X-Git-Url: http://git.openwrt.org/?a=blobdiff_plain;f=package%2Fkernel%2Fmac80211%2Fpatches%2F100-remove-cryptoapi-dependencies.patch;fp=package%2Fkernel%2Fmac80211%2Fpatches%2F100-remove-cryptoapi-dependencies.patch;h=0000000000000000000000000000000000000000;hb=d9eefa7a7031543571d434693c7f984dfbdc990d;hp=8d7a39a6dfe82b1d65886c49b5d112ad8c4baa20;hpb=e9d92bf1e1af71ff19e4cdc753de3f65963c58a5;p=openwrt%2Fopenwrt.git diff --git a/package/kernel/mac80211/patches/100-remove-cryptoapi-dependencies.patch b/package/kernel/mac80211/patches/100-remove-cryptoapi-dependencies.patch deleted file mode 100644 index 8d7a39a6df..0000000000 --- a/package/kernel/mac80211/patches/100-remove-cryptoapi-dependencies.patch +++ /dev/null @@ -1,705 +0,0 @@ ---- a/net/mac80211/Makefile -+++ b/net/mac80211/Makefile -@@ -6,7 +6,6 @@ mac80211-y := \ - driver-ops.o \ - sta_info.o \ - wep.o \ -- aead_api.o \ - wpa.o \ - scan.o offchannel.o \ - ht.o agg-tx.o agg-rx.o \ -@@ -16,8 +15,8 @@ mac80211-y := \ - rate.o \ - michael.o \ - tkip.o \ -+ aes_ccm.o \ - aes_cmac.o \ -- aes_gmac.o \ - fils_aead.o \ - cfg.o \ - ethtool.o \ ---- a/net/mac80211/aead_api.c -+++ /dev/null -@@ -1,115 +0,0 @@ --/* -- * Copyright 2003-2004, Instant802 Networks, Inc. -- * Copyright 2005-2006, Devicescape Software, Inc. -- * Copyright 2014-2015, Qualcomm Atheros, Inc. -- * -- * Rewrite: Copyright (C) 2013 Linaro Ltd -- * -- * This program is free software; you can redistribute it and/or modify -- * it under the terms of the GNU General Public License version 2 as -- * published by the Free Software Foundation. -- */ -- --#include --#include --#include --#include --#include -- --#include "aead_api.h" -- --int aead_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, size_t aad_len, -- u8 *data, size_t data_len, u8 *mic) --{ -- size_t mic_len = crypto_aead_authsize(tfm); -- struct scatterlist sg[3]; -- struct aead_request *aead_req; -- int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm); -- u8 *__aad; -- -- aead_req = kzalloc(reqsize + aad_len, GFP_ATOMIC); -- if (!aead_req) -- return -ENOMEM; -- -- __aad = (u8 *)aead_req + reqsize; -- memcpy(__aad, aad, aad_len); -- -- sg_init_table(sg, 3); -- sg_set_buf(&sg[0], __aad, aad_len); -- sg_set_buf(&sg[1], data, data_len); -- sg_set_buf(&sg[2], mic, mic_len); -- -- aead_request_set_tfm(aead_req, tfm); -- aead_request_set_crypt(aead_req, sg, sg, data_len, b_0); -- aead_request_set_ad(aead_req, sg[0].length); -- -- crypto_aead_encrypt(aead_req); -- kzfree(aead_req); -- -- return 0; --} -- --int aead_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, size_t aad_len, -- u8 *data, size_t data_len, u8 *mic) --{ -- size_t mic_len = crypto_aead_authsize(tfm); -- struct scatterlist sg[3]; -- struct aead_request *aead_req; -- int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm); -- u8 *__aad; -- int err; -- -- if (data_len == 0) -- return -EINVAL; -- -- aead_req = kzalloc(reqsize + aad_len, GFP_ATOMIC); -- if (!aead_req) -- return -ENOMEM; -- -- __aad = (u8 *)aead_req + reqsize; -- memcpy(__aad, aad, aad_len); -- -- sg_init_table(sg, 3); -- sg_set_buf(&sg[0], __aad, aad_len); -- sg_set_buf(&sg[1], data, data_len); -- sg_set_buf(&sg[2], mic, mic_len); -- -- aead_request_set_tfm(aead_req, tfm); -- aead_request_set_crypt(aead_req, sg, sg, data_len + mic_len, b_0); -- aead_request_set_ad(aead_req, sg[0].length); -- -- err = crypto_aead_decrypt(aead_req); -- kzfree(aead_req); -- -- return err; --} -- --struct crypto_aead * --aead_key_setup_encrypt(const char *alg, const u8 key[], -- size_t key_len, size_t mic_len) --{ -- struct crypto_aead *tfm; -- int err; -- -- tfm = crypto_alloc_aead(alg, 0, CRYPTO_ALG_ASYNC); -- if (IS_ERR(tfm)) -- return tfm; -- -- err = crypto_aead_setkey(tfm, key, key_len); -- if (err) -- goto free_aead; -- err = crypto_aead_setauthsize(tfm, mic_len); -- if (err) -- goto free_aead; -- -- return tfm; -- --free_aead: -- crypto_free_aead(tfm); -- return ERR_PTR(err); --} -- --void aead_key_free(struct crypto_aead *tfm) --{ -- crypto_free_aead(tfm); --} ---- a/net/mac80211/aead_api.h -+++ /dev/null -@@ -1,27 +0,0 @@ --/* -- * This program is free software; you can redistribute it and/or modify -- * it under the terms of the GNU General Public License version 2 as -- * published by the Free Software Foundation. -- */ -- --#ifndef _AEAD_API_H --#define _AEAD_API_H -- --#include --#include -- --struct crypto_aead * --aead_key_setup_encrypt(const char *alg, const u8 key[], -- size_t key_len, size_t mic_len); -- --int aead_encrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, -- size_t aad_len, u8 *data, -- size_t data_len, u8 *mic); -- --int aead_decrypt(struct crypto_aead *tfm, u8 *b_0, u8 *aad, -- size_t aad_len, u8 *data, -- size_t data_len, u8 *mic); -- --void aead_key_free(struct crypto_aead *tfm); -- --#endif /* _AEAD_API_H */ ---- a/net/mac80211/aes_ccm.h -+++ b/net/mac80211/aes_ccm.h -@@ -10,39 +10,17 @@ - #ifndef AES_CCM_H - #define AES_CCM_H - --#include "aead_api.h" -+#include - --#define CCM_AAD_LEN 32 -- --static inline struct crypto_aead * --ieee80211_aes_key_setup_encrypt(const u8 key[], size_t key_len, size_t mic_len) --{ -- return aead_key_setup_encrypt("ccm(aes)", key, key_len, mic_len); --} -- --static inline int --ieee80211_aes_ccm_encrypt(struct crypto_aead *tfm, -- u8 *b_0, u8 *aad, u8 *data, -- size_t data_len, u8 *mic) --{ -- return aead_encrypt(tfm, b_0, aad + 2, -- be16_to_cpup((__be16 *)aad), -- data, data_len, mic); --} -- --static inline int --ieee80211_aes_ccm_decrypt(struct crypto_aead *tfm, -- u8 *b_0, u8 *aad, u8 *data, -- size_t data_len, u8 *mic) --{ -- return aead_decrypt(tfm, b_0, aad + 2, -- be16_to_cpup((__be16 *)aad), -- data, data_len, mic); --} -- --static inline void ieee80211_aes_key_free(struct crypto_aead *tfm) --{ -- return aead_key_free(tfm); --} -+struct crypto_cipher *ieee80211_aes_key_setup_encrypt(const u8 key[], -+ size_t key_len, -+ size_t mic_len); -+void ieee80211_aes_ccm_encrypt(struct crypto_cipher *tfm, u8 *b_0, u8 *aad, -+ u8 *data, size_t data_len, u8 *mic, -+ size_t mic_len); -+int ieee80211_aes_ccm_decrypt(struct crypto_cipher *tfm, u8 *b_0, u8 *aad, -+ u8 *data, size_t data_len, u8 *mic, -+ size_t mic_len); -+void ieee80211_aes_key_free(struct crypto_cipher *tfm); - - #endif /* AES_CCM_H */ ---- /dev/null -+++ b/net/mac80211/aes_gcm.c -@@ -0,0 +1,109 @@ -+/* -+ * Copyright 2014-2015, Qualcomm Atheros, Inc. -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License version 2 as -+ * published by the Free Software Foundation. -+ */ -+ -+#include -+#include -+#include -+#include -+ -+#include -+#include "key.h" -+#include "aes_gcm.h" -+ -+int ieee80211_aes_gcm_encrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad, -+ u8 *data, size_t data_len, u8 *mic) -+{ -+ struct scatterlist sg[3]; -+ struct aead_request *aead_req; -+ int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm); -+ u8 *__aad; -+ -+ aead_req = kzalloc(reqsize + GCM_AAD_LEN, GFP_ATOMIC); -+ if (!aead_req) -+ return -ENOMEM; -+ -+ __aad = (u8 *)aead_req + reqsize; -+ memcpy(__aad, aad, GCM_AAD_LEN); -+ -+ sg_init_table(sg, 3); -+ sg_set_buf(&sg[0], &__aad[2], be16_to_cpup((__be16 *)__aad)); -+ sg_set_buf(&sg[1], data, data_len); -+ sg_set_buf(&sg[2], mic, IEEE80211_GCMP_MIC_LEN); -+ -+ aead_request_set_tfm(aead_req, tfm); -+ aead_request_set_crypt(aead_req, sg, sg, data_len, j_0); -+ aead_request_set_ad(aead_req, sg[0].length); -+ -+ crypto_aead_encrypt(aead_req); -+ kzfree(aead_req); -+ return 0; -+} -+ -+int ieee80211_aes_gcm_decrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad, -+ u8 *data, size_t data_len, u8 *mic) -+{ -+ struct scatterlist sg[3]; -+ struct aead_request *aead_req; -+ int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm); -+ u8 *__aad; -+ int err; -+ -+ if (data_len == 0) -+ return -EINVAL; -+ -+ aead_req = kzalloc(reqsize + GCM_AAD_LEN, GFP_ATOMIC); -+ if (!aead_req) -+ return -ENOMEM; -+ -+ __aad = (u8 *)aead_req + reqsize; -+ memcpy(__aad, aad, GCM_AAD_LEN); -+ -+ sg_init_table(sg, 3); -+ sg_set_buf(&sg[0], &__aad[2], be16_to_cpup((__be16 *)__aad)); -+ sg_set_buf(&sg[1], data, data_len); -+ sg_set_buf(&sg[2], mic, IEEE80211_GCMP_MIC_LEN); -+ -+ aead_request_set_tfm(aead_req, tfm); -+ aead_request_set_crypt(aead_req, sg, sg, -+ data_len + IEEE80211_GCMP_MIC_LEN, j_0); -+ aead_request_set_ad(aead_req, sg[0].length); -+ -+ err = crypto_aead_decrypt(aead_req); -+ kzfree(aead_req); -+ -+ return err; -+} -+ -+struct crypto_aead *ieee80211_aes_gcm_key_setup_encrypt(const u8 key[], -+ size_t key_len) -+{ -+ struct crypto_aead *tfm; -+ int err; -+ -+ tfm = crypto_alloc_aead("gcm(aes)", 0, CRYPTO_ALG_ASYNC); -+ if (IS_ERR(tfm)) -+ return tfm; -+ -+ err = crypto_aead_setkey(tfm, key, key_len); -+ if (err) -+ goto free_aead; -+ err = crypto_aead_setauthsize(tfm, IEEE80211_GCMP_MIC_LEN); -+ if (err) -+ goto free_aead; -+ -+ return tfm; -+ -+free_aead: -+ crypto_free_aead(tfm); -+ return ERR_PTR(err); -+} -+ -+void ieee80211_aes_gcm_key_free(struct crypto_aead *tfm) -+{ -+ crypto_free_aead(tfm); -+} ---- a/net/mac80211/aes_gcm.h -+++ b/net/mac80211/aes_gcm.h -@@ -9,38 +9,30 @@ - #ifndef AES_GCM_H - #define AES_GCM_H - --#include "aead_api.h" -+#include - --#define GCM_AAD_LEN 32 -- --static inline int ieee80211_aes_gcm_encrypt(struct crypto_aead *tfm, -- u8 *j_0, u8 *aad, u8 *data, -- size_t data_len, u8 *mic) -+static inline void -+ieee80211_aes_gcm_encrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad, -+ u8 *data, size_t data_len, u8 *mic) - { -- return aead_encrypt(tfm, j_0, aad + 2, -- be16_to_cpup((__be16 *)aad), -- data, data_len, mic); - } - --static inline int ieee80211_aes_gcm_decrypt(struct crypto_aead *tfm, -- u8 *j_0, u8 *aad, u8 *data, -- size_t data_len, u8 *mic) -+static inline int -+ieee80211_aes_gcm_decrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad, -+ u8 *data, size_t data_len, u8 *mic) - { -- return aead_decrypt(tfm, j_0, aad + 2, -- be16_to_cpup((__be16 *)aad), -- data, data_len, mic); -+ return -EOPNOTSUPP; - } - - static inline struct crypto_aead * - ieee80211_aes_gcm_key_setup_encrypt(const u8 key[], size_t key_len) - { -- return aead_key_setup_encrypt("gcm(aes)", key, -- key_len, IEEE80211_GCMP_MIC_LEN); -+ return NULL; - } - --static inline void ieee80211_aes_gcm_key_free(struct crypto_aead *tfm) -+static inline void -+ieee80211_aes_gcm_key_free(struct crypto_aead *tfm) - { -- return aead_key_free(tfm); - } - - #endif /* AES_GCM_H */ ---- a/net/mac80211/wpa.c -+++ b/net/mac80211/wpa.c -@@ -306,7 +306,8 @@ ieee80211_crypto_tkip_decrypt(struct iee - } - - --static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *b_0, u8 *aad) -+static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *b_0, u8 *aad, -+ u16 data_len) - { - __le16 mask_fc; - int a4_included, mgmt; -@@ -336,14 +337,8 @@ static void ccmp_special_blocks(struct s - else - qos_tid = 0; - -- /* In CCM, the initial vectors (IV) used for CTR mode encryption and CBC -- * mode authentication are not allowed to collide, yet both are derived -- * from this vector b_0. We only set L := 1 here to indicate that the -- * data size can be represented in (L+1) bytes. The CCM layer will take -- * care of storing the data length in the top (L+1) bytes and setting -- * and clearing the other bits as is required to derive the two IVs. -- */ -- b_0[0] = 0x1; -+ /* First block, b_0 */ -+ b_0[0] = 0x59; /* flags: Adata: 1, M: 011, L: 001 */ - - /* Nonce: Nonce Flags | A2 | PN - * Nonce Flags: Priority (b0..b3) | Management (b4) | Reserved (b5..b7) -@@ -351,6 +346,8 @@ static void ccmp_special_blocks(struct s - b_0[1] = qos_tid | (mgmt << 4); - memcpy(&b_0[2], hdr->addr2, ETH_ALEN); - memcpy(&b_0[8], pn, IEEE80211_CCMP_PN_LEN); -+ /* l(m) */ -+ put_unaligned_be16(data_len, &b_0[14]); - - /* AAD (extra authenticate-only data) / masked 802.11 header - * FC | A1 | A2 | A3 | SC | [A4] | [QC] */ -@@ -407,7 +404,7 @@ static int ccmp_encrypt_skb(struct ieee8 - u8 *pos; - u8 pn[6]; - u64 pn64; -- u8 aad[CCM_AAD_LEN]; -+ u8 aad[2 * AES_BLOCK_SIZE]; - u8 b_0[AES_BLOCK_SIZE]; - - if (info->control.hw_key && -@@ -462,9 +459,11 @@ static int ccmp_encrypt_skb(struct ieee8 - return 0; - - pos += IEEE80211_CCMP_HDR_LEN; -- ccmp_special_blocks(skb, pn, b_0, aad); -- return ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, b_0, aad, pos, len, -- skb_put(skb, mic_len)); -+ ccmp_special_blocks(skb, pn, b_0, aad, len); -+ ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, b_0, aad, pos, len, -+ skb_put(skb, mic_len), mic_len); -+ -+ return 0; - } - - -@@ -537,13 +536,13 @@ ieee80211_crypto_ccmp_decrypt(struct iee - u8 aad[2 * AES_BLOCK_SIZE]; - u8 b_0[AES_BLOCK_SIZE]; - /* hardware didn't decrypt/verify MIC */ -- ccmp_special_blocks(skb, pn, b_0, aad); -+ ccmp_special_blocks(skb, pn, b_0, aad, data_len); - - if (ieee80211_aes_ccm_decrypt( - key->u.ccmp.tfm, b_0, aad, - skb->data + hdrlen + IEEE80211_CCMP_HDR_LEN, - data_len, -- skb->data + skb->len - mic_len)) -+ skb->data + skb->len - mic_len, mic_len)) - return RX_DROP_UNUSABLE; - } - -@@ -639,7 +638,7 @@ static int gcmp_encrypt_skb(struct ieee8 - u8 *pos; - u8 pn[6]; - u64 pn64; -- u8 aad[GCM_AAD_LEN]; -+ u8 aad[2 * AES_BLOCK_SIZE]; - u8 j_0[AES_BLOCK_SIZE]; - - if (info->control.hw_key && -@@ -696,8 +695,10 @@ static int gcmp_encrypt_skb(struct ieee8 - - pos += IEEE80211_GCMP_HDR_LEN; - gcmp_special_blocks(skb, pn, j_0, aad); -- return ieee80211_aes_gcm_encrypt(key->u.gcmp.tfm, j_0, aad, pos, len, -- skb_put(skb, IEEE80211_GCMP_MIC_LEN)); -+ ieee80211_aes_gcm_encrypt(key->u.gcmp.tfm, j_0, aad, pos, len, -+ skb_put(skb, IEEE80211_GCMP_MIC_LEN)); -+ -+ return 0; - } - - ieee80211_tx_result -@@ -1121,9 +1122,9 @@ ieee80211_crypto_aes_gmac_encrypt(struct - struct ieee80211_key *key = tx->key; - struct ieee80211_mmie_16 *mmie; - struct ieee80211_hdr *hdr; -- u8 aad[GMAC_AAD_LEN]; -+ u8 aad[20]; - u64 pn64; -- u8 nonce[GMAC_NONCE_LEN]; -+ u8 nonce[12]; - - if (WARN_ON(skb_queue_len(&tx->skbs) != 1)) - return TX_DROP; -@@ -1169,7 +1170,7 @@ ieee80211_crypto_aes_gmac_decrypt(struct - struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb); - struct ieee80211_key *key = rx->key; - struct ieee80211_mmie_16 *mmie; -- u8 aad[GMAC_AAD_LEN], mic[GMAC_MIC_LEN], ipn[6], nonce[GMAC_NONCE_LEN]; -+ u8 aad[20], mic[16], ipn[6], nonce[12]; - struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; - - if (!ieee80211_is_mgmt(hdr->frame_control)) ---- /dev/null -+++ b/net/mac80211/aes_ccm.c -@@ -0,0 +1,144 @@ -+/* -+ * Copyright 2003-2004, Instant802 Networks, Inc. -+ * Copyright 2005-2006, Devicescape Software, Inc. -+ * -+ * Rewrite: Copyright (C) 2013 Linaro Ltd -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License version 2 as -+ * published by the Free Software Foundation. -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+ -+#include -+#include "key.h" -+#include "aes_ccm.h" -+ -+static void aes_ccm_prepare(struct crypto_cipher *tfm, u8 *b_0, u8 *aad, u8 *s_0, -+ u8 *a, u8 *b) -+{ -+ int i; -+ -+ crypto_cipher_encrypt_one(tfm, b, b_0); -+ -+ /* Extra Authenticate-only data (always two AES blocks) */ -+ for (i = 0; i < AES_BLOCK_SIZE; i++) -+ aad[i] ^= b[i]; -+ crypto_cipher_encrypt_one(tfm, b, aad); -+ -+ aad += AES_BLOCK_SIZE; -+ -+ for (i = 0; i < AES_BLOCK_SIZE; i++) -+ aad[i] ^= b[i]; -+ crypto_cipher_encrypt_one(tfm, a, aad); -+ -+ /* Mask out bits from auth-only-b_0 */ -+ b_0[0] &= 0x07; -+ -+ /* S_0 is used to encrypt T (= MIC) */ -+ b_0[14] = 0; -+ b_0[15] = 0; -+ crypto_cipher_encrypt_one(tfm, s_0, b_0); -+} -+ -+ -+void ieee80211_aes_ccm_encrypt(struct crypto_cipher *tfm, u8 *b_0, u8 *aad, -+ u8 *data, size_t data_len, u8 *mic, -+ size_t mic_len) -+{ -+ int i, j, last_len, num_blocks; -+ u8 b[AES_BLOCK_SIZE]; -+ u8 s_0[AES_BLOCK_SIZE]; -+ u8 e[AES_BLOCK_SIZE]; -+ u8 *pos, *cpos; -+ -+ num_blocks = DIV_ROUND_UP(data_len, AES_BLOCK_SIZE); -+ last_len = data_len % AES_BLOCK_SIZE; -+ aes_ccm_prepare(tfm, b_0, aad, s_0, b, b); -+ -+ /* Process payload blocks */ -+ pos = data; -+ cpos = data; -+ for (j = 1; j <= num_blocks; j++) { -+ int blen = (j == num_blocks && last_len) ? -+ last_len : AES_BLOCK_SIZE; -+ -+ /* Authentication followed by encryption */ -+ for (i = 0; i < blen; i++) -+ b[i] ^= pos[i]; -+ crypto_cipher_encrypt_one(tfm, b, b); -+ -+ b_0[14] = (j >> 8) & 0xff; -+ b_0[15] = j & 0xff; -+ crypto_cipher_encrypt_one(tfm, e, b_0); -+ for (i = 0; i < blen; i++) -+ *cpos++ = *pos++ ^ e[i]; -+ } -+ -+ for (i = 0; i < mic_len; i++) -+ mic[i] = b[i] ^ s_0[i]; -+} -+ -+int ieee80211_aes_ccm_decrypt(struct crypto_cipher *tfm, u8 *b_0, u8 *aad, -+ u8 *data, size_t data_len, u8 *mic, -+ size_t mic_len) -+{ -+ int i, j, last_len, num_blocks; -+ u8 *pos, *cpos; -+ u8 a[AES_BLOCK_SIZE]; -+ u8 b[AES_BLOCK_SIZE]; -+ u8 s_0[AES_BLOCK_SIZE]; -+ -+ num_blocks = DIV_ROUND_UP(data_len, AES_BLOCK_SIZE); -+ last_len = data_len % AES_BLOCK_SIZE; -+ aes_ccm_prepare(tfm, b_0, aad, s_0, a, b); -+ -+ /* Process payload blocks */ -+ cpos = data; -+ pos = data; -+ for (j = 1; j <= num_blocks; j++) { -+ int blen = (j == num_blocks && last_len) ? -+ last_len : AES_BLOCK_SIZE; -+ -+ /* Decryption followed by authentication */ -+ b_0[14] = (j >> 8) & 0xff; -+ b_0[15] = j & 0xff; -+ crypto_cipher_encrypt_one(tfm, b, b_0); -+ for (i = 0; i < blen; i++) { -+ *pos = *cpos++ ^ b[i]; -+ a[i] ^= *pos++; -+ } -+ crypto_cipher_encrypt_one(tfm, a, a); -+ } -+ -+ for (i = 0; i < mic_len; i++) { -+ if ((mic[i] ^ s_0[i]) != a[i]) -+ return -1; -+ } -+ -+ return 0; -+} -+ -+struct crypto_cipher *ieee80211_aes_key_setup_encrypt(const u8 key[], -+ size_t key_len, -+ size_t mic_len) -+{ -+ struct crypto_cipher *tfm; -+ -+ tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC); -+ if (!IS_ERR(tfm)) -+ crypto_cipher_setkey(tfm, key, key_len); -+ -+ return tfm; -+} -+ -+ -+void ieee80211_aes_key_free(struct crypto_cipher *tfm) -+{ -+ crypto_free_cipher(tfm); -+} ---- a/net/mac80211/Kconfig -+++ b/net/mac80211/Kconfig -@@ -5,8 +5,6 @@ config MAC80211 - depends on CRYPTO - depends on CRYPTO_ARC4 - depends on CRYPTO_AES -- depends on CRYPTO_CCM -- depends on CRYPTO_GCM - depends on CRYPTO_CMAC - depends on CRC32 - ---help--- ---- a/net/mac80211/aes_gmac.h -+++ b/net/mac80211/aes_gmac.h -@@ -15,10 +15,22 @@ - #define GMAC_MIC_LEN 16 - #define GMAC_NONCE_LEN 12 - --struct crypto_aead *ieee80211_aes_gmac_key_setup(const u8 key[], -- size_t key_len); --int ieee80211_aes_gmac(struct crypto_aead *tfm, const u8 *aad, u8 *nonce, -- const u8 *data, size_t data_len, u8 *mic); --void ieee80211_aes_gmac_key_free(struct crypto_aead *tfm); -+static inline struct crypto_aead * -+ieee80211_aes_gmac_key_setup(const u8 key[], size_t key_len) -+{ -+ return NULL; -+} -+ -+static inline int -+ieee80211_aes_gmac(struct crypto_aead *tfm, const u8 *aad, u8 *nonce, -+ const u8 *data, size_t data_len, u8 *mic) -+{ -+ return -EOPNOTSUPP; -+} -+ -+static inline void -+ieee80211_aes_gmac_key_free(struct crypto_aead *tfm) -+{ -+} - - #endif /* AES_GMAC_H */ ---- a/net/mac80211/key.h -+++ b/net/mac80211/key.h -@@ -88,7 +88,7 @@ struct ieee80211_key { - * Management frames. - */ - u8 rx_pn[IEEE80211_NUM_TIDS + 1][IEEE80211_CCMP_PN_LEN]; -- struct crypto_aead *tfm; -+ struct crypto_cipher *tfm; - u32 replays; /* dot11RSNAStatsCCMPReplays */ - } ccmp; - struct {