1 | /* |
2 | * Copyright (c) 2002-2008 Sam Leffler, Errno Consulting |
3 | * Copyright (c) 2002-2008 Atheros Communications, Inc. |
4 | * |
5 | * Permission to use, copy, modify, and/or distribute this software for any |
6 | * purpose with or without fee is hereby granted, provided that the above |
7 | * copyright notice and this permission notice appear in all copies. |
8 | * |
9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 | * |
17 | * $Id: ar5212_keycache.c,v 1.1.1.1 2008/12/11 04:46:40 alc Exp $ |
18 | */ |
19 | #include "opt_ah.h" |
20 | |
21 | #include "ah.h" |
22 | #include "ah_internal.h" |
23 | |
24 | #include "ar5212/ar5212.h" |
25 | #include "ar5212/ar5212reg.h" |
26 | #include "ar5212/ar5212desc.h" |
27 | |
28 | /* |
29 | * Note: The key cache hardware requires that each double-word |
30 | * pair be written in even/odd order (since the destination is |
31 | * a 64-bit register). Don't reorder the writes in this code |
32 | * w/o considering this! |
33 | */ |
34 | #define KEY_XOR 0xaa |
35 | |
36 | #define IS_MIC_ENABLED(ah) \ |
37 | (AH5212(ah)->ah_staId1Defaults & AR_STA_ID1_CRPT_MIC_ENABLE) |
38 | |
39 | /* |
40 | * Return the size of the hardware key cache. |
41 | */ |
42 | uint32_t |
43 | ar5212GetKeyCacheSize(struct ath_hal *ah) |
44 | { |
45 | return AH_PRIVATE(ah)->ah_caps.halKeyCacheSize; |
46 | } |
47 | |
48 | /* |
49 | * Return true if the specific key cache entry is valid. |
50 | */ |
51 | HAL_BOOL |
52 | ar5212IsKeyCacheEntryValid(struct ath_hal *ah, uint16_t entry) |
53 | { |
54 | if (entry < AH_PRIVATE(ah)->ah_caps.halKeyCacheSize) { |
55 | uint32_t val = OS_REG_READ(ah, AR_KEYTABLE_MAC1(entry)); |
56 | if (val & AR_KEYTABLE_VALID) |
57 | return AH_TRUE; |
58 | } |
59 | return AH_FALSE; |
60 | } |
61 | |
62 | /* |
63 | * Clear the specified key cache entry and any associated MIC entry. |
64 | */ |
65 | HAL_BOOL |
66 | ar5212ResetKeyCacheEntry(struct ath_hal *ah, uint16_t entry) |
67 | { |
68 | uint32_t keyType; |
69 | |
70 | if (entry >= AH_PRIVATE(ah)->ah_caps.halKeyCacheSize) { |
71 | HALDEBUG(ah, HAL_DEBUG_ANY, "%s: entry %u out of range\n" , |
72 | __func__, entry); |
73 | return AH_FALSE; |
74 | } |
75 | keyType = OS_REG_READ(ah, AR_KEYTABLE_TYPE(entry)); |
76 | |
77 | /* XXX why not clear key type/valid bit first? */ |
78 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(entry), 0); |
79 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(entry), 0); |
80 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY2(entry), 0); |
81 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY3(entry), 0); |
82 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY4(entry), 0); |
83 | OS_REG_WRITE(ah, AR_KEYTABLE_TYPE(entry), AR_KEYTABLE_TYPE_CLR); |
84 | OS_REG_WRITE(ah, AR_KEYTABLE_MAC0(entry), 0); |
85 | OS_REG_WRITE(ah, AR_KEYTABLE_MAC1(entry), 0); |
86 | if (keyType == AR_KEYTABLE_TYPE_TKIP && IS_MIC_ENABLED(ah)) { |
87 | uint16_t micentry = entry+64; /* MIC goes at slot+64 */ |
88 | |
89 | HALASSERT(micentry < AH_PRIVATE(ah)->ah_caps.halKeyCacheSize); |
90 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(micentry), 0); |
91 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(micentry), 0); |
92 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY2(micentry), 0); |
93 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY3(micentry), 0); |
94 | /* NB: key type and MAC are known to be ok */ |
95 | } |
96 | return AH_TRUE; |
97 | } |
98 | |
99 | /* |
100 | * Sets the mac part of the specified key cache entry (and any |
101 | * associated MIC entry) and mark them valid. |
102 | */ |
103 | HAL_BOOL |
104 | ar5212SetKeyCacheEntryMac(struct ath_hal *ah, uint16_t entry, const uint8_t *mac) |
105 | { |
106 | uint32_t macHi, macLo; |
107 | |
108 | if (entry >= AH_PRIVATE(ah)->ah_caps.halKeyCacheSize) { |
109 | HALDEBUG(ah, HAL_DEBUG_ANY, "%s: entry %u out of range\n" , |
110 | __func__, entry); |
111 | return AH_FALSE; |
112 | } |
113 | /* |
114 | * Set MAC address -- shifted right by 1. MacLo is |
115 | * the 4 MSBs, and MacHi is the 2 LSBs. |
116 | */ |
117 | if (mac != AH_NULL) { |
118 | macHi = (mac[5] << 8) | mac[4]; |
119 | macLo = (mac[3] << 24)| (mac[2] << 16) |
120 | | (mac[1] << 8) | mac[0]; |
121 | macLo >>= 1; |
122 | macLo |= (macHi & 1) << 31; /* carry */ |
123 | macHi >>= 1; |
124 | } else { |
125 | macLo = macHi = 0; |
126 | } |
127 | OS_REG_WRITE(ah, AR_KEYTABLE_MAC0(entry), macLo); |
128 | OS_REG_WRITE(ah, AR_KEYTABLE_MAC1(entry), macHi | AR_KEYTABLE_VALID); |
129 | return AH_TRUE; |
130 | } |
131 | |
132 | /* |
133 | * Sets the contents of the specified key cache entry |
134 | * and any associated MIC entry. |
135 | */ |
136 | HAL_BOOL |
137 | ar5212SetKeyCacheEntry(struct ath_hal *ah, uint16_t entry, |
138 | const HAL_KEYVAL *k, const uint8_t *mac, |
139 | int xorKey) |
140 | { |
141 | struct ath_hal_5212 *ahp = AH5212(ah); |
142 | const HAL_CAPABILITIES *pCap = &AH_PRIVATE(ah)->ah_caps; |
143 | uint32_t key0, key1, key2, key3, key4; |
144 | uint32_t keyType; |
145 | uint32_t xorMask = xorKey ? |
146 | (KEY_XOR << 24 | KEY_XOR << 16 | KEY_XOR << 8 | KEY_XOR) : 0; |
147 | |
148 | if (entry >= pCap->halKeyCacheSize) { |
149 | HALDEBUG(ah, HAL_DEBUG_ANY, "%s: entry %u out of range\n" , |
150 | __func__, entry); |
151 | return AH_FALSE; |
152 | } |
153 | switch (k->kv_type) { |
154 | case HAL_CIPHER_AES_OCB: |
155 | keyType = AR_KEYTABLE_TYPE_AES; |
156 | break; |
157 | case HAL_CIPHER_AES_CCM: |
158 | if (!pCap->halCipherAesCcmSupport) { |
159 | HALDEBUG(ah, HAL_DEBUG_ANY, |
160 | "%s: AES-CCM not supported by mac rev 0x%x\n" , |
161 | __func__, AH_PRIVATE(ah)->ah_macRev); |
162 | return AH_FALSE; |
163 | } |
164 | keyType = AR_KEYTABLE_TYPE_CCM; |
165 | break; |
166 | case HAL_CIPHER_TKIP: |
167 | keyType = AR_KEYTABLE_TYPE_TKIP; |
168 | if (IS_MIC_ENABLED(ah) && entry+64 >= pCap->halKeyCacheSize) { |
169 | HALDEBUG(ah, HAL_DEBUG_ANY, |
170 | "%s: entry %u inappropriate for TKIP\n" , |
171 | __func__, entry); |
172 | return AH_FALSE; |
173 | } |
174 | break; |
175 | case HAL_CIPHER_WEP: |
176 | if (k->kv_len < 40 / NBBY) { |
177 | HALDEBUG(ah, HAL_DEBUG_ANY, |
178 | "%s: WEP key length %u too small\n" , |
179 | __func__, k->kv_len); |
180 | return AH_FALSE; |
181 | } |
182 | if (k->kv_len <= 40 / NBBY) |
183 | keyType = AR_KEYTABLE_TYPE_40; |
184 | else if (k->kv_len <= 104 / NBBY) |
185 | keyType = AR_KEYTABLE_TYPE_104; |
186 | else |
187 | keyType = AR_KEYTABLE_TYPE_128; |
188 | break; |
189 | case HAL_CIPHER_CLR: |
190 | keyType = AR_KEYTABLE_TYPE_CLR; |
191 | break; |
192 | default: |
193 | HALDEBUG(ah, HAL_DEBUG_ANY, "%s: cipher %u not supported\n" , |
194 | __func__, k->kv_type); |
195 | return AH_FALSE; |
196 | } |
197 | |
198 | key0 = LE_READ_4(k->kv_val+0) ^ xorMask; |
199 | key1 = (LE_READ_2(k->kv_val+4) ^ xorMask) & 0xffff; |
200 | key2 = LE_READ_4(k->kv_val+6) ^ xorMask; |
201 | key3 = (LE_READ_2(k->kv_val+10) ^ xorMask) & 0xffff; |
202 | key4 = LE_READ_4(k->kv_val+12) ^ xorMask; |
203 | if (k->kv_len <= 104 / NBBY) |
204 | key4 &= 0xff; |
205 | |
206 | /* |
207 | * Note: key cache hardware requires that each double-word |
208 | * pair be written in even/odd order (since the destination is |
209 | * a 64-bit register). Don't reorder these writes w/o |
210 | * considering this! |
211 | */ |
212 | if (keyType == AR_KEYTABLE_TYPE_TKIP && IS_MIC_ENABLED(ah)) { |
213 | uint16_t micentry = entry+64; /* MIC goes at slot+64 */ |
214 | uint32_t mic0, mic1, mic2, mic3, mic4; |
215 | |
216 | /* |
217 | * Invalidate the encrypt/decrypt key until the MIC |
218 | * key is installed so pending rx frames will fail |
219 | * with decrypt errors rather than a MIC error. |
220 | */ |
221 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(entry), ~key0); |
222 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(entry), ~key1); |
223 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY2(entry), key2); |
224 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY3(entry), key3); |
225 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY4(entry), key4); |
226 | OS_REG_WRITE(ah, AR_KEYTABLE_TYPE(entry), keyType); |
227 | (void) ar5212SetKeyCacheEntryMac(ah, entry, mac); |
228 | |
229 | |
230 | /* |
231 | * Write MIC entry according to new or old key layout. |
232 | * The MISC_MODE register is assumed already set so |
233 | * these writes will be handled properly (happens on |
234 | * attach and at every reset). |
235 | */ |
236 | /* RX mic */ |
237 | mic0 = LE_READ_4(k->kv_mic+0); |
238 | mic2 = LE_READ_4(k->kv_mic+4); |
239 | if (ahp->ah_miscMode & AR_MISC_MODE_MIC_NEW_LOC_ENABLE) { |
240 | /* |
241 | * Both RX and TX mic values can be combined into |
242 | * one cache slot entry: |
243 | * 8*N + 800 31:0 RX Michael key 0 |
244 | * 8*N + 804 15:0 TX Michael key 0 [31:16] |
245 | * 8*N + 808 31:0 RX Michael key 1 |
246 | * 8*N + 80C 15:0 TX Michael key 0 [15:0] |
247 | * 8*N + 810 31:0 TX Michael key 1 |
248 | * 8*N + 814 15:0 reserved |
249 | * 8*N + 818 31:0 reserved |
250 | * 8*N + 81C 14:0 reserved |
251 | * 15 key valid == 0 |
252 | */ |
253 | /* TX mic */ |
254 | mic1 = LE_READ_2(k->kv_txmic+2) & 0xffff; |
255 | mic3 = LE_READ_2(k->kv_txmic+0) & 0xffff; |
256 | mic4 = LE_READ_4(k->kv_txmic+4); |
257 | } else { |
258 | mic1 = mic3 = mic4 = 0; |
259 | } |
260 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(micentry), mic0); |
261 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(micentry), mic1); |
262 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY2(micentry), mic2); |
263 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY3(micentry), mic3); |
264 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY4(micentry), mic4); |
265 | OS_REG_WRITE(ah, AR_KEYTABLE_TYPE(micentry), |
266 | AR_KEYTABLE_TYPE_CLR); |
267 | /* NB: MIC key is not marked valid and has no MAC address */ |
268 | OS_REG_WRITE(ah, AR_KEYTABLE_MAC0(micentry), 0); |
269 | OS_REG_WRITE(ah, AR_KEYTABLE_MAC1(micentry), 0); |
270 | |
271 | /* correct intentionally corrupted key */ |
272 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(entry), key0); |
273 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(entry), key1); |
274 | } else { |
275 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY0(entry), key0); |
276 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY1(entry), key1); |
277 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY2(entry), key2); |
278 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY3(entry), key3); |
279 | OS_REG_WRITE(ah, AR_KEYTABLE_KEY4(entry), key4); |
280 | OS_REG_WRITE(ah, AR_KEYTABLE_TYPE(entry), keyType); |
281 | |
282 | (void) ar5212SetKeyCacheEntryMac(ah, entry, mac); |
283 | } |
284 | return AH_TRUE; |
285 | } |
286 | |