You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
775 lines
25 KiB
775 lines
25 KiB
6 years ago
|
From 6f551abdfca16021e7cd9d4ac891e3eb27010a90 Mon Sep 17 00:00:00 2001
|
||
|
|
Message-Id: <6f551abdfca16021e7cd9d4ac891e3eb27010a90.1488376601.git.dcaratti@redhat.com>
|
||
|
|
From: Sabrina Dubroca <sd@queasysnail.net>
|
||
|
|
Date: Fri, 21 Oct 2016 14:45:26 +0200
|
||
|
|
Subject: [PATCH] mka: Remove "channel" hacks from the stack and the macsec_qca
|
||
|
|
driver
|
||
|
|
|
||
|
|
This is specific to the macsec_qca driver. The core implementation
|
||
|
|
shouldn't care about this, and only deal with the complete secure
|
||
|
|
channel, and pass this down to the driver.
|
||
|
|
|
||
|
|
Drivers that have such limitations should take care of these in their
|
||
|
|
->create functions and throw an error.
|
||
|
|
|
||
|
|
Since the core MKA no longer saves the channel number, the macsec_qca
|
||
|
|
driver must be able to recover it. Add a map (which is just an array
|
||
|
|
since it's quite short) to match SCIs to channel numbers, and lookup
|
||
|
|
functions that will be called in every place where functions would get
|
||
|
|
the channel from the core code. Getting an available channel should be
|
||
|
|
part of channel creation, instead of being a preparation step.
|
||
|
|
|
||
|
|
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
|
||
|
|
---
|
||
|
|
src/drivers/driver.h | 16 ----
|
||
|
|
src/drivers/driver_macsec_qca.c | 174 +++++++++++++++++++++++++++++++++-------
|
||
|
|
src/pae/ieee802_1x_kay.c | 41 +++-------
|
||
|
|
src/pae/ieee802_1x_kay.h | 7 --
|
||
|
|
src/pae/ieee802_1x_secy_ops.c | 40 ---------
|
||
|
|
src/pae/ieee802_1x_secy_ops.h | 2 -
|
||
|
|
wpa_supplicant/driver_i.h | 18 -----
|
||
|
|
wpa_supplicant/wpas_kay.c | 14 ----
|
||
|
|
8 files changed, 159 insertions(+), 153 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/src/drivers/driver.h b/src/drivers/driver.h
|
||
|
|
index aeb9694..54ae6b7 100644
|
||
|
|
--- a/src/drivers/driver.h
|
||
|
|
+++ b/src/drivers/driver.h
|
||
|
|
@@ -3390,14 +3390,6 @@ struct wpa_driver_ops {
|
||
|
|
int (*set_transmit_next_pn)(void *priv, struct transmit_sa *sa);
|
||
|
|
|
||
|
|
/**
|
||
|
|
- * get_available_receive_sc - get available receive channel
|
||
|
|
- * @priv: Private driver interface data
|
||
|
|
- * @channel: secure channel
|
||
|
|
- * Returns: 0 on success, -1 on failure (or if not supported)
|
||
|
|
- */
|
||
|
|
- int (*get_available_receive_sc)(void *priv, u32 *channel);
|
||
|
|
-
|
||
|
|
- /**
|
||
|
|
* create_receive_sc - create secure channel for receiving
|
||
|
|
* @priv: Private driver interface data
|
||
|
|
* @sc: secure channel
|
||
|
|
@@ -3443,14 +3435,6 @@ struct wpa_driver_ops {
|
||
|
|
int (*disable_receive_sa)(void *priv, struct receive_sa *sa);
|
||
|
|
|
||
|
|
/**
|
||
|
|
- * get_available_transmit_sc - get available transmit channel
|
||
|
|
- * @priv: Private driver interface data
|
||
|
|
- * @channel: secure channel
|
||
|
|
- * Returns: 0 on success, -1 on failure (or if not supported)
|
||
|
|
- */
|
||
|
|
- int (*get_available_transmit_sc)(void *priv, u32 *channel);
|
||
|
|
-
|
||
|
|
- /**
|
||
|
|
* create_transmit_sc - create secure connection for transmit
|
||
|
|
* @priv: private driver interface data from init()
|
||
|
|
* @sc: secure channel
|
||
|
|
diff --git a/src/drivers/driver_macsec_qca.c b/src/drivers/driver_macsec_qca.c
|
||
|
|
index 041bcf5..22d414c 100644
|
||
|
|
--- a/src/drivers/driver_macsec_qca.c
|
||
|
|
+++ b/src/drivers/driver_macsec_qca.c
|
||
|
|
@@ -56,6 +56,10 @@
|
||
|
|
static const u8 pae_group_addr[ETH_ALEN] =
|
||
|
|
{ 0x01, 0x80, 0xc2, 0x00, 0x00, 0x03 };
|
||
|
|
|
||
|
|
+struct channel_map {
|
||
|
|
+ struct ieee802_1x_mka_sci sci;
|
||
|
|
+};
|
||
|
|
+
|
||
|
|
struct macsec_qca_data {
|
||
|
|
char ifname[IFNAMSIZ + 1];
|
||
|
|
u32 secy_id;
|
||
|
|
@@ -72,6 +76,9 @@ struct macsec_qca_data {
|
||
|
|
Boolean protect_frames;
|
||
|
|
Boolean replay_protect;
|
||
|
|
u32 replay_window;
|
||
|
|
+
|
||
|
|
+ struct channel_map receive_channel_map[MAXSC];
|
||
|
|
+ struct channel_map transmit_channel_map[MAXSC];
|
||
|
|
};
|
||
|
|
|
||
|
|
|
||
|
|
@@ -526,6 +533,68 @@ static int macsec_qca_enable_controlled_port(void *priv, Boolean enabled)
|
||
|
|
}
|
||
|
|
|
||
|
|
|
||
|
|
+static int macsec_qca_lookup_channel(struct channel_map *map,
|
||
|
|
+ struct ieee802_1x_mka_sci *sci,
|
||
|
|
+ u32 *channel)
|
||
|
|
+{
|
||
|
|
+ u32 i;
|
||
|
|
+
|
||
|
|
+ for (i = 0; i < MAXSC; i++) {
|
||
|
|
+ if (os_memcmp(&map[i].sci, sci,
|
||
|
|
+ sizeof(struct ieee802_1x_mka_sci)) == 0) {
|
||
|
|
+ *channel = i;
|
||
|
|
+ return 0;
|
||
|
|
+ }
|
||
|
|
+ }
|
||
|
|
+
|
||
|
|
+ return -1;
|
||
|
|
+}
|
||
|
|
+
|
||
|
|
+
|
||
|
|
+static void macsec_qca_register_channel(struct channel_map *map,
|
||
|
|
+ struct ieee802_1x_mka_sci *sci,
|
||
|
|
+ u32 channel)
|
||
|
|
+{
|
||
|
|
+ os_memcpy(&map[channel].sci, sci, sizeof(struct ieee802_1x_mka_sci));
|
||
|
|
+}
|
||
|
|
+
|
||
|
|
+
|
||
|
|
+static int macsec_qca_lookup_receive_channel(struct macsec_qca_data *drv,
|
||
|
|
+ struct receive_sc *sc,
|
||
|
|
+ u32 *channel)
|
||
|
|
+{
|
||
|
|
+ return macsec_qca_lookup_channel(drv->receive_channel_map, &sc->sci,
|
||
|
|
+ channel);
|
||
|
|
+}
|
||
|
|
+
|
||
|
|
+
|
||
|
|
+static void macsec_qca_register_receive_channel(struct macsec_qca_data *drv,
|
||
|
|
+ struct receive_sc *sc,
|
||
|
|
+ u32 channel)
|
||
|
|
+{
|
||
|
|
+ macsec_qca_register_channel(drv->receive_channel_map, &sc->sci,
|
||
|
|
+ channel);
|
||
|
|
+}
|
||
|
|
+
|
||
|
|
+
|
||
|
|
+static int macsec_qca_lookup_transmit_channel(struct macsec_qca_data *drv,
|
||
|
|
+ struct transmit_sc *sc,
|
||
|
|
+ u32 *channel)
|
||
|
|
+{
|
||
|
|
+ return macsec_qca_lookup_channel(drv->transmit_channel_map, &sc->sci,
|
||
|
|
+ channel);
|
||
|
|
+}
|
||
|
|
+
|
||
|
|
+
|
||
|
|
+static void macsec_qca_register_transmit_channel(struct macsec_qca_data *drv,
|
||
|
|
+ struct transmit_sc *sc,
|
||
|
|
+ u32 channel)
|
||
|
|
+{
|
||
|
|
+ macsec_qca_register_channel(drv->transmit_channel_map, &sc->sci,
|
||
|
|
+ channel);
|
||
|
|
+}
|
||
|
|
+
|
||
|
|
+
|
||
|
|
static int macsec_qca_get_receive_lowest_pn(void *priv, struct receive_sa *sa)
|
||
|
|
{
|
||
|
|
struct macsec_qca_data *drv = priv;
|
||
|
|
@@ -533,7 +602,11 @@ static int macsec_qca_get_receive_lowest_pn(void *priv, struct receive_sa *sa)
|
||
|
|
u32 next_pn = 0;
|
||
|
|
bool enabled = FALSE;
|
||
|
|
u32 win;
|
||
|
|
- u32 channel = sa->sc->channel;
|
||
|
|
+ u32 channel;
|
||
|
|
+
|
||
|
|
+ ret = macsec_qca_lookup_receive_channel(priv, sa->sc, &channel);
|
||
|
|
+ if (ret != 0)
|
||
|
|
+ return ret;
|
||
|
|
|
||
|
|
ret += nss_macsec_secy_rx_sa_next_pn_get(drv->secy_id, channel, sa->an,
|
||
|
|
&next_pn);
|
||
|
|
@@ -557,7 +630,11 @@ static int macsec_qca_get_transmit_next_pn(void *priv, struct transmit_sa *sa)
|
||
|
|
{
|
||
|
|
struct macsec_qca_data *drv = priv;
|
||
|
|
int ret = 0;
|
||
|
|
- u32 channel = sa->sc->channel;
|
||
|
|
+ u32 channel;
|
||
|
|
+
|
||
|
|
+ ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel);
|
||
|
|
+ if (ret != 0)
|
||
|
|
+ return ret;
|
||
|
|
|
||
|
|
ret += nss_macsec_secy_tx_sa_next_pn_get(drv->secy_id, channel, sa->an,
|
||
|
|
&sa->next_pn);
|
||
|
|
@@ -572,8 +649,11 @@ int macsec_qca_set_transmit_next_pn(void *priv, struct transmit_sa *sa)
|
||
|
|
{
|
||
|
|
struct macsec_qca_data *drv = priv;
|
||
|
|
int ret = 0;
|
||
|
|
- u32 channel = sa->sc->channel;
|
||
|
|
+ u32 channel;
|
||
|
|
|
||
|
|
+ ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel);
|
||
|
|
+ if (ret != 0)
|
||
|
|
+ return ret;
|
||
|
|
|
||
|
|
ret += nss_macsec_secy_tx_sa_next_pn_set(drv->secy_id, channel, sa->an,
|
||
|
|
sa->next_pn);
|
||
|
|
@@ -620,10 +700,14 @@ static int macsec_qca_create_receive_sc(void *priv, struct receive_sc *sc,
|
||
|
|
fal_rx_prc_lut_t entry;
|
||
|
|
fal_rx_sc_validate_frame_e vf;
|
||
|
|
enum validate_frames validate_frames = validation;
|
||
|
|
- u32 channel = sc->channel;
|
||
|
|
+ u32 channel;
|
||
|
|
const u8 *sci_addr = sc->sci.addr;
|
||
|
|
u16 sci_port = be_to_host16(sc->sci.port);
|
||
|
|
|
||
|
|
+ ret = macsec_qca_get_available_receive_sc(priv, &channel);
|
||
|
|
+ if (ret != 0)
|
||
|
|
+ return ret;
|
||
|
|
+
|
||
|
|
wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel);
|
||
|
|
|
||
|
|
/* rx prc lut */
|
||
|
|
@@ -657,6 +741,8 @@ static int macsec_qca_create_receive_sc(void *priv, struct receive_sc *sc,
|
||
|
|
channel,
|
||
|
|
drv->replay_window);
|
||
|
|
|
||
|
|
+ macsec_qca_register_receive_channel(drv, sc, channel);
|
||
|
|
+
|
||
|
|
return ret;
|
||
|
|
}
|
||
|
|
|
||
|
|
@@ -664,9 +750,13 @@ static int macsec_qca_create_receive_sc(void *priv, struct receive_sc *sc,
|
||
|
|
static int macsec_qca_delete_receive_sc(void *priv, struct receive_sc *sc)
|
||
|
|
{
|
||
|
|
struct macsec_qca_data *drv = priv;
|
||
|
|
- int ret = 0;
|
||
|
|
+ int ret;
|
||
|
|
fal_rx_prc_lut_t entry;
|
||
|
|
- u32 channel = sc->channel;
|
||
|
|
+ u32 channel;
|
||
|
|
+
|
||
|
|
+ ret = macsec_qca_lookup_receive_channel(priv, sc, &channel);
|
||
|
|
+ if (ret != 0)
|
||
|
|
+ return ret;
|
||
|
|
|
||
|
|
wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel);
|
||
|
|
|
||
|
|
@@ -683,10 +773,14 @@ static int macsec_qca_delete_receive_sc(void *priv, struct receive_sc *sc)
|
||
|
|
static int macsec_qca_create_receive_sa(void *priv, struct receive_sa *sa)
|
||
|
|
{
|
||
|
|
struct macsec_qca_data *drv = priv;
|
||
|
|
- int ret = 0;
|
||
|
|
+ int ret;
|
||
|
|
fal_rx_sak_t rx_sak;
|
||
|
|
int i = 0;
|
||
|
|
- u32 channel = sa->sc->channel;
|
||
|
|
+ u32 channel;
|
||
|
|
+
|
||
|
|
+ ret = macsec_qca_lookup_receive_channel(priv, sa->sc, &channel);
|
||
|
|
+ if (ret != 0)
|
||
|
|
+ return ret;
|
||
|
|
|
||
|
|
wpa_printf(MSG_DEBUG, "%s, channel=%d, an=%d, lpn=0x%x",
|
||
|
|
__func__, channel, sa->an, sa->lowest_pn);
|
||
|
|
@@ -706,9 +800,12 @@ static int macsec_qca_create_receive_sa(void *priv, struct receive_sa *sa)
|
||
|
|
static int macsec_qca_enable_receive_sa(void *priv, struct receive_sa *sa)
|
||
|
|
{
|
||
|
|
struct macsec_qca_data *drv = priv;
|
||
|
|
- int ret = 0;
|
||
|
|
- u32 channel = sa->sc->channel;
|
||
|
|
+ int ret;
|
||
|
|
+ u32 channel;
|
||
|
|
|
||
|
|
+ ret = macsec_qca_lookup_receive_channel(priv, sa->sc, &channel);
|
||
|
|
+ if (ret != 0)
|
||
|
|
+ return ret;
|
||
|
|
|
||
|
|
wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel,
|
||
|
|
sa->an);
|
||
|
|
@@ -723,8 +820,12 @@ static int macsec_qca_enable_receive_sa(void *priv, struct receive_sa *sa)
|
||
|
|
static int macsec_qca_disable_receive_sa(void *priv, struct receive_sa *sa)
|
||
|
|
{
|
||
|
|
struct macsec_qca_data *drv = priv;
|
||
|
|
- int ret = 0;
|
||
|
|
- u32 channel = sa->sc->channel;
|
||
|
|
+ int ret;
|
||
|
|
+ u32 channel;
|
||
|
|
+
|
||
|
|
+ ret = macsec_qca_lookup_receive_channel(priv, sa->sc, &channel);
|
||
|
|
+ if (ret != 0)
|
||
|
|
+ return ret;
|
||
|
|
|
||
|
|
wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel,
|
||
|
|
sa->an);
|
||
|
|
@@ -739,14 +840,12 @@ static int macsec_qca_disable_receive_sa(void *priv, struct receive_sa *sa)
|
||
|
|
static int macsec_qca_get_available_transmit_sc(void *priv, u32 *channel)
|
||
|
|
{
|
||
|
|
struct macsec_qca_data *drv = priv;
|
||
|
|
- int ret = 0;
|
||
|
|
u32 sc_ch = 0;
|
||
|
|
bool in_use = FALSE;
|
||
|
|
|
||
|
|
for (sc_ch = 0; sc_ch < MAXSC; sc_ch++) {
|
||
|
|
- ret = nss_macsec_secy_tx_sc_in_used_get(drv->secy_id, sc_ch,
|
||
|
|
- &in_use);
|
||
|
|
- if (ret)
|
||
|
|
+ if (nss_macsec_secy_tx_sc_in_used_get(drv->secy_id, sc_ch,
|
||
|
|
+ &in_use))
|
||
|
|
continue;
|
||
|
|
|
||
|
|
if (!in_use) {
|
||
|
|
@@ -767,10 +866,14 @@ static int macsec_qca_create_transmit_sc(void *priv, struct transmit_sc *sc,
|
||
|
|
unsigned int conf_offset)
|
||
|
|
{
|
||
|
|
struct macsec_qca_data *drv = priv;
|
||
|
|
- int ret = 0;
|
||
|
|
+ int ret;
|
||
|
|
fal_tx_class_lut_t entry;
|
||
|
|
u8 psci[ETH_ALEN + 2];
|
||
|
|
- u32 channel = sc->channel;
|
||
|
|
+ u32 channel;
|
||
|
|
+
|
||
|
|
+ ret = macsec_qca_get_available_transmit_sc(priv, &channel);
|
||
|
|
+ if (ret != 0)
|
||
|
|
+ return ret;
|
||
|
|
|
||
|
|
wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel);
|
||
|
|
|
||
|
|
@@ -793,6 +896,8 @@ static int macsec_qca_create_transmit_sc(void *priv, struct transmit_sc *sc,
|
||
|
|
channel,
|
||
|
|
conf_offset);
|
||
|
|
|
||
|
|
+ macsec_qca_register_transmit_channel(drv, sc, channel);
|
||
|
|
+
|
||
|
|
return ret;
|
||
|
|
}
|
||
|
|
|
||
|
|
@@ -800,9 +905,13 @@ static int macsec_qca_create_transmit_sc(void *priv, struct transmit_sc *sc,
|
||
|
|
static int macsec_qca_delete_transmit_sc(void *priv, struct transmit_sc *sc)
|
||
|
|
{
|
||
|
|
struct macsec_qca_data *drv = priv;
|
||
|
|
- int ret = 0;
|
||
|
|
+ int ret;
|
||
|
|
fal_tx_class_lut_t entry;
|
||
|
|
- u32 channel = sc->channel;
|
||
|
|
+ u32 channel;
|
||
|
|
+
|
||
|
|
+ ret = macsec_qca_lookup_transmit_channel(priv, sc, &channel);
|
||
|
|
+ if (ret != 0)
|
||
|
|
+ return ret;
|
||
|
|
|
||
|
|
wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel);
|
||
|
|
|
||
|
|
@@ -819,11 +928,15 @@ static int macsec_qca_delete_transmit_sc(void *priv, struct transmit_sc *sc)
|
||
|
|
static int macsec_qca_create_transmit_sa(void *priv, struct transmit_sa *sa)
|
||
|
|
{
|
||
|
|
struct macsec_qca_data *drv = priv;
|
||
|
|
- int ret = 0;
|
||
|
|
+ int ret;
|
||
|
|
u8 tci = 0;
|
||
|
|
fal_tx_sak_t tx_sak;
|
||
|
|
int i;
|
||
|
|
- u32 channel = sa->sc->channel;
|
||
|
|
+ u32 channel;
|
||
|
|
+
|
||
|
|
+ ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel);
|
||
|
|
+ if (ret != 0)
|
||
|
|
+ return ret;
|
||
|
|
|
||
|
|
wpa_printf(MSG_DEBUG,
|
||
|
|
"%s: channel=%d, an=%d, next_pn=0x%x, confidentiality=%d",
|
||
|
|
@@ -858,9 +971,12 @@ static int macsec_qca_create_transmit_sa(void *priv, struct transmit_sa *sa)
|
||
|
|
static int macsec_qca_enable_transmit_sa(void *priv, struct transmit_sa *sa)
|
||
|
|
{
|
||
|
|
struct macsec_qca_data *drv = priv;
|
||
|
|
- int ret = 0;
|
||
|
|
- u32 channel = sa->sc->channel;
|
||
|
|
+ int ret;
|
||
|
|
+ u32 channel;
|
||
|
|
|
||
|
|
+ ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel);
|
||
|
|
+ if (ret != 0)
|
||
|
|
+ return ret;
|
||
|
|
|
||
|
|
wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel,
|
||
|
|
sa->an);
|
||
|
|
@@ -875,8 +991,12 @@ static int macsec_qca_enable_transmit_sa(void *priv, struct transmit_sa *sa)
|
||
|
|
static int macsec_qca_disable_transmit_sa(void *priv, struct transmit_sa *sa)
|
||
|
|
{
|
||
|
|
struct macsec_qca_data *drv = priv;
|
||
|
|
- int ret = 0;
|
||
|
|
- u32 channel = sa->sc->channel;
|
||
|
|
+ int ret;
|
||
|
|
+ u32 channel;
|
||
|
|
+
|
||
|
|
+ ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel);
|
||
|
|
+ if (ret != 0)
|
||
|
|
+ return ret;
|
||
|
|
|
||
|
|
wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel,
|
||
|
|
sa->an);
|
||
|
|
@@ -907,13 +1027,11 @@ const struct wpa_driver_ops wpa_driver_macsec_qca_ops = {
|
||
|
|
.get_receive_lowest_pn = macsec_qca_get_receive_lowest_pn,
|
||
|
|
.get_transmit_next_pn = macsec_qca_get_transmit_next_pn,
|
||
|
|
.set_transmit_next_pn = macsec_qca_set_transmit_next_pn,
|
||
|
|
- .get_available_receive_sc = macsec_qca_get_available_receive_sc,
|
||
|
|
.create_receive_sc = macsec_qca_create_receive_sc,
|
||
|
|
.delete_receive_sc = macsec_qca_delete_receive_sc,
|
||
|
|
.create_receive_sa = macsec_qca_create_receive_sa,
|
||
|
|
.enable_receive_sa = macsec_qca_enable_receive_sa,
|
||
|
|
.disable_receive_sa = macsec_qca_disable_receive_sa,
|
||
|
|
- .get_available_transmit_sc = macsec_qca_get_available_transmit_sc,
|
||
|
|
.create_transmit_sc = macsec_qca_create_transmit_sc,
|
||
|
|
.delete_transmit_sc = macsec_qca_delete_transmit_sc,
|
||
|
|
.create_transmit_sa = macsec_qca_create_transmit_sa,
|
||
|
|
diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c
|
||
|
|
index 52eeeff..38a8293 100644
|
||
|
|
--- a/src/pae/ieee802_1x_kay.c
|
||
|
|
+++ b/src/pae/ieee802_1x_kay.c
|
||
|
|
@@ -440,8 +440,8 @@ ieee802_1x_kay_init_receive_sa(struct receive_sc *psc, u8 an, u32 lowest_pn,
|
||
|
|
|
||
|
|
dl_list_add(&psc->sa_list, &psa->list);
|
||
|
|
wpa_printf(MSG_DEBUG,
|
||
|
|
- "KaY: Create receive SA(AN: %hhu lowest_pn: %u of SC(channel: %d)",
|
||
|
|
- an, lowest_pn, psc->channel);
|
||
|
|
+ "KaY: Create receive SA(AN: %hhu lowest_pn: %u of SC",
|
||
|
|
+ an, lowest_pn);
|
||
|
|
|
||
|
|
return psa;
|
||
|
|
}
|
||
|
|
@@ -465,8 +465,7 @@ static void ieee802_1x_kay_deinit_receive_sa(struct receive_sa *psa)
|
||
|
|
* ieee802_1x_kay_init_receive_sc -
|
||
|
|
*/
|
||
|
|
static struct receive_sc *
|
||
|
|
-ieee802_1x_kay_init_receive_sc(const struct ieee802_1x_mka_sci *psci,
|
||
|
|
- int channel)
|
||
|
|
+ieee802_1x_kay_init_receive_sc(const struct ieee802_1x_mka_sci *psci)
|
||
|
|
{
|
||
|
|
struct receive_sc *psc;
|
||
|
|
|
||
|
|
@@ -480,13 +479,12 @@ ieee802_1x_kay_init_receive_sc(const struct ieee802_1x_mka_sci *psci,
|
||
|
|
}
|
||
|
|
|
||
|
|
os_memcpy(&psc->sci, psci, sizeof(psc->sci));
|
||
|
|
- psc->channel = channel;
|
||
|
|
|
||
|
|
os_get_time(&psc->created_time);
|
||
|
|
psc->receiving = FALSE;
|
||
|
|
|
||
|
|
dl_list_init(&psc->sa_list);
|
||
|
|
- wpa_printf(MSG_DEBUG, "KaY: Create receive SC(channel: %d)", channel);
|
||
|
|
+ wpa_printf(MSG_DEBUG, "KaY: Create receive SC");
|
||
|
|
wpa_hexdump(MSG_DEBUG, "SCI: ", (u8 *)psci, sizeof(*psci));
|
||
|
|
|
||
|
|
return psc;
|
||
|
|
@@ -502,8 +500,7 @@ ieee802_1x_kay_deinit_receive_sc(
|
||
|
|
{
|
||
|
|
struct receive_sa *psa, *pre_sa;
|
||
|
|
|
||
|
|
- wpa_printf(MSG_DEBUG, "KaY: Delete receive SC(channel: %d)",
|
||
|
|
- psc->channel);
|
||
|
|
+ wpa_printf(MSG_DEBUG, "KaY: Delete receive SC");
|
||
|
|
dl_list_for_each_safe(psa, pre_sa, &psc->sa_list, struct receive_sa,
|
||
|
|
list) {
|
||
|
|
secy_disable_receive_sa(participant->kay, psa);
|
||
|
|
@@ -552,7 +549,6 @@ ieee802_1x_kay_create_live_peer(struct ieee802_1x_mka_participant *participant,
|
||
|
|
{
|
||
|
|
struct ieee802_1x_kay_peer *peer;
|
||
|
|
struct receive_sc *rxsc;
|
||
|
|
- u32 sc_ch = 0;
|
||
|
|
|
||
|
|
peer = ieee802_1x_kay_create_peer(mi, mn);
|
||
|
|
if (!peer)
|
||
|
|
@@ -561,9 +557,7 @@ ieee802_1x_kay_create_live_peer(struct ieee802_1x_mka_participant *participant,
|
||
|
|
os_memcpy(&peer->sci, &participant->current_peer_sci,
|
||
|
|
sizeof(peer->sci));
|
||
|
|
|
||
|
|
- secy_get_available_receive_sc(participant->kay, &sc_ch);
|
||
|
|
-
|
||
|
|
- rxsc = ieee802_1x_kay_init_receive_sc(&peer->sci, sc_ch);
|
||
|
|
+ rxsc = ieee802_1x_kay_init_receive_sc(&peer->sci);
|
||
|
|
if (!rxsc) {
|
||
|
|
os_free(peer);
|
||
|
|
return NULL;
|
||
|
|
@@ -611,12 +605,10 @@ ieee802_1x_kay_move_live_peer(struct ieee802_1x_mka_participant *participant,
|
||
|
|
{
|
||
|
|
struct ieee802_1x_kay_peer *peer;
|
||
|
|
struct receive_sc *rxsc;
|
||
|
|
- u32 sc_ch = 0;
|
||
|
|
|
||
|
|
peer = ieee802_1x_kay_get_potential_peer(participant, mi);
|
||
|
|
|
||
|
|
- rxsc = ieee802_1x_kay_init_receive_sc(&participant->current_peer_sci,
|
||
|
|
- sc_ch);
|
||
|
|
+ rxsc = ieee802_1x_kay_init_receive_sc(&participant->current_peer_sci);
|
||
|
|
if (!rxsc)
|
||
|
|
return NULL;
|
||
|
|
|
||
|
|
@@ -631,8 +623,6 @@ ieee802_1x_kay_move_live_peer(struct ieee802_1x_mka_participant *participant,
|
||
|
|
dl_list_del(&peer->list);
|
||
|
|
dl_list_add_tail(&participant->live_peers, &peer->list);
|
||
|
|
|
||
|
|
- secy_get_available_receive_sc(participant->kay, &sc_ch);
|
||
|
|
-
|
||
|
|
dl_list_add(&participant->rxsc_list, &rxsc->list);
|
||
|
|
secy_create_receive_sc(participant->kay, rxsc);
|
||
|
|
|
||
|
|
@@ -2438,8 +2428,8 @@ ieee802_1x_kay_init_transmit_sa(struct transmit_sc *psc, u8 an, u32 next_PN,
|
||
|
|
|
||
|
|
dl_list_add(&psc->sa_list, &psa->list);
|
||
|
|
wpa_printf(MSG_DEBUG,
|
||
|
|
- "KaY: Create transmit SA(an: %hhu, next_PN: %u) of SC(channel: %d)",
|
||
|
|
- an, next_PN, psc->channel);
|
||
|
|
+ "KaY: Create transmit SA(an: %hhu, next_PN: %u) of SC",
|
||
|
|
+ an, next_PN);
|
||
|
|
|
||
|
|
return psa;
|
||
|
|
}
|
||
|
|
@@ -2463,8 +2453,7 @@ static void ieee802_1x_kay_deinit_transmit_sa(struct transmit_sa *psa)
|
||
|
|
* init_transmit_sc -
|
||
|
|
*/
|
||
|
|
static struct transmit_sc *
|
||
|
|
-ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci,
|
||
|
|
- int channel)
|
||
|
|
+ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci)
|
||
|
|
{
|
||
|
|
struct transmit_sc *psc;
|
||
|
|
|
||
|
|
@@ -2474,7 +2463,6 @@ ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci,
|
||
|
|
return NULL;
|
||
|
|
}
|
||
|
|
os_memcpy(&psc->sci, sci, sizeof(psc->sci));
|
||
|
|
- psc->channel = channel;
|
||
|
|
|
||
|
|
os_get_time(&psc->created_time);
|
||
|
|
psc->transmitting = FALSE;
|
||
|
|
@@ -2482,7 +2470,7 @@ ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci,
|
||
|
|
psc->enciphering_sa = FALSE;
|
||
|
|
|
||
|
|
dl_list_init(&psc->sa_list);
|
||
|
|
- wpa_printf(MSG_DEBUG, "KaY: Create transmit SC(channel: %d)", channel);
|
||
|
|
+ wpa_printf(MSG_DEBUG, "KaY: Create transmit SC");
|
||
|
|
wpa_hexdump(MSG_DEBUG, "SCI: ", (u8 *)sci , sizeof(*sci));
|
||
|
|
|
||
|
|
return psc;
|
||
|
|
@@ -2498,8 +2486,7 @@ ieee802_1x_kay_deinit_transmit_sc(
|
||
|
|
{
|
||
|
|
struct transmit_sa *psa, *tmp;
|
||
|
|
|
||
|
|
- wpa_printf(MSG_DEBUG, "KaY: Delete transmit SC(channel: %d)",
|
||
|
|
- psc->channel);
|
||
|
|
+ wpa_printf(MSG_DEBUG, "KaY: Delete transmit SC");
|
||
|
|
dl_list_for_each_safe(psa, tmp, &psc->sa_list, struct transmit_sa,
|
||
|
|
list) {
|
||
|
|
secy_disable_transmit_sa(participant->kay, psa);
|
||
|
|
@@ -3089,7 +3076,6 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy,
|
||
|
|
|
||
|
|
/* Initialize the SecY must be prio to CP, as CP will control SecY */
|
||
|
|
secy_init_macsec(kay);
|
||
|
|
- secy_get_available_transmit_sc(kay, &kay->sc_ch);
|
||
|
|
|
||
|
|
wpa_printf(MSG_DEBUG, "KaY: secy init macsec done");
|
||
|
|
|
||
|
|
@@ -3250,8 +3236,7 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn,
|
||
|
|
dl_list_init(&participant->sak_list);
|
||
|
|
participant->new_key = NULL;
|
||
|
|
dl_list_init(&participant->rxsc_list);
|
||
|
|
- participant->txsc = ieee802_1x_kay_init_transmit_sc(&kay->actor_sci,
|
||
|
|
- kay->sc_ch);
|
||
|
|
+ participant->txsc = ieee802_1x_kay_init_transmit_sc(&kay->actor_sci);
|
||
|
|
secy_cp_control_protect_frames(kay, kay->macsec_protect);
|
||
|
|
secy_cp_control_replay(kay, kay->macsec_replay_protect,
|
||
|
|
kay->macsec_replay_window);
|
||
|
|
diff --git a/src/pae/ieee802_1x_kay.h b/src/pae/ieee802_1x_kay.h
|
||
|
|
index bf6fbe5..c6fa387 100644
|
||
|
|
--- a/src/pae/ieee802_1x_kay.h
|
||
|
|
+++ b/src/pae/ieee802_1x_kay.h
|
||
|
|
@@ -80,8 +80,6 @@ struct transmit_sc {
|
||
|
|
u8 enciphering_sa; /* AN encipheringSA (read only) */
|
||
|
|
|
||
|
|
/* not defined data */
|
||
|
|
- unsigned int channel;
|
||
|
|
-
|
||
|
|
struct dl_list list;
|
||
|
|
struct dl_list sa_list;
|
||
|
|
};
|
||
|
|
@@ -109,8 +107,6 @@ struct receive_sc {
|
||
|
|
|
||
|
|
struct os_time created_time; /* Time createdTime */
|
||
|
|
|
||
|
|
- unsigned int channel;
|
||
|
|
-
|
||
|
|
struct dl_list list;
|
||
|
|
struct dl_list sa_list;
|
||
|
|
};
|
||
|
|
@@ -146,7 +142,6 @@ struct ieee802_1x_kay_ctx {
|
||
|
|
int (*get_receive_lowest_pn)(void *ctx, struct receive_sa *sa);
|
||
|
|
int (*get_transmit_next_pn)(void *ctx, struct transmit_sa *sa);
|
||
|
|
int (*set_transmit_next_pn)(void *ctx, struct transmit_sa *sa);
|
||
|
|
- int (*get_available_receive_sc)(void *ctx, u32 *channel);
|
||
|
|
int (*create_receive_sc)(void *ctx, struct receive_sc *sc,
|
||
|
|
enum validate_frames vf,
|
||
|
|
enum confidentiality_offset co);
|
||
|
|
@@ -154,7 +149,6 @@ struct ieee802_1x_kay_ctx {
|
||
|
|
int (*create_receive_sa)(void *ctx, struct receive_sa *sa);
|
||
|
|
int (*enable_receive_sa)(void *ctx, struct receive_sa *sa);
|
||
|
|
int (*disable_receive_sa)(void *ctx, struct receive_sa *sa);
|
||
|
|
- int (*get_available_transmit_sc)(void *ctx, u32 *channel);
|
||
|
|
int (*create_transmit_sc)(void *ctx, struct transmit_sc *sc,
|
||
|
|
enum confidentiality_offset co);
|
||
|
|
int (*delete_transmit_sc)(void *ctx, struct transmit_sc *sc);
|
||
|
|
@@ -209,7 +203,6 @@ struct ieee802_1x_kay {
|
||
|
|
|
||
|
|
u8 mka_version;
|
||
|
|
u8 algo_agility[4];
|
||
|
|
- u32 sc_ch;
|
||
|
|
|
||
|
|
u32 pn_exhaustion;
|
||
|
|
Boolean port_enable;
|
||
|
|
diff --git a/src/pae/ieee802_1x_secy_ops.c b/src/pae/ieee802_1x_secy_ops.c
|
||
|
|
index 32ee816..b57c670 100644
|
||
|
|
--- a/src/pae/ieee802_1x_secy_ops.c
|
||
|
|
+++ b/src/pae/ieee802_1x_secy_ops.c
|
||
|
|
@@ -196,26 +196,6 @@ int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay,
|
||
|
|
}
|
||
|
|
|
||
|
|
|
||
|
|
-int secy_get_available_receive_sc(struct ieee802_1x_kay *kay, u32 *channel)
|
||
|
|
-{
|
||
|
|
- struct ieee802_1x_kay_ctx *ops;
|
||
|
|
-
|
||
|
|
- if (!kay) {
|
||
|
|
- wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
|
||
|
|
- return -1;
|
||
|
|
- }
|
||
|
|
-
|
||
|
|
- ops = kay->ctx;
|
||
|
|
- if (!ops || !ops->get_available_receive_sc) {
|
||
|
|
- wpa_printf(MSG_ERROR,
|
||
|
|
- "KaY: secy get_available_receive_sc operation not supported");
|
||
|
|
- return -1;
|
||
|
|
- }
|
||
|
|
-
|
||
|
|
- return ops->get_available_receive_sc(ops->ctx, channel);
|
||
|
|
-}
|
||
|
|
-
|
||
|
|
-
|
||
|
|
int secy_create_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc)
|
||
|
|
{
|
||
|
|
struct ieee802_1x_kay_ctx *ops;
|
||
|
|
@@ -320,26 +300,6 @@ int secy_disable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
|
||
|
|
}
|
||
|
|
|
||
|
|
|
||
|
|
-int secy_get_available_transmit_sc(struct ieee802_1x_kay *kay, u32 *channel)
|
||
|
|
-{
|
||
|
|
- struct ieee802_1x_kay_ctx *ops;
|
||
|
|
-
|
||
|
|
- if (!kay) {
|
||
|
|
- wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
|
||
|
|
- return -1;
|
||
|
|
- }
|
||
|
|
-
|
||
|
|
- ops = kay->ctx;
|
||
|
|
- if (!ops || !ops->get_available_transmit_sc) {
|
||
|
|
- wpa_printf(MSG_ERROR,
|
||
|
|
- "KaY: secy get_available_transmit_sc operation not supported");
|
||
|
|
- return -1;
|
||
|
|
- }
|
||
|
|
-
|
||
|
|
- return ops->get_available_transmit_sc(ops->ctx, channel);
|
||
|
|
-}
|
||
|
|
-
|
||
|
|
-
|
||
|
|
int secy_create_transmit_sc(struct ieee802_1x_kay *kay,
|
||
|
|
struct transmit_sc *txsc)
|
||
|
|
{
|
||
|
|
diff --git a/src/pae/ieee802_1x_secy_ops.h b/src/pae/ieee802_1x_secy_ops.h
|
||
|
|
index bfd5737..59f0baa 100644
|
||
|
|
--- a/src/pae/ieee802_1x_secy_ops.h
|
||
|
|
+++ b/src/pae/ieee802_1x_secy_ops.h
|
||
|
|
@@ -35,7 +35,6 @@ int secy_get_transmit_next_pn(struct ieee802_1x_kay *kay,
|
||
|
|
struct transmit_sa *txsa);
|
||
|
|
int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay,
|
||
|
|
struct transmit_sa *txsa);
|
||
|
|
-int secy_get_available_receive_sc(struct ieee802_1x_kay *kay, u32 *channel);
|
||
|
|
int secy_create_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc);
|
||
|
|
int secy_delete_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc);
|
||
|
|
int secy_create_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa);
|
||
|
|
@@ -43,7 +42,6 @@ int secy_enable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa);
|
||
|
|
int secy_disable_receive_sa(struct ieee802_1x_kay *kay,
|
||
|
|
struct receive_sa *rxsa);
|
||
|
|
|
||
|
|
-int secy_get_available_transmit_sc(struct ieee802_1x_kay *kay, u32 *channel);
|
||
|
|
int secy_create_transmit_sc(struct ieee802_1x_kay *kay,
|
||
|
|
struct transmit_sc *txsc);
|
||
|
|
int secy_delete_transmit_sc(struct ieee802_1x_kay *kay,
|
||
|
|
diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h
|
||
|
|
index f8efddc..244e386 100644
|
||
|
|
--- a/wpa_supplicant/driver_i.h
|
||
|
|
+++ b/wpa_supplicant/driver_i.h
|
||
|
|
@@ -780,15 +780,6 @@ static inline int wpa_drv_set_transmit_next_pn(struct wpa_supplicant *wpa_s,
|
||
|
|
return wpa_s->driver->set_transmit_next_pn(wpa_s->drv_priv, sa);
|
||
|
|
}
|
||
|
|
|
||
|
|
-static inline int wpa_drv_get_available_receive_sc(struct wpa_supplicant *wpa_s,
|
||
|
|
- u32 *channel)
|
||
|
|
-{
|
||
|
|
- if (!wpa_s->driver->get_available_receive_sc)
|
||
|
|
- return -1;
|
||
|
|
- return wpa_s->driver->get_available_receive_sc(wpa_s->drv_priv,
|
||
|
|
- channel);
|
||
|
|
-}
|
||
|
|
-
|
||
|
|
static inline int
|
||
|
|
wpa_drv_create_receive_sc(struct wpa_supplicant *wpa_s, struct receive_sc *sc,
|
||
|
|
unsigned int conf_offset, int validation)
|
||
|
|
@@ -832,15 +823,6 @@ static inline int wpa_drv_disable_receive_sa(struct wpa_supplicant *wpa_s,
|
||
|
|
}
|
||
|
|
|
||
|
|
static inline int
|
||
|
|
-wpa_drv_get_available_transmit_sc(struct wpa_supplicant *wpa_s, u32 *channel)
|
||
|
|
-{
|
||
|
|
- if (!wpa_s->driver->get_available_transmit_sc)
|
||
|
|
- return -1;
|
||
|
|
- return wpa_s->driver->get_available_transmit_sc(wpa_s->drv_priv,
|
||
|
|
- channel);
|
||
|
|
-}
|
||
|
|
-
|
||
|
|
-static inline int
|
||
|
|
wpa_drv_create_transmit_sc(struct wpa_supplicant *wpa_s, struct transmit_sc *sc,
|
||
|
|
unsigned int conf_offset)
|
||
|
|
{
|
||
|
|
diff --git a/wpa_supplicant/wpas_kay.c b/wpa_supplicant/wpas_kay.c
|
||
|
|
index 29b7b56..64364f7 100644
|
||
|
|
--- a/wpa_supplicant/wpas_kay.c
|
||
|
|
+++ b/wpa_supplicant/wpas_kay.c
|
||
|
|
@@ -86,12 +86,6 @@ static int wpas_set_transmit_next_pn(void *wpa_s, struct transmit_sa *sa)
|
||
|
|
}
|
||
|
|
|
||
|
|
|
||
|
|
-static int wpas_get_available_receive_sc(void *wpa_s, u32 *channel)
|
||
|
|
-{
|
||
|
|
- return wpa_drv_get_available_receive_sc(wpa_s, channel);
|
||
|
|
-}
|
||
|
|
-
|
||
|
|
-
|
||
|
|
static unsigned int conf_offset_val(enum confidentiality_offset co)
|
||
|
|
{
|
||
|
|
switch (co) {
|
||
|
|
@@ -138,12 +132,6 @@ static int wpas_disable_receive_sa(void *wpa_s, struct receive_sa *sa)
|
||
|
|
}
|
||
|
|
|
||
|
|
|
||
|
|
-static int wpas_get_available_transmit_sc(void *wpa_s, u32 *channel)
|
||
|
|
-{
|
||
|
|
- return wpa_drv_get_available_transmit_sc(wpa_s, channel);
|
||
|
|
-}
|
||
|
|
-
|
||
|
|
-
|
||
|
|
static int
|
||
|
|
wpas_create_transmit_sc(void *wpa_s, struct transmit_sc *sc,
|
||
|
|
enum confidentiality_offset co)
|
||
|
|
@@ -205,13 +193,11 @@ int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
|
||
|
|
kay_ctx->get_receive_lowest_pn = wpas_get_receive_lowest_pn;
|
||
|
|
kay_ctx->get_transmit_next_pn = wpas_get_transmit_next_pn;
|
||
|
|
kay_ctx->set_transmit_next_pn = wpas_set_transmit_next_pn;
|
||
|
|
- kay_ctx->get_available_receive_sc = wpas_get_available_receive_sc;
|
||
|
|
kay_ctx->create_receive_sc = wpas_create_receive_sc;
|
||
|
|
kay_ctx->delete_receive_sc = wpas_delete_receive_sc;
|
||
|
|
kay_ctx->create_receive_sa = wpas_create_receive_sa;
|
||
|
|
kay_ctx->enable_receive_sa = wpas_enable_receive_sa;
|
||
|
|
kay_ctx->disable_receive_sa = wpas_disable_receive_sa;
|
||
|
|
- kay_ctx->get_available_transmit_sc = wpas_get_available_transmit_sc;
|
||
|
|
kay_ctx->create_transmit_sc = wpas_create_transmit_sc;
|
||
|
|
kay_ctx->delete_transmit_sc = wpas_delete_transmit_sc;
|
||
|
|
kay_ctx->create_transmit_sa = wpas_create_transmit_sa;
|
||
|
|
--
|
||
|
|
2.7.4
|
||
|
|
|