From owner-p4-projects@FreeBSD.ORG Mon Jul 21 05:26:50 2008 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id DF4FA1065673; Mon, 21 Jul 2008 05:26:49 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A2DDC1065670 for ; Mon, 21 Jul 2008 05:26:49 +0000 (UTC) (envelope-from sam@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 89B698FC14 for ; Mon, 21 Jul 2008 05:26:49 +0000 (UTC) (envelope-from sam@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id m6L5QnjH044448 for ; Mon, 21 Jul 2008 05:26:49 GMT (envelope-from sam@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.2/8.14.1/Submit) id m6L5Qng0044446 for perforce@freebsd.org; Mon, 21 Jul 2008 05:26:49 GMT (envelope-from sam@freebsd.org) Date: Mon, 21 Jul 2008 05:26:49 GMT Message-Id: <200807210526.m6L5Qng0044446@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to sam@freebsd.org using -f From: Sam Leffler To: Perforce Change Reviews Cc: Subject: PERFORCE change 145536 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jul 2008 05:26:50 -0000 http://perforce.freebsd.org/chv.cgi?CH=145536 Change 145536 by sam@sam_ebb on 2008/07/21 05:26:48 don't use the key index to identify when the driver has been asked to allocate a key slot, use an explicit flag; allows drivers to force s/w fallback for entries in the global table Affected files ... .. //depot/projects/vap/sys/net80211/ieee80211_crypto.c#18 edit .. //depot/projects/vap/sys/net80211/ieee80211_crypto.h#18 edit Differences ... ==== //depot/projects/vap/sys/net80211/ieee80211_crypto.c#18 (text+ko) ==== @@ -372,7 +372,7 @@ * cipher template. Note also that when using software * crypto we also call the driver to give us a key index. */ - if (key->wk_keyix == IEEE80211_KEYIX_NONE) { + if ((key->wk_flags & IEEE80211_KEY_DEVKEY) == 0) { if (!dev_key_alloc(vap, key, &keyix, &rxkeyix)) { /* * Driver has no room; fallback to doing crypto @@ -402,6 +402,7 @@ } key->wk_keyix = keyix; key->wk_rxkeyix = rxkeyix; + key->wk_flags |= IEEE80211_KEY_DEVKEY; } return 1; } @@ -412,8 +413,6 @@ static int _ieee80211_crypto_delkey(struct ieee80211vap *vap, struct ieee80211_key *key) { - ieee80211_keyix keyix; - KASSERT(key->wk_cipher != NULL, ("No cipher!")); IEEE80211_DPRINTF(vap, IEEE80211_MSG_CRYPTO, @@ -423,8 +422,7 @@ key->wk_keyrsc[IEEE80211_NONQOS_TID], key->wk_keytsc, key->wk_keylen); - keyix = key->wk_keyix; - if (keyix != IEEE80211_KEYIX_NONE) { + if (key->wk_flags & IEEE80211_KEY_DEVKEY) { /* * Remove hardware entry. */ @@ -432,7 +430,7 @@ if (!dev_key_delete(vap, key)) { IEEE80211_DPRINTF(vap, IEEE80211_MSG_CRYPTO, "%s: driver did not delete key index %u\n", - __func__, keyix); + __func__, key->wk_keyix); vap->iv_stats.is_crypto_delkey++; /* XXX recovery? */ } @@ -492,6 +490,14 @@ key->wk_keyrsc[IEEE80211_NONQOS_TID], key->wk_keytsc, key->wk_keylen); + if ((key->wk_flags & IEEE80211_KEY_DEVKEY) == 0) { + /* XXX nothing allocated, should not happen */ + IEEE80211_DPRINTF(vap, IEEE80211_MSG_CRYPTO, + "%s: no device key setup done; should not happen!\n", + __func__); + vap->iv_stats.is_crypto_setkey_nokey++; + return 0; + } /* * Give cipher a chance to validate key contents. * XXX should happen before modifying state. @@ -504,13 +510,6 @@ vap->iv_stats.is_crypto_setkey_cipher++; return 0; } - if (key->wk_keyix == IEEE80211_KEYIX_NONE) { - /* XXX nothing allocated, should not happen */ - IEEE80211_DPRINTF(vap, IEEE80211_MSG_CRYPTO, - "%s: no key index; should not happen!\n", __func__); - vap->iv_stats.is_crypto_setkey_nokey++; - return 0; - } return dev_key_set(vap, key); } @@ -619,7 +618,7 @@ if (vap->iv_state != IEEE80211_S_RUN) return; k = &ni->ni_ucastkey; - if (k->wk_keyix != IEEE80211_KEYIX_NONE) + if (k->wk_flags & IEEE80211_KEY_DEVKEY) dev_key_set(vap, k); } @@ -643,7 +642,7 @@ continue; for (i = 0; i < IEEE80211_WEP_NKID; i++) { const struct ieee80211_key *k = &vap->iv_nw_keys[i]; - if (k->wk_keyix != IEEE80211_KEYIX_NONE) + if (k->wk_flags & IEEE80211_KEY_DEVKEY) dev_key_set(vap, k); } } ==== //depot/projects/vap/sys/net80211/ieee80211_crypto.h#18 (text+ko) ==== @@ -75,13 +75,14 @@ uint8_t wk_keylen; /* key length in bytes */ uint8_t wk_pad; uint16_t wk_flags; -#define IEEE80211_KEY_XMIT 0x01 /* key used for xmit */ -#define IEEE80211_KEY_RECV 0x02 /* key used for recv */ -#define IEEE80211_KEY_GROUP 0x04 /* key used for WPA group operation */ -#define IEEE80211_KEY_SWENCRYPT 0x10 /* host-based encrypt */ -#define IEEE80211_KEY_SWDECRYPT 0x20 /* host-based decrypt */ -#define IEEE80211_KEY_SWENMIC 0x40 /* host-based enmic */ -#define IEEE80211_KEY_SWDEMIC 0x80 /* host-based demic */ +#define IEEE80211_KEY_XMIT 0x0001 /* key used for xmit */ +#define IEEE80211_KEY_RECV 0x0002 /* key used for recv */ +#define IEEE80211_KEY_GROUP 0x0004 /* key used for WPA group operation */ +#define IEEE80211_KEY_SWENCRYPT 0x0010 /* host-based encrypt */ +#define IEEE80211_KEY_SWDECRYPT 0x0020 /* host-based decrypt */ +#define IEEE80211_KEY_SWENMIC 0x0040 /* host-based enmic */ +#define IEEE80211_KEY_SWDEMIC 0x0080 /* host-based demic */ +#define IEEE80211_KEY_DEVKEY 0x0100 /* device key request completed */ ieee80211_keyix wk_keyix; /* h/w key index */ ieee80211_keyix wk_rxkeyix; /* optional h/w rx key index */ uint8_t wk_key[IEEE80211_KEYBUF_SIZE+IEEE80211_MICBUF_SIZE];