[PATCH wireless-next 2/6] wifi: ath11k: Use michael_mic() from mac80211

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Eric Biggers <ebiggers@kernel.org>
To: Johannes Berg <johannes@sipsolutions.net>,
	linux-wireless@vger.kernel.org
Cc: linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
	Herbert Xu <herbert@gondor.apana.org.au>,
	Eric Biggers <ebiggers@kernel.org>
Subject: [PATCH wireless-next 2/6] wifi: ath11k: Use michael_mic() from mac80211
Date: Sat,  4 Apr 2026 22:27:30 -0700	[thread overview]
Message-ID: <20260405052734.130368-3-ebiggers@kernel.org> (raw)
In-Reply-To: <20260405052734.130368-1-ebiggers@kernel.org>

Just use the michael_mic() function from mac80211 instead of a local
implementation of it on top of the crypto_shash API.

Preserve the check for fips_enabled which was present implicitly in the
crypto_shash-based code.

Signed-off-by: Eric Biggers <ebiggers@kernel.org>
---
 drivers/net/wireless/ath/ath11k/Kconfig |  1 -
 drivers/net/wireless/ath/ath11k/dp.c    |  2 -
 drivers/net/wireless/ath/ath11k/dp_rx.c | 60 +++----------------------
 drivers/net/wireless/ath/ath11k/peer.h  |  1 -
 4 files changed, 7 insertions(+), 57 deletions(-)

diff --git a/drivers/net/wireless/ath/ath11k/Kconfig b/drivers/net/wireless/ath/ath11k/Kconfig
index 47dfd39caa89a..385513cfdc30e 100644
--- a/drivers/net/wireless/ath/ath11k/Kconfig
+++ b/drivers/net/wireless/ath/ath11k/Kconfig
@@ -1,10 +1,9 @@
 # SPDX-License-Identifier: BSD-3-Clause-Clear
 config ATH11K
 	tristate "Qualcomm Technologies 802.11ax chipset support"
 	depends on MAC80211 && HAS_DMA
-	select CRYPTO_MICHAEL_MIC
 	select ATH_COMMON
 	select QCOM_QMI_HELPERS
 	help
 	  This module adds support for Qualcomm Technologies 802.11ax family of
 	  chipsets.
diff --git a/drivers/net/wireless/ath/ath11k/dp.c b/drivers/net/wireless/ath/ath11k/dp.c
index c940de285276d..bbb86f1651419 100644
--- a/drivers/net/wireless/ath/ath11k/dp.c
+++ b/drivers/net/wireless/ath/ath11k/dp.c
@@ -3,11 +3,10 @@
  * Copyright (c) 2018-2019 The Linux Foundation. All rights reserved.
  * Copyright (c) 2021-2025 Qualcomm Innovation Center, Inc. All rights reserved.
  * Copyright (c) Qualcomm Technologies, Inc. and/or its subsidiaries.
  */
 
-#include <crypto/hash.h>
 #include <linux/export.h>
 #include "core.h"
 #include "dp_tx.h"
 #include "hal_tx.h"
 #include "hif.h"
@@ -37,11 +36,10 @@ void ath11k_dp_peer_cleanup(struct ath11k *ar, int vdev_id, const u8 *addr)
 		return;
 	}
 
 	ath11k_peer_rx_tid_cleanup(ar, peer);
 	peer->dp_setup_done = false;
-	crypto_free_shash(peer->tfm_mmic);
 	spin_unlock_bh(&ab->base_lock);
 }
 
 int ath11k_dp_peer_setup(struct ath11k *ar, int vdev_id, const u8 *addr)
 {
diff --git a/drivers/net/wireless/ath/ath11k/dp_rx.c b/drivers/net/wireless/ath/ath11k/dp_rx.c
index 49d959b2e1480..00df93e41fa80 100644
--- a/drivers/net/wireless/ath/ath11k/dp_rx.c
+++ b/drivers/net/wireless/ath/ath11k/dp_rx.c
@@ -2,14 +2,14 @@
 /*
  * Copyright (c) 2018-2019 The Linux Foundation. All rights reserved.
  * Copyright (c) 2021-2025 Qualcomm Innovation Center, Inc. All rights reserved.
  */
 
+#include <linux/fips.h>
 #include <linux/ieee80211.h>
 #include <linux/kernel.h>
 #include <linux/skbuff.h>
-#include <crypto/hash.h>
 #include "core.h"
 #include "debug.h"
 #include "debugfs_htt_stats.h"
 #include "debugfs_sta.h"
 #include "hal_desc.h"
@@ -3181,96 +3181,50 @@ static void ath11k_dp_rx_frag_timer(struct timer_list *timer)
 }
 
 int ath11k_peer_rx_frag_setup(struct ath11k *ar, const u8 *peer_mac, int vdev_id)
 {
 	struct ath11k_base *ab = ar->ab;
-	struct crypto_shash *tfm;
 	struct ath11k_peer *peer;
 	struct dp_rx_tid *rx_tid;
 	int i;
 
-	tfm = crypto_alloc_shash("michael_mic", 0, 0);
-	if (IS_ERR(tfm)) {
-		ath11k_warn(ab, "failed to allocate michael_mic shash: %ld\n",
-			    PTR_ERR(tfm));
-		return PTR_ERR(tfm);
+	if (fips_enabled) {
+		ath11k_warn(ab, "Michael MIC is not FIPS-allowed");
+		return -ENOENT;
 	}
 
 	spin_lock_bh(&ab->base_lock);
 
 	peer = ath11k_peer_find(ab, vdev_id, peer_mac);
 	if (!peer) {
 		ath11k_warn(ab, "failed to find the peer to set up fragment info\n");
 		spin_unlock_bh(&ab->base_lock);
-		crypto_free_shash(tfm);
 		return -ENOENT;
 	}
 
 	for (i = 0; i <= IEEE80211_NUM_TIDS; i++) {
 		rx_tid = &peer->rx_tid[i];
 		rx_tid->ab = ab;
 		timer_setup(&rx_tid->frag_timer, ath11k_dp_rx_frag_timer, 0);
 		skb_queue_head_init(&rx_tid->rx_frags);
 	}
 
-	peer->tfm_mmic = tfm;
 	peer->dp_setup_done = true;
 	spin_unlock_bh(&ab->base_lock);
 
 	return 0;
 }
 
-static int ath11k_dp_rx_h_michael_mic(struct crypto_shash *tfm, u8 *key,
-				      struct ieee80211_hdr *hdr, u8 *data,
-				      size_t data_len, u8 *mic)
-{
-	SHASH_DESC_ON_STACK(desc, tfm);
-	u8 mic_hdr[16] = {};
-	u8 tid = 0;
-	int ret;
-
-	if (!tfm)
-		return -EINVAL;
-
-	desc->tfm = tfm;
-
-	ret = crypto_shash_setkey(tfm, key, 8);
-	if (ret)
-		goto out;
-
-	ret = crypto_shash_init(desc);
-	if (ret)
-		goto out;
-
-	/* TKIP MIC header */
-	memcpy(mic_hdr, ieee80211_get_DA(hdr), ETH_ALEN);
-	memcpy(mic_hdr + ETH_ALEN, ieee80211_get_SA(hdr), ETH_ALEN);
-	if (ieee80211_is_data_qos(hdr->frame_control))
-		tid = ieee80211_get_tid(hdr);
-	mic_hdr[12] = tid;
-
-	ret = crypto_shash_update(desc, mic_hdr, 16);
-	if (ret)
-		goto out;
-	ret = crypto_shash_update(desc, data, data_len);
-	if (ret)
-		goto out;
-	ret = crypto_shash_final(desc, mic);
-out:
-	shash_desc_zero(desc);
-	return ret;
-}
-
 static int ath11k_dp_rx_h_verify_tkip_mic(struct ath11k *ar, struct ath11k_peer *peer,
 					  struct sk_buff *msdu)
 {
 	struct hal_rx_desc *rx_desc = (struct hal_rx_desc *)msdu->data;
 	struct ieee80211_rx_status *rxs = IEEE80211_SKB_RXCB(msdu);
 	struct ieee80211_key_conf *key_conf;
 	struct ieee80211_hdr *hdr;
 	u8 mic[IEEE80211_CCMP_MIC_LEN];
-	int head_len, tail_len, ret;
+	int head_len, tail_len;
 	size_t data_len;
 	u32 hdr_len, hal_rx_desc_sz = ar->ab->hw_params.hal_desc_sz;
 	u8 *key, *data;
 	u8 key_idx;
 
@@ -3292,12 +3246,12 @@ static int ath11k_dp_rx_h_verify_tkip_mic(struct ath11k *ar, struct ath11k_peer
 
 	data = msdu->data + head_len;
 	data_len = msdu->len - head_len - tail_len;
 	key = &key_conf->key[NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY];
 
-	ret = ath11k_dp_rx_h_michael_mic(peer->tfm_mmic, key, hdr, data, data_len, mic);
-	if (ret || memcmp(mic, data + data_len, IEEE80211_CCMP_MIC_LEN))
+	michael_mic(key, hdr, data, data_len, mic);
+	if (memcmp(mic, data + data_len, IEEE80211_CCMP_MIC_LEN))
 		goto mic_fail;
 
 	return 0;
 
 mic_fail:
diff --git a/drivers/net/wireless/ath/ath11k/peer.h b/drivers/net/wireless/ath/ath11k/peer.h
index 3ad2f3355b14f..f5ef1a27f8f25 100644
--- a/drivers/net/wireless/ath/ath11k/peer.h
+++ b/drivers/net/wireless/ath/ath11k/peer.h
@@ -27,11 +27,10 @@ struct ath11k_peer {
 	struct rhash_head rhash_addr;
 
 	/* Info used in MMIC verification of
 	 * RX fragments
 	 */
-	struct crypto_shash *tfm_mmic;
 	u8 mcast_keyidx;
 	u8 ucast_keyidx;
 	u16 sec_type;
 	u16 sec_type_grp;
 	bool is_authorized;
-- 
2.53.0

next prev parent reply	other threads:[~2026-04-05  5:29 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-05  5:27 [PATCH wireless-next 0/6] Consolidate Michael MIC code into mac80211 Eric Biggers
2026-04-05  5:27 ` [PATCH wireless-next 1/6] wifi: mac80211: Export michael_mic() Eric Biggers
2026-04-05  5:27 ` Eric Biggers [this message]
2026-04-05  5:27 ` [PATCH wireless-next 3/6] wifi: ath12k: Use michael_mic() from mac80211 Eric Biggers
2026-04-05  5:27 ` [PATCH wireless-next 4/6] wifi: ipw2x00: Depend on MAC80211 Eric Biggers
2026-04-05 22:41   ` Jeff Johnson
2026-04-06 16:06     ` Eric Biggers
2026-04-05  5:27 ` [PATCH wireless-next 5/6] wifi: ipw2x00: Use michael_mic() from mac80211 Eric Biggers
2026-04-05  5:27 ` [PATCH wireless-next 6/6] crypto: Remove michael_mic from crypto_shash API Eric Biggers
2026-04-07  7:53   ` Geert Uytterhoeven
2026-04-06 15:59 ` [PATCH wireless-next 0/6] Consolidate Michael MIC code into mac80211 Jeff Johnson
2026-04-06 16:02   ` Eric Biggers
2026-04-07  6:00 ` Johannes Berg
2026-04-07  6:15   ` Eric Biggers
2026-04-07  6:22     ` Johannes Berg
2026-04-07  6:24     ` Christoph Hellwig
2026-04-07  6:28       ` Johannes Berg
2026-04-07  6:33         ` Christoph Hellwig

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:47dfd39caa89 dfblob:385513cfdc30 dfblob:c940de285276
dfblob:bbb86f165141 dfblob:49d959b2e148 dfblob:00df93e41fa8
dfblob:3ad2f3355b14 dfblob:f5ef1a27f8f2 )
 OR (
bs:"[PATCH wireless-next 2/6] wifi: ath11k: Use michael_mic() from mac80211" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260405052734.130368-3-ebiggers@kernel.org \
    --to=ebiggers@kernel.org \
    --cc=herbert@gondor.apana.org.au \
    --cc=johannes@sipsolutions.net \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-wireless@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox