git: 77b1e4f32f31 - main - net80211: create accessors for accessing the ieee80211_key key/mic data

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Adrian Chadd <adrian_at_FreeBSD.org>
Date: Tue, 11 Nov 2025 16:06:46 UTC
The branch main has been updated by adrian:

URL: https://cgit.FreeBSD.org/src/commit/?id=77b1e4f32f31b219c238c81b726d079a003b465c

commit 77b1e4f32f31b219c238c81b726d079a003b465c
Author:     Adrian Chadd <adrian@FreeBSD.org>
AuthorDate: 2025-09-24 15:30:47 +0000
Commit:     Adrian Chadd <adrian@FreeBSD.org>
CommitDate: 2025-11-11 16:06:29 +0000

    net80211: create accessors for accessing the ieee80211_key key/mic data
    
    Add some accessors to the key data, key length and MIC data.
    Document exactly what these mean.
    
    There's at least a couple of drivers that access the key data field
    directly and assume that the TX/RX MIC is available directly after the
    data pointer, which bakes in the "key size is 128 bits" in subtle ways.
    
    The goal here is to migrate the drivers and net80211 code to use
    these methods rather than accessing wk_key directly and making assumptions
    about wk_key and the copied key length (which the ioctl path definitely
    does.)
    
    Once that's done, it should be a lot easier to change the key API for
    larger keys.
    
    Differential Revision:  https://reviews.freebsd.org/D52711
    Reviewed by:    thj
---
 sys/net80211/ieee80211_crypto.h | 105 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 105 insertions(+)

diff --git a/sys/net80211/ieee80211_crypto.h b/sys/net80211/ieee80211_crypto.h
index 89b8b4f9daa4..48115da586b5 100644
--- a/sys/net80211/ieee80211_crypto.h
+++ b/sys/net80211/ieee80211_crypto.h
@@ -94,6 +94,7 @@ struct ieee80211_key {
 
 	ieee80211_keyix	wk_keyix;	/* h/w key index */
 	ieee80211_keyix	wk_rxkeyix;	/* optional h/w rx key index */
+	/* TODO: deprecate direct access to wk_key, wk_txmic, wk_rxmic */
 	uint8_t		wk_key[IEEE80211_KEYBUF_SIZE+IEEE80211_MICBUF_SIZE];
 #define	wk_txmic	wk_key+IEEE80211_KEYBUF_SIZE+0	/* XXX can't () right */
 #define	wk_rxmic	wk_key+IEEE80211_KEYBUF_SIZE+8	/* XXX can't () right */
@@ -300,5 +301,109 @@ void	ieee80211_notify_michael_failure(struct ieee80211vap *,
 uint16_t	ieee80211_crypto_init_aad(const struct ieee80211_frame *,
 		uint8_t *, int);
 
+/**
+ * @brief Return the key data.
+ *
+ * This returns a pointer to the key data.  Note it does not
+ * guarantee the TX/RX MIC will be immediately after the key.
+ * Callers must use ieee80211_crypto_get_key_txmic_data()
+ * and ieee80211_crypto_get_key_rxmic_data() for that.
+ *
+ * Note: there's no locking; this needs to be called in
+ * a situation where the ieee80211_key won't disappear.
+ *
+ * @param k ieee80211_key
+ * @returns NULL if no key data is available, or a pointer
+ *  to the key data.
+ */
+static inline const uint8_t *
+ieee80211_crypto_get_key_data(const struct ieee80211_key *k)
+{
+	return (k->wk_key);
+}
+
+/**
+ * @brief Return the key length in bytes.
+ *
+ * This doesn't include any TX/RX MIC (eg from TKIP).
+ *
+ * Note: there's no locking; this needs to be called in
+ * a situation where the ieee80211_key won't disappear.
+ *
+ * @param k ieee80211_key
+ * @returns the key length (without any MIC) in bytes
+ */
+static inline const uint16_t
+ieee80211_crypto_get_key_len(const struct ieee80211_key *k)
+{
+	return (k->wk_keylen);
+}
+
+/**
+ * @brief Return the TX MIC data.
+ *
+ * This returns a pointer to the TX MIC data.
+ *
+ * Note: there's no locking; this needs to be called in
+ * a situation where the ieee80211_key won't disappear.
+ *
+ * @param k ieee80211_key
+ * @returns NULL if no key data is available, or a pointer
+ *  to the TX MIC data.
+ */
+static inline const uint8_t *
+ieee80211_crypto_get_key_txmic_data(const struct ieee80211_key *k)
+{
+	return (k->wk_txmic);
+}
+
+/**
+ * @brief Return the TX MIC length in bytes.
+ *
+ * Note: there's no locking; this needs to be called in
+ * a situation where the ieee80211_key won't disappear.
+ *
+ * @param k ieee80211_key
+ * @returns the TX MIC length in bytes
+ */
+static inline const uint16_t
+ieee80211_crypto_get_key_txmic_len(const struct ieee80211_key *k)
+{
+	return (k->wk_cipher->ic_miclen);
+}
+
+/**
+ * @brief Return the RX MIC data.
+ *
+ * This returns a pointer to the RX MIC data.
+ *
+ * Note: there's no locking; this needs to be called in
+ * a situation where the ieee80211_key won't disappear.
+ *
+ * @param k ieee80211_key
+ * @returns NULL if no key data is available, or a pointer
+ *  to the RX MIC data.
+ */
+static inline const uint8_t *
+ieee80211_crypto_get_key_rxmic_data(const struct ieee80211_key *k)
+{
+	return (k->wk_rxmic);
+}
+
+/**
+ * @brief Return the RX MIC length in bytes.
+ *
+ * Note: there's no locking; this needs to be called in
+ * a situation where the ieee80211_key won't disappear.
+ *
+ * @param k ieee80211_key
+ * @returns the RX MIC length in bytes
+ */
+static inline const uint16_t
+ieee80211_crypto_get_key_rxmic_len(const struct ieee80211_key *k)
+{
+	return (k->wk_cipher->ic_miclen);
+}
+
 #endif /* defined(__KERNEL__) || defined(_KERNEL) */
 #endif /* _NET80211_IEEE80211_CRYPTO_H_ */