The branch main has been updated by adrian: URL: https://cgit.FreeBSD.org/src/commit/?id=8ebc054acacc70de6b95fc171ff724f344374172
commit 8ebc054acacc70de6b95fc171ff724f344374172 Author: Adrian Chadd <[email protected]> AuthorDate: 2026-02-26 03:49:59 +0000 Commit: Adrian Chadd <[email protected]> CommitDate: 2026-02-26 03:49:59 +0000 mwl: migrate to new net80211 encryption key API Migrate to the new encryption key API rather than poking at the key struct directly. Notably this driver was very clear about its expectation the net80211 key layout w/ key, TX MIC and RX MIC matches the firmware layout and just memcpy()'ed it. That has been refactored. Differential Revision: https://reviews.freebsd.org/D54484 --- sys/dev/mwl/if_mwl.c | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/sys/dev/mwl/if_mwl.c b/sys/dev/mwl/if_mwl.c index 9f3d34f4f50d..513c3d9c60e4 100644 --- a/sys/dev/mwl/if_mwl.c +++ b/sys/dev/mwl/if_mwl.c @@ -1638,28 +1638,43 @@ _mwl_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k, switch (cip->ic_cipher) { case IEEE80211_CIPHER_WEP: hk.keyTypeId = KEY_TYPE_ID_WEP; - hk.keyLen = k->wk_keylen; + hk.keyLen = ieee80211_crypto_get_key_len(k); if (k->wk_keyix == vap->iv_def_txkey) hk.keyFlags = KEY_FLAG_WEP_TXKEY; if (!IEEE80211_IS_STATICKEY(k)) { /* NB: WEP is never used for the PTK */ (void) addgroupflags(&hk, k); } + memcpy(hk.key.aes, ieee80211_crypto_get_key_data(k), + ieee80211_crypto_get_key_len(k)); break; case IEEE80211_CIPHER_TKIP: hk.keyTypeId = KEY_TYPE_ID_TKIP; hk.key.tkip.tsc.high = (uint32_t)(k->wk_keytsc >> 16); hk.key.tkip.tsc.low = (uint16_t)k->wk_keytsc; hk.keyFlags = KEY_FLAG_TSC_VALID | KEY_FLAG_MICKEY_VALID; - hk.keyLen = k->wk_keylen + IEEE80211_MICBUF_SIZE; + hk.keyLen = ieee80211_crypto_get_key_len(k) + + IEEE80211_MICBUF_SIZE; if (!addgroupflags(&hk, k)) hk.keyFlags |= KEY_FLAG_PAIRWISE; + + /* Copy in TKIP MIC after the 16 byte main key */ + memcpy(hk.key.aes, ieee80211_crypto_get_key_data(k), + ieee80211_crypto_get_key_len(k)); + memcpy(hk.key.aes + IEEE80211_KEYBUF_SIZE, + ieee80211_crypto_get_key_txmic_data(k), + 8); + memcpy(hk.key.aes + IEEE80211_KEYBUF_SIZE + 8, + ieee80211_crypto_get_key_rxmic_data(k), + 8); break; case IEEE80211_CIPHER_AES_CCM: hk.keyTypeId = KEY_TYPE_ID_AES; - hk.keyLen = k->wk_keylen; + hk.keyLen = ieee80211_crypto_get_key_len(k); if (!addgroupflags(&hk, k)) hk.keyFlags |= KEY_FLAG_PAIRWISE; + memcpy(hk.key.aes, ieee80211_crypto_get_key_data(k), + ieee80211_crypto_get_key_len(k)); break; default: /* XXX should not happen */ @@ -1667,11 +1682,6 @@ _mwl_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k, __func__, k->wk_cipher->ic_cipher); return 0; } - /* - * NB: tkip mic keys get copied here too; the layout - * just happens to match that in ieee80211_key. - */ - memcpy(hk.key.aes, k->wk_key, hk.keyLen); /* * Locate address of sta db entry for writing key;
