mka: Remove "channel" hacks from the stack and the macsec_qca driver

This is specific to the macsec_qca driver. The core implementation
shouldn't care about this, and only deal with the complete secure
channel, and pass this down to the driver.

Drivers that have such limitations should take care of these in their
->create functions and throw an error.

Since the core MKA no longer saves the channel number, the macsec_qca
driver must be able to recover it. Add a map (which is just an array
since it's quite short) to match SCIs to channel numbers, and lookup
functions that will be called in every place where functions would get
the channel from the core code. Getting an available channel should be
part of channel creation, instead of being a preparation step.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
This commit is contained in:
Sabrina Dubroca 2016-10-21 14:45:26 +02:00 committed by Jouni Malinen
parent 7d8f795003
commit 6f551abdfc
8 changed files with 159 additions and 153 deletions

View file

@ -3389,14 +3389,6 @@ struct wpa_driver_ops {
*/ */
int (*set_transmit_next_pn)(void *priv, struct transmit_sa *sa); int (*set_transmit_next_pn)(void *priv, struct transmit_sa *sa);
/**
* get_available_receive_sc - get available receive channel
* @priv: Private driver interface data
* @channel: secure channel
* Returns: 0 on success, -1 on failure (or if not supported)
*/
int (*get_available_receive_sc)(void *priv, u32 *channel);
/** /**
* create_receive_sc - create secure channel for receiving * create_receive_sc - create secure channel for receiving
* @priv: Private driver interface data * @priv: Private driver interface data
@ -3442,14 +3434,6 @@ struct wpa_driver_ops {
*/ */
int (*disable_receive_sa)(void *priv, struct receive_sa *sa); int (*disable_receive_sa)(void *priv, struct receive_sa *sa);
/**
* get_available_transmit_sc - get available transmit channel
* @priv: Private driver interface data
* @channel: secure channel
* Returns: 0 on success, -1 on failure (or if not supported)
*/
int (*get_available_transmit_sc)(void *priv, u32 *channel);
/** /**
* create_transmit_sc - create secure connection for transmit * create_transmit_sc - create secure connection for transmit
* @priv: private driver interface data from init() * @priv: private driver interface data from init()

View file

@ -56,6 +56,10 @@
static const u8 pae_group_addr[ETH_ALEN] = static const u8 pae_group_addr[ETH_ALEN] =
{ 0x01, 0x80, 0xc2, 0x00, 0x00, 0x03 }; { 0x01, 0x80, 0xc2, 0x00, 0x00, 0x03 };
struct channel_map {
struct ieee802_1x_mka_sci sci;
};
struct macsec_qca_data { struct macsec_qca_data {
char ifname[IFNAMSIZ + 1]; char ifname[IFNAMSIZ + 1];
u32 secy_id; u32 secy_id;
@ -72,6 +76,9 @@ struct macsec_qca_data {
Boolean protect_frames; Boolean protect_frames;
Boolean replay_protect; Boolean replay_protect;
u32 replay_window; u32 replay_window;
struct channel_map receive_channel_map[MAXSC];
struct channel_map transmit_channel_map[MAXSC];
}; };
@ -526,6 +533,68 @@ static int macsec_qca_enable_controlled_port(void *priv, Boolean enabled)
} }
static int macsec_qca_lookup_channel(struct channel_map *map,
struct ieee802_1x_mka_sci *sci,
u32 *channel)
{
u32 i;
for (i = 0; i < MAXSC; i++) {
if (os_memcmp(&map[i].sci, sci,
sizeof(struct ieee802_1x_mka_sci)) == 0) {
*channel = i;
return 0;
}
}
return -1;
}
static void macsec_qca_register_channel(struct channel_map *map,
struct ieee802_1x_mka_sci *sci,
u32 channel)
{
os_memcpy(&map[channel].sci, sci, sizeof(struct ieee802_1x_mka_sci));
}
static int macsec_qca_lookup_receive_channel(struct macsec_qca_data *drv,
struct receive_sc *sc,
u32 *channel)
{
return macsec_qca_lookup_channel(drv->receive_channel_map, &sc->sci,
channel);
}
static void macsec_qca_register_receive_channel(struct macsec_qca_data *drv,
struct receive_sc *sc,
u32 channel)
{
macsec_qca_register_channel(drv->receive_channel_map, &sc->sci,
channel);
}
static int macsec_qca_lookup_transmit_channel(struct macsec_qca_data *drv,
struct transmit_sc *sc,
u32 *channel)
{
return macsec_qca_lookup_channel(drv->transmit_channel_map, &sc->sci,
channel);
}
static void macsec_qca_register_transmit_channel(struct macsec_qca_data *drv,
struct transmit_sc *sc,
u32 channel)
{
macsec_qca_register_channel(drv->transmit_channel_map, &sc->sci,
channel);
}
static int macsec_qca_get_receive_lowest_pn(void *priv, struct receive_sa *sa) static int macsec_qca_get_receive_lowest_pn(void *priv, struct receive_sa *sa)
{ {
struct macsec_qca_data *drv = priv; struct macsec_qca_data *drv = priv;
@ -533,7 +602,11 @@ static int macsec_qca_get_receive_lowest_pn(void *priv, struct receive_sa *sa)
u32 next_pn = 0; u32 next_pn = 0;
bool enabled = FALSE; bool enabled = FALSE;
u32 win; u32 win;
u32 channel = sa->sc->channel; u32 channel;
ret = macsec_qca_lookup_receive_channel(priv, sa->sc, &channel);
if (ret != 0)
return ret;
ret += nss_macsec_secy_rx_sa_next_pn_get(drv->secy_id, channel, sa->an, ret += nss_macsec_secy_rx_sa_next_pn_get(drv->secy_id, channel, sa->an,
&next_pn); &next_pn);
@ -557,7 +630,11 @@ static int macsec_qca_get_transmit_next_pn(void *priv, struct transmit_sa *sa)
{ {
struct macsec_qca_data *drv = priv; struct macsec_qca_data *drv = priv;
int ret = 0; int ret = 0;
u32 channel = sa->sc->channel; u32 channel;
ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel);
if (ret != 0)
return ret;
ret += nss_macsec_secy_tx_sa_next_pn_get(drv->secy_id, channel, sa->an, ret += nss_macsec_secy_tx_sa_next_pn_get(drv->secy_id, channel, sa->an,
&sa->next_pn); &sa->next_pn);
@ -572,8 +649,11 @@ int macsec_qca_set_transmit_next_pn(void *priv, struct transmit_sa *sa)
{ {
struct macsec_qca_data *drv = priv; struct macsec_qca_data *drv = priv;
int ret = 0; int ret = 0;
u32 channel = sa->sc->channel; u32 channel;
ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel);
if (ret != 0)
return ret;
ret += nss_macsec_secy_tx_sa_next_pn_set(drv->secy_id, channel, sa->an, ret += nss_macsec_secy_tx_sa_next_pn_set(drv->secy_id, channel, sa->an,
sa->next_pn); sa->next_pn);
@ -620,10 +700,14 @@ static int macsec_qca_create_receive_sc(void *priv, struct receive_sc *sc,
fal_rx_prc_lut_t entry; fal_rx_prc_lut_t entry;
fal_rx_sc_validate_frame_e vf; fal_rx_sc_validate_frame_e vf;
enum validate_frames validate_frames = validation; enum validate_frames validate_frames = validation;
u32 channel = sc->channel; u32 channel;
const u8 *sci_addr = sc->sci.addr; const u8 *sci_addr = sc->sci.addr;
u16 sci_port = be_to_host16(sc->sci.port); u16 sci_port = be_to_host16(sc->sci.port);
ret = macsec_qca_get_available_receive_sc(priv, &channel);
if (ret != 0)
return ret;
wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel); wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel);
/* rx prc lut */ /* rx prc lut */
@ -657,6 +741,8 @@ static int macsec_qca_create_receive_sc(void *priv, struct receive_sc *sc,
channel, channel,
drv->replay_window); drv->replay_window);
macsec_qca_register_receive_channel(drv, sc, channel);
return ret; return ret;
} }
@ -664,9 +750,13 @@ static int macsec_qca_create_receive_sc(void *priv, struct receive_sc *sc,
static int macsec_qca_delete_receive_sc(void *priv, struct receive_sc *sc) static int macsec_qca_delete_receive_sc(void *priv, struct receive_sc *sc)
{ {
struct macsec_qca_data *drv = priv; struct macsec_qca_data *drv = priv;
int ret = 0; int ret;
fal_rx_prc_lut_t entry; fal_rx_prc_lut_t entry;
u32 channel = sc->channel; u32 channel;
ret = macsec_qca_lookup_receive_channel(priv, sc, &channel);
if (ret != 0)
return ret;
wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel); wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel);
@ -683,10 +773,14 @@ static int macsec_qca_delete_receive_sc(void *priv, struct receive_sc *sc)
static int macsec_qca_create_receive_sa(void *priv, struct receive_sa *sa) static int macsec_qca_create_receive_sa(void *priv, struct receive_sa *sa)
{ {
struct macsec_qca_data *drv = priv; struct macsec_qca_data *drv = priv;
int ret = 0; int ret;
fal_rx_sak_t rx_sak; fal_rx_sak_t rx_sak;
int i = 0; int i = 0;
u32 channel = sa->sc->channel; u32 channel;
ret = macsec_qca_lookup_receive_channel(priv, sa->sc, &channel);
if (ret != 0)
return ret;
wpa_printf(MSG_DEBUG, "%s, channel=%d, an=%d, lpn=0x%x", wpa_printf(MSG_DEBUG, "%s, channel=%d, an=%d, lpn=0x%x",
__func__, channel, sa->an, sa->lowest_pn); __func__, channel, sa->an, sa->lowest_pn);
@ -706,9 +800,12 @@ static int macsec_qca_create_receive_sa(void *priv, struct receive_sa *sa)
static int macsec_qca_enable_receive_sa(void *priv, struct receive_sa *sa) static int macsec_qca_enable_receive_sa(void *priv, struct receive_sa *sa)
{ {
struct macsec_qca_data *drv = priv; struct macsec_qca_data *drv = priv;
int ret = 0; int ret;
u32 channel = sa->sc->channel; u32 channel;
ret = macsec_qca_lookup_receive_channel(priv, sa->sc, &channel);
if (ret != 0)
return ret;
wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel,
sa->an); sa->an);
@ -723,8 +820,12 @@ static int macsec_qca_enable_receive_sa(void *priv, struct receive_sa *sa)
static int macsec_qca_disable_receive_sa(void *priv, struct receive_sa *sa) static int macsec_qca_disable_receive_sa(void *priv, struct receive_sa *sa)
{ {
struct macsec_qca_data *drv = priv; struct macsec_qca_data *drv = priv;
int ret = 0; int ret;
u32 channel = sa->sc->channel; u32 channel;
ret = macsec_qca_lookup_receive_channel(priv, sa->sc, &channel);
if (ret != 0)
return ret;
wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel,
sa->an); sa->an);
@ -739,14 +840,12 @@ static int macsec_qca_disable_receive_sa(void *priv, struct receive_sa *sa)
static int macsec_qca_get_available_transmit_sc(void *priv, u32 *channel) static int macsec_qca_get_available_transmit_sc(void *priv, u32 *channel)
{ {
struct macsec_qca_data *drv = priv; struct macsec_qca_data *drv = priv;
int ret = 0;
u32 sc_ch = 0; u32 sc_ch = 0;
bool in_use = FALSE; bool in_use = FALSE;
for (sc_ch = 0; sc_ch < MAXSC; sc_ch++) { for (sc_ch = 0; sc_ch < MAXSC; sc_ch++) {
ret = nss_macsec_secy_tx_sc_in_used_get(drv->secy_id, sc_ch, if (nss_macsec_secy_tx_sc_in_used_get(drv->secy_id, sc_ch,
&in_use); &in_use))
if (ret)
continue; continue;
if (!in_use) { if (!in_use) {
@ -767,10 +866,14 @@ static int macsec_qca_create_transmit_sc(void *priv, struct transmit_sc *sc,
unsigned int conf_offset) unsigned int conf_offset)
{ {
struct macsec_qca_data *drv = priv; struct macsec_qca_data *drv = priv;
int ret = 0; int ret;
fal_tx_class_lut_t entry; fal_tx_class_lut_t entry;
u8 psci[ETH_ALEN + 2]; u8 psci[ETH_ALEN + 2];
u32 channel = sc->channel; u32 channel;
ret = macsec_qca_get_available_transmit_sc(priv, &channel);
if (ret != 0)
return ret;
wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel); wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel);
@ -793,6 +896,8 @@ static int macsec_qca_create_transmit_sc(void *priv, struct transmit_sc *sc,
channel, channel,
conf_offset); conf_offset);
macsec_qca_register_transmit_channel(drv, sc, channel);
return ret; return ret;
} }
@ -800,9 +905,13 @@ static int macsec_qca_create_transmit_sc(void *priv, struct transmit_sc *sc,
static int macsec_qca_delete_transmit_sc(void *priv, struct transmit_sc *sc) static int macsec_qca_delete_transmit_sc(void *priv, struct transmit_sc *sc)
{ {
struct macsec_qca_data *drv = priv; struct macsec_qca_data *drv = priv;
int ret = 0; int ret;
fal_tx_class_lut_t entry; fal_tx_class_lut_t entry;
u32 channel = sc->channel; u32 channel;
ret = macsec_qca_lookup_transmit_channel(priv, sc, &channel);
if (ret != 0)
return ret;
wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel); wpa_printf(MSG_DEBUG, "%s: channel=%d", __func__, channel);
@ -819,11 +928,15 @@ static int macsec_qca_delete_transmit_sc(void *priv, struct transmit_sc *sc)
static int macsec_qca_create_transmit_sa(void *priv, struct transmit_sa *sa) static int macsec_qca_create_transmit_sa(void *priv, struct transmit_sa *sa)
{ {
struct macsec_qca_data *drv = priv; struct macsec_qca_data *drv = priv;
int ret = 0; int ret;
u8 tci = 0; u8 tci = 0;
fal_tx_sak_t tx_sak; fal_tx_sak_t tx_sak;
int i; int i;
u32 channel = sa->sc->channel; u32 channel;
ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel);
if (ret != 0)
return ret;
wpa_printf(MSG_DEBUG, wpa_printf(MSG_DEBUG,
"%s: channel=%d, an=%d, next_pn=0x%x, confidentiality=%d", "%s: channel=%d, an=%d, next_pn=0x%x, confidentiality=%d",
@ -858,9 +971,12 @@ static int macsec_qca_create_transmit_sa(void *priv, struct transmit_sa *sa)
static int macsec_qca_enable_transmit_sa(void *priv, struct transmit_sa *sa) static int macsec_qca_enable_transmit_sa(void *priv, struct transmit_sa *sa)
{ {
struct macsec_qca_data *drv = priv; struct macsec_qca_data *drv = priv;
int ret = 0; int ret;
u32 channel = sa->sc->channel; u32 channel;
ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel);
if (ret != 0)
return ret;
wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel,
sa->an); sa->an);
@ -875,8 +991,12 @@ static int macsec_qca_enable_transmit_sa(void *priv, struct transmit_sa *sa)
static int macsec_qca_disable_transmit_sa(void *priv, struct transmit_sa *sa) static int macsec_qca_disable_transmit_sa(void *priv, struct transmit_sa *sa)
{ {
struct macsec_qca_data *drv = priv; struct macsec_qca_data *drv = priv;
int ret = 0; int ret;
u32 channel = sa->sc->channel; u32 channel;
ret = macsec_qca_lookup_transmit_channel(priv, sa->sc, &channel);
if (ret != 0)
return ret;
wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel, wpa_printf(MSG_DEBUG, "%s: channel=%d, an=%d", __func__, channel,
sa->an); sa->an);
@ -907,13 +1027,11 @@ const struct wpa_driver_ops wpa_driver_macsec_qca_ops = {
.get_receive_lowest_pn = macsec_qca_get_receive_lowest_pn, .get_receive_lowest_pn = macsec_qca_get_receive_lowest_pn,
.get_transmit_next_pn = macsec_qca_get_transmit_next_pn, .get_transmit_next_pn = macsec_qca_get_transmit_next_pn,
.set_transmit_next_pn = macsec_qca_set_transmit_next_pn, .set_transmit_next_pn = macsec_qca_set_transmit_next_pn,
.get_available_receive_sc = macsec_qca_get_available_receive_sc,
.create_receive_sc = macsec_qca_create_receive_sc, .create_receive_sc = macsec_qca_create_receive_sc,
.delete_receive_sc = macsec_qca_delete_receive_sc, .delete_receive_sc = macsec_qca_delete_receive_sc,
.create_receive_sa = macsec_qca_create_receive_sa, .create_receive_sa = macsec_qca_create_receive_sa,
.enable_receive_sa = macsec_qca_enable_receive_sa, .enable_receive_sa = macsec_qca_enable_receive_sa,
.disable_receive_sa = macsec_qca_disable_receive_sa, .disable_receive_sa = macsec_qca_disable_receive_sa,
.get_available_transmit_sc = macsec_qca_get_available_transmit_sc,
.create_transmit_sc = macsec_qca_create_transmit_sc, .create_transmit_sc = macsec_qca_create_transmit_sc,
.delete_transmit_sc = macsec_qca_delete_transmit_sc, .delete_transmit_sc = macsec_qca_delete_transmit_sc,
.create_transmit_sa = macsec_qca_create_transmit_sa, .create_transmit_sa = macsec_qca_create_transmit_sa,

View file

@ -440,8 +440,8 @@ ieee802_1x_kay_init_receive_sa(struct receive_sc *psc, u8 an, u32 lowest_pn,
dl_list_add(&psc->sa_list, &psa->list); dl_list_add(&psc->sa_list, &psa->list);
wpa_printf(MSG_DEBUG, wpa_printf(MSG_DEBUG,
"KaY: Create receive SA(AN: %hhu lowest_pn: %u of SC(channel: %d)", "KaY: Create receive SA(AN: %hhu lowest_pn: %u of SC",
an, lowest_pn, psc->channel); an, lowest_pn);
return psa; return psa;
} }
@ -465,8 +465,7 @@ static void ieee802_1x_kay_deinit_receive_sa(struct receive_sa *psa)
* ieee802_1x_kay_init_receive_sc - * ieee802_1x_kay_init_receive_sc -
*/ */
static struct receive_sc * static struct receive_sc *
ieee802_1x_kay_init_receive_sc(const struct ieee802_1x_mka_sci *psci, ieee802_1x_kay_init_receive_sc(const struct ieee802_1x_mka_sci *psci)
int channel)
{ {
struct receive_sc *psc; struct receive_sc *psc;
@ -480,13 +479,12 @@ ieee802_1x_kay_init_receive_sc(const struct ieee802_1x_mka_sci *psci,
} }
os_memcpy(&psc->sci, psci, sizeof(psc->sci)); os_memcpy(&psc->sci, psci, sizeof(psc->sci));
psc->channel = channel;
os_get_time(&psc->created_time); os_get_time(&psc->created_time);
psc->receiving = FALSE; psc->receiving = FALSE;
dl_list_init(&psc->sa_list); dl_list_init(&psc->sa_list);
wpa_printf(MSG_DEBUG, "KaY: Create receive SC(channel: %d)", channel); wpa_printf(MSG_DEBUG, "KaY: Create receive SC");
wpa_hexdump(MSG_DEBUG, "SCI: ", (u8 *)psci, sizeof(*psci)); wpa_hexdump(MSG_DEBUG, "SCI: ", (u8 *)psci, sizeof(*psci));
return psc; return psc;
@ -502,8 +500,7 @@ ieee802_1x_kay_deinit_receive_sc(
{ {
struct receive_sa *psa, *pre_sa; struct receive_sa *psa, *pre_sa;
wpa_printf(MSG_DEBUG, "KaY: Delete receive SC(channel: %d)", wpa_printf(MSG_DEBUG, "KaY: Delete receive SC");
psc->channel);
dl_list_for_each_safe(psa, pre_sa, &psc->sa_list, struct receive_sa, dl_list_for_each_safe(psa, pre_sa, &psc->sa_list, struct receive_sa,
list) { list) {
secy_disable_receive_sa(participant->kay, psa); secy_disable_receive_sa(participant->kay, psa);
@ -552,7 +549,6 @@ ieee802_1x_kay_create_live_peer(struct ieee802_1x_mka_participant *participant,
{ {
struct ieee802_1x_kay_peer *peer; struct ieee802_1x_kay_peer *peer;
struct receive_sc *rxsc; struct receive_sc *rxsc;
u32 sc_ch = 0;
peer = ieee802_1x_kay_create_peer(mi, mn); peer = ieee802_1x_kay_create_peer(mi, mn);
if (!peer) if (!peer)
@ -561,9 +557,7 @@ ieee802_1x_kay_create_live_peer(struct ieee802_1x_mka_participant *participant,
os_memcpy(&peer->sci, &participant->current_peer_sci, os_memcpy(&peer->sci, &participant->current_peer_sci,
sizeof(peer->sci)); sizeof(peer->sci));
secy_get_available_receive_sc(participant->kay, &sc_ch); rxsc = ieee802_1x_kay_init_receive_sc(&peer->sci);
rxsc = ieee802_1x_kay_init_receive_sc(&peer->sci, sc_ch);
if (!rxsc) { if (!rxsc) {
os_free(peer); os_free(peer);
return NULL; return NULL;
@ -611,12 +605,10 @@ ieee802_1x_kay_move_live_peer(struct ieee802_1x_mka_participant *participant,
{ {
struct ieee802_1x_kay_peer *peer; struct ieee802_1x_kay_peer *peer;
struct receive_sc *rxsc; struct receive_sc *rxsc;
u32 sc_ch = 0;
peer = ieee802_1x_kay_get_potential_peer(participant, mi); peer = ieee802_1x_kay_get_potential_peer(participant, mi);
rxsc = ieee802_1x_kay_init_receive_sc(&participant->current_peer_sci, rxsc = ieee802_1x_kay_init_receive_sc(&participant->current_peer_sci);
sc_ch);
if (!rxsc) if (!rxsc)
return NULL; return NULL;
@ -631,8 +623,6 @@ ieee802_1x_kay_move_live_peer(struct ieee802_1x_mka_participant *participant,
dl_list_del(&peer->list); dl_list_del(&peer->list);
dl_list_add_tail(&participant->live_peers, &peer->list); dl_list_add_tail(&participant->live_peers, &peer->list);
secy_get_available_receive_sc(participant->kay, &sc_ch);
dl_list_add(&participant->rxsc_list, &rxsc->list); dl_list_add(&participant->rxsc_list, &rxsc->list);
secy_create_receive_sc(participant->kay, rxsc); secy_create_receive_sc(participant->kay, rxsc);
@ -2438,8 +2428,8 @@ ieee802_1x_kay_init_transmit_sa(struct transmit_sc *psc, u8 an, u32 next_PN,
dl_list_add(&psc->sa_list, &psa->list); dl_list_add(&psc->sa_list, &psa->list);
wpa_printf(MSG_DEBUG, wpa_printf(MSG_DEBUG,
"KaY: Create transmit SA(an: %hhu, next_PN: %u) of SC(channel: %d)", "KaY: Create transmit SA(an: %hhu, next_PN: %u) of SC",
an, next_PN, psc->channel); an, next_PN);
return psa; return psa;
} }
@ -2463,8 +2453,7 @@ static void ieee802_1x_kay_deinit_transmit_sa(struct transmit_sa *psa)
* init_transmit_sc - * init_transmit_sc -
*/ */
static struct transmit_sc * static struct transmit_sc *
ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci, ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci)
int channel)
{ {
struct transmit_sc *psc; struct transmit_sc *psc;
@ -2474,7 +2463,6 @@ ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci,
return NULL; return NULL;
} }
os_memcpy(&psc->sci, sci, sizeof(psc->sci)); os_memcpy(&psc->sci, sci, sizeof(psc->sci));
psc->channel = channel;
os_get_time(&psc->created_time); os_get_time(&psc->created_time);
psc->transmitting = FALSE; psc->transmitting = FALSE;
@ -2482,7 +2470,7 @@ ieee802_1x_kay_init_transmit_sc(const struct ieee802_1x_mka_sci *sci,
psc->enciphering_sa = FALSE; psc->enciphering_sa = FALSE;
dl_list_init(&psc->sa_list); dl_list_init(&psc->sa_list);
wpa_printf(MSG_DEBUG, "KaY: Create transmit SC(channel: %d)", channel); wpa_printf(MSG_DEBUG, "KaY: Create transmit SC");
wpa_hexdump(MSG_DEBUG, "SCI: ", (u8 *)sci , sizeof(*sci)); wpa_hexdump(MSG_DEBUG, "SCI: ", (u8 *)sci , sizeof(*sci));
return psc; return psc;
@ -2498,8 +2486,7 @@ ieee802_1x_kay_deinit_transmit_sc(
{ {
struct transmit_sa *psa, *tmp; struct transmit_sa *psa, *tmp;
wpa_printf(MSG_DEBUG, "KaY: Delete transmit SC(channel: %d)", wpa_printf(MSG_DEBUG, "KaY: Delete transmit SC");
psc->channel);
dl_list_for_each_safe(psa, tmp, &psc->sa_list, struct transmit_sa, dl_list_for_each_safe(psa, tmp, &psc->sa_list, struct transmit_sa,
list) { list) {
secy_disable_transmit_sa(participant->kay, psa); secy_disable_transmit_sa(participant->kay, psa);
@ -3089,7 +3076,6 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy,
/* Initialize the SecY must be prio to CP, as CP will control SecY */ /* Initialize the SecY must be prio to CP, as CP will control SecY */
secy_init_macsec(kay); secy_init_macsec(kay);
secy_get_available_transmit_sc(kay, &kay->sc_ch);
wpa_printf(MSG_DEBUG, "KaY: secy init macsec done"); wpa_printf(MSG_DEBUG, "KaY: secy init macsec done");
@ -3250,8 +3236,7 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn,
dl_list_init(&participant->sak_list); dl_list_init(&participant->sak_list);
participant->new_key = NULL; participant->new_key = NULL;
dl_list_init(&participant->rxsc_list); dl_list_init(&participant->rxsc_list);
participant->txsc = ieee802_1x_kay_init_transmit_sc(&kay->actor_sci, participant->txsc = ieee802_1x_kay_init_transmit_sc(&kay->actor_sci);
kay->sc_ch);
secy_cp_control_protect_frames(kay, kay->macsec_protect); secy_cp_control_protect_frames(kay, kay->macsec_protect);
secy_cp_control_replay(kay, kay->macsec_replay_protect, secy_cp_control_replay(kay, kay->macsec_replay_protect,
kay->macsec_replay_window); kay->macsec_replay_window);

View file

@ -80,8 +80,6 @@ struct transmit_sc {
u8 enciphering_sa; /* AN encipheringSA (read only) */ u8 enciphering_sa; /* AN encipheringSA (read only) */
/* not defined data */ /* not defined data */
unsigned int channel;
struct dl_list list; struct dl_list list;
struct dl_list sa_list; struct dl_list sa_list;
}; };
@ -109,8 +107,6 @@ struct receive_sc {
struct os_time created_time; /* Time createdTime */ struct os_time created_time; /* Time createdTime */
unsigned int channel;
struct dl_list list; struct dl_list list;
struct dl_list sa_list; struct dl_list sa_list;
}; };
@ -146,7 +142,6 @@ struct ieee802_1x_kay_ctx {
int (*get_receive_lowest_pn)(void *ctx, struct receive_sa *sa); int (*get_receive_lowest_pn)(void *ctx, struct receive_sa *sa);
int (*get_transmit_next_pn)(void *ctx, struct transmit_sa *sa); int (*get_transmit_next_pn)(void *ctx, struct transmit_sa *sa);
int (*set_transmit_next_pn)(void *ctx, struct transmit_sa *sa); int (*set_transmit_next_pn)(void *ctx, struct transmit_sa *sa);
int (*get_available_receive_sc)(void *ctx, u32 *channel);
int (*create_receive_sc)(void *ctx, struct receive_sc *sc, int (*create_receive_sc)(void *ctx, struct receive_sc *sc,
enum validate_frames vf, enum validate_frames vf,
enum confidentiality_offset co); enum confidentiality_offset co);
@ -154,7 +149,6 @@ struct ieee802_1x_kay_ctx {
int (*create_receive_sa)(void *ctx, struct receive_sa *sa); int (*create_receive_sa)(void *ctx, struct receive_sa *sa);
int (*enable_receive_sa)(void *ctx, struct receive_sa *sa); int (*enable_receive_sa)(void *ctx, struct receive_sa *sa);
int (*disable_receive_sa)(void *ctx, struct receive_sa *sa); int (*disable_receive_sa)(void *ctx, struct receive_sa *sa);
int (*get_available_transmit_sc)(void *ctx, u32 *channel);
int (*create_transmit_sc)(void *ctx, struct transmit_sc *sc, int (*create_transmit_sc)(void *ctx, struct transmit_sc *sc,
enum confidentiality_offset co); enum confidentiality_offset co);
int (*delete_transmit_sc)(void *ctx, struct transmit_sc *sc); int (*delete_transmit_sc)(void *ctx, struct transmit_sc *sc);
@ -209,7 +203,6 @@ struct ieee802_1x_kay {
u8 mka_version; u8 mka_version;
u8 algo_agility[4]; u8 algo_agility[4];
u32 sc_ch;
u32 pn_exhaustion; u32 pn_exhaustion;
Boolean port_enable; Boolean port_enable;

View file

@ -196,26 +196,6 @@ int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay,
} }
int secy_get_available_receive_sc(struct ieee802_1x_kay *kay, u32 *channel)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->get_available_receive_sc) {
wpa_printf(MSG_ERROR,
"KaY: secy get_available_receive_sc operation not supported");
return -1;
}
return ops->get_available_receive_sc(ops->ctx, channel);
}
int secy_create_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc) int secy_create_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc)
{ {
struct ieee802_1x_kay_ctx *ops; struct ieee802_1x_kay_ctx *ops;
@ -320,26 +300,6 @@ int secy_disable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
} }
int secy_get_available_transmit_sc(struct ieee802_1x_kay *kay, u32 *channel)
{
struct ieee802_1x_kay_ctx *ops;
if (!kay) {
wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
return -1;
}
ops = kay->ctx;
if (!ops || !ops->get_available_transmit_sc) {
wpa_printf(MSG_ERROR,
"KaY: secy get_available_transmit_sc operation not supported");
return -1;
}
return ops->get_available_transmit_sc(ops->ctx, channel);
}
int secy_create_transmit_sc(struct ieee802_1x_kay *kay, int secy_create_transmit_sc(struct ieee802_1x_kay *kay,
struct transmit_sc *txsc) struct transmit_sc *txsc)
{ {

View file

@ -35,7 +35,6 @@ int secy_get_transmit_next_pn(struct ieee802_1x_kay *kay,
struct transmit_sa *txsa); struct transmit_sa *txsa);
int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay, int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay,
struct transmit_sa *txsa); struct transmit_sa *txsa);
int secy_get_available_receive_sc(struct ieee802_1x_kay *kay, u32 *channel);
int secy_create_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc); int secy_create_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc);
int secy_delete_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc); int secy_delete_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc);
int secy_create_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa); int secy_create_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa);
@ -43,7 +42,6 @@ int secy_enable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa);
int secy_disable_receive_sa(struct ieee802_1x_kay *kay, int secy_disable_receive_sa(struct ieee802_1x_kay *kay,
struct receive_sa *rxsa); struct receive_sa *rxsa);
int secy_get_available_transmit_sc(struct ieee802_1x_kay *kay, u32 *channel);
int secy_create_transmit_sc(struct ieee802_1x_kay *kay, int secy_create_transmit_sc(struct ieee802_1x_kay *kay,
struct transmit_sc *txsc); struct transmit_sc *txsc);
int secy_delete_transmit_sc(struct ieee802_1x_kay *kay, int secy_delete_transmit_sc(struct ieee802_1x_kay *kay,

View file

@ -780,15 +780,6 @@ static inline int wpa_drv_set_transmit_next_pn(struct wpa_supplicant *wpa_s,
return wpa_s->driver->set_transmit_next_pn(wpa_s->drv_priv, sa); return wpa_s->driver->set_transmit_next_pn(wpa_s->drv_priv, sa);
} }
static inline int wpa_drv_get_available_receive_sc(struct wpa_supplicant *wpa_s,
u32 *channel)
{
if (!wpa_s->driver->get_available_receive_sc)
return -1;
return wpa_s->driver->get_available_receive_sc(wpa_s->drv_priv,
channel);
}
static inline int static inline int
wpa_drv_create_receive_sc(struct wpa_supplicant *wpa_s, struct receive_sc *sc, wpa_drv_create_receive_sc(struct wpa_supplicant *wpa_s, struct receive_sc *sc,
unsigned int conf_offset, int validation) unsigned int conf_offset, int validation)
@ -831,15 +822,6 @@ static inline int wpa_drv_disable_receive_sa(struct wpa_supplicant *wpa_s,
return wpa_s->driver->disable_receive_sa(wpa_s->drv_priv, sa); return wpa_s->driver->disable_receive_sa(wpa_s->drv_priv, sa);
} }
static inline int
wpa_drv_get_available_transmit_sc(struct wpa_supplicant *wpa_s, u32 *channel)
{
if (!wpa_s->driver->get_available_transmit_sc)
return -1;
return wpa_s->driver->get_available_transmit_sc(wpa_s->drv_priv,
channel);
}
static inline int static inline int
wpa_drv_create_transmit_sc(struct wpa_supplicant *wpa_s, struct transmit_sc *sc, wpa_drv_create_transmit_sc(struct wpa_supplicant *wpa_s, struct transmit_sc *sc,
unsigned int conf_offset) unsigned int conf_offset)

View file

@ -86,12 +86,6 @@ static int wpas_set_transmit_next_pn(void *wpa_s, struct transmit_sa *sa)
} }
static int wpas_get_available_receive_sc(void *wpa_s, u32 *channel)
{
return wpa_drv_get_available_receive_sc(wpa_s, channel);
}
static unsigned int conf_offset_val(enum confidentiality_offset co) static unsigned int conf_offset_val(enum confidentiality_offset co)
{ {
switch (co) { switch (co) {
@ -138,12 +132,6 @@ static int wpas_disable_receive_sa(void *wpa_s, struct receive_sa *sa)
} }
static int wpas_get_available_transmit_sc(void *wpa_s, u32 *channel)
{
return wpa_drv_get_available_transmit_sc(wpa_s, channel);
}
static int static int
wpas_create_transmit_sc(void *wpa_s, struct transmit_sc *sc, wpas_create_transmit_sc(void *wpa_s, struct transmit_sc *sc,
enum confidentiality_offset co) enum confidentiality_offset co)
@ -205,13 +193,11 @@ int ieee802_1x_alloc_kay_sm(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
kay_ctx->get_receive_lowest_pn = wpas_get_receive_lowest_pn; kay_ctx->get_receive_lowest_pn = wpas_get_receive_lowest_pn;
kay_ctx->get_transmit_next_pn = wpas_get_transmit_next_pn; kay_ctx->get_transmit_next_pn = wpas_get_transmit_next_pn;
kay_ctx->set_transmit_next_pn = wpas_set_transmit_next_pn; kay_ctx->set_transmit_next_pn = wpas_set_transmit_next_pn;
kay_ctx->get_available_receive_sc = wpas_get_available_receive_sc;
kay_ctx->create_receive_sc = wpas_create_receive_sc; kay_ctx->create_receive_sc = wpas_create_receive_sc;
kay_ctx->delete_receive_sc = wpas_delete_receive_sc; kay_ctx->delete_receive_sc = wpas_delete_receive_sc;
kay_ctx->create_receive_sa = wpas_create_receive_sa; kay_ctx->create_receive_sa = wpas_create_receive_sa;
kay_ctx->enable_receive_sa = wpas_enable_receive_sa; kay_ctx->enable_receive_sa = wpas_enable_receive_sa;
kay_ctx->disable_receive_sa = wpas_disable_receive_sa; kay_ctx->disable_receive_sa = wpas_disable_receive_sa;
kay_ctx->get_available_transmit_sc = wpas_get_available_transmit_sc;
kay_ctx->create_transmit_sc = wpas_create_transmit_sc; kay_ctx->create_transmit_sc = wpas_create_transmit_sc;
kay_ctx->delete_transmit_sc = wpas_delete_transmit_sc; kay_ctx->delete_transmit_sc = wpas_delete_transmit_sc;
kay_ctx->create_transmit_sa = wpas_create_transmit_sa; kay_ctx->create_transmit_sa = wpas_create_transmit_sa;