1 /* 2 * cfg80211 MLME SAP interface 3 * 4 * Copyright (c) 2009, Jouni Malinen <j@w1.fi> 5 */ 6 7 #include <linux/kernel.h> 8 #include <linux/module.h> 9 #include <linux/etherdevice.h> 10 #include <linux/netdevice.h> 11 #include <linux/nl80211.h> 12 #include <linux/slab.h> 13 #include <linux/wireless.h> 14 #include <net/cfg80211.h> 15 #include <net/iw_handler.h> 16 #include "core.h" 17 #include "nl80211.h" 18 19 void cfg80211_send_rx_auth(struct net_device *dev, const u8 *buf, size_t len) 20 { 21 struct wireless_dev *wdev = dev->ieee80211_ptr; 22 struct wiphy *wiphy = wdev->wiphy; 23 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 24 25 wdev_lock(wdev); 26 27 nl80211_send_rx_auth(rdev, dev, buf, len, GFP_KERNEL); 28 cfg80211_sme_rx_auth(dev, buf, len); 29 30 wdev_unlock(wdev); 31 } 32 EXPORT_SYMBOL(cfg80211_send_rx_auth); 33 34 void cfg80211_send_rx_assoc(struct net_device *dev, struct cfg80211_bss *bss, 35 const u8 *buf, size_t len) 36 { 37 u16 status_code; 38 struct wireless_dev *wdev = dev->ieee80211_ptr; 39 struct wiphy *wiphy = wdev->wiphy; 40 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 41 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf; 42 u8 *ie = mgmt->u.assoc_resp.variable; 43 int ieoffs = offsetof(struct ieee80211_mgmt, u.assoc_resp.variable); 44 45 wdev_lock(wdev); 46 47 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code); 48 49 /* 50 * This is a bit of a hack, we don't notify userspace of 51 * a (re-)association reply if we tried to send a reassoc 52 * and got a reject -- we only try again with an assoc 53 * frame instead of reassoc. 54 */ 55 if (status_code != WLAN_STATUS_SUCCESS && wdev->conn && 56 cfg80211_sme_failed_reassoc(wdev)) { 57 cfg80211_put_bss(bss); 58 goto out; 59 } 60 61 nl80211_send_rx_assoc(rdev, dev, buf, len, GFP_KERNEL); 62 63 if (status_code != WLAN_STATUS_SUCCESS && wdev->conn) { 64 cfg80211_sme_failed_assoc(wdev); 65 /* 66 * do not call connect_result() now because the 67 * sme will schedule work that does it later. 68 */ 69 cfg80211_put_bss(bss); 70 goto out; 71 } 72 73 if (!wdev->conn && wdev->sme_state == CFG80211_SME_IDLE) { 74 /* 75 * This is for the userspace SME, the CONNECTING 76 * state will be changed to CONNECTED by 77 * __cfg80211_connect_result() below. 78 */ 79 wdev->sme_state = CFG80211_SME_CONNECTING; 80 } 81 82 /* this consumes the bss reference */ 83 __cfg80211_connect_result(dev, mgmt->bssid, NULL, 0, ie, len - ieoffs, 84 status_code, 85 status_code == WLAN_STATUS_SUCCESS, bss); 86 out: 87 wdev_unlock(wdev); 88 } 89 EXPORT_SYMBOL(cfg80211_send_rx_assoc); 90 91 void __cfg80211_send_deauth(struct net_device *dev, 92 const u8 *buf, size_t len) 93 { 94 struct wireless_dev *wdev = dev->ieee80211_ptr; 95 struct wiphy *wiphy = wdev->wiphy; 96 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 97 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf; 98 const u8 *bssid = mgmt->bssid; 99 bool was_current = false; 100 101 ASSERT_WDEV_LOCK(wdev); 102 103 if (wdev->current_bss && 104 ether_addr_equal(wdev->current_bss->pub.bssid, bssid)) { 105 cfg80211_unhold_bss(wdev->current_bss); 106 cfg80211_put_bss(&wdev->current_bss->pub); 107 wdev->current_bss = NULL; 108 was_current = true; 109 } 110 111 nl80211_send_deauth(rdev, dev, buf, len, GFP_KERNEL); 112 113 if (wdev->sme_state == CFG80211_SME_CONNECTED && was_current) { 114 u16 reason_code; 115 bool from_ap; 116 117 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code); 118 119 from_ap = !ether_addr_equal(mgmt->sa, dev->dev_addr); 120 __cfg80211_disconnected(dev, NULL, 0, reason_code, from_ap); 121 } else if (wdev->sme_state == CFG80211_SME_CONNECTING) { 122 __cfg80211_connect_result(dev, mgmt->bssid, NULL, 0, NULL, 0, 123 WLAN_STATUS_UNSPECIFIED_FAILURE, 124 false, NULL); 125 } 126 } 127 EXPORT_SYMBOL(__cfg80211_send_deauth); 128 129 void cfg80211_send_deauth(struct net_device *dev, const u8 *buf, size_t len) 130 { 131 struct wireless_dev *wdev = dev->ieee80211_ptr; 132 133 wdev_lock(wdev); 134 __cfg80211_send_deauth(dev, buf, len); 135 wdev_unlock(wdev); 136 } 137 EXPORT_SYMBOL(cfg80211_send_deauth); 138 139 void __cfg80211_send_disassoc(struct net_device *dev, 140 const u8 *buf, size_t len) 141 { 142 struct wireless_dev *wdev = dev->ieee80211_ptr; 143 struct wiphy *wiphy = wdev->wiphy; 144 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 145 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf; 146 const u8 *bssid = mgmt->bssid; 147 u16 reason_code; 148 bool from_ap; 149 150 ASSERT_WDEV_LOCK(wdev); 151 152 nl80211_send_disassoc(rdev, dev, buf, len, GFP_KERNEL); 153 154 if (wdev->sme_state != CFG80211_SME_CONNECTED) 155 return; 156 157 if (wdev->current_bss && 158 ether_addr_equal(wdev->current_bss->pub.bssid, bssid)) { 159 cfg80211_sme_disassoc(dev, wdev->current_bss); 160 cfg80211_unhold_bss(wdev->current_bss); 161 cfg80211_put_bss(&wdev->current_bss->pub); 162 wdev->current_bss = NULL; 163 } else 164 WARN_ON(1); 165 166 167 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); 168 169 from_ap = !ether_addr_equal(mgmt->sa, dev->dev_addr); 170 __cfg80211_disconnected(dev, NULL, 0, reason_code, from_ap); 171 } 172 EXPORT_SYMBOL(__cfg80211_send_disassoc); 173 174 void cfg80211_send_disassoc(struct net_device *dev, const u8 *buf, size_t len) 175 { 176 struct wireless_dev *wdev = dev->ieee80211_ptr; 177 178 wdev_lock(wdev); 179 __cfg80211_send_disassoc(dev, buf, len); 180 wdev_unlock(wdev); 181 } 182 EXPORT_SYMBOL(cfg80211_send_disassoc); 183 184 void cfg80211_send_unprot_deauth(struct net_device *dev, const u8 *buf, 185 size_t len) 186 { 187 struct wireless_dev *wdev = dev->ieee80211_ptr; 188 struct wiphy *wiphy = wdev->wiphy; 189 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 190 191 nl80211_send_unprot_deauth(rdev, dev, buf, len, GFP_ATOMIC); 192 } 193 EXPORT_SYMBOL(cfg80211_send_unprot_deauth); 194 195 void cfg80211_send_unprot_disassoc(struct net_device *dev, const u8 *buf, 196 size_t len) 197 { 198 struct wireless_dev *wdev = dev->ieee80211_ptr; 199 struct wiphy *wiphy = wdev->wiphy; 200 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 201 202 nl80211_send_unprot_disassoc(rdev, dev, buf, len, GFP_ATOMIC); 203 } 204 EXPORT_SYMBOL(cfg80211_send_unprot_disassoc); 205 206 void cfg80211_send_auth_timeout(struct net_device *dev, const u8 *addr) 207 { 208 struct wireless_dev *wdev = dev->ieee80211_ptr; 209 struct wiphy *wiphy = wdev->wiphy; 210 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 211 212 wdev_lock(wdev); 213 214 nl80211_send_auth_timeout(rdev, dev, addr, GFP_KERNEL); 215 if (wdev->sme_state == CFG80211_SME_CONNECTING) 216 __cfg80211_connect_result(dev, addr, NULL, 0, NULL, 0, 217 WLAN_STATUS_UNSPECIFIED_FAILURE, 218 false, NULL); 219 220 wdev_unlock(wdev); 221 } 222 EXPORT_SYMBOL(cfg80211_send_auth_timeout); 223 224 void cfg80211_send_assoc_timeout(struct net_device *dev, const u8 *addr) 225 { 226 struct wireless_dev *wdev = dev->ieee80211_ptr; 227 struct wiphy *wiphy = wdev->wiphy; 228 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 229 230 wdev_lock(wdev); 231 232 nl80211_send_assoc_timeout(rdev, dev, addr, GFP_KERNEL); 233 if (wdev->sme_state == CFG80211_SME_CONNECTING) 234 __cfg80211_connect_result(dev, addr, NULL, 0, NULL, 0, 235 WLAN_STATUS_UNSPECIFIED_FAILURE, 236 false, NULL); 237 238 wdev_unlock(wdev); 239 } 240 EXPORT_SYMBOL(cfg80211_send_assoc_timeout); 241 242 void cfg80211_michael_mic_failure(struct net_device *dev, const u8 *addr, 243 enum nl80211_key_type key_type, int key_id, 244 const u8 *tsc, gfp_t gfp) 245 { 246 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 247 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 248 #ifdef CONFIG_CFG80211_WEXT 249 union iwreq_data wrqu; 250 char *buf = kmalloc(128, gfp); 251 252 if (buf) { 253 sprintf(buf, "MLME-MICHAELMICFAILURE.indication(" 254 "keyid=%d %scast addr=%pM)", key_id, 255 key_type == NL80211_KEYTYPE_GROUP ? "broad" : "uni", 256 addr); 257 memset(&wrqu, 0, sizeof(wrqu)); 258 wrqu.data.length = strlen(buf); 259 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf); 260 kfree(buf); 261 } 262 #endif 263 264 nl80211_michael_mic_failure(rdev, dev, addr, key_type, key_id, tsc, gfp); 265 } 266 EXPORT_SYMBOL(cfg80211_michael_mic_failure); 267 268 /* some MLME handling for userspace SME */ 269 int __cfg80211_mlme_auth(struct cfg80211_registered_device *rdev, 270 struct net_device *dev, 271 struct ieee80211_channel *chan, 272 enum nl80211_auth_type auth_type, 273 const u8 *bssid, 274 const u8 *ssid, int ssid_len, 275 const u8 *ie, int ie_len, 276 const u8 *key, int key_len, int key_idx) 277 { 278 struct wireless_dev *wdev = dev->ieee80211_ptr; 279 struct cfg80211_auth_request req; 280 int err; 281 282 ASSERT_WDEV_LOCK(wdev); 283 284 if (auth_type == NL80211_AUTHTYPE_SHARED_KEY) 285 if (!key || !key_len || key_idx < 0 || key_idx > 4) 286 return -EINVAL; 287 288 if (wdev->current_bss && 289 ether_addr_equal(bssid, wdev->current_bss->pub.bssid)) 290 return -EALREADY; 291 292 memset(&req, 0, sizeof(req)); 293 294 req.ie = ie; 295 req.ie_len = ie_len; 296 req.auth_type = auth_type; 297 req.bss = cfg80211_get_bss(&rdev->wiphy, chan, bssid, ssid, ssid_len, 298 WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS); 299 req.key = key; 300 req.key_len = key_len; 301 req.key_idx = key_idx; 302 if (!req.bss) 303 return -ENOENT; 304 305 err = cfg80211_can_use_chan(rdev, wdev, req.bss->channel, 306 CHAN_MODE_SHARED); 307 if (err) 308 goto out; 309 310 err = rdev->ops->auth(&rdev->wiphy, dev, &req); 311 312 out: 313 cfg80211_put_bss(req.bss); 314 return err; 315 } 316 317 int cfg80211_mlme_auth(struct cfg80211_registered_device *rdev, 318 struct net_device *dev, struct ieee80211_channel *chan, 319 enum nl80211_auth_type auth_type, const u8 *bssid, 320 const u8 *ssid, int ssid_len, 321 const u8 *ie, int ie_len, 322 const u8 *key, int key_len, int key_idx) 323 { 324 int err; 325 326 mutex_lock(&rdev->devlist_mtx); 327 wdev_lock(dev->ieee80211_ptr); 328 err = __cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid, 329 ssid, ssid_len, ie, ie_len, 330 key, key_len, key_idx); 331 wdev_unlock(dev->ieee80211_ptr); 332 mutex_unlock(&rdev->devlist_mtx); 333 334 return err; 335 } 336 337 /* Do a logical ht_capa &= ht_capa_mask. */ 338 void cfg80211_oper_and_ht_capa(struct ieee80211_ht_cap *ht_capa, 339 const struct ieee80211_ht_cap *ht_capa_mask) 340 { 341 int i; 342 u8 *p1, *p2; 343 if (!ht_capa_mask) { 344 memset(ht_capa, 0, sizeof(*ht_capa)); 345 return; 346 } 347 348 p1 = (u8*)(ht_capa); 349 p2 = (u8*)(ht_capa_mask); 350 for (i = 0; i<sizeof(*ht_capa); i++) 351 p1[i] &= p2[i]; 352 } 353 354 int __cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev, 355 struct net_device *dev, 356 struct ieee80211_channel *chan, 357 const u8 *bssid, const u8 *prev_bssid, 358 const u8 *ssid, int ssid_len, 359 const u8 *ie, int ie_len, bool use_mfp, 360 struct cfg80211_crypto_settings *crypt, 361 u32 assoc_flags, struct ieee80211_ht_cap *ht_capa, 362 struct ieee80211_ht_cap *ht_capa_mask) 363 { 364 struct wireless_dev *wdev = dev->ieee80211_ptr; 365 struct cfg80211_assoc_request req; 366 int err; 367 bool was_connected = false; 368 369 ASSERT_WDEV_LOCK(wdev); 370 371 memset(&req, 0, sizeof(req)); 372 373 if (wdev->current_bss && prev_bssid && 374 ether_addr_equal(wdev->current_bss->pub.bssid, prev_bssid)) { 375 /* 376 * Trying to reassociate: Allow this to proceed and let the old 377 * association to be dropped when the new one is completed. 378 */ 379 if (wdev->sme_state == CFG80211_SME_CONNECTED) { 380 was_connected = true; 381 wdev->sme_state = CFG80211_SME_CONNECTING; 382 } 383 } else if (wdev->current_bss) 384 return -EALREADY; 385 386 req.ie = ie; 387 req.ie_len = ie_len; 388 memcpy(&req.crypto, crypt, sizeof(req.crypto)); 389 req.use_mfp = use_mfp; 390 req.prev_bssid = prev_bssid; 391 req.flags = assoc_flags; 392 if (ht_capa) 393 memcpy(&req.ht_capa, ht_capa, sizeof(req.ht_capa)); 394 if (ht_capa_mask) 395 memcpy(&req.ht_capa_mask, ht_capa_mask, 396 sizeof(req.ht_capa_mask)); 397 cfg80211_oper_and_ht_capa(&req.ht_capa_mask, 398 rdev->wiphy.ht_capa_mod_mask); 399 400 req.bss = cfg80211_get_bss(&rdev->wiphy, chan, bssid, ssid, ssid_len, 401 WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS); 402 if (!req.bss) { 403 if (was_connected) 404 wdev->sme_state = CFG80211_SME_CONNECTED; 405 return -ENOENT; 406 } 407 408 err = cfg80211_can_use_chan(rdev, wdev, req.bss->channel, 409 CHAN_MODE_SHARED); 410 if (err) 411 goto out; 412 413 err = rdev->ops->assoc(&rdev->wiphy, dev, &req); 414 415 out: 416 if (err) { 417 if (was_connected) 418 wdev->sme_state = CFG80211_SME_CONNECTED; 419 cfg80211_put_bss(req.bss); 420 } 421 422 return err; 423 } 424 425 int cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev, 426 struct net_device *dev, 427 struct ieee80211_channel *chan, 428 const u8 *bssid, const u8 *prev_bssid, 429 const u8 *ssid, int ssid_len, 430 const u8 *ie, int ie_len, bool use_mfp, 431 struct cfg80211_crypto_settings *crypt, 432 u32 assoc_flags, struct ieee80211_ht_cap *ht_capa, 433 struct ieee80211_ht_cap *ht_capa_mask) 434 { 435 struct wireless_dev *wdev = dev->ieee80211_ptr; 436 int err; 437 438 mutex_lock(&rdev->devlist_mtx); 439 wdev_lock(wdev); 440 err = __cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid, 441 ssid, ssid_len, ie, ie_len, use_mfp, crypt, 442 assoc_flags, ht_capa, ht_capa_mask); 443 wdev_unlock(wdev); 444 mutex_unlock(&rdev->devlist_mtx); 445 446 return err; 447 } 448 449 int __cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, 450 struct net_device *dev, const u8 *bssid, 451 const u8 *ie, int ie_len, u16 reason, 452 bool local_state_change) 453 { 454 struct wireless_dev *wdev = dev->ieee80211_ptr; 455 struct cfg80211_deauth_request req = { 456 .bssid = bssid, 457 .reason_code = reason, 458 .ie = ie, 459 .ie_len = ie_len, 460 }; 461 462 ASSERT_WDEV_LOCK(wdev); 463 464 if (local_state_change) { 465 if (wdev->current_bss && 466 ether_addr_equal(wdev->current_bss->pub.bssid, bssid)) { 467 cfg80211_unhold_bss(wdev->current_bss); 468 cfg80211_put_bss(&wdev->current_bss->pub); 469 wdev->current_bss = NULL; 470 } 471 472 return 0; 473 } 474 475 return rdev->ops->deauth(&rdev->wiphy, dev, &req); 476 } 477 478 int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, 479 struct net_device *dev, const u8 *bssid, 480 const u8 *ie, int ie_len, u16 reason, 481 bool local_state_change) 482 { 483 struct wireless_dev *wdev = dev->ieee80211_ptr; 484 int err; 485 486 wdev_lock(wdev); 487 err = __cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason, 488 local_state_change); 489 wdev_unlock(wdev); 490 491 return err; 492 } 493 494 static int __cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev, 495 struct net_device *dev, const u8 *bssid, 496 const u8 *ie, int ie_len, u16 reason, 497 bool local_state_change) 498 { 499 struct wireless_dev *wdev = dev->ieee80211_ptr; 500 struct cfg80211_disassoc_request req; 501 502 ASSERT_WDEV_LOCK(wdev); 503 504 if (wdev->sme_state != CFG80211_SME_CONNECTED) 505 return -ENOTCONN; 506 507 if (WARN_ON(!wdev->current_bss)) 508 return -ENOTCONN; 509 510 memset(&req, 0, sizeof(req)); 511 req.reason_code = reason; 512 req.local_state_change = local_state_change; 513 req.ie = ie; 514 req.ie_len = ie_len; 515 if (ether_addr_equal(wdev->current_bss->pub.bssid, bssid)) 516 req.bss = &wdev->current_bss->pub; 517 else 518 return -ENOTCONN; 519 520 return rdev->ops->disassoc(&rdev->wiphy, dev, &req); 521 } 522 523 int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev, 524 struct net_device *dev, const u8 *bssid, 525 const u8 *ie, int ie_len, u16 reason, 526 bool local_state_change) 527 { 528 struct wireless_dev *wdev = dev->ieee80211_ptr; 529 int err; 530 531 wdev_lock(wdev); 532 err = __cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason, 533 local_state_change); 534 wdev_unlock(wdev); 535 536 return err; 537 } 538 539 void cfg80211_mlme_down(struct cfg80211_registered_device *rdev, 540 struct net_device *dev) 541 { 542 struct wireless_dev *wdev = dev->ieee80211_ptr; 543 struct cfg80211_deauth_request req; 544 u8 bssid[ETH_ALEN]; 545 546 ASSERT_WDEV_LOCK(wdev); 547 548 if (!rdev->ops->deauth) 549 return; 550 551 memset(&req, 0, sizeof(req)); 552 req.reason_code = WLAN_REASON_DEAUTH_LEAVING; 553 req.ie = NULL; 554 req.ie_len = 0; 555 556 if (!wdev->current_bss) 557 return; 558 559 memcpy(bssid, wdev->current_bss->pub.bssid, ETH_ALEN); 560 req.bssid = bssid; 561 rdev->ops->deauth(&rdev->wiphy, dev, &req); 562 563 if (wdev->current_bss) { 564 cfg80211_unhold_bss(wdev->current_bss); 565 cfg80211_put_bss(&wdev->current_bss->pub); 566 wdev->current_bss = NULL; 567 } 568 } 569 570 void cfg80211_ready_on_channel(struct wireless_dev *wdev, u64 cookie, 571 struct ieee80211_channel *chan, 572 enum nl80211_channel_type channel_type, 573 unsigned int duration, gfp_t gfp) 574 { 575 struct wiphy *wiphy = wdev->wiphy; 576 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 577 578 nl80211_send_remain_on_channel(rdev, wdev, cookie, chan, channel_type, 579 duration, gfp); 580 } 581 EXPORT_SYMBOL(cfg80211_ready_on_channel); 582 583 void cfg80211_remain_on_channel_expired(struct wireless_dev *wdev, u64 cookie, 584 struct ieee80211_channel *chan, 585 enum nl80211_channel_type channel_type, 586 gfp_t gfp) 587 { 588 struct wiphy *wiphy = wdev->wiphy; 589 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 590 591 nl80211_send_remain_on_channel_cancel(rdev, wdev, cookie, chan, 592 channel_type, gfp); 593 } 594 EXPORT_SYMBOL(cfg80211_remain_on_channel_expired); 595 596 void cfg80211_new_sta(struct net_device *dev, const u8 *mac_addr, 597 struct station_info *sinfo, gfp_t gfp) 598 { 599 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 600 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 601 602 nl80211_send_sta_event(rdev, dev, mac_addr, sinfo, gfp); 603 } 604 EXPORT_SYMBOL(cfg80211_new_sta); 605 606 void cfg80211_del_sta(struct net_device *dev, const u8 *mac_addr, gfp_t gfp) 607 { 608 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 609 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 610 611 nl80211_send_sta_del_event(rdev, dev, mac_addr, gfp); 612 } 613 EXPORT_SYMBOL(cfg80211_del_sta); 614 615 void cfg80211_conn_failed(struct net_device *dev, const u8 *mac_addr, 616 enum nl80211_connect_failed_reason reason, 617 gfp_t gfp) 618 { 619 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; 620 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 621 622 nl80211_send_conn_failed_event(rdev, dev, mac_addr, reason, gfp); 623 } 624 EXPORT_SYMBOL(cfg80211_conn_failed); 625 626 struct cfg80211_mgmt_registration { 627 struct list_head list; 628 629 u32 nlportid; 630 631 int match_len; 632 633 __le16 frame_type; 634 635 u8 match[]; 636 }; 637 638 int cfg80211_mlme_register_mgmt(struct wireless_dev *wdev, u32 snd_portid, 639 u16 frame_type, const u8 *match_data, 640 int match_len) 641 { 642 struct wiphy *wiphy = wdev->wiphy; 643 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 644 struct cfg80211_mgmt_registration *reg, *nreg; 645 int err = 0; 646 u16 mgmt_type; 647 648 if (!wdev->wiphy->mgmt_stypes) 649 return -EOPNOTSUPP; 650 651 if ((frame_type & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT) 652 return -EINVAL; 653 654 if (frame_type & ~(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE)) 655 return -EINVAL; 656 657 mgmt_type = (frame_type & IEEE80211_FCTL_STYPE) >> 4; 658 if (!(wdev->wiphy->mgmt_stypes[wdev->iftype].rx & BIT(mgmt_type))) 659 return -EINVAL; 660 661 nreg = kzalloc(sizeof(*reg) + match_len, GFP_KERNEL); 662 if (!nreg) 663 return -ENOMEM; 664 665 spin_lock_bh(&wdev->mgmt_registrations_lock); 666 667 list_for_each_entry(reg, &wdev->mgmt_registrations, list) { 668 int mlen = min(match_len, reg->match_len); 669 670 if (frame_type != le16_to_cpu(reg->frame_type)) 671 continue; 672 673 if (memcmp(reg->match, match_data, mlen) == 0) { 674 err = -EALREADY; 675 break; 676 } 677 } 678 679 if (err) { 680 kfree(nreg); 681 goto out; 682 } 683 684 memcpy(nreg->match, match_data, match_len); 685 nreg->match_len = match_len; 686 nreg->nlportid = snd_portid; 687 nreg->frame_type = cpu_to_le16(frame_type); 688 list_add(&nreg->list, &wdev->mgmt_registrations); 689 690 if (rdev->ops->mgmt_frame_register) 691 rdev->ops->mgmt_frame_register(wiphy, wdev, frame_type, true); 692 693 out: 694 spin_unlock_bh(&wdev->mgmt_registrations_lock); 695 696 return err; 697 } 698 699 void cfg80211_mlme_unregister_socket(struct wireless_dev *wdev, u32 nlportid) 700 { 701 struct wiphy *wiphy = wdev->wiphy; 702 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 703 struct cfg80211_mgmt_registration *reg, *tmp; 704 705 spin_lock_bh(&wdev->mgmt_registrations_lock); 706 707 list_for_each_entry_safe(reg, tmp, &wdev->mgmt_registrations, list) { 708 if (reg->nlportid != nlportid) 709 continue; 710 711 if (rdev->ops->mgmt_frame_register) { 712 u16 frame_type = le16_to_cpu(reg->frame_type); 713 714 rdev->ops->mgmt_frame_register(wiphy, wdev, 715 frame_type, false); 716 } 717 718 list_del(®->list); 719 kfree(reg); 720 } 721 722 spin_unlock_bh(&wdev->mgmt_registrations_lock); 723 724 if (nlportid == wdev->ap_unexpected_nlportid) 725 wdev->ap_unexpected_nlportid = 0; 726 } 727 728 void cfg80211_mlme_purge_registrations(struct wireless_dev *wdev) 729 { 730 struct cfg80211_mgmt_registration *reg, *tmp; 731 732 spin_lock_bh(&wdev->mgmt_registrations_lock); 733 734 list_for_each_entry_safe(reg, tmp, &wdev->mgmt_registrations, list) { 735 list_del(®->list); 736 kfree(reg); 737 } 738 739 spin_unlock_bh(&wdev->mgmt_registrations_lock); 740 } 741 742 int cfg80211_mlme_mgmt_tx(struct cfg80211_registered_device *rdev, 743 struct wireless_dev *wdev, 744 struct ieee80211_channel *chan, bool offchan, 745 enum nl80211_channel_type channel_type, 746 bool channel_type_valid, unsigned int wait, 747 const u8 *buf, size_t len, bool no_cck, 748 bool dont_wait_for_ack, u64 *cookie) 749 { 750 const struct ieee80211_mgmt *mgmt; 751 u16 stype; 752 753 if (!wdev->wiphy->mgmt_stypes) 754 return -EOPNOTSUPP; 755 756 if (!rdev->ops->mgmt_tx) 757 return -EOPNOTSUPP; 758 759 if (len < 24 + 1) 760 return -EINVAL; 761 762 mgmt = (const struct ieee80211_mgmt *) buf; 763 764 if (!ieee80211_is_mgmt(mgmt->frame_control)) 765 return -EINVAL; 766 767 stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE; 768 if (!(wdev->wiphy->mgmt_stypes[wdev->iftype].tx & BIT(stype >> 4))) 769 return -EINVAL; 770 771 if (ieee80211_is_action(mgmt->frame_control) && 772 mgmt->u.action.category != WLAN_CATEGORY_PUBLIC) { 773 int err = 0; 774 775 wdev_lock(wdev); 776 777 switch (wdev->iftype) { 778 case NL80211_IFTYPE_ADHOC: 779 case NL80211_IFTYPE_STATION: 780 case NL80211_IFTYPE_P2P_CLIENT: 781 if (!wdev->current_bss) { 782 err = -ENOTCONN; 783 break; 784 } 785 786 if (!ether_addr_equal(wdev->current_bss->pub.bssid, 787 mgmt->bssid)) { 788 err = -ENOTCONN; 789 break; 790 } 791 792 /* 793 * check for IBSS DA must be done by driver as 794 * cfg80211 doesn't track the stations 795 */ 796 if (wdev->iftype == NL80211_IFTYPE_ADHOC) 797 break; 798 799 /* for station, check that DA is the AP */ 800 if (!ether_addr_equal(wdev->current_bss->pub.bssid, 801 mgmt->da)) { 802 err = -ENOTCONN; 803 break; 804 } 805 break; 806 case NL80211_IFTYPE_AP: 807 case NL80211_IFTYPE_P2P_GO: 808 case NL80211_IFTYPE_AP_VLAN: 809 if (!ether_addr_equal(mgmt->bssid, wdev_address(wdev))) 810 err = -EINVAL; 811 break; 812 case NL80211_IFTYPE_MESH_POINT: 813 if (!ether_addr_equal(mgmt->sa, mgmt->bssid)) { 814 err = -EINVAL; 815 break; 816 } 817 /* 818 * check for mesh DA must be done by driver as 819 * cfg80211 doesn't track the stations 820 */ 821 break; 822 case NL80211_IFTYPE_P2P_DEVICE: 823 /* 824 * fall through, P2P device only supports 825 * public action frames 826 */ 827 default: 828 err = -EOPNOTSUPP; 829 break; 830 } 831 wdev_unlock(wdev); 832 833 if (err) 834 return err; 835 } 836 837 if (!ether_addr_equal(mgmt->sa, wdev_address(wdev))) 838 return -EINVAL; 839 840 /* Transmit the Action frame as requested by user space */ 841 return rdev->ops->mgmt_tx(&rdev->wiphy, wdev, chan, offchan, 842 channel_type, channel_type_valid, 843 wait, buf, len, no_cck, dont_wait_for_ack, 844 cookie); 845 } 846 847 bool cfg80211_rx_mgmt(struct wireless_dev *wdev, int freq, int sig_mbm, 848 const u8 *buf, size_t len, gfp_t gfp) 849 { 850 struct wiphy *wiphy = wdev->wiphy; 851 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 852 struct cfg80211_mgmt_registration *reg; 853 const struct ieee80211_txrx_stypes *stypes = 854 &wiphy->mgmt_stypes[wdev->iftype]; 855 struct ieee80211_mgmt *mgmt = (void *)buf; 856 const u8 *data; 857 int data_len; 858 bool result = false; 859 __le16 ftype = mgmt->frame_control & 860 cpu_to_le16(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE); 861 u16 stype; 862 863 stype = (le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE) >> 4; 864 865 if (!(stypes->rx & BIT(stype))) 866 return false; 867 868 data = buf + ieee80211_hdrlen(mgmt->frame_control); 869 data_len = len - ieee80211_hdrlen(mgmt->frame_control); 870 871 spin_lock_bh(&wdev->mgmt_registrations_lock); 872 873 list_for_each_entry(reg, &wdev->mgmt_registrations, list) { 874 if (reg->frame_type != ftype) 875 continue; 876 877 if (reg->match_len > data_len) 878 continue; 879 880 if (memcmp(reg->match, data, reg->match_len)) 881 continue; 882 883 /* found match! */ 884 885 /* Indicate the received Action frame to user space */ 886 if (nl80211_send_mgmt(rdev, wdev, reg->nlportid, 887 freq, sig_mbm, 888 buf, len, gfp)) 889 continue; 890 891 result = true; 892 break; 893 } 894 895 spin_unlock_bh(&wdev->mgmt_registrations_lock); 896 897 return result; 898 } 899 EXPORT_SYMBOL(cfg80211_rx_mgmt); 900 901 void cfg80211_mgmt_tx_status(struct wireless_dev *wdev, u64 cookie, 902 const u8 *buf, size_t len, bool ack, gfp_t gfp) 903 { 904 struct wiphy *wiphy = wdev->wiphy; 905 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 906 907 /* Indicate TX status of the Action frame to user space */ 908 nl80211_send_mgmt_tx_status(rdev, wdev, cookie, buf, len, ack, gfp); 909 } 910 EXPORT_SYMBOL(cfg80211_mgmt_tx_status); 911 912 void cfg80211_cqm_rssi_notify(struct net_device *dev, 913 enum nl80211_cqm_rssi_threshold_event rssi_event, 914 gfp_t gfp) 915 { 916 struct wireless_dev *wdev = dev->ieee80211_ptr; 917 struct wiphy *wiphy = wdev->wiphy; 918 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 919 920 /* Indicate roaming trigger event to user space */ 921 nl80211_send_cqm_rssi_notify(rdev, dev, rssi_event, gfp); 922 } 923 EXPORT_SYMBOL(cfg80211_cqm_rssi_notify); 924 925 void cfg80211_cqm_pktloss_notify(struct net_device *dev, 926 const u8 *peer, u32 num_packets, gfp_t gfp) 927 { 928 struct wireless_dev *wdev = dev->ieee80211_ptr; 929 struct wiphy *wiphy = wdev->wiphy; 930 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 931 932 /* Indicate roaming trigger event to user space */ 933 nl80211_send_cqm_pktloss_notify(rdev, dev, peer, num_packets, gfp); 934 } 935 EXPORT_SYMBOL(cfg80211_cqm_pktloss_notify); 936 937 void cfg80211_cqm_txe_notify(struct net_device *dev, 938 const u8 *peer, u32 num_packets, 939 u32 rate, u32 intvl, gfp_t gfp) 940 { 941 struct wireless_dev *wdev = dev->ieee80211_ptr; 942 struct wiphy *wiphy = wdev->wiphy; 943 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 944 945 nl80211_send_cqm_txe_notify(rdev, dev, peer, num_packets, 946 rate, intvl, gfp); 947 } 948 EXPORT_SYMBOL(cfg80211_cqm_txe_notify); 949 950 void cfg80211_gtk_rekey_notify(struct net_device *dev, const u8 *bssid, 951 const u8 *replay_ctr, gfp_t gfp) 952 { 953 struct wireless_dev *wdev = dev->ieee80211_ptr; 954 struct wiphy *wiphy = wdev->wiphy; 955 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 956 957 nl80211_gtk_rekey_notify(rdev, dev, bssid, replay_ctr, gfp); 958 } 959 EXPORT_SYMBOL(cfg80211_gtk_rekey_notify); 960 961 void cfg80211_pmksa_candidate_notify(struct net_device *dev, int index, 962 const u8 *bssid, bool preauth, gfp_t gfp) 963 { 964 struct wireless_dev *wdev = dev->ieee80211_ptr; 965 struct wiphy *wiphy = wdev->wiphy; 966 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 967 968 nl80211_pmksa_candidate_notify(rdev, dev, index, bssid, preauth, gfp); 969 } 970 EXPORT_SYMBOL(cfg80211_pmksa_candidate_notify); 971 972 void cfg80211_ch_switch_notify(struct net_device *dev, int freq, 973 enum nl80211_channel_type type) 974 { 975 struct wireless_dev *wdev = dev->ieee80211_ptr; 976 struct wiphy *wiphy = wdev->wiphy; 977 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 978 struct ieee80211_channel *chan; 979 980 wdev_lock(wdev); 981 982 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP && 983 wdev->iftype != NL80211_IFTYPE_P2P_GO)) 984 goto out; 985 986 chan = rdev_freq_to_chan(rdev, freq, type); 987 if (WARN_ON(!chan)) 988 goto out; 989 990 wdev->channel = chan; 991 nl80211_ch_switch_notify(rdev, dev, freq, type, GFP_KERNEL); 992 out: 993 wdev_unlock(wdev); 994 return; 995 } 996 EXPORT_SYMBOL(cfg80211_ch_switch_notify); 997 998 bool cfg80211_rx_spurious_frame(struct net_device *dev, 999 const u8 *addr, gfp_t gfp) 1000 { 1001 struct wireless_dev *wdev = dev->ieee80211_ptr; 1002 1003 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP && 1004 wdev->iftype != NL80211_IFTYPE_P2P_GO)) 1005 return false; 1006 1007 return nl80211_unexpected_frame(dev, addr, gfp); 1008 } 1009 EXPORT_SYMBOL(cfg80211_rx_spurious_frame); 1010 1011 bool cfg80211_rx_unexpected_4addr_frame(struct net_device *dev, 1012 const u8 *addr, gfp_t gfp) 1013 { 1014 struct wireless_dev *wdev = dev->ieee80211_ptr; 1015 1016 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP && 1017 wdev->iftype != NL80211_IFTYPE_P2P_GO && 1018 wdev->iftype != NL80211_IFTYPE_AP_VLAN)) 1019 return false; 1020 1021 return nl80211_unexpected_4addr_frame(dev, addr, gfp); 1022 } 1023 EXPORT_SYMBOL(cfg80211_rx_unexpected_4addr_frame); 1024