC value (unencrypted), 8 bytes + * + * @a aadlen is assumed to be 22 bytes long, as it always is for + * 802.11 use when transmitting non-QoS, not-between-APs frames (the + * only type we deal with). + */ +static void ccmp_cbc_mac ( struct ccmp_ctx *ctx, const void *nonce, + const void *data, u16 datalen, + const void *aad, void *mic ) +{ + u8 X[16], B[16]; + + /* Zeroth block: flags, nonce, length */ + + /* Rsv AAD - M'- - L'- + * 0 1 0 1 1 0 0 1 for an 8-byte MAC and 2-byte message length + */ + B[0] = 0x59; + memcpy ( B + 1, nonce, CCMP_NONCE_LEN ); + B[14] = datalen >> 8; + B[15] = datalen & 0xFF; + + cipher_encrypt ( &aes_algorithm, ctx->aes_ctx, B, X, 16 ); + + /* First block: AAD length field and 14 bytes of AAD */ + B[0] = 0; + B[1] = CCMP_AAD_LEN; + memcpy ( B + 2, aad, 14 ); + + ccmp_feed_cbc_mac ( ctx->aes_ctx, B, X ); + + /* Second block: Remaining 8 bytes of AAD, 8 bytes zero pad */ + memcpy ( B, aad + 14, 8 ); + memset ( B + 8, 0, 8 ); + + ccmp_feed_cbc_mac ( ctx->aes_ctx, B, X ); + + /* Message blocks */ + while ( datalen ) { + if ( datalen >= 16 ) { + memcpy ( B, data, 16 ); + datalen -= 16; + } else { + memcpy ( B, data, datalen ); + memset ( B + datalen, 0, 16 - datalen ); + datalen = 0; + } + + ccmp_feed_cbc_mac ( ctx->aes_ctx, B, X ); + + data += 16; + } + + /* Get MIC from final value of X */ + memcpy ( mic, X, 8 ); +} + + +/** + * Encapsulate and encrypt a packet using CCMP + * + * @v crypto CCMP cryptosystem + * @v iob I/O buffer containing cleartext packet + * @ret eiob I/O buffer containing encrypted packet + */ +struct io_buffer * ccmp_encrypt ( struct net80211_crypto *crypto, + struct io_buffer *iob ) +{ + struct ccmp_ctx *ctx = crypto->priv; + struct ieee80211_frame *hdr = iob->data; + struct io_buffer *eiob; + const int hdrlen = IEEE80211_TYP_FRAME_HEADER_LEN; + int datalen = iob_len ( iob ) - hdrlen; + struct ccmp_head head; + struct ccmp_nonce nonce; + struct ccmp_aad aad; + u8 mic[8], tx_pn[6]; + void *edata, *emic; + + ctx->tx_seq++; + u64_to_pn ( ctx->tx_seq, tx_pn, PN_LSB ); + + /* Allocate memory */ + eiob = alloc_iob ( iob_len ( iob ) + CCMP_HEAD_LEN + CCMP_MIC_LEN ); + if ( ! eiob ) + return NULL; + + /* Copy frame header */ + memcpy ( iob_put ( eiob, hdrlen ), iob->data, hdrlen ); + hdr = eiob->data; + hdr->fc |= IEEE80211_FC_PROTECTED; + + /* Fill in packet number and extended IV */ + memcpy ( head.pn_lo, tx_pn, 2 ); + memcpy ( head.pn_hi, tx_pn + 2, 4 ); + head.kid = 0x20; /* have Extended IV, key ID 0 */ + head._rsvd = 0; + memcpy ( iob_put ( eiob, sizeof ( head ) ), &head, sizeof ( head ) ); + + /* Form nonce */ + nonce.prio = 0; + memcpy ( nonce.a2, hdr->addr2, ETH_ALEN ); + u64_to_pn ( ctx->tx_seq, nonce.pn, PN_MSB ); + + /* Form additional authentication data */ + aad.fc = hdr->fc & CCMP_AAD_FC_MASK; + memcpy ( aad.a1, hdr->addr1, 3 * ETH_ALEN ); /* all 3 at once */ + aad.seq = hdr->seq & CCMP_AAD_SEQ_MASK; + + /* Calculate MIC over the data */ + ccmp_cbc_mac ( ctx, &nonce, iob->data + hdrlen, datalen, &aad, mic ); + + /* Copy and encrypt data and MIC */ + edata = iob_put ( eiob, datalen ); + emic = iob_put ( eiob, CCMP_MIC_LEN ); + ccmp_ctr_xor ( ctx, &nonce, + iob->data + hdrlen, edata, datalen, + mic, emic ); + + /* Done! */ + DBGC2 ( ctx, "WPA-CCMP %p: encrypted packet %p -> %p\n", ctx, + iob, eiob ); + + return eiob; +} + +/** + * Decrypt a packet using CCMP + * + * @v crypto CCMP cryptosystem + * @v eiob I/O buffer containing encrypted packet + * @ret iob I/O buffer containing cleartext packet + */ +static struct io_buffer * ccmp_decrypt ( struct net80211_crypto *crypto, + struct io_buffer *eiob ) +{ + struct ccmp_ctx *ctx = crypto->priv; + struct ieee80211_frame *hdr; + struct io_buffer *iob; + const int hdrlen = IEEE80211_TYP_FRAME_HEADER_LEN; + int datalen = iob_len ( eiob ) - hdrlen - CCMP_HEAD_LEN - CCMP_MIC_LEN; + struct ccmp_head *head; + struct ccmp_nonce nonce; + struct ccmp_aad aad; + u8 rx_pn[6], their_mic[8], our_mic[8]; + + iob = alloc_iob ( hdrlen + datalen ); + if ( ! iob ) + return NULL; + + /* Copy frame header */ + memcpy ( iob_put ( iob, hdrlen ), eiob->data, hdrlen ); + hdr = iob->data; + hdr->fc &= ~IEEE80211_FC_PROTECTED; + + /* Check and update RX packet number */ + head = eiob->data + hdrlen; + memcpy ( rx_pn, head->pn_lo, 2 ); + memcpy ( rx_pn + 2, head->pn_hi, 4 ); + + if ( pn_to_u64 ( rx_pn ) <= ctx->rx_seq ) { + DBGC ( ctx, "WPA-CCMP %p: packet received out of order " + "(%012llx <= %012llx)\n", ctx, pn_to_u64 ( rx_pn ), + ctx->rx_seq ); + free_iob ( iob ); + return NULL; + } + + ctx->rx_seq = pn_to_u64 ( rx_pn ); + DBGC2 ( ctx, "WPA-CCMP %p: RX packet number %012llx\n", ctx, ctx->rx_seq ); + + /* Form nonce */ + nonce.prio = 0; + memcpy ( nonce.a2, hdr->addr2, ETH_ALEN ); + u64_to_pn ( ctx->rx_seq, nonce.pn, PN_MSB ); + + /* Form additional authentication data */ + aad.fc = ( hdr->fc & CCMP_AAD_FC_MASK ) | IEEE80211_FC_PROTECTED; + memcpy ( aad.a1, hdr->addr1, 3 * ETH_ALEN ); /* all 3 at once */ + aad.seq = hdr->seq & CCMP_AAD_SEQ_MASK; + + /* Copy-decrypt data and MIC */ + ccmp_ctr_xor ( ctx, &nonce, eiob->data + hdrlen + sizeof ( *head ), + iob_put ( iob, datalen ), datalen, + eiob->tail - CCMP_MIC_LEN, their_mic ); + + /* Check MIC */ + ccmp_cbc_mac ( ctx, &nonce, iob->data + hdrlen, datalen, &aad, + our_mic ); + + if ( memcmp ( their_mic, our_mic, CCMP_MIC_LEN ) != 0 ) { + DBGC2 ( ctx, "WPA-CCMP %p: MIC failure\n", ctx ); + free_iob ( iob ); + return NULL; + } + + DBGC2 ( ctx, "WPA-CCMP %p: decrypted packet %p -> %p\n", ctx, + eiob, iob ); + + return iob; +} + + +/** CCMP cryptosystem */ +struct net80211_crypto ccmp_crypto __net80211_crypto = { + .algorithm = NET80211_CRYPT_CCMP, + .init = ccmp_init, + .encrypt = ccmp_encrypt, + .decrypt = ccmp_decrypt, + .priv_len = sizeof ( struct ccmp_ctx ), +}; + + + + +/** + * Calculate HMAC-SHA1 MIC for EAPOL-Key frame + * + * @v kck Key Confirmation Key, 16 bytes + * @v msg Message to calculate MIC over + * @v len Number of bytes to calculate MIC over + * @ret mic Calculated MIC, 16 bytes long + */ +static void ccmp_kie_mic ( const void *kck, const void *msg, size_t len, + void *mic ) +{ + u8 sha1_ctx[SHA1_CTX_SIZE]; + u8 kckb[16]; + u8 hash[SHA1_SIZE]; + size_t kck_len = 16; + + memcpy ( kckb, kck, kck_len ); + + hmac_init ( &sha1_algorithm, sha1_ctx, kckb, &kck_len ); + hmac_update ( &sha1_algorithm, sha1_ctx, msg, len ); + hmac_final ( &sha1_algorithm, sha1_ctx, kckb, &kck_len, hash ); + + memcpy ( mic, hash, 16 ); +} + +/** + * Decrypt key data in EAPOL-Key frame + * + * @v kek Key Encryption Key, 16 bytes + * @v iv Initialisation vector, 16 bytes (unused) + * @v msg Message to decrypt + * @v len Length of message + * @ret msg Decrypted message in place of original + * @ret len Adjusted downward for 8 bytes of overhead + * @ret rc Return status code + * + * The returned message may still contain padding of 0xDD followed by + * zero or more 0x00 octets. It is impossible to remove the padding + * without parsing the IEs in the packet (another design decision that + * tends to make one question the 802.11i committee's intelligence...) + */ +static int ccmp_kie_decrypt ( const void *kek, const void *iv __unused, + void *msg, u16 *len ) +{ + if ( *len % 8 != 0 ) + return -EINVAL; + + if ( aes_unwrap ( kek, msg, msg, *len / 8 - 1 ) != 0 ) + return -EINVAL; + + *len -= 8; + + return 0; +} + +/** CCMP-style key integrity and encryption handler */ +struct wpa_kie ccmp_kie __wpa_kie = { + .version = EAPOL_KEY_VERSION_WPA2, + .mic = ccmp_kie_mic, + .decrypt = ccmp_kie_decrypt, +}; diff --git a/qemu/roms/ipxe/src/net/80211/wpa_psk.c b/qemu/roms/ipxe/src/net/80211/wpa_psk.c new file mode 100644 index 000000000..71190b139 --- /dev/null +++ b/qemu/roms/ipxe/src/net/80211/wpa_psk.c @@ -0,0 +1,127 @@ +/* + * Copyright (c) 2009 Joshua Oreman <oremanj@rwcr.net>. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +FILE_LICENCE ( GPL2_OR_LATER ); + +#include <string.h> +#include <ipxe/net80211.h> +#include <ipxe/sha1.h> +#include <ipxe/wpa.h> +#include <errno.h> + +/** @file + * + * Frontend for WPA using a pre-shared key. + */ + +/** + * Initialise WPA-PSK state + * + * @v dev 802.11 device + * @ret rc Return status code + */ +static int wpa_psk_init ( struct net80211_device *dev ) +{ + return wpa_make_rsn_ie ( dev, &dev->rsn_ie ); +} + +/** + * Start WPA-PSK authentication + * + * @v dev 802.11 device + * @ret rc Return status code + */ +static int wpa_psk_start ( struct net80211_device *dev ) +{ + char passphrase[64+1]; + u8 pmk[WPA_PMK_LEN]; + int len; + struct wpa_common_ctx *ctx = dev->handshaker->priv; + + len = fetch_string_setting ( netdev_settings ( dev->netdev ), + &net80211_key_setting, passphrase, + 64 + 1 ); + + if ( len <= 0 ) { + DBGC ( ctx, "WPA-PSK %p: no passphrase provided!\n", ctx ); + net80211_deauthenticate ( dev, -EACCES ); + return -EACCES; + } + + pbkdf2_sha1 ( passphrase, len, dev->essid, strlen ( dev->essid ), + 4096, pmk, WPA_PMK_LEN ); + + DBGC ( ctx, "WPA-PSK %p: derived PMK from passphrase `%s':\n", ctx, + passphrase ); + DBGC_HD ( ctx, pmk, WPA_PMK_LEN ); + + return wpa_start ( dev, ctx, pmk, WPA_PMK_LEN ); +} + +/** + * Step WPA-PSK authentication + * + * @v dev 802.11 device + * @ret rc Return status code + */ +static int wpa_psk_step ( struct net80211_device *dev ) +{ + struct wpa_common_ctx *ctx = dev->handshaker->priv; + + switch ( ctx->state ) { + case WPA_SUCCESS: + return 1; + case WPA_FAILURE: + return -EACCES; + default: + return 0; + } +} + +/** + * Do-nothing function; you can't change a WPA key post-authentication + * + * @v dev 802.11 device + * @ret rc Return status code + */ +static int wpa_psk_no_change_key ( struct net80211_device *dev __unused ) +{ + return 0; +} + +/** + * Disable handling of received WPA authentication frames + * + * @v dev 802.11 device + */ +static void wpa_psk_stop ( struct net80211_device *dev ) +{ + wpa_stop ( dev ); +} + +/** WPA-PSK security handshaker */ +struct net80211_handshaker wpa_psk_handshaker __net80211_handshaker = { + .protocol = NET80211_SECPROT_PSK, + .init = wpa_psk_init, + .start = wpa_psk_start, + .step = wpa_psk_step, + .change_key = wpa_psk_no_change_key, + .stop = wpa_psk_stop, + .priv_len = sizeof ( struct wpa_common_ctx ), +}; diff --git a/qemu/roms/ipxe/src/net/80211/wpa_tkip.c b/qemu/roms/ipxe/src/net/80211/wpa_tkip.c new file mode 100644 index 000000000..fa3e0763b --- /dev/null +++ b/qemu/roms/ipxe/src/net/80211/wpa_tkip.c @@ -0,0 +1,588 @@ +/* + * Copyright (c) 2009 Joshua Oreman <oremanj@rwcr.net>. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +FILE_LICENCE ( GPL2_OR_LATER ); + +#include <string.h> +#include <ipxe/net80211.h> +#include <ipxe/crypto.h> +#include <ipxe/hmac.h> +#include <ipxe/sha1.h> +#include <ipxe/md5.h> +#include <ipxe/crc32.h> +#include <ipxe/arc4.h> +#include <ipxe/wpa.h> +#include <byteswap.h> +#include <errno.h> + +/** @file + * + * Backend for WPA using the TKIP encryption standard. + */ + +/** Context for one direction of TKIP, either encryption or decryption */ +struct tkip_dir_ctx +{ + /** High 32 bits of last sequence counter value used */ + u32 tsc_hi; + + /** Low 32 bits of last sequence counter value used */ + u16 tsc_lo; + + /** MAC address used to derive TTAK */ + u8 mac[ETH_ALEN]; + + /** If TRUE, TTAK is valid */ + u16 ttak_ok; + + /** TKIP-mixed transmit address and key, depends on tsc_hi and MAC */ + u16 ttak[5]; +}; + +/** Context for TKIP encryption and decryption */ +struct tkip_ctx +{ + /** Temporal key to use */ + struct tkip_tk tk; + + /** State for encryption */ + struct tkip_dir_ctx enc; + + /** State for decryption */ + struct tkip_dir_ctx dec; +}; + +/** Header structure at the beginning of TKIP frame data */ +struct tkip_head +{ + u8 tsc1; /**< High byte of low 16 bits of TSC */ + u8 seed1; /**< Second byte of WEP seed */ + u8 tsc0; /**< Low byte of TSC */ + u8 kid; /**< Key ID and ExtIV byte */ + u32 tsc_hi; /**< High 32 bits of TSC, as an ExtIV */ +} __attribute__ (( packed )); + + +/** TKIP header overhead (IV + KID + ExtIV) */ +#define TKIP_HEAD_LEN 8 + +/** TKIP trailer overhead (MIC + ICV) [assumes unfragmented] */ +#define TKIP_FOOT_LEN 12 + +/** TKIP MIC length */ +#define TKIP_MIC_LEN 8 + +/** TKIP ICV length */ +#define TKIP_ICV_LEN 4 + + +/** TKIP S-box */ +static const u16 Sbox[256] = { + 0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154, + 0x6050, 0x0203, 0xCEA9, 0x567D, 0xE719, 0xB562, 0x4DE6, 0xEC9A, + 0x8F45, 0x1F9D, 0x8940, 0xFA87, 0xEF15, 0xB2EB, 0x8EC9, 0xFB0B, + 0x41EC, 0xB367, 0x5FFD, 0x45EA, 0x23BF, 0x53F7, 0xE496, 0x9B5B, + 0x75C2, 0xE11C, 0x3DAE, 0x4C6A, 0x6C5A, 0x7E41, 0xF502, 0x834F, + 0x685C, 0x51F4, 0xD134, 0xF908, 0xE293, 0xAB73, 0x6253, 0x2A3F, + 0x080C, 0x9552, 0x4665, 0x9D5E, 0x3028, 0x37A1, 0x0A0F, 0x2FB5, + 0x0E09, 0x2436, 0x1B9B, 0xDF3D, 0xCD26, 0x4E69, 0x7FCD, 0xEA9F, + 0x121B, 0x1D9E, 0x5874, 0x342E, 0x362D, 0xDCB2, 0xB4EE, 0x5BFB, + 0xA4F6, 0x764D, 0xB761, 0x7DCE, 0x527B, 0xDD3E, 0x5E71, 0x1397, + 0xA6F5, 0xB968, 0x0000, 0xC12C, 0x4060, 0xE31F, 0x79C8, 0xB6ED, + 0xD4BE, 0x8D46, 0x67D9, 0x724B, 0x94DE, 0x98D4, 0xB0E8, 0x854A, + 0xBB6B, 0xC52A, 0x4FE5, 0xED16, 0x86C5, 0x9AD7, 0x6655, 0x1194, + 0x8ACF, 0xE910, 0x0406, 0xFE81, 0xA0F0, 0x7844, 0x25BA, 0x4BE3, + 0xA2F3, 0x5DFE, 0x80C0, 0x058A, 0x3FAD, 0x21BC, 0x7048, 0xF104, + 0x63DF, 0x77C1, 0xAF75, 0x4263, 0x2030, 0xE51A, 0xFD0E, 0xBF6D, + 0x814C, 0x1814, 0x2635, 0xC32F, 0xBEE1, 0x35A2, 0x88CC, 0x2E39, + 0x9357, 0x55F2, 0xFC82, 0x7A47, 0xC8AC, 0xBAE7, 0x322B, 0xE695, + 0xC0A0, 0x1998, 0x9ED1, 0xA37F, 0x4466, 0x547E, 0x3BAB, 0x0B83, + 0x8CCA, 0xC729, 0x6BD3, 0x283C, 0xA779, 0xBCE2, 0x161D, 0xAD76, + 0xDB3B, 0x6456, 0x744E, 0x141E, 0x92DB, 0x0C0A, 0x486C, 0xB8E4, + 0x9F5D, 0xBD6E, 0x43EF, 0xC4A6, 0x39A8, 0x31A4, 0xD337, 0xF28B, + 0xD532, 0x8B43, 0x6E59, 0xDAB7, 0x018C, 0xB164, 0x9CD2, 0x49E0, + 0xD8B4, 0xACFA, 0xF307, 0xCF25, 0xCAAF, 0xF48E, 0x47E9, 0x1018, + 0x6FD5, 0xF088, 0x4A6F, 0x5C72, 0x3824, 0x57F1, 0x73C7, 0x9751, + 0xCB23, 0xA17C, 0xE89C, 0x3E21, 0x96DD, 0x61DC, 0x0D86, 0x0F85, + 0xE090, 0x7C42, 0x71C4, 0xCCAA, 0x90D8, 0x0605, 0xF701, 0x1C12, + 0xC2A3, 0x6A5F, 0xAEF9, 0x69D0, 0x1791, 0x9958, 0x3A27, 0x27B9, + 0xD938, 0xEB13, 0x2BB3, 0x2233, 0xD2BB, 0xA970, 0x0789, 0x33A7, + 0x2DB6, 0x3C22, 0x1592, 0xC920, 0x8749, 0xAAFF, 0x5078, 0xA57A, + 0x038F, 0x59F8, 0x0980, 0x1A17, 0x65DA, 0xD731, 0x84C6, 0xD0B8, + 0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A, +}; + +/** + * Perform S-box mapping on a 16-bit value + * + * @v v Value to perform S-box mapping on + * @ret Sv S-box mapped value + */ +static inline u16 S ( u16 v ) +{ + return Sbox[v & 0xFF] ^ swap16 ( Sbox[v >> 8] ); +} + +/** + * Rotate 16-bit value right + * + * @v v Value to rotate + * @v bits Number of bits to rotate by + * @ret rotv Rotated value + */ +static inline u16 ror16 ( u16 v, int bits ) +{ + return ( v >> bits ) | ( v << ( 16 - bits ) ); +} + +/** + * Rotate 32-bit value right + * + * @v v Value to rotate + * @v bits Number of bits to rotate by + * @ret rotv Rotated value + */ +static inline u32 ror32 ( u32 v, int bits ) +{ + return ( v >> bits ) | ( v << ( 32 - bits ) ); +} + +/** + * Rotate 32-bit value left + * + * @v v Value to rotate + * @v bits Number of bits to rotate by + * @ret rotv Rotated value + */ +static inline u32 rol32 ( u32 v, int bits ) +{ + return ( v << bits ) | ( v >> ( 32 - bits ) ); +} + + +/** + * Initialise TKIP state and install key + * + * @v crypto TKIP cryptosystem structure + * @v key Pointer to tkip_tk to install + * @v keylen Length of key (32 bytes) + * @v rsc Initial receive sequence counter + */ +static int tkip_init ( struct net80211_crypto *crypto, const void *key, + int keylen, const void *rsc ) +{ + struct tkip_ctx *ctx = crypto->priv; + const u8 *rscb = rsc; + + if ( keylen != sizeof ( ctx->tk ) ) + return -EINVAL; + + if ( rscb ) { + ctx->dec.tsc_lo = ( rscb[1] << 8 ) | rscb[0]; + ctx->dec.tsc_hi = ( ( rscb[5] << 24 ) | ( rscb[4] << 16 ) | + ( rscb[3] << 8 ) | rscb[2] ); + } + + memcpy ( &ctx->tk, key, sizeof ( ctx->tk ) ); + + return 0; +} + +/** + * Perform TKIP key mixing, phase 1 + * + * @v dctx TKIP directional context + * @v tk TKIP temporal key + * @v mac MAC address of transmitter + * + * This recomputes the TTAK in @a dctx if necessary, and sets + * @c dctx->ttak_ok. + */ +static void tkip_mix_1 ( struct tkip_dir_ctx *dctx, struct tkip_tk *tk, u8 *mac ) +{ + int i, j; + + if ( dctx->ttak_ok && ! memcmp ( mac, dctx->mac, ETH_ALEN ) ) + return; + + memcpy ( dctx->mac, mac, ETH_ALEN ); + + dctx->ttak[0] = dctx->tsc_hi & 0xFFFF; + dctx->ttak[1] = dctx->tsc_hi >> 16; + dctx->ttak[2] = ( mac[1] << 8 ) | mac[0]; + dctx->ttak[3] = ( mac[3] << 8 ) | mac[2]; + dctx->ttak[4] = ( mac[5] << 8 ) | mac[4]; + + for ( i = 0; i < 8; i++ ) { + j = 2 * ( i & 1 ); + + dctx->ttak[0] += S ( dctx->ttak[4] ^ ( ( tk->key[1 + j] << 8 ) | + tk->key[0 + j] ) ); + dctx->ttak[1] += S ( dctx->ttak[0] ^ ( ( tk->key[5 + j] << 8 ) | + tk->key[4 + j] ) ); + dctx->ttak[2] += S ( dctx->ttak[1] ^ ( ( tk->key[9 + j] << 8 ) | + tk->key[8 + j] ) ); + dctx->ttak[3] += S ( dctx->ttak[2] ^ ( ( tk->key[13+ j] << 8 ) | + tk->key[12+ j] ) ); + dctx->ttak[4] += S ( dctx->ttak[3] ^ ( ( tk->key[1 + j] << 8 ) | + tk->key[0 + j] ) ) + i; + } + + dctx->ttak_ok = 1; +} + +/** + * Perform TKIP key mixing, phase 2 + * + * @v dctx TKIP directional context + * @v tk TKIP temporal key + * @ret key ARC4 key, 16 bytes long + */ +static void tkip_mix_2 ( struct tkip_dir_ctx *dctx, struct tkip_tk *tk, + void *key ) +{ + u8 *kb = key; + u16 ppk[6]; + int i; + + memcpy ( ppk, dctx->ttak, sizeof ( dctx->ttak ) ); + ppk[5] = dctx->ttak[4] + dctx->tsc_lo; + + ppk[0] += S ( ppk[5] ^ ( ( tk->key[1] << 8 ) | tk->key[0] ) ); + ppk[1] += S ( ppk[0] ^ ( ( tk->key[3] << 8 ) | tk->key[2] ) ); + ppk[2] += S ( ppk[1] ^ ( ( tk->key[5] << 8 ) | tk->key[4] ) ); + ppk[3] += S ( ppk[2] ^ ( ( tk->key[7] << 8 ) | tk->key[6] ) ); + ppk[4] += S ( ppk[3] ^ ( ( tk->key[9] << 8 ) | tk->key[8] ) ); + ppk[5] += S ( ppk[4] ^ ( ( tk->key[11] << 8 ) | tk->key[10] ) ); + + ppk[0] += ror16 ( ppk[5] ^ ( ( tk->key[13] << 8 ) | tk->key[12] ), 1 ); + ppk[1] += ror16 ( ppk[0] ^ ( ( tk->key[15] << 8 ) | tk->key[14] ), 1 ); + ppk[2] += ror16 ( ppk[1], 1 ); + ppk[3] += ror16 ( ppk[2], 1 ); + ppk[4] += ror16 ( ppk[3], 1 ); + ppk[5] += ror16 ( ppk[4], 1 ); + + kb[0] = dctx->tsc_lo >> 8; + kb[1] = ( ( dctx->tsc_lo >> 8 ) | 0x20 ) & 0x7F; + kb[2] = dctx->tsc_lo & 0xFF; + kb[3] = ( ( ppk[5] ^ ( ( tk->key[1] << 8 ) | tk->key[0] ) ) >> 1 ) + & 0xFF; + + for ( i = 0; i < 6; i++ ) { + kb[4 + 2*i] = ppk[i] & 0xFF; + kb[5 + 2*i] = ppk[i] >> 8; + } +} + +/** + * Update Michael message integrity code based on next 32-bit word of data + * + * @v V Michael code state (two 32-bit words) + * @v word Next 32-bit word of data + */ +static void tkip_feed_michael ( u32 *V, u32 word ) +{ + V[0] ^= word; + V[1] ^= rol32 ( V[0], 17 ); + V[0] += V[1]; + V[1] ^= ( ( V[0] & 0xFF00FF00 ) >> 8 ) | ( ( V[0] & 0x00FF00FF ) << 8 ); + V[0] += V[1]; + V[1] ^= rol32 ( V[0], 3 ); + V[0] += V[1]; + V[1] ^= ror32 ( V[0], 2 ); + V[0] += V[1]; +} + +/** + * Calculate Michael message integrity code + * + * @v key MIC key to use (8 bytes) + * @v da Destination link-layer address + * @v sa Source link-layer address + * @v data Start of data to calculate over + * @v len Length of header + data + * @ret mic Calculated Michael MIC (8 bytes) + */ +static void tkip_michael ( const void *key, const void *da, const void *sa, + const void *data, size_t len, void *mic ) +{ + u32 V[2]; /* V[0] = "l", V[1] = "r" in 802.11 */ + union { + u8 byte[12]; + u32 word[3]; + } cap; + const u8 *ptr = data; + const u8 *end = ptr + len; + int i; + + memcpy ( V, key, sizeof ( V ) ); + V[0] = le32_to_cpu ( V[0] ); + V[1] = le32_to_cpu ( V[1] ); + + /* Feed in header (we assume non-QoS, so Priority = 0) */ + memcpy ( &cap.byte[0], da, ETH_ALEN ); + memcpy ( &cap.byte[6], sa, ETH_ALEN ); + tkip_feed_michael ( V, le32_to_cpu ( cap.word[0] ) ); + tkip_feed_michael ( V, le32_to_cpu ( cap.word[1] ) ); + tkip_feed_michael ( V, le32_to_cpu ( cap.word[2] ) ); + tkip_feed_michael ( V, 0 ); + + /* Feed in data */ + while ( ptr + 4 <= end ) { + tkip_feed_michael ( V, le32_to_cpu ( *( u32 * ) ptr ) ); + ptr += 4; + } + + /* Add unaligned part and padding */ + for ( i = 0; ptr < end; i++ ) + cap.byte[i] = *ptr++; + cap.byte[i++] = 0x5a; + for ( ; i < 8; i++ ) + cap.byte[i] = 0; + + /* Feed in padding */ + tkip_feed_michael ( V, le32_to_cpu ( cap.word[0] ) ); + tkip_feed_michael ( V, le32_to_cpu ( cap.word[1] ) ); + + /* Output MIC */ + V[0] = cpu_to_le32 ( V[0] ); + V[1] = cpu_to_le32 ( V[1] ); + memcpy ( mic, V, sizeof ( V ) ); +} + +/** + * Encrypt a packet using TKIP + * + * @v crypto TKIP cryptosystem + * @v iob I/O buffer containing cleartext packet + * @ret eiob I/O buffer containing encrypted packet + */ +static struct io_buffer * tkip_encrypt ( struct net80211_crypto *crypto, + struct io_buffer *iob ) +{ + struct tkip_ctx *ctx = crypto->priv; + struct ieee80211_frame *hdr = iob->data; + struct io_buffer *eiob; + struct arc4_ctx arc4; + u8 key[16]; + struct tkip_head head; + u8 mic[8]; + u32 icv; + const int hdrlen = IEEE80211_TYP_FRAME_HEADER_LEN; + int datalen = iob_len ( iob ) - hdrlen; + + ctx->enc.tsc_lo++; + if ( ctx->enc.tsc_lo == 0 ) { + ctx->enc.tsc_hi++; + ctx->enc.ttak_ok = 0; + } + + tkip_mix_1 ( &ctx->enc, &ctx->tk, hdr->addr2 ); + tkip_mix_2 ( &ctx->enc, &ctx->tk, key ); + + eiob = alloc_iob ( iob_len ( iob ) + TKIP_HEAD_LEN + TKIP_FOOT_LEN ); + if ( ! eiob ) + return NULL; + + /* Copy frame header */ + memcpy ( iob_put ( eiob, hdrlen ), iob->data, hdrlen ); + hdr = eiob->data; + hdr->fc |= IEEE80211_FC_PROTECTED; + + /* Fill in IV and key ID byte, and extended IV */ + memcpy ( &head, key, 3 ); + head.kid = 0x20; /* have Extended IV, key ID 0 */ + head.tsc_hi = cpu_to_le32 ( ctx->enc.tsc_hi ); + memcpy ( iob_put ( eiob, sizeof ( head ) ), &head, sizeof ( head ) ); + + /* Copy and encrypt the data */ + cipher_setkey ( &arc4_algorithm, &arc4, key, 16 ); + cipher_encrypt ( &arc4_algorithm, &arc4, iob->data + hdrlen, + iob_put ( eiob, datalen ), datalen ); + + /* Add MIC */ + hdr = iob->data; + tkip_michael ( &ctx->tk.mic.tx, hdr->addr3, hdr->addr2, + iob->data + hdrlen, datalen, mic ); + cipher_encrypt ( &arc4_algorithm, &arc4, mic, + iob_put ( eiob, sizeof ( mic ) ), sizeof ( mic ) ); + + /* Add ICV */ + icv = crc32_le ( ~0, iob->data + hdrlen, datalen ); + icv = crc32_le ( icv, mic, sizeof ( mic ) ); + icv = cpu_to_le32 ( ~icv ); + cipher_encrypt ( &arc4_algorithm, &arc4, &icv, + iob_put ( eiob, TKIP_ICV_LEN ), TKIP_ICV_LEN ); + + DBGC2 ( ctx, "WPA-TKIP %p: encrypted packet %p -> %p\n", ctx, + iob, eiob ); + + return eiob; +} + +/** + * Decrypt a packet using TKIP + * + * @v crypto TKIP cryptosystem + * @v eiob I/O buffer containing encrypted packet + * @ret iob I/O buffer containing cleartext packet + */ +static struct io_buffer * tkip_decrypt ( struct net80211_crypto *crypto, + struct io_buffer *eiob ) +{ + struct tkip_ctx *ctx = crypto->priv; + struct ieee80211_frame *hdr; + struct io_buffer *iob; + const int hdrlen = IEEE80211_TYP_FRAME_HEADER_LEN; + int datalen = iob_len ( eiob ) - hdrlen - TKIP_HEAD_LEN - TKIP_FOOT_LEN; + struct tkip_head *head; + struct arc4_ctx arc4; + u16 rx_tsc_lo; + u8 key[16]; + u8 mic[8]; + u32 icv, crc; + + iob = alloc_iob ( hdrlen + datalen + TKIP_FOOT_LEN ); + if ( ! iob ) + return NULL; + + /* Copy frame header */ + memcpy ( iob_put ( iob, hdrlen ), eiob->data, hdrlen ); + hdr = iob->data; + hdr->fc &= ~IEEE80211_FC_PROTECTED; + + /* Check and update TSC */ + head = eiob->data + hdrlen; + rx_tsc_lo = ( head->tsc1 << 8 ) | head->tsc0; + + if ( head->tsc_hi < ctx->dec.tsc_hi || + ( head->tsc_hi == ctx->dec.tsc_hi && + rx_tsc_lo <= ctx->dec.tsc_lo ) ) { + DBGC ( ctx, "WPA-TKIP %p: packet received out of order " + "(%08x:%04x <= %08x:%04x)\n", ctx, head->tsc_hi, + rx_tsc_lo, ctx->dec.tsc_hi, ctx->dec.tsc_lo ); + free_iob ( iob ); + return NULL; + } + ctx->dec.tsc_lo = rx_tsc_lo; + if ( ctx->dec.tsc_hi != head->tsc_hi ) { + ctx->dec.ttak_ok = 0; + ctx->dec.tsc_hi = head->tsc_hi; + } + + /* Calculate key */ + tkip_mix_1 ( &ctx->dec, &ctx->tk, hdr->addr2 ); + tkip_mix_2 ( &ctx->dec, &ctx->tk, key ); + + /* Copy-decrypt data, MIC, ICV */ + cipher_setkey ( &arc4_algorithm, &arc4, key, 16 ); + cipher_decrypt ( &arc4_algorithm, &arc4, + eiob->data + hdrlen + TKIP_HEAD_LEN, + iob_put ( iob, datalen ), datalen + TKIP_FOOT_LEN ); + + /* Check ICV */ + icv = le32_to_cpu ( *( u32 * ) ( iob->tail + TKIP_MIC_LEN ) ); + crc = ~crc32_le ( ~0, iob->data + hdrlen, datalen + TKIP_MIC_LEN ); + if ( crc != icv ) { + DBGC ( ctx, "WPA-TKIP %p CRC mismatch: expect %08x, get %08x\n", + ctx, icv, crc ); + free_iob ( iob ); + return NULL; + } + + /* Check MIC */ + tkip_michael ( &ctx->tk.mic.rx, hdr->addr1, hdr->addr3, + iob->data + hdrlen, datalen, mic ); + if ( memcmp ( mic, iob->tail, TKIP_MIC_LEN ) != 0 ) { + DBGC ( ctx, "WPA-TKIP %p ALERT! MIC failure\n", ctx ); + /* XXX we should do the countermeasures here */ + free_iob ( iob ); + return NULL; + } + + DBGC2 ( ctx, "WPA-TKIP %p: decrypted packet %p -> %p\n", ctx, + eiob, iob ); + + return iob; +} + +/** TKIP cryptosystem */ +struct net80211_crypto tkip_crypto __net80211_crypto = { + .algorithm = NET80211_CRYPT_TKIP, + .init = tkip_init, + .encrypt = tkip_encrypt, + .decrypt = tkip_decrypt, + .priv_len = sizeof ( struct tkip_ctx ), +}; + + + + +/** + * Calculate HMAC-MD5 MIC for EAPOL-Key frame + * + * @v kck Key Confirmation Key, 16 bytes + * @v msg Message to calculate MIC over + * @v len Number of bytes to calculate MIC over + * @ret mic Calculated MIC, 16 bytes long + */ +static void tkip_kie_mic ( const void *kck, const void *msg, size_t len, + void *mic ) +{ + uint8_t ctx[MD5_CTX_SIZE]; + u8 kckb[16]; + size_t kck_len = 16; + + memcpy ( kckb, kck, kck_len ); + + hmac_init ( &md5_algorithm, ctx, kckb, &kck_len ); + hmac_update ( &md5_algorithm, ctx, msg, len ); + hmac_final ( &md5_algorithm, ctx, kckb, &kck_len, mic ); +} + +/** + * Decrypt key data in EAPOL-Key frame + * + * @v kek Key Encryption Key, 16 bytes + * @v iv Initialisation vector, 16 bytes + * @v msg Message to decrypt + * @v len Length of message + * @ret msg Decrypted message in place of original + * @ret len Unchanged + * @ret rc Always 0 for success + */ +static int tkip_kie_decrypt ( const void *kek, const void *iv, + void *msg, u16 *len ) +{ + u8 key[32]; + memcpy ( key, iv, 16 ); + memcpy ( key + 16, kek, 16 ); + + arc4_skip ( key, 32, 256, msg, msg, *len ); + + return 0; +} + + +/** TKIP-style key integrity and encryption handler */ +struct wpa_kie tkip_kie __wpa_kie = { + .version = EAPOL_KEY_VERSION_WPA, + .mic = tkip_kie_mic, + .decrypt = tkip_kie_decrypt, +}; |