1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * cfg80211 MLME SAP interface 4 * 5 * Copyright (c) 2009, Jouni Malinen <j@w1.fi> 6 * Copyright (c) 2015 Intel Deutschland GmbH 7 * Copyright (C) 2019-2020, 2022-2024 Intel Corporation 8 */ 9 10 #include <linux/kernel.h> 11 #include <linux/module.h> 12 #include <linux/etherdevice.h> 13 #include <linux/netdevice.h> 14 #include <linux/nl80211.h> 15 #include <linux/slab.h> 16 #include <linux/wireless.h> 17 #include <net/cfg80211.h> 18 #include <net/iw_handler.h> 19 #include "core.h" 20 #include "nl80211.h" 21 #include "rdev-ops.h" 22 23 24 void cfg80211_rx_assoc_resp(struct net_device *dev, 25 const struct cfg80211_rx_assoc_resp_data *data) 26 { 27 struct wireless_dev *wdev = dev->ieee80211_ptr; 28 struct wiphy *wiphy = wdev->wiphy; 29 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); 30 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)data->buf; 31 struct cfg80211_connect_resp_params cr = { 32 .timeout_reason = NL80211_TIMEOUT_UNSPECIFIED, 33 .req_ie = data->req_ies, 34 .req_ie_len = data->req_ies_len, 35 .resp_ie = mgmt->u.assoc_resp.variable, 36 .resp_ie_len = data->len - 37 offsetof(struct ieee80211_mgmt, 38 u.assoc_resp.variable), 39 .status = le16_to_cpu(mgmt->u.assoc_resp.status_code), 40 .ap_mld_addr = data->ap_mld_addr, 41 }; 42 unsigned int link_id; 43 44 for (link_id = 0; link_id < ARRAY_SIZE(data->links); link_id++) { 45 cr.links[link_id].status = data->links[link_id].status; 46 cr.links[link_id].bss = data->links[link_id].bss; 47 48 WARN_ON_ONCE(cr.links[link_id].status != WLAN_STATUS_SUCCESS && 49 (!cr.ap_mld_addr || !cr.links[link_id].bss)); 50 51 if (!cr.links[link_id].bss) 52 continue; 53 cr.links[link_id].bssid = data->links[link_id].bss->bssid; 54 cr.links[link_id].addr = data->links[link_id].addr; 55 /* need to have local link addresses for MLO connections */ 56 WARN_ON(cr.ap_mld_addr && 57 !is_valid_ether_addr(cr.links[link_id].addr)); 58 59 BUG_ON(!cr.links[link_id].bss->channel); 60 61 if (cr.links[link_id].bss->channel->band == NL80211_BAND_S1GHZ) { 62 WARN_ON(link_id); 63 cr.resp_ie = (u8 *)&mgmt->u.s1g_assoc_resp.variable; 64 cr.resp_ie_len = data->len - 65 offsetof(struct ieee80211_mgmt, 66 u.s1g_assoc_resp.variable); 67 } 68 69 if (cr.ap_mld_addr) 70 cr.valid_links |= BIT(link_id); 71 } 72 73 trace_cfg80211_send_rx_assoc(dev, data); 74 75 /* 76 * This is a bit of a hack, we don't notify userspace of 77 * a (re-)association reply if we tried to send a reassoc 78 * and got a reject -- we only try again with an assoc 79 * frame instead of reassoc. 80 */ 81 if (cfg80211_sme_rx_assoc_resp(wdev, cr.status)) { 82 for (link_id = 0; link_id < ARRAY_SIZE(data->links); link_id++) { 83 struct cfg80211_bss *bss = data->links[link_id].bss; 84 85 if (!bss) 86 continue; 87 88 cfg80211_unhold_bss(bss_from_pub(bss)); 89 cfg80211_put_bss(wiphy, bss); 90 } 91 return; 92 } 93 94 nl80211_send_rx_assoc(rdev, dev, data); 95 /* update current_bss etc., consumes the bss reference */ 96 __cfg80211_connect_result(dev, &cr, cr.status == WLAN_STATUS_SUCCESS); 97 } 98 EXPORT_SYMBOL(cfg80211_rx_assoc_resp); 99 100 static void cfg80211_process_auth(struct wireless_dev *wdev, 101 const u8 *buf, size_t len) 102 { 103 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 104 105 nl80211_send_rx_auth(rdev, wdev->netdev, buf, len, GFP_KERNEL); 106 cfg80211_sme_rx_auth(wdev, buf, len); 107 } 108 109 static void cfg80211_process_deauth(struct wireless_dev *wdev, 110 const u8 *buf, size_t len, 111 bool reconnect) 112 { 113 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 114 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf; 115 const u8 *bssid = mgmt->bssid; 116 u16 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code); 117 bool from_ap = !ether_addr_equal(mgmt->sa, wdev->netdev->dev_addr); 118 119 nl80211_send_deauth(rdev, wdev->netdev, buf, len, reconnect, GFP_KERNEL); 120 121 if (!wdev->connected || !ether_addr_equal(wdev->u.client.connected_addr, bssid)) 122 return; 123 124 __cfg80211_disconnected(wdev->netdev, NULL, 0, reason_code, from_ap); 125 cfg80211_sme_deauth(wdev); 126 } 127 128 static void cfg80211_process_disassoc(struct wireless_dev *wdev, 129 const u8 *buf, size_t len, 130 bool reconnect) 131 { 132 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 133 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf; 134 const u8 *bssid = mgmt->bssid; 135 u16 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); 136 bool from_ap = !ether_addr_equal(mgmt->sa, wdev->netdev->dev_addr); 137 138 nl80211_send_disassoc(rdev, wdev->netdev, buf, len, reconnect, 139 GFP_KERNEL); 140 141 if (WARN_ON(!wdev->connected || 142 !ether_addr_equal(wdev->u.client.connected_addr, bssid))) 143 return; 144 145 __cfg80211_disconnected(wdev->netdev, NULL, 0, reason_code, from_ap); 146 cfg80211_sme_disassoc(wdev); 147 } 148 149 void cfg80211_rx_mlme_mgmt(struct net_device *dev, const u8 *buf, size_t len) 150 { 151 struct wireless_dev *wdev = dev->ieee80211_ptr; 152 struct ieee80211_mgmt *mgmt = (void *)buf; 153 154 lockdep_assert_wiphy(wdev->wiphy); 155 156 trace_cfg80211_rx_mlme_mgmt(dev, buf, len); 157 158 if (WARN_ON(len < 2)) 159 return; 160 161 if (ieee80211_is_auth(mgmt->frame_control)) 162 cfg80211_process_auth(wdev, buf, len); 163 else if (ieee80211_is_deauth(mgmt->frame_control)) 164 cfg80211_process_deauth(wdev, buf, len, false); 165 else if (ieee80211_is_disassoc(mgmt->frame_control)) 166 cfg80211_process_disassoc(wdev, buf, len, false); 167 } 168 EXPORT_SYMBOL(cfg80211_rx_mlme_mgmt); 169 170 void cfg80211_auth_timeout(struct net_device *dev, const u8 *addr) 171 { 172 struct wireless_dev *wdev = dev->ieee80211_ptr; 173 struct wiphy *wiphy = wdev->wiphy; 174 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); 175 176 trace_cfg80211_send_auth_timeout(dev, addr); 177 178 nl80211_send_auth_timeout(rdev, dev, addr, GFP_KERNEL); 179 cfg80211_sme_auth_timeout(wdev); 180 } 181 EXPORT_SYMBOL(cfg80211_auth_timeout); 182 183 void cfg80211_assoc_failure(struct net_device *dev, 184 struct cfg80211_assoc_failure *data) 185 { 186 struct wireless_dev *wdev = dev->ieee80211_ptr; 187 struct wiphy *wiphy = wdev->wiphy; 188 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); 189 const u8 *addr = data->ap_mld_addr ?: data->bss[0]->bssid; 190 int i; 191 192 trace_cfg80211_send_assoc_failure(dev, data); 193 194 if (data->timeout) { 195 nl80211_send_assoc_timeout(rdev, dev, addr, GFP_KERNEL); 196 cfg80211_sme_assoc_timeout(wdev); 197 } else { 198 cfg80211_sme_abandon_assoc(wdev); 199 } 200 201 for (i = 0; i < ARRAY_SIZE(data->bss); i++) { 202 struct cfg80211_bss *bss = data->bss[i]; 203 204 if (!bss) 205 continue; 206 207 cfg80211_unhold_bss(bss_from_pub(bss)); 208 cfg80211_put_bss(wiphy, bss); 209 } 210 } 211 EXPORT_SYMBOL(cfg80211_assoc_failure); 212 213 void cfg80211_tx_mlme_mgmt(struct net_device *dev, const u8 *buf, size_t len, 214 bool reconnect) 215 { 216 struct wireless_dev *wdev = dev->ieee80211_ptr; 217 struct ieee80211_mgmt *mgmt = (void *)buf; 218 219 lockdep_assert_wiphy(wdev->wiphy); 220 221 trace_cfg80211_tx_mlme_mgmt(dev, buf, len, reconnect); 222 223 if (WARN_ON(len < 2)) 224 return; 225 226 if (ieee80211_is_deauth(mgmt->frame_control)) 227 cfg80211_process_deauth(wdev, buf, len, reconnect); 228 else 229 cfg80211_process_disassoc(wdev, buf, len, reconnect); 230 } 231 EXPORT_SYMBOL(cfg80211_tx_mlme_mgmt); 232 233 void cfg80211_michael_mic_failure(struct net_device *dev, const u8 *addr, 234 enum nl80211_key_type key_type, int key_id, 235 const u8 *tsc, gfp_t gfp) 236 { 237 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 238 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); 239 #ifdef CONFIG_CFG80211_WEXT 240 union iwreq_data wrqu; 241 char *buf = kmalloc(128, gfp); 242 243 if (buf) { 244 memset(&wrqu, 0, sizeof(wrqu)); 245 wrqu.data.length = 246 sprintf(buf, "MLME-MICHAELMICFAILURE." 247 "indication(keyid=%d %scast addr=%pM)", 248 key_id, key_type == NL80211_KEYTYPE_GROUP 249 ? "broad" : "uni", addr); 250 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf); 251 kfree(buf); 252 } 253 #endif 254 255 trace_cfg80211_michael_mic_failure(dev, addr, key_type, key_id, tsc); 256 nl80211_michael_mic_failure(rdev, dev, addr, key_type, key_id, tsc, gfp); 257 } 258 EXPORT_SYMBOL(cfg80211_michael_mic_failure); 259 260 /* some MLME handling for userspace SME */ 261 int cfg80211_mlme_auth(struct cfg80211_registered_device *rdev, 262 struct net_device *dev, 263 struct cfg80211_auth_request *req) 264 { 265 struct wireless_dev *wdev = dev->ieee80211_ptr; 266 267 lockdep_assert_wiphy(wdev->wiphy); 268 269 if (!req->bss) 270 return -ENOENT; 271 272 if (req->link_id >= 0 && 273 !(wdev->wiphy->flags & WIPHY_FLAG_SUPPORTS_MLO)) 274 return -EINVAL; 275 276 if (req->auth_type == NL80211_AUTHTYPE_SHARED_KEY) { 277 if (!req->key || !req->key_len || 278 req->key_idx < 0 || req->key_idx > 3) 279 return -EINVAL; 280 } 281 282 if (wdev->connected && 283 ether_addr_equal(req->bss->bssid, wdev->u.client.connected_addr)) 284 return -EALREADY; 285 286 if (ether_addr_equal(req->bss->bssid, dev->dev_addr) || 287 (req->link_id >= 0 && 288 ether_addr_equal(req->ap_mld_addr, dev->dev_addr))) 289 return -EINVAL; 290 291 return rdev_auth(rdev, dev, req); 292 } 293 294 /* Do a logical ht_capa &= ht_capa_mask. */ 295 void cfg80211_oper_and_ht_capa(struct ieee80211_ht_cap *ht_capa, 296 const struct ieee80211_ht_cap *ht_capa_mask) 297 { 298 int i; 299 u8 *p1, *p2; 300 if (!ht_capa_mask) { 301 memset(ht_capa, 0, sizeof(*ht_capa)); 302 return; 303 } 304 305 p1 = (u8*)(ht_capa); 306 p2 = (u8*)(ht_capa_mask); 307 for (i = 0; i < sizeof(*ht_capa); i++) 308 p1[i] &= p2[i]; 309 } 310 311 /* Do a logical vht_capa &= vht_capa_mask. */ 312 void cfg80211_oper_and_vht_capa(struct ieee80211_vht_cap *vht_capa, 313 const struct ieee80211_vht_cap *vht_capa_mask) 314 { 315 int i; 316 u8 *p1, *p2; 317 if (!vht_capa_mask) { 318 memset(vht_capa, 0, sizeof(*vht_capa)); 319 return; 320 } 321 322 p1 = (u8*)(vht_capa); 323 p2 = (u8*)(vht_capa_mask); 324 for (i = 0; i < sizeof(*vht_capa); i++) 325 p1[i] &= p2[i]; 326 } 327 328 static int 329 cfg80211_mlme_check_mlo_compat(const struct ieee80211_multi_link_elem *mle_a, 330 const struct ieee80211_multi_link_elem *mle_b, 331 struct netlink_ext_ack *extack) 332 { 333 const struct ieee80211_mle_basic_common_info *common_a, *common_b; 334 335 common_a = (const void *)mle_a->variable; 336 common_b = (const void *)mle_b->variable; 337 338 if (memcmp(common_a->mld_mac_addr, common_b->mld_mac_addr, ETH_ALEN)) { 339 NL_SET_ERR_MSG(extack, "AP MLD address mismatch"); 340 return -EINVAL; 341 } 342 343 if (ieee80211_mle_get_eml_cap((const u8 *)mle_a) != 344 ieee80211_mle_get_eml_cap((const u8 *)mle_b)) { 345 NL_SET_ERR_MSG(extack, "link EML capabilities mismatch"); 346 return -EINVAL; 347 } 348 349 if (ieee80211_mle_get_mld_capa_op((const u8 *)mle_a) != 350 ieee80211_mle_get_mld_capa_op((const u8 *)mle_b)) { 351 NL_SET_ERR_MSG(extack, "link MLD capabilities/ops mismatch"); 352 return -EINVAL; 353 } 354 355 if (ieee80211_mle_get_ext_mld_capa_op((const u8 *)mle_a) != 356 ieee80211_mle_get_ext_mld_capa_op((const u8 *)mle_b)) { 357 NL_SET_ERR_MSG(extack, 358 "extended link MLD capabilities/ops mismatch"); 359 return -EINVAL; 360 } 361 362 return 0; 363 } 364 365 static int cfg80211_mlme_check_mlo(struct net_device *dev, 366 struct cfg80211_assoc_request *req, 367 struct netlink_ext_ack *extack) 368 { 369 const struct ieee80211_multi_link_elem *mles[ARRAY_SIZE(req->links)] = {}; 370 int i; 371 372 if (req->link_id < 0) 373 return 0; 374 375 if (!req->links[req->link_id].bss) { 376 NL_SET_ERR_MSG(extack, "no BSS for assoc link"); 377 return -EINVAL; 378 } 379 380 rcu_read_lock(); 381 for (i = 0; i < ARRAY_SIZE(req->links); i++) { 382 const struct cfg80211_bss_ies *ies; 383 const struct element *ml; 384 385 if (!req->links[i].bss) 386 continue; 387 388 if (ether_addr_equal(req->links[i].bss->bssid, dev->dev_addr)) { 389 NL_SET_ERR_MSG(extack, "BSSID must not be our address"); 390 req->links[i].error = -EINVAL; 391 goto error; 392 } 393 394 ies = rcu_dereference(req->links[i].bss->ies); 395 ml = cfg80211_find_ext_elem(WLAN_EID_EXT_EHT_MULTI_LINK, 396 ies->data, ies->len); 397 if (!ml) { 398 NL_SET_ERR_MSG(extack, "MLO BSS w/o ML element"); 399 req->links[i].error = -EINVAL; 400 goto error; 401 } 402 403 if (!ieee80211_mle_type_ok(ml->data + 1, 404 IEEE80211_ML_CONTROL_TYPE_BASIC, 405 ml->datalen - 1)) { 406 NL_SET_ERR_MSG(extack, "BSS with invalid ML element"); 407 req->links[i].error = -EINVAL; 408 goto error; 409 } 410 411 mles[i] = (const void *)(ml->data + 1); 412 413 if (ieee80211_mle_get_link_id((const u8 *)mles[i]) != i) { 414 NL_SET_ERR_MSG(extack, "link ID mismatch"); 415 req->links[i].error = -EINVAL; 416 goto error; 417 } 418 } 419 420 if (WARN_ON(!mles[req->link_id])) 421 goto error; 422 423 for (i = 0; i < ARRAY_SIZE(req->links); i++) { 424 if (i == req->link_id || !req->links[i].bss) 425 continue; 426 427 if (WARN_ON(!mles[i])) 428 goto error; 429 430 if (cfg80211_mlme_check_mlo_compat(mles[req->link_id], mles[i], 431 extack)) { 432 req->links[i].error = -EINVAL; 433 goto error; 434 } 435 } 436 437 rcu_read_unlock(); 438 return 0; 439 error: 440 rcu_read_unlock(); 441 return -EINVAL; 442 } 443 444 /* Note: caller must cfg80211_put_bss() regardless of result */ 445 int cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev, 446 struct net_device *dev, 447 struct cfg80211_assoc_request *req, 448 struct netlink_ext_ack *extack) 449 { 450 struct wireless_dev *wdev = dev->ieee80211_ptr; 451 int err; 452 453 lockdep_assert_wiphy(wdev->wiphy); 454 455 err = cfg80211_mlme_check_mlo(dev, req, extack); 456 if (err) 457 return err; 458 459 if (wdev->connected && 460 (!req->prev_bssid || 461 !ether_addr_equal(wdev->u.client.connected_addr, req->prev_bssid))) 462 return -EALREADY; 463 464 if ((req->bss && ether_addr_equal(req->bss->bssid, dev->dev_addr)) || 465 (req->link_id >= 0 && 466 ether_addr_equal(req->ap_mld_addr, dev->dev_addr))) 467 return -EINVAL; 468 469 cfg80211_oper_and_ht_capa(&req->ht_capa_mask, 470 rdev->wiphy.ht_capa_mod_mask); 471 cfg80211_oper_and_vht_capa(&req->vht_capa_mask, 472 rdev->wiphy.vht_capa_mod_mask); 473 474 err = rdev_assoc(rdev, dev, req); 475 if (!err) { 476 int link_id; 477 478 if (req->bss) { 479 cfg80211_ref_bss(&rdev->wiphy, req->bss); 480 cfg80211_hold_bss(bss_from_pub(req->bss)); 481 } 482 483 for (link_id = 0; link_id < ARRAY_SIZE(req->links); link_id++) { 484 if (!req->links[link_id].bss) 485 continue; 486 cfg80211_ref_bss(&rdev->wiphy, req->links[link_id].bss); 487 cfg80211_hold_bss(bss_from_pub(req->links[link_id].bss)); 488 } 489 } 490 return err; 491 } 492 493 int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, 494 struct net_device *dev, const u8 *bssid, 495 const u8 *ie, int ie_len, u16 reason, 496 bool local_state_change) 497 { 498 struct wireless_dev *wdev = dev->ieee80211_ptr; 499 struct cfg80211_deauth_request req = { 500 .bssid = bssid, 501 .reason_code = reason, 502 .ie = ie, 503 .ie_len = ie_len, 504 .local_state_change = local_state_change, 505 }; 506 507 lockdep_assert_wiphy(wdev->wiphy); 508 509 if (local_state_change && 510 (!wdev->connected || 511 !ether_addr_equal(wdev->u.client.connected_addr, bssid))) 512 return 0; 513 514 if (ether_addr_equal(wdev->disconnect_bssid, bssid) || 515 (wdev->connected && 516 ether_addr_equal(wdev->u.client.connected_addr, bssid))) 517 wdev->conn_owner_nlportid = 0; 518 519 return rdev_deauth(rdev, dev, &req); 520 } 521 522 int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev, 523 struct net_device *dev, const u8 *ap_addr, 524 const u8 *ie, int ie_len, u16 reason, 525 bool local_state_change) 526 { 527 struct wireless_dev *wdev = dev->ieee80211_ptr; 528 struct cfg80211_disassoc_request req = { 529 .reason_code = reason, 530 .local_state_change = local_state_change, 531 .ie = ie, 532 .ie_len = ie_len, 533 .ap_addr = ap_addr, 534 }; 535 int err; 536 537 lockdep_assert_wiphy(wdev->wiphy); 538 539 if (!wdev->connected) 540 return -ENOTCONN; 541 542 if (memcmp(wdev->u.client.connected_addr, ap_addr, ETH_ALEN)) 543 return -ENOTCONN; 544 545 err = rdev_disassoc(rdev, dev, &req); 546 if (err) 547 return err; 548 549 /* driver should have reported the disassoc */ 550 WARN_ON(wdev->connected); 551 return 0; 552 } 553 554 void cfg80211_mlme_down(struct cfg80211_registered_device *rdev, 555 struct net_device *dev) 556 { 557 struct wireless_dev *wdev = dev->ieee80211_ptr; 558 u8 bssid[ETH_ALEN]; 559 560 lockdep_assert_wiphy(wdev->wiphy); 561 562 if (!rdev->ops->deauth) 563 return; 564 565 if (!wdev->connected) 566 return; 567 568 memcpy(bssid, wdev->u.client.connected_addr, ETH_ALEN); 569 cfg80211_mlme_deauth(rdev, dev, bssid, NULL, 0, 570 WLAN_REASON_DEAUTH_LEAVING, false); 571 } 572 573 struct cfg80211_mgmt_registration { 574 struct list_head list; 575 struct wireless_dev *wdev; 576 577 u32 nlportid; 578 579 int match_len; 580 581 __le16 frame_type; 582 583 bool multicast_rx; 584 585 u8 match[]; 586 }; 587 588 static void cfg80211_mgmt_registrations_update(struct wireless_dev *wdev) 589 { 590 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 591 struct wireless_dev *tmp; 592 struct cfg80211_mgmt_registration *reg; 593 struct mgmt_frame_regs upd = {}; 594 595 lockdep_assert_held(&rdev->wiphy.mtx); 596 597 spin_lock_bh(&rdev->mgmt_registrations_lock); 598 if (!wdev->mgmt_registrations_need_update) { 599 spin_unlock_bh(&rdev->mgmt_registrations_lock); 600 return; 601 } 602 603 rcu_read_lock(); 604 list_for_each_entry_rcu(tmp, &rdev->wiphy.wdev_list, list) { 605 list_for_each_entry(reg, &tmp->mgmt_registrations, list) { 606 u32 mask = BIT(le16_to_cpu(reg->frame_type) >> 4); 607 u32 mcast_mask = 0; 608 609 if (reg->multicast_rx) 610 mcast_mask = mask; 611 612 upd.global_stypes |= mask; 613 upd.global_mcast_stypes |= mcast_mask; 614 615 if (tmp == wdev) { 616 upd.interface_stypes |= mask; 617 upd.interface_mcast_stypes |= mcast_mask; 618 } 619 } 620 } 621 rcu_read_unlock(); 622 623 wdev->mgmt_registrations_need_update = 0; 624 spin_unlock_bh(&rdev->mgmt_registrations_lock); 625 626 rdev_update_mgmt_frame_registrations(rdev, wdev, &upd); 627 } 628 629 void cfg80211_mgmt_registrations_update_wk(struct work_struct *wk) 630 { 631 struct cfg80211_registered_device *rdev; 632 struct wireless_dev *wdev; 633 634 rdev = container_of(wk, struct cfg80211_registered_device, 635 mgmt_registrations_update_wk); 636 637 guard(wiphy)(&rdev->wiphy); 638 639 list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) 640 cfg80211_mgmt_registrations_update(wdev); 641 } 642 643 int cfg80211_mlme_register_mgmt(struct wireless_dev *wdev, u32 snd_portid, 644 u16 frame_type, const u8 *match_data, 645 int match_len, bool multicast_rx, 646 struct netlink_ext_ack *extack) 647 { 648 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 649 struct cfg80211_mgmt_registration *reg, *nreg; 650 int err = 0; 651 u16 mgmt_type; 652 bool update_multicast = false; 653 654 if (!wdev->wiphy->mgmt_stypes) 655 return -EOPNOTSUPP; 656 657 if ((frame_type & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT) { 658 NL_SET_ERR_MSG(extack, "frame type not management"); 659 return -EINVAL; 660 } 661 662 if (frame_type & ~(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE)) { 663 NL_SET_ERR_MSG(extack, "Invalid frame type"); 664 return -EINVAL; 665 } 666 667 mgmt_type = (frame_type & IEEE80211_FCTL_STYPE) >> 4; 668 if (!(wdev->wiphy->mgmt_stypes[wdev->iftype].rx & BIT(mgmt_type))) { 669 NL_SET_ERR_MSG(extack, 670 "Registration to specific type not supported"); 671 return -EINVAL; 672 } 673 674 /* 675 * To support Pre Association Security Negotiation (PASN), registration 676 * for authentication frames should be supported. However, as some 677 * versions of the user space daemons wrongly register to all types of 678 * authentication frames (which might result in unexpected behavior) 679 * allow such registration if the request is for a specific 680 * authentication algorithm number. 681 */ 682 if (wdev->iftype == NL80211_IFTYPE_STATION && 683 (frame_type & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_AUTH && 684 !(match_data && match_len >= 2)) { 685 NL_SET_ERR_MSG(extack, 686 "Authentication algorithm number required"); 687 return -EINVAL; 688 } 689 690 nreg = kzalloc(sizeof(*reg) + match_len, GFP_KERNEL); 691 if (!nreg) 692 return -ENOMEM; 693 694 spin_lock_bh(&rdev->mgmt_registrations_lock); 695 696 list_for_each_entry(reg, &wdev->mgmt_registrations, list) { 697 int mlen = min(match_len, reg->match_len); 698 699 if (frame_type != le16_to_cpu(reg->frame_type)) 700 continue; 701 702 if (memcmp(reg->match, match_data, mlen) == 0) { 703 if (reg->multicast_rx != multicast_rx) { 704 update_multicast = true; 705 reg->multicast_rx = multicast_rx; 706 break; 707 } 708 NL_SET_ERR_MSG(extack, "Match already configured"); 709 err = -EALREADY; 710 break; 711 } 712 } 713 714 if (err) 715 goto out; 716 717 if (update_multicast) { 718 kfree(nreg); 719 } else { 720 memcpy(nreg->match, match_data, match_len); 721 nreg->match_len = match_len; 722 nreg->nlportid = snd_portid; 723 nreg->frame_type = cpu_to_le16(frame_type); 724 nreg->wdev = wdev; 725 nreg->multicast_rx = multicast_rx; 726 list_add(&nreg->list, &wdev->mgmt_registrations); 727 } 728 wdev->mgmt_registrations_need_update = 1; 729 spin_unlock_bh(&rdev->mgmt_registrations_lock); 730 731 cfg80211_mgmt_registrations_update(wdev); 732 733 return 0; 734 735 out: 736 kfree(nreg); 737 spin_unlock_bh(&rdev->mgmt_registrations_lock); 738 739 return err; 740 } 741 742 void cfg80211_mlme_unregister_socket(struct wireless_dev *wdev, u32 nlportid) 743 { 744 struct wiphy *wiphy = wdev->wiphy; 745 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); 746 struct cfg80211_mgmt_registration *reg, *tmp; 747 748 spin_lock_bh(&rdev->mgmt_registrations_lock); 749 750 list_for_each_entry_safe(reg, tmp, &wdev->mgmt_registrations, list) { 751 if (reg->nlportid != nlportid) 752 continue; 753 754 list_del(®->list); 755 kfree(reg); 756 757 wdev->mgmt_registrations_need_update = 1; 758 schedule_work(&rdev->mgmt_registrations_update_wk); 759 } 760 761 spin_unlock_bh(&rdev->mgmt_registrations_lock); 762 763 if (nlportid && rdev->crit_proto_nlportid == nlportid) { 764 rdev->crit_proto_nlportid = 0; 765 rdev_crit_proto_stop(rdev, wdev); 766 } 767 768 if (nlportid == wdev->ap_unexpected_nlportid) 769 wdev->ap_unexpected_nlportid = 0; 770 } 771 772 void cfg80211_mlme_purge_registrations(struct wireless_dev *wdev) 773 { 774 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 775 struct cfg80211_mgmt_registration *reg, *tmp; 776 777 spin_lock_bh(&rdev->mgmt_registrations_lock); 778 list_for_each_entry_safe(reg, tmp, &wdev->mgmt_registrations, list) { 779 list_del(®->list); 780 kfree(reg); 781 } 782 wdev->mgmt_registrations_need_update = 1; 783 spin_unlock_bh(&rdev->mgmt_registrations_lock); 784 785 cfg80211_mgmt_registrations_update(wdev); 786 } 787 788 static bool cfg80211_allowed_address(struct wireless_dev *wdev, const u8 *addr) 789 { 790 int i; 791 792 for_each_valid_link(wdev, i) { 793 if (ether_addr_equal(addr, wdev->links[i].addr)) 794 return true; 795 } 796 797 return ether_addr_equal(addr, wdev_address(wdev)); 798 } 799 800 static bool cfg80211_allowed_random_address(struct wireless_dev *wdev, 801 const struct ieee80211_mgmt *mgmt) 802 { 803 if (ieee80211_is_auth(mgmt->frame_control) || 804 ieee80211_is_deauth(mgmt->frame_control)) { 805 /* Allow random TA to be used with authentication and 806 * deauthentication frames if the driver has indicated support. 807 */ 808 if (wiphy_ext_feature_isset( 809 wdev->wiphy, 810 NL80211_EXT_FEATURE_AUTH_AND_DEAUTH_RANDOM_TA)) 811 return true; 812 } else if (ieee80211_is_action(mgmt->frame_control) && 813 mgmt->u.action.category == WLAN_CATEGORY_PUBLIC) { 814 /* Allow random TA to be used with Public Action frames if the 815 * driver has indicated support. 816 */ 817 if (!wdev->connected && 818 wiphy_ext_feature_isset( 819 wdev->wiphy, 820 NL80211_EXT_FEATURE_MGMT_TX_RANDOM_TA)) 821 return true; 822 823 if (wdev->connected && 824 wiphy_ext_feature_isset( 825 wdev->wiphy, 826 NL80211_EXT_FEATURE_MGMT_TX_RANDOM_TA_CONNECTED)) 827 return true; 828 } 829 830 return false; 831 } 832 833 int cfg80211_mlme_mgmt_tx(struct cfg80211_registered_device *rdev, 834 struct wireless_dev *wdev, 835 struct cfg80211_mgmt_tx_params *params, u64 *cookie) 836 { 837 const struct ieee80211_mgmt *mgmt; 838 u16 stype; 839 840 lockdep_assert_wiphy(&rdev->wiphy); 841 842 if (!wdev->wiphy->mgmt_stypes) 843 return -EOPNOTSUPP; 844 845 if (!rdev->ops->mgmt_tx) 846 return -EOPNOTSUPP; 847 848 if (params->len < 24 + 1) 849 return -EINVAL; 850 851 mgmt = (const struct ieee80211_mgmt *)params->buf; 852 853 if (!ieee80211_is_mgmt(mgmt->frame_control)) 854 return -EINVAL; 855 856 stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE; 857 if (!(wdev->wiphy->mgmt_stypes[wdev->iftype].tx & BIT(stype >> 4))) 858 return -EINVAL; 859 860 if (ieee80211_is_action(mgmt->frame_control) && 861 mgmt->u.action.category != WLAN_CATEGORY_PUBLIC) { 862 int err = 0; 863 864 switch (wdev->iftype) { 865 case NL80211_IFTYPE_ADHOC: 866 /* 867 * check for IBSS DA must be done by driver as 868 * cfg80211 doesn't track the stations 869 */ 870 if (!wdev->u.ibss.current_bss || 871 !ether_addr_equal(wdev->u.ibss.current_bss->pub.bssid, 872 mgmt->bssid)) { 873 err = -ENOTCONN; 874 break; 875 } 876 break; 877 case NL80211_IFTYPE_STATION: 878 case NL80211_IFTYPE_P2P_CLIENT: 879 if (!wdev->connected) { 880 err = -ENOTCONN; 881 break; 882 } 883 884 /* FIXME: MLD may address this differently */ 885 886 if (!ether_addr_equal(wdev->u.client.connected_addr, 887 mgmt->bssid)) { 888 err = -ENOTCONN; 889 break; 890 } 891 892 /* for station, check that DA is the AP */ 893 if (!ether_addr_equal(wdev->u.client.connected_addr, 894 mgmt->da)) { 895 err = -ENOTCONN; 896 break; 897 } 898 break; 899 case NL80211_IFTYPE_AP: 900 case NL80211_IFTYPE_P2P_GO: 901 case NL80211_IFTYPE_AP_VLAN: 902 if (!ether_addr_equal(mgmt->bssid, wdev_address(wdev)) && 903 (params->link_id < 0 || 904 !ether_addr_equal(mgmt->bssid, 905 wdev->links[params->link_id].addr))) 906 err = -EINVAL; 907 break; 908 case NL80211_IFTYPE_MESH_POINT: 909 if (!ether_addr_equal(mgmt->sa, mgmt->bssid)) { 910 err = -EINVAL; 911 break; 912 } 913 /* 914 * check for mesh DA must be done by driver as 915 * cfg80211 doesn't track the stations 916 */ 917 break; 918 case NL80211_IFTYPE_P2P_DEVICE: 919 /* 920 * fall through, P2P device only supports 921 * public action frames 922 */ 923 case NL80211_IFTYPE_NAN: 924 default: 925 err = -EOPNOTSUPP; 926 break; 927 } 928 929 if (err) 930 return err; 931 } 932 933 if (!cfg80211_allowed_address(wdev, mgmt->sa) && 934 !cfg80211_allowed_random_address(wdev, mgmt)) 935 return -EINVAL; 936 937 /* Transmit the management frame as requested by user space */ 938 return rdev_mgmt_tx(rdev, wdev, params, cookie); 939 } 940 941 bool cfg80211_rx_mgmt_ext(struct wireless_dev *wdev, 942 struct cfg80211_rx_info *info) 943 { 944 struct wiphy *wiphy = wdev->wiphy; 945 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); 946 struct cfg80211_mgmt_registration *reg; 947 const struct ieee80211_txrx_stypes *stypes = 948 &wiphy->mgmt_stypes[wdev->iftype]; 949 struct ieee80211_mgmt *mgmt = (void *)info->buf; 950 const u8 *data; 951 int data_len; 952 bool result = false; 953 __le16 ftype = mgmt->frame_control & 954 cpu_to_le16(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE); 955 u16 stype; 956 957 trace_cfg80211_rx_mgmt(wdev, info); 958 stype = (le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE) >> 4; 959 960 if (!(stypes->rx & BIT(stype))) { 961 trace_cfg80211_return_bool(false); 962 return false; 963 } 964 965 data = info->buf + ieee80211_hdrlen(mgmt->frame_control); 966 data_len = info->len - ieee80211_hdrlen(mgmt->frame_control); 967 968 spin_lock_bh(&rdev->mgmt_registrations_lock); 969 970 list_for_each_entry(reg, &wdev->mgmt_registrations, list) { 971 if (reg->frame_type != ftype) 972 continue; 973 974 if (reg->match_len > data_len) 975 continue; 976 977 if (memcmp(reg->match, data, reg->match_len)) 978 continue; 979 980 /* found match! */ 981 982 /* Indicate the received Action frame to user space */ 983 if (nl80211_send_mgmt(rdev, wdev, reg->nlportid, info, 984 GFP_ATOMIC)) 985 continue; 986 987 result = true; 988 break; 989 } 990 991 spin_unlock_bh(&rdev->mgmt_registrations_lock); 992 993 trace_cfg80211_return_bool(result); 994 return result; 995 } 996 EXPORT_SYMBOL(cfg80211_rx_mgmt_ext); 997 998 void cfg80211_sched_dfs_chan_update(struct cfg80211_registered_device *rdev) 999 { 1000 cancel_delayed_work(&rdev->dfs_update_channels_wk); 1001 queue_delayed_work(cfg80211_wq, &rdev->dfs_update_channels_wk, 0); 1002 } 1003 1004 void cfg80211_dfs_channels_update_work(struct work_struct *work) 1005 { 1006 struct delayed_work *delayed_work = to_delayed_work(work); 1007 struct cfg80211_registered_device *rdev; 1008 struct cfg80211_chan_def chandef; 1009 struct ieee80211_supported_band *sband; 1010 struct ieee80211_channel *c; 1011 struct wiphy *wiphy; 1012 bool check_again = false; 1013 unsigned long timeout, next_time = 0; 1014 unsigned long time_dfs_update; 1015 enum nl80211_radar_event radar_event; 1016 int bandid, i; 1017 1018 rdev = container_of(delayed_work, struct cfg80211_registered_device, 1019 dfs_update_channels_wk); 1020 wiphy = &rdev->wiphy; 1021 1022 rtnl_lock(); 1023 for (bandid = 0; bandid < NUM_NL80211_BANDS; bandid++) { 1024 sband = wiphy->bands[bandid]; 1025 if (!sband) 1026 continue; 1027 1028 for (i = 0; i < sband->n_channels; i++) { 1029 c = &sband->channels[i]; 1030 1031 if (!(c->flags & IEEE80211_CHAN_RADAR)) 1032 continue; 1033 1034 if (c->dfs_state != NL80211_DFS_UNAVAILABLE && 1035 c->dfs_state != NL80211_DFS_AVAILABLE) 1036 continue; 1037 1038 if (c->dfs_state == NL80211_DFS_UNAVAILABLE) { 1039 time_dfs_update = IEEE80211_DFS_MIN_NOP_TIME_MS; 1040 radar_event = NL80211_RADAR_NOP_FINISHED; 1041 } else { 1042 if (regulatory_pre_cac_allowed(wiphy) || 1043 cfg80211_any_wiphy_oper_chan(wiphy, c)) 1044 continue; 1045 1046 time_dfs_update = REG_PRE_CAC_EXPIRY_GRACE_MS; 1047 radar_event = NL80211_RADAR_PRE_CAC_EXPIRED; 1048 } 1049 1050 timeout = c->dfs_state_entered + 1051 msecs_to_jiffies(time_dfs_update); 1052 1053 if (time_after_eq(jiffies, timeout)) { 1054 c->dfs_state = NL80211_DFS_USABLE; 1055 c->dfs_state_entered = jiffies; 1056 1057 cfg80211_chandef_create(&chandef, c, 1058 NL80211_CHAN_NO_HT); 1059 1060 nl80211_radar_notify(rdev, &chandef, 1061 radar_event, NULL, 1062 GFP_ATOMIC); 1063 1064 regulatory_propagate_dfs_state(wiphy, &chandef, 1065 c->dfs_state, 1066 radar_event); 1067 continue; 1068 } 1069 1070 if (!check_again) 1071 next_time = timeout - jiffies; 1072 else 1073 next_time = min(next_time, timeout - jiffies); 1074 check_again = true; 1075 } 1076 } 1077 rtnl_unlock(); 1078 1079 /* reschedule if there are other channels waiting to be cleared again */ 1080 if (check_again) 1081 queue_delayed_work(cfg80211_wq, &rdev->dfs_update_channels_wk, 1082 next_time); 1083 } 1084 1085 1086 void __cfg80211_radar_event(struct wiphy *wiphy, 1087 struct cfg80211_chan_def *chandef, 1088 bool offchan, gfp_t gfp) 1089 { 1090 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); 1091 1092 trace_cfg80211_radar_event(wiphy, chandef, offchan); 1093 1094 /* only set the chandef supplied channel to unavailable, in 1095 * case the radar is detected on only one of multiple channels 1096 * spanned by the chandef. 1097 */ 1098 cfg80211_set_dfs_state(wiphy, chandef, NL80211_DFS_UNAVAILABLE); 1099 1100 if (offchan) 1101 queue_work(cfg80211_wq, &rdev->background_cac_abort_wk); 1102 1103 cfg80211_sched_dfs_chan_update(rdev); 1104 1105 nl80211_radar_notify(rdev, chandef, NL80211_RADAR_DETECTED, NULL, gfp); 1106 1107 memcpy(&rdev->radar_chandef, chandef, sizeof(struct cfg80211_chan_def)); 1108 queue_work(cfg80211_wq, &rdev->propagate_radar_detect_wk); 1109 } 1110 EXPORT_SYMBOL(__cfg80211_radar_event); 1111 1112 void cfg80211_cac_event(struct net_device *netdev, 1113 const struct cfg80211_chan_def *chandef, 1114 enum nl80211_radar_event event, gfp_t gfp, 1115 unsigned int link_id) 1116 { 1117 struct wireless_dev *wdev = netdev->ieee80211_ptr; 1118 struct wiphy *wiphy = wdev->wiphy; 1119 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); 1120 unsigned long timeout; 1121 1122 if (WARN_ON(wdev->valid_links && 1123 !(wdev->valid_links & BIT(link_id)))) 1124 return; 1125 1126 trace_cfg80211_cac_event(netdev, event, link_id); 1127 1128 if (WARN_ON(!wdev->links[link_id].cac_started && 1129 event != NL80211_RADAR_CAC_STARTED)) 1130 return; 1131 1132 switch (event) { 1133 case NL80211_RADAR_CAC_FINISHED: 1134 timeout = wdev->links[link_id].cac_start_time + 1135 msecs_to_jiffies(wdev->links[link_id].cac_time_ms); 1136 WARN_ON(!time_after_eq(jiffies, timeout)); 1137 cfg80211_set_dfs_state(wiphy, chandef, NL80211_DFS_AVAILABLE); 1138 memcpy(&rdev->cac_done_chandef, chandef, 1139 sizeof(struct cfg80211_chan_def)); 1140 queue_work(cfg80211_wq, &rdev->propagate_cac_done_wk); 1141 cfg80211_sched_dfs_chan_update(rdev); 1142 fallthrough; 1143 case NL80211_RADAR_CAC_ABORTED: 1144 wdev->links[link_id].cac_started = false; 1145 break; 1146 case NL80211_RADAR_CAC_STARTED: 1147 wdev->links[link_id].cac_started = true; 1148 break; 1149 default: 1150 WARN_ON(1); 1151 return; 1152 } 1153 1154 nl80211_radar_notify(rdev, chandef, event, netdev, gfp); 1155 } 1156 EXPORT_SYMBOL(cfg80211_cac_event); 1157 1158 static void 1159 __cfg80211_background_cac_event(struct cfg80211_registered_device *rdev, 1160 struct wireless_dev *wdev, 1161 const struct cfg80211_chan_def *chandef, 1162 enum nl80211_radar_event event) 1163 { 1164 struct wiphy *wiphy = &rdev->wiphy; 1165 struct net_device *netdev; 1166 1167 lockdep_assert_wiphy(&rdev->wiphy); 1168 1169 if (!cfg80211_chandef_valid(chandef)) 1170 return; 1171 1172 if (!rdev->background_radar_wdev) 1173 return; 1174 1175 switch (event) { 1176 case NL80211_RADAR_CAC_FINISHED: 1177 cfg80211_set_dfs_state(wiphy, chandef, NL80211_DFS_AVAILABLE); 1178 memcpy(&rdev->cac_done_chandef, chandef, sizeof(*chandef)); 1179 queue_work(cfg80211_wq, &rdev->propagate_cac_done_wk); 1180 cfg80211_sched_dfs_chan_update(rdev); 1181 wdev = rdev->background_radar_wdev; 1182 break; 1183 case NL80211_RADAR_CAC_ABORTED: 1184 if (!cancel_delayed_work(&rdev->background_cac_done_wk)) 1185 return; 1186 wdev = rdev->background_radar_wdev; 1187 break; 1188 case NL80211_RADAR_CAC_STARTED: 1189 break; 1190 default: 1191 return; 1192 } 1193 1194 netdev = wdev ? wdev->netdev : NULL; 1195 nl80211_radar_notify(rdev, chandef, event, netdev, GFP_KERNEL); 1196 } 1197 1198 static void 1199 cfg80211_background_cac_event(struct cfg80211_registered_device *rdev, 1200 const struct cfg80211_chan_def *chandef, 1201 enum nl80211_radar_event event) 1202 { 1203 guard(wiphy)(&rdev->wiphy); 1204 1205 __cfg80211_background_cac_event(rdev, rdev->background_radar_wdev, 1206 chandef, event); 1207 } 1208 1209 void cfg80211_background_cac_done_wk(struct work_struct *work) 1210 { 1211 struct delayed_work *delayed_work = to_delayed_work(work); 1212 struct cfg80211_registered_device *rdev; 1213 1214 rdev = container_of(delayed_work, struct cfg80211_registered_device, 1215 background_cac_done_wk); 1216 cfg80211_background_cac_event(rdev, &rdev->background_radar_chandef, 1217 NL80211_RADAR_CAC_FINISHED); 1218 } 1219 1220 void cfg80211_background_cac_abort_wk(struct work_struct *work) 1221 { 1222 struct cfg80211_registered_device *rdev; 1223 1224 rdev = container_of(work, struct cfg80211_registered_device, 1225 background_cac_abort_wk); 1226 cfg80211_background_cac_event(rdev, &rdev->background_radar_chandef, 1227 NL80211_RADAR_CAC_ABORTED); 1228 } 1229 1230 void cfg80211_background_cac_abort(struct wiphy *wiphy) 1231 { 1232 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); 1233 1234 queue_work(cfg80211_wq, &rdev->background_cac_abort_wk); 1235 } 1236 EXPORT_SYMBOL(cfg80211_background_cac_abort); 1237 1238 int 1239 cfg80211_start_background_radar_detection(struct cfg80211_registered_device *rdev, 1240 struct wireless_dev *wdev, 1241 struct cfg80211_chan_def *chandef) 1242 { 1243 unsigned int cac_time_ms; 1244 int err; 1245 1246 lockdep_assert_wiphy(&rdev->wiphy); 1247 1248 if (!wiphy_ext_feature_isset(&rdev->wiphy, 1249 NL80211_EXT_FEATURE_RADAR_BACKGROUND)) 1250 return -EOPNOTSUPP; 1251 1252 /* Offchannel chain already locked by another wdev */ 1253 if (rdev->background_radar_wdev && rdev->background_radar_wdev != wdev) 1254 return -EBUSY; 1255 1256 /* CAC already in progress on the offchannel chain */ 1257 if (rdev->background_radar_wdev == wdev && 1258 delayed_work_pending(&rdev->background_cac_done_wk)) 1259 return -EBUSY; 1260 1261 err = rdev_set_radar_background(rdev, chandef); 1262 if (err) 1263 return err; 1264 1265 cac_time_ms = cfg80211_chandef_dfs_cac_time(&rdev->wiphy, chandef); 1266 if (!cac_time_ms) 1267 cac_time_ms = IEEE80211_DFS_MIN_CAC_TIME_MS; 1268 1269 rdev->background_radar_chandef = *chandef; 1270 rdev->background_radar_wdev = wdev; /* Get offchain ownership */ 1271 1272 __cfg80211_background_cac_event(rdev, wdev, chandef, 1273 NL80211_RADAR_CAC_STARTED); 1274 queue_delayed_work(cfg80211_wq, &rdev->background_cac_done_wk, 1275 msecs_to_jiffies(cac_time_ms)); 1276 1277 return 0; 1278 } 1279 1280 void cfg80211_stop_background_radar_detection(struct wireless_dev *wdev) 1281 { 1282 struct wiphy *wiphy = wdev->wiphy; 1283 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); 1284 1285 lockdep_assert_wiphy(wiphy); 1286 1287 if (wdev != rdev->background_radar_wdev) 1288 return; 1289 1290 rdev_set_radar_background(rdev, NULL); 1291 rdev->background_radar_wdev = NULL; /* Release offchain ownership */ 1292 1293 __cfg80211_background_cac_event(rdev, wdev, 1294 &rdev->background_radar_chandef, 1295 NL80211_RADAR_CAC_ABORTED); 1296 } 1297 1298 int cfg80211_assoc_ml_reconf(struct cfg80211_registered_device *rdev, 1299 struct net_device *dev, 1300 struct cfg80211_assoc_link *links, 1301 u16 rem_links) 1302 { 1303 struct wireless_dev *wdev = dev->ieee80211_ptr; 1304 int err; 1305 1306 lockdep_assert_wiphy(wdev->wiphy); 1307 1308 err = rdev_assoc_ml_reconf(rdev, dev, links, rem_links); 1309 if (!err) { 1310 int link_id; 1311 1312 for (link_id = 0; link_id < IEEE80211_MLD_MAX_NUM_LINKS; 1313 link_id++) { 1314 if (!links[link_id].bss) 1315 continue; 1316 1317 cfg80211_ref_bss(&rdev->wiphy, links[link_id].bss); 1318 cfg80211_hold_bss(bss_from_pub(links[link_id].bss)); 1319 } 1320 } 1321 1322 return err; 1323 } 1324 1325 void cfg80211_mlo_reconf_add_done(struct net_device *dev, 1326 struct cfg80211_mlo_reconf_done_data *data) 1327 { 1328 struct wireless_dev *wdev = dev->ieee80211_ptr; 1329 struct wiphy *wiphy = wdev->wiphy; 1330 int link_id; 1331 1332 lockdep_assert_wiphy(wiphy); 1333 1334 trace_cfg80211_mlo_reconf_add_done(dev, data->added_links, 1335 data->buf, data->len); 1336 1337 if (WARN_ON(!wdev->valid_links)) 1338 return; 1339 1340 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION && 1341 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)) 1342 return; 1343 1344 /* validate that a BSS is given for each added link */ 1345 for (link_id = 0; link_id < ARRAY_SIZE(data->links); link_id++) { 1346 struct cfg80211_bss *bss = data->links[link_id].bss; 1347 1348 if (!(data->added_links & BIT(link_id))) 1349 continue; 1350 1351 if (WARN_ON(!bss)) 1352 return; 1353 } 1354 1355 for (link_id = 0; link_id < ARRAY_SIZE(data->links); link_id++) { 1356 struct cfg80211_bss *bss = data->links[link_id].bss; 1357 1358 if (!bss) 1359 continue; 1360 1361 if (data->added_links & BIT(link_id)) { 1362 wdev->links[link_id].client.current_bss = 1363 bss_from_pub(bss); 1364 } else { 1365 cfg80211_unhold_bss(bss_from_pub(bss)); 1366 cfg80211_put_bss(wiphy, bss); 1367 } 1368 } 1369 1370 wdev->valid_links |= data->added_links; 1371 nl80211_mlo_reconf_add_done(dev, data); 1372 } 1373 EXPORT_SYMBOL(cfg80211_mlo_reconf_add_done); 1374