Commit | Line | Data |
---|---|---|
6039f6d2 JM |
1 | /* |
2 | * cfg80211 MLME SAP interface | |
3 | * | |
4 | * Copyright (c) 2009, Jouni Malinen <j@w1.fi> | |
5 | */ | |
6 | ||
7 | #include <linux/kernel.h> | |
8 | #include <linux/module.h> | |
c6fb08aa | 9 | #include <linux/etherdevice.h> |
6039f6d2 JM |
10 | #include <linux/netdevice.h> |
11 | #include <linux/nl80211.h> | |
5a0e3ad6 | 12 | #include <linux/slab.h> |
a9a11622 | 13 | #include <linux/wireless.h> |
6039f6d2 | 14 | #include <net/cfg80211.h> |
a9a11622 | 15 | #include <net/iw_handler.h> |
6039f6d2 JM |
16 | #include "core.h" |
17 | #include "nl80211.h" | |
e35e4d28 HG |
18 | #include "rdev-ops.h" |
19 | ||
6039f6d2 | 20 | |
6ff57cf8 | 21 | void cfg80211_rx_assoc_resp(struct net_device *dev, struct cfg80211_bss *bss, |
95de817b | 22 | const u8 *buf, size_t len) |
6039f6d2 | 23 | { |
6829c878 JB |
24 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
25 | struct wiphy *wiphy = wdev->wiphy; | |
6039f6d2 | 26 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); |
6829c878 JB |
27 | struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf; |
28 | u8 *ie = mgmt->u.assoc_resp.variable; | |
95de817b | 29 | int ieoffs = offsetof(struct ieee80211_mgmt, u.assoc_resp.variable); |
ceca7b71 | 30 | u16 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code); |
6829c878 | 31 | |
4ee3e063 | 32 | trace_cfg80211_send_rx_assoc(dev, bss); |
cb0b4beb | 33 | |
f401a6f7 JB |
34 | /* |
35 | * This is a bit of a hack, we don't notify userspace of | |
36 | * a (re-)association reply if we tried to send a reassoc | |
37 | * and got a reject -- we only try again with an assoc | |
38 | * frame instead of reassoc. | |
39 | */ | |
ceca7b71 | 40 | if (cfg80211_sme_rx_assoc_resp(wdev, status_code)) { |
f1940c57 | 41 | cfg80211_unhold_bss(bss_from_pub(bss)); |
5b112d3d | 42 | cfg80211_put_bss(wiphy, bss); |
8d61ffa5 | 43 | return; |
95de817b | 44 | } |
f401a6f7 | 45 | |
cb0b4beb | 46 | nl80211_send_rx_assoc(rdev, dev, buf, len, GFP_KERNEL); |
ceca7b71 | 47 | /* update current_bss etc., consumes the bss reference */ |
df7fc0f9 JB |
48 | __cfg80211_connect_result(dev, mgmt->bssid, NULL, 0, ie, len - ieoffs, |
49 | status_code, | |
95de817b | 50 | status_code == WLAN_STATUS_SUCCESS, bss); |
6039f6d2 | 51 | } |
6ff57cf8 | 52 | EXPORT_SYMBOL(cfg80211_rx_assoc_resp); |
6039f6d2 | 53 | |
ceca7b71 JB |
54 | static void cfg80211_process_auth(struct wireless_dev *wdev, |
55 | const u8 *buf, size_t len) | |
56 | { | |
57 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy); | |
58 | ||
59 | nl80211_send_rx_auth(rdev, wdev->netdev, buf, len, GFP_KERNEL); | |
60 | cfg80211_sme_rx_auth(wdev, buf, len); | |
61 | } | |
62 | ||
63 | static void cfg80211_process_deauth(struct wireless_dev *wdev, | |
6ff57cf8 | 64 | const u8 *buf, size_t len) |
6039f6d2 | 65 | { |
ceca7b71 | 66 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy); |
6829c878 | 67 | struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf; |
19957bb3 | 68 | const u8 *bssid = mgmt->bssid; |
ceca7b71 JB |
69 | u16 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code); |
70 | bool from_ap = !ether_addr_equal(mgmt->sa, wdev->netdev->dev_addr); | |
6829c878 | 71 | |
ceca7b71 | 72 | nl80211_send_deauth(rdev, wdev->netdev, buf, len, GFP_KERNEL); |
19957bb3 | 73 | |
ceca7b71 JB |
74 | if (!wdev->current_bss || |
75 | !ether_addr_equal(wdev->current_bss->pub.bssid, bssid)) | |
76 | return; | |
6829c878 | 77 | |
ceca7b71 JB |
78 | __cfg80211_disconnected(wdev->netdev, NULL, 0, reason_code, from_ap); |
79 | cfg80211_sme_deauth(wdev); | |
667503dd | 80 | } |
6039f6d2 | 81 | |
ceca7b71 | 82 | static void cfg80211_process_disassoc(struct wireless_dev *wdev, |
6ff57cf8 | 83 | const u8 *buf, size_t len) |
6039f6d2 | 84 | { |
ceca7b71 | 85 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy); |
6829c878 | 86 | struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf; |
19957bb3 | 87 | const u8 *bssid = mgmt->bssid; |
ceca7b71 JB |
88 | u16 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); |
89 | bool from_ap = !ether_addr_equal(mgmt->sa, wdev->netdev->dev_addr); | |
6829c878 | 90 | |
ceca7b71 | 91 | nl80211_send_disassoc(rdev, wdev->netdev, buf, len, GFP_KERNEL); |
a3b8b056 | 92 | |
ceca7b71 JB |
93 | if (WARN_ON(!wdev->current_bss || |
94 | !ether_addr_equal(wdev->current_bss->pub.bssid, bssid))) | |
596a07c1 | 95 | return; |
6829c878 | 96 | |
ceca7b71 JB |
97 | __cfg80211_disconnected(wdev->netdev, NULL, 0, reason_code, from_ap); |
98 | cfg80211_sme_disassoc(wdev); | |
667503dd | 99 | } |
1965c853 | 100 | |
6ff57cf8 JB |
101 | void cfg80211_rx_mlme_mgmt(struct net_device *dev, const u8 *buf, size_t len) |
102 | { | |
103 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
6ff57cf8 JB |
104 | struct ieee80211_mgmt *mgmt = (void *)buf; |
105 | ||
106 | ASSERT_WDEV_LOCK(wdev); | |
107 | ||
108 | trace_cfg80211_rx_mlme_mgmt(dev, buf, len); | |
109 | ||
110 | if (WARN_ON(len < 2)) | |
111 | return; | |
112 | ||
ceca7b71 JB |
113 | if (ieee80211_is_auth(mgmt->frame_control)) |
114 | cfg80211_process_auth(wdev, buf, len); | |
115 | else if (ieee80211_is_deauth(mgmt->frame_control)) | |
116 | cfg80211_process_deauth(wdev, buf, len); | |
117 | else if (ieee80211_is_disassoc(mgmt->frame_control)) | |
118 | cfg80211_process_disassoc(wdev, buf, len); | |
6ff57cf8 JB |
119 | } |
120 | EXPORT_SYMBOL(cfg80211_rx_mlme_mgmt); | |
121 | ||
122 | void cfg80211_auth_timeout(struct net_device *dev, const u8 *addr) | |
a58ce43f JB |
123 | { |
124 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
125 | struct wiphy *wiphy = wdev->wiphy; | |
126 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); | |
127 | ||
4ee3e063 | 128 | trace_cfg80211_send_auth_timeout(dev, addr); |
a58ce43f JB |
129 | |
130 | nl80211_send_auth_timeout(rdev, dev, addr, GFP_KERNEL); | |
ceca7b71 | 131 | cfg80211_sme_auth_timeout(wdev); |
1965c853 | 132 | } |
6ff57cf8 | 133 | EXPORT_SYMBOL(cfg80211_auth_timeout); |
1965c853 | 134 | |
959867fa | 135 | void cfg80211_assoc_timeout(struct net_device *dev, struct cfg80211_bss *bss) |
1965c853 | 136 | { |
6829c878 JB |
137 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
138 | struct wiphy *wiphy = wdev->wiphy; | |
1965c853 | 139 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); |
19957bb3 | 140 | |
959867fa | 141 | trace_cfg80211_send_assoc_timeout(dev, bss->bssid); |
cb0b4beb | 142 | |
959867fa | 143 | nl80211_send_assoc_timeout(rdev, dev, bss->bssid, GFP_KERNEL); |
ceca7b71 | 144 | cfg80211_sme_assoc_timeout(wdev); |
959867fa | 145 | |
f1940c57 | 146 | cfg80211_unhold_bss(bss_from_pub(bss)); |
959867fa | 147 | cfg80211_put_bss(wiphy, bss); |
1965c853 | 148 | } |
6ff57cf8 JB |
149 | EXPORT_SYMBOL(cfg80211_assoc_timeout); |
150 | ||
151 | void cfg80211_tx_mlme_mgmt(struct net_device *dev, const u8 *buf, size_t len) | |
152 | { | |
153 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
154 | struct ieee80211_mgmt *mgmt = (void *)buf; | |
155 | ||
156 | ASSERT_WDEV_LOCK(wdev); | |
157 | ||
158 | trace_cfg80211_tx_mlme_mgmt(dev, buf, len); | |
159 | ||
160 | if (WARN_ON(len < 2)) | |
161 | return; | |
162 | ||
163 | if (ieee80211_is_deauth(mgmt->frame_control)) | |
ceca7b71 | 164 | cfg80211_process_deauth(wdev, buf, len); |
6ff57cf8 | 165 | else |
ceca7b71 | 166 | cfg80211_process_disassoc(wdev, buf, len); |
6ff57cf8 JB |
167 | } |
168 | EXPORT_SYMBOL(cfg80211_tx_mlme_mgmt); | |
1965c853 | 169 | |
a3b8b056 JM |
170 | void cfg80211_michael_mic_failure(struct net_device *dev, const u8 *addr, |
171 | enum nl80211_key_type key_type, int key_id, | |
e6d6e342 | 172 | const u8 *tsc, gfp_t gfp) |
a3b8b056 JM |
173 | { |
174 | struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; | |
175 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); | |
3d23e349 | 176 | #ifdef CONFIG_CFG80211_WEXT |
f58d4ed9 | 177 | union iwreq_data wrqu; |
e6d6e342 | 178 | char *buf = kmalloc(128, gfp); |
f58d4ed9 JB |
179 | |
180 | if (buf) { | |
181 | sprintf(buf, "MLME-MICHAELMICFAILURE.indication(" | |
182 | "keyid=%d %scast addr=%pM)", key_id, | |
183 | key_type == NL80211_KEYTYPE_GROUP ? "broad" : "uni", | |
184 | addr); | |
185 | memset(&wrqu, 0, sizeof(wrqu)); | |
186 | wrqu.data.length = strlen(buf); | |
187 | wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf); | |
188 | kfree(buf); | |
189 | } | |
190 | #endif | |
191 | ||
4ee3e063 | 192 | trace_cfg80211_michael_mic_failure(dev, addr, key_type, key_id, tsc); |
e6d6e342 | 193 | nl80211_michael_mic_failure(rdev, dev, addr, key_type, key_id, tsc, gfp); |
a3b8b056 JM |
194 | } |
195 | EXPORT_SYMBOL(cfg80211_michael_mic_failure); | |
19957bb3 JB |
196 | |
197 | /* some MLME handling for userspace SME */ | |
91bf9b26 JB |
198 | int cfg80211_mlme_auth(struct cfg80211_registered_device *rdev, |
199 | struct net_device *dev, | |
200 | struct ieee80211_channel *chan, | |
201 | enum nl80211_auth_type auth_type, | |
202 | const u8 *bssid, | |
203 | const u8 *ssid, int ssid_len, | |
204 | const u8 *ie, int ie_len, | |
205 | const u8 *key, int key_len, int key_idx, | |
206 | const u8 *sae_data, int sae_data_len) | |
19957bb3 JB |
207 | { |
208 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
7ade7036 JB |
209 | struct cfg80211_auth_request req = { |
210 | .ie = ie, | |
211 | .ie_len = ie_len, | |
212 | .sae_data = sae_data, | |
213 | .sae_data_len = sae_data_len, | |
214 | .auth_type = auth_type, | |
215 | .key = key, | |
216 | .key_len = key_len, | |
217 | .key_idx = key_idx, | |
218 | }; | |
95de817b | 219 | int err; |
19957bb3 | 220 | |
667503dd JB |
221 | ASSERT_WDEV_LOCK(wdev); |
222 | ||
fffd0934 JB |
223 | if (auth_type == NL80211_AUTHTYPE_SHARED_KEY) |
224 | if (!key || !key_len || key_idx < 0 || key_idx > 4) | |
225 | return -EINVAL; | |
226 | ||
0a9b5e17 | 227 | if (wdev->current_bss && |
ac422d3c | 228 | ether_addr_equal(bssid, wdev->current_bss->pub.bssid)) |
0a9b5e17 JB |
229 | return -EALREADY; |
230 | ||
19957bb3 JB |
231 | req.bss = cfg80211_get_bss(&rdev->wiphy, chan, bssid, ssid, ssid_len, |
232 | WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS); | |
233 | if (!req.bss) | |
234 | return -ENOENT; | |
235 | ||
e4e32459 MK |
236 | err = cfg80211_can_use_chan(rdev, wdev, req.bss->channel, |
237 | CHAN_MODE_SHARED); | |
238 | if (err) | |
239 | goto out; | |
240 | ||
e35e4d28 | 241 | err = rdev_auth(rdev, dev, &req); |
19957bb3 | 242 | |
e4e32459 | 243 | out: |
5b112d3d | 244 | cfg80211_put_bss(&rdev->wiphy, req.bss); |
19957bb3 JB |
245 | return err; |
246 | } | |
247 | ||
7e7c8926 BG |
248 | /* Do a logical ht_capa &= ht_capa_mask. */ |
249 | void cfg80211_oper_and_ht_capa(struct ieee80211_ht_cap *ht_capa, | |
250 | const struct ieee80211_ht_cap *ht_capa_mask) | |
251 | { | |
252 | int i; | |
253 | u8 *p1, *p2; | |
254 | if (!ht_capa_mask) { | |
255 | memset(ht_capa, 0, sizeof(*ht_capa)); | |
256 | return; | |
257 | } | |
258 | ||
259 | p1 = (u8*)(ht_capa); | |
260 | p2 = (u8*)(ht_capa_mask); | |
261 | for (i = 0; i<sizeof(*ht_capa); i++) | |
262 | p1[i] &= p2[i]; | |
263 | } | |
264 | ||
ee2aca34 JB |
265 | /* Do a logical ht_capa &= ht_capa_mask. */ |
266 | void cfg80211_oper_and_vht_capa(struct ieee80211_vht_cap *vht_capa, | |
267 | const struct ieee80211_vht_cap *vht_capa_mask) | |
268 | { | |
269 | int i; | |
270 | u8 *p1, *p2; | |
271 | if (!vht_capa_mask) { | |
272 | memset(vht_capa, 0, sizeof(*vht_capa)); | |
273 | return; | |
274 | } | |
275 | ||
276 | p1 = (u8*)(vht_capa); | |
277 | p2 = (u8*)(vht_capa_mask); | |
278 | for (i = 0; i < sizeof(*vht_capa); i++) | |
279 | p1[i] &= p2[i]; | |
280 | } | |
281 | ||
91bf9b26 JB |
282 | int cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev, |
283 | struct net_device *dev, | |
284 | struct ieee80211_channel *chan, | |
285 | const u8 *bssid, | |
286 | const u8 *ssid, int ssid_len, | |
287 | struct cfg80211_assoc_request *req) | |
19957bb3 JB |
288 | { |
289 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
95de817b | 290 | int err; |
19957bb3 | 291 | |
667503dd JB |
292 | ASSERT_WDEV_LOCK(wdev); |
293 | ||
ceca7b71 JB |
294 | if (wdev->current_bss && |
295 | (!req->prev_bssid || !ether_addr_equal(wdev->current_bss->pub.bssid, | |
296 | req->prev_bssid))) | |
19957bb3 JB |
297 | return -EALREADY; |
298 | ||
f62fab73 | 299 | cfg80211_oper_and_ht_capa(&req->ht_capa_mask, |
7e7c8926 | 300 | rdev->wiphy.ht_capa_mod_mask); |
f62fab73 | 301 | cfg80211_oper_and_vht_capa(&req->vht_capa_mask, |
ee2aca34 | 302 | rdev->wiphy.vht_capa_mod_mask); |
7e7c8926 | 303 | |
f62fab73 JB |
304 | req->bss = cfg80211_get_bss(&rdev->wiphy, chan, bssid, ssid, ssid_len, |
305 | WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS); | |
ceca7b71 | 306 | if (!req->bss) |
19957bb3 JB |
307 | return -ENOENT; |
308 | ||
f62fab73 | 309 | err = cfg80211_can_use_chan(rdev, wdev, chan, CHAN_MODE_SHARED); |
e4e32459 MK |
310 | if (err) |
311 | goto out; | |
312 | ||
f62fab73 | 313 | err = rdev_assoc(rdev, dev, req); |
f1940c57 JB |
314 | if (!err) |
315 | cfg80211_hold_bss(bss_from_pub(req->bss)); | |
19957bb3 | 316 | |
e4e32459 | 317 | out: |
ceca7b71 | 318 | if (err) |
f62fab73 | 319 | cfg80211_put_bss(&rdev->wiphy, req->bss); |
19957bb3 | 320 | |
19957bb3 JB |
321 | return err; |
322 | } | |
323 | ||
91bf9b26 JB |
324 | int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, |
325 | struct net_device *dev, const u8 *bssid, | |
326 | const u8 *ie, int ie_len, u16 reason, | |
327 | bool local_state_change) | |
19957bb3 JB |
328 | { |
329 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
95de817b JB |
330 | struct cfg80211_deauth_request req = { |
331 | .bssid = bssid, | |
332 | .reason_code = reason, | |
333 | .ie = ie, | |
334 | .ie_len = ie_len, | |
6863255b | 335 | .local_state_change = local_state_change, |
95de817b | 336 | }; |
19957bb3 | 337 | |
667503dd JB |
338 | ASSERT_WDEV_LOCK(wdev); |
339 | ||
ceca7b71 JB |
340 | if (local_state_change && |
341 | (!wdev->current_bss || | |
342 | !ether_addr_equal(wdev->current_bss->pub.bssid, bssid))) | |
95de817b | 343 | return 0; |
19957bb3 | 344 | |
e35e4d28 | 345 | return rdev_deauth(rdev, dev, &req); |
19957bb3 JB |
346 | } |
347 | ||
91bf9b26 JB |
348 | int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev, |
349 | struct net_device *dev, const u8 *bssid, | |
350 | const u8 *ie, int ie_len, u16 reason, | |
351 | bool local_state_change) | |
19957bb3 JB |
352 | { |
353 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
7ade7036 JB |
354 | struct cfg80211_disassoc_request req = { |
355 | .reason_code = reason, | |
356 | .local_state_change = local_state_change, | |
357 | .ie = ie, | |
358 | .ie_len = ie_len, | |
359 | }; | |
ceca7b71 | 360 | int err; |
19957bb3 | 361 | |
667503dd JB |
362 | ASSERT_WDEV_LOCK(wdev); |
363 | ||
ceca7b71 | 364 | if (!wdev->current_bss) |
f9d6b402 JB |
365 | return -ENOTCONN; |
366 | ||
ac422d3c | 367 | if (ether_addr_equal(wdev->current_bss->pub.bssid, bssid)) |
19957bb3 JB |
368 | req.bss = &wdev->current_bss->pub; |
369 | else | |
370 | return -ENOTCONN; | |
371 | ||
ceca7b71 JB |
372 | err = rdev_disassoc(rdev, dev, &req); |
373 | if (err) | |
374 | return err; | |
375 | ||
376 | /* driver should have reported the disassoc */ | |
377 | WARN_ON(wdev->current_bss); | |
378 | return 0; | |
667503dd JB |
379 | } |
380 | ||
19957bb3 JB |
381 | void cfg80211_mlme_down(struct cfg80211_registered_device *rdev, |
382 | struct net_device *dev) | |
383 | { | |
384 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
95de817b | 385 | u8 bssid[ETH_ALEN]; |
19957bb3 | 386 | |
667503dd JB |
387 | ASSERT_WDEV_LOCK(wdev); |
388 | ||
19957bb3 JB |
389 | if (!rdev->ops->deauth) |
390 | return; | |
391 | ||
95de817b JB |
392 | if (!wdev->current_bss) |
393 | return; | |
19957bb3 | 394 | |
95de817b | 395 | memcpy(bssid, wdev->current_bss->pub.bssid, ETH_ALEN); |
ceca7b71 JB |
396 | cfg80211_mlme_deauth(rdev, dev, bssid, NULL, 0, |
397 | WLAN_REASON_DEAUTH_LEAVING, false); | |
19957bb3 | 398 | } |
9588bbd5 | 399 | |
2e161f78 | 400 | struct cfg80211_mgmt_registration { |
026331c4 JM |
401 | struct list_head list; |
402 | ||
15e47304 | 403 | u32 nlportid; |
026331c4 JM |
404 | |
405 | int match_len; | |
406 | ||
2e161f78 JB |
407 | __le16 frame_type; |
408 | ||
026331c4 JM |
409 | u8 match[]; |
410 | }; | |
411 | ||
15e47304 | 412 | int cfg80211_mlme_register_mgmt(struct wireless_dev *wdev, u32 snd_portid, |
2e161f78 JB |
413 | u16 frame_type, const u8 *match_data, |
414 | int match_len) | |
026331c4 | 415 | { |
271733cf JB |
416 | struct wiphy *wiphy = wdev->wiphy; |
417 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); | |
2e161f78 | 418 | struct cfg80211_mgmt_registration *reg, *nreg; |
026331c4 | 419 | int err = 0; |
2e161f78 JB |
420 | u16 mgmt_type; |
421 | ||
422 | if (!wdev->wiphy->mgmt_stypes) | |
423 | return -EOPNOTSUPP; | |
424 | ||
425 | if ((frame_type & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT) | |
426 | return -EINVAL; | |
427 | ||
428 | if (frame_type & ~(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE)) | |
429 | return -EINVAL; | |
430 | ||
431 | mgmt_type = (frame_type & IEEE80211_FCTL_STYPE) >> 4; | |
432 | if (!(wdev->wiphy->mgmt_stypes[wdev->iftype].rx & BIT(mgmt_type))) | |
433 | return -EINVAL; | |
026331c4 JM |
434 | |
435 | nreg = kzalloc(sizeof(*reg) + match_len, GFP_KERNEL); | |
436 | if (!nreg) | |
437 | return -ENOMEM; | |
438 | ||
2e161f78 | 439 | spin_lock_bh(&wdev->mgmt_registrations_lock); |
026331c4 | 440 | |
2e161f78 | 441 | list_for_each_entry(reg, &wdev->mgmt_registrations, list) { |
026331c4 JM |
442 | int mlen = min(match_len, reg->match_len); |
443 | ||
2e161f78 JB |
444 | if (frame_type != le16_to_cpu(reg->frame_type)) |
445 | continue; | |
446 | ||
026331c4 JM |
447 | if (memcmp(reg->match, match_data, mlen) == 0) { |
448 | err = -EALREADY; | |
449 | break; | |
450 | } | |
451 | } | |
452 | ||
453 | if (err) { | |
454 | kfree(nreg); | |
455 | goto out; | |
456 | } | |
457 | ||
458 | memcpy(nreg->match, match_data, match_len); | |
459 | nreg->match_len = match_len; | |
15e47304 | 460 | nreg->nlportid = snd_portid; |
2e161f78 JB |
461 | nreg->frame_type = cpu_to_le16(frame_type); |
462 | list_add(&nreg->list, &wdev->mgmt_registrations); | |
026331c4 | 463 | |
271733cf | 464 | if (rdev->ops->mgmt_frame_register) |
e35e4d28 | 465 | rdev_mgmt_frame_register(rdev, wdev, frame_type, true); |
271733cf | 466 | |
026331c4 | 467 | out: |
2e161f78 | 468 | spin_unlock_bh(&wdev->mgmt_registrations_lock); |
271733cf | 469 | |
026331c4 JM |
470 | return err; |
471 | } | |
472 | ||
15e47304 | 473 | void cfg80211_mlme_unregister_socket(struct wireless_dev *wdev, u32 nlportid) |
026331c4 | 474 | { |
271733cf JB |
475 | struct wiphy *wiphy = wdev->wiphy; |
476 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); | |
2e161f78 | 477 | struct cfg80211_mgmt_registration *reg, *tmp; |
026331c4 | 478 | |
2e161f78 | 479 | spin_lock_bh(&wdev->mgmt_registrations_lock); |
026331c4 | 480 | |
2e161f78 | 481 | list_for_each_entry_safe(reg, tmp, &wdev->mgmt_registrations, list) { |
15e47304 | 482 | if (reg->nlportid != nlportid) |
271733cf JB |
483 | continue; |
484 | ||
485 | if (rdev->ops->mgmt_frame_register) { | |
486 | u16 frame_type = le16_to_cpu(reg->frame_type); | |
487 | ||
e35e4d28 HG |
488 | rdev_mgmt_frame_register(rdev, wdev, |
489 | frame_type, false); | |
026331c4 | 490 | } |
271733cf JB |
491 | |
492 | list_del(®->list); | |
493 | kfree(reg); | |
026331c4 JM |
494 | } |
495 | ||
2e161f78 | 496 | spin_unlock_bh(&wdev->mgmt_registrations_lock); |
28946da7 | 497 | |
5de17984 AS |
498 | if (nlportid && rdev->crit_proto_nlportid == nlportid) { |
499 | rdev->crit_proto_nlportid = 0; | |
500 | rdev_crit_proto_stop(rdev, wdev); | |
501 | } | |
502 | ||
15e47304 EB |
503 | if (nlportid == wdev->ap_unexpected_nlportid) |
504 | wdev->ap_unexpected_nlportid = 0; | |
026331c4 JM |
505 | } |
506 | ||
2e161f78 | 507 | void cfg80211_mlme_purge_registrations(struct wireless_dev *wdev) |
026331c4 | 508 | { |
2e161f78 | 509 | struct cfg80211_mgmt_registration *reg, *tmp; |
026331c4 | 510 | |
2e161f78 | 511 | spin_lock_bh(&wdev->mgmt_registrations_lock); |
026331c4 | 512 | |
2e161f78 | 513 | list_for_each_entry_safe(reg, tmp, &wdev->mgmt_registrations, list) { |
026331c4 JM |
514 | list_del(®->list); |
515 | kfree(reg); | |
516 | } | |
517 | ||
2e161f78 | 518 | spin_unlock_bh(&wdev->mgmt_registrations_lock); |
026331c4 JM |
519 | } |
520 | ||
2e161f78 | 521 | int cfg80211_mlme_mgmt_tx(struct cfg80211_registered_device *rdev, |
71bbc994 | 522 | struct wireless_dev *wdev, |
f7ca38df | 523 | struct ieee80211_channel *chan, bool offchan, |
42d97a59 JB |
524 | unsigned int wait, const u8 *buf, size_t len, |
525 | bool no_cck, bool dont_wait_for_ack, u64 *cookie) | |
026331c4 | 526 | { |
026331c4 | 527 | const struct ieee80211_mgmt *mgmt; |
2e161f78 JB |
528 | u16 stype; |
529 | ||
530 | if (!wdev->wiphy->mgmt_stypes) | |
531 | return -EOPNOTSUPP; | |
026331c4 | 532 | |
2e161f78 | 533 | if (!rdev->ops->mgmt_tx) |
026331c4 | 534 | return -EOPNOTSUPP; |
2e161f78 | 535 | |
026331c4 JM |
536 | if (len < 24 + 1) |
537 | return -EINVAL; | |
538 | ||
539 | mgmt = (const struct ieee80211_mgmt *) buf; | |
2e161f78 JB |
540 | |
541 | if (!ieee80211_is_mgmt(mgmt->frame_control)) | |
026331c4 | 542 | return -EINVAL; |
2e161f78 JB |
543 | |
544 | stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE; | |
545 | if (!(wdev->wiphy->mgmt_stypes[wdev->iftype].tx & BIT(stype >> 4))) | |
546 | return -EINVAL; | |
547 | ||
548 | if (ieee80211_is_action(mgmt->frame_control) && | |
549 | mgmt->u.action.category != WLAN_CATEGORY_PUBLIC) { | |
663fcafd JB |
550 | int err = 0; |
551 | ||
fe100acd JB |
552 | wdev_lock(wdev); |
553 | ||
663fcafd JB |
554 | switch (wdev->iftype) { |
555 | case NL80211_IFTYPE_ADHOC: | |
556 | case NL80211_IFTYPE_STATION: | |
557 | case NL80211_IFTYPE_P2P_CLIENT: | |
558 | if (!wdev->current_bss) { | |
559 | err = -ENOTCONN; | |
560 | break; | |
561 | } | |
562 | ||
ac422d3c JP |
563 | if (!ether_addr_equal(wdev->current_bss->pub.bssid, |
564 | mgmt->bssid)) { | |
663fcafd JB |
565 | err = -ENOTCONN; |
566 | break; | |
567 | } | |
568 | ||
569 | /* | |
570 | * check for IBSS DA must be done by driver as | |
571 | * cfg80211 doesn't track the stations | |
572 | */ | |
573 | if (wdev->iftype == NL80211_IFTYPE_ADHOC) | |
574 | break; | |
fe100acd | 575 | |
663fcafd | 576 | /* for station, check that DA is the AP */ |
ac422d3c JP |
577 | if (!ether_addr_equal(wdev->current_bss->pub.bssid, |
578 | mgmt->da)) { | |
663fcafd JB |
579 | err = -ENOTCONN; |
580 | break; | |
581 | } | |
582 | break; | |
583 | case NL80211_IFTYPE_AP: | |
584 | case NL80211_IFTYPE_P2P_GO: | |
585 | case NL80211_IFTYPE_AP_VLAN: | |
98104fde | 586 | if (!ether_addr_equal(mgmt->bssid, wdev_address(wdev))) |
663fcafd JB |
587 | err = -EINVAL; |
588 | break; | |
0778a6a3 | 589 | case NL80211_IFTYPE_MESH_POINT: |
ac422d3c | 590 | if (!ether_addr_equal(mgmt->sa, mgmt->bssid)) { |
0778a6a3 JC |
591 | err = -EINVAL; |
592 | break; | |
593 | } | |
594 | /* | |
595 | * check for mesh DA must be done by driver as | |
596 | * cfg80211 doesn't track the stations | |
597 | */ | |
598 | break; | |
98104fde JB |
599 | case NL80211_IFTYPE_P2P_DEVICE: |
600 | /* | |
601 | * fall through, P2P device only supports | |
602 | * public action frames | |
603 | */ | |
663fcafd JB |
604 | default: |
605 | err = -EOPNOTSUPP; | |
606 | break; | |
607 | } | |
fe100acd | 608 | wdev_unlock(wdev); |
663fcafd JB |
609 | |
610 | if (err) | |
611 | return err; | |
026331c4 JM |
612 | } |
613 | ||
98104fde | 614 | if (!ether_addr_equal(mgmt->sa, wdev_address(wdev))) |
026331c4 JM |
615 | return -EINVAL; |
616 | ||
617 | /* Transmit the Action frame as requested by user space */ | |
e35e4d28 | 618 | return rdev_mgmt_tx(rdev, wdev, chan, offchan, |
e35e4d28 HG |
619 | wait, buf, len, no_cck, dont_wait_for_ack, |
620 | cookie); | |
026331c4 JM |
621 | } |
622 | ||
71bbc994 | 623 | bool cfg80211_rx_mgmt(struct wireless_dev *wdev, int freq, int sig_mbm, |
19504cf5 | 624 | const u8 *buf, size_t len, u32 flags, gfp_t gfp) |
026331c4 | 625 | { |
026331c4 JM |
626 | struct wiphy *wiphy = wdev->wiphy; |
627 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); | |
2e161f78 JB |
628 | struct cfg80211_mgmt_registration *reg; |
629 | const struct ieee80211_txrx_stypes *stypes = | |
630 | &wiphy->mgmt_stypes[wdev->iftype]; | |
631 | struct ieee80211_mgmt *mgmt = (void *)buf; | |
632 | const u8 *data; | |
633 | int data_len; | |
026331c4 | 634 | bool result = false; |
2e161f78 JB |
635 | __le16 ftype = mgmt->frame_control & |
636 | cpu_to_le16(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE); | |
637 | u16 stype; | |
026331c4 | 638 | |
4ee3e063 | 639 | trace_cfg80211_rx_mgmt(wdev, freq, sig_mbm); |
2e161f78 | 640 | stype = (le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE) >> 4; |
026331c4 | 641 | |
4ee3e063 BL |
642 | if (!(stypes->rx & BIT(stype))) { |
643 | trace_cfg80211_return_bool(false); | |
2e161f78 | 644 | return false; |
4ee3e063 | 645 | } |
026331c4 | 646 | |
2e161f78 JB |
647 | data = buf + ieee80211_hdrlen(mgmt->frame_control); |
648 | data_len = len - ieee80211_hdrlen(mgmt->frame_control); | |
649 | ||
650 | spin_lock_bh(&wdev->mgmt_registrations_lock); | |
651 | ||
652 | list_for_each_entry(reg, &wdev->mgmt_registrations, list) { | |
653 | if (reg->frame_type != ftype) | |
654 | continue; | |
026331c4 | 655 | |
2e161f78 | 656 | if (reg->match_len > data_len) |
026331c4 JM |
657 | continue; |
658 | ||
2e161f78 | 659 | if (memcmp(reg->match, data, reg->match_len)) |
026331c4 JM |
660 | continue; |
661 | ||
662 | /* found match! */ | |
663 | ||
664 | /* Indicate the received Action frame to user space */ | |
15e47304 | 665 | if (nl80211_send_mgmt(rdev, wdev, reg->nlportid, |
804483e9 | 666 | freq, sig_mbm, |
19504cf5 | 667 | buf, len, flags, gfp)) |
026331c4 JM |
668 | continue; |
669 | ||
670 | result = true; | |
671 | break; | |
672 | } | |
673 | ||
2e161f78 | 674 | spin_unlock_bh(&wdev->mgmt_registrations_lock); |
026331c4 | 675 | |
4ee3e063 | 676 | trace_cfg80211_return_bool(result); |
026331c4 JM |
677 | return result; |
678 | } | |
2e161f78 | 679 | EXPORT_SYMBOL(cfg80211_rx_mgmt); |
026331c4 | 680 | |
04f39047 SW |
681 | void cfg80211_dfs_channels_update_work(struct work_struct *work) |
682 | { | |
683 | struct delayed_work *delayed_work; | |
684 | struct cfg80211_registered_device *rdev; | |
685 | struct cfg80211_chan_def chandef; | |
686 | struct ieee80211_supported_band *sband; | |
687 | struct ieee80211_channel *c; | |
688 | struct wiphy *wiphy; | |
689 | bool check_again = false; | |
690 | unsigned long timeout, next_time = 0; | |
691 | int bandid, i; | |
692 | ||
693 | delayed_work = container_of(work, struct delayed_work, work); | |
694 | rdev = container_of(delayed_work, struct cfg80211_registered_device, | |
695 | dfs_update_channels_wk); | |
696 | wiphy = &rdev->wiphy; | |
697 | ||
5fe231e8 | 698 | rtnl_lock(); |
04f39047 SW |
699 | for (bandid = 0; bandid < IEEE80211_NUM_BANDS; bandid++) { |
700 | sband = wiphy->bands[bandid]; | |
701 | if (!sband) | |
702 | continue; | |
703 | ||
704 | for (i = 0; i < sband->n_channels; i++) { | |
705 | c = &sband->channels[i]; | |
706 | ||
707 | if (c->dfs_state != NL80211_DFS_UNAVAILABLE) | |
708 | continue; | |
709 | ||
c532a58b MK |
710 | timeout = c->dfs_state_entered + msecs_to_jiffies( |
711 | IEEE80211_DFS_MIN_NOP_TIME_MS); | |
04f39047 SW |
712 | |
713 | if (time_after_eq(jiffies, timeout)) { | |
714 | c->dfs_state = NL80211_DFS_USABLE; | |
bbe09bbc MK |
715 | c->dfs_state_entered = jiffies; |
716 | ||
04f39047 SW |
717 | cfg80211_chandef_create(&chandef, c, |
718 | NL80211_CHAN_NO_HT); | |
719 | ||
720 | nl80211_radar_notify(rdev, &chandef, | |
721 | NL80211_RADAR_NOP_FINISHED, | |
722 | NULL, GFP_ATOMIC); | |
723 | continue; | |
724 | } | |
725 | ||
726 | if (!check_again) | |
727 | next_time = timeout - jiffies; | |
728 | else | |
729 | next_time = min(next_time, timeout - jiffies); | |
730 | check_again = true; | |
731 | } | |
732 | } | |
5fe231e8 | 733 | rtnl_unlock(); |
04f39047 SW |
734 | |
735 | /* reschedule if there are other channels waiting to be cleared again */ | |
736 | if (check_again) | |
737 | queue_delayed_work(cfg80211_wq, &rdev->dfs_update_channels_wk, | |
738 | next_time); | |
739 | } | |
740 | ||
741 | ||
742 | void cfg80211_radar_event(struct wiphy *wiphy, | |
743 | struct cfg80211_chan_def *chandef, | |
744 | gfp_t gfp) | |
745 | { | |
746 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); | |
747 | unsigned long timeout; | |
748 | ||
749 | trace_cfg80211_radar_event(wiphy, chandef); | |
750 | ||
751 | /* only set the chandef supplied channel to unavailable, in | |
752 | * case the radar is detected on only one of multiple channels | |
753 | * spanned by the chandef. | |
754 | */ | |
755 | cfg80211_set_dfs_state(wiphy, chandef, NL80211_DFS_UNAVAILABLE); | |
756 | ||
757 | timeout = msecs_to_jiffies(IEEE80211_DFS_MIN_NOP_TIME_MS); | |
758 | queue_delayed_work(cfg80211_wq, &rdev->dfs_update_channels_wk, | |
759 | timeout); | |
760 | ||
761 | nl80211_radar_notify(rdev, chandef, NL80211_RADAR_DETECTED, NULL, gfp); | |
762 | } | |
763 | EXPORT_SYMBOL(cfg80211_radar_event); | |
764 | ||
765 | void cfg80211_cac_event(struct net_device *netdev, | |
766 | enum nl80211_radar_event event, gfp_t gfp) | |
767 | { | |
768 | struct wireless_dev *wdev = netdev->ieee80211_ptr; | |
769 | struct wiphy *wiphy = wdev->wiphy; | |
770 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); | |
771 | struct cfg80211_chan_def chandef; | |
772 | unsigned long timeout; | |
773 | ||
774 | trace_cfg80211_cac_event(netdev, event); | |
775 | ||
776 | if (WARN_ON(!wdev->cac_started)) | |
777 | return; | |
778 | ||
779 | if (WARN_ON(!wdev->channel)) | |
780 | return; | |
781 | ||
782 | cfg80211_chandef_create(&chandef, wdev->channel, NL80211_CHAN_NO_HT); | |
783 | ||
784 | switch (event) { | |
785 | case NL80211_RADAR_CAC_FINISHED: | |
786 | timeout = wdev->cac_start_time + | |
787 | msecs_to_jiffies(IEEE80211_DFS_MIN_CAC_TIME_MS); | |
788 | WARN_ON(!time_after_eq(jiffies, timeout)); | |
789 | cfg80211_set_dfs_state(wiphy, &chandef, NL80211_DFS_AVAILABLE); | |
790 | break; | |
791 | case NL80211_RADAR_CAC_ABORTED: | |
792 | break; | |
793 | default: | |
794 | WARN_ON(1); | |
795 | return; | |
796 | } | |
797 | wdev->cac_started = false; | |
798 | ||
799 | nl80211_radar_notify(rdev, &chandef, event, netdev, gfp); | |
800 | } | |
801 | EXPORT_SYMBOL(cfg80211_cac_event); |