projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
{nl,cfg,mac}80211: Allow user to see/configure HT protection mode
[deliverable/linux.git] / net / wireless / nl80211.c
1 /*
2 * This is the new netlink-based wireless configuration interface.
3 *
4 * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net>
5 */
6
7 #include <linux/if.h>
8 #include <linux/module.h>
9 #include <linux/err.h>
10 #include <linux/slab.h>
11 #include <linux/list.h>
12 #include <linux/if_ether.h>
13 #include <linux/ieee80211.h>
14 #include <linux/nl80211.h>
15 #include <linux/rtnetlink.h>
16 #include <linux/netlink.h>
17 #include <linux/etherdevice.h>
18 #include <net/net_namespace.h>
19 #include <net/genetlink.h>
20 #include <net/cfg80211.h>
21 #include <net/sock.h>
22 #include "core.h"
23 #include "nl80211.h"
24 #include "reg.h"
25
26 static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type);
27 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
28 struct genl_info *info,
29 struct cfg80211_crypto_settings *settings,
30 int cipher_limit);
31
32 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb,
33 struct genl_info *info);
34 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb,
35 struct genl_info *info);
36
37 /* the netlink family */
38 static struct genl_family nl80211_fam = {
39 .id = GENL_ID_GENERATE, /* don't bother with a hardcoded ID */
40 .name = "nl80211", /* have users key off the name instead */
41 .hdrsize = 0, /* no private header */
42 .version = 1, /* no particular meaning now */
43 .maxattr = NL80211_ATTR_MAX,
44 .netnsok = true,
45 .pre_doit = nl80211_pre_doit,
46 .post_doit = nl80211_post_doit,
47 };
48
49 /* internal helper: get rdev and dev */
50 static int get_rdev_dev_by_ifindex(struct net *netns, struct nlattr **attrs,
51 struct cfg80211_registered_device **rdev,
52 struct net_device **dev)
53 {
54 int ifindex;
55
56 if (!attrs[NL80211_ATTR_IFINDEX])
57 return -EINVAL;
58
59 ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
60 *dev = dev_get_by_index(netns, ifindex);
61 if (!*dev)
62 return -ENODEV;
63
64 *rdev = cfg80211_get_dev_from_ifindex(netns, ifindex);
65 if (IS_ERR(*rdev)) {
66 dev_put(*dev);
67 return PTR_ERR(*rdev);
68 }
69
70 return 0;
71 }
72
73 /* policy for the attributes */
74 static const struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] = {
75 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 },
76 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING,
77 .len = 20-1 },
78 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED },
79 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 },
80 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 },
81 [NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 },
82 [NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 },
83 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 },
84 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 },
85 [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 },
86
87 [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 },
88 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 },
89 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 },
90
91 [NL80211_ATTR_MAC] = { .len = ETH_ALEN },
92 [NL80211_ATTR_PREV_BSSID] = { .len = ETH_ALEN },
93
94 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, },
95 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY,
96 .len = WLAN_MAX_KEY_LEN },
97 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 },
98 [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 },
99 [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG },
100 [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 },
101 [NL80211_ATTR_KEY_TYPE] = { .type = NLA_U32 },
102
103 [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 },
104 [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 },
105 [NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY,
106 .len = IEEE80211_MAX_DATA_LEN },
107 [NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY,
108 .len = IEEE80211_MAX_DATA_LEN },
109 [NL80211_ATTR_STA_AID] = { .type = NLA_U16 },
110 [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED },
111 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 },
112 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY,
113 .len = NL80211_MAX_SUPP_RATES },
114 [NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 },
115 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 },
116 [NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ },
117 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY,
118 .len = IEEE80211_MAX_MESH_ID_LEN },
119 [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 },
120
121 [NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 },
122 [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED },
123
124 [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 },
125 [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 },
126 [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 },
127 [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY,
128 .len = NL80211_MAX_SUPP_RATES },
129 [NL80211_ATTR_BSS_HT_OPMODE] = { .type = NLA_U16 },
130
131 [NL80211_ATTR_MESH_CONFIG] = { .type = NLA_NESTED },
132 [NL80211_ATTR_SUPPORT_MESH_AUTH] = { .type = NLA_FLAG },
133
134 [NL80211_ATTR_HT_CAPABILITY] = { .len = NL80211_HT_CAPABILITY_LEN },
135
136 [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 },
137 [NL80211_ATTR_IE] = { .type = NLA_BINARY,
138 .len = IEEE80211_MAX_DATA_LEN },
139 [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED },
140 [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED },
141
142 [NL80211_ATTR_SSID] = { .type = NLA_BINARY,
143 .len = IEEE80211_MAX_SSID_LEN },
144 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 },
145 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 },
146 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG },
147 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG },
148 [NL80211_ATTR_USE_MFP] = { .type = NLA_U32 },
149 [NL80211_ATTR_STA_FLAGS2] = {
150 .len = sizeof(struct nl80211_sta_flag_update),
151 },
152 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG },
153 [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 },
154 [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG },
155 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG },
156 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 },
157 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 },
158 [NL80211_ATTR_PID] = { .type = NLA_U32 },
159 [NL80211_ATTR_4ADDR] = { .type = NLA_U8 },
160 [NL80211_ATTR_PMKID] = { .type = NLA_BINARY,
161 .len = WLAN_PMKID_LEN },
162 [NL80211_ATTR_DURATION] = { .type = NLA_U32 },
163 [NL80211_ATTR_COOKIE] = { .type = NLA_U64 },
164 [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED },
165 [NL80211_ATTR_FRAME] = { .type = NLA_BINARY,
166 .len = IEEE80211_MAX_DATA_LEN },
167 [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, },
168 [NL80211_ATTR_PS_STATE] = { .type = NLA_U32 },
169 [NL80211_ATTR_CQM] = { .type = NLA_NESTED, },
170 [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG },
171 [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 },
172 [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 },
173 [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 },
174 [NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 },
175 [NL80211_ATTR_WIPHY_ANTENNA_TX] = { .type = NLA_U32 },
176 [NL80211_ATTR_WIPHY_ANTENNA_RX] = { .type = NLA_U32 },
177 [NL80211_ATTR_MCAST_RATE] = { .type = NLA_U32 },
178 [NL80211_ATTR_OFFCHANNEL_TX_OK] = { .type = NLA_FLAG },
179 [NL80211_ATTR_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
180 [NL80211_ATTR_WOWLAN_TRIGGERS] = { .type = NLA_NESTED },
181 [NL80211_ATTR_STA_PLINK_STATE] = { .type = NLA_U8 },
182 [NL80211_ATTR_SCHED_SCAN_INTERVAL] = { .type = NLA_U32 },
183 [NL80211_ATTR_REKEY_DATA] = { .type = NLA_NESTED },
184 [NL80211_ATTR_SCAN_SUPP_RATES] = { .type = NLA_NESTED },
185 [NL80211_ATTR_HIDDEN_SSID] = { .type = NLA_U32 },
186 [NL80211_ATTR_IE_PROBE_RESP] = { .type = NLA_BINARY,
187 .len = IEEE80211_MAX_DATA_LEN },
188 [NL80211_ATTR_IE_ASSOC_RESP] = { .type = NLA_BINARY,
189 .len = IEEE80211_MAX_DATA_LEN },
190 [NL80211_ATTR_ROAM_SUPPORT] = { .type = NLA_FLAG },
191 [NL80211_ATTR_SCHED_SCAN_MATCH] = { .type = NLA_NESTED },
192 [NL80211_ATTR_TX_NO_CCK_RATE] = { .type = NLA_FLAG },
193 [NL80211_ATTR_TDLS_ACTION] = { .type = NLA_U8 },
194 [NL80211_ATTR_TDLS_DIALOG_TOKEN] = { .type = NLA_U8 },
195 [NL80211_ATTR_TDLS_OPERATION] = { .type = NLA_U8 },
196 [NL80211_ATTR_TDLS_SUPPORT] = { .type = NLA_FLAG },
197 [NL80211_ATTR_TDLS_EXTERNAL_SETUP] = { .type = NLA_FLAG },
198 [NL80211_ATTR_DONT_WAIT_FOR_ACK] = { .type = NLA_FLAG },
199 [NL80211_ATTR_PROBE_RESP] = { .type = NLA_BINARY,
200 .len = IEEE80211_MAX_DATA_LEN },
201 [NL80211_ATTR_DFS_REGION] = { .type = NLA_U8 },
202 [NL80211_ATTR_DISABLE_HT] = { .type = NLA_FLAG },
203 [NL80211_ATTR_HT_CAPABILITY_MASK] = {
204 .len = NL80211_HT_CAPABILITY_LEN
205 },
206 [NL80211_ATTR_NOACK_MAP] = { .type = NLA_U16 },
207 [NL80211_ATTR_INACTIVITY_TIMEOUT] = { .type = NLA_U16 },
208 [NL80211_ATTR_BG_SCAN_PERIOD] = { .type = NLA_U16 },
209 };
210
211 /* policy for the key attributes */
212 static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = {
213 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN },
214 [NL80211_KEY_IDX] = { .type = NLA_U8 },
215 [NL80211_KEY_CIPHER] = { .type = NLA_U32 },
216 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 },
217 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG },
218 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG },
219 [NL80211_KEY_TYPE] = { .type = NLA_U32 },
220 [NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
221 };
222
223 /* policy for the key default flags */
224 static const struct nla_policy
225 nl80211_key_default_policy[NUM_NL80211_KEY_DEFAULT_TYPES] = {
226 [NL80211_KEY_DEFAULT_TYPE_UNICAST] = { .type = NLA_FLAG },
227 [NL80211_KEY_DEFAULT_TYPE_MULTICAST] = { .type = NLA_FLAG },
228 };
229
230 /* policy for WoWLAN attributes */
231 static const struct nla_policy
232 nl80211_wowlan_policy[NUM_NL80211_WOWLAN_TRIG] = {
233 [NL80211_WOWLAN_TRIG_ANY] = { .type = NLA_FLAG },
234 [NL80211_WOWLAN_TRIG_DISCONNECT] = { .type = NLA_FLAG },
235 [NL80211_WOWLAN_TRIG_MAGIC_PKT] = { .type = NLA_FLAG },
236 [NL80211_WOWLAN_TRIG_PKT_PATTERN] = { .type = NLA_NESTED },
237 [NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE] = { .type = NLA_FLAG },
238 [NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST] = { .type = NLA_FLAG },
239 [NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE] = { .type = NLA_FLAG },
240 [NL80211_WOWLAN_TRIG_RFKILL_RELEASE] = { .type = NLA_FLAG },
241 };
242
243 /* policy for GTK rekey offload attributes */
244 static const struct nla_policy
245 nl80211_rekey_policy[NUM_NL80211_REKEY_DATA] = {
246 [NL80211_REKEY_DATA_KEK] = { .len = NL80211_KEK_LEN },
247 [NL80211_REKEY_DATA_KCK] = { .len = NL80211_KCK_LEN },
248 [NL80211_REKEY_DATA_REPLAY_CTR] = { .len = NL80211_REPLAY_CTR_LEN },
249 };
250
251 static const struct nla_policy
252 nl80211_match_policy[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1] = {
253 [NL80211_ATTR_SCHED_SCAN_MATCH_SSID] = { .type = NLA_BINARY,
254 .len = IEEE80211_MAX_SSID_LEN },
255 };
256
257 /* ifidx get helper */
258 static int nl80211_get_ifidx(struct netlink_callback *cb)
259 {
260 int res;
261
262 res = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize,
263 nl80211_fam.attrbuf, nl80211_fam.maxattr,
264 nl80211_policy);
265 if (res)
266 return res;
267
268 if (!nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX])
269 return -EINVAL;
270
271 res = nla_get_u32(nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]);
272 if (!res)
273 return -EINVAL;
274 return res;
275 }
276
277 static int nl80211_prepare_netdev_dump(struct sk_buff *skb,
278 struct netlink_callback *cb,
279 struct cfg80211_registered_device **rdev,
280 struct net_device **dev)
281 {
282 int ifidx = cb->args[0];
283 int err;
284
285 if (!ifidx)
286 ifidx = nl80211_get_ifidx(cb);
287 if (ifidx < 0)
288 return ifidx;
289
290 cb->args[0] = ifidx;
291
292 rtnl_lock();
293
294 *dev = __dev_get_by_index(sock_net(skb->sk), ifidx);
295 if (!*dev) {
296 err = -ENODEV;
297 goto out_rtnl;
298 }
299
300 *rdev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx);
301 if (IS_ERR(*rdev)) {
302 err = PTR_ERR(*rdev);
303 goto out_rtnl;
304 }
305
306 return 0;
307 out_rtnl:
308 rtnl_unlock();
309 return err;
310 }
311
312 static void nl80211_finish_netdev_dump(struct cfg80211_registered_device *rdev)
313 {
314 cfg80211_unlock_rdev(rdev);
315 rtnl_unlock();
316 }
317
318 /* IE validation */
319 static bool is_valid_ie_attr(const struct nlattr *attr)
320 {
321 const u8 *pos;
322 int len;
323
324 if (!attr)
325 return true;
326
327 pos = nla_data(attr);
328 len = nla_len(attr);
329
330 while (len) {
331 u8 elemlen;
332
333 if (len < 2)
334 return false;
335 len -= 2;
336
337 elemlen = pos[1];
338 if (elemlen > len)
339 return false;
340
341 len -= elemlen;
342 pos += 2 + elemlen;
343 }
344
345 return true;
346 }
347
348 /* message building helper */
349 static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq,
350 int flags, u8 cmd)
351 {
352 /* since there is no private header just add the generic one */
353 return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd);
354 }
355
356 static int nl80211_msg_put_channel(struct sk_buff *msg,
357 struct ieee80211_channel *chan)
358 {
359 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_FREQ,
360 chan->center_freq))
361 goto nla_put_failure;
362
363 if ((chan->flags & IEEE80211_CHAN_DISABLED) &&
364 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_DISABLED))
365 goto nla_put_failure;
366 if ((chan->flags & IEEE80211_CHAN_PASSIVE_SCAN) &&
367 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_PASSIVE_SCAN))
368 goto nla_put_failure;
369 if ((chan->flags & IEEE80211_CHAN_NO_IBSS) &&
370 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_IBSS))
371 goto nla_put_failure;
372 if ((chan->flags & IEEE80211_CHAN_RADAR) &&
373 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_RADAR))
374 goto nla_put_failure;
375
376 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER,
377 DBM_TO_MBM(chan->max_power)))
378 goto nla_put_failure;
379
380 return 0;
381
382 nla_put_failure:
383 return -ENOBUFS;
384 }
385
386 /* netlink command implementations */
387
388 struct key_parse {
389 struct key_params p;
390 int idx;
391 int type;
392 bool def, defmgmt;
393 bool def_uni, def_multi;
394 };
395
396 static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k)
397 {
398 struct nlattr *tb[NL80211_KEY_MAX + 1];
399 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key,
400 nl80211_key_policy);
401 if (err)
402 return err;
403
404 k->def = !!tb[NL80211_KEY_DEFAULT];
405 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT];
406
407 if (k->def) {
408 k->def_uni = true;
409 k->def_multi = true;
410 }
411 if (k->defmgmt)
412 k->def_multi = true;
413
414 if (tb[NL80211_KEY_IDX])
415 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]);
416
417 if (tb[NL80211_KEY_DATA]) {
418 k->p.key = nla_data(tb[NL80211_KEY_DATA]);
419 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]);
420 }
421
422 if (tb[NL80211_KEY_SEQ]) {
423 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]);
424 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]);
425 }
426
427 if (tb[NL80211_KEY_CIPHER])
428 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]);
429
430 if (tb[NL80211_KEY_TYPE]) {
431 k->type = nla_get_u32(tb[NL80211_KEY_TYPE]);
432 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES)
433 return -EINVAL;
434 }
435
436 if (tb[NL80211_KEY_DEFAULT_TYPES]) {
437 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES];
438 err = nla_parse_nested(kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1,
439 tb[NL80211_KEY_DEFAULT_TYPES],
440 nl80211_key_default_policy);
441 if (err)
442 return err;
443
444 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST];
445 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST];
446 }
447
448 return 0;
449 }
450
451 static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k)
452 {
453 if (info->attrs[NL80211_ATTR_KEY_DATA]) {
454 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]);
455 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
456 }
457
458 if (info->attrs[NL80211_ATTR_KEY_SEQ]) {
459 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]);
460 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]);
461 }
462
463 if (info->attrs[NL80211_ATTR_KEY_IDX])
464 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
465
466 if (info->attrs[NL80211_ATTR_KEY_CIPHER])
467 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]);
468
469 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT];
470 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT];
471
472 if (k->def) {
473 k->def_uni = true;
474 k->def_multi = true;
475 }
476 if (k->defmgmt)
477 k->def_multi = true;
478
479 if (info->attrs[NL80211_ATTR_KEY_TYPE]) {
480 k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]);
481 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES)
482 return -EINVAL;
483 }
484
485 if (info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES]) {
486 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES];
487 int err = nla_parse_nested(
488 kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1,
489 info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES],
490 nl80211_key_default_policy);
491 if (err)
492 return err;
493
494 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST];
495 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST];
496 }
497
498 return 0;
499 }
500
501 static int nl80211_parse_key(struct genl_info *info, struct key_parse *k)
502 {
503 int err;
504
505 memset(k, 0, sizeof(*k));
506 k->idx = -1;
507 k->type = -1;
508
509 if (info->attrs[NL80211_ATTR_KEY])
510 err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k);
511 else
512 err = nl80211_parse_key_old(info, k);
513
514 if (err)
515 return err;
516
517 if (k->def && k->defmgmt)
518 return -EINVAL;
519
520 if (k->defmgmt) {
521 if (k->def_uni || !k->def_multi)
522 return -EINVAL;
523 }
524
525 if (k->idx != -1) {
526 if (k->defmgmt) {
527 if (k->idx < 4 || k->idx > 5)
528 return -EINVAL;
529 } else if (k->def) {
530 if (k->idx < 0 || k->idx > 3)
531 return -EINVAL;
532 } else {
533 if (k->idx < 0 || k->idx > 5)
534 return -EINVAL;
535 }
536 }
537
538 return 0;
539 }
540
541 static struct cfg80211_cached_keys *
542 nl80211_parse_connkeys(struct cfg80211_registered_device *rdev,
543 struct nlattr *keys)
544 {
545 struct key_parse parse;
546 struct nlattr *key;
547 struct cfg80211_cached_keys *result;
548 int rem, err, def = 0;
549
550 result = kzalloc(sizeof(*result), GFP_KERNEL);
551 if (!result)
552 return ERR_PTR(-ENOMEM);
553
554 result->def = -1;
555 result->defmgmt = -1;
556
557 nla_for_each_nested(key, keys, rem) {
558 memset(&parse, 0, sizeof(parse));
559 parse.idx = -1;
560
561 err = nl80211_parse_key_new(key, &parse);
562 if (err)
563 goto error;
564 err = -EINVAL;
565 if (!parse.p.key)
566 goto error;
567 if (parse.idx < 0 || parse.idx > 4)
568 goto error;
569 if (parse.def) {
570 if (def)
571 goto error;
572 def = 1;
573 result->def = parse.idx;
574 if (!parse.def_uni || !parse.def_multi)
575 goto error;
576 } else if (parse.defmgmt)
577 goto error;
578 err = cfg80211_validate_key_settings(rdev, &parse.p,
579 parse.idx, false, NULL);
580 if (err)
581 goto error;
582 result->params[parse.idx].cipher = parse.p.cipher;
583 result->params[parse.idx].key_len = parse.p.key_len;
584 result->params[parse.idx].key = result->data[parse.idx];
585 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len);
586 }
587
588 return result;
589 error:
590 kfree(result);
591 return ERR_PTR(err);
592 }
593
594 static int nl80211_key_allowed(struct wireless_dev *wdev)
595 {
596 ASSERT_WDEV_LOCK(wdev);
597
598 switch (wdev->iftype) {
599 case NL80211_IFTYPE_AP:
600 case NL80211_IFTYPE_AP_VLAN:
601 case NL80211_IFTYPE_P2P_GO:
602 case NL80211_IFTYPE_MESH_POINT:
603 break;
604 case NL80211_IFTYPE_ADHOC:
605 if (!wdev->current_bss)
606 return -ENOLINK;
607 break;
608 case NL80211_IFTYPE_STATION:
609 case NL80211_IFTYPE_P2P_CLIENT:
610 if (wdev->sme_state != CFG80211_SME_CONNECTED)
611 return -ENOLINK;
612 break;
613 default:
614 return -EINVAL;
615 }
616
617 return 0;
618 }
619
620 static int nl80211_put_iftypes(struct sk_buff *msg, u32 attr, u16 ifmodes)
621 {
622 struct nlattr *nl_modes = nla_nest_start(msg, attr);
623 int i;
624
625 if (!nl_modes)
626 goto nla_put_failure;
627
628 i = 0;
629 while (ifmodes) {
630 if ((ifmodes & 1) && nla_put_flag(msg, i))
631 goto nla_put_failure;
632 ifmodes >>= 1;
633 i++;
634 }
635
636 nla_nest_end(msg, nl_modes);
637 return 0;
638
639 nla_put_failure:
640 return -ENOBUFS;
641 }
642
643 static int nl80211_put_iface_combinations(struct wiphy *wiphy,
644 struct sk_buff *msg)
645 {
646 struct nlattr *nl_combis;
647 int i, j;
648
649 nl_combis = nla_nest_start(msg,
650 NL80211_ATTR_INTERFACE_COMBINATIONS);
651 if (!nl_combis)
652 goto nla_put_failure;
653
654 for (i = 0; i < wiphy->n_iface_combinations; i++) {
655 const struct ieee80211_iface_combination *c;
656 struct nlattr *nl_combi, *nl_limits;
657
658 c = &wiphy->iface_combinations[i];
659
660 nl_combi = nla_nest_start(msg, i + 1);
661 if (!nl_combi)
662 goto nla_put_failure;
663
664 nl_limits = nla_nest_start(msg, NL80211_IFACE_COMB_LIMITS);
665 if (!nl_limits)
666 goto nla_put_failure;
667
668 for (j = 0; j < c->n_limits; j++) {
669 struct nlattr *nl_limit;
670
671 nl_limit = nla_nest_start(msg, j + 1);
672 if (!nl_limit)
673 goto nla_put_failure;
674 if (nla_put_u32(msg, NL80211_IFACE_LIMIT_MAX,
675 c->limits[j].max))
676 goto nla_put_failure;
677 if (nl80211_put_iftypes(msg, NL80211_IFACE_LIMIT_TYPES,
678 c->limits[j].types))
679 goto nla_put_failure;
680 nla_nest_end(msg, nl_limit);
681 }
682
683 nla_nest_end(msg, nl_limits);
684
685 if (c->beacon_int_infra_match &&
686 nla_put_flag(msg, NL80211_IFACE_COMB_STA_AP_BI_MATCH))
687 goto nla_put_failure;
688 if (nla_put_u32(msg, NL80211_IFACE_COMB_NUM_CHANNELS,
689 c->num_different_channels) ||
690 nla_put_u32(msg, NL80211_IFACE_COMB_MAXNUM,
691 c->max_interfaces))
692 goto nla_put_failure;
693
694 nla_nest_end(msg, nl_combi);
695 }
696
697 nla_nest_end(msg, nl_combis);
698
699 return 0;
700 nla_put_failure:
701 return -ENOBUFS;
702 }
703
704 static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags,
705 struct cfg80211_registered_device *dev)
706 {
707 void *hdr;
708 struct nlattr *nl_bands, *nl_band;
709 struct nlattr *nl_freqs, *nl_freq;
710 struct nlattr *nl_rates, *nl_rate;
711 struct nlattr *nl_cmds;
712 enum ieee80211_band band;
713 struct ieee80211_channel *chan;
714 struct ieee80211_rate *rate;
715 int i;
716 const struct ieee80211_txrx_stypes *mgmt_stypes =
717 dev->wiphy.mgmt_stypes;
718
719 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_WIPHY);
720 if (!hdr)
721 return -1;
722
723 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx) ||
724 nla_put_string(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy)) ||
725 nla_put_u32(msg, NL80211_ATTR_GENERATION,
726 cfg80211_rdev_list_generation) ||
727 nla_put_u8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT,
728 dev->wiphy.retry_short) ||
729 nla_put_u8(msg, NL80211_ATTR_WIPHY_RETRY_LONG,
730 dev->wiphy.retry_long) ||
731 nla_put_u32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD,
732 dev->wiphy.frag_threshold) ||
733 nla_put_u32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD,
734 dev->wiphy.rts_threshold) ||
735 nla_put_u8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS,
736 dev->wiphy.coverage_class) ||
737 nla_put_u8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS,
738 dev->wiphy.max_scan_ssids) ||
739 nla_put_u8(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS,
740 dev->wiphy.max_sched_scan_ssids) ||
741 nla_put_u16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN,
742 dev->wiphy.max_scan_ie_len) ||
743 nla_put_u16(msg, NL80211_ATTR_MAX_SCHED_SCAN_IE_LEN,
744 dev->wiphy.max_sched_scan_ie_len) ||
745 nla_put_u8(msg, NL80211_ATTR_MAX_MATCH_SETS,
746 dev->wiphy.max_match_sets))
747 goto nla_put_failure;
748
749 if ((dev->wiphy.flags & WIPHY_FLAG_IBSS_RSN) &&
750 nla_put_flag(msg, NL80211_ATTR_SUPPORT_IBSS_RSN))
751 goto nla_put_failure;
752 if ((dev->wiphy.flags & WIPHY_FLAG_MESH_AUTH) &&
753 nla_put_flag(msg, NL80211_ATTR_SUPPORT_MESH_AUTH))
754 goto nla_put_failure;
755 if ((dev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) &&
756 nla_put_flag(msg, NL80211_ATTR_SUPPORT_AP_UAPSD))
757 goto nla_put_failure;
758 if ((dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_FW_ROAM) &&
759 nla_put_flag(msg, NL80211_ATTR_ROAM_SUPPORT))
760 goto nla_put_failure;
761 if ((dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) &&
762 nla_put_flag(msg, NL80211_ATTR_TDLS_SUPPORT))
763 goto nla_put_failure;
764 if ((dev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP) &&
765 nla_put_flag(msg, NL80211_ATTR_TDLS_EXTERNAL_SETUP))
766 goto nla_put_failure;
767
768 if (nla_put(msg, NL80211_ATTR_CIPHER_SUITES,
769 sizeof(u32) * dev->wiphy.n_cipher_suites,
770 dev->wiphy.cipher_suites))
771 goto nla_put_failure;
772
773 if (nla_put_u8(msg, NL80211_ATTR_MAX_NUM_PMKIDS,
774 dev->wiphy.max_num_pmkids))
775 goto nla_put_failure;
776
777 if ((dev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) &&
778 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE))
779 goto nla_put_failure;
780
781 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_TX,
782 dev->wiphy.available_antennas_tx) ||
783 nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_RX,
784 dev->wiphy.available_antennas_rx))
785 goto nla_put_failure;
786
787 if ((dev->wiphy.flags & WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD) &&
788 nla_put_u32(msg, NL80211_ATTR_PROBE_RESP_OFFLOAD,
789 dev->wiphy.probe_resp_offload))
790 goto nla_put_failure;
791
792 if ((dev->wiphy.available_antennas_tx ||
793 dev->wiphy.available_antennas_rx) && dev->ops->get_antenna) {
794 u32 tx_ant = 0, rx_ant = 0;
795 int res;
796 res = dev->ops->get_antenna(&dev->wiphy, &tx_ant, &rx_ant);
797 if (!res) {
798 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_TX,
799 tx_ant) ||
800 nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_RX,
801 rx_ant))
802 goto nla_put_failure;
803 }
804 }
805
806 if (nl80211_put_iftypes(msg, NL80211_ATTR_SUPPORTED_IFTYPES,
807 dev->wiphy.interface_modes))
808 goto nla_put_failure;
809
810 nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS);
811 if (!nl_bands)
812 goto nla_put_failure;
813
814 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
815 if (!dev->wiphy.bands[band])
816 continue;
817
818 nl_band = nla_nest_start(msg, band);
819 if (!nl_band)
820 goto nla_put_failure;
821
822 /* add HT info */
823 if (dev->wiphy.bands[band]->ht_cap.ht_supported &&
824 (nla_put(msg, NL80211_BAND_ATTR_HT_MCS_SET,
825 sizeof(dev->wiphy.bands[band]->ht_cap.mcs),
826 &dev->wiphy.bands[band]->ht_cap.mcs) ||
827 nla_put_u16(msg, NL80211_BAND_ATTR_HT_CAPA,
828 dev->wiphy.bands[band]->ht_cap.cap) ||
829 nla_put_u8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR,
830 dev->wiphy.bands[band]->ht_cap.ampdu_factor) ||
831 nla_put_u8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY,
832 dev->wiphy.bands[band]->ht_cap.ampdu_density)))
833 goto nla_put_failure;
834
835 /* add frequencies */
836 nl_freqs = nla_nest_start(msg, NL80211_BAND_ATTR_FREQS);
837 if (!nl_freqs)
838 goto nla_put_failure;
839
840 for (i = 0; i < dev->wiphy.bands[band]->n_channels; i++) {
841 nl_freq = nla_nest_start(msg, i);
842 if (!nl_freq)
843 goto nla_put_failure;
844
845 chan = &dev->wiphy.bands[band]->channels[i];
846
847 if (nl80211_msg_put_channel(msg, chan))
848 goto nla_put_failure;
849
850 nla_nest_end(msg, nl_freq);
851 }
852
853 nla_nest_end(msg, nl_freqs);
854
855 /* add bitrates */
856 nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES);
857 if (!nl_rates)
858 goto nla_put_failure;
859
860 for (i = 0; i < dev->wiphy.bands[band]->n_bitrates; i++) {
861 nl_rate = nla_nest_start(msg, i);
862 if (!nl_rate)
863 goto nla_put_failure;
864
865 rate = &dev->wiphy.bands[band]->bitrates[i];
866 if (nla_put_u32(msg, NL80211_BITRATE_ATTR_RATE,
867 rate->bitrate))
868 goto nla_put_failure;
869 if ((rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) &&
870 nla_put_flag(msg,
871 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE))
872 goto nla_put_failure;
873
874 nla_nest_end(msg, nl_rate);
875 }
876
877 nla_nest_end(msg, nl_rates);
878
879 nla_nest_end(msg, nl_band);
880 }
881 nla_nest_end(msg, nl_bands);
882
883 nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS);
884 if (!nl_cmds)
885 goto nla_put_failure;
886
887 i = 0;
888 #define CMD(op, n) \
889 do { \
890 if (dev->ops->op) { \
891 i++; \
892 if (nla_put_u32(msg, i, NL80211_CMD_ ## n)) \
893 goto nla_put_failure; \
894 } \
895 } while (0)
896
897 CMD(add_virtual_intf, NEW_INTERFACE);
898 CMD(change_virtual_intf, SET_INTERFACE);
899 CMD(add_key, NEW_KEY);
900 CMD(start_ap, START_AP);
901 CMD(add_station, NEW_STATION);
902 CMD(add_mpath, NEW_MPATH);
903 CMD(update_mesh_config, SET_MESH_CONFIG);
904 CMD(change_bss, SET_BSS);
905 CMD(auth, AUTHENTICATE);
906 CMD(assoc, ASSOCIATE);
907 CMD(deauth, DEAUTHENTICATE);
908 CMD(disassoc, DISASSOCIATE);
909 CMD(join_ibss, JOIN_IBSS);
910 CMD(join_mesh, JOIN_MESH);
911 CMD(set_pmksa, SET_PMKSA);
912 CMD(del_pmksa, DEL_PMKSA);
913 CMD(flush_pmksa, FLUSH_PMKSA);
914 if (dev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL)
915 CMD(remain_on_channel, REMAIN_ON_CHANNEL);
916 CMD(set_bitrate_mask, SET_TX_BITRATE_MASK);
917 CMD(mgmt_tx, FRAME);
918 CMD(mgmt_tx_cancel_wait, FRAME_WAIT_CANCEL);
919 if (dev->wiphy.flags & WIPHY_FLAG_NETNS_OK) {
920 i++;
921 if (nla_put_u32(msg, i, NL80211_CMD_SET_WIPHY_NETNS))
922 goto nla_put_failure;
923 }
924 CMD(set_channel, SET_CHANNEL);
925 CMD(set_wds_peer, SET_WDS_PEER);
926 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) {
927 CMD(tdls_mgmt, TDLS_MGMT);
928 CMD(tdls_oper, TDLS_OPER);
929 }
930 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN)
931 CMD(sched_scan_start, START_SCHED_SCAN);
932 CMD(probe_client, PROBE_CLIENT);
933 CMD(set_noack_map, SET_NOACK_MAP);
934 if (dev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS) {
935 i++;
936 if (nla_put_u32(msg, i, NL80211_CMD_REGISTER_BEACONS))
937 goto nla_put_failure;
938 }
939
940 #ifdef CONFIG_NL80211_TESTMODE
941 CMD(testmode_cmd, TESTMODE);
942 #endif
943
944 #undef CMD
945
946 if (dev->ops->connect || dev->ops->auth) {
947 i++;
948 if (nla_put_u32(msg, i, NL80211_CMD_CONNECT))
949 goto nla_put_failure;
950 }
951
952 if (dev->ops->disconnect || dev->ops->deauth) {
953 i++;
954 if (nla_put_u32(msg, i, NL80211_CMD_DISCONNECT))
955 goto nla_put_failure;
956 }
957
958 nla_nest_end(msg, nl_cmds);
959
960 if (dev->ops->remain_on_channel &&
961 (dev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL) &&
962 nla_put_u32(msg, NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION,
963 dev->wiphy.max_remain_on_channel_duration))
964 goto nla_put_failure;
965
966 if ((dev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX) &&
967 nla_put_flag(msg, NL80211_ATTR_OFFCHANNEL_TX_OK))
968 goto nla_put_failure;
969
970 if (mgmt_stypes) {
971 u16 stypes;
972 struct nlattr *nl_ftypes, *nl_ifs;
973 enum nl80211_iftype ift;
974
975 nl_ifs = nla_nest_start(msg, NL80211_ATTR_TX_FRAME_TYPES);
976 if (!nl_ifs)
977 goto nla_put_failure;
978
979 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) {
980 nl_ftypes = nla_nest_start(msg, ift);
981 if (!nl_ftypes)
982 goto nla_put_failure;
983 i = 0;
984 stypes = mgmt_stypes[ift].tx;
985 while (stypes) {
986 if ((stypes & 1) &&
987 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE,
988 (i << 4) | IEEE80211_FTYPE_MGMT))
989 goto nla_put_failure;
990 stypes >>= 1;
991 i++;
992 }
993 nla_nest_end(msg, nl_ftypes);
994 }
995
996 nla_nest_end(msg, nl_ifs);
997
998 nl_ifs = nla_nest_start(msg, NL80211_ATTR_RX_FRAME_TYPES);
999 if (!nl_ifs)
1000 goto nla_put_failure;
1001
1002 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) {
1003 nl_ftypes = nla_nest_start(msg, ift);
1004 if (!nl_ftypes)
1005 goto nla_put_failure;
1006 i = 0;
1007 stypes = mgmt_stypes[ift].rx;
1008 while (stypes) {
1009 if ((stypes & 1) &&
1010 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE,
1011 (i << 4) | IEEE80211_FTYPE_MGMT))
1012 goto nla_put_failure;
1013 stypes >>= 1;
1014 i++;
1015 }
1016 nla_nest_end(msg, nl_ftypes);
1017 }
1018 nla_nest_end(msg, nl_ifs);
1019 }
1020
1021 if (dev->wiphy.wowlan.flags || dev->wiphy.wowlan.n_patterns) {
1022 struct nlattr *nl_wowlan;
1023
1024 nl_wowlan = nla_nest_start(msg,
1025 NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED);
1026 if (!nl_wowlan)
1027 goto nla_put_failure;
1028
1029 if (((dev->wiphy.wowlan.flags & WIPHY_WOWLAN_ANY) &&
1030 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
1031 ((dev->wiphy.wowlan.flags & WIPHY_WOWLAN_DISCONNECT) &&
1032 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
1033 ((dev->wiphy.wowlan.flags & WIPHY_WOWLAN_MAGIC_PKT) &&
1034 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||
1035 ((dev->wiphy.wowlan.flags & WIPHY_WOWLAN_SUPPORTS_GTK_REKEY) &&
1036 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED)) ||
1037 ((dev->wiphy.wowlan.flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE) &&
1038 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) ||
1039 ((dev->wiphy.wowlan.flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ) &&
1040 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) ||
1041 ((dev->wiphy.wowlan.flags & WIPHY_WOWLAN_4WAY_HANDSHAKE) &&
1042 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) ||
1043 ((dev->wiphy.wowlan.flags & WIPHY_WOWLAN_RFKILL_RELEASE) &&
1044 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE)))
1045 goto nla_put_failure;
1046 if (dev->wiphy.wowlan.n_patterns) {
1047 struct nl80211_wowlan_pattern_support pat = {
1048 .max_patterns = dev->wiphy.wowlan.n_patterns,
1049 .min_pattern_len =
1050 dev->wiphy.wowlan.pattern_min_len,
1051 .max_pattern_len =
1052 dev->wiphy.wowlan.pattern_max_len,
1053 };
1054 if (nla_put(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN,
1055 sizeof(pat), &pat))
1056 goto nla_put_failure;
1057 }
1058
1059 nla_nest_end(msg, nl_wowlan);
1060 }
1061
1062 if (nl80211_put_iftypes(msg, NL80211_ATTR_SOFTWARE_IFTYPES,
1063 dev->wiphy.software_iftypes))
1064 goto nla_put_failure;
1065
1066 if (nl80211_put_iface_combinations(&dev->wiphy, msg))
1067 goto nla_put_failure;
1068
1069 if ((dev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME) &&
1070 nla_put_u32(msg, NL80211_ATTR_DEVICE_AP_SME,
1071 dev->wiphy.ap_sme_capa))
1072 goto nla_put_failure;
1073
1074 if (nla_put_u32(msg, NL80211_ATTR_FEATURE_FLAGS,
1075 dev->wiphy.features))
1076 goto nla_put_failure;
1077
1078 if (dev->wiphy.ht_capa_mod_mask &&
1079 nla_put(msg, NL80211_ATTR_HT_CAPABILITY_MASK,
1080 sizeof(*dev->wiphy.ht_capa_mod_mask),
1081 dev->wiphy.ht_capa_mod_mask))
1082 goto nla_put_failure;
1083
1084 return genlmsg_end(msg, hdr);
1085
1086 nla_put_failure:
1087 genlmsg_cancel(msg, hdr);
1088 return -EMSGSIZE;
1089 }
1090
1091 static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb)
1092 {
1093 int idx = 0;
1094 int start = cb->args[0];
1095 struct cfg80211_registered_device *dev;
1096
1097 mutex_lock(&cfg80211_mutex);
1098 list_for_each_entry(dev, &cfg80211_rdev_list, list) {
1099 if (!net_eq(wiphy_net(&dev->wiphy), sock_net(skb->sk)))
1100 continue;
1101 if (++idx <= start)
1102 continue;
1103 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid,
1104 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1105 dev) < 0) {
1106 idx--;
1107 break;
1108 }
1109 }
1110 mutex_unlock(&cfg80211_mutex);
1111
1112 cb->args[0] = idx;
1113
1114 return skb->len;
1115 }
1116
1117 static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info)
1118 {
1119 struct sk_buff *msg;
1120 struct cfg80211_registered_device *dev = info->user_ptr[0];
1121
1122 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
1123 if (!msg)
1124 return -ENOMEM;
1125
1126 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0) {
1127 nlmsg_free(msg);
1128 return -ENOBUFS;
1129 }
1130
1131 return genlmsg_reply(msg, info);
1132 }
1133
1134 static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = {
1135 [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 },
1136 [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 },
1137 [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 },
1138 [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 },
1139 [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 },
1140 };
1141
1142 static int parse_txq_params(struct nlattr *tb[],
1143 struct ieee80211_txq_params *txq_params)
1144 {
1145 if (!tb[NL80211_TXQ_ATTR_AC] || !tb[NL80211_TXQ_ATTR_TXOP] ||
1146 !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] ||
1147 !tb[NL80211_TXQ_ATTR_AIFS])
1148 return -EINVAL;
1149
1150 txq_params->ac = nla_get_u8(tb[NL80211_TXQ_ATTR_AC]);
1151 txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]);
1152 txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]);
1153 txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]);
1154 txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]);
1155
1156 if (txq_params->ac >= NL80211_NUM_ACS)
1157 return -EINVAL;
1158
1159 return 0;
1160 }
1161
1162 static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev)
1163 {
1164 /*
1165 * You can only set the channel explicitly for AP, mesh
1166 * and WDS type interfaces; all others have their channel
1167 * managed via their respective "establish a connection"
1168 * command (connect, join, ...)
1169 *
1170 * Monitors are special as they are normally slaved to
1171 * whatever else is going on, so they behave as though
1172 * you tried setting the wiphy channel itself.
1173 */
1174 return !wdev ||
1175 wdev->iftype == NL80211_IFTYPE_AP ||
1176 wdev->iftype == NL80211_IFTYPE_WDS ||
1177 wdev->iftype == NL80211_IFTYPE_MESH_POINT ||
1178 wdev->iftype == NL80211_IFTYPE_MONITOR ||
1179 wdev->iftype == NL80211_IFTYPE_P2P_GO;
1180 }
1181
1182 static int __nl80211_set_channel(struct cfg80211_registered_device *rdev,
1183 struct wireless_dev *wdev,
1184 struct genl_info *info)
1185 {
1186 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;
1187 u32 freq;
1188 int result;
1189
1190 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
1191 return -EINVAL;
1192
1193 if (!nl80211_can_set_dev_channel(wdev))
1194 return -EOPNOTSUPP;
1195
1196 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
1197 channel_type = nla_get_u32(info->attrs[
1198 NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
1199 if (channel_type != NL80211_CHAN_NO_HT &&
1200 channel_type != NL80211_CHAN_HT20 &&
1201 channel_type != NL80211_CHAN_HT40PLUS &&
1202 channel_type != NL80211_CHAN_HT40MINUS)
1203 return -EINVAL;
1204 }
1205
1206 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]);
1207
1208 mutex_lock(&rdev->devlist_mtx);
1209 if (wdev) {
1210 wdev_lock(wdev);
1211 result = cfg80211_set_freq(rdev, wdev, freq, channel_type);
1212 wdev_unlock(wdev);
1213 } else {
1214 result = cfg80211_set_freq(rdev, NULL, freq, channel_type);
1215 }
1216 mutex_unlock(&rdev->devlist_mtx);
1217
1218 return result;
1219 }
1220
1221 static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info)
1222 {
1223 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1224 struct net_device *netdev = info->user_ptr[1];
1225
1226 return __nl80211_set_channel(rdev, netdev->ieee80211_ptr, info);
1227 }
1228
1229 static int nl80211_set_wds_peer(struct sk_buff *skb, struct genl_info *info)
1230 {
1231 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1232 struct net_device *dev = info->user_ptr[1];
1233 struct wireless_dev *wdev = dev->ieee80211_ptr;
1234 const u8 *bssid;
1235
1236 if (!info->attrs[NL80211_ATTR_MAC])
1237 return -EINVAL;
1238
1239 if (netif_running(dev))
1240 return -EBUSY;
1241
1242 if (!rdev->ops->set_wds_peer)
1243 return -EOPNOTSUPP;
1244
1245 if (wdev->iftype != NL80211_IFTYPE_WDS)
1246 return -EOPNOTSUPP;
1247
1248 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
1249 return rdev->ops->set_wds_peer(wdev->wiphy, dev, bssid);
1250 }
1251
1252
1253 static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
1254 {
1255 struct cfg80211_registered_device *rdev;
1256 struct net_device *netdev = NULL;
1257 struct wireless_dev *wdev;
1258 int result = 0, rem_txq_params = 0;
1259 struct nlattr *nl_txq_params;
1260 u32 changed;
1261 u8 retry_short = 0, retry_long = 0;
1262 u32 frag_threshold = 0, rts_threshold = 0;
1263 u8 coverage_class = 0;
1264
1265 /*
1266 * Try to find the wiphy and netdev. Normally this
1267 * function shouldn't need the netdev, but this is
1268 * done for backward compatibility -- previously
1269 * setting the channel was done per wiphy, but now
1270 * it is per netdev. Previous userland like hostapd
1271 * also passed a netdev to set_wiphy, so that it is
1272 * possible to let that go to the right netdev!
1273 */
1274 mutex_lock(&cfg80211_mutex);
1275
1276 if (info->attrs[NL80211_ATTR_IFINDEX]) {
1277 int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]);
1278
1279 netdev = dev_get_by_index(genl_info_net(info), ifindex);
1280 if (netdev && netdev->ieee80211_ptr) {
1281 rdev = wiphy_to_dev(netdev->ieee80211_ptr->wiphy);
1282 mutex_lock(&rdev->mtx);
1283 } else
1284 netdev = NULL;
1285 }
1286
1287 if (!netdev) {
1288 rdev = __cfg80211_rdev_from_info(info);
1289 if (IS_ERR(rdev)) {
1290 mutex_unlock(&cfg80211_mutex);
1291 return PTR_ERR(rdev);
1292 }
1293 wdev = NULL;
1294 netdev = NULL;
1295 result = 0;
1296
1297 mutex_lock(&rdev->mtx);
1298 } else if (netif_running(netdev) &&
1299 nl80211_can_set_dev_channel(netdev->ieee80211_ptr))
1300 wdev = netdev->ieee80211_ptr;
1301 else
1302 wdev = NULL;
1303
1304 /*
1305 * end workaround code, by now the rdev is available
1306 * and locked, and wdev may or may not be NULL.
1307 */
1308
1309 if (info->attrs[NL80211_ATTR_WIPHY_NAME])
1310 result = cfg80211_dev_rename(
1311 rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME]));
1312
1313 mutex_unlock(&cfg80211_mutex);
1314
1315 if (result)
1316 goto bad_res;
1317
1318 if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) {
1319 struct ieee80211_txq_params txq_params;
1320 struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1];
1321
1322 if (!rdev->ops->set_txq_params) {
1323 result = -EOPNOTSUPP;
1324 goto bad_res;
1325 }
1326
1327 if (!netdev) {
1328 result = -EINVAL;
1329 goto bad_res;
1330 }
1331
1332 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
1333 netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) {
1334 result = -EINVAL;
1335 goto bad_res;
1336 }
1337
1338 if (!netif_running(netdev)) {
1339 result = -ENETDOWN;
1340 goto bad_res;
1341 }
1342
1343 nla_for_each_nested(nl_txq_params,
1344 info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS],
1345 rem_txq_params) {
1346 nla_parse(tb, NL80211_TXQ_ATTR_MAX,
1347 nla_data(nl_txq_params),
1348 nla_len(nl_txq_params),
1349 txq_params_policy);
1350 result = parse_txq_params(tb, &txq_params);
1351 if (result)
1352 goto bad_res;
1353
1354 result = rdev->ops->set_txq_params(&rdev->wiphy,
1355 netdev,
1356 &txq_params);
1357 if (result)
1358 goto bad_res;
1359 }
1360 }
1361
1362 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
1363 result = __nl80211_set_channel(rdev, wdev, info);
1364 if (result)
1365 goto bad_res;
1366 }
1367
1368 if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) {
1369 enum nl80211_tx_power_setting type;
1370 int idx, mbm = 0;
1371
1372 if (!rdev->ops->set_tx_power) {
1373 result = -EOPNOTSUPP;
1374 goto bad_res;
1375 }
1376
1377 idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING;
1378 type = nla_get_u32(info->attrs[idx]);
1379
1380 if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] &&
1381 (type != NL80211_TX_POWER_AUTOMATIC)) {
1382 result = -EINVAL;
1383 goto bad_res;
1384 }
1385
1386 if (type != NL80211_TX_POWER_AUTOMATIC) {
1387 idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL;
1388 mbm = nla_get_u32(info->attrs[idx]);
1389 }
1390
1391 result = rdev->ops->set_tx_power(&rdev->wiphy, type, mbm);
1392 if (result)
1393 goto bad_res;
1394 }
1395
1396 if (info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX] &&
1397 info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]) {
1398 u32 tx_ant, rx_ant;
1399 if ((!rdev->wiphy.available_antennas_tx &&
1400 !rdev->wiphy.available_antennas_rx) ||
1401 !rdev->ops->set_antenna) {
1402 result = -EOPNOTSUPP;
1403 goto bad_res;
1404 }
1405
1406 tx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX]);
1407 rx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]);
1408
1409 /* reject antenna configurations which don't match the
1410 * available antenna masks, except for the "all" mask */
1411 if ((~tx_ant && (tx_ant & ~rdev->wiphy.available_antennas_tx)) ||
1412 (~rx_ant && (rx_ant & ~rdev->wiphy.available_antennas_rx))) {
1413 result = -EINVAL;
1414 goto bad_res;
1415 }
1416
1417 tx_ant = tx_ant & rdev->wiphy.available_antennas_tx;
1418 rx_ant = rx_ant & rdev->wiphy.available_antennas_rx;
1419
1420 result = rdev->ops->set_antenna(&rdev->wiphy, tx_ant, rx_ant);
1421 if (result)
1422 goto bad_res;
1423 }
1424
1425 changed = 0;
1426
1427 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) {
1428 retry_short = nla_get_u8(
1429 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]);
1430 if (retry_short == 0) {
1431 result = -EINVAL;
1432 goto bad_res;
1433 }
1434 changed |= WIPHY_PARAM_RETRY_SHORT;
1435 }
1436
1437 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) {
1438 retry_long = nla_get_u8(
1439 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]);
1440 if (retry_long == 0) {
1441 result = -EINVAL;
1442 goto bad_res;
1443 }
1444 changed |= WIPHY_PARAM_RETRY_LONG;
1445 }
1446
1447 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) {
1448 frag_threshold = nla_get_u32(
1449 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]);
1450 if (frag_threshold < 256) {
1451 result = -EINVAL;
1452 goto bad_res;
1453 }
1454 if (frag_threshold != (u32) -1) {
1455 /*
1456 * Fragments (apart from the last one) are required to
1457 * have even length. Make the fragmentation code
1458 * simpler by stripping LSB should someone try to use
1459 * odd threshold value.
1460 */
1461 frag_threshold &= ~0x1;
1462 }
1463 changed |= WIPHY_PARAM_FRAG_THRESHOLD;
1464 }
1465
1466 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) {
1467 rts_threshold = nla_get_u32(
1468 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]);
1469 changed |= WIPHY_PARAM_RTS_THRESHOLD;
1470 }
1471
1472 if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) {
1473 coverage_class = nla_get_u8(
1474 info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]);
1475 changed |= WIPHY_PARAM_COVERAGE_CLASS;
1476 }
1477
1478 if (changed) {
1479 u8 old_retry_short, old_retry_long;
1480 u32 old_frag_threshold, old_rts_threshold;
1481 u8 old_coverage_class;
1482
1483 if (!rdev->ops->set_wiphy_params) {
1484 result = -EOPNOTSUPP;
1485 goto bad_res;
1486 }
1487
1488 old_retry_short = rdev->wiphy.retry_short;
1489 old_retry_long = rdev->wiphy.retry_long;
1490 old_frag_threshold = rdev->wiphy.frag_threshold;
1491 old_rts_threshold = rdev->wiphy.rts_threshold;
1492 old_coverage_class = rdev->wiphy.coverage_class;
1493
1494 if (changed & WIPHY_PARAM_RETRY_SHORT)
1495 rdev->wiphy.retry_short = retry_short;
1496 if (changed & WIPHY_PARAM_RETRY_LONG)
1497 rdev->wiphy.retry_long = retry_long;
1498 if (changed & WIPHY_PARAM_FRAG_THRESHOLD)
1499 rdev->wiphy.frag_threshold = frag_threshold;
1500 if (changed & WIPHY_PARAM_RTS_THRESHOLD)
1501 rdev->wiphy.rts_threshold = rts_threshold;
1502 if (changed & WIPHY_PARAM_COVERAGE_CLASS)
1503 rdev->wiphy.coverage_class = coverage_class;
1504
1505 result = rdev->ops->set_wiphy_params(&rdev->wiphy, changed);
1506 if (result) {
1507 rdev->wiphy.retry_short = old_retry_short;
1508 rdev->wiphy.retry_long = old_retry_long;
1509 rdev->wiphy.frag_threshold = old_frag_threshold;
1510 rdev->wiphy.rts_threshold = old_rts_threshold;
1511 rdev->wiphy.coverage_class = old_coverage_class;
1512 }
1513 }
1514
1515 bad_res:
1516 mutex_unlock(&rdev->mtx);
1517 if (netdev)
1518 dev_put(netdev);
1519 return result;
1520 }
1521
1522
1523 static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags,
1524 struct cfg80211_registered_device *rdev,
1525 struct net_device *dev)
1526 {
1527 void *hdr;
1528
1529 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_INTERFACE);
1530 if (!hdr)
1531 return -1;
1532
1533 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
1534 nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
1535 nla_put_string(msg, NL80211_ATTR_IFNAME, dev->name) ||
1536 nla_put_u32(msg, NL80211_ATTR_IFTYPE,
1537 dev->ieee80211_ptr->iftype) ||
1538 nla_put_u32(msg, NL80211_ATTR_GENERATION,
1539 rdev->devlist_generation ^
1540 (cfg80211_rdev_list_generation << 2)))
1541 goto nla_put_failure;
1542
1543 if (rdev->ops->get_channel) {
1544 struct ieee80211_channel *chan;
1545 enum nl80211_channel_type channel_type;
1546
1547 chan = rdev->ops->get_channel(&rdev->wiphy, &channel_type);
1548 if (chan &&
1549 (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ,
1550 chan->center_freq) ||
1551 nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
1552 channel_type)))
1553 goto nla_put_failure;
1554 }
1555
1556 return genlmsg_end(msg, hdr);
1557
1558 nla_put_failure:
1559 genlmsg_cancel(msg, hdr);
1560 return -EMSGSIZE;
1561 }
1562
1563 static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb)
1564 {
1565 int wp_idx = 0;
1566 int if_idx = 0;
1567 int wp_start = cb->args[0];
1568 int if_start = cb->args[1];
1569 struct cfg80211_registered_device *rdev;
1570 struct wireless_dev *wdev;
1571
1572 mutex_lock(&cfg80211_mutex);
1573 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
1574 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk)))
1575 continue;
1576 if (wp_idx < wp_start) {
1577 wp_idx++;
1578 continue;
1579 }
1580 if_idx = 0;
1581
1582 mutex_lock(&rdev->devlist_mtx);
1583 list_for_each_entry(wdev, &rdev->netdev_list, list) {
1584 if (if_idx < if_start) {
1585 if_idx++;
1586 continue;
1587 }
1588 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid,
1589 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1590 rdev, wdev->netdev) < 0) {
1591 mutex_unlock(&rdev->devlist_mtx);
1592 goto out;
1593 }
1594 if_idx++;
1595 }
1596 mutex_unlock(&rdev->devlist_mtx);
1597
1598 wp_idx++;
1599 }
1600 out:
1601 mutex_unlock(&cfg80211_mutex);
1602
1603 cb->args[0] = wp_idx;
1604 cb->args[1] = if_idx;
1605
1606 return skb->len;
1607 }
1608
1609 static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info)
1610 {
1611 struct sk_buff *msg;
1612 struct cfg80211_registered_device *dev = info->user_ptr[0];
1613 struct net_device *netdev = info->user_ptr[1];
1614
1615 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
1616 if (!msg)
1617 return -ENOMEM;
1618
1619 if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0,
1620 dev, netdev) < 0) {
1621 nlmsg_free(msg);
1622 return -ENOBUFS;
1623 }
1624
1625 return genlmsg_reply(msg, info);
1626 }
1627
1628 static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = {
1629 [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG },
1630 [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG },
1631 [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG },
1632 [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG },
1633 [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG },
1634 };
1635
1636 static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags)
1637 {
1638 struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1];
1639 int flag;
1640
1641 *mntrflags = 0;
1642
1643 if (!nla)
1644 return -EINVAL;
1645
1646 if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX,
1647 nla, mntr_flags_policy))
1648 return -EINVAL;
1649
1650 for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++)
1651 if (flags[flag])
1652 *mntrflags |= (1<<flag);
1653
1654 return 0;
1655 }
1656
1657 static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev,
1658 struct net_device *netdev, u8 use_4addr,
1659 enum nl80211_iftype iftype)
1660 {
1661 if (!use_4addr) {
1662 if (netdev && (netdev->priv_flags & IFF_BRIDGE_PORT))
1663 return -EBUSY;
1664 return 0;
1665 }
1666
1667 switch (iftype) {
1668 case NL80211_IFTYPE_AP_VLAN:
1669 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP)
1670 return 0;
1671 break;
1672 case NL80211_IFTYPE_STATION:
1673 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION)
1674 return 0;
1675 break;
1676 default:
1677 break;
1678 }
1679
1680 return -EOPNOTSUPP;
1681 }
1682
1683 static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
1684 {
1685 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1686 struct vif_params params;
1687 int err;
1688 enum nl80211_iftype otype, ntype;
1689 struct net_device *dev = info->user_ptr[1];
1690 u32 _flags, *flags = NULL;
1691 bool change = false;
1692
1693 memset(&params, 0, sizeof(params));
1694
1695 otype = ntype = dev->ieee80211_ptr->iftype;
1696
1697 if (info->attrs[NL80211_ATTR_IFTYPE]) {
1698 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
1699 if (otype != ntype)
1700 change = true;
1701 if (ntype > NL80211_IFTYPE_MAX)
1702 return -EINVAL;
1703 }
1704
1705 if (info->attrs[NL80211_ATTR_MESH_ID]) {
1706 struct wireless_dev *wdev = dev->ieee80211_ptr;
1707
1708 if (ntype != NL80211_IFTYPE_MESH_POINT)
1709 return -EINVAL;
1710 if (netif_running(dev))
1711 return -EBUSY;
1712
1713 wdev_lock(wdev);
1714 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN !=
1715 IEEE80211_MAX_MESH_ID_LEN);
1716 wdev->mesh_id_up_len =
1717 nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
1718 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]),
1719 wdev->mesh_id_up_len);
1720 wdev_unlock(wdev);
1721 }
1722
1723 if (info->attrs[NL80211_ATTR_4ADDR]) {
1724 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
1725 change = true;
1726 err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype);
1727 if (err)
1728 return err;
1729 } else {
1730 params.use_4addr = -1;
1731 }
1732
1733 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) {
1734 if (ntype != NL80211_IFTYPE_MONITOR)
1735 return -EINVAL;
1736 err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS],
1737 &_flags);
1738 if (err)
1739 return err;
1740
1741 flags = &_flags;
1742 change = true;
1743 }
1744
1745 if (change)
1746 err = cfg80211_change_iface(rdev, dev, ntype, flags, &params);
1747 else
1748 err = 0;
1749
1750 if (!err && params.use_4addr != -1)
1751 dev->ieee80211_ptr->use_4addr = params.use_4addr;
1752
1753 return err;
1754 }
1755
1756 static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
1757 {
1758 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1759 struct vif_params params;
1760 struct net_device *dev;
1761 int err;
1762 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED;
1763 u32 flags;
1764
1765 memset(&params, 0, sizeof(params));
1766
1767 if (!info->attrs[NL80211_ATTR_IFNAME])
1768 return -EINVAL;
1769
1770 if (info->attrs[NL80211_ATTR_IFTYPE]) {
1771 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
1772 if (type > NL80211_IFTYPE_MAX)
1773 return -EINVAL;
1774 }
1775
1776 if (!rdev->ops->add_virtual_intf ||
1777 !(rdev->wiphy.interface_modes & (1 << type)))
1778 return -EOPNOTSUPP;
1779
1780 if (info->attrs[NL80211_ATTR_4ADDR]) {
1781 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
1782 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type);
1783 if (err)
1784 return err;
1785 }
1786
1787 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ?
1788 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL,
1789 &flags);
1790 dev = rdev->ops->add_virtual_intf(&rdev->wiphy,
1791 nla_data(info->attrs[NL80211_ATTR_IFNAME]),
1792 type, err ? NULL : &flags, &params);
1793 if (IS_ERR(dev))
1794 return PTR_ERR(dev);
1795
1796 if (type == NL80211_IFTYPE_MESH_POINT &&
1797 info->attrs[NL80211_ATTR_MESH_ID]) {
1798 struct wireless_dev *wdev = dev->ieee80211_ptr;
1799
1800 wdev_lock(wdev);
1801 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN !=
1802 IEEE80211_MAX_MESH_ID_LEN);
1803 wdev->mesh_id_up_len =
1804 nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
1805 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]),
1806 wdev->mesh_id_up_len);
1807 wdev_unlock(wdev);
1808 }
1809
1810 return 0;
1811 }
1812
1813 static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info)
1814 {
1815 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1816 struct net_device *dev = info->user_ptr[1];
1817
1818 if (!rdev->ops->del_virtual_intf)
1819 return -EOPNOTSUPP;
1820
1821 return rdev->ops->del_virtual_intf(&rdev->wiphy, dev);
1822 }
1823
1824 static int nl80211_set_noack_map(struct sk_buff *skb, struct genl_info *info)
1825 {
1826 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1827 struct net_device *dev = info->user_ptr[1];
1828 u16 noack_map;
1829
1830 if (!info->attrs[NL80211_ATTR_NOACK_MAP])
1831 return -EINVAL;
1832
1833 if (!rdev->ops->set_noack_map)
1834 return -EOPNOTSUPP;
1835
1836 noack_map = nla_get_u16(info->attrs[NL80211_ATTR_NOACK_MAP]);
1837
1838 return rdev->ops->set_noack_map(&rdev->wiphy, dev, noack_map);
1839 }
1840
1841 struct get_key_cookie {
1842 struct sk_buff *msg;
1843 int error;
1844 int idx;
1845 };
1846
1847 static void get_key_callback(void *c, struct key_params *params)
1848 {
1849 struct nlattr *key;
1850 struct get_key_cookie *cookie = c;
1851
1852 if ((params->key &&
1853 nla_put(cookie->msg, NL80211_ATTR_KEY_DATA,
1854 params->key_len, params->key)) ||
1855 (params->seq &&
1856 nla_put(cookie->msg, NL80211_ATTR_KEY_SEQ,
1857 params->seq_len, params->seq)) ||
1858 (params->cipher &&
1859 nla_put_u32(cookie->msg, NL80211_ATTR_KEY_CIPHER,
1860 params->cipher)))
1861 goto nla_put_failure;
1862
1863 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY);
1864 if (!key)
1865 goto nla_put_failure;
1866
1867 if ((params->key &&
1868 nla_put(cookie->msg, NL80211_KEY_DATA,
1869 params->key_len, params->key)) ||
1870 (params->seq &&
1871 nla_put(cookie->msg, NL80211_KEY_SEQ,
1872 params->seq_len, params->seq)) ||
1873 (params->cipher &&
1874 nla_put_u32(cookie->msg, NL80211_KEY_CIPHER,
1875 params->cipher)))
1876 goto nla_put_failure;
1877
1878 if (nla_put_u8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx))
1879 goto nla_put_failure;
1880
1881 nla_nest_end(cookie->msg, key);
1882
1883 return;
1884 nla_put_failure:
1885 cookie->error = 1;
1886 }
1887
1888 static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
1889 {
1890 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1891 int err;
1892 struct net_device *dev = info->user_ptr[1];
1893 u8 key_idx = 0;
1894 const u8 *mac_addr = NULL;
1895 bool pairwise;
1896 struct get_key_cookie cookie = {
1897 .error = 0,
1898 };
1899 void *hdr;
1900 struct sk_buff *msg;
1901
1902 if (info->attrs[NL80211_ATTR_KEY_IDX])
1903 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
1904
1905 if (key_idx > 5)
1906 return -EINVAL;
1907
1908 if (info->attrs[NL80211_ATTR_MAC])
1909 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
1910
1911 pairwise = !!mac_addr;
1912 if (info->attrs[NL80211_ATTR_KEY_TYPE]) {
1913 u32 kt = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]);
1914 if (kt >= NUM_NL80211_KEYTYPES)
1915 return -EINVAL;
1916 if (kt != NL80211_KEYTYPE_GROUP &&
1917 kt != NL80211_KEYTYPE_PAIRWISE)
1918 return -EINVAL;
1919 pairwise = kt == NL80211_KEYTYPE_PAIRWISE;
1920 }
1921
1922 if (!rdev->ops->get_key)
1923 return -EOPNOTSUPP;
1924
1925 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
1926 if (!msg)
1927 return -ENOMEM;
1928
1929 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
1930 NL80211_CMD_NEW_KEY);
1931 if (IS_ERR(hdr))
1932 return PTR_ERR(hdr);
1933
1934 cookie.msg = msg;
1935 cookie.idx = key_idx;
1936
1937 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
1938 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_idx))
1939 goto nla_put_failure;
1940 if (mac_addr &&
1941 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr))
1942 goto nla_put_failure;
1943
1944 if (pairwise && mac_addr &&
1945 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN))
1946 return -ENOENT;
1947
1948 err = rdev->ops->get_key(&rdev->wiphy, dev, key_idx, pairwise,
1949 mac_addr, &cookie, get_key_callback);
1950
1951 if (err)
1952 goto free_msg;
1953
1954 if (cookie.error)
1955 goto nla_put_failure;
1956
1957 genlmsg_end(msg, hdr);
1958 return genlmsg_reply(msg, info);
1959
1960 nla_put_failure:
1961 err = -ENOBUFS;
1962 free_msg:
1963 nlmsg_free(msg);
1964 return err;
1965 }
1966
1967 static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info)
1968 {
1969 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1970 struct key_parse key;
1971 int err;
1972 struct net_device *dev = info->user_ptr[1];
1973
1974 err = nl80211_parse_key(info, &key);
1975 if (err)
1976 return err;
1977
1978 if (key.idx < 0)
1979 return -EINVAL;
1980
1981 /* only support setting default key */
1982 if (!key.def && !key.defmgmt)
1983 return -EINVAL;
1984
1985 wdev_lock(dev->ieee80211_ptr);
1986
1987 if (key.def) {
1988 if (!rdev->ops->set_default_key) {
1989 err = -EOPNOTSUPP;
1990 goto out;
1991 }
1992
1993 err = nl80211_key_allowed(dev->ieee80211_ptr);
1994 if (err)
1995 goto out;
1996
1997 err = rdev->ops->set_default_key(&rdev->wiphy, dev, key.idx,
1998 key.def_uni, key.def_multi);
1999
2000 if (err)
2001 goto out;
2002
2003 #ifdef CONFIG_CFG80211_WEXT
2004 dev->ieee80211_ptr->wext.default_key = key.idx;
2005 #endif
2006 } else {
2007 if (key.def_uni || !key.def_multi) {
2008 err = -EINVAL;
2009 goto out;
2010 }
2011
2012 if (!rdev->ops->set_default_mgmt_key) {
2013 err = -EOPNOTSUPP;
2014 goto out;
2015 }
2016
2017 err = nl80211_key_allowed(dev->ieee80211_ptr);
2018 if (err)
2019 goto out;
2020
2021 err = rdev->ops->set_default_mgmt_key(&rdev->wiphy,
2022 dev, key.idx);
2023 if (err)
2024 goto out;
2025
2026 #ifdef CONFIG_CFG80211_WEXT
2027 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx;
2028 #endif
2029 }
2030
2031 out:
2032 wdev_unlock(dev->ieee80211_ptr);
2033
2034 return err;
2035 }
2036
2037 static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
2038 {
2039 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2040 int err;
2041 struct net_device *dev = info->user_ptr[1];
2042 struct key_parse key;
2043 const u8 *mac_addr = NULL;
2044
2045 err = nl80211_parse_key(info, &key);
2046 if (err)
2047 return err;
2048
2049 if (!key.p.key)
2050 return -EINVAL;
2051
2052 if (info->attrs[NL80211_ATTR_MAC])
2053 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2054
2055 if (key.type == -1) {
2056 if (mac_addr)
2057 key.type = NL80211_KEYTYPE_PAIRWISE;
2058 else
2059 key.type = NL80211_KEYTYPE_GROUP;
2060 }
2061
2062 /* for now */
2063 if (key.type != NL80211_KEYTYPE_PAIRWISE &&
2064 key.type != NL80211_KEYTYPE_GROUP)
2065 return -EINVAL;
2066
2067 if (!rdev->ops->add_key)
2068 return -EOPNOTSUPP;
2069
2070 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx,
2071 key.type == NL80211_KEYTYPE_PAIRWISE,
2072 mac_addr))
2073 return -EINVAL;
2074
2075 wdev_lock(dev->ieee80211_ptr);
2076 err = nl80211_key_allowed(dev->ieee80211_ptr);
2077 if (!err)
2078 err = rdev->ops->add_key(&rdev->wiphy, dev, key.idx,
2079 key.type == NL80211_KEYTYPE_PAIRWISE,
2080 mac_addr, &key.p);
2081 wdev_unlock(dev->ieee80211_ptr);
2082
2083 return err;
2084 }
2085
2086 static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info)
2087 {
2088 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2089 int err;
2090 struct net_device *dev = info->user_ptr[1];
2091 u8 *mac_addr = NULL;
2092 struct key_parse key;
2093
2094 err = nl80211_parse_key(info, &key);
2095 if (err)
2096 return err;
2097
2098 if (info->attrs[NL80211_ATTR_MAC])
2099 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2100
2101 if (key.type == -1) {
2102 if (mac_addr)
2103 key.type = NL80211_KEYTYPE_PAIRWISE;
2104 else
2105 key.type = NL80211_KEYTYPE_GROUP;
2106 }
2107
2108 /* for now */
2109 if (key.type != NL80211_KEYTYPE_PAIRWISE &&
2110 key.type != NL80211_KEYTYPE_GROUP)
2111 return -EINVAL;
2112
2113 if (!rdev->ops->del_key)
2114 return -EOPNOTSUPP;
2115
2116 wdev_lock(dev->ieee80211_ptr);
2117 err = nl80211_key_allowed(dev->ieee80211_ptr);
2118
2119 if (key.type == NL80211_KEYTYPE_PAIRWISE && mac_addr &&
2120 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN))
2121 err = -ENOENT;
2122
2123 if (!err)
2124 err = rdev->ops->del_key(&rdev->wiphy, dev, key.idx,
2125 key.type == NL80211_KEYTYPE_PAIRWISE,
2126 mac_addr);
2127
2128 #ifdef CONFIG_CFG80211_WEXT
2129 if (!err) {
2130 if (key.idx == dev->ieee80211_ptr->wext.default_key)
2131 dev->ieee80211_ptr->wext.default_key = -1;
2132 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key)
2133 dev->ieee80211_ptr->wext.default_mgmt_key = -1;
2134 }
2135 #endif
2136 wdev_unlock(dev->ieee80211_ptr);
2137
2138 return err;
2139 }
2140
2141 static int nl80211_parse_beacon(struct genl_info *info,
2142 struct cfg80211_beacon_data *bcn)
2143 {
2144 bool haveinfo = false;
2145
2146 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_BEACON_TAIL]) ||
2147 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]) ||
2148 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE_PROBE_RESP]) ||
2149 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE_ASSOC_RESP]))
2150 return -EINVAL;
2151
2152 memset(bcn, 0, sizeof(*bcn));
2153
2154 if (info->attrs[NL80211_ATTR_BEACON_HEAD]) {
2155 bcn->head = nla_data(info->attrs[NL80211_ATTR_BEACON_HEAD]);
2156 bcn->head_len = nla_len(info->attrs[NL80211_ATTR_BEACON_HEAD]);
2157 if (!bcn->head_len)
2158 return -EINVAL;
2159 haveinfo = true;
2160 }
2161
2162 if (info->attrs[NL80211_ATTR_BEACON_TAIL]) {
2163 bcn->tail = nla_data(info->attrs[NL80211_ATTR_BEACON_TAIL]);
2164 bcn->tail_len =
2165 nla_len(info->attrs[NL80211_ATTR_BEACON_TAIL]);
2166 haveinfo = true;
2167 }
2168
2169 if (!haveinfo)
2170 return -EINVAL;
2171
2172 if (info->attrs[NL80211_ATTR_IE]) {
2173 bcn->beacon_ies = nla_data(info->attrs[NL80211_ATTR_IE]);
2174 bcn->beacon_ies_len = nla_len(info->attrs[NL80211_ATTR_IE]);
2175 }
2176
2177 if (info->attrs[NL80211_ATTR_IE_PROBE_RESP]) {
2178 bcn->proberesp_ies =
2179 nla_data(info->attrs[NL80211_ATTR_IE_PROBE_RESP]);
2180 bcn->proberesp_ies_len =
2181 nla_len(info->attrs[NL80211_ATTR_IE_PROBE_RESP]);
2182 }
2183
2184 if (info->attrs[NL80211_ATTR_IE_ASSOC_RESP]) {
2185 bcn->assocresp_ies =
2186 nla_data(info->attrs[NL80211_ATTR_IE_ASSOC_RESP]);
2187 bcn->assocresp_ies_len =
2188 nla_len(info->attrs[NL80211_ATTR_IE_ASSOC_RESP]);
2189 }
2190
2191 if (info->attrs[NL80211_ATTR_PROBE_RESP]) {
2192 bcn->probe_resp =
2193 nla_data(info->attrs[NL80211_ATTR_PROBE_RESP]);
2194 bcn->probe_resp_len =
2195 nla_len(info->attrs[NL80211_ATTR_PROBE_RESP]);
2196 }
2197
2198 return 0;
2199 }
2200
2201 static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info)
2202 {
2203 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2204 struct net_device *dev = info->user_ptr[1];
2205 struct wireless_dev *wdev = dev->ieee80211_ptr;
2206 struct cfg80211_ap_settings params;
2207 int err;
2208
2209 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
2210 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
2211 return -EOPNOTSUPP;
2212
2213 if (!rdev->ops->start_ap)
2214 return -EOPNOTSUPP;
2215
2216 if (wdev->beacon_interval)
2217 return -EALREADY;
2218
2219 memset(&params, 0, sizeof(params));
2220
2221 /* these are required for START_AP */
2222 if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] ||
2223 !info->attrs[NL80211_ATTR_DTIM_PERIOD] ||
2224 !info->attrs[NL80211_ATTR_BEACON_HEAD])
2225 return -EINVAL;
2226
2227 err = nl80211_parse_beacon(info, &params.beacon);
2228 if (err)
2229 return err;
2230
2231 params.beacon_interval =
2232 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
2233 params.dtim_period =
2234 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]);
2235
2236 err = cfg80211_validate_beacon_int(rdev, params.beacon_interval);
2237 if (err)
2238 return err;
2239
2240 /*
2241 * In theory, some of these attributes should be required here
2242 * but since they were not used when the command was originally
2243 * added, keep them optional for old user space programs to let
2244 * them continue to work with drivers that do not need the
2245 * additional information -- drivers must check!
2246 */
2247 if (info->attrs[NL80211_ATTR_SSID]) {
2248 params.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
2249 params.ssid_len =
2250 nla_len(info->attrs[NL80211_ATTR_SSID]);
2251 if (params.ssid_len == 0 ||
2252 params.ssid_len > IEEE80211_MAX_SSID_LEN)
2253 return -EINVAL;
2254 }
2255
2256 if (info->attrs[NL80211_ATTR_HIDDEN_SSID]) {
2257 params.hidden_ssid = nla_get_u32(
2258 info->attrs[NL80211_ATTR_HIDDEN_SSID]);
2259 if (params.hidden_ssid != NL80211_HIDDEN_SSID_NOT_IN_USE &&
2260 params.hidden_ssid != NL80211_HIDDEN_SSID_ZERO_LEN &&
2261 params.hidden_ssid != NL80211_HIDDEN_SSID_ZERO_CONTENTS)
2262 return -EINVAL;
2263 }
2264
2265 params.privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
2266
2267 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
2268 params.auth_type = nla_get_u32(
2269 info->attrs[NL80211_ATTR_AUTH_TYPE]);
2270 if (!nl80211_valid_auth_type(params.auth_type))
2271 return -EINVAL;
2272 } else
2273 params.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
2274
2275 err = nl80211_crypto_settings(rdev, info, &params.crypto,
2276 NL80211_MAX_NR_CIPHER_SUITES);
2277 if (err)
2278 return err;
2279
2280 if (info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]) {
2281 if (!(rdev->wiphy.features & NL80211_FEATURE_INACTIVITY_TIMER))
2282 return -EOPNOTSUPP;
2283 params.inactivity_timeout = nla_get_u16(
2284 info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]);
2285 }
2286
2287 err = rdev->ops->start_ap(&rdev->wiphy, dev, &params);
2288 if (!err)
2289 wdev->beacon_interval = params.beacon_interval;
2290 return err;
2291 }
2292
2293 static int nl80211_set_beacon(struct sk_buff *skb, struct genl_info *info)
2294 {
2295 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2296 struct net_device *dev = info->user_ptr[1];
2297 struct wireless_dev *wdev = dev->ieee80211_ptr;
2298 struct cfg80211_beacon_data params;
2299 int err;
2300
2301 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
2302 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
2303 return -EOPNOTSUPP;
2304
2305 if (!rdev->ops->change_beacon)
2306 return -EOPNOTSUPP;
2307
2308 if (!wdev->beacon_interval)
2309 return -EINVAL;
2310
2311 err = nl80211_parse_beacon(info, &params);
2312 if (err)
2313 return err;
2314
2315 return rdev->ops->change_beacon(&rdev->wiphy, dev, &params);
2316 }
2317
2318 static int nl80211_stop_ap(struct sk_buff *skb, struct genl_info *info)
2319 {
2320 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2321 struct net_device *dev = info->user_ptr[1];
2322 struct wireless_dev *wdev = dev->ieee80211_ptr;
2323 int err;
2324
2325 if (!rdev->ops->stop_ap)
2326 return -EOPNOTSUPP;
2327
2328 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
2329 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
2330 return -EOPNOTSUPP;
2331
2332 if (!wdev->beacon_interval)
2333 return -ENOENT;
2334
2335 err = rdev->ops->stop_ap(&rdev->wiphy, dev);
2336 if (!err)
2337 wdev->beacon_interval = 0;
2338 return err;
2339 }
2340
2341 static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = {
2342 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG },
2343 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG },
2344 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG },
2345 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG },
2346 [NL80211_STA_FLAG_AUTHENTICATED] = { .type = NLA_FLAG },
2347 [NL80211_STA_FLAG_TDLS_PEER] = { .type = NLA_FLAG },
2348 };
2349
2350 static int parse_station_flags(struct genl_info *info,
2351 enum nl80211_iftype iftype,
2352 struct station_parameters *params)
2353 {
2354 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1];
2355 struct nlattr *nla;
2356 int flag;
2357
2358 /*
2359 * Try parsing the new attribute first so userspace
2360 * can specify both for older kernels.
2361 */
2362 nla = info->attrs[NL80211_ATTR_STA_FLAGS2];
2363 if (nla) {
2364 struct nl80211_sta_flag_update *sta_flags;
2365
2366 sta_flags = nla_data(nla);
2367 params->sta_flags_mask = sta_flags->mask;
2368 params->sta_flags_set = sta_flags->set;
2369 if ((params->sta_flags_mask |
2370 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID))
2371 return -EINVAL;
2372 return 0;
2373 }
2374
2375 /* if present, parse the old attribute */
2376
2377 nla = info->attrs[NL80211_ATTR_STA_FLAGS];
2378 if (!nla)
2379 return 0;
2380
2381 if (nla_parse_nested(flags, NL80211_STA_FLAG_MAX,
2382 nla, sta_flags_policy))
2383 return -EINVAL;
2384
2385 /*
2386 * Only allow certain flags for interface types so that
2387 * other attributes are silently ignored. Remember that
2388 * this is backward compatibility code with old userspace
2389 * and shouldn't be hit in other cases anyway.
2390 */
2391 switch (iftype) {
2392 case NL80211_IFTYPE_AP:
2393 case NL80211_IFTYPE_AP_VLAN:
2394 case NL80211_IFTYPE_P2P_GO:
2395 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) |
2396 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) |
2397 BIT(NL80211_STA_FLAG_WME) |
2398 BIT(NL80211_STA_FLAG_MFP);
2399 break;
2400 case NL80211_IFTYPE_P2P_CLIENT:
2401 case NL80211_IFTYPE_STATION:
2402 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) |
2403 BIT(NL80211_STA_FLAG_TDLS_PEER);
2404 break;
2405 case NL80211_IFTYPE_MESH_POINT:
2406 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHENTICATED) |
2407 BIT(NL80211_STA_FLAG_MFP) |
2408 BIT(NL80211_STA_FLAG_AUTHORIZED);
2409 default:
2410 return -EINVAL;
2411 }
2412
2413 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++)
2414 if (flags[flag])
2415 params->sta_flags_set |= (1<<flag);
2416
2417 return 0;
2418 }
2419
2420 static bool nl80211_put_sta_rate(struct sk_buff *msg, struct rate_info *info,
2421 int attr)
2422 {
2423 struct nlattr *rate;
2424 u16 bitrate;
2425
2426 rate = nla_nest_start(msg, attr);
2427 if (!rate)
2428 goto nla_put_failure;
2429
2430 /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */
2431 bitrate = cfg80211_calculate_bitrate(info);
2432 if ((bitrate > 0 &&
2433 nla_put_u16(msg, NL80211_RATE_INFO_BITRATE, bitrate)) ||
2434 ((info->flags & RATE_INFO_FLAGS_MCS) &&
2435 nla_put_u8(msg, NL80211_RATE_INFO_MCS, info->mcs)) ||
2436 ((info->flags & RATE_INFO_FLAGS_40_MHZ_WIDTH) &&
2437 nla_put_flag(msg, NL80211_RATE_INFO_40_MHZ_WIDTH)) ||
2438 ((info->flags & RATE_INFO_FLAGS_SHORT_GI) &&
2439 nla_put_flag(msg, NL80211_RATE_INFO_SHORT_GI)))
2440 goto nla_put_failure;
2441
2442 nla_nest_end(msg, rate);
2443 return true;
2444
2445 nla_put_failure:
2446 return false;
2447 }
2448
2449 static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq,
2450 int flags,
2451 struct cfg80211_registered_device *rdev,
2452 struct net_device *dev,
2453 const u8 *mac_addr, struct station_info *sinfo)
2454 {
2455 void *hdr;
2456 struct nlattr *sinfoattr, *bss_param;
2457
2458 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION);
2459 if (!hdr)
2460 return -1;
2461
2462 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
2463 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr) ||
2464 nla_put_u32(msg, NL80211_ATTR_GENERATION, sinfo->generation))
2465 goto nla_put_failure;
2466
2467 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO);
2468 if (!sinfoattr)
2469 goto nla_put_failure;
2470 if ((sinfo->filled & STATION_INFO_CONNECTED_TIME) &&
2471 nla_put_u32(msg, NL80211_STA_INFO_CONNECTED_TIME,
2472 sinfo->connected_time))
2473 goto nla_put_failure;
2474 if ((sinfo->filled & STATION_INFO_INACTIVE_TIME) &&
2475 nla_put_u32(msg, NL80211_STA_INFO_INACTIVE_TIME,
2476 sinfo->inactive_time))
2477 goto nla_put_failure;
2478 if ((sinfo->filled & STATION_INFO_RX_BYTES) &&
2479 nla_put_u32(msg, NL80211_STA_INFO_RX_BYTES,
2480 sinfo->rx_bytes))
2481 goto nla_put_failure;
2482 if ((sinfo->filled & STATION_INFO_TX_BYTES) &&
2483 nla_put_u32(msg, NL80211_STA_INFO_TX_BYTES,
2484 sinfo->tx_bytes))
2485 goto nla_put_failure;
2486 if ((sinfo->filled & STATION_INFO_LLID) &&
2487 nla_put_u16(msg, NL80211_STA_INFO_LLID, sinfo->llid))
2488 goto nla_put_failure;
2489 if ((sinfo->filled & STATION_INFO_PLID) &&
2490 nla_put_u16(msg, NL80211_STA_INFO_PLID, sinfo->plid))
2491 goto nla_put_failure;
2492 if ((sinfo->filled & STATION_INFO_PLINK_STATE) &&
2493 nla_put_u8(msg, NL80211_STA_INFO_PLINK_STATE,
2494 sinfo->plink_state))
2495 goto nla_put_failure;
2496 switch (rdev->wiphy.signal_type) {
2497 case CFG80211_SIGNAL_TYPE_MBM:
2498 if ((sinfo->filled & STATION_INFO_SIGNAL) &&
2499 nla_put_u8(msg, NL80211_STA_INFO_SIGNAL,
2500 sinfo->signal))
2501 goto nla_put_failure;
2502 if ((sinfo->filled & STATION_INFO_SIGNAL_AVG) &&
2503 nla_put_u8(msg, NL80211_STA_INFO_SIGNAL_AVG,
2504 sinfo->signal_avg))
2505 goto nla_put_failure;
2506 break;
2507 default:
2508 break;
2509 }
2510 if (sinfo->filled & STATION_INFO_TX_BITRATE) {
2511 if (!nl80211_put_sta_rate(msg, &sinfo->txrate,
2512 NL80211_STA_INFO_TX_BITRATE))
2513 goto nla_put_failure;
2514 }
2515 if (sinfo->filled & STATION_INFO_RX_BITRATE) {
2516 if (!nl80211_put_sta_rate(msg, &sinfo->rxrate,
2517 NL80211_STA_INFO_RX_BITRATE))
2518 goto nla_put_failure;
2519 }
2520 if ((sinfo->filled & STATION_INFO_RX_PACKETS) &&
2521 nla_put_u32(msg, NL80211_STA_INFO_RX_PACKETS,
2522 sinfo->rx_packets))
2523 goto nla_put_failure;
2524 if ((sinfo->filled & STATION_INFO_TX_PACKETS) &&
2525 nla_put_u32(msg, NL80211_STA_INFO_TX_PACKETS,
2526 sinfo->tx_packets))
2527 goto nla_put_failure;
2528 if ((sinfo->filled & STATION_INFO_TX_RETRIES) &&
2529 nla_put_u32(msg, NL80211_STA_INFO_TX_RETRIES,
2530 sinfo->tx_retries))
2531 goto nla_put_failure;
2532 if ((sinfo->filled & STATION_INFO_TX_FAILED) &&
2533 nla_put_u32(msg, NL80211_STA_INFO_TX_FAILED,
2534 sinfo->tx_failed))
2535 goto nla_put_failure;
2536 if ((sinfo->filled & STATION_INFO_BEACON_LOSS_COUNT) &&
2537 nla_put_u32(msg, NL80211_STA_INFO_BEACON_LOSS,
2538 sinfo->beacon_loss_count))
2539 goto nla_put_failure;
2540 if (sinfo->filled & STATION_INFO_BSS_PARAM) {
2541 bss_param = nla_nest_start(msg, NL80211_STA_INFO_BSS_PARAM);
2542 if (!bss_param)
2543 goto nla_put_failure;
2544
2545 if (((sinfo->bss_param.flags & BSS_PARAM_FLAGS_CTS_PROT) &&
2546 nla_put_flag(msg, NL80211_STA_BSS_PARAM_CTS_PROT)) ||
2547 ((sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_PREAMBLE) &&
2548 nla_put_flag(msg, NL80211_STA_BSS_PARAM_SHORT_PREAMBLE)) ||
2549 ((sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_SLOT_TIME) &&
2550 nla_put_flag(msg, NL80211_STA_BSS_PARAM_SHORT_SLOT_TIME)) ||
2551 nla_put_u8(msg, NL80211_STA_BSS_PARAM_DTIM_PERIOD,
2552 sinfo->bss_param.dtim_period) ||
2553 nla_put_u16(msg, NL80211_STA_BSS_PARAM_BEACON_INTERVAL,
2554 sinfo->bss_param.beacon_interval))
2555 goto nla_put_failure;
2556
2557 nla_nest_end(msg, bss_param);
2558 }
2559 if ((sinfo->filled & STATION_INFO_STA_FLAGS) &&
2560 nla_put(msg, NL80211_STA_INFO_STA_FLAGS,
2561 sizeof(struct nl80211_sta_flag_update),
2562 &sinfo->sta_flags))
2563 goto nla_put_failure;
2564 if ((sinfo->filled & STATION_INFO_T_OFFSET) &&
2565 nla_put_u64(msg, NL80211_STA_INFO_T_OFFSET,
2566 sinfo->t_offset))
2567 goto nla_put_failure;
2568 nla_nest_end(msg, sinfoattr);
2569
2570 if ((sinfo->filled & STATION_INFO_ASSOC_REQ_IES) &&
2571 nla_put(msg, NL80211_ATTR_IE, sinfo->assoc_req_ies_len,
2572 sinfo->assoc_req_ies))
2573 goto nla_put_failure;
2574
2575 return genlmsg_end(msg, hdr);
2576
2577 nla_put_failure:
2578 genlmsg_cancel(msg, hdr);
2579 return -EMSGSIZE;
2580 }
2581
2582 static int nl80211_dump_station(struct sk_buff *skb,
2583 struct netlink_callback *cb)
2584 {
2585 struct station_info sinfo;
2586 struct cfg80211_registered_device *dev;
2587 struct net_device *netdev;
2588 u8 mac_addr[ETH_ALEN];
2589 int sta_idx = cb->args[1];
2590 int err;
2591
2592 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev);
2593 if (err)
2594 return err;
2595
2596 if (!dev->ops->dump_station) {
2597 err = -EOPNOTSUPP;
2598 goto out_err;
2599 }
2600
2601 while (1) {
2602 memset(&sinfo, 0, sizeof(sinfo));
2603 err = dev->ops->dump_station(&dev->wiphy, netdev, sta_idx,
2604 mac_addr, &sinfo);
2605 if (err == -ENOENT)
2606 break;
2607 if (err)
2608 goto out_err;
2609
2610 if (nl80211_send_station(skb,
2611 NETLINK_CB(cb->skb).pid,
2612 cb->nlh->nlmsg_seq, NLM_F_MULTI,
2613 dev, netdev, mac_addr,
2614 &sinfo) < 0)
2615 goto out;
2616
2617 sta_idx++;
2618 }
2619
2620
2621 out:
2622 cb->args[1] = sta_idx;
2623 err = skb->len;
2624 out_err:
2625 nl80211_finish_netdev_dump(dev);
2626
2627 return err;
2628 }
2629
2630 static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
2631 {
2632 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2633 struct net_device *dev = info->user_ptr[1];
2634 struct station_info sinfo;
2635 struct sk_buff *msg;
2636 u8 *mac_addr = NULL;
2637 int err;
2638
2639 memset(&sinfo, 0, sizeof(sinfo));
2640
2641 if (!info->attrs[NL80211_ATTR_MAC])
2642 return -EINVAL;
2643
2644 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2645
2646 if (!rdev->ops->get_station)
2647 return -EOPNOTSUPP;
2648
2649 err = rdev->ops->get_station(&rdev->wiphy, dev, mac_addr, &sinfo);
2650 if (err)
2651 return err;
2652
2653 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
2654 if (!msg)
2655 return -ENOMEM;
2656
2657 if (nl80211_send_station(msg, info->snd_pid, info->snd_seq, 0,
2658 rdev, dev, mac_addr, &sinfo) < 0) {
2659 nlmsg_free(msg);
2660 return -ENOBUFS;
2661 }
2662
2663 return genlmsg_reply(msg, info);
2664 }
2665
2666 /*
2667 * Get vlan interface making sure it is running and on the right wiphy.
2668 */
2669 static struct net_device *get_vlan(struct genl_info *info,
2670 struct cfg80211_registered_device *rdev)
2671 {
2672 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN];
2673 struct net_device *v;
2674 int ret;
2675
2676 if (!vlanattr)
2677 return NULL;
2678
2679 v = dev_get_by_index(genl_info_net(info), nla_get_u32(vlanattr));
2680 if (!v)
2681 return ERR_PTR(-ENODEV);
2682
2683 if (!v->ieee80211_ptr || v->ieee80211_ptr->wiphy != &rdev->wiphy) {
2684 ret = -EINVAL;
2685 goto error;
2686 }
2687
2688 if (!netif_running(v)) {
2689 ret = -ENETDOWN;
2690 goto error;
2691 }
2692
2693 return v;
2694 error:
2695 dev_put(v);
2696 return ERR_PTR(ret);
2697 }
2698
2699 static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
2700 {
2701 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2702 int err;
2703 struct net_device *dev = info->user_ptr[1];
2704 struct station_parameters params;
2705 u8 *mac_addr = NULL;
2706
2707 memset(&params, 0, sizeof(params));
2708
2709 params.listen_interval = -1;
2710 params.plink_state = -1;
2711
2712 if (info->attrs[NL80211_ATTR_STA_AID])
2713 return -EINVAL;
2714
2715 if (!info->attrs[NL80211_ATTR_MAC])
2716 return -EINVAL;
2717
2718 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2719
2720 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) {
2721 params.supported_rates =
2722 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
2723 params.supported_rates_len =
2724 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
2725 }
2726
2727 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL])
2728 params.listen_interval =
2729 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]);
2730
2731 if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
2732 params.ht_capa =
2733 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
2734
2735 if (!rdev->ops->change_station)
2736 return -EOPNOTSUPP;
2737
2738 if (parse_station_flags(info, dev->ieee80211_ptr->iftype, &params))
2739 return -EINVAL;
2740
2741 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION])
2742 params.plink_action =
2743 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]);
2744
2745 if (info->attrs[NL80211_ATTR_STA_PLINK_STATE])
2746 params.plink_state =
2747 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_STATE]);
2748
2749 switch (dev->ieee80211_ptr->iftype) {
2750 case NL80211_IFTYPE_AP:
2751 case NL80211_IFTYPE_AP_VLAN:
2752 case NL80211_IFTYPE_P2P_GO:
2753 /* disallow mesh-specific things */
2754 if (params.plink_action)
2755 return -EINVAL;
2756
2757 /* TDLS can't be set, ... */
2758 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))
2759 return -EINVAL;
2760 /*
2761 * ... but don't bother the driver with it. This works around
2762 * a hostapd/wpa_supplicant issue -- it always includes the
2763 * TLDS_PEER flag in the mask even for AP mode.
2764 */
2765 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
2766
2767 /* accept only the listed bits */
2768 if (params.sta_flags_mask &
2769 ~(BIT(NL80211_STA_FLAG_AUTHORIZED) |
2770 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) |
2771 BIT(NL80211_STA_FLAG_WME) |
2772 BIT(NL80211_STA_FLAG_MFP)))
2773 return -EINVAL;
2774
2775 /* must be last in here for error handling */
2776 params.vlan = get_vlan(info, rdev);
2777 if (IS_ERR(params.vlan))
2778 return PTR_ERR(params.vlan);
2779 break;
2780 case NL80211_IFTYPE_P2P_CLIENT:
2781 case NL80211_IFTYPE_STATION:
2782 /*
2783 * Don't allow userspace to change the TDLS_PEER flag,
2784 * but silently ignore attempts to change it since we
2785 * don't have state here to verify that it doesn't try
2786 * to change the flag.
2787 */
2788 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
2789 /* fall through */
2790 case NL80211_IFTYPE_ADHOC:
2791 /* disallow things sta doesn't support */
2792 if (params.plink_action)
2793 return -EINVAL;
2794 if (params.ht_capa)
2795 return -EINVAL;
2796 if (params.listen_interval >= 0)
2797 return -EINVAL;
2798 /* reject any changes other than AUTHORIZED */
2799 if (params.sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED))
2800 return -EINVAL;
2801 break;
2802 case NL80211_IFTYPE_MESH_POINT:
2803 /* disallow things mesh doesn't support */
2804 if (params.vlan)
2805 return -EINVAL;
2806 if (params.ht_capa)
2807 return -EINVAL;
2808 if (params.listen_interval >= 0)
2809 return -EINVAL;
2810 /*
2811 * No special handling for TDLS here -- the userspace
2812 * mesh code doesn't have this bug.
2813 */
2814 if (params.sta_flags_mask &
2815 ~(BIT(NL80211_STA_FLAG_AUTHENTICATED) |
2816 BIT(NL80211_STA_FLAG_MFP) |
2817 BIT(NL80211_STA_FLAG_AUTHORIZED)))
2818 return -EINVAL;
2819 break;
2820 default:
2821 return -EOPNOTSUPP;
2822 }
2823
2824 /* be aware of params.vlan when changing code here */
2825
2826 err = rdev->ops->change_station(&rdev->wiphy, dev, mac_addr, &params);
2827
2828 if (params.vlan)
2829 dev_put(params.vlan);
2830
2831 return err;
2832 }
2833
2834 static struct nla_policy
2835 nl80211_sta_wme_policy[NL80211_STA_WME_MAX + 1] __read_mostly = {
2836 [NL80211_STA_WME_UAPSD_QUEUES] = { .type = NLA_U8 },
2837 [NL80211_STA_WME_MAX_SP] = { .type = NLA_U8 },
2838 };
2839
2840 static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
2841 {
2842 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2843 int err;
2844 struct net_device *dev = info->user_ptr[1];
2845 struct station_parameters params;
2846 u8 *mac_addr = NULL;
2847
2848 memset(&params, 0, sizeof(params));
2849
2850 if (!info->attrs[NL80211_ATTR_MAC])
2851 return -EINVAL;
2852
2853 if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL])
2854 return -EINVAL;
2855
2856 if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES])
2857 return -EINVAL;
2858
2859 if (!info->attrs[NL80211_ATTR_STA_AID])
2860 return -EINVAL;
2861
2862 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2863 params.supported_rates =
2864 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
2865 params.supported_rates_len =
2866 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
2867 params.listen_interval =
2868 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]);
2869
2870 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]);
2871 if (!params.aid || params.aid > IEEE80211_MAX_AID)
2872 return -EINVAL;
2873
2874 if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
2875 params.ht_capa =
2876 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
2877
2878 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION])
2879 params.plink_action =
2880 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]);
2881
2882 if (!rdev->ops->add_station)
2883 return -EOPNOTSUPP;
2884
2885 if (parse_station_flags(info, dev->ieee80211_ptr->iftype, &params))
2886 return -EINVAL;
2887
2888 switch (dev->ieee80211_ptr->iftype) {
2889 case NL80211_IFTYPE_AP:
2890 case NL80211_IFTYPE_AP_VLAN:
2891 case NL80211_IFTYPE_P2P_GO:
2892 /* parse WME attributes if sta is WME capable */
2893 if ((rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) &&
2894 (params.sta_flags_set & BIT(NL80211_STA_FLAG_WME)) &&
2895 info->attrs[NL80211_ATTR_STA_WME]) {
2896 struct nlattr *tb[NL80211_STA_WME_MAX + 1];
2897 struct nlattr *nla;
2898
2899 nla = info->attrs[NL80211_ATTR_STA_WME];
2900 err = nla_parse_nested(tb, NL80211_STA_WME_MAX, nla,
2901 nl80211_sta_wme_policy);
2902 if (err)
2903 return err;
2904
2905 if (tb[NL80211_STA_WME_UAPSD_QUEUES])
2906 params.uapsd_queues =
2907 nla_get_u8(tb[NL80211_STA_WME_UAPSD_QUEUES]);
2908 if (params.uapsd_queues &
2909 ~IEEE80211_WMM_IE_STA_QOSINFO_AC_MASK)
2910 return -EINVAL;
2911
2912 if (tb[NL80211_STA_WME_MAX_SP])
2913 params.max_sp =
2914 nla_get_u8(tb[NL80211_STA_WME_MAX_SP]);
2915
2916 if (params.max_sp &
2917 ~IEEE80211_WMM_IE_STA_QOSINFO_SP_MASK)
2918 return -EINVAL;
2919
2920 params.sta_modify_mask |= STATION_PARAM_APPLY_UAPSD;
2921 }
2922 /* TDLS peers cannot be added */
2923 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))
2924 return -EINVAL;
2925 /* but don't bother the driver with it */
2926 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
2927
2928 /* must be last in here for error handling */
2929 params.vlan = get_vlan(info, rdev);
2930 if (IS_ERR(params.vlan))
2931 return PTR_ERR(params.vlan);
2932 break;
2933 case NL80211_IFTYPE_MESH_POINT:
2934 /* TDLS peers cannot be added */
2935 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))
2936 return -EINVAL;
2937 break;
2938 case NL80211_IFTYPE_STATION:
2939 /* Only TDLS peers can be added */
2940 if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)))
2941 return -EINVAL;
2942 /* Can only add if TDLS ... */
2943 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS))
2944 return -EOPNOTSUPP;
2945 /* ... with external setup is supported */
2946 if (!(rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP))
2947 return -EOPNOTSUPP;
2948 break;
2949 default:
2950 return -EOPNOTSUPP;
2951 }
2952
2953 /* be aware of params.vlan when changing code here */
2954
2955 err = rdev->ops->add_station(&rdev->wiphy, dev, mac_addr, &params);
2956
2957 if (params.vlan)
2958 dev_put(params.vlan);
2959 return err;
2960 }
2961
2962 static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
2963 {
2964 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2965 struct net_device *dev = info->user_ptr[1];
2966 u8 *mac_addr = NULL;
2967
2968 if (info->attrs[NL80211_ATTR_MAC])
2969 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2970
2971 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
2972 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
2973 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT &&
2974 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
2975 return -EINVAL;
2976
2977 if (!rdev->ops->del_station)
2978 return -EOPNOTSUPP;
2979
2980 return rdev->ops->del_station(&rdev->wiphy, dev, mac_addr);
2981 }
2982
2983 static int nl80211_send_mpath(struct sk_buff *msg, u32 pid, u32 seq,
2984 int flags, struct net_device *dev,
2985 u8 *dst, u8 *next_hop,
2986 struct mpath_info *pinfo)
2987 {
2988 void *hdr;
2989 struct nlattr *pinfoattr;
2990
2991 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION);
2992 if (!hdr)
2993 return -1;
2994
2995 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
2996 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dst) ||
2997 nla_put(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop) ||
2998 nla_put_u32(msg, NL80211_ATTR_GENERATION, pinfo->generation))
2999 goto nla_put_failure;
3000
3001 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO);
3002 if (!pinfoattr)
3003 goto nla_put_failure;
3004 if ((pinfo->filled & MPATH_INFO_FRAME_QLEN) &&
3005 nla_put_u32(msg, NL80211_MPATH_INFO_FRAME_QLEN,
3006 pinfo->frame_qlen))
3007 goto nla_put_failure;
3008 if (((pinfo->filled & MPATH_INFO_SN) &&
3009 nla_put_u32(msg, NL80211_MPATH_INFO_SN, pinfo->sn)) ||
3010 ((pinfo->filled & MPATH_INFO_METRIC) &&
3011 nla_put_u32(msg, NL80211_MPATH_INFO_METRIC,
3012 pinfo->metric)) ||
3013 ((pinfo->filled & MPATH_INFO_EXPTIME) &&
3014 nla_put_u32(msg, NL80211_MPATH_INFO_EXPTIME,
3015 pinfo->exptime)) ||
3016 ((pinfo->filled & MPATH_INFO_FLAGS) &&
3017 nla_put_u8(msg, NL80211_MPATH_INFO_FLAGS,
3018 pinfo->flags)) ||
3019 ((pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT) &&
3020 nla_put_u32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT,
3021 pinfo->discovery_timeout)) ||
3022 ((pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES) &&
3023 nla_put_u8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES,
3024 pinfo->discovery_retries)))
3025 goto nla_put_failure;
3026
3027 nla_nest_end(msg, pinfoattr);
3028
3029 return genlmsg_end(msg, hdr);
3030
3031 nla_put_failure:
3032 genlmsg_cancel(msg, hdr);
3033 return -EMSGSIZE;
3034 }
3035
3036 static int nl80211_dump_mpath(struct sk_buff *skb,
3037 struct netlink_callback *cb)
3038 {
3039 struct mpath_info pinfo;
3040 struct cfg80211_registered_device *dev;
3041 struct net_device *netdev;
3042 u8 dst[ETH_ALEN];
3043 u8 next_hop[ETH_ALEN];
3044 int path_idx = cb->args[1];
3045 int err;
3046
3047 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev);
3048 if (err)
3049 return err;
3050
3051 if (!dev->ops->dump_mpath) {
3052 err = -EOPNOTSUPP;
3053 goto out_err;
3054 }
3055
3056 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) {
3057 err = -EOPNOTSUPP;
3058 goto out_err;
3059 }
3060
3061 while (1) {
3062 err = dev->ops->dump_mpath(&dev->wiphy, netdev, path_idx,
3063 dst, next_hop, &pinfo);
3064 if (err == -ENOENT)
3065 break;
3066 if (err)
3067 goto out_err;
3068
3069 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).pid,
3070 cb->nlh->nlmsg_seq, NLM_F_MULTI,
3071 netdev, dst, next_hop,
3072 &pinfo) < 0)
3073 goto out;
3074
3075 path_idx++;
3076 }
3077
3078
3079 out:
3080 cb->args[1] = path_idx;
3081 err = skb->len;
3082 out_err:
3083 nl80211_finish_netdev_dump(dev);
3084 return err;
3085 }
3086
3087 static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
3088 {
3089 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3090 int err;
3091 struct net_device *dev = info->user_ptr[1];
3092 struct mpath_info pinfo;
3093 struct sk_buff *msg;
3094 u8 *dst = NULL;
3095 u8 next_hop[ETH_ALEN];
3096
3097 memset(&pinfo, 0, sizeof(pinfo));
3098
3099 if (!info->attrs[NL80211_ATTR_MAC])
3100 return -EINVAL;
3101
3102 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
3103
3104 if (!rdev->ops->get_mpath)
3105 return -EOPNOTSUPP;
3106
3107 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
3108 return -EOPNOTSUPP;
3109
3110 err = rdev->ops->get_mpath(&rdev->wiphy, dev, dst, next_hop, &pinfo);
3111 if (err)
3112 return err;
3113
3114 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
3115 if (!msg)
3116 return -ENOMEM;
3117
3118 if (nl80211_send_mpath(msg, info->snd_pid, info->snd_seq, 0,
3119 dev, dst, next_hop, &pinfo) < 0) {
3120 nlmsg_free(msg);
3121 return -ENOBUFS;
3122 }
3123
3124 return genlmsg_reply(msg, info);
3125 }
3126
3127 static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
3128 {
3129 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3130 struct net_device *dev = info->user_ptr[1];
3131 u8 *dst = NULL;
3132 u8 *next_hop = NULL;
3133
3134 if (!info->attrs[NL80211_ATTR_MAC])
3135 return -EINVAL;
3136
3137 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
3138 return -EINVAL;
3139
3140 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
3141 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
3142
3143 if (!rdev->ops->change_mpath)
3144 return -EOPNOTSUPP;
3145
3146 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
3147 return -EOPNOTSUPP;
3148
3149 return rdev->ops->change_mpath(&rdev->wiphy, dev, dst, next_hop);
3150 }
3151
3152 static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
3153 {
3154 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3155 struct net_device *dev = info->user_ptr[1];
3156 u8 *dst = NULL;
3157 u8 *next_hop = NULL;
3158
3159 if (!info->attrs[NL80211_ATTR_MAC])
3160 return -EINVAL;
3161
3162 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
3163 return -EINVAL;
3164
3165 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
3166 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
3167
3168 if (!rdev->ops->add_mpath)
3169 return -EOPNOTSUPP;
3170
3171 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
3172 return -EOPNOTSUPP;
3173
3174 return rdev->ops->add_mpath(&rdev->wiphy, dev, dst, next_hop);
3175 }
3176
3177 static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info)
3178 {
3179 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3180 struct net_device *dev = info->user_ptr[1];
3181 u8 *dst = NULL;
3182
3183 if (info->attrs[NL80211_ATTR_MAC])
3184 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
3185
3186 if (!rdev->ops->del_mpath)
3187 return -EOPNOTSUPP;
3188
3189 return rdev->ops->del_mpath(&rdev->wiphy, dev, dst);
3190 }
3191
3192 static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info)
3193 {
3194 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3195 struct net_device *dev = info->user_ptr[1];
3196 struct bss_parameters params;
3197
3198 memset(&params, 0, sizeof(params));
3199 /* default to not changing parameters */
3200 params.use_cts_prot = -1;
3201 params.use_short_preamble = -1;
3202 params.use_short_slot_time = -1;
3203 params.ap_isolate = -1;
3204 params.ht_opmode = -1;
3205
3206 if (info->attrs[NL80211_ATTR_BSS_CTS_PROT])
3207 params.use_cts_prot =
3208 nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]);
3209 if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE])
3210 params.use_short_preamble =
3211 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]);
3212 if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME])
3213 params.use_short_slot_time =
3214 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]);
3215 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
3216 params.basic_rates =
3217 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
3218 params.basic_rates_len =
3219 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
3220 }
3221 if (info->attrs[NL80211_ATTR_AP_ISOLATE])
3222 params.ap_isolate = !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]);
3223 if (info->attrs[NL80211_ATTR_BSS_HT_OPMODE])
3224 params.ht_opmode =
3225 nla_get_u16(info->attrs[NL80211_ATTR_BSS_HT_OPMODE]);
3226
3227 if (!rdev->ops->change_bss)
3228 return -EOPNOTSUPP;
3229
3230 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
3231 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
3232 return -EOPNOTSUPP;
3233
3234 return rdev->ops->change_bss(&rdev->wiphy, dev, &params);
3235 }
3236
3237 static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = {
3238 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
3239 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
3240 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
3241 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
3242 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
3243 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
3244 };
3245
3246 static int parse_reg_rule(struct nlattr *tb[],
3247 struct ieee80211_reg_rule *reg_rule)
3248 {
3249 struct ieee80211_freq_range *freq_range = &reg_rule->freq_range;
3250 struct ieee80211_power_rule *power_rule = &reg_rule->power_rule;
3251
3252 if (!tb[NL80211_ATTR_REG_RULE_FLAGS])
3253 return -EINVAL;
3254 if (!tb[NL80211_ATTR_FREQ_RANGE_START])
3255 return -EINVAL;
3256 if (!tb[NL80211_ATTR_FREQ_RANGE_END])
3257 return -EINVAL;
3258 if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW])
3259 return -EINVAL;
3260 if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP])
3261 return -EINVAL;
3262
3263 reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]);
3264
3265 freq_range->start_freq_khz =
3266 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]);
3267 freq_range->end_freq_khz =
3268 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]);
3269 freq_range->max_bandwidth_khz =
3270 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]);
3271
3272 power_rule->max_eirp =
3273 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]);
3274
3275 if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN])
3276 power_rule->max_antenna_gain =
3277 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]);
3278
3279 return 0;
3280 }
3281
3282 static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info)
3283 {
3284 int r;
3285 char *data = NULL;
3286
3287 /*
3288 * You should only get this when cfg80211 hasn't yet initialized
3289 * completely when built-in to the kernel right between the time
3290 * window between nl80211_init() and regulatory_init(), if that is
3291 * even possible.
3292 */
3293 mutex_lock(&cfg80211_mutex);
3294 if (unlikely(!cfg80211_regdomain)) {
3295 mutex_unlock(&cfg80211_mutex);
3296 return -EINPROGRESS;
3297 }
3298 mutex_unlock(&cfg80211_mutex);
3299
3300 if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
3301 return -EINVAL;
3302
3303 data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]);
3304
3305 r = regulatory_hint_user(data);
3306
3307 return r;
3308 }
3309
3310 static int nl80211_get_mesh_config(struct sk_buff *skb,
3311 struct genl_info *info)
3312 {
3313 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3314 struct net_device *dev = info->user_ptr[1];
3315 struct wireless_dev *wdev = dev->ieee80211_ptr;
3316 struct mesh_config cur_params;
3317 int err = 0;
3318 void *hdr;
3319 struct nlattr *pinfoattr;
3320 struct sk_buff *msg;
3321
3322 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT)
3323 return -EOPNOTSUPP;
3324
3325 if (!rdev->ops->get_mesh_config)
3326 return -EOPNOTSUPP;
3327
3328 wdev_lock(wdev);
3329 /* If not connected, get default parameters */
3330 if (!wdev->mesh_id_len)
3331 memcpy(&cur_params, &default_mesh_config, sizeof(cur_params));
3332 else
3333 err = rdev->ops->get_mesh_config(&rdev->wiphy, dev,
3334 &cur_params);
3335 wdev_unlock(wdev);
3336
3337 if (err)
3338 return err;
3339
3340 /* Draw up a netlink message to send back */
3341 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
3342 if (!msg)
3343 return -ENOMEM;
3344 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
3345 NL80211_CMD_GET_MESH_CONFIG);
3346 if (!hdr)
3347 goto out;
3348 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG);
3349 if (!pinfoattr)
3350 goto nla_put_failure;
3351 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
3352 nla_put_u16(msg, NL80211_MESHCONF_RETRY_TIMEOUT,
3353 cur_params.dot11MeshRetryTimeout) ||
3354 nla_put_u16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT,
3355 cur_params.dot11MeshConfirmTimeout) ||
3356 nla_put_u16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT,
3357 cur_params.dot11MeshHoldingTimeout) ||
3358 nla_put_u16(msg, NL80211_MESHCONF_MAX_PEER_LINKS,
3359 cur_params.dot11MeshMaxPeerLinks) ||
3360 nla_put_u8(msg, NL80211_MESHCONF_MAX_RETRIES,
3361 cur_params.dot11MeshMaxRetries) ||
3362 nla_put_u8(msg, NL80211_MESHCONF_TTL,
3363 cur_params.dot11MeshTTL) ||
3364 nla_put_u8(msg, NL80211_MESHCONF_ELEMENT_TTL,
3365 cur_params.element_ttl) ||
3366 nla_put_u8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS,
3367 cur_params.auto_open_plinks) ||
3368 nla_put_u32(msg, NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR,
3369 cur_params.dot11MeshNbrOffsetMaxNeighbor) ||
3370 nla_put_u8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
3371 cur_params.dot11MeshHWMPmaxPREQretries) ||
3372 nla_put_u32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME,
3373 cur_params.path_refresh_time) ||
3374 nla_put_u16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
3375 cur_params.min_discovery_timeout) ||
3376 nla_put_u32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
3377 cur_params.dot11MeshHWMPactivePathTimeout) ||
3378 nla_put_u16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
3379 cur_params.dot11MeshHWMPpreqMinInterval) ||
3380 nla_put_u16(msg, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL,
3381 cur_params.dot11MeshHWMPperrMinInterval) ||
3382 nla_put_u16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
3383 cur_params.dot11MeshHWMPnetDiameterTraversalTime) ||
3384 nla_put_u8(msg, NL80211_MESHCONF_HWMP_ROOTMODE,
3385 cur_params.dot11MeshHWMPRootMode) ||
3386 nla_put_u16(msg, NL80211_MESHCONF_HWMP_RANN_INTERVAL,
3387 cur_params.dot11MeshHWMPRannInterval) ||
3388 nla_put_u8(msg, NL80211_MESHCONF_GATE_ANNOUNCEMENTS,
3389 cur_params.dot11MeshGateAnnouncementProtocol) ||
3390 nla_put_u8(msg, NL80211_MESHCONF_FORWARDING,
3391 cur_params.dot11MeshForwarding) ||
3392 nla_put_u32(msg, NL80211_MESHCONF_RSSI_THRESHOLD,
3393 cur_params.rssi_threshold) ||
3394 nla_put_u32(msg, NL80211_MESHCONF_HT_OPMODE,
3395 cur_params.ht_opmode))
3396 goto nla_put_failure;
3397 nla_nest_end(msg, pinfoattr);
3398 genlmsg_end(msg, hdr);
3399 return genlmsg_reply(msg, info);
3400
3401 nla_put_failure:
3402 genlmsg_cancel(msg, hdr);
3403 out:
3404 nlmsg_free(msg);
3405 return -ENOBUFS;
3406 }
3407
3408 static const struct nla_policy nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = {
3409 [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 },
3410 [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 },
3411 [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 },
3412 [NL80211_MESHCONF_MAX_PEER_LINKS] = { .type = NLA_U16 },
3413 [NL80211_MESHCONF_MAX_RETRIES] = { .type = NLA_U8 },
3414 [NL80211_MESHCONF_TTL] = { .type = NLA_U8 },
3415 [NL80211_MESHCONF_ELEMENT_TTL] = { .type = NLA_U8 },
3416 [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = { .type = NLA_U8 },
3417 [NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR] = { .type = NLA_U32 },
3418
3419 [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 },
3420 [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 },
3421 [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = { .type = NLA_U16 },
3422 [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 },
3423 [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] = { .type = NLA_U16 },
3424 [NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL] = { .type = NLA_U16 },
3425 [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] = { .type = NLA_U16 },
3426 [NL80211_MESHCONF_HWMP_ROOTMODE] = { .type = NLA_U8 },
3427 [NL80211_MESHCONF_HWMP_RANN_INTERVAL] = { .type = NLA_U16 },
3428 [NL80211_MESHCONF_GATE_ANNOUNCEMENTS] = { .type = NLA_U8 },
3429 [NL80211_MESHCONF_FORWARDING] = { .type = NLA_U8 },
3430 [NL80211_MESHCONF_RSSI_THRESHOLD] = { .type = NLA_U32},
3431 [NL80211_MESHCONF_HT_OPMODE] = { .type = NLA_U16},
3432 };
3433
3434 static const struct nla_policy
3435 nl80211_mesh_setup_params_policy[NL80211_MESH_SETUP_ATTR_MAX+1] = {
3436 [NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC] = { .type = NLA_U8 },
3437 [NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 },
3438 [NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 },
3439 [NL80211_MESH_SETUP_USERSPACE_AUTH] = { .type = NLA_FLAG },
3440 [NL80211_MESH_SETUP_IE] = { .type = NLA_BINARY,
3441 .len = IEEE80211_MAX_DATA_LEN },
3442 [NL80211_MESH_SETUP_USERSPACE_AMPE] = { .type = NLA_FLAG },
3443 };
3444
3445 static int nl80211_parse_mesh_config(struct genl_info *info,
3446 struct mesh_config *cfg,
3447 u32 *mask_out)
3448 {
3449 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1];
3450 u32 mask = 0;
3451
3452 #define FILL_IN_MESH_PARAM_IF_SET(table, cfg, param, mask, attr_num, nla_fn) \
3453 do {\
3454 if (table[attr_num]) {\
3455 cfg->param = nla_fn(table[attr_num]); \
3456 mask |= (1 << (attr_num - 1)); \
3457 } \
3458 } while (0);\
3459
3460
3461 if (!info->attrs[NL80211_ATTR_MESH_CONFIG])
3462 return -EINVAL;
3463 if (nla_parse_nested(tb, NL80211_MESHCONF_ATTR_MAX,
3464 info->attrs[NL80211_ATTR_MESH_CONFIG],
3465 nl80211_meshconf_params_policy))
3466 return -EINVAL;
3467
3468 /* This makes sure that there aren't more than 32 mesh config
3469 * parameters (otherwise our bitfield scheme would not work.) */
3470 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32);
3471
3472 /* Fill in the params struct */
3473 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout,
3474 mask, NL80211_MESHCONF_RETRY_TIMEOUT, nla_get_u16);
3475 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout,
3476 mask, NL80211_MESHCONF_CONFIRM_TIMEOUT, nla_get_u16);
3477 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout,
3478 mask, NL80211_MESHCONF_HOLDING_TIMEOUT, nla_get_u16);
3479 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks,
3480 mask, NL80211_MESHCONF_MAX_PEER_LINKS, nla_get_u16);
3481 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries,
3482 mask, NL80211_MESHCONF_MAX_RETRIES, nla_get_u8);
3483 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL,
3484 mask, NL80211_MESHCONF_TTL, nla_get_u8);
3485 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl,
3486 mask, NL80211_MESHCONF_ELEMENT_TTL, nla_get_u8);
3487 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks,
3488 mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS, nla_get_u8);
3489 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshNbrOffsetMaxNeighbor,
3490 mask, NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR,
3491 nla_get_u32);
3492 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries,
3493 mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
3494 nla_get_u8);
3495 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time,
3496 mask, NL80211_MESHCONF_PATH_REFRESH_TIME, nla_get_u32);
3497 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout,
3498 mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
3499 nla_get_u16);
3500 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout,
3501 mask, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
3502 nla_get_u32);
3503 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval,
3504 mask, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
3505 nla_get_u16);
3506 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPperrMinInterval,
3507 mask, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL,
3508 nla_get_u16);
3509 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
3510 dot11MeshHWMPnetDiameterTraversalTime,
3511 mask, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
3512 nla_get_u16);
3513 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
3514 dot11MeshHWMPRootMode, mask,
3515 NL80211_MESHCONF_HWMP_ROOTMODE,
3516 nla_get_u8);
3517 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
3518 dot11MeshHWMPRannInterval, mask,
3519 NL80211_MESHCONF_HWMP_RANN_INTERVAL,
3520 nla_get_u16);
3521 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
3522 dot11MeshGateAnnouncementProtocol, mask,
3523 NL80211_MESHCONF_GATE_ANNOUNCEMENTS,
3524 nla_get_u8);
3525 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshForwarding,
3526 mask, NL80211_MESHCONF_FORWARDING, nla_get_u8);
3527 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold,
3528 mask, NL80211_MESHCONF_RSSI_THRESHOLD, nla_get_u32);
3529 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, ht_opmode,
3530 mask, NL80211_MESHCONF_HT_OPMODE, nla_get_u16);
3531 if (mask_out)
3532 *mask_out = mask;
3533
3534 return 0;
3535
3536 #undef FILL_IN_MESH_PARAM_IF_SET
3537 }
3538
3539 static int nl80211_parse_mesh_setup(struct genl_info *info,
3540 struct mesh_setup *setup)
3541 {
3542 struct nlattr *tb[NL80211_MESH_SETUP_ATTR_MAX + 1];
3543
3544 if (!info->attrs[NL80211_ATTR_MESH_SETUP])
3545 return -EINVAL;
3546 if (nla_parse_nested(tb, NL80211_MESH_SETUP_ATTR_MAX,
3547 info->attrs[NL80211_ATTR_MESH_SETUP],
3548 nl80211_mesh_setup_params_policy))
3549 return -EINVAL;
3550
3551 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC])
3552 setup->sync_method =
3553 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC])) ?
3554 IEEE80211_SYNC_METHOD_VENDOR :
3555 IEEE80211_SYNC_METHOD_NEIGHBOR_OFFSET;
3556
3557 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])
3558 setup->path_sel_proto =
3559 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])) ?
3560 IEEE80211_PATH_PROTOCOL_VENDOR :
3561 IEEE80211_PATH_PROTOCOL_HWMP;
3562
3563 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])
3564 setup->path_metric =
3565 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])) ?
3566 IEEE80211_PATH_METRIC_VENDOR :
3567 IEEE80211_PATH_METRIC_AIRTIME;
3568
3569
3570 if (tb[NL80211_MESH_SETUP_IE]) {
3571 struct nlattr *ieattr =
3572 tb[NL80211_MESH_SETUP_IE];
3573 if (!is_valid_ie_attr(ieattr))
3574 return -EINVAL;
3575 setup->ie = nla_data(ieattr);
3576 setup->ie_len = nla_len(ieattr);
3577 }
3578 setup->is_authenticated = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AUTH]);
3579 setup->is_secure = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AMPE]);
3580
3581 return 0;
3582 }
3583
3584 static int nl80211_update_mesh_config(struct sk_buff *skb,
3585 struct genl_info *info)
3586 {
3587 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3588 struct net_device *dev = info->user_ptr[1];
3589 struct wireless_dev *wdev = dev->ieee80211_ptr;
3590 struct mesh_config cfg;
3591 u32 mask;
3592 int err;
3593
3594 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT)
3595 return -EOPNOTSUPP;
3596
3597 if (!rdev->ops->update_mesh_config)
3598 return -EOPNOTSUPP;
3599
3600 err = nl80211_parse_mesh_config(info, &cfg, &mask);
3601 if (err)
3602 return err;
3603
3604 wdev_lock(wdev);
3605 if (!wdev->mesh_id_len)
3606 err = -ENOLINK;
3607
3608 if (!err)
3609 err = rdev->ops->update_mesh_config(&rdev->wiphy, dev,
3610 mask, &cfg);
3611
3612 wdev_unlock(wdev);
3613
3614 return err;
3615 }
3616
3617 static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info)
3618 {
3619 struct sk_buff *msg;
3620 void *hdr = NULL;
3621 struct nlattr *nl_reg_rules;
3622 unsigned int i;
3623 int err = -EINVAL;
3624
3625 mutex_lock(&cfg80211_mutex);
3626
3627 if (!cfg80211_regdomain)
3628 goto out;
3629
3630 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
3631 if (!msg) {
3632 err = -ENOBUFS;
3633 goto out;
3634 }
3635
3636 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
3637 NL80211_CMD_GET_REG);
3638 if (!hdr)
3639 goto put_failure;
3640
3641 if (nla_put_string(msg, NL80211_ATTR_REG_ALPHA2,
3642 cfg80211_regdomain->alpha2) ||
3643 (cfg80211_regdomain->dfs_region &&
3644 nla_put_u8(msg, NL80211_ATTR_DFS_REGION,
3645 cfg80211_regdomain->dfs_region)))
3646 goto nla_put_failure;
3647
3648 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES);
3649 if (!nl_reg_rules)
3650 goto nla_put_failure;
3651
3652 for (i = 0; i < cfg80211_regdomain->n_reg_rules; i++) {
3653 struct nlattr *nl_reg_rule;
3654 const struct ieee80211_reg_rule *reg_rule;
3655 const struct ieee80211_freq_range *freq_range;
3656 const struct ieee80211_power_rule *power_rule;
3657
3658 reg_rule = &cfg80211_regdomain->reg_rules[i];
3659 freq_range = &reg_rule->freq_range;
3660 power_rule = &reg_rule->power_rule;
3661
3662 nl_reg_rule = nla_nest_start(msg, i);
3663 if (!nl_reg_rule)
3664 goto nla_put_failure;
3665
3666 if (nla_put_u32(msg, NL80211_ATTR_REG_RULE_FLAGS,
3667 reg_rule->flags) ||
3668 nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_START,
3669 freq_range->start_freq_khz) ||
3670 nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_END,
3671 freq_range->end_freq_khz) ||
3672 nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW,
3673 freq_range->max_bandwidth_khz) ||
3674 nla_put_u32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN,
3675 power_rule->max_antenna_gain) ||
3676 nla_put_u32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP,
3677 power_rule->max_eirp))
3678 goto nla_put_failure;
3679
3680 nla_nest_end(msg, nl_reg_rule);
3681 }
3682
3683 nla_nest_end(msg, nl_reg_rules);
3684
3685 genlmsg_end(msg, hdr);
3686 err = genlmsg_reply(msg, info);
3687 goto out;
3688
3689 nla_put_failure:
3690 genlmsg_cancel(msg, hdr);
3691 put_failure:
3692 nlmsg_free(msg);
3693 err = -EMSGSIZE;
3694 out:
3695 mutex_unlock(&cfg80211_mutex);
3696 return err;
3697 }
3698
3699 static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info)
3700 {
3701 struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1];
3702 struct nlattr *nl_reg_rule;
3703 char *alpha2 = NULL;
3704 int rem_reg_rules = 0, r = 0;
3705 u32 num_rules = 0, rule_idx = 0, size_of_regd;
3706 u8 dfs_region = 0;
3707 struct ieee80211_regdomain *rd = NULL;
3708
3709 if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
3710 return -EINVAL;
3711
3712 if (!info->attrs[NL80211_ATTR_REG_RULES])
3713 return -EINVAL;
3714
3715 alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]);
3716
3717 if (info->attrs[NL80211_ATTR_DFS_REGION])
3718 dfs_region = nla_get_u8(info->attrs[NL80211_ATTR_DFS_REGION]);
3719
3720 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
3721 rem_reg_rules) {
3722 num_rules++;
3723 if (num_rules > NL80211_MAX_SUPP_REG_RULES)
3724 return -EINVAL;
3725 }
3726
3727 mutex_lock(&cfg80211_mutex);
3728
3729 if (!reg_is_valid_request(alpha2)) {
3730 r = -EINVAL;
3731 goto bad_reg;
3732 }
3733
3734 size_of_regd = sizeof(struct ieee80211_regdomain) +
3735 (num_rules * sizeof(struct ieee80211_reg_rule));
3736
3737 rd = kzalloc(size_of_regd, GFP_KERNEL);
3738 if (!rd) {
3739 r = -ENOMEM;
3740 goto bad_reg;
3741 }
3742
3743 rd->n_reg_rules = num_rules;
3744 rd->alpha2[0] = alpha2[0];
3745 rd->alpha2[1] = alpha2[1];
3746
3747 /*
3748 * Disable DFS master mode if the DFS region was
3749 * not supported or known on this kernel.
3750 */
3751 if (reg_supported_dfs_region(dfs_region))
3752 rd->dfs_region = dfs_region;
3753
3754 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
3755 rem_reg_rules) {
3756 nla_parse(tb, NL80211_REG_RULE_ATTR_MAX,
3757 nla_data(nl_reg_rule), nla_len(nl_reg_rule),
3758 reg_rule_policy);
3759 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]);
3760 if (r)
3761 goto bad_reg;
3762
3763 rule_idx++;
3764
3765 if (rule_idx > NL80211_MAX_SUPP_REG_RULES) {
3766 r = -EINVAL;
3767 goto bad_reg;
3768 }
3769 }
3770
3771 BUG_ON(rule_idx != num_rules);
3772
3773 r = set_regdom(rd);
3774
3775 mutex_unlock(&cfg80211_mutex);
3776
3777 return r;
3778
3779 bad_reg:
3780 mutex_unlock(&cfg80211_mutex);
3781 kfree(rd);
3782 return r;
3783 }
3784
3785 static int validate_scan_freqs(struct nlattr *freqs)
3786 {
3787 struct nlattr *attr1, *attr2;
3788 int n_channels = 0, tmp1, tmp2;
3789
3790 nla_for_each_nested(attr1, freqs, tmp1) {
3791 n_channels++;
3792 /*
3793 * Some hardware has a limited channel list for
3794 * scanning, and it is pretty much nonsensical
3795 * to scan for a channel twice, so disallow that
3796 * and don't require drivers to check that the
3797 * channel list they get isn't longer than what
3798 * they can scan, as long as they can scan all
3799 * the channels they registered at once.
3800 */
3801 nla_for_each_nested(attr2, freqs, tmp2)
3802 if (attr1 != attr2 &&
3803 nla_get_u32(attr1) == nla_get_u32(attr2))
3804 return 0;
3805 }
3806
3807 return n_channels;
3808 }
3809
3810 static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
3811 {
3812 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3813 struct net_device *dev = info->user_ptr[1];
3814 struct cfg80211_scan_request *request;
3815 struct nlattr *attr;
3816 struct wiphy *wiphy;
3817 int err, tmp, n_ssids = 0, n_channels, i;
3818 size_t ie_len;
3819
3820 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3821 return -EINVAL;
3822
3823 wiphy = &rdev->wiphy;
3824
3825 if (!rdev->ops->scan)
3826 return -EOPNOTSUPP;
3827
3828 if (rdev->scan_req)
3829 return -EBUSY;
3830
3831 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
3832 n_channels = validate_scan_freqs(
3833 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]);
3834 if (!n_channels)
3835 return -EINVAL;
3836 } else {
3837 enum ieee80211_band band;
3838 n_channels = 0;
3839
3840 for (band = 0; band < IEEE80211_NUM_BANDS; band++)
3841 if (wiphy->bands[band])
3842 n_channels += wiphy->bands[band]->n_channels;
3843 }
3844
3845 if (info->attrs[NL80211_ATTR_SCAN_SSIDS])
3846 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp)
3847 n_ssids++;
3848
3849 if (n_ssids > wiphy->max_scan_ssids)
3850 return -EINVAL;
3851
3852 if (info->attrs[NL80211_ATTR_IE])
3853 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3854 else
3855 ie_len = 0;
3856
3857 if (ie_len > wiphy->max_scan_ie_len)
3858 return -EINVAL;
3859
3860 request = kzalloc(sizeof(*request)
3861 + sizeof(*request->ssids) * n_ssids
3862 + sizeof(*request->channels) * n_channels
3863 + ie_len, GFP_KERNEL);
3864 if (!request)
3865 return -ENOMEM;
3866
3867 if (n_ssids)
3868 request->ssids = (void *)&request->channels[n_channels];
3869 request->n_ssids = n_ssids;
3870 if (ie_len) {
3871 if (request->ssids)
3872 request->ie = (void *)(request->ssids + n_ssids);
3873 else
3874 request->ie = (void *)(request->channels + n_channels);
3875 }
3876
3877 i = 0;
3878 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
3879 /* user specified, bail out if channel not found */
3880 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) {
3881 struct ieee80211_channel *chan;
3882
3883 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr));
3884
3885 if (!chan) {
3886 err = -EINVAL;
3887 goto out_free;
3888 }
3889
3890 /* ignore disabled channels */
3891 if (chan->flags & IEEE80211_CHAN_DISABLED)
3892 continue;
3893
3894 request->channels[i] = chan;
3895 i++;
3896 }
3897 } else {
3898 enum ieee80211_band band;
3899
3900 /* all channels */
3901 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
3902 int j;
3903 if (!wiphy->bands[band])
3904 continue;
3905 for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
3906 struct ieee80211_channel *chan;
3907
3908 chan = &wiphy->bands[band]->channels[j];
3909
3910 if (chan->flags & IEEE80211_CHAN_DISABLED)
3911 continue;
3912
3913 request->channels[i] = chan;
3914 i++;
3915 }
3916 }
3917 }
3918
3919 if (!i) {
3920 err = -EINVAL;
3921 goto out_free;
3922 }
3923
3924 request->n_channels = i;
3925
3926 i = 0;
3927 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) {
3928 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) {
3929 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) {
3930 err = -EINVAL;
3931 goto out_free;
3932 }
3933 request->ssids[i].ssid_len = nla_len(attr);
3934 memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr));
3935 i++;
3936 }
3937 }
3938
3939 if (info->attrs[NL80211_ATTR_IE]) {
3940 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3941 memcpy((void *)request->ie,
3942 nla_data(info->attrs[NL80211_ATTR_IE]),
3943 request->ie_len);
3944 }
3945
3946 for (i = 0; i < IEEE80211_NUM_BANDS; i++)
3947 if (wiphy->bands[i])
3948 request->rates[i] =
3949 (1 << wiphy->bands[i]->n_bitrates) - 1;
3950
3951 if (info->attrs[NL80211_ATTR_SCAN_SUPP_RATES]) {
3952 nla_for_each_nested(attr,
3953 info->attrs[NL80211_ATTR_SCAN_SUPP_RATES],
3954 tmp) {
3955 enum ieee80211_band band = nla_type(attr);
3956
3957 if (band < 0 || band >= IEEE80211_NUM_BANDS) {
3958 err = -EINVAL;
3959 goto out_free;
3960 }
3961 err = ieee80211_get_ratemask(wiphy->bands[band],
3962 nla_data(attr),
3963 nla_len(attr),
3964 &request->rates[band]);
3965 if (err)
3966 goto out_free;
3967 }
3968 }
3969
3970 request->no_cck =
3971 nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]);
3972
3973 request->dev = dev;
3974 request->wiphy = &rdev->wiphy;
3975
3976 rdev->scan_req = request;
3977 err = rdev->ops->scan(&rdev->wiphy, dev, request);
3978
3979 if (!err) {
3980 nl80211_send_scan_start(rdev, dev);
3981 dev_hold(dev);
3982 } else {
3983 out_free:
3984 rdev->scan_req = NULL;
3985 kfree(request);
3986 }
3987
3988 return err;
3989 }
3990
3991 static int nl80211_start_sched_scan(struct sk_buff *skb,
3992 struct genl_info *info)
3993 {
3994 struct cfg80211_sched_scan_request *request;
3995 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3996 struct net_device *dev = info->user_ptr[1];
3997 struct nlattr *attr;
3998 struct wiphy *wiphy;
3999 int err, tmp, n_ssids = 0, n_match_sets = 0, n_channels, i;
4000 u32 interval;
4001 enum ieee80211_band band;
4002 size_t ie_len;
4003 struct nlattr *tb[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1];
4004
4005 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) ||
4006 !rdev->ops->sched_scan_start)
4007 return -EOPNOTSUPP;
4008
4009 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
4010 return -EINVAL;
4011
4012 if (!info->attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL])
4013 return -EINVAL;
4014
4015 interval = nla_get_u32(info->attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]);
4016 if (interval == 0)
4017 return -EINVAL;
4018
4019 wiphy = &rdev->wiphy;
4020
4021 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
4022 n_channels = validate_scan_freqs(
4023 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]);
4024 if (!n_channels)
4025 return -EINVAL;
4026 } else {
4027 n_channels = 0;
4028
4029 for (band = 0; band < IEEE80211_NUM_BANDS; band++)
4030 if (wiphy->bands[band])
4031 n_channels += wiphy->bands[band]->n_channels;
4032 }
4033
4034 if (info->attrs[NL80211_ATTR_SCAN_SSIDS])
4035 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS],
4036 tmp)
4037 n_ssids++;
4038
4039 if (n_ssids > wiphy->max_sched_scan_ssids)
4040 return -EINVAL;
4041
4042 if (info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH])
4043 nla_for_each_nested(attr,
4044 info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH],
4045 tmp)
4046 n_match_sets++;
4047
4048 if (n_match_sets > wiphy->max_match_sets)
4049 return -EINVAL;
4050
4051 if (info->attrs[NL80211_ATTR_IE])
4052 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
4053 else
4054 ie_len = 0;
4055
4056 if (ie_len > wiphy->max_sched_scan_ie_len)
4057 return -EINVAL;
4058
4059 mutex_lock(&rdev->sched_scan_mtx);
4060
4061 if (rdev->sched_scan_req) {
4062 err = -EINPROGRESS;
4063 goto out;
4064 }
4065
4066 request = kzalloc(sizeof(*request)
4067 + sizeof(*request->ssids) * n_ssids
4068 + sizeof(*request->match_sets) * n_match_sets
4069 + sizeof(*request->channels) * n_channels
4070 + ie_len, GFP_KERNEL);
4071 if (!request) {
4072 err = -ENOMEM;
4073 goto out;
4074 }
4075
4076 if (n_ssids)
4077 request->ssids = (void *)&request->channels[n_channels];
4078 request->n_ssids = n_ssids;
4079 if (ie_len) {
4080 if (request->ssids)
4081 request->ie = (void *)(request->ssids + n_ssids);
4082 else
4083 request->ie = (void *)(request->channels + n_channels);
4084 }
4085
4086 if (n_match_sets) {
4087 if (request->ie)
4088 request->match_sets = (void *)(request->ie + ie_len);
4089 else if (request->ssids)
4090 request->match_sets =
4091 (void *)(request->ssids + n_ssids);
4092 else
4093 request->match_sets =
4094 (void *)(request->channels + n_channels);
4095 }
4096 request->n_match_sets = n_match_sets;
4097
4098 i = 0;
4099 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
4100 /* user specified, bail out if channel not found */
4101 nla_for_each_nested(attr,
4102 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES],
4103 tmp) {
4104 struct ieee80211_channel *chan;
4105
4106 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr));
4107
4108 if (!chan) {
4109 err = -EINVAL;
4110 goto out_free;
4111 }
4112
4113 /* ignore disabled channels */
4114 if (chan->flags & IEEE80211_CHAN_DISABLED)
4115 continue;
4116
4117 request->channels[i] = chan;
4118 i++;
4119 }
4120 } else {
4121 /* all channels */
4122 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
4123 int j;
4124 if (!wiphy->bands[band])
4125 continue;
4126 for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
4127 struct ieee80211_channel *chan;
4128
4129 chan = &wiphy->bands[band]->channels[j];
4130
4131 if (chan->flags & IEEE80211_CHAN_DISABLED)
4132 continue;
4133
4134 request->channels[i] = chan;
4135 i++;
4136 }
4137 }
4138 }
4139
4140 if (!i) {
4141 err = -EINVAL;
4142 goto out_free;
4143 }
4144
4145 request->n_channels = i;
4146
4147 i = 0;
4148 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) {
4149 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS],
4150 tmp) {
4151 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) {
4152 err = -EINVAL;
4153 goto out_free;
4154 }
4155 request->ssids[i].ssid_len = nla_len(attr);
4156 memcpy(request->ssids[i].ssid, nla_data(attr),
4157 nla_len(attr));
4158 i++;
4159 }
4160 }
4161
4162 i = 0;
4163 if (info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) {
4164 nla_for_each_nested(attr,
4165 info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH],
4166 tmp) {
4167 struct nlattr *ssid;
4168
4169 nla_parse(tb, NL80211_SCHED_SCAN_MATCH_ATTR_MAX,
4170 nla_data(attr), nla_len(attr),
4171 nl80211_match_policy);
4172 ssid = tb[NL80211_ATTR_SCHED_SCAN_MATCH_SSID];
4173 if (ssid) {
4174 if (nla_len(ssid) > IEEE80211_MAX_SSID_LEN) {
4175 err = -EINVAL;
4176 goto out_free;
4177 }
4178 memcpy(request->match_sets[i].ssid.ssid,
4179 nla_data(ssid), nla_len(ssid));
4180 request->match_sets[i].ssid.ssid_len =
4181 nla_len(ssid);
4182 }
4183 i++;
4184 }
4185 }
4186
4187 if (info->attrs[NL80211_ATTR_IE]) {
4188 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
4189 memcpy((void *)request->ie,
4190 nla_data(info->attrs[NL80211_ATTR_IE]),
4191 request->ie_len);
4192 }
4193
4194 request->dev = dev;
4195 request->wiphy = &rdev->wiphy;
4196 request->interval = interval;
4197
4198 err = rdev->ops->sched_scan_start(&rdev->wiphy, dev, request);
4199 if (!err) {
4200 rdev->sched_scan_req = request;
4201 nl80211_send_sched_scan(rdev, dev,
4202 NL80211_CMD_START_SCHED_SCAN);
4203 goto out;
4204 }
4205
4206 out_free:
4207 kfree(request);
4208 out:
4209 mutex_unlock(&rdev->sched_scan_mtx);
4210 return err;
4211 }
4212
4213 static int nl80211_stop_sched_scan(struct sk_buff *skb,
4214 struct genl_info *info)
4215 {
4216 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4217 int err;
4218
4219 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) ||
4220 !rdev->ops->sched_scan_stop)
4221 return -EOPNOTSUPP;
4222
4223 mutex_lock(&rdev->sched_scan_mtx);
4224 err = __cfg80211_stop_sched_scan(rdev, false);
4225 mutex_unlock(&rdev->sched_scan_mtx);
4226
4227 return err;
4228 }
4229
4230 static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb,
4231 u32 seq, int flags,
4232 struct cfg80211_registered_device *rdev,
4233 struct wireless_dev *wdev,
4234 struct cfg80211_internal_bss *intbss)
4235 {
4236 struct cfg80211_bss *res = &intbss->pub;
4237 void *hdr;
4238 struct nlattr *bss;
4239
4240 ASSERT_WDEV_LOCK(wdev);
4241
4242 hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).pid, seq, flags,
4243 NL80211_CMD_NEW_SCAN_RESULTS);
4244 if (!hdr)
4245 return -1;
4246
4247 genl_dump_check_consistent(cb, hdr, &nl80211_fam);
4248
4249 if (nla_put_u32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation) ||
4250 nla_put_u32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex))
4251 goto nla_put_failure;
4252
4253 bss = nla_nest_start(msg, NL80211_ATTR_BSS);
4254 if (!bss)
4255 goto nla_put_failure;
4256 if ((!is_zero_ether_addr(res->bssid) &&
4257 nla_put(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid)) ||
4258 (res->information_elements && res->len_information_elements &&
4259 nla_put(msg, NL80211_BSS_INFORMATION_ELEMENTS,
4260 res->len_information_elements,
4261 res->information_elements)) ||
4262 (res->beacon_ies && res->len_beacon_ies &&
4263 res->beacon_ies != res->information_elements &&
4264 nla_put(msg, NL80211_BSS_BEACON_IES,
4265 res->len_beacon_ies, res->beacon_ies)))
4266 goto nla_put_failure;
4267 if (res->tsf &&
4268 nla_put_u64(msg, NL80211_BSS_TSF, res->tsf))
4269 goto nla_put_failure;
4270 if (res->beacon_interval &&
4271 nla_put_u16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval))
4272 goto nla_put_failure;
4273 if (nla_put_u16(msg, NL80211_BSS_CAPABILITY, res->capability) ||
4274 nla_put_u32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq) ||
4275 nla_put_u32(msg, NL80211_BSS_SEEN_MS_AGO,
4276 jiffies_to_msecs(jiffies - intbss->ts)))
4277 goto nla_put_failure;
4278
4279 switch (rdev->wiphy.signal_type) {
4280 case CFG80211_SIGNAL_TYPE_MBM:
4281 if (nla_put_u32(msg, NL80211_BSS_SIGNAL_MBM, res->signal))
4282 goto nla_put_failure;
4283 break;
4284 case CFG80211_SIGNAL_TYPE_UNSPEC:
4285 if (nla_put_u8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal))
4286 goto nla_put_failure;
4287 break;
4288 default:
4289 break;
4290 }
4291
4292 switch (wdev->iftype) {
4293 case NL80211_IFTYPE_P2P_CLIENT:
4294 case NL80211_IFTYPE_STATION:
4295 if (intbss == wdev->current_bss &&
4296 nla_put_u32(msg, NL80211_BSS_STATUS,
4297 NL80211_BSS_STATUS_ASSOCIATED))
4298 goto nla_put_failure;
4299 break;
4300 case NL80211_IFTYPE_ADHOC:
4301 if (intbss == wdev->current_bss &&
4302 nla_put_u32(msg, NL80211_BSS_STATUS,
4303 NL80211_BSS_STATUS_IBSS_JOINED))
4304 goto nla_put_failure;
4305 break;
4306 default:
4307 break;
4308 }
4309
4310 nla_nest_end(msg, bss);
4311
4312 return genlmsg_end(msg, hdr);
4313
4314 nla_put_failure:
4315 genlmsg_cancel(msg, hdr);
4316 return -EMSGSIZE;
4317 }
4318
4319 static int nl80211_dump_scan(struct sk_buff *skb,
4320 struct netlink_callback *cb)
4321 {
4322 struct cfg80211_registered_device *rdev;
4323 struct net_device *dev;
4324 struct cfg80211_internal_bss *scan;
4325 struct wireless_dev *wdev;
4326 int start = cb->args[1], idx = 0;
4327 int err;
4328
4329 err = nl80211_prepare_netdev_dump(skb, cb, &rdev, &dev);
4330 if (err)
4331 return err;
4332
4333 wdev = dev->ieee80211_ptr;
4334
4335 wdev_lock(wdev);
4336 spin_lock_bh(&rdev->bss_lock);
4337 cfg80211_bss_expire(rdev);
4338
4339 cb->seq = rdev->bss_generation;
4340
4341 list_for_each_entry(scan, &rdev->bss_list, list) {
4342 if (++idx <= start)
4343 continue;
4344 if (nl80211_send_bss(skb, cb,
4345 cb->nlh->nlmsg_seq, NLM_F_MULTI,
4346 rdev, wdev, scan) < 0) {
4347 idx--;
4348 break;
4349 }
4350 }
4351
4352 spin_unlock_bh(&rdev->bss_lock);
4353 wdev_unlock(wdev);
4354
4355 cb->args[1] = idx;
4356 nl80211_finish_netdev_dump(rdev);
4357
4358 return skb->len;
4359 }
4360
4361 static int nl80211_send_survey(struct sk_buff *msg, u32 pid, u32 seq,
4362 int flags, struct net_device *dev,
4363 struct survey_info *survey)
4364 {
4365 void *hdr;
4366 struct nlattr *infoattr;
4367
4368 hdr = nl80211hdr_put(msg, pid, seq, flags,
4369 NL80211_CMD_NEW_SURVEY_RESULTS);
4370 if (!hdr)
4371 return -ENOMEM;
4372
4373 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
4374 goto nla_put_failure;
4375
4376 infoattr = nla_nest_start(msg, NL80211_ATTR_SURVEY_INFO);
4377 if (!infoattr)
4378 goto nla_put_failure;
4379
4380 if (nla_put_u32(msg, NL80211_SURVEY_INFO_FREQUENCY,
4381 survey->channel->center_freq))
4382 goto nla_put_failure;
4383
4384 if ((survey->filled & SURVEY_INFO_NOISE_DBM) &&
4385 nla_put_u8(msg, NL80211_SURVEY_INFO_NOISE, survey->noise))
4386 goto nla_put_failure;
4387 if ((survey->filled & SURVEY_INFO_IN_USE) &&
4388 nla_put_flag(msg, NL80211_SURVEY_INFO_IN_USE))
4389 goto nla_put_failure;
4390 if ((survey->filled & SURVEY_INFO_CHANNEL_TIME) &&
4391 nla_put_u64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME,
4392 survey->channel_time))
4393 goto nla_put_failure;
4394 if ((survey->filled & SURVEY_INFO_CHANNEL_TIME_BUSY) &&
4395 nla_put_u64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY,
4396 survey->channel_time_busy))
4397 goto nla_put_failure;
4398 if ((survey->filled & SURVEY_INFO_CHANNEL_TIME_EXT_BUSY) &&
4399 nla_put_u64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_EXT_BUSY,
4400 survey->channel_time_ext_busy))
4401 goto nla_put_failure;
4402 if ((survey->filled & SURVEY_INFO_CHANNEL_TIME_RX) &&
4403 nla_put_u64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_RX,
4404 survey->channel_time_rx))
4405 goto nla_put_failure;
4406 if ((survey->filled & SURVEY_INFO_CHANNEL_TIME_TX) &&
4407 nla_put_u64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_TX,
4408 survey->channel_time_tx))
4409 goto nla_put_failure;
4410
4411 nla_nest_end(msg, infoattr);
4412
4413 return genlmsg_end(msg, hdr);
4414
4415 nla_put_failure:
4416 genlmsg_cancel(msg, hdr);
4417 return -EMSGSIZE;
4418 }
4419
4420 static int nl80211_dump_survey(struct sk_buff *skb,
4421 struct netlink_callback *cb)
4422 {
4423 struct survey_info survey;
4424 struct cfg80211_registered_device *dev;
4425 struct net_device *netdev;
4426 int survey_idx = cb->args[1];
4427 int res;
4428
4429 res = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev);
4430 if (res)
4431 return res;
4432
4433 if (!dev->ops->dump_survey) {
4434 res = -EOPNOTSUPP;
4435 goto out_err;
4436 }
4437
4438 while (1) {
4439 struct ieee80211_channel *chan;
4440
4441 res = dev->ops->dump_survey(&dev->wiphy, netdev, survey_idx,
4442 &survey);
4443 if (res == -ENOENT)
4444 break;
4445 if (res)
4446 goto out_err;
4447
4448 /* Survey without a channel doesn't make sense */
4449 if (!survey.channel) {
4450 res = -EINVAL;
4451 goto out;
4452 }
4453
4454 chan = ieee80211_get_channel(&dev->wiphy,
4455 survey.channel->center_freq);
4456 if (!chan || chan->flags & IEEE80211_CHAN_DISABLED) {
4457 survey_idx++;
4458 continue;
4459 }
4460
4461 if (nl80211_send_survey(skb,
4462 NETLINK_CB(cb->skb).pid,
4463 cb->nlh->nlmsg_seq, NLM_F_MULTI,
4464 netdev,
4465 &survey) < 0)
4466 goto out;
4467 survey_idx++;
4468 }
4469
4470 out:
4471 cb->args[1] = survey_idx;
4472 res = skb->len;
4473 out_err:
4474 nl80211_finish_netdev_dump(dev);
4475 return res;
4476 }
4477
4478 static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type)
4479 {
4480 return auth_type <= NL80211_AUTHTYPE_MAX;
4481 }
4482
4483 static bool nl80211_valid_wpa_versions(u32 wpa_versions)
4484 {
4485 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 |
4486 NL80211_WPA_VERSION_2));
4487 }
4488
4489 static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
4490 {
4491 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4492 struct net_device *dev = info->user_ptr[1];
4493 struct ieee80211_channel *chan;
4494 const u8 *bssid, *ssid, *ie = NULL;
4495 int err, ssid_len, ie_len = 0;
4496 enum nl80211_auth_type auth_type;
4497 struct key_parse key;
4498 bool local_state_change;
4499
4500 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
4501 return -EINVAL;
4502
4503 if (!info->attrs[NL80211_ATTR_MAC])
4504 return -EINVAL;
4505
4506 if (!info->attrs[NL80211_ATTR_AUTH_TYPE])
4507 return -EINVAL;
4508
4509 if (!info->attrs[NL80211_ATTR_SSID])
4510 return -EINVAL;
4511
4512 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
4513 return -EINVAL;
4514
4515 err = nl80211_parse_key(info, &key);
4516 if (err)
4517 return err;
4518
4519 if (key.idx >= 0) {
4520 if (key.type != -1 && key.type != NL80211_KEYTYPE_GROUP)
4521 return -EINVAL;
4522 if (!key.p.key || !key.p.key_len)
4523 return -EINVAL;
4524 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 ||
4525 key.p.key_len != WLAN_KEY_LEN_WEP40) &&
4526 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 ||
4527 key.p.key_len != WLAN_KEY_LEN_WEP104))
4528 return -EINVAL;
4529 if (key.idx > 4)
4530 return -EINVAL;
4531 } else {
4532 key.p.key_len = 0;
4533 key.p.key = NULL;
4534 }
4535
4536 if (key.idx >= 0) {
4537 int i;
4538 bool ok = false;
4539 for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) {
4540 if (key.p.cipher == rdev->wiphy.cipher_suites[i]) {
4541 ok = true;
4542 break;
4543 }
4544 }
4545 if (!ok)
4546 return -EINVAL;
4547 }
4548
4549 if (!rdev->ops->auth)
4550 return -EOPNOTSUPP;
4551
4552 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
4553 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
4554 return -EOPNOTSUPP;
4555
4556 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
4557 chan = ieee80211_get_channel(&rdev->wiphy,
4558 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
4559 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED))
4560 return -EINVAL;
4561
4562 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
4563 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
4564
4565 if (info->attrs[NL80211_ATTR_IE]) {
4566 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
4567 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
4568 }
4569
4570 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
4571 if (!nl80211_valid_auth_type(auth_type))
4572 return -EINVAL;
4573
4574 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
4575
4576 /*
4577 * Since we no longer track auth state, ignore
4578 * requests to only change local state.
4579 */
4580 if (local_state_change)
4581 return 0;
4582
4583 return cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid,
4584 ssid, ssid_len, ie, ie_len,
4585 key.p.key, key.p.key_len, key.idx);
4586 }
4587
4588 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
4589 struct genl_info *info,
4590 struct cfg80211_crypto_settings *settings,
4591 int cipher_limit)
4592 {
4593 memset(settings, 0, sizeof(*settings));
4594
4595 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT];
4596
4597 if (info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) {
4598 u16 proto;
4599 proto = nla_get_u16(
4600 info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]);
4601 settings->control_port_ethertype = cpu_to_be16(proto);
4602 if (!(rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) &&
4603 proto != ETH_P_PAE)
4604 return -EINVAL;
4605 if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT])
4606 settings->control_port_no_encrypt = true;
4607 } else
4608 settings->control_port_ethertype = cpu_to_be16(ETH_P_PAE);
4609
4610 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) {
4611 void *data;
4612 int len, i;
4613
4614 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
4615 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
4616 settings->n_ciphers_pairwise = len / sizeof(u32);
4617
4618 if (len % sizeof(u32))
4619 return -EINVAL;
4620
4621 if (settings->n_ciphers_pairwise > cipher_limit)
4622 return -EINVAL;
4623
4624 memcpy(settings->ciphers_pairwise, data, len);
4625
4626 for (i = 0; i < settings->n_ciphers_pairwise; i++)
4627 if (!cfg80211_supported_cipher_suite(
4628 &rdev->wiphy,
4629 settings->ciphers_pairwise[i]))
4630 return -EINVAL;
4631 }
4632
4633 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) {
4634 settings->cipher_group =
4635 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]);
4636 if (!cfg80211_supported_cipher_suite(&rdev->wiphy,
4637 settings->cipher_group))
4638 return -EINVAL;
4639 }
4640
4641 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) {
4642 settings->wpa_versions =
4643 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]);
4644 if (!nl80211_valid_wpa_versions(settings->wpa_versions))
4645 return -EINVAL;
4646 }
4647
4648 if (info->attrs[NL80211_ATTR_AKM_SUITES]) {
4649 void *data;
4650 int len;
4651
4652 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]);
4653 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]);
4654 settings->n_akm_suites = len / sizeof(u32);
4655
4656 if (len % sizeof(u32))
4657 return -EINVAL;
4658
4659 if (settings->n_akm_suites > NL80211_MAX_NR_AKM_SUITES)
4660 return -EINVAL;
4661
4662 memcpy(settings->akm_suites, data, len);
4663 }
4664
4665 return 0;
4666 }
4667
4668 static int nl80211_associate(struct sk_buff *skb, struct genl_info *info)
4669 {
4670 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4671 struct net_device *dev = info->user_ptr[1];
4672 struct cfg80211_crypto_settings crypto;
4673 struct ieee80211_channel *chan;
4674 const u8 *bssid, *ssid, *ie = NULL, *prev_bssid = NULL;
4675 int err, ssid_len, ie_len = 0;
4676 bool use_mfp = false;
4677 u32 flags = 0;
4678 struct ieee80211_ht_cap *ht_capa = NULL;
4679 struct ieee80211_ht_cap *ht_capa_mask = NULL;
4680
4681 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
4682 return -EINVAL;
4683
4684 if (!info->attrs[NL80211_ATTR_MAC] ||
4685 !info->attrs[NL80211_ATTR_SSID] ||
4686 !info->attrs[NL80211_ATTR_WIPHY_FREQ])
4687 return -EINVAL;
4688
4689 if (!rdev->ops->assoc)
4690 return -EOPNOTSUPP;
4691
4692 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
4693 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
4694 return -EOPNOTSUPP;
4695
4696 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
4697
4698 chan = ieee80211_get_channel(&rdev->wiphy,
4699 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
4700 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED))
4701 return -EINVAL;
4702
4703 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
4704 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
4705
4706 if (info->attrs[NL80211_ATTR_IE]) {
4707 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
4708 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
4709 }
4710
4711 if (info->attrs[NL80211_ATTR_USE_MFP]) {
4712 enum nl80211_mfp mfp =
4713 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
4714 if (mfp == NL80211_MFP_REQUIRED)
4715 use_mfp = true;
4716 else if (mfp != NL80211_MFP_NO)
4717 return -EINVAL;
4718 }
4719
4720 if (info->attrs[NL80211_ATTR_PREV_BSSID])
4721 prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]);
4722
4723 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT]))
4724 flags |= ASSOC_REQ_DISABLE_HT;
4725
4726 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
4727 ht_capa_mask =
4728 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]);
4729
4730 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
4731 if (!ht_capa_mask)
4732 return -EINVAL;
4733 ht_capa = nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
4734 }
4735
4736 err = nl80211_crypto_settings(rdev, info, &crypto, 1);
4737 if (!err)
4738 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid,
4739 ssid, ssid_len, ie, ie_len, use_mfp,
4740 &crypto, flags, ht_capa,
4741 ht_capa_mask);
4742
4743 return err;
4744 }
4745
4746 static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
4747 {
4748 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4749 struct net_device *dev = info->user_ptr[1];
4750 const u8 *ie = NULL, *bssid;
4751 int ie_len = 0;
4752 u16 reason_code;
4753 bool local_state_change;
4754
4755 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
4756 return -EINVAL;
4757
4758 if (!info->attrs[NL80211_ATTR_MAC])
4759 return -EINVAL;
4760
4761 if (!info->attrs[NL80211_ATTR_REASON_CODE])
4762 return -EINVAL;
4763
4764 if (!rdev->ops->deauth)
4765 return -EOPNOTSUPP;
4766
4767 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
4768 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
4769 return -EOPNOTSUPP;
4770
4771 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
4772
4773 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
4774 if (reason_code == 0) {
4775 /* Reason Code 0 is reserved */
4776 return -EINVAL;
4777 }
4778
4779 if (info->attrs[NL80211_ATTR_IE]) {
4780 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
4781 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
4782 }
4783
4784 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
4785
4786 return cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code,
4787 local_state_change);
4788 }
4789
4790 static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info)
4791 {
4792 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4793 struct net_device *dev = info->user_ptr[1];
4794 const u8 *ie = NULL, *bssid;
4795 int ie_len = 0;
4796 u16 reason_code;
4797 bool local_state_change;
4798
4799 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
4800 return -EINVAL;
4801
4802 if (!info->attrs[NL80211_ATTR_MAC])
4803 return -EINVAL;
4804
4805 if (!info->attrs[NL80211_ATTR_REASON_CODE])
4806 return -EINVAL;
4807
4808 if (!rdev->ops->disassoc)
4809 return -EOPNOTSUPP;
4810
4811 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
4812 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
4813 return -EOPNOTSUPP;
4814
4815 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
4816
4817 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
4818 if (reason_code == 0) {
4819 /* Reason Code 0 is reserved */
4820 return -EINVAL;
4821 }
4822
4823 if (info->attrs[NL80211_ATTR_IE]) {
4824 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
4825 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
4826 }
4827
4828 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
4829
4830 return cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code,
4831 local_state_change);
4832 }
4833
4834 static bool
4835 nl80211_parse_mcast_rate(struct cfg80211_registered_device *rdev,
4836 int mcast_rate[IEEE80211_NUM_BANDS],
4837 int rateval)
4838 {
4839 struct wiphy *wiphy = &rdev->wiphy;
4840 bool found = false;
4841 int band, i;
4842
4843 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
4844 struct ieee80211_supported_band *sband;
4845
4846 sband = wiphy->bands[band];
4847 if (!sband)
4848 continue;
4849
4850 for (i = 0; i < sband->n_bitrates; i++) {
4851 if (sband->bitrates[i].bitrate == rateval) {
4852 mcast_rate[band] = i + 1;
4853 found = true;
4854 break;
4855 }
4856 }
4857 }
4858
4859 return found;
4860 }
4861
4862 static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
4863 {
4864 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4865 struct net_device *dev = info->user_ptr[1];
4866 struct cfg80211_ibss_params ibss;
4867 struct wiphy *wiphy;
4868 struct cfg80211_cached_keys *connkeys = NULL;
4869 int err;
4870
4871 memset(&ibss, 0, sizeof(ibss));
4872
4873 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
4874 return -EINVAL;
4875
4876 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
4877 !info->attrs[NL80211_ATTR_SSID] ||
4878 !nla_len(info->attrs[NL80211_ATTR_SSID]))
4879 return -EINVAL;
4880
4881 ibss.beacon_interval = 100;
4882
4883 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) {
4884 ibss.beacon_interval =
4885 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
4886 if (ibss.beacon_interval < 1 || ibss.beacon_interval > 10000)
4887 return -EINVAL;
4888 }
4889
4890 if (!rdev->ops->join_ibss)
4891 return -EOPNOTSUPP;
4892
4893 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC)
4894 return -EOPNOTSUPP;
4895
4896 wiphy = &rdev->wiphy;
4897
4898 if (info->attrs[NL80211_ATTR_MAC]) {
4899 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
4900
4901 if (!is_valid_ether_addr(ibss.bssid))
4902 return -EINVAL;
4903 }
4904 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
4905 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
4906
4907 if (info->attrs[NL80211_ATTR_IE]) {
4908 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
4909 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
4910 }
4911
4912 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
4913 enum nl80211_channel_type channel_type;
4914
4915 channel_type = nla_get_u32(
4916 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
4917 if (channel_type != NL80211_CHAN_NO_HT &&
4918 channel_type != NL80211_CHAN_HT20 &&
4919 channel_type != NL80211_CHAN_HT40MINUS &&
4920 channel_type != NL80211_CHAN_HT40PLUS)
4921 return -EINVAL;
4922
4923 if (channel_type != NL80211_CHAN_NO_HT &&
4924 !(wiphy->features & NL80211_FEATURE_HT_IBSS))
4925 return -EINVAL;
4926
4927 ibss.channel_type = channel_type;
4928 } else {
4929 ibss.channel_type = NL80211_CHAN_NO_HT;
4930 }
4931
4932 ibss.channel = rdev_freq_to_chan(rdev,
4933 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]),
4934 ibss.channel_type);
4935 if (!ibss.channel ||
4936 ibss.channel->flags & IEEE80211_CHAN_NO_IBSS ||
4937 ibss.channel->flags & IEEE80211_CHAN_DISABLED)
4938 return -EINVAL;
4939
4940 /* Both channels should be able to initiate communication */
4941 if ((ibss.channel_type == NL80211_CHAN_HT40PLUS ||
4942 ibss.channel_type == NL80211_CHAN_HT40MINUS) &&
4943 !cfg80211_can_beacon_sec_chan(&rdev->wiphy, ibss.channel,
4944 ibss.channel_type))
4945 return -EINVAL;
4946
4947 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED];
4948 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
4949
4950 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
4951 u8 *rates =
4952 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
4953 int n_rates =
4954 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
4955 struct ieee80211_supported_band *sband =
4956 wiphy->bands[ibss.channel->band];
4957
4958 err = ieee80211_get_ratemask(sband, rates, n_rates,
4959 &ibss.basic_rates);
4960 if (err)
4961 return err;
4962 }
4963
4964 if (info->attrs[NL80211_ATTR_MCAST_RATE] &&
4965 !nl80211_parse_mcast_rate(rdev, ibss.mcast_rate,
4966 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE])))
4967 return -EINVAL;
4968
4969 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) {
4970 connkeys = nl80211_parse_connkeys(rdev,
4971 info->attrs[NL80211_ATTR_KEYS]);
4972 if (IS_ERR(connkeys))
4973 return PTR_ERR(connkeys);
4974 }
4975
4976 ibss.control_port =
4977 nla_get_flag(info->attrs[NL80211_ATTR_CONTROL_PORT]);
4978
4979 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys);
4980 if (err)
4981 kfree(connkeys);
4982 return err;
4983 }
4984
4985 static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info)
4986 {
4987 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4988 struct net_device *dev = info->user_ptr[1];
4989
4990 if (!rdev->ops->leave_ibss)
4991 return -EOPNOTSUPP;
4992
4993 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC)
4994 return -EOPNOTSUPP;
4995
4996 return cfg80211_leave_ibss(rdev, dev, false);
4997 }
4998
4999 #ifdef CONFIG_NL80211_TESTMODE
5000 static struct genl_multicast_group nl80211_testmode_mcgrp = {
5001 .name = "testmode",
5002 };
5003
5004 static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info)
5005 {
5006 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5007 int err;
5008
5009 if (!info->attrs[NL80211_ATTR_TESTDATA])
5010 return -EINVAL;
5011
5012 err = -EOPNOTSUPP;
5013 if (rdev->ops->testmode_cmd) {
5014 rdev->testmode_info = info;
5015 err = rdev->ops->testmode_cmd(&rdev->wiphy,
5016 nla_data(info->attrs[NL80211_ATTR_TESTDATA]),
5017 nla_len(info->attrs[NL80211_ATTR_TESTDATA]));
5018 rdev->testmode_info = NULL;
5019 }
5020
5021 return err;
5022 }
5023
5024 static int nl80211_testmode_dump(struct sk_buff *skb,
5025 struct netlink_callback *cb)
5026 {
5027 struct cfg80211_registered_device *rdev;
5028 int err;
5029 long phy_idx;
5030 void *data = NULL;
5031 int data_len = 0;
5032
5033 if (cb->args[0]) {
5034 /*
5035 * 0 is a valid index, but not valid for args[0],
5036 * so we need to offset by 1.
5037 */
5038 phy_idx = cb->args[0] - 1;
5039 } else {
5040 err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize,
5041 nl80211_fam.attrbuf, nl80211_fam.maxattr,
5042 nl80211_policy);
5043 if (err)
5044 return err;
5045 if (nl80211_fam.attrbuf[NL80211_ATTR_WIPHY]) {
5046 phy_idx = nla_get_u32(
5047 nl80211_fam.attrbuf[NL80211_ATTR_WIPHY]);
5048 } else {
5049 struct net_device *netdev;
5050
5051 err = get_rdev_dev_by_ifindex(sock_net(skb->sk),
5052 nl80211_fam.attrbuf,
5053 &rdev, &netdev);
5054 if (err)
5055 return err;
5056 dev_put(netdev);
5057 phy_idx = rdev->wiphy_idx;
5058 cfg80211_unlock_rdev(rdev);
5059 }
5060 if (nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA])
5061 cb->args[1] =
5062 (long)nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA];
5063 }
5064
5065 if (cb->args[1]) {
5066 data = nla_data((void *)cb->args[1]);
5067 data_len = nla_len((void *)cb->args[1]);
5068 }
5069
5070 mutex_lock(&cfg80211_mutex);
5071 rdev = cfg80211_rdev_by_wiphy_idx(phy_idx);
5072 if (!rdev) {
5073 mutex_unlock(&cfg80211_mutex);
5074 return -ENOENT;
5075 }
5076 cfg80211_lock_rdev(rdev);
5077 mutex_unlock(&cfg80211_mutex);
5078
5079 if (!rdev->ops->testmode_dump) {
5080 err = -EOPNOTSUPP;
5081 goto out_err;
5082 }
5083
5084 while (1) {
5085 void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).pid,
5086 cb->nlh->nlmsg_seq, NLM_F_MULTI,
5087 NL80211_CMD_TESTMODE);
5088 struct nlattr *tmdata;
5089
5090 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, phy_idx)) {
5091 genlmsg_cancel(skb, hdr);
5092 break;
5093 }
5094
5095 tmdata = nla_nest_start(skb, NL80211_ATTR_TESTDATA);
5096 if (!tmdata) {
5097 genlmsg_cancel(skb, hdr);
5098 break;
5099 }
5100 err = rdev->ops->testmode_dump(&rdev->wiphy, skb, cb,
5101 data, data_len);
5102 nla_nest_end(skb, tmdata);
5103
5104 if (err == -ENOBUFS || err == -ENOENT) {
5105 genlmsg_cancel(skb, hdr);
5106 break;
5107 } else if (err) {
5108 genlmsg_cancel(skb, hdr);
5109 goto out_err;
5110 }
5111
5112 genlmsg_end(skb, hdr);
5113 }
5114
5115 err = skb->len;
5116 /* see above */
5117 cb->args[0] = phy_idx + 1;
5118 out_err:
5119 cfg80211_unlock_rdev(rdev);
5120 return err;
5121 }
5122
5123 static struct sk_buff *
5124 __cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev,
5125 int approxlen, u32 pid, u32 seq, gfp_t gfp)
5126 {
5127 struct sk_buff *skb;
5128 void *hdr;
5129 struct nlattr *data;
5130
5131 skb = nlmsg_new(approxlen + 100, gfp);
5132 if (!skb)
5133 return NULL;
5134
5135 hdr = nl80211hdr_put(skb, pid, seq, 0, NL80211_CMD_TESTMODE);
5136 if (!hdr) {
5137 kfree_skb(skb);
5138 return NULL;
5139 }
5140
5141 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx))
5142 goto nla_put_failure;
5143 data = nla_nest_start(skb, NL80211_ATTR_TESTDATA);
5144
5145 ((void **)skb->cb)[0] = rdev;
5146 ((void **)skb->cb)[1] = hdr;
5147 ((void **)skb->cb)[2] = data;
5148
5149 return skb;
5150
5151 nla_put_failure:
5152 kfree_skb(skb);
5153 return NULL;
5154 }
5155
5156 struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy,
5157 int approxlen)
5158 {
5159 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
5160
5161 if (WARN_ON(!rdev->testmode_info))
5162 return NULL;
5163
5164 return __cfg80211_testmode_alloc_skb(rdev, approxlen,
5165 rdev->testmode_info->snd_pid,
5166 rdev->testmode_info->snd_seq,
5167 GFP_KERNEL);
5168 }
5169 EXPORT_SYMBOL(cfg80211_testmode_alloc_reply_skb);
5170
5171 int cfg80211_testmode_reply(struct sk_buff *skb)
5172 {
5173 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
5174 void *hdr = ((void **)skb->cb)[1];
5175 struct nlattr *data = ((void **)skb->cb)[2];
5176
5177 if (WARN_ON(!rdev->testmode_info)) {
5178 kfree_skb(skb);
5179 return -EINVAL;
5180 }
5181
5182 nla_nest_end(skb, data);
5183 genlmsg_end(skb, hdr);
5184 return genlmsg_reply(skb, rdev->testmode_info);
5185 }
5186 EXPORT_SYMBOL(cfg80211_testmode_reply);
5187
5188 struct sk_buff *cfg80211_testmode_alloc_event_skb(struct wiphy *wiphy,
5189 int approxlen, gfp_t gfp)
5190 {
5191 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
5192
5193 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 0, 0, gfp);
5194 }
5195 EXPORT_SYMBOL(cfg80211_testmode_alloc_event_skb);
5196
5197 void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp)
5198 {
5199 void *hdr = ((void **)skb->cb)[1];
5200 struct nlattr *data = ((void **)skb->cb)[2];
5201
5202 nla_nest_end(skb, data);
5203 genlmsg_end(skb, hdr);
5204 genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp);
5205 }
5206 EXPORT_SYMBOL(cfg80211_testmode_event);
5207 #endif
5208
5209 static int nl80211_connect(struct sk_buff *skb, struct genl_info *info)
5210 {
5211 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5212 struct net_device *dev = info->user_ptr[1];
5213 struct cfg80211_connect_params connect;
5214 struct wiphy *wiphy;
5215 struct cfg80211_cached_keys *connkeys = NULL;
5216 int err;
5217
5218 memset(&connect, 0, sizeof(connect));
5219
5220 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
5221 return -EINVAL;
5222
5223 if (!info->attrs[NL80211_ATTR_SSID] ||
5224 !nla_len(info->attrs[NL80211_ATTR_SSID]))
5225 return -EINVAL;
5226
5227 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
5228 connect.auth_type =
5229 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
5230 if (!nl80211_valid_auth_type(connect.auth_type))
5231 return -EINVAL;
5232 } else
5233 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
5234
5235 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY];
5236
5237 err = nl80211_crypto_settings(rdev, info, &connect.crypto,
5238 NL80211_MAX_NR_CIPHER_SUITES);
5239 if (err)
5240 return err;
5241
5242 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
5243 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
5244 return -EOPNOTSUPP;
5245
5246 wiphy = &rdev->wiphy;
5247
5248 connect.bg_scan_period = -1;
5249 if (info->attrs[NL80211_ATTR_BG_SCAN_PERIOD] &&
5250 (wiphy->flags & WIPHY_FLAG_SUPPORTS_FW_ROAM)) {
5251 connect.bg_scan_period =
5252 nla_get_u16(info->attrs[NL80211_ATTR_BG_SCAN_PERIOD]);
5253 }
5254
5255 if (info->attrs[NL80211_ATTR_MAC])
5256 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
5257 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
5258 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
5259
5260 if (info->attrs[NL80211_ATTR_IE]) {
5261 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
5262 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
5263 }
5264
5265 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
5266 connect.channel =
5267 ieee80211_get_channel(wiphy,
5268 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
5269 if (!connect.channel ||
5270 connect.channel->flags & IEEE80211_CHAN_DISABLED)
5271 return -EINVAL;
5272 }
5273
5274 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) {
5275 connkeys = nl80211_parse_connkeys(rdev,
5276 info->attrs[NL80211_ATTR_KEYS]);
5277 if (IS_ERR(connkeys))
5278 return PTR_ERR(connkeys);
5279 }
5280
5281 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT]))
5282 connect.flags |= ASSOC_REQ_DISABLE_HT;
5283
5284 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
5285 memcpy(&connect.ht_capa_mask,
5286 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
5287 sizeof(connect.ht_capa_mask));
5288
5289 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
5290 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
5291 return -EINVAL;
5292 memcpy(&connect.ht_capa,
5293 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
5294 sizeof(connect.ht_capa));
5295 }
5296
5297 err = cfg80211_connect(rdev, dev, &connect, connkeys);
5298 if (err)
5299 kfree(connkeys);
5300 return err;
5301 }
5302
5303 static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info)
5304 {
5305 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5306 struct net_device *dev = info->user_ptr[1];
5307 u16 reason;
5308
5309 if (!info->attrs[NL80211_ATTR_REASON_CODE])
5310 reason = WLAN_REASON_DEAUTH_LEAVING;
5311 else
5312 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
5313
5314 if (reason == 0)
5315 return -EINVAL;
5316
5317 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
5318 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
5319 return -EOPNOTSUPP;
5320
5321 return cfg80211_disconnect(rdev, dev, reason, true);
5322 }
5323
5324 static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info)
5325 {
5326 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5327 struct net *net;
5328 int err;
5329 u32 pid;
5330
5331 if (!info->attrs[NL80211_ATTR_PID])
5332 return -EINVAL;
5333
5334 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]);
5335
5336 net = get_net_ns_by_pid(pid);
5337 if (IS_ERR(net))
5338 return PTR_ERR(net);
5339
5340 err = 0;
5341
5342 /* check if anything to do */
5343 if (!net_eq(wiphy_net(&rdev->wiphy), net))
5344 err = cfg80211_switch_netns(rdev, net);
5345
5346 put_net(net);
5347 return err;
5348 }
5349
5350 static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info)
5351 {
5352 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5353 int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev,
5354 struct cfg80211_pmksa *pmksa) = NULL;
5355 struct net_device *dev = info->user_ptr[1];
5356 struct cfg80211_pmksa pmksa;
5357
5358 memset(&pmksa, 0, sizeof(struct cfg80211_pmksa));
5359
5360 if (!info->attrs[NL80211_ATTR_MAC])
5361 return -EINVAL;
5362
5363 if (!info->attrs[NL80211_ATTR_PMKID])
5364 return -EINVAL;
5365
5366 pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]);
5367 pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
5368
5369 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
5370 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
5371 return -EOPNOTSUPP;
5372
5373 switch (info->genlhdr->cmd) {
5374 case NL80211_CMD_SET_PMKSA:
5375 rdev_ops = rdev->ops->set_pmksa;
5376 break;
5377 case NL80211_CMD_DEL_PMKSA:
5378 rdev_ops = rdev->ops->del_pmksa;
5379 break;
5380 default:
5381 WARN_ON(1);
5382 break;
5383 }
5384
5385 if (!rdev_ops)
5386 return -EOPNOTSUPP;
5387
5388 return rdev_ops(&rdev->wiphy, dev, &pmksa);
5389 }
5390
5391 static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info)
5392 {
5393 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5394 struct net_device *dev = info->user_ptr[1];
5395
5396 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
5397 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
5398 return -EOPNOTSUPP;
5399
5400 if (!rdev->ops->flush_pmksa)
5401 return -EOPNOTSUPP;
5402
5403 return rdev->ops->flush_pmksa(&rdev->wiphy, dev);
5404 }
5405
5406 static int nl80211_tdls_mgmt(struct sk_buff *skb, struct genl_info *info)
5407 {
5408 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5409 struct net_device *dev = info->user_ptr[1];
5410 u8 action_code, dialog_token;
5411 u16 status_code;
5412 u8 *peer;
5413
5414 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) ||
5415 !rdev->ops->tdls_mgmt)
5416 return -EOPNOTSUPP;
5417
5418 if (!info->attrs[NL80211_ATTR_TDLS_ACTION] ||
5419 !info->attrs[NL80211_ATTR_STATUS_CODE] ||
5420 !info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN] ||
5421 !info->attrs[NL80211_ATTR_IE] ||
5422 !info->attrs[NL80211_ATTR_MAC])
5423 return -EINVAL;
5424
5425 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
5426 action_code = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_ACTION]);
5427 status_code = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]);
5428 dialog_token = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN]);
5429
5430 return rdev->ops->tdls_mgmt(&rdev->wiphy, dev, peer, action_code,
5431 dialog_token, status_code,
5432 nla_data(info->attrs[NL80211_ATTR_IE]),
5433 nla_len(info->attrs[NL80211_ATTR_IE]));
5434 }
5435
5436 static int nl80211_tdls_oper(struct sk_buff *skb, struct genl_info *info)
5437 {
5438 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5439 struct net_device *dev = info->user_ptr[1];
5440 enum nl80211_tdls_operation operation;
5441 u8 *peer;
5442
5443 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) ||
5444 !rdev->ops->tdls_oper)
5445 return -EOPNOTSUPP;
5446
5447 if (!info->attrs[NL80211_ATTR_TDLS_OPERATION] ||
5448 !info->attrs[NL80211_ATTR_MAC])
5449 return -EINVAL;
5450
5451 operation = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_OPERATION]);
5452 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
5453
5454 return rdev->ops->tdls_oper(&rdev->wiphy, dev, peer, operation);
5455 }
5456
5457 static int nl80211_remain_on_channel(struct sk_buff *skb,
5458 struct genl_info *info)
5459 {
5460 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5461 struct net_device *dev = info->user_ptr[1];
5462 struct ieee80211_channel *chan;
5463 struct sk_buff *msg;
5464 void *hdr;
5465 u64 cookie;
5466 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;
5467 u32 freq, duration;
5468 int err;
5469
5470 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
5471 !info->attrs[NL80211_ATTR_DURATION])
5472 return -EINVAL;
5473
5474 duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
5475
5476 /*
5477 * We should be on that channel for at least one jiffie,
5478 * and more than 5 seconds seems excessive.
5479 */
5480 if (!duration || !msecs_to_jiffies(duration) ||
5481 duration > rdev->wiphy.max_remain_on_channel_duration)
5482 return -EINVAL;
5483
5484 if (!rdev->ops->remain_on_channel ||
5485 !(rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL))
5486 return -EOPNOTSUPP;
5487
5488 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
5489 channel_type = nla_get_u32(
5490 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
5491 if (channel_type != NL80211_CHAN_NO_HT &&
5492 channel_type != NL80211_CHAN_HT20 &&
5493 channel_type != NL80211_CHAN_HT40PLUS &&
5494 channel_type != NL80211_CHAN_HT40MINUS)
5495 return -EINVAL;
5496 }
5497
5498 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]);
5499 chan = rdev_freq_to_chan(rdev, freq, channel_type);
5500 if (chan == NULL)
5501 return -EINVAL;
5502
5503 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
5504 if (!msg)
5505 return -ENOMEM;
5506
5507 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
5508 NL80211_CMD_REMAIN_ON_CHANNEL);
5509
5510 if (IS_ERR(hdr)) {
5511 err = PTR_ERR(hdr);
5512 goto free_msg;
5513 }
5514
5515 err = rdev->ops->remain_on_channel(&rdev->wiphy, dev, chan,
5516 channel_type, duration, &cookie);
5517
5518 if (err)
5519 goto free_msg;
5520
5521 if (nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie))
5522 goto nla_put_failure;
5523
5524 genlmsg_end(msg, hdr);
5525
5526 return genlmsg_reply(msg, info);
5527
5528 nla_put_failure:
5529 err = -ENOBUFS;
5530 free_msg:
5531 nlmsg_free(msg);
5532 return err;
5533 }
5534
5535 static int nl80211_cancel_remain_on_channel(struct sk_buff *skb,
5536 struct genl_info *info)
5537 {
5538 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5539 struct net_device *dev = info->user_ptr[1];
5540 u64 cookie;
5541
5542 if (!info->attrs[NL80211_ATTR_COOKIE])
5543 return -EINVAL;
5544
5545 if (!rdev->ops->cancel_remain_on_channel)
5546 return -EOPNOTSUPP;
5547
5548 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
5549
5550 return rdev->ops->cancel_remain_on_channel(&rdev->wiphy, dev, cookie);
5551 }
5552
5553 static u32 rateset_to_mask(struct ieee80211_supported_band *sband,
5554 u8 *rates, u8 rates_len)
5555 {
5556 u8 i;
5557 u32 mask = 0;
5558
5559 for (i = 0; i < rates_len; i++) {
5560 int rate = (rates[i] & 0x7f) * 5;
5561 int ridx;
5562 for (ridx = 0; ridx < sband->n_bitrates; ridx++) {
5563 struct ieee80211_rate *srate =
5564 &sband->bitrates[ridx];
5565 if (rate == srate->bitrate) {
5566 mask |= 1 << ridx;
5567 break;
5568 }
5569 }
5570 if (ridx == sband->n_bitrates)
5571 return 0; /* rate not found */
5572 }
5573
5574 return mask;
5575 }
5576
5577 static bool ht_rateset_to_mask(struct ieee80211_supported_band *sband,
5578 u8 *rates, u8 rates_len,
5579 u8 mcs[IEEE80211_HT_MCS_MASK_LEN])
5580 {
5581 u8 i;
5582
5583 memset(mcs, 0, IEEE80211_HT_MCS_MASK_LEN);
5584
5585 for (i = 0; i < rates_len; i++) {
5586 int ridx, rbit;
5587
5588 ridx = rates[i] / 8;
5589 rbit = BIT(rates[i] % 8);
5590
5591 /* check validity */
5592 if ((ridx < 0) || (ridx >= IEEE80211_HT_MCS_MASK_LEN))
5593 return false;
5594
5595 /* check availability */
5596 if (sband->ht_cap.mcs.rx_mask[ridx] & rbit)
5597 mcs[ridx] |= rbit;
5598 else
5599 return false;
5600 }
5601
5602 return true;
5603 }
5604
5605 static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = {
5606 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY,
5607 .len = NL80211_MAX_SUPP_RATES },
5608 [NL80211_TXRATE_MCS] = { .type = NLA_BINARY,
5609 .len = NL80211_MAX_SUPP_HT_RATES },
5610 };
5611
5612 static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb,
5613 struct genl_info *info)
5614 {
5615 struct nlattr *tb[NL80211_TXRATE_MAX + 1];
5616 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5617 struct cfg80211_bitrate_mask mask;
5618 int rem, i;
5619 struct net_device *dev = info->user_ptr[1];
5620 struct nlattr *tx_rates;
5621 struct ieee80211_supported_band *sband;
5622
5623 if (info->attrs[NL80211_ATTR_TX_RATES] == NULL)
5624 return -EINVAL;
5625
5626 if (!rdev->ops->set_bitrate_mask)
5627 return -EOPNOTSUPP;
5628
5629 memset(&mask, 0, sizeof(mask));
5630 /* Default to all rates enabled */
5631 for (i = 0; i < IEEE80211_NUM_BANDS; i++) {
5632 sband = rdev->wiphy.bands[i];
5633 mask.control[i].legacy =
5634 sband ? (1 << sband->n_bitrates) - 1 : 0;
5635 if (sband)
5636 memcpy(mask.control[i].mcs,
5637 sband->ht_cap.mcs.rx_mask,
5638 sizeof(mask.control[i].mcs));
5639 else
5640 memset(mask.control[i].mcs, 0,
5641 sizeof(mask.control[i].mcs));
5642 }
5643
5644 /*
5645 * The nested attribute uses enum nl80211_band as the index. This maps
5646 * directly to the enum ieee80211_band values used in cfg80211.
5647 */
5648 BUILD_BUG_ON(NL80211_MAX_SUPP_HT_RATES > IEEE80211_HT_MCS_MASK_LEN * 8);
5649 nla_for_each_nested(tx_rates, info->attrs[NL80211_ATTR_TX_RATES], rem)
5650 {
5651 enum ieee80211_band band = nla_type(tx_rates);
5652 if (band < 0 || band >= IEEE80211_NUM_BANDS)
5653 return -EINVAL;
5654 sband = rdev->wiphy.bands[band];
5655 if (sband == NULL)
5656 return -EINVAL;
5657 nla_parse(tb, NL80211_TXRATE_MAX, nla_data(tx_rates),
5658 nla_len(tx_rates), nl80211_txattr_policy);
5659 if (tb[NL80211_TXRATE_LEGACY]) {
5660 mask.control[band].legacy = rateset_to_mask(
5661 sband,
5662 nla_data(tb[NL80211_TXRATE_LEGACY]),
5663 nla_len(tb[NL80211_TXRATE_LEGACY]));
5664 if ((mask.control[band].legacy == 0) &&
5665 nla_len(tb[NL80211_TXRATE_LEGACY]))
5666 return -EINVAL;
5667 }
5668 if (tb[NL80211_TXRATE_MCS]) {
5669 if (!ht_rateset_to_mask(
5670 sband,
5671 nla_data(tb[NL80211_TXRATE_MCS]),
5672 nla_len(tb[NL80211_TXRATE_MCS]),
5673 mask.control[band].mcs))
5674 return -EINVAL;
5675 }
5676
5677 if (mask.control[band].legacy == 0) {
5678 /* don't allow empty legacy rates if HT
5679 * is not even supported. */
5680 if (!rdev->wiphy.bands[band]->ht_cap.ht_supported)
5681 return -EINVAL;
5682
5683 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++)
5684 if (mask.control[band].mcs[i])
5685 break;
5686
5687 /* legacy and mcs rates may not be both empty */
5688 if (i == IEEE80211_HT_MCS_MASK_LEN)
5689 return -EINVAL;
5690 }
5691 }
5692
5693 return rdev->ops->set_bitrate_mask(&rdev->wiphy, dev, NULL, &mask);
5694 }
5695
5696 static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info)
5697 {
5698 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5699 struct net_device *dev = info->user_ptr[1];
5700 u16 frame_type = IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_ACTION;
5701
5702 if (!info->attrs[NL80211_ATTR_FRAME_MATCH])
5703 return -EINVAL;
5704
5705 if (info->attrs[NL80211_ATTR_FRAME_TYPE])
5706 frame_type = nla_get_u16(info->attrs[NL80211_ATTR_FRAME_TYPE]);
5707
5708 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
5709 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC &&
5710 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT &&
5711 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
5712 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
5713 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT &&
5714 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
5715 return -EOPNOTSUPP;
5716
5717 /* not much point in registering if we can't reply */
5718 if (!rdev->ops->mgmt_tx)
5719 return -EOPNOTSUPP;
5720
5721 return cfg80211_mlme_register_mgmt(dev->ieee80211_ptr, info->snd_pid,
5722 frame_type,
5723 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]),
5724 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH]));
5725 }
5726
5727 static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info)
5728 {
5729 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5730 struct net_device *dev = info->user_ptr[1];
5731 struct ieee80211_channel *chan;
5732 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;
5733 bool channel_type_valid = false;
5734 u32 freq;
5735 int err;
5736 void *hdr = NULL;
5737 u64 cookie;
5738 struct sk_buff *msg = NULL;
5739 unsigned int wait = 0;
5740 bool offchan, no_cck, dont_wait_for_ack;
5741
5742 dont_wait_for_ack = info->attrs[NL80211_ATTR_DONT_WAIT_FOR_ACK];
5743
5744 if (!info->attrs[NL80211_ATTR_FRAME] ||
5745 !info->attrs[NL80211_ATTR_WIPHY_FREQ])
5746 return -EINVAL;
5747
5748 if (!rdev->ops->mgmt_tx)
5749 return -EOPNOTSUPP;
5750
5751 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
5752 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC &&
5753 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT &&
5754 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
5755 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
5756 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT &&
5757 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
5758 return -EOPNOTSUPP;
5759
5760 if (info->attrs[NL80211_ATTR_DURATION]) {
5761 if (!(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX))
5762 return -EINVAL;
5763 wait = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
5764 }
5765
5766 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
5767 channel_type = nla_get_u32(
5768 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
5769 if (channel_type != NL80211_CHAN_NO_HT &&
5770 channel_type != NL80211_CHAN_HT20 &&
5771 channel_type != NL80211_CHAN_HT40PLUS &&
5772 channel_type != NL80211_CHAN_HT40MINUS)
5773 return -EINVAL;
5774 channel_type_valid = true;
5775 }
5776
5777 offchan = info->attrs[NL80211_ATTR_OFFCHANNEL_TX_OK];
5778
5779 if (offchan && !(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX))
5780 return -EINVAL;
5781
5782 no_cck = nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]);
5783
5784 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]);
5785 chan = rdev_freq_to_chan(rdev, freq, channel_type);
5786 if (chan == NULL)
5787 return -EINVAL;
5788
5789 if (!dont_wait_for_ack) {
5790 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
5791 if (!msg)
5792 return -ENOMEM;
5793
5794 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
5795 NL80211_CMD_FRAME);
5796
5797 if (IS_ERR(hdr)) {
5798 err = PTR_ERR(hdr);
5799 goto free_msg;
5800 }
5801 }
5802
5803 err = cfg80211_mlme_mgmt_tx(rdev, dev, chan, offchan, channel_type,
5804 channel_type_valid, wait,
5805 nla_data(info->attrs[NL80211_ATTR_FRAME]),
5806 nla_len(info->attrs[NL80211_ATTR_FRAME]),
5807 no_cck, dont_wait_for_ack, &cookie);
5808 if (err)
5809 goto free_msg;
5810
5811 if (msg) {
5812 if (nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie))
5813 goto nla_put_failure;
5814
5815 genlmsg_end(msg, hdr);
5816 return genlmsg_reply(msg, info);
5817 }
5818
5819 return 0;
5820
5821 nla_put_failure:
5822 err = -ENOBUFS;
5823 free_msg:
5824 nlmsg_free(msg);
5825 return err;
5826 }
5827
5828 static int nl80211_tx_mgmt_cancel_wait(struct sk_buff *skb, struct genl_info *info)
5829 {
5830 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5831 struct net_device *dev = info->user_ptr[1];
5832 u64 cookie;
5833
5834 if (!info->attrs[NL80211_ATTR_COOKIE])
5835 return -EINVAL;
5836
5837 if (!rdev->ops->mgmt_tx_cancel_wait)
5838 return -EOPNOTSUPP;
5839
5840 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
5841 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC &&
5842 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT &&
5843 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
5844 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
5845 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
5846 return -EOPNOTSUPP;
5847
5848 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
5849
5850 return rdev->ops->mgmt_tx_cancel_wait(&rdev->wiphy, dev, cookie);
5851 }
5852
5853 static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info)
5854 {
5855 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5856 struct wireless_dev *wdev;
5857 struct net_device *dev = info->user_ptr[1];
5858 u8 ps_state;
5859 bool state;
5860 int err;
5861
5862 if (!info->attrs[NL80211_ATTR_PS_STATE])
5863 return -EINVAL;
5864
5865 ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]);
5866
5867 if (ps_state != NL80211_PS_DISABLED && ps_state != NL80211_PS_ENABLED)
5868 return -EINVAL;
5869
5870 wdev = dev->ieee80211_ptr;
5871
5872 if (!rdev->ops->set_power_mgmt)
5873 return -EOPNOTSUPP;
5874
5875 state = (ps_state == NL80211_PS_ENABLED) ? true : false;
5876
5877 if (state == wdev->ps)
5878 return 0;
5879
5880 err = rdev->ops->set_power_mgmt(wdev->wiphy, dev, state,
5881 wdev->ps_timeout);
5882 if (!err)
5883 wdev->ps = state;
5884 return err;
5885 }
5886
5887 static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info)
5888 {
5889 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5890 enum nl80211_ps_state ps_state;
5891 struct wireless_dev *wdev;
5892 struct net_device *dev = info->user_ptr[1];
5893 struct sk_buff *msg;
5894 void *hdr;
5895 int err;
5896
5897 wdev = dev->ieee80211_ptr;
5898
5899 if (!rdev->ops->set_power_mgmt)
5900 return -EOPNOTSUPP;
5901
5902 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
5903 if (!msg)
5904 return -ENOMEM;
5905
5906 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
5907 NL80211_CMD_GET_POWER_SAVE);
5908 if (!hdr) {
5909 err = -ENOBUFS;
5910 goto free_msg;
5911 }
5912
5913 if (wdev->ps)
5914 ps_state = NL80211_PS_ENABLED;
5915 else
5916 ps_state = NL80211_PS_DISABLED;
5917
5918 if (nla_put_u32(msg, NL80211_ATTR_PS_STATE, ps_state))
5919 goto nla_put_failure;
5920
5921 genlmsg_end(msg, hdr);
5922 return genlmsg_reply(msg, info);
5923
5924 nla_put_failure:
5925 err = -ENOBUFS;
5926 free_msg:
5927 nlmsg_free(msg);
5928 return err;
5929 }
5930
5931 static struct nla_policy
5932 nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] __read_mostly = {
5933 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 },
5934 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 },
5935 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
5936 };
5937
5938 static int nl80211_set_cqm_rssi(struct genl_info *info,
5939 s32 threshold, u32 hysteresis)
5940 {
5941 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5942 struct wireless_dev *wdev;
5943 struct net_device *dev = info->user_ptr[1];
5944
5945 if (threshold > 0)
5946 return -EINVAL;
5947
5948 wdev = dev->ieee80211_ptr;
5949
5950 if (!rdev->ops->set_cqm_rssi_config)
5951 return -EOPNOTSUPP;
5952
5953 if (wdev->iftype != NL80211_IFTYPE_STATION &&
5954 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
5955 return -EOPNOTSUPP;
5956
5957 return rdev->ops->set_cqm_rssi_config(wdev->wiphy, dev,
5958 threshold, hysteresis);
5959 }
5960
5961 static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info)
5962 {
5963 struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1];
5964 struct nlattr *cqm;
5965 int err;
5966
5967 cqm = info->attrs[NL80211_ATTR_CQM];
5968 if (!cqm) {
5969 err = -EINVAL;
5970 goto out;
5971 }
5972
5973 err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm,
5974 nl80211_attr_cqm_policy);
5975 if (err)
5976 goto out;
5977
5978 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] &&
5979 attrs[NL80211_ATTR_CQM_RSSI_HYST]) {
5980 s32 threshold;
5981 u32 hysteresis;
5982 threshold = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_THOLD]);
5983 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]);
5984 err = nl80211_set_cqm_rssi(info, threshold, hysteresis);
5985 } else
5986 err = -EINVAL;
5987
5988 out:
5989 return err;
5990 }
5991
5992 static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info)
5993 {
5994 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5995 struct net_device *dev = info->user_ptr[1];
5996 struct mesh_config cfg;
5997 struct mesh_setup setup;
5998 int err;
5999
6000 /* start with default */
6001 memcpy(&cfg, &default_mesh_config, sizeof(cfg));
6002 memcpy(&setup, &default_mesh_setup, sizeof(setup));
6003
6004 if (info->attrs[NL80211_ATTR_MESH_CONFIG]) {
6005 /* and parse parameters if given */
6006 err = nl80211_parse_mesh_config(info, &cfg, NULL);
6007 if (err)
6008 return err;
6009 }
6010
6011 if (!info->attrs[NL80211_ATTR_MESH_ID] ||
6012 !nla_len(info->attrs[NL80211_ATTR_MESH_ID]))
6013 return -EINVAL;
6014
6015 setup.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]);
6016 setup.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
6017
6018 if (info->attrs[NL80211_ATTR_MCAST_RATE] &&
6019 !nl80211_parse_mcast_rate(rdev, setup.mcast_rate,
6020 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE])))
6021 return -EINVAL;
6022
6023 if (info->attrs[NL80211_ATTR_MESH_SETUP]) {
6024 /* parse additional setup parameters if given */
6025 err = nl80211_parse_mesh_setup(info, &setup);
6026 if (err)
6027 return err;
6028 }
6029
6030 return cfg80211_join_mesh(rdev, dev, &setup, &cfg);
6031 }
6032
6033 static int nl80211_leave_mesh(struct sk_buff *skb, struct genl_info *info)
6034 {
6035 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6036 struct net_device *dev = info->user_ptr[1];
6037
6038 return cfg80211_leave_mesh(rdev, dev);
6039 }
6040
6041 static int nl80211_get_wowlan(struct sk_buff *skb, struct genl_info *info)
6042 {
6043 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6044 struct sk_buff *msg;
6045 void *hdr;
6046
6047 if (!rdev->wiphy.wowlan.flags && !rdev->wiphy.wowlan.n_patterns)
6048 return -EOPNOTSUPP;
6049
6050 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
6051 if (!msg)
6052 return -ENOMEM;
6053
6054 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
6055 NL80211_CMD_GET_WOWLAN);
6056 if (!hdr)
6057 goto nla_put_failure;
6058
6059 if (rdev->wowlan) {
6060 struct nlattr *nl_wowlan;
6061
6062 nl_wowlan = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS);
6063 if (!nl_wowlan)
6064 goto nla_put_failure;
6065
6066 if ((rdev->wowlan->any &&
6067 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
6068 (rdev->wowlan->disconnect &&
6069 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
6070 (rdev->wowlan->magic_pkt &&
6071 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||
6072 (rdev->wowlan->gtk_rekey_failure &&
6073 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) ||
6074 (rdev->wowlan->eap_identity_req &&
6075 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) ||
6076 (rdev->wowlan->four_way_handshake &&
6077 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) ||
6078 (rdev->wowlan->rfkill_release &&
6079 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE)))
6080 goto nla_put_failure;
6081 if (rdev->wowlan->n_patterns) {
6082 struct nlattr *nl_pats, *nl_pat;
6083 int i, pat_len;
6084
6085 nl_pats = nla_nest_start(msg,
6086 NL80211_WOWLAN_TRIG_PKT_PATTERN);
6087 if (!nl_pats)
6088 goto nla_put_failure;
6089
6090 for (i = 0; i < rdev->wowlan->n_patterns; i++) {
6091 nl_pat = nla_nest_start(msg, i + 1);
6092 if (!nl_pat)
6093 goto nla_put_failure;
6094 pat_len = rdev->wowlan->patterns[i].pattern_len;
6095 if (nla_put(msg, NL80211_WOWLAN_PKTPAT_MASK,
6096 DIV_ROUND_UP(pat_len, 8),
6097 rdev->wowlan->patterns[i].mask) ||
6098 nla_put(msg, NL80211_WOWLAN_PKTPAT_PATTERN,
6099 pat_len,
6100 rdev->wowlan->patterns[i].pattern))
6101 goto nla_put_failure;
6102 nla_nest_end(msg, nl_pat);
6103 }
6104 nla_nest_end(msg, nl_pats);
6105 }
6106
6107 nla_nest_end(msg, nl_wowlan);
6108 }
6109
6110 genlmsg_end(msg, hdr);
6111 return genlmsg_reply(msg, info);
6112
6113 nla_put_failure:
6114 nlmsg_free(msg);
6115 return -ENOBUFS;
6116 }
6117
6118 static int nl80211_set_wowlan(struct sk_buff *skb, struct genl_info *info)
6119 {
6120 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6121 struct nlattr *tb[NUM_NL80211_WOWLAN_TRIG];
6122 struct cfg80211_wowlan no_triggers = {};
6123 struct cfg80211_wowlan new_triggers = {};
6124 struct wiphy_wowlan_support *wowlan = &rdev->wiphy.wowlan;
6125 int err, i;
6126 bool prev_enabled = rdev->wowlan;
6127
6128 if (!rdev->wiphy.wowlan.flags && !rdev->wiphy.wowlan.n_patterns)
6129 return -EOPNOTSUPP;
6130
6131 if (!info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS])
6132 goto no_triggers;
6133
6134 err = nla_parse(tb, MAX_NL80211_WOWLAN_TRIG,
6135 nla_data(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]),
6136 nla_len(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]),
6137 nl80211_wowlan_policy);
6138 if (err)
6139 return err;
6140
6141 if (tb[NL80211_WOWLAN_TRIG_ANY]) {
6142 if (!(wowlan->flags & WIPHY_WOWLAN_ANY))
6143 return -EINVAL;
6144 new_triggers.any = true;
6145 }
6146
6147 if (tb[NL80211_WOWLAN_TRIG_DISCONNECT]) {
6148 if (!(wowlan->flags & WIPHY_WOWLAN_DISCONNECT))
6149 return -EINVAL;
6150 new_triggers.disconnect = true;
6151 }
6152
6153 if (tb[NL80211_WOWLAN_TRIG_MAGIC_PKT]) {
6154 if (!(wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT))
6155 return -EINVAL;
6156 new_triggers.magic_pkt = true;
6157 }
6158
6159 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED])
6160 return -EINVAL;
6161
6162 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE]) {
6163 if (!(wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE))
6164 return -EINVAL;
6165 new_triggers.gtk_rekey_failure = true;
6166 }
6167
6168 if (tb[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST]) {
6169 if (!(wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ))
6170 return -EINVAL;
6171 new_triggers.eap_identity_req = true;
6172 }
6173
6174 if (tb[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE]) {
6175 if (!(wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE))
6176 return -EINVAL;
6177 new_triggers.four_way_handshake = true;
6178 }
6179
6180 if (tb[NL80211_WOWLAN_TRIG_RFKILL_RELEASE]) {
6181 if (!(wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE))
6182 return -EINVAL;
6183 new_triggers.rfkill_release = true;
6184 }
6185
6186 if (tb[NL80211_WOWLAN_TRIG_PKT_PATTERN]) {
6187 struct nlattr *pat;
6188 int n_patterns = 0;
6189 int rem, pat_len, mask_len;
6190 struct nlattr *pat_tb[NUM_NL80211_WOWLAN_PKTPAT];
6191
6192 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
6193 rem)
6194 n_patterns++;
6195 if (n_patterns > wowlan->n_patterns)
6196 return -EINVAL;
6197
6198 new_triggers.patterns = kcalloc(n_patterns,
6199 sizeof(new_triggers.patterns[0]),
6200 GFP_KERNEL);
6201 if (!new_triggers.patterns)
6202 return -ENOMEM;
6203
6204 new_triggers.n_patterns = n_patterns;
6205 i = 0;
6206
6207 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
6208 rem) {
6209 nla_parse(pat_tb, MAX_NL80211_WOWLAN_PKTPAT,
6210 nla_data(pat), nla_len(pat), NULL);
6211 err = -EINVAL;
6212 if (!pat_tb[NL80211_WOWLAN_PKTPAT_MASK] ||
6213 !pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN])
6214 goto error;
6215 pat_len = nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]);
6216 mask_len = DIV_ROUND_UP(pat_len, 8);
6217 if (nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]) !=
6218 mask_len)
6219 goto error;
6220 if (pat_len > wowlan->pattern_max_len ||
6221 pat_len < wowlan->pattern_min_len)
6222 goto error;
6223
6224 new_triggers.patterns[i].mask =
6225 kmalloc(mask_len + pat_len, GFP_KERNEL);
6226 if (!new_triggers.patterns[i].mask) {
6227 err = -ENOMEM;
6228 goto error;
6229 }
6230 new_triggers.patterns[i].pattern =
6231 new_triggers.patterns[i].mask + mask_len;
6232 memcpy(new_triggers.patterns[i].mask,
6233 nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]),
6234 mask_len);
6235 new_triggers.patterns[i].pattern_len = pat_len;
6236 memcpy(new_triggers.patterns[i].pattern,
6237 nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]),
6238 pat_len);
6239 i++;
6240 }
6241 }
6242
6243 if (memcmp(&new_triggers, &no_triggers, sizeof(new_triggers))) {
6244 struct cfg80211_wowlan *ntrig;
6245 ntrig = kmemdup(&new_triggers, sizeof(new_triggers),
6246 GFP_KERNEL);
6247 if (!ntrig) {
6248 err = -ENOMEM;
6249 goto error;
6250 }
6251 cfg80211_rdev_free_wowlan(rdev);
6252 rdev->wowlan = ntrig;
6253 } else {
6254 no_triggers:
6255 cfg80211_rdev_free_wowlan(rdev);
6256 rdev->wowlan = NULL;
6257 }
6258
6259 if (rdev->ops->set_wakeup && prev_enabled != !!rdev->wowlan)
6260 rdev->ops->set_wakeup(&rdev->wiphy, rdev->wowlan);
6261
6262 return 0;
6263 error:
6264 for (i = 0; i < new_triggers.n_patterns; i++)
6265 kfree(new_triggers.patterns[i].mask);
6266 kfree(new_triggers.patterns);
6267 return err;
6268 }
6269
6270 static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info)
6271 {
6272 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6273 struct net_device *dev = info->user_ptr[1];
6274 struct wireless_dev *wdev = dev->ieee80211_ptr;
6275 struct nlattr *tb[NUM_NL80211_REKEY_DATA];
6276 struct cfg80211_gtk_rekey_data rekey_data;
6277 int err;
6278
6279 if (!info->attrs[NL80211_ATTR_REKEY_DATA])
6280 return -EINVAL;
6281
6282 err = nla_parse(tb, MAX_NL80211_REKEY_DATA,
6283 nla_data(info->attrs[NL80211_ATTR_REKEY_DATA]),
6284 nla_len(info->attrs[NL80211_ATTR_REKEY_DATA]),
6285 nl80211_rekey_policy);
6286 if (err)
6287 return err;
6288
6289 if (nla_len(tb[NL80211_REKEY_DATA_REPLAY_CTR]) != NL80211_REPLAY_CTR_LEN)
6290 return -ERANGE;
6291 if (nla_len(tb[NL80211_REKEY_DATA_KEK]) != NL80211_KEK_LEN)
6292 return -ERANGE;
6293 if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN)
6294 return -ERANGE;
6295
6296 memcpy(rekey_data.kek, nla_data(tb[NL80211_REKEY_DATA_KEK]),
6297 NL80211_KEK_LEN);
6298 memcpy(rekey_data.kck, nla_data(tb[NL80211_REKEY_DATA_KCK]),
6299 NL80211_KCK_LEN);
6300 memcpy(rekey_data.replay_ctr,
6301 nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]),
6302 NL80211_REPLAY_CTR_LEN);
6303
6304 wdev_lock(wdev);
6305 if (!wdev->current_bss) {
6306 err = -ENOTCONN;
6307 goto out;
6308 }
6309
6310 if (!rdev->ops->set_rekey_data) {
6311 err = -EOPNOTSUPP;
6312 goto out;
6313 }
6314
6315 err = rdev->ops->set_rekey_data(&rdev->wiphy, dev, &rekey_data);
6316 out:
6317 wdev_unlock(wdev);
6318 return err;
6319 }
6320
6321 static int nl80211_register_unexpected_frame(struct sk_buff *skb,
6322 struct genl_info *info)
6323 {
6324 struct net_device *dev = info->user_ptr[1];
6325 struct wireless_dev *wdev = dev->ieee80211_ptr;
6326
6327 if (wdev->iftype != NL80211_IFTYPE_AP &&
6328 wdev->iftype != NL80211_IFTYPE_P2P_GO)
6329 return -EINVAL;
6330
6331 if (wdev->ap_unexpected_nlpid)
6332 return -EBUSY;
6333
6334 wdev->ap_unexpected_nlpid = info->snd_pid;
6335 return 0;
6336 }
6337
6338 static int nl80211_probe_client(struct sk_buff *skb,
6339 struct genl_info *info)
6340 {
6341 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6342 struct net_device *dev = info->user_ptr[1];
6343 struct wireless_dev *wdev = dev->ieee80211_ptr;
6344 struct sk_buff *msg;
6345 void *hdr;
6346 const u8 *addr;
6347 u64 cookie;
6348 int err;
6349
6350 if (wdev->iftype != NL80211_IFTYPE_AP &&
6351 wdev->iftype != NL80211_IFTYPE_P2P_GO)
6352 return -EOPNOTSUPP;
6353
6354 if (!info->attrs[NL80211_ATTR_MAC])
6355 return -EINVAL;
6356
6357 if (!rdev->ops->probe_client)
6358 return -EOPNOTSUPP;
6359
6360 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
6361 if (!msg)
6362 return -ENOMEM;
6363
6364 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
6365 NL80211_CMD_PROBE_CLIENT);
6366
6367 if (IS_ERR(hdr)) {
6368 err = PTR_ERR(hdr);
6369 goto free_msg;
6370 }
6371
6372 addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
6373
6374 err = rdev->ops->probe_client(&rdev->wiphy, dev, addr, &cookie);
6375 if (err)
6376 goto free_msg;
6377
6378 if (nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie))
6379 goto nla_put_failure;
6380
6381 genlmsg_end(msg, hdr);
6382
6383 return genlmsg_reply(msg, info);
6384
6385 nla_put_failure:
6386 err = -ENOBUFS;
6387 free_msg:
6388 nlmsg_free(msg);
6389 return err;
6390 }
6391
6392 static int nl80211_register_beacons(struct sk_buff *skb, struct genl_info *info)
6393 {
6394 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6395
6396 if (!(rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS))
6397 return -EOPNOTSUPP;
6398
6399 if (rdev->ap_beacons_nlpid)
6400 return -EBUSY;
6401
6402 rdev->ap_beacons_nlpid = info->snd_pid;
6403
6404 return 0;
6405 }
6406
6407 #define NL80211_FLAG_NEED_WIPHY 0x01
6408 #define NL80211_FLAG_NEED_NETDEV 0x02
6409 #define NL80211_FLAG_NEED_RTNL 0x04
6410 #define NL80211_FLAG_CHECK_NETDEV_UP 0x08
6411 #define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\
6412 NL80211_FLAG_CHECK_NETDEV_UP)
6413
6414 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb,
6415 struct genl_info *info)
6416 {
6417 struct cfg80211_registered_device *rdev;
6418 struct net_device *dev;
6419 int err;
6420 bool rtnl = ops->internal_flags & NL80211_FLAG_NEED_RTNL;
6421
6422 if (rtnl)
6423 rtnl_lock();
6424
6425 if (ops->internal_flags & NL80211_FLAG_NEED_WIPHY) {
6426 rdev = cfg80211_get_dev_from_info(info);
6427 if (IS_ERR(rdev)) {
6428 if (rtnl)
6429 rtnl_unlock();
6430 return PTR_ERR(rdev);
6431 }
6432 info->user_ptr[0] = rdev;
6433 } else if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV) {
6434 err = get_rdev_dev_by_ifindex(genl_info_net(info), info->attrs,
6435 &rdev, &dev);
6436 if (err) {
6437 if (rtnl)
6438 rtnl_unlock();
6439 return err;
6440 }
6441 if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP &&
6442 !netif_running(dev)) {
6443 cfg80211_unlock_rdev(rdev);
6444 dev_put(dev);
6445 if (rtnl)
6446 rtnl_unlock();
6447 return -ENETDOWN;
6448 }
6449 info->user_ptr[0] = rdev;
6450 info->user_ptr[1] = dev;
6451 }
6452
6453 return 0;
6454 }
6455
6456 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb,
6457 struct genl_info *info)
6458 {
6459 if (info->user_ptr[0])
6460 cfg80211_unlock_rdev(info->user_ptr[0]);
6461 if (info->user_ptr[1])
6462 dev_put(info->user_ptr[1]);
6463 if (ops->internal_flags & NL80211_FLAG_NEED_RTNL)
6464 rtnl_unlock();
6465 }
6466
6467 static struct genl_ops nl80211_ops[] = {
6468 {
6469 .cmd = NL80211_CMD_GET_WIPHY,
6470 .doit = nl80211_get_wiphy,
6471 .dumpit = nl80211_dump_wiphy,
6472 .policy = nl80211_policy,
6473 /* can be retrieved by unprivileged users */
6474 .internal_flags = NL80211_FLAG_NEED_WIPHY,
6475 },
6476 {
6477 .cmd = NL80211_CMD_SET_WIPHY,
6478 .doit = nl80211_set_wiphy,
6479 .policy = nl80211_policy,
6480 .flags = GENL_ADMIN_PERM,
6481 .internal_flags = NL80211_FLAG_NEED_RTNL,
6482 },
6483 {
6484 .cmd = NL80211_CMD_GET_INTERFACE,
6485 .doit = nl80211_get_interface,
6486 .dumpit = nl80211_dump_interface,
6487 .policy = nl80211_policy,
6488 /* can be retrieved by unprivileged users */
6489 .internal_flags = NL80211_FLAG_NEED_NETDEV,
6490 },
6491 {
6492 .cmd = NL80211_CMD_SET_INTERFACE,
6493 .doit = nl80211_set_interface,
6494 .policy = nl80211_policy,
6495 .flags = GENL_ADMIN_PERM,
6496 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6497 NL80211_FLAG_NEED_RTNL,
6498 },
6499 {
6500 .cmd = NL80211_CMD_NEW_INTERFACE,
6501 .doit = nl80211_new_interface,
6502 .policy = nl80211_policy,
6503 .flags = GENL_ADMIN_PERM,
6504 .internal_flags = NL80211_FLAG_NEED_WIPHY |
6505 NL80211_FLAG_NEED_RTNL,
6506 },
6507 {
6508 .cmd = NL80211_CMD_DEL_INTERFACE,
6509 .doit = nl80211_del_interface,
6510 .policy = nl80211_policy,
6511 .flags = GENL_ADMIN_PERM,
6512 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6513 NL80211_FLAG_NEED_RTNL,
6514 },
6515 {
6516 .cmd = NL80211_CMD_GET_KEY,
6517 .doit = nl80211_get_key,
6518 .policy = nl80211_policy,
6519 .flags = GENL_ADMIN_PERM,
6520 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6521 NL80211_FLAG_NEED_RTNL,
6522 },
6523 {
6524 .cmd = NL80211_CMD_SET_KEY,
6525 .doit = nl80211_set_key,
6526 .policy = nl80211_policy,
6527 .flags = GENL_ADMIN_PERM,
6528 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6529 NL80211_FLAG_NEED_RTNL,
6530 },
6531 {
6532 .cmd = NL80211_CMD_NEW_KEY,
6533 .doit = nl80211_new_key,
6534 .policy = nl80211_policy,
6535 .flags = GENL_ADMIN_PERM,
6536 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6537 NL80211_FLAG_NEED_RTNL,
6538 },
6539 {
6540 .cmd = NL80211_CMD_DEL_KEY,
6541 .doit = nl80211_del_key,
6542 .policy = nl80211_policy,
6543 .flags = GENL_ADMIN_PERM,
6544 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6545 NL80211_FLAG_NEED_RTNL,
6546 },
6547 {
6548 .cmd = NL80211_CMD_SET_BEACON,
6549 .policy = nl80211_policy,
6550 .flags = GENL_ADMIN_PERM,
6551 .doit = nl80211_set_beacon,
6552 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6553 NL80211_FLAG_NEED_RTNL,
6554 },
6555 {
6556 .cmd = NL80211_CMD_START_AP,
6557 .policy = nl80211_policy,
6558 .flags = GENL_ADMIN_PERM,
6559 .doit = nl80211_start_ap,
6560 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6561 NL80211_FLAG_NEED_RTNL,
6562 },
6563 {
6564 .cmd = NL80211_CMD_STOP_AP,
6565 .policy = nl80211_policy,
6566 .flags = GENL_ADMIN_PERM,
6567 .doit = nl80211_stop_ap,
6568 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6569 NL80211_FLAG_NEED_RTNL,
6570 },
6571 {
6572 .cmd = NL80211_CMD_GET_STATION,
6573 .doit = nl80211_get_station,
6574 .dumpit = nl80211_dump_station,
6575 .policy = nl80211_policy,
6576 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6577 NL80211_FLAG_NEED_RTNL,
6578 },
6579 {
6580 .cmd = NL80211_CMD_SET_STATION,
6581 .doit = nl80211_set_station,
6582 .policy = nl80211_policy,
6583 .flags = GENL_ADMIN_PERM,
6584 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6585 NL80211_FLAG_NEED_RTNL,
6586 },
6587 {
6588 .cmd = NL80211_CMD_NEW_STATION,
6589 .doit = nl80211_new_station,
6590 .policy = nl80211_policy,
6591 .flags = GENL_ADMIN_PERM,
6592 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6593 NL80211_FLAG_NEED_RTNL,
6594 },
6595 {
6596 .cmd = NL80211_CMD_DEL_STATION,
6597 .doit = nl80211_del_station,
6598 .policy = nl80211_policy,
6599 .flags = GENL_ADMIN_PERM,
6600 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6601 NL80211_FLAG_NEED_RTNL,
6602 },
6603 {
6604 .cmd = NL80211_CMD_GET_MPATH,
6605 .doit = nl80211_get_mpath,
6606 .dumpit = nl80211_dump_mpath,
6607 .policy = nl80211_policy,
6608 .flags = GENL_ADMIN_PERM,
6609 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6610 NL80211_FLAG_NEED_RTNL,
6611 },
6612 {
6613 .cmd = NL80211_CMD_SET_MPATH,
6614 .doit = nl80211_set_mpath,
6615 .policy = nl80211_policy,
6616 .flags = GENL_ADMIN_PERM,
6617 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6618 NL80211_FLAG_NEED_RTNL,
6619 },
6620 {
6621 .cmd = NL80211_CMD_NEW_MPATH,
6622 .doit = nl80211_new_mpath,
6623 .policy = nl80211_policy,
6624 .flags = GENL_ADMIN_PERM,
6625 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6626 NL80211_FLAG_NEED_RTNL,
6627 },
6628 {
6629 .cmd = NL80211_CMD_DEL_MPATH,
6630 .doit = nl80211_del_mpath,
6631 .policy = nl80211_policy,
6632 .flags = GENL_ADMIN_PERM,
6633 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6634 NL80211_FLAG_NEED_RTNL,
6635 },
6636 {
6637 .cmd = NL80211_CMD_SET_BSS,
6638 .doit = nl80211_set_bss,
6639 .policy = nl80211_policy,
6640 .flags = GENL_ADMIN_PERM,
6641 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6642 NL80211_FLAG_NEED_RTNL,
6643 },
6644 {
6645 .cmd = NL80211_CMD_GET_REG,
6646 .doit = nl80211_get_reg,
6647 .policy = nl80211_policy,
6648 /* can be retrieved by unprivileged users */
6649 },
6650 {
6651 .cmd = NL80211_CMD_SET_REG,
6652 .doit = nl80211_set_reg,
6653 .policy = nl80211_policy,
6654 .flags = GENL_ADMIN_PERM,
6655 },
6656 {
6657 .cmd = NL80211_CMD_REQ_SET_REG,
6658 .doit = nl80211_req_set_reg,
6659 .policy = nl80211_policy,
6660 .flags = GENL_ADMIN_PERM,
6661 },
6662 {
6663 .cmd = NL80211_CMD_GET_MESH_CONFIG,
6664 .doit = nl80211_get_mesh_config,
6665 .policy = nl80211_policy,
6666 /* can be retrieved by unprivileged users */
6667 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6668 NL80211_FLAG_NEED_RTNL,
6669 },
6670 {
6671 .cmd = NL80211_CMD_SET_MESH_CONFIG,
6672 .doit = nl80211_update_mesh_config,
6673 .policy = nl80211_policy,
6674 .flags = GENL_ADMIN_PERM,
6675 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6676 NL80211_FLAG_NEED_RTNL,
6677 },
6678 {
6679 .cmd = NL80211_CMD_TRIGGER_SCAN,
6680 .doit = nl80211_trigger_scan,
6681 .policy = nl80211_policy,
6682 .flags = GENL_ADMIN_PERM,
6683 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6684 NL80211_FLAG_NEED_RTNL,
6685 },
6686 {
6687 .cmd = NL80211_CMD_GET_SCAN,
6688 .policy = nl80211_policy,
6689 .dumpit = nl80211_dump_scan,
6690 },
6691 {
6692 .cmd = NL80211_CMD_START_SCHED_SCAN,
6693 .doit = nl80211_start_sched_scan,
6694 .policy = nl80211_policy,
6695 .flags = GENL_ADMIN_PERM,
6696 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6697 NL80211_FLAG_NEED_RTNL,
6698 },
6699 {
6700 .cmd = NL80211_CMD_STOP_SCHED_SCAN,
6701 .doit = nl80211_stop_sched_scan,
6702 .policy = nl80211_policy,
6703 .flags = GENL_ADMIN_PERM,
6704 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6705 NL80211_FLAG_NEED_RTNL,
6706 },
6707 {
6708 .cmd = NL80211_CMD_AUTHENTICATE,
6709 .doit = nl80211_authenticate,
6710 .policy = nl80211_policy,
6711 .flags = GENL_ADMIN_PERM,
6712 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6713 NL80211_FLAG_NEED_RTNL,
6714 },
6715 {
6716 .cmd = NL80211_CMD_ASSOCIATE,
6717 .doit = nl80211_associate,
6718 .policy = nl80211_policy,
6719 .flags = GENL_ADMIN_PERM,
6720 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6721 NL80211_FLAG_NEED_RTNL,
6722 },
6723 {
6724 .cmd = NL80211_CMD_DEAUTHENTICATE,
6725 .doit = nl80211_deauthenticate,
6726 .policy = nl80211_policy,
6727 .flags = GENL_ADMIN_PERM,
6728 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6729 NL80211_FLAG_NEED_RTNL,
6730 },
6731 {
6732 .cmd = NL80211_CMD_DISASSOCIATE,
6733 .doit = nl80211_disassociate,
6734 .policy = nl80211_policy,
6735 .flags = GENL_ADMIN_PERM,
6736 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6737 NL80211_FLAG_NEED_RTNL,
6738 },
6739 {
6740 .cmd = NL80211_CMD_JOIN_IBSS,
6741 .doit = nl80211_join_ibss,
6742 .policy = nl80211_policy,
6743 .flags = GENL_ADMIN_PERM,
6744 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6745 NL80211_FLAG_NEED_RTNL,
6746 },
6747 {
6748 .cmd = NL80211_CMD_LEAVE_IBSS,
6749 .doit = nl80211_leave_ibss,
6750 .policy = nl80211_policy,
6751 .flags = GENL_ADMIN_PERM,
6752 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6753 NL80211_FLAG_NEED_RTNL,
6754 },
6755 #ifdef CONFIG_NL80211_TESTMODE
6756 {
6757 .cmd = NL80211_CMD_TESTMODE,
6758 .doit = nl80211_testmode_do,
6759 .dumpit = nl80211_testmode_dump,
6760 .policy = nl80211_policy,
6761 .flags = GENL_ADMIN_PERM,
6762 .internal_flags = NL80211_FLAG_NEED_WIPHY |
6763 NL80211_FLAG_NEED_RTNL,
6764 },
6765 #endif
6766 {
6767 .cmd = NL80211_CMD_CONNECT,
6768 .doit = nl80211_connect,
6769 .policy = nl80211_policy,
6770 .flags = GENL_ADMIN_PERM,
6771 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6772 NL80211_FLAG_NEED_RTNL,
6773 },
6774 {
6775 .cmd = NL80211_CMD_DISCONNECT,
6776 .doit = nl80211_disconnect,
6777 .policy = nl80211_policy,
6778 .flags = GENL_ADMIN_PERM,
6779 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6780 NL80211_FLAG_NEED_RTNL,
6781 },
6782 {
6783 .cmd = NL80211_CMD_SET_WIPHY_NETNS,
6784 .doit = nl80211_wiphy_netns,
6785 .policy = nl80211_policy,
6786 .flags = GENL_ADMIN_PERM,
6787 .internal_flags = NL80211_FLAG_NEED_WIPHY |
6788 NL80211_FLAG_NEED_RTNL,
6789 },
6790 {
6791 .cmd = NL80211_CMD_GET_SURVEY,
6792 .policy = nl80211_policy,
6793 .dumpit = nl80211_dump_survey,
6794 },
6795 {
6796 .cmd = NL80211_CMD_SET_PMKSA,
6797 .doit = nl80211_setdel_pmksa,
6798 .policy = nl80211_policy,
6799 .flags = GENL_ADMIN_PERM,
6800 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6801 NL80211_FLAG_NEED_RTNL,
6802 },
6803 {
6804 .cmd = NL80211_CMD_DEL_PMKSA,
6805 .doit = nl80211_setdel_pmksa,
6806 .policy = nl80211_policy,
6807 .flags = GENL_ADMIN_PERM,
6808 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6809 NL80211_FLAG_NEED_RTNL,
6810 },
6811 {
6812 .cmd = NL80211_CMD_FLUSH_PMKSA,
6813 .doit = nl80211_flush_pmksa,
6814 .policy = nl80211_policy,
6815 .flags = GENL_ADMIN_PERM,
6816 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6817 NL80211_FLAG_NEED_RTNL,
6818 },
6819 {
6820 .cmd = NL80211_CMD_REMAIN_ON_CHANNEL,
6821 .doit = nl80211_remain_on_channel,
6822 .policy = nl80211_policy,
6823 .flags = GENL_ADMIN_PERM,
6824 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6825 NL80211_FLAG_NEED_RTNL,
6826 },
6827 {
6828 .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL,
6829 .doit = nl80211_cancel_remain_on_channel,
6830 .policy = nl80211_policy,
6831 .flags = GENL_ADMIN_PERM,
6832 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6833 NL80211_FLAG_NEED_RTNL,
6834 },
6835 {
6836 .cmd = NL80211_CMD_SET_TX_BITRATE_MASK,
6837 .doit = nl80211_set_tx_bitrate_mask,
6838 .policy = nl80211_policy,
6839 .flags = GENL_ADMIN_PERM,
6840 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6841 NL80211_FLAG_NEED_RTNL,
6842 },
6843 {
6844 .cmd = NL80211_CMD_REGISTER_FRAME,
6845 .doit = nl80211_register_mgmt,
6846 .policy = nl80211_policy,
6847 .flags = GENL_ADMIN_PERM,
6848 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6849 NL80211_FLAG_NEED_RTNL,
6850 },
6851 {
6852 .cmd = NL80211_CMD_FRAME,
6853 .doit = nl80211_tx_mgmt,
6854 .policy = nl80211_policy,
6855 .flags = GENL_ADMIN_PERM,
6856 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6857 NL80211_FLAG_NEED_RTNL,
6858 },
6859 {
6860 .cmd = NL80211_CMD_FRAME_WAIT_CANCEL,
6861 .doit = nl80211_tx_mgmt_cancel_wait,
6862 .policy = nl80211_policy,
6863 .flags = GENL_ADMIN_PERM,
6864 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6865 NL80211_FLAG_NEED_RTNL,
6866 },
6867 {
6868 .cmd = NL80211_CMD_SET_POWER_SAVE,
6869 .doit = nl80211_set_power_save,
6870 .policy = nl80211_policy,
6871 .flags = GENL_ADMIN_PERM,
6872 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6873 NL80211_FLAG_NEED_RTNL,
6874 },
6875 {
6876 .cmd = NL80211_CMD_GET_POWER_SAVE,
6877 .doit = nl80211_get_power_save,
6878 .policy = nl80211_policy,
6879 /* can be retrieved by unprivileged users */
6880 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6881 NL80211_FLAG_NEED_RTNL,
6882 },
6883 {
6884 .cmd = NL80211_CMD_SET_CQM,
6885 .doit = nl80211_set_cqm,
6886 .policy = nl80211_policy,
6887 .flags = GENL_ADMIN_PERM,
6888 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6889 NL80211_FLAG_NEED_RTNL,
6890 },
6891 {
6892 .cmd = NL80211_CMD_SET_CHANNEL,
6893 .doit = nl80211_set_channel,
6894 .policy = nl80211_policy,
6895 .flags = GENL_ADMIN_PERM,
6896 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6897 NL80211_FLAG_NEED_RTNL,
6898 },
6899 {
6900 .cmd = NL80211_CMD_SET_WDS_PEER,
6901 .doit = nl80211_set_wds_peer,
6902 .policy = nl80211_policy,
6903 .flags = GENL_ADMIN_PERM,
6904 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6905 NL80211_FLAG_NEED_RTNL,
6906 },
6907 {
6908 .cmd = NL80211_CMD_JOIN_MESH,
6909 .doit = nl80211_join_mesh,
6910 .policy = nl80211_policy,
6911 .flags = GENL_ADMIN_PERM,
6912 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6913 NL80211_FLAG_NEED_RTNL,
6914 },
6915 {
6916 .cmd = NL80211_CMD_LEAVE_MESH,
6917 .doit = nl80211_leave_mesh,
6918 .policy = nl80211_policy,
6919 .flags = GENL_ADMIN_PERM,
6920 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6921 NL80211_FLAG_NEED_RTNL,
6922 },
6923 {
6924 .cmd = NL80211_CMD_GET_WOWLAN,
6925 .doit = nl80211_get_wowlan,
6926 .policy = nl80211_policy,
6927 /* can be retrieved by unprivileged users */
6928 .internal_flags = NL80211_FLAG_NEED_WIPHY |
6929 NL80211_FLAG_NEED_RTNL,
6930 },
6931 {
6932 .cmd = NL80211_CMD_SET_WOWLAN,
6933 .doit = nl80211_set_wowlan,
6934 .policy = nl80211_policy,
6935 .flags = GENL_ADMIN_PERM,
6936 .internal_flags = NL80211_FLAG_NEED_WIPHY |
6937 NL80211_FLAG_NEED_RTNL,
6938 },
6939 {
6940 .cmd = NL80211_CMD_SET_REKEY_OFFLOAD,
6941 .doit = nl80211_set_rekey_data,
6942 .policy = nl80211_policy,
6943 .flags = GENL_ADMIN_PERM,
6944 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6945 NL80211_FLAG_NEED_RTNL,
6946 },
6947 {
6948 .cmd = NL80211_CMD_TDLS_MGMT,
6949 .doit = nl80211_tdls_mgmt,
6950 .policy = nl80211_policy,
6951 .flags = GENL_ADMIN_PERM,
6952 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6953 NL80211_FLAG_NEED_RTNL,
6954 },
6955 {
6956 .cmd = NL80211_CMD_TDLS_OPER,
6957 .doit = nl80211_tdls_oper,
6958 .policy = nl80211_policy,
6959 .flags = GENL_ADMIN_PERM,
6960 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6961 NL80211_FLAG_NEED_RTNL,
6962 },
6963 {
6964 .cmd = NL80211_CMD_UNEXPECTED_FRAME,
6965 .doit = nl80211_register_unexpected_frame,
6966 .policy = nl80211_policy,
6967 .flags = GENL_ADMIN_PERM,
6968 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6969 NL80211_FLAG_NEED_RTNL,
6970 },
6971 {
6972 .cmd = NL80211_CMD_PROBE_CLIENT,
6973 .doit = nl80211_probe_client,
6974 .policy = nl80211_policy,
6975 .flags = GENL_ADMIN_PERM,
6976 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6977 NL80211_FLAG_NEED_RTNL,
6978 },
6979 {
6980 .cmd = NL80211_CMD_REGISTER_BEACONS,
6981 .doit = nl80211_register_beacons,
6982 .policy = nl80211_policy,
6983 .flags = GENL_ADMIN_PERM,
6984 .internal_flags = NL80211_FLAG_NEED_WIPHY |
6985 NL80211_FLAG_NEED_RTNL,
6986 },
6987 {
6988 .cmd = NL80211_CMD_SET_NOACK_MAP,
6989 .doit = nl80211_set_noack_map,
6990 .policy = nl80211_policy,
6991 .flags = GENL_ADMIN_PERM,
6992 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6993 NL80211_FLAG_NEED_RTNL,
6994 },
6995
6996 };
6997
6998 static struct genl_multicast_group nl80211_mlme_mcgrp = {
6999 .name = "mlme",
7000 };
7001
7002 /* multicast groups */
7003 static struct genl_multicast_group nl80211_config_mcgrp = {
7004 .name = "config",
7005 };
7006 static struct genl_multicast_group nl80211_scan_mcgrp = {
7007 .name = "scan",
7008 };
7009 static struct genl_multicast_group nl80211_regulatory_mcgrp = {
7010 .name = "regulatory",
7011 };
7012
7013 /* notification functions */
7014
7015 void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev)
7016 {
7017 struct sk_buff *msg;
7018
7019 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7020 if (!msg)
7021 return;
7022
7023 if (nl80211_send_wiphy(msg, 0, 0, 0, rdev) < 0) {
7024 nlmsg_free(msg);
7025 return;
7026 }
7027
7028 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7029 nl80211_config_mcgrp.id, GFP_KERNEL);
7030 }
7031
7032 static int nl80211_add_scan_req(struct sk_buff *msg,
7033 struct cfg80211_registered_device *rdev)
7034 {
7035 struct cfg80211_scan_request *req = rdev->scan_req;
7036 struct nlattr *nest;
7037 int i;
7038
7039 ASSERT_RDEV_LOCK(rdev);
7040
7041 if (WARN_ON(!req))
7042 return 0;
7043
7044 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS);
7045 if (!nest)
7046 goto nla_put_failure;
7047 for (i = 0; i < req->n_ssids; i++) {
7048 if (nla_put(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid))
7049 goto nla_put_failure;
7050 }
7051 nla_nest_end(msg, nest);
7052
7053 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES);
7054 if (!nest)
7055 goto nla_put_failure;
7056 for (i = 0; i < req->n_channels; i++) {
7057 if (nla_put_u32(msg, i, req->channels[i]->center_freq))
7058 goto nla_put_failure;
7059 }
7060 nla_nest_end(msg, nest);
7061
7062 if (req->ie &&
7063 nla_put(msg, NL80211_ATTR_IE, req->ie_len, req->ie))
7064 goto nla_put_failure;
7065
7066 return 0;
7067 nla_put_failure:
7068 return -ENOBUFS;
7069 }
7070
7071 static int nl80211_send_scan_msg(struct sk_buff *msg,
7072 struct cfg80211_registered_device *rdev,
7073 struct net_device *netdev,
7074 u32 pid, u32 seq, int flags,
7075 u32 cmd)
7076 {
7077 void *hdr;
7078
7079 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd);
7080 if (!hdr)
7081 return -1;
7082
7083 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
7084 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex))
7085 goto nla_put_failure;
7086
7087 /* ignore errors and send incomplete event anyway */
7088 nl80211_add_scan_req(msg, rdev);
7089
7090 return genlmsg_end(msg, hdr);
7091
7092 nla_put_failure:
7093 genlmsg_cancel(msg, hdr);
7094 return -EMSGSIZE;
7095 }
7096
7097 static int
7098 nl80211_send_sched_scan_msg(struct sk_buff *msg,
7099 struct cfg80211_registered_device *rdev,
7100 struct net_device *netdev,
7101 u32 pid, u32 seq, int flags, u32 cmd)
7102 {
7103 void *hdr;
7104
7105 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd);
7106 if (!hdr)
7107 return -1;
7108
7109 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
7110 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex))
7111 goto nla_put_failure;
7112
7113 return genlmsg_end(msg, hdr);
7114
7115 nla_put_failure:
7116 genlmsg_cancel(msg, hdr);
7117 return -EMSGSIZE;
7118 }
7119
7120 void nl80211_send_scan_start(struct cfg80211_registered_device *rdev,
7121 struct net_device *netdev)
7122 {
7123 struct sk_buff *msg;
7124
7125 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
7126 if (!msg)
7127 return;
7128
7129 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0,
7130 NL80211_CMD_TRIGGER_SCAN) < 0) {
7131 nlmsg_free(msg);
7132 return;
7133 }
7134
7135 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7136 nl80211_scan_mcgrp.id, GFP_KERNEL);
7137 }
7138
7139 void nl80211_send_scan_done(struct cfg80211_registered_device *rdev,
7140 struct net_device *netdev)
7141 {
7142 struct sk_buff *msg;
7143
7144 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7145 if (!msg)
7146 return;
7147
7148 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0,
7149 NL80211_CMD_NEW_SCAN_RESULTS) < 0) {
7150 nlmsg_free(msg);
7151 return;
7152 }
7153
7154 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7155 nl80211_scan_mcgrp.id, GFP_KERNEL);
7156 }
7157
7158 void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev,
7159 struct net_device *netdev)
7160 {
7161 struct sk_buff *msg;
7162
7163 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7164 if (!msg)
7165 return;
7166
7167 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0,
7168 NL80211_CMD_SCAN_ABORTED) < 0) {
7169 nlmsg_free(msg);
7170 return;
7171 }
7172
7173 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7174 nl80211_scan_mcgrp.id, GFP_KERNEL);
7175 }
7176
7177 void nl80211_send_sched_scan_results(struct cfg80211_registered_device *rdev,
7178 struct net_device *netdev)
7179 {
7180 struct sk_buff *msg;
7181
7182 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7183 if (!msg)
7184 return;
7185
7186 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0,
7187 NL80211_CMD_SCHED_SCAN_RESULTS) < 0) {
7188 nlmsg_free(msg);
7189 return;
7190 }
7191
7192 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7193 nl80211_scan_mcgrp.id, GFP_KERNEL);
7194 }
7195
7196 void nl80211_send_sched_scan(struct cfg80211_registered_device *rdev,
7197 struct net_device *netdev, u32 cmd)
7198 {
7199 struct sk_buff *msg;
7200
7201 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
7202 if (!msg)
7203 return;
7204
7205 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0, cmd) < 0) {
7206 nlmsg_free(msg);
7207 return;
7208 }
7209
7210 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7211 nl80211_scan_mcgrp.id, GFP_KERNEL);
7212 }
7213
7214 /*
7215 * This can happen on global regulatory changes or device specific settings
7216 * based on custom world regulatory domains.
7217 */
7218 void nl80211_send_reg_change_event(struct regulatory_request *request)
7219 {
7220 struct sk_buff *msg;
7221 void *hdr;
7222
7223 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7224 if (!msg)
7225 return;
7226
7227 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_CHANGE);
7228 if (!hdr) {
7229 nlmsg_free(msg);
7230 return;
7231 }
7232
7233 /* Userspace can always count this one always being set */
7234 if (nla_put_u8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator))
7235 goto nla_put_failure;
7236
7237 if (request->alpha2[0] == '0' && request->alpha2[1] == '0') {
7238 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
7239 NL80211_REGDOM_TYPE_WORLD))
7240 goto nla_put_failure;
7241 } else if (request->alpha2[0] == '9' && request->alpha2[1] == '9') {
7242 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
7243 NL80211_REGDOM_TYPE_CUSTOM_WORLD))
7244 goto nla_put_failure;
7245 } else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') ||
7246 request->intersect) {
7247 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
7248 NL80211_REGDOM_TYPE_INTERSECTION))
7249 goto nla_put_failure;
7250 } else {
7251 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
7252 NL80211_REGDOM_TYPE_COUNTRY) ||
7253 nla_put_string(msg, NL80211_ATTR_REG_ALPHA2,
7254 request->alpha2))
7255 goto nla_put_failure;
7256 }
7257
7258 if (wiphy_idx_valid(request->wiphy_idx) &&
7259 nla_put_u32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx))
7260 goto nla_put_failure;
7261
7262 genlmsg_end(msg, hdr);
7263
7264 rcu_read_lock();
7265 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id,
7266 GFP_ATOMIC);
7267 rcu_read_unlock();
7268
7269 return;
7270
7271 nla_put_failure:
7272 genlmsg_cancel(msg, hdr);
7273 nlmsg_free(msg);
7274 }
7275
7276 static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev,
7277 struct net_device *netdev,
7278 const u8 *buf, size_t len,
7279 enum nl80211_commands cmd, gfp_t gfp)
7280 {
7281 struct sk_buff *msg;
7282 void *hdr;
7283
7284 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
7285 if (!msg)
7286 return;
7287
7288 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
7289 if (!hdr) {
7290 nlmsg_free(msg);
7291 return;
7292 }
7293
7294 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
7295 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
7296 nla_put(msg, NL80211_ATTR_FRAME, len, buf))
7297 goto nla_put_failure;
7298
7299 genlmsg_end(msg, hdr);
7300
7301 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7302 nl80211_mlme_mcgrp.id, gfp);
7303 return;
7304
7305 nla_put_failure:
7306 genlmsg_cancel(msg, hdr);
7307 nlmsg_free(msg);
7308 }
7309
7310 void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev,
7311 struct net_device *netdev, const u8 *buf,
7312 size_t len, gfp_t gfp)
7313 {
7314 nl80211_send_mlme_event(rdev, netdev, buf, len,
7315 NL80211_CMD_AUTHENTICATE, gfp);
7316 }
7317
7318 void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev,
7319 struct net_device *netdev, const u8 *buf,
7320 size_t len, gfp_t gfp)
7321 {
7322 nl80211_send_mlme_event(rdev, netdev, buf, len,
7323 NL80211_CMD_ASSOCIATE, gfp);
7324 }
7325
7326 void nl80211_send_deauth(struct cfg80211_registered_device *rdev,
7327 struct net_device *netdev, const u8 *buf,
7328 size_t len, gfp_t gfp)
7329 {
7330 nl80211_send_mlme_event(rdev, netdev, buf, len,
7331 NL80211_CMD_DEAUTHENTICATE, gfp);
7332 }
7333
7334 void nl80211_send_disassoc(struct cfg80211_registered_device *rdev,
7335 struct net_device *netdev, const u8 *buf,
7336 size_t len, gfp_t gfp)
7337 {
7338 nl80211_send_mlme_event(rdev, netdev, buf, len,
7339 NL80211_CMD_DISASSOCIATE, gfp);
7340 }
7341
7342 void nl80211_send_unprot_deauth(struct cfg80211_registered_device *rdev,
7343 struct net_device *netdev, const u8 *buf,
7344 size_t len, gfp_t gfp)
7345 {
7346 nl80211_send_mlme_event(rdev, netdev, buf, len,
7347 NL80211_CMD_UNPROT_DEAUTHENTICATE, gfp);
7348 }
7349
7350 void nl80211_send_unprot_disassoc(struct cfg80211_registered_device *rdev,
7351 struct net_device *netdev, const u8 *buf,
7352 size_t len, gfp_t gfp)
7353 {
7354 nl80211_send_mlme_event(rdev, netdev, buf, len,
7355 NL80211_CMD_UNPROT_DISASSOCIATE, gfp);
7356 }
7357
7358 static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev,
7359 struct net_device *netdev, int cmd,
7360 const u8 *addr, gfp_t gfp)
7361 {
7362 struct sk_buff *msg;
7363 void *hdr;
7364
7365 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
7366 if (!msg)
7367 return;
7368
7369 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
7370 if (!hdr) {
7371 nlmsg_free(msg);
7372 return;
7373 }
7374
7375 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
7376 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
7377 nla_put_flag(msg, NL80211_ATTR_TIMED_OUT) ||
7378 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
7379 goto nla_put_failure;
7380
7381 genlmsg_end(msg, hdr);
7382
7383 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7384 nl80211_mlme_mcgrp.id, gfp);
7385 return;
7386
7387 nla_put_failure:
7388 genlmsg_cancel(msg, hdr);
7389 nlmsg_free(msg);
7390 }
7391
7392 void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev,
7393 struct net_device *netdev, const u8 *addr,
7394 gfp_t gfp)
7395 {
7396 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE,
7397 addr, gfp);
7398 }
7399
7400 void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev,
7401 struct net_device *netdev, const u8 *addr,
7402 gfp_t gfp)
7403 {
7404 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE,
7405 addr, gfp);
7406 }
7407
7408 void nl80211_send_connect_result(struct cfg80211_registered_device *rdev,
7409 struct net_device *netdev, const u8 *bssid,
7410 const u8 *req_ie, size_t req_ie_len,
7411 const u8 *resp_ie, size_t resp_ie_len,
7412 u16 status, gfp_t gfp)
7413 {
7414 struct sk_buff *msg;
7415 void *hdr;
7416
7417 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
7418 if (!msg)
7419 return;
7420
7421 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT);
7422 if (!hdr) {
7423 nlmsg_free(msg);
7424 return;
7425 }
7426
7427 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
7428 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
7429 (bssid && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid)) ||
7430 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, status) ||
7431 (req_ie &&
7432 nla_put(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie)) ||
7433 (resp_ie &&
7434 nla_put(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie)))
7435 goto nla_put_failure;
7436
7437 genlmsg_end(msg, hdr);
7438
7439 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7440 nl80211_mlme_mcgrp.id, gfp);
7441 return;
7442
7443 nla_put_failure:
7444 genlmsg_cancel(msg, hdr);
7445 nlmsg_free(msg);
7446
7447 }
7448
7449 void nl80211_send_roamed(struct cfg80211_registered_device *rdev,
7450 struct net_device *netdev, const u8 *bssid,
7451 const u8 *req_ie, size_t req_ie_len,
7452 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp)
7453 {
7454 struct sk_buff *msg;
7455 void *hdr;
7456
7457 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
7458 if (!msg)
7459 return;
7460
7461 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM);
7462 if (!hdr) {
7463 nlmsg_free(msg);
7464 return;
7465 }
7466
7467 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
7468 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
7469 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid) ||
7470 (req_ie &&
7471 nla_put(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie)) ||
7472 (resp_ie &&
7473 nla_put(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie)))
7474 goto nla_put_failure;
7475
7476 genlmsg_end(msg, hdr);
7477
7478 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7479 nl80211_mlme_mcgrp.id, gfp);
7480 return;
7481
7482 nla_put_failure:
7483 genlmsg_cancel(msg, hdr);
7484 nlmsg_free(msg);
7485
7486 }
7487
7488 void nl80211_send_disconnected(struct cfg80211_registered_device *rdev,
7489 struct net_device *netdev, u16 reason,
7490 const u8 *ie, size_t ie_len, bool from_ap)
7491 {
7492 struct sk_buff *msg;
7493 void *hdr;
7494
7495 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
7496 if (!msg)
7497 return;
7498
7499 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT);
7500 if (!hdr) {
7501 nlmsg_free(msg);
7502 return;
7503 }
7504
7505 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
7506 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
7507 (from_ap && reason &&
7508 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason)) ||
7509 (from_ap &&
7510 nla_put_flag(msg, NL80211_ATTR_DISCONNECTED_BY_AP)) ||
7511 (ie && nla_put(msg, NL80211_ATTR_IE, ie_len, ie)))
7512 goto nla_put_failure;
7513
7514 genlmsg_end(msg, hdr);
7515
7516 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7517 nl80211_mlme_mcgrp.id, GFP_KERNEL);
7518 return;
7519
7520 nla_put_failure:
7521 genlmsg_cancel(msg, hdr);
7522 nlmsg_free(msg);
7523
7524 }
7525
7526 void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev,
7527 struct net_device *netdev, const u8 *bssid,
7528 gfp_t gfp)
7529 {
7530 struct sk_buff *msg;
7531 void *hdr;
7532
7533 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
7534 if (!msg)
7535 return;
7536
7537 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS);
7538 if (!hdr) {
7539 nlmsg_free(msg);
7540 return;
7541 }
7542
7543 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
7544 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
7545 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))
7546 goto nla_put_failure;
7547
7548 genlmsg_end(msg, hdr);
7549
7550 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7551 nl80211_mlme_mcgrp.id, gfp);
7552 return;
7553
7554 nla_put_failure:
7555 genlmsg_cancel(msg, hdr);
7556 nlmsg_free(msg);
7557 }
7558
7559 void nl80211_send_new_peer_candidate(struct cfg80211_registered_device *rdev,
7560 struct net_device *netdev,
7561 const u8 *macaddr, const u8* ie, u8 ie_len,
7562 gfp_t gfp)
7563 {
7564 struct sk_buff *msg;
7565 void *hdr;
7566
7567 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
7568 if (!msg)
7569 return;
7570
7571 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NEW_PEER_CANDIDATE);
7572 if (!hdr) {
7573 nlmsg_free(msg);
7574 return;
7575 }
7576
7577 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
7578 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
7579 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, macaddr) ||
7580 (ie_len && ie &&
7581 nla_put(msg, NL80211_ATTR_IE, ie_len , ie)))
7582 goto nla_put_failure;
7583
7584 genlmsg_end(msg, hdr);
7585
7586 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7587 nl80211_mlme_mcgrp.id, gfp);
7588 return;
7589
7590 nla_put_failure:
7591 genlmsg_cancel(msg, hdr);
7592 nlmsg_free(msg);
7593 }
7594
7595 void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev,
7596 struct net_device *netdev, const u8 *addr,
7597 enum nl80211_key_type key_type, int key_id,
7598 const u8 *tsc, gfp_t gfp)
7599 {
7600 struct sk_buff *msg;
7601 void *hdr;
7602
7603 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
7604 if (!msg)
7605 return;
7606
7607 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE);
7608 if (!hdr) {
7609 nlmsg_free(msg);
7610 return;
7611 }
7612
7613 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
7614 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
7615 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) ||
7616 nla_put_u32(msg, NL80211_ATTR_KEY_TYPE, key_type) ||
7617 (key_id != -1 &&
7618 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_id)) ||
7619 (tsc && nla_put(msg, NL80211_ATTR_KEY_SEQ, 6, tsc)))
7620 goto nla_put_failure;
7621
7622 genlmsg_end(msg, hdr);
7623
7624 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7625 nl80211_mlme_mcgrp.id, gfp);
7626 return;
7627
7628 nla_put_failure:
7629 genlmsg_cancel(msg, hdr);
7630 nlmsg_free(msg);
7631 }
7632
7633 void nl80211_send_beacon_hint_event(struct wiphy *wiphy,
7634 struct ieee80211_channel *channel_before,
7635 struct ieee80211_channel *channel_after)
7636 {
7637 struct sk_buff *msg;
7638 void *hdr;
7639 struct nlattr *nl_freq;
7640
7641 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
7642 if (!msg)
7643 return;
7644
7645 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT);
7646 if (!hdr) {
7647 nlmsg_free(msg);
7648 return;
7649 }
7650
7651 /*
7652 * Since we are applying the beacon hint to a wiphy we know its
7653 * wiphy_idx is valid
7654 */
7655 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)))
7656 goto nla_put_failure;
7657
7658 /* Before */
7659 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE);
7660 if (!nl_freq)
7661 goto nla_put_failure;
7662 if (nl80211_msg_put_channel(msg, channel_before))
7663 goto nla_put_failure;
7664 nla_nest_end(msg, nl_freq);
7665
7666 /* After */
7667 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER);
7668 if (!nl_freq)
7669 goto nla_put_failure;
7670 if (nl80211_msg_put_channel(msg, channel_after))
7671 goto nla_put_failure;
7672 nla_nest_end(msg, nl_freq);
7673
7674 genlmsg_end(msg, hdr);
7675
7676 rcu_read_lock();
7677 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id,
7678 GFP_ATOMIC);
7679 rcu_read_unlock();
7680
7681 return;
7682
7683 nla_put_failure:
7684 genlmsg_cancel(msg, hdr);
7685 nlmsg_free(msg);
7686 }
7687
7688 static void nl80211_send_remain_on_chan_event(
7689 int cmd, struct cfg80211_registered_device *rdev,
7690 struct net_device *netdev, u64 cookie,
7691 struct ieee80211_channel *chan,
7692 enum nl80211_channel_type channel_type,
7693 unsigned int duration, gfp_t gfp)
7694 {
7695 struct sk_buff *msg;
7696 void *hdr;
7697
7698 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
7699 if (!msg)
7700 return;
7701
7702 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
7703 if (!hdr) {
7704 nlmsg_free(msg);
7705 return;
7706 }
7707
7708 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
7709 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
7710 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq) ||
7711 nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, channel_type) ||
7712 nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie))
7713 goto nla_put_failure;
7714
7715 if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL &&
7716 nla_put_u32(msg, NL80211_ATTR_DURATION, duration))
7717 goto nla_put_failure;
7718
7719 genlmsg_end(msg, hdr);
7720
7721 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7722 nl80211_mlme_mcgrp.id, gfp);
7723 return;
7724
7725 nla_put_failure:
7726 genlmsg_cancel(msg, hdr);
7727 nlmsg_free(msg);
7728 }
7729
7730 void nl80211_send_remain_on_channel(struct cfg80211_registered_device *rdev,
7731 struct net_device *netdev, u64 cookie,
7732 struct ieee80211_channel *chan,
7733 enum nl80211_channel_type channel_type,
7734 unsigned int duration, gfp_t gfp)
7735 {
7736 nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL,
7737 rdev, netdev, cookie, chan,
7738 channel_type, duration, gfp);
7739 }
7740
7741 void nl80211_send_remain_on_channel_cancel(
7742 struct cfg80211_registered_device *rdev, struct net_device *netdev,
7743 u64 cookie, struct ieee80211_channel *chan,
7744 enum nl80211_channel_type channel_type, gfp_t gfp)
7745 {
7746 nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL,
7747 rdev, netdev, cookie, chan,
7748 channel_type, 0, gfp);
7749 }
7750
7751 void nl80211_send_sta_event(struct cfg80211_registered_device *rdev,
7752 struct net_device *dev, const u8 *mac_addr,
7753 struct station_info *sinfo, gfp_t gfp)
7754 {
7755 struct sk_buff *msg;
7756
7757 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
7758 if (!msg)
7759 return;
7760
7761 if (nl80211_send_station(msg, 0, 0, 0,
7762 rdev, dev, mac_addr, sinfo) < 0) {
7763 nlmsg_free(msg);
7764 return;
7765 }
7766
7767 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7768 nl80211_mlme_mcgrp.id, gfp);
7769 }
7770
7771 void nl80211_send_sta_del_event(struct cfg80211_registered_device *rdev,
7772 struct net_device *dev, const u8 *mac_addr,
7773 gfp_t gfp)
7774 {
7775 struct sk_buff *msg;
7776 void *hdr;
7777
7778 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
7779 if (!msg)
7780 return;
7781
7782 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DEL_STATION);
7783 if (!hdr) {
7784 nlmsg_free(msg);
7785 return;
7786 }
7787
7788 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
7789 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr))
7790 goto nla_put_failure;
7791
7792 genlmsg_end(msg, hdr);
7793
7794 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7795 nl80211_mlme_mcgrp.id, gfp);
7796 return;
7797
7798 nla_put_failure:
7799 genlmsg_cancel(msg, hdr);
7800 nlmsg_free(msg);
7801 }
7802
7803 static bool __nl80211_unexpected_frame(struct net_device *dev, u8 cmd,
7804 const u8 *addr, gfp_t gfp)
7805 {
7806 struct wireless_dev *wdev = dev->ieee80211_ptr;
7807 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
7808 struct sk_buff *msg;
7809 void *hdr;
7810 int err;
7811 u32 nlpid = ACCESS_ONCE(wdev->ap_unexpected_nlpid);
7812
7813 if (!nlpid)
7814 return false;
7815
7816 msg = nlmsg_new(100, gfp);
7817 if (!msg)
7818 return true;
7819
7820 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
7821 if (!hdr) {
7822 nlmsg_free(msg);
7823 return true;
7824 }
7825
7826 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
7827 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
7828 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
7829 goto nla_put_failure;
7830
7831 err = genlmsg_end(msg, hdr);
7832 if (err < 0) {
7833 nlmsg_free(msg);
7834 return true;
7835 }
7836
7837 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid);
7838 return true;
7839
7840 nla_put_failure:
7841 genlmsg_cancel(msg, hdr);
7842 nlmsg_free(msg);
7843 return true;
7844 }
7845
7846 bool nl80211_unexpected_frame(struct net_device *dev, const u8 *addr, gfp_t gfp)
7847 {
7848 return __nl80211_unexpected_frame(dev, NL80211_CMD_UNEXPECTED_FRAME,
7849 addr, gfp);
7850 }
7851
7852 bool nl80211_unexpected_4addr_frame(struct net_device *dev,
7853 const u8 *addr, gfp_t gfp)
7854 {
7855 return __nl80211_unexpected_frame(dev,
7856 NL80211_CMD_UNEXPECTED_4ADDR_FRAME,
7857 addr, gfp);
7858 }
7859
7860 int nl80211_send_mgmt(struct cfg80211_registered_device *rdev,
7861 struct net_device *netdev, u32 nlpid,
7862 int freq, int sig_dbm,
7863 const u8 *buf, size_t len, gfp_t gfp)
7864 {
7865 struct sk_buff *msg;
7866 void *hdr;
7867
7868 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
7869 if (!msg)
7870 return -ENOMEM;
7871
7872 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME);
7873 if (!hdr) {
7874 nlmsg_free(msg);
7875 return -ENOMEM;
7876 }
7877
7878 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
7879 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
7880 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq) ||
7881 (sig_dbm &&
7882 nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm)) ||
7883 nla_put(msg, NL80211_ATTR_FRAME, len, buf))
7884 goto nla_put_failure;
7885
7886 genlmsg_end(msg, hdr);
7887
7888 return genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid);
7889
7890 nla_put_failure:
7891 genlmsg_cancel(msg, hdr);
7892 nlmsg_free(msg);
7893 return -ENOBUFS;
7894 }
7895
7896 void nl80211_send_mgmt_tx_status(struct cfg80211_registered_device *rdev,
7897 struct net_device *netdev, u64 cookie,
7898 const u8 *buf, size_t len, bool ack,
7899 gfp_t gfp)
7900 {
7901 struct sk_buff *msg;
7902 void *hdr;
7903
7904 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
7905 if (!msg)
7906 return;
7907
7908 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME_TX_STATUS);
7909 if (!hdr) {
7910 nlmsg_free(msg);
7911 return;
7912 }
7913
7914 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
7915 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
7916 nla_put(msg, NL80211_ATTR_FRAME, len, buf) ||
7917 nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie) ||
7918 (ack && nla_put_flag(msg, NL80211_ATTR_ACK)))
7919 goto nla_put_failure;
7920
7921 genlmsg_end(msg, hdr);
7922
7923 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp);
7924 return;
7925
7926 nla_put_failure:
7927 genlmsg_cancel(msg, hdr);
7928 nlmsg_free(msg);
7929 }
7930
7931 void
7932 nl80211_send_cqm_rssi_notify(struct cfg80211_registered_device *rdev,
7933 struct net_device *netdev,
7934 enum nl80211_cqm_rssi_threshold_event rssi_event,
7935 gfp_t gfp)
7936 {
7937 struct sk_buff *msg;
7938 struct nlattr *pinfoattr;
7939 void *hdr;
7940
7941 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
7942 if (!msg)
7943 return;
7944
7945 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM);
7946 if (!hdr) {
7947 nlmsg_free(msg);
7948 return;
7949 }
7950
7951 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
7952 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex))
7953 goto nla_put_failure;
7954
7955 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM);
7956 if (!pinfoattr)
7957 goto nla_put_failure;
7958
7959 if (nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT,
7960 rssi_event))
7961 goto nla_put_failure;
7962
7963 nla_nest_end(msg, pinfoattr);
7964
7965 genlmsg_end(msg, hdr);
7966
7967 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7968 nl80211_mlme_mcgrp.id, gfp);
7969 return;
7970
7971 nla_put_failure:
7972 genlmsg_cancel(msg, hdr);
7973 nlmsg_free(msg);
7974 }
7975
7976 void nl80211_gtk_rekey_notify(struct cfg80211_registered_device *rdev,
7977 struct net_device *netdev, const u8 *bssid,
7978 const u8 *replay_ctr, gfp_t gfp)
7979 {
7980 struct sk_buff *msg;
7981 struct nlattr *rekey_attr;
7982 void *hdr;
7983
7984 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
7985 if (!msg)
7986 return;
7987
7988 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_REKEY_OFFLOAD);
7989 if (!hdr) {
7990 nlmsg_free(msg);
7991 return;
7992 }
7993
7994 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
7995 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
7996 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))
7997 goto nla_put_failure;
7998
7999 rekey_attr = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA);
8000 if (!rekey_attr)
8001 goto nla_put_failure;
8002
8003 if (nla_put(msg, NL80211_REKEY_DATA_REPLAY_CTR,
8004 NL80211_REPLAY_CTR_LEN, replay_ctr))
8005 goto nla_put_failure;
8006
8007 nla_nest_end(msg, rekey_attr);
8008
8009 genlmsg_end(msg, hdr);
8010
8011 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
8012 nl80211_mlme_mcgrp.id, gfp);
8013 return;
8014
8015 nla_put_failure:
8016 genlmsg_cancel(msg, hdr);
8017 nlmsg_free(msg);
8018 }
8019
8020 void nl80211_pmksa_candidate_notify(struct cfg80211_registered_device *rdev,
8021 struct net_device *netdev, int index,
8022 const u8 *bssid, bool preauth, gfp_t gfp)
8023 {
8024 struct sk_buff *msg;
8025 struct nlattr *attr;
8026 void *hdr;
8027
8028 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
8029 if (!msg)
8030 return;
8031
8032 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PMKSA_CANDIDATE);
8033 if (!hdr) {
8034 nlmsg_free(msg);
8035 return;
8036 }
8037
8038 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
8039 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex))
8040 goto nla_put_failure;
8041
8042 attr = nla_nest_start(msg, NL80211_ATTR_PMKSA_CANDIDATE);
8043 if (!attr)
8044 goto nla_put_failure;
8045
8046 if (nla_put_u32(msg, NL80211_PMKSA_CANDIDATE_INDEX, index) ||
8047 nla_put(msg, NL80211_PMKSA_CANDIDATE_BSSID, ETH_ALEN, bssid) ||
8048 (preauth &&
8049 nla_put_flag(msg, NL80211_PMKSA_CANDIDATE_PREAUTH)))
8050 goto nla_put_failure;
8051
8052 nla_nest_end(msg, attr);
8053
8054 genlmsg_end(msg, hdr);
8055
8056 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
8057 nl80211_mlme_mcgrp.id, gfp);
8058 return;
8059
8060 nla_put_failure:
8061 genlmsg_cancel(msg, hdr);
8062 nlmsg_free(msg);
8063 }
8064
8065 void nl80211_ch_switch_notify(struct cfg80211_registered_device *rdev,
8066 struct net_device *netdev, int freq,
8067 enum nl80211_channel_type type, gfp_t gfp)
8068 {
8069 struct sk_buff *msg;
8070 void *hdr;
8071
8072 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
8073 if (!msg)
8074 return;
8075
8076 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CH_SWITCH_NOTIFY);
8077 if (!hdr) {
8078 nlmsg_free(msg);
8079 return;
8080 }
8081
8082 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
8083 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq) ||
8084 nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, type))
8085 goto nla_put_failure;
8086
8087 genlmsg_end(msg, hdr);
8088
8089 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
8090 nl80211_mlme_mcgrp.id, gfp);
8091 return;
8092
8093 nla_put_failure:
8094 genlmsg_cancel(msg, hdr);
8095 nlmsg_free(msg);
8096 }
8097
8098 void
8099 nl80211_send_cqm_pktloss_notify(struct cfg80211_registered_device *rdev,
8100 struct net_device *netdev, const u8 *peer,
8101 u32 num_packets, gfp_t gfp)
8102 {
8103 struct sk_buff *msg;
8104 struct nlattr *pinfoattr;
8105 void *hdr;
8106
8107 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
8108 if (!msg)
8109 return;
8110
8111 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM);
8112 if (!hdr) {
8113 nlmsg_free(msg);
8114 return;
8115 }
8116
8117 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
8118 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
8119 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer))
8120 goto nla_put_failure;
8121
8122 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM);
8123 if (!pinfoattr)
8124 goto nla_put_failure;
8125
8126 if (nla_put_u32(msg, NL80211_ATTR_CQM_PKT_LOSS_EVENT, num_packets))
8127 goto nla_put_failure;
8128
8129 nla_nest_end(msg, pinfoattr);
8130
8131 genlmsg_end(msg, hdr);
8132
8133 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
8134 nl80211_mlme_mcgrp.id, gfp);
8135 return;
8136
8137 nla_put_failure:
8138 genlmsg_cancel(msg, hdr);
8139 nlmsg_free(msg);
8140 }
8141
8142 void cfg80211_probe_status(struct net_device *dev, const u8 *addr,
8143 u64 cookie, bool acked, gfp_t gfp)
8144 {
8145 struct wireless_dev *wdev = dev->ieee80211_ptr;
8146 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
8147 struct sk_buff *msg;
8148 void *hdr;
8149 int err;
8150
8151 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
8152 if (!msg)
8153 return;
8154
8155 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PROBE_CLIENT);
8156 if (!hdr) {
8157 nlmsg_free(msg);
8158 return;
8159 }
8160
8161 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
8162 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
8163 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
8164 nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie) ||
8165 (acked && nla_put_flag(msg, NL80211_ATTR_ACK)))
8166 goto nla_put_failure;
8167
8168 err = genlmsg_end(msg, hdr);
8169 if (err < 0) {
8170 nlmsg_free(msg);
8171 return;
8172 }
8173
8174 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
8175 nl80211_mlme_mcgrp.id, gfp);
8176 return;
8177
8178 nla_put_failure:
8179 genlmsg_cancel(msg, hdr);
8180 nlmsg_free(msg);
8181 }
8182 EXPORT_SYMBOL(cfg80211_probe_status);
8183
8184 void cfg80211_report_obss_beacon(struct wiphy *wiphy,
8185 const u8 *frame, size_t len,
8186 int freq, int sig_dbm, gfp_t gfp)
8187 {
8188 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
8189 struct sk_buff *msg;
8190 void *hdr;
8191 u32 nlpid = ACCESS_ONCE(rdev->ap_beacons_nlpid);
8192
8193 if (!nlpid)
8194 return;
8195
8196 msg = nlmsg_new(len + 100, gfp);
8197 if (!msg)
8198 return;
8199
8200 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME);
8201 if (!hdr) {
8202 nlmsg_free(msg);
8203 return;
8204 }
8205
8206 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
8207 (freq &&
8208 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq)) ||
8209 (sig_dbm &&
8210 nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm)) ||
8211 nla_put(msg, NL80211_ATTR_FRAME, len, frame))
8212 goto nla_put_failure;
8213
8214 genlmsg_end(msg, hdr);
8215
8216 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid);
8217 return;
8218
8219 nla_put_failure:
8220 genlmsg_cancel(msg, hdr);
8221 nlmsg_free(msg);
8222 }
8223 EXPORT_SYMBOL(cfg80211_report_obss_beacon);
8224
8225 static int nl80211_netlink_notify(struct notifier_block * nb,
8226 unsigned long state,
8227 void *_notify)
8228 {
8229 struct netlink_notify *notify = _notify;
8230 struct cfg80211_registered_device *rdev;
8231 struct wireless_dev *wdev;
8232
8233 if (state != NETLINK_URELEASE)
8234 return NOTIFY_DONE;
8235
8236 rcu_read_lock();
8237
8238 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) {
8239 list_for_each_entry_rcu(wdev, &rdev->netdev_list, list)
8240 cfg80211_mlme_unregister_socket(wdev, notify->pid);
8241 if (rdev->ap_beacons_nlpid == notify->pid)
8242 rdev->ap_beacons_nlpid = 0;
8243 }
8244
8245 rcu_read_unlock();
8246
8247 return NOTIFY_DONE;
8248 }
8249
8250 static struct notifier_block nl80211_netlink_notifier = {
8251 .notifier_call = nl80211_netlink_notify,
8252 };
8253
8254 /* initialisation/exit functions */
8255
8256 int nl80211_init(void)
8257 {
8258 int err;
8259
8260 err = genl_register_family_with_ops(&nl80211_fam,
8261 nl80211_ops, ARRAY_SIZE(nl80211_ops));
8262 if (err)
8263 return err;
8264
8265 err = genl_register_mc_group(&nl80211_fam, &nl80211_config_mcgrp);
8266 if (err)
8267 goto err_out;
8268
8269 err = genl_register_mc_group(&nl80211_fam, &nl80211_scan_mcgrp);
8270 if (err)
8271 goto err_out;
8272
8273 err = genl_register_mc_group(&nl80211_fam, &nl80211_regulatory_mcgrp);
8274 if (err)
8275 goto err_out;
8276
8277 err = genl_register_mc_group(&nl80211_fam, &nl80211_mlme_mcgrp);
8278 if (err)
8279 goto err_out;
8280
8281 #ifdef CONFIG_NL80211_TESTMODE
8282 err = genl_register_mc_group(&nl80211_fam, &nl80211_testmode_mcgrp);
8283 if (err)
8284 goto err_out;
8285 #endif
8286
8287 err = netlink_register_notifier(&nl80211_netlink_notifier);
8288 if (err)
8289 goto err_out;
8290
8291 return 0;
8292 err_out:
8293 genl_unregister_family(&nl80211_fam);
8294 return err;
8295 }
8296
8297 void nl80211_exit(void)
8298 {
8299 netlink_unregister_notifier(&nl80211_netlink_notifier);
8300 genl_unregister_family(&nl80211_fam);
8301 }
Linux kernel - Deliverables
This page took 0.645019 seconds and 5 git commands to generate.