From nobody Tue Jun 9 04:26:51 2026 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZG8C3Pyxz6hL13 for ; Tue, 09 Jun 2026 04:26:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZG8C2jhDz3r1T for ; Tue, 09 Jun 2026 04:26:51 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780979211; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=x6GN3peRpCP/LnAstqdg5jJYWTg3VEoC2V8ylfcRdok=; b=kDi1kpaZU12MzTwE8N9bVuUAF7+MwIkA/7W9fPRxpiXFrj0ryM+EtxJWHNtxI8cP7mHWna B/n1c5XSV/LHxWgt4zWIG52t9fvQ0uNFSoDb93Rcc2xOTdFL2/FzFcfJi9mX+QRc3OOeaY C8LVOlyM3fbqQe8l6mDj3/4HBN7xedRIw17mexRXEMOXNlnDknvVnPRMQDuj53/KE4uelS TgyPTqE0HZ8xQdtP2R7DU76iWyNbWTX8yaPQefNyN1b3YoPT+6USdx3Xmm2qCFRuCdY16B NjongJjBlTDzRIT440pRd1eOCoucmUi2GCtOYubrByisbNnW1KWKiNBa0u+8zQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780979211; a=rsa-sha256; cv=none; b=MmQAKk2wr2e1wFbYwcufSIeMWMxjFgwpcyvcszkHT/4P1tytcTmgGAsgIesV+xTUOtcTQ4 yPbtviMx4oRWbDLmB2+F6YNNiORtcoDX6zbK21qQDLnXO5gYcEtVG+ww6MRznzkB2AmDuA jKDGw4wntCTYOJFedno2tffJpdUy1VBiAxEGYIOVv4KL7b7eAiAJr+mV7HKO2e/fpmXxAc nts5Ap6zEBNG9mDlAHIP1+Rggn0R7ve0OcyqWTnfoFpkTthbzL/yH2/+jFm9mNhq8iG6oD f32VFjTRZ+EjEpSlxqo3Wrqyp/Wn0ZSANRQHCw1/womcFHOePwR3of9AUb3STg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780979211; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=x6GN3peRpCP/LnAstqdg5jJYWTg3VEoC2V8ylfcRdok=; b=s5xEGZSuDGB8HExDKuZyujDj7YwLd0npZN/H71Yd81ot5Z9tnZH68cNlUcH2ZofELyPyGn txz6IhgU5n2OMqBvkH7Orve2PP254juv4zjeuyHf0oX7bIdc3U2Hrpac8IEmhZaElRc3cO UBA5O2lfhN1rd5Zpud2k1NsSb6IxlffWs3Nd9C9jmSnz7uIbCxtqotUZ6MRGMGPuzHjKqF IMKGfptL46tAvtI3uWKik98XkYOd1FEnvVthsq+mMhY+1ESkpZ8ZhYjYlGocLcW7o5Rh4U CJzog/N6T5qd2uPJ9qCQisGv0mm/zjL+nysIKKHXWnQgRnvNMaurRsjnvXsjUg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZG8C2J8Vz3fP for ; Tue, 09 Jun 2026 04:26:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 272c1 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 04:26:51 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Adrian Chadd Subject: git: a653fd5560cf - main - net80211: create IEEE80211_KEYBUF_128_SIZE / IEEE80211_MICBUF_128_SIZE List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: adrian X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: a653fd5560cfdd68f634cca7352c56f2cf7e1473 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 04:26:51 +0000 Message-Id: <6a27960b.272c1.2fafbe61@gitrepo.freebsd.org> The branch main has been updated by adrian: URL: https://cgit.FreeBSD.org/src/commit/?id=a653fd5560cfdd68f634cca7352c56f2cf7e1473 commit a653fd5560cfdd68f634cca7352c56f2cf7e1473 Author: Adrian Chadd AuthorDate: 2026-06-09 04:26:07 +0000 Commit: Adrian Chadd CommitDate: 2026-06-09 04:26:07 +0000 net80211: create IEEE80211_KEYBUF_128_SIZE / IEEE80211_MICBUF_128_SIZE The IEEE80211_KEYBUF_SIZE and IEEE80211_MICBUF_SIZE are sprinkled throughout the net80211 stack, ioctl API and drivers. This makes it challenging to (eventually) up IEEE80211_KEYBUF_SIZE to support 256 / 384 bit encryption as, well, it'll break every single driver and the ioctl API in doing so. So as part of this, let's start to separate out the current key/mic buffer size from what drivers and the ioctl layer are using. Drivers especially shouldn't be using these definitions as their key sizes are hardware / firmware API limits, not net80211 limits. Ideally drivers would define their own key buffer / mic buffer sizes and only copy in keys up to that length (and fail keys that are too large) but the current net80211 API isn't there yet. This doesn't yet change what defines / buffer sizes are used in the ioctl layer. I'm going to plan out some subsequent work to separate out those defines and ioctl APIs so they maintain using the 128 bit key/mic buffer sizes and will copy them in/out of any larger net80211 key buffer size in the future. Differential Revision: https://reviews.freebsd.org/D54593 --- sys/dev/ipw/if_ipwreg.h | 2 +- sys/dev/iwi/if_iwireg.h | 4 ++-- sys/dev/malo/if_malo.h | 6 +++--- sys/dev/mwl/if_mwl.c | 4 ++-- sys/dev/ral/rt2560reg.h | 4 ++-- sys/dev/usb/wlan/if_rsureg.h | 4 ++-- sys/dev/usb/wlan/if_rum.c | 4 ++-- sys/dev/usb/wlan/if_rumreg.h | 2 +- sys/dev/wpi/if_wpireg.h | 4 ++-- sys/net80211/ieee80211_crypto.h | 20 ++++++++++++++++++-- sys/net80211/ieee80211_crypto_wep.c | 4 ++-- 11 files changed, 37 insertions(+), 21 deletions(-) diff --git a/sys/dev/ipw/if_ipwreg.h b/sys/dev/ipw/if_ipwreg.h index 05f5939ac597..acb310f22138 100644 --- a/sys/dev/ipw/if_ipwreg.h +++ b/sys/dev/ipw/if_ipwreg.h @@ -168,7 +168,7 @@ struct ipw_hdr { uint8_t encrypt; uint8_t keyidx; uint8_t keysz; - uint8_t key[IEEE80211_KEYBUF_SIZE]; + uint8_t key[IEEE80211_KEYBUF_128_SIZE]; /* XXX should be HW specific */ uint8_t reserved[10]; uint8_t src_addr[IEEE80211_ADDR_LEN]; uint8_t dst_addr[IEEE80211_ADDR_LEN]; diff --git a/sys/dev/iwi/if_iwireg.h b/sys/dev/iwi/if_iwireg.h index dd6bb91bfecd..b34867677d12 100644 --- a/sys/dev/iwi/if_iwireg.h +++ b/sys/dev/iwi/if_iwireg.h @@ -341,7 +341,7 @@ struct iwi_tx_desc { #define IWI_DATA_XFLAG_QOS 0x10 uint8_t wep_txkey; - uint8_t wepkey[IEEE80211_KEYBUF_SIZE]; + uint8_t wepkey[IEEE80211_KEYBUF_128_SIZE]; /* XXX hardware specific */ uint8_t rate; uint8_t antenna; uint8_t reserved3[10]; @@ -530,7 +530,7 @@ struct iwi_wep_key { uint8_t seq; uint8_t idx; uint8_t len; - uint8_t key[IEEE80211_KEYBUF_SIZE]; + uint8_t key[IEEE80211_KEYBUF_128_SIZE]; /* XXX hardware specific */ } __packed; /* structure for command IWI_CMD_SET_WME_PARAMS */ diff --git a/sys/dev/malo/if_malo.h b/sys/dev/malo/if_malo.h index 05c5bc90c467..008068c99524 100644 --- a/sys/dev/malo/if_malo.h +++ b/sys/dev/malo/if_malo.h @@ -332,9 +332,9 @@ struct malo_cmd_wepkey { uint8_t len; uint8_t flags; uint16_t index; - uint8_t value[IEEE80211_KEYBUF_SIZE]; - uint8_t txmickey[IEEE80211_WEP_MICLEN]; - uint8_t rxmickey[IEEE80211_WEP_MICLEN]; + uint8_t value[IEEE80211_KEYBUF_128_SIZE]; /* XXX hardware */ + uint8_t txmickey[IEEE80211_WEP_MICLEN]; /* XXX hardware */ + uint8_t rxmickey[IEEE80211_WEP_MICLEN]; /* XXX hardware */ uint64_t rxseqctr; uint64_t txseqctr; } __packed; diff --git a/sys/dev/mwl/if_mwl.c b/sys/dev/mwl/if_mwl.c index b7f85e65cfd9..87e2679778db 100644 --- a/sys/dev/mwl/if_mwl.c +++ b/sys/dev/mwl/if_mwl.c @@ -1661,10 +1661,10 @@ _mwl_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k, /* Copy in TKIP MIC after the 16 byte main key */ memcpy(hk.key.aes, ieee80211_crypto_get_key_data(k), ieee80211_crypto_get_key_len(k)); - memcpy(hk.key.aes + IEEE80211_KEYBUF_SIZE, + memcpy(hk.key.aes + IEEE80211_KEYBUF_128_SIZE, ieee80211_crypto_get_key_txmic_data(k), 8); - memcpy(hk.key.aes + IEEE80211_KEYBUF_SIZE + 8, + memcpy(hk.key.aes + IEEE80211_KEYBUF_128_SIZE + 8, ieee80211_crypto_get_key_rxmic_data(k), 8); break; diff --git a/sys/dev/ral/rt2560reg.h b/sys/dev/ral/rt2560reg.h index af95a7626b62..86d6a568dad1 100644 --- a/sys/dev/ral/rt2560reg.h +++ b/sys/dev/ral/rt2560reg.h @@ -224,7 +224,7 @@ struct rt2560_tx_desc { uint8_t plcp_length_hi; uint32_t iv; uint32_t eiv; - uint8_t key[IEEE80211_KEYBUF_SIZE]; + uint8_t key[IEEE80211_KEYBUF_128_SIZE]; /* XXX hardware */ uint32_t reserved2[2]; } __packed; @@ -251,7 +251,7 @@ struct rt2560_rx_desc { uint8_t ta[IEEE80211_ADDR_LEN]; uint32_t iv; uint32_t eiv; - uint8_t key[IEEE80211_KEYBUF_SIZE]; + uint8_t key[IEEE80211_KEYBUF_128_SIZE]; /* XXX hardware */ uint32_t reserved[2]; } __packed; diff --git a/sys/dev/usb/wlan/if_rsureg.h b/sys/dev/usb/wlan/if_rsureg.h index e2074e1dd2ad..7ac194e6f142 100644 --- a/sys/dev/usb/wlan/if_rsureg.h +++ b/sys/dev/usb/wlan/if_rsureg.h @@ -478,14 +478,14 @@ struct r92s_fw_cmd_set_key { uint8_t cam_id; uint8_t grpkey; - uint8_t key[IEEE80211_KEYBUF_SIZE]; + uint8_t key[IEEE80211_KEYBUF_128_SIZE]; /* XXX firmware */ } __packed; /* Structure for R92S_CMD_SET_STA_KEY. */ struct r92s_fw_cmd_set_key_mac { uint8_t macaddr[IEEE80211_ADDR_LEN]; uint8_t algo; - uint8_t key[IEEE80211_KEYBUF_SIZE]; + uint8_t key[IEEE80211_KEYBUF_128_SIZE]; /* XXX firmware */ } __packed; /* Structures for R92S_EVENT_SURVEY/R92S_CMD_JOIN_BSS. */ diff --git a/sys/dev/usb/wlan/if_rum.c b/sys/dev/usb/wlan/if_rum.c index 4a4a150146a1..4683267bda25 100644 --- a/sys/dev/usb/wlan/if_rum.c +++ b/sys/dev/usb/wlan/if_rum.c @@ -2867,10 +2867,10 @@ rum_common_key_set(struct rum_softc *sc, struct ieee80211_key *k, return EIO; if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { - if (rum_write_multi(sc, base + IEEE80211_KEYBUF_SIZE, + if (rum_write_multi(sc, base + IEEE80211_KEYBUF_128_SIZE, ieee80211_crypto_get_key_txmic_data(k), 8)) return EIO; - if (rum_write_multi(sc, base + IEEE80211_KEYBUF_SIZE + 8, + if (rum_write_multi(sc, base + IEEE80211_KEYBUF_128_SIZE + 8, ieee80211_crypto_get_key_rxmic_data(k), 8)) return EIO; } diff --git a/sys/dev/usb/wlan/if_rumreg.h b/sys/dev/usb/wlan/if_rumreg.h index 348a57582859..cc364e95590c 100644 --- a/sys/dev/usb/wlan/if_rumreg.h +++ b/sys/dev/usb/wlan/if_rumreg.h @@ -45,7 +45,7 @@ /* * H/w encryption/decryption support */ -#define KEY_SIZE (IEEE80211_KEYBUF_SIZE + IEEE80211_MICBUF_SIZE) +#define KEY_SIZE (IEEE80211_KEYBUF_128_SIZE + IEEE80211_MICBUF_128_SIZE) #define RT2573_ADDR_MAX 64 #define RT2573_SKEY_MAX 4 diff --git a/sys/dev/wpi/if_wpireg.h b/sys/dev/wpi/if_wpireg.h index 84d25bbeb953..4c6af326329d 100644 --- a/sys/dev/wpi/if_wpireg.h +++ b/sys/dev/wpi/if_wpireg.h @@ -466,7 +466,7 @@ struct wpi_node_info { uint8_t reserved4; uint16_t ttak[5]; uint16_t reserved5; - uint8_t key[IEEE80211_KEYBUF_SIZE]; + uint8_t key[IEEE80211_KEYBUF_128_SIZE]; /* XXX firmware */ uint32_t action; #define WPI_ACTION_SET_RATE (1 << 2) @@ -514,7 +514,7 @@ struct wpi_cmd_data { #define WPI_CIPHER_TKIP 3 #define WPI_CIPHER_WEP104 9 - uint8_t key[IEEE80211_KEYBUF_SIZE]; + uint8_t key[IEEE80211_KEYBUF_128_SIZE]; /* XXX firmware */ uint8_t tkip[IEEE80211_WEP_MICLEN]; uint32_t fnext; #define WPI_NEXT_STA_ID(id) ((id) << 8) diff --git a/sys/net80211/ieee80211_crypto.h b/sys/net80211/ieee80211_crypto.h index 48115da586b5..824983ae4d2d 100644 --- a/sys/net80211/ieee80211_crypto.h +++ b/sys/net80211/ieee80211_crypto.h @@ -31,8 +31,24 @@ /* * 802.11 protocol crypto-related definitions. */ -#define IEEE80211_KEYBUF_SIZE 16 -#define IEEE80211_MICBUF_SIZE (8+8) /* space for both tx+rx keys */ + +/* + * Legacy 128 bit key size storage for WEP, TKIP, CCMP key sizes. + * This has been used to store keys in net80211 for various things + * (eg the rc4key in WEP) as well as driver definitions for their + * own hardware programming. + * + * This should eventually be used by the ioctl and drivers instead of + * IEEE80211_KEYBUF_SIZE as the key size will eventually grow. + */ +#define IEEE80211_KEYBUF_128_SIZE 16 +#define IEEE80211_MICBUF_128_SIZE (8+8) /* space for both tx+rx keys */ + +/* + * Temporary definition whilst I clean up where this is still being used. + */ +#define IEEE80211_KEYBUF_SIZE IEEE80211_KEYBUF_128_SIZE +#define IEEE80211_MICBUF_SIZE IEEE80211_MICBUF_128_SIZE /* * Old WEP-style key. Deprecated. diff --git a/sys/net80211/ieee80211_crypto_wep.c b/sys/net80211/ieee80211_crypto_wep.c index e1b261a0be6f..cf947e559a4f 100644 --- a/sys/net80211/ieee80211_crypto_wep.c +++ b/sys/net80211/ieee80211_crypto_wep.c @@ -348,7 +348,7 @@ wep_encrypt(struct ieee80211_key *key, struct mbuf *m0, int hdrlen) struct wep_ctx *ctx = key->wk_private; struct ieee80211vap *vap = ctx->wc_vap; struct mbuf *m = m0; - uint8_t rc4key[IEEE80211_WEP_IVLEN + IEEE80211_KEYBUF_SIZE]; + uint8_t rc4key[IEEE80211_WEP_IVLEN + IEEE80211_KEYBUF_128_SIZE]; uint8_t icv[IEEE80211_WEP_CRCLEN]; uint32_t i, j, k, crc; size_t buflen, data_len; @@ -431,7 +431,7 @@ wep_decrypt(struct ieee80211_key *key, struct mbuf *m0, int hdrlen) struct wep_ctx *ctx = key->wk_private; struct ieee80211vap *vap = ctx->wc_vap; struct mbuf *m = m0; - uint8_t rc4key[IEEE80211_WEP_IVLEN + IEEE80211_KEYBUF_SIZE]; + uint8_t rc4key[IEEE80211_WEP_IVLEN + IEEE80211_KEYBUF_128_SIZE]; uint8_t icv[IEEE80211_WEP_CRCLEN]; uint32_t i, j, k, crc; size_t buflen, data_len;