1 /* 2 * This is the new netlink-based wireless configuration interface. 3 * 4 * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net> 5 */ 6 7 #include <linux/if.h> 8 #include <linux/module.h> 9 #include <linux/err.h> 10 #include <linux/slab.h> 11 #include <linux/list.h> 12 #include <linux/if_ether.h> 13 #include <linux/ieee80211.h> 14 #include <linux/nl80211.h> 15 #include <linux/rtnetlink.h> 16 #include <linux/netlink.h> 17 #include <linux/etherdevice.h> 18 #include <net/net_namespace.h> 19 #include <net/genetlink.h> 20 #include <net/cfg80211.h> 21 #include <net/sock.h> 22 #include "core.h" 23 #include "nl80211.h" 24 #include "reg.h" 25 26 static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type); 27 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, 28 struct genl_info *info, 29 struct cfg80211_crypto_settings *settings, 30 int cipher_limit); 31 32 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb, 33 struct genl_info *info); 34 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb, 35 struct genl_info *info); 36 37 /* the netlink family */ 38 static struct genl_family nl80211_fam = { 39 .id = GENL_ID_GENERATE, /* don't bother with a hardcoded ID */ 40 .name = "nl80211", /* have users key off the name instead */ 41 .hdrsize = 0, /* no private header */ 42 .version = 1, /* no particular meaning now */ 43 .maxattr = NL80211_ATTR_MAX, 44 .netnsok = true, 45 .pre_doit = nl80211_pre_doit, 46 .post_doit = nl80211_post_doit, 47 }; 48 49 /* internal helper: get rdev and dev */ 50 static int get_rdev_dev_by_ifindex(struct net *netns, struct nlattr **attrs, 51 struct cfg80211_registered_device **rdev, 52 struct net_device **dev) 53 { 54 int ifindex; 55 56 if (!attrs[NL80211_ATTR_IFINDEX]) 57 return -EINVAL; 58 59 ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]); 60 *dev = dev_get_by_index(netns, ifindex); 61 if (!*dev) 62 return -ENODEV; 63 64 *rdev = cfg80211_get_dev_from_ifindex(netns, ifindex); 65 if (IS_ERR(*rdev)) { 66 dev_put(*dev); 67 return PTR_ERR(*rdev); 68 } 69 70 return 0; 71 } 72 73 /* policy for the attributes */ 74 static const struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] = { 75 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 }, 76 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING, 77 .len = 20-1 }, 78 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED }, 79 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 }, 80 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 }, 81 [NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 }, 82 [NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 }, 83 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 }, 84 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 }, 85 [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 }, 86 87 [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 }, 88 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 }, 89 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 }, 90 91 [NL80211_ATTR_MAC] = { .len = ETH_ALEN }, 92 [NL80211_ATTR_PREV_BSSID] = { .len = ETH_ALEN }, 93 94 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, }, 95 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY, 96 .len = WLAN_MAX_KEY_LEN }, 97 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 }, 98 [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 }, 99 [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG }, 100 [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 }, 101 [NL80211_ATTR_KEY_TYPE] = { .type = NLA_U32 }, 102 103 [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 }, 104 [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 }, 105 [NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY, 106 .len = IEEE80211_MAX_DATA_LEN }, 107 [NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY, 108 .len = IEEE80211_MAX_DATA_LEN }, 109 [NL80211_ATTR_STA_AID] = { .type = NLA_U16 }, 110 [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED }, 111 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 }, 112 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY, 113 .len = NL80211_MAX_SUPP_RATES }, 114 [NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 }, 115 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 }, 116 [NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ }, 117 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY, 118 .len = IEEE80211_MAX_MESH_ID_LEN }, 119 [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 }, 120 121 [NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 }, 122 [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED }, 123 124 [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 }, 125 [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 }, 126 [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 }, 127 [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY, 128 .len = NL80211_MAX_SUPP_RATES }, 129 [NL80211_ATTR_BSS_HT_OPMODE] = { .type = NLA_U16 }, 130 131 [NL80211_ATTR_MESH_CONFIG] = { .type = NLA_NESTED }, 132 [NL80211_ATTR_SUPPORT_MESH_AUTH] = { .type = NLA_FLAG }, 133 134 [NL80211_ATTR_HT_CAPABILITY] = { .len = NL80211_HT_CAPABILITY_LEN }, 135 136 [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 }, 137 [NL80211_ATTR_IE] = { .type = NLA_BINARY, 138 .len = IEEE80211_MAX_DATA_LEN }, 139 [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED }, 140 [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED }, 141 142 [NL80211_ATTR_SSID] = { .type = NLA_BINARY, 143 .len = IEEE80211_MAX_SSID_LEN }, 144 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 }, 145 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 }, 146 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG }, 147 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG }, 148 [NL80211_ATTR_USE_MFP] = { .type = NLA_U32 }, 149 [NL80211_ATTR_STA_FLAGS2] = { 150 .len = sizeof(struct nl80211_sta_flag_update), 151 }, 152 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG }, 153 [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 }, 154 [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG }, 155 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG }, 156 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 }, 157 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 }, 158 [NL80211_ATTR_PID] = { .type = NLA_U32 }, 159 [NL80211_ATTR_4ADDR] = { .type = NLA_U8 }, 160 [NL80211_ATTR_PMKID] = { .type = NLA_BINARY, 161 .len = WLAN_PMKID_LEN }, 162 [NL80211_ATTR_DURATION] = { .type = NLA_U32 }, 163 [NL80211_ATTR_COOKIE] = { .type = NLA_U64 }, 164 [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED }, 165 [NL80211_ATTR_FRAME] = { .type = NLA_BINARY, 166 .len = IEEE80211_MAX_DATA_LEN }, 167 [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, }, 168 [NL80211_ATTR_PS_STATE] = { .type = NLA_U32 }, 169 [NL80211_ATTR_CQM] = { .type = NLA_NESTED, }, 170 [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG }, 171 [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 }, 172 [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 }, 173 [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 }, 174 [NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 }, 175 [NL80211_ATTR_WIPHY_ANTENNA_TX] = { .type = NLA_U32 }, 176 [NL80211_ATTR_WIPHY_ANTENNA_RX] = { .type = NLA_U32 }, 177 [NL80211_ATTR_MCAST_RATE] = { .type = NLA_U32 }, 178 [NL80211_ATTR_OFFCHANNEL_TX_OK] = { .type = NLA_FLAG }, 179 [NL80211_ATTR_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, 180 [NL80211_ATTR_WOWLAN_TRIGGERS] = { .type = NLA_NESTED }, 181 [NL80211_ATTR_STA_PLINK_STATE] = { .type = NLA_U8 }, 182 [NL80211_ATTR_SCHED_SCAN_INTERVAL] = { .type = NLA_U32 }, 183 [NL80211_ATTR_REKEY_DATA] = { .type = NLA_NESTED }, 184 [NL80211_ATTR_SCAN_SUPP_RATES] = { .type = NLA_NESTED }, 185 [NL80211_ATTR_HIDDEN_SSID] = { .type = NLA_U32 }, 186 [NL80211_ATTR_IE_PROBE_RESP] = { .type = NLA_BINARY, 187 .len = IEEE80211_MAX_DATA_LEN }, 188 [NL80211_ATTR_IE_ASSOC_RESP] = { .type = NLA_BINARY, 189 .len = IEEE80211_MAX_DATA_LEN }, 190 [NL80211_ATTR_ROAM_SUPPORT] = { .type = NLA_FLAG }, 191 [NL80211_ATTR_SCHED_SCAN_MATCH] = { .type = NLA_NESTED }, 192 [NL80211_ATTR_TX_NO_CCK_RATE] = { .type = NLA_FLAG }, 193 [NL80211_ATTR_TDLS_ACTION] = { .type = NLA_U8 }, 194 [NL80211_ATTR_TDLS_DIALOG_TOKEN] = { .type = NLA_U8 }, 195 [NL80211_ATTR_TDLS_OPERATION] = { .type = NLA_U8 }, 196 [NL80211_ATTR_TDLS_SUPPORT] = { .type = NLA_FLAG }, 197 [NL80211_ATTR_TDLS_EXTERNAL_SETUP] = { .type = NLA_FLAG }, 198 [NL80211_ATTR_DONT_WAIT_FOR_ACK] = { .type = NLA_FLAG }, 199 [NL80211_ATTR_PROBE_RESP] = { .type = NLA_BINARY, 200 .len = IEEE80211_MAX_DATA_LEN }, 201 [NL80211_ATTR_DFS_REGION] = { .type = NLA_U8 }, 202 [NL80211_ATTR_DISABLE_HT] = { .type = NLA_FLAG }, 203 [NL80211_ATTR_HT_CAPABILITY_MASK] = { 204 .len = NL80211_HT_CAPABILITY_LEN 205 }, 206 [NL80211_ATTR_NOACK_MAP] = { .type = NLA_U16 }, 207 }; 208 209 /* policy for the key attributes */ 210 static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = { 211 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN }, 212 [NL80211_KEY_IDX] = { .type = NLA_U8 }, 213 [NL80211_KEY_CIPHER] = { .type = NLA_U32 }, 214 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 }, 215 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG }, 216 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG }, 217 [NL80211_KEY_TYPE] = { .type = NLA_U32 }, 218 [NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, 219 }; 220 221 /* policy for the key default flags */ 222 static const struct nla_policy 223 nl80211_key_default_policy[NUM_NL80211_KEY_DEFAULT_TYPES] = { 224 [NL80211_KEY_DEFAULT_TYPE_UNICAST] = { .type = NLA_FLAG }, 225 [NL80211_KEY_DEFAULT_TYPE_MULTICAST] = { .type = NLA_FLAG }, 226 }; 227 228 /* policy for WoWLAN attributes */ 229 static const struct nla_policy 230 nl80211_wowlan_policy[NUM_NL80211_WOWLAN_TRIG] = { 231 [NL80211_WOWLAN_TRIG_ANY] = { .type = NLA_FLAG }, 232 [NL80211_WOWLAN_TRIG_DISCONNECT] = { .type = NLA_FLAG }, 233 [NL80211_WOWLAN_TRIG_MAGIC_PKT] = { .type = NLA_FLAG }, 234 [NL80211_WOWLAN_TRIG_PKT_PATTERN] = { .type = NLA_NESTED }, 235 [NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE] = { .type = NLA_FLAG }, 236 [NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST] = { .type = NLA_FLAG }, 237 [NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE] = { .type = NLA_FLAG }, 238 [NL80211_WOWLAN_TRIG_RFKILL_RELEASE] = { .type = NLA_FLAG }, 239 }; 240 241 /* policy for GTK rekey offload attributes */ 242 static const struct nla_policy 243 nl80211_rekey_policy[NUM_NL80211_REKEY_DATA] = { 244 [NL80211_REKEY_DATA_KEK] = { .len = NL80211_KEK_LEN }, 245 [NL80211_REKEY_DATA_KCK] = { .len = NL80211_KCK_LEN }, 246 [NL80211_REKEY_DATA_REPLAY_CTR] = { .len = NL80211_REPLAY_CTR_LEN }, 247 }; 248 249 static const struct nla_policy 250 nl80211_match_policy[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1] = { 251 [NL80211_ATTR_SCHED_SCAN_MATCH_SSID] = { .type = NLA_BINARY, 252 .len = IEEE80211_MAX_SSID_LEN }, 253 }; 254 255 /* ifidx get helper */ 256 static int nl80211_get_ifidx(struct netlink_callback *cb) 257 { 258 int res; 259 260 res = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, 261 nl80211_fam.attrbuf, nl80211_fam.maxattr, 262 nl80211_policy); 263 if (res) 264 return res; 265 266 if (!nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]) 267 return -EINVAL; 268 269 res = nla_get_u32(nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]); 270 if (!res) 271 return -EINVAL; 272 return res; 273 } 274 275 static int nl80211_prepare_netdev_dump(struct sk_buff *skb, 276 struct netlink_callback *cb, 277 struct cfg80211_registered_device **rdev, 278 struct net_device **dev) 279 { 280 int ifidx = cb->args[0]; 281 int err; 282 283 if (!ifidx) 284 ifidx = nl80211_get_ifidx(cb); 285 if (ifidx < 0) 286 return ifidx; 287 288 cb->args[0] = ifidx; 289 290 rtnl_lock(); 291 292 *dev = __dev_get_by_index(sock_net(skb->sk), ifidx); 293 if (!*dev) { 294 err = -ENODEV; 295 goto out_rtnl; 296 } 297 298 *rdev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx); 299 if (IS_ERR(*rdev)) { 300 err = PTR_ERR(*rdev); 301 goto out_rtnl; 302 } 303 304 return 0; 305 out_rtnl: 306 rtnl_unlock(); 307 return err; 308 } 309 310 static void nl80211_finish_netdev_dump(struct cfg80211_registered_device *rdev) 311 { 312 cfg80211_unlock_rdev(rdev); 313 rtnl_unlock(); 314 } 315 316 /* IE validation */ 317 static bool is_valid_ie_attr(const struct nlattr *attr) 318 { 319 const u8 *pos; 320 int len; 321 322 if (!attr) 323 return true; 324 325 pos = nla_data(attr); 326 len = nla_len(attr); 327 328 while (len) { 329 u8 elemlen; 330 331 if (len < 2) 332 return false; 333 len -= 2; 334 335 elemlen = pos[1]; 336 if (elemlen > len) 337 return false; 338 339 len -= elemlen; 340 pos += 2 + elemlen; 341 } 342 343 return true; 344 } 345 346 /* message building helper */ 347 static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq, 348 int flags, u8 cmd) 349 { 350 /* since there is no private header just add the generic one */ 351 return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd); 352 } 353 354 static int nl80211_msg_put_channel(struct sk_buff *msg, 355 struct ieee80211_channel *chan) 356 { 357 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_FREQ, 358 chan->center_freq); 359 360 if (chan->flags & IEEE80211_CHAN_DISABLED) 361 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_DISABLED); 362 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN) 363 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_PASSIVE_SCAN); 364 if (chan->flags & IEEE80211_CHAN_NO_IBSS) 365 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_NO_IBSS); 366 if (chan->flags & IEEE80211_CHAN_RADAR) 367 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_RADAR); 368 369 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER, 370 DBM_TO_MBM(chan->max_power)); 371 372 return 0; 373 374 nla_put_failure: 375 return -ENOBUFS; 376 } 377 378 /* netlink command implementations */ 379 380 struct key_parse { 381 struct key_params p; 382 int idx; 383 int type; 384 bool def, defmgmt; 385 bool def_uni, def_multi; 386 }; 387 388 static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k) 389 { 390 struct nlattr *tb[NL80211_KEY_MAX + 1]; 391 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key, 392 nl80211_key_policy); 393 if (err) 394 return err; 395 396 k->def = !!tb[NL80211_KEY_DEFAULT]; 397 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT]; 398 399 if (k->def) { 400 k->def_uni = true; 401 k->def_multi = true; 402 } 403 if (k->defmgmt) 404 k->def_multi = true; 405 406 if (tb[NL80211_KEY_IDX]) 407 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]); 408 409 if (tb[NL80211_KEY_DATA]) { 410 k->p.key = nla_data(tb[NL80211_KEY_DATA]); 411 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]); 412 } 413 414 if (tb[NL80211_KEY_SEQ]) { 415 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]); 416 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]); 417 } 418 419 if (tb[NL80211_KEY_CIPHER]) 420 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]); 421 422 if (tb[NL80211_KEY_TYPE]) { 423 k->type = nla_get_u32(tb[NL80211_KEY_TYPE]); 424 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) 425 return -EINVAL; 426 } 427 428 if (tb[NL80211_KEY_DEFAULT_TYPES]) { 429 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES]; 430 err = nla_parse_nested(kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1, 431 tb[NL80211_KEY_DEFAULT_TYPES], 432 nl80211_key_default_policy); 433 if (err) 434 return err; 435 436 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST]; 437 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST]; 438 } 439 440 return 0; 441 } 442 443 static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k) 444 { 445 if (info->attrs[NL80211_ATTR_KEY_DATA]) { 446 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]); 447 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]); 448 } 449 450 if (info->attrs[NL80211_ATTR_KEY_SEQ]) { 451 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]); 452 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]); 453 } 454 455 if (info->attrs[NL80211_ATTR_KEY_IDX]) 456 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 457 458 if (info->attrs[NL80211_ATTR_KEY_CIPHER]) 459 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]); 460 461 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT]; 462 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT]; 463 464 if (k->def) { 465 k->def_uni = true; 466 k->def_multi = true; 467 } 468 if (k->defmgmt) 469 k->def_multi = true; 470 471 if (info->attrs[NL80211_ATTR_KEY_TYPE]) { 472 k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); 473 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) 474 return -EINVAL; 475 } 476 477 if (info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES]) { 478 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES]; 479 int err = nla_parse_nested( 480 kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1, 481 info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES], 482 nl80211_key_default_policy); 483 if (err) 484 return err; 485 486 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST]; 487 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST]; 488 } 489 490 return 0; 491 } 492 493 static int nl80211_parse_key(struct genl_info *info, struct key_parse *k) 494 { 495 int err; 496 497 memset(k, 0, sizeof(*k)); 498 k->idx = -1; 499 k->type = -1; 500 501 if (info->attrs[NL80211_ATTR_KEY]) 502 err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k); 503 else 504 err = nl80211_parse_key_old(info, k); 505 506 if (err) 507 return err; 508 509 if (k->def && k->defmgmt) 510 return -EINVAL; 511 512 if (k->defmgmt) { 513 if (k->def_uni || !k->def_multi) 514 return -EINVAL; 515 } 516 517 if (k->idx != -1) { 518 if (k->defmgmt) { 519 if (k->idx < 4 || k->idx > 5) 520 return -EINVAL; 521 } else if (k->def) { 522 if (k->idx < 0 || k->idx > 3) 523 return -EINVAL; 524 } else { 525 if (k->idx < 0 || k->idx > 5) 526 return -EINVAL; 527 } 528 } 529 530 return 0; 531 } 532 533 static struct cfg80211_cached_keys * 534 nl80211_parse_connkeys(struct cfg80211_registered_device *rdev, 535 struct nlattr *keys) 536 { 537 struct key_parse parse; 538 struct nlattr *key; 539 struct cfg80211_cached_keys *result; 540 int rem, err, def = 0; 541 542 result = kzalloc(sizeof(*result), GFP_KERNEL); 543 if (!result) 544 return ERR_PTR(-ENOMEM); 545 546 result->def = -1; 547 result->defmgmt = -1; 548 549 nla_for_each_nested(key, keys, rem) { 550 memset(&parse, 0, sizeof(parse)); 551 parse.idx = -1; 552 553 err = nl80211_parse_key_new(key, &parse); 554 if (err) 555 goto error; 556 err = -EINVAL; 557 if (!parse.p.key) 558 goto error; 559 if (parse.idx < 0 || parse.idx > 4) 560 goto error; 561 if (parse.def) { 562 if (def) 563 goto error; 564 def = 1; 565 result->def = parse.idx; 566 if (!parse.def_uni || !parse.def_multi) 567 goto error; 568 } else if (parse.defmgmt) 569 goto error; 570 err = cfg80211_validate_key_settings(rdev, &parse.p, 571 parse.idx, false, NULL); 572 if (err) 573 goto error; 574 result->params[parse.idx].cipher = parse.p.cipher; 575 result->params[parse.idx].key_len = parse.p.key_len; 576 result->params[parse.idx].key = result->data[parse.idx]; 577 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len); 578 } 579 580 return result; 581 error: 582 kfree(result); 583 return ERR_PTR(err); 584 } 585 586 static int nl80211_key_allowed(struct wireless_dev *wdev) 587 { 588 ASSERT_WDEV_LOCK(wdev); 589 590 switch (wdev->iftype) { 591 case NL80211_IFTYPE_AP: 592 case NL80211_IFTYPE_AP_VLAN: 593 case NL80211_IFTYPE_P2P_GO: 594 case NL80211_IFTYPE_MESH_POINT: 595 break; 596 case NL80211_IFTYPE_ADHOC: 597 if (!wdev->current_bss) 598 return -ENOLINK; 599 break; 600 case NL80211_IFTYPE_STATION: 601 case NL80211_IFTYPE_P2P_CLIENT: 602 if (wdev->sme_state != CFG80211_SME_CONNECTED) 603 return -ENOLINK; 604 break; 605 default: 606 return -EINVAL; 607 } 608 609 return 0; 610 } 611 612 static int nl80211_put_iftypes(struct sk_buff *msg, u32 attr, u16 ifmodes) 613 { 614 struct nlattr *nl_modes = nla_nest_start(msg, attr); 615 int i; 616 617 if (!nl_modes) 618 goto nla_put_failure; 619 620 i = 0; 621 while (ifmodes) { 622 if (ifmodes & 1) 623 NLA_PUT_FLAG(msg, i); 624 ifmodes >>= 1; 625 i++; 626 } 627 628 nla_nest_end(msg, nl_modes); 629 return 0; 630 631 nla_put_failure: 632 return -ENOBUFS; 633 } 634 635 static int nl80211_put_iface_combinations(struct wiphy *wiphy, 636 struct sk_buff *msg) 637 { 638 struct nlattr *nl_combis; 639 int i, j; 640 641 nl_combis = nla_nest_start(msg, 642 NL80211_ATTR_INTERFACE_COMBINATIONS); 643 if (!nl_combis) 644 goto nla_put_failure; 645 646 for (i = 0; i < wiphy->n_iface_combinations; i++) { 647 const struct ieee80211_iface_combination *c; 648 struct nlattr *nl_combi, *nl_limits; 649 650 c = &wiphy->iface_combinations[i]; 651 652 nl_combi = nla_nest_start(msg, i + 1); 653 if (!nl_combi) 654 goto nla_put_failure; 655 656 nl_limits = nla_nest_start(msg, NL80211_IFACE_COMB_LIMITS); 657 if (!nl_limits) 658 goto nla_put_failure; 659 660 for (j = 0; j < c->n_limits; j++) { 661 struct nlattr *nl_limit; 662 663 nl_limit = nla_nest_start(msg, j + 1); 664 if (!nl_limit) 665 goto nla_put_failure; 666 NLA_PUT_U32(msg, NL80211_IFACE_LIMIT_MAX, 667 c->limits[j].max); 668 if (nl80211_put_iftypes(msg, NL80211_IFACE_LIMIT_TYPES, 669 c->limits[j].types)) 670 goto nla_put_failure; 671 nla_nest_end(msg, nl_limit); 672 } 673 674 nla_nest_end(msg, nl_limits); 675 676 if (c->beacon_int_infra_match) 677 NLA_PUT_FLAG(msg, 678 NL80211_IFACE_COMB_STA_AP_BI_MATCH); 679 NLA_PUT_U32(msg, NL80211_IFACE_COMB_NUM_CHANNELS, 680 c->num_different_channels); 681 NLA_PUT_U32(msg, NL80211_IFACE_COMB_MAXNUM, 682 c->max_interfaces); 683 684 nla_nest_end(msg, nl_combi); 685 } 686 687 nla_nest_end(msg, nl_combis); 688 689 return 0; 690 nla_put_failure: 691 return -ENOBUFS; 692 } 693 694 static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags, 695 struct cfg80211_registered_device *dev) 696 { 697 void *hdr; 698 struct nlattr *nl_bands, *nl_band; 699 struct nlattr *nl_freqs, *nl_freq; 700 struct nlattr *nl_rates, *nl_rate; 701 struct nlattr *nl_cmds; 702 enum ieee80211_band band; 703 struct ieee80211_channel *chan; 704 struct ieee80211_rate *rate; 705 int i; 706 const struct ieee80211_txrx_stypes *mgmt_stypes = 707 dev->wiphy.mgmt_stypes; 708 709 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_WIPHY); 710 if (!hdr) 711 return -1; 712 713 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx); 714 NLA_PUT_STRING(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy)); 715 716 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 717 cfg80211_rdev_list_generation); 718 719 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT, 720 dev->wiphy.retry_short); 721 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_LONG, 722 dev->wiphy.retry_long); 723 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, 724 dev->wiphy.frag_threshold); 725 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, 726 dev->wiphy.rts_threshold); 727 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS, 728 dev->wiphy.coverage_class); 729 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS, 730 dev->wiphy.max_scan_ssids); 731 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS, 732 dev->wiphy.max_sched_scan_ssids); 733 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN, 734 dev->wiphy.max_scan_ie_len); 735 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCHED_SCAN_IE_LEN, 736 dev->wiphy.max_sched_scan_ie_len); 737 NLA_PUT_U8(msg, NL80211_ATTR_MAX_MATCH_SETS, 738 dev->wiphy.max_match_sets); 739 740 if (dev->wiphy.flags & WIPHY_FLAG_IBSS_RSN) 741 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_IBSS_RSN); 742 if (dev->wiphy.flags & WIPHY_FLAG_MESH_AUTH) 743 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_MESH_AUTH); 744 if (dev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) 745 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_AP_UAPSD); 746 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_FW_ROAM) 747 NLA_PUT_FLAG(msg, NL80211_ATTR_ROAM_SUPPORT); 748 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) 749 NLA_PUT_FLAG(msg, NL80211_ATTR_TDLS_SUPPORT); 750 if (dev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP) 751 NLA_PUT_FLAG(msg, NL80211_ATTR_TDLS_EXTERNAL_SETUP); 752 753 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES, 754 sizeof(u32) * dev->wiphy.n_cipher_suites, 755 dev->wiphy.cipher_suites); 756 757 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_PMKIDS, 758 dev->wiphy.max_num_pmkids); 759 760 if (dev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) 761 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE); 762 763 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_TX, 764 dev->wiphy.available_antennas_tx); 765 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_RX, 766 dev->wiphy.available_antennas_rx); 767 768 if (dev->wiphy.flags & WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD) 769 NLA_PUT_U32(msg, NL80211_ATTR_PROBE_RESP_OFFLOAD, 770 dev->wiphy.probe_resp_offload); 771 772 if ((dev->wiphy.available_antennas_tx || 773 dev->wiphy.available_antennas_rx) && dev->ops->get_antenna) { 774 u32 tx_ant = 0, rx_ant = 0; 775 int res; 776 res = dev->ops->get_antenna(&dev->wiphy, &tx_ant, &rx_ant); 777 if (!res) { 778 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_TX, tx_ant); 779 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_RX, rx_ant); 780 } 781 } 782 783 if (nl80211_put_iftypes(msg, NL80211_ATTR_SUPPORTED_IFTYPES, 784 dev->wiphy.interface_modes)) 785 goto nla_put_failure; 786 787 nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS); 788 if (!nl_bands) 789 goto nla_put_failure; 790 791 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 792 if (!dev->wiphy.bands[band]) 793 continue; 794 795 nl_band = nla_nest_start(msg, band); 796 if (!nl_band) 797 goto nla_put_failure; 798 799 /* add HT info */ 800 if (dev->wiphy.bands[band]->ht_cap.ht_supported) { 801 NLA_PUT(msg, NL80211_BAND_ATTR_HT_MCS_SET, 802 sizeof(dev->wiphy.bands[band]->ht_cap.mcs), 803 &dev->wiphy.bands[band]->ht_cap.mcs); 804 NLA_PUT_U16(msg, NL80211_BAND_ATTR_HT_CAPA, 805 dev->wiphy.bands[band]->ht_cap.cap); 806 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR, 807 dev->wiphy.bands[band]->ht_cap.ampdu_factor); 808 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY, 809 dev->wiphy.bands[band]->ht_cap.ampdu_density); 810 } 811 812 /* add frequencies */ 813 nl_freqs = nla_nest_start(msg, NL80211_BAND_ATTR_FREQS); 814 if (!nl_freqs) 815 goto nla_put_failure; 816 817 for (i = 0; i < dev->wiphy.bands[band]->n_channels; i++) { 818 nl_freq = nla_nest_start(msg, i); 819 if (!nl_freq) 820 goto nla_put_failure; 821 822 chan = &dev->wiphy.bands[band]->channels[i]; 823 824 if (nl80211_msg_put_channel(msg, chan)) 825 goto nla_put_failure; 826 827 nla_nest_end(msg, nl_freq); 828 } 829 830 nla_nest_end(msg, nl_freqs); 831 832 /* add bitrates */ 833 nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES); 834 if (!nl_rates) 835 goto nla_put_failure; 836 837 for (i = 0; i < dev->wiphy.bands[band]->n_bitrates; i++) { 838 nl_rate = nla_nest_start(msg, i); 839 if (!nl_rate) 840 goto nla_put_failure; 841 842 rate = &dev->wiphy.bands[band]->bitrates[i]; 843 NLA_PUT_U32(msg, NL80211_BITRATE_ATTR_RATE, 844 rate->bitrate); 845 if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) 846 NLA_PUT_FLAG(msg, 847 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE); 848 849 nla_nest_end(msg, nl_rate); 850 } 851 852 nla_nest_end(msg, nl_rates); 853 854 nla_nest_end(msg, nl_band); 855 } 856 nla_nest_end(msg, nl_bands); 857 858 nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS); 859 if (!nl_cmds) 860 goto nla_put_failure; 861 862 i = 0; 863 #define CMD(op, n) \ 864 do { \ 865 if (dev->ops->op) { \ 866 i++; \ 867 NLA_PUT_U32(msg, i, NL80211_CMD_ ## n); \ 868 } \ 869 } while (0) 870 871 CMD(add_virtual_intf, NEW_INTERFACE); 872 CMD(change_virtual_intf, SET_INTERFACE); 873 CMD(add_key, NEW_KEY); 874 CMD(add_beacon, NEW_BEACON); 875 CMD(add_station, NEW_STATION); 876 CMD(add_mpath, NEW_MPATH); 877 CMD(update_mesh_config, SET_MESH_CONFIG); 878 CMD(change_bss, SET_BSS); 879 CMD(auth, AUTHENTICATE); 880 CMD(assoc, ASSOCIATE); 881 CMD(deauth, DEAUTHENTICATE); 882 CMD(disassoc, DISASSOCIATE); 883 CMD(join_ibss, JOIN_IBSS); 884 CMD(join_mesh, JOIN_MESH); 885 CMD(set_pmksa, SET_PMKSA); 886 CMD(del_pmksa, DEL_PMKSA); 887 CMD(flush_pmksa, FLUSH_PMKSA); 888 if (dev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL) 889 CMD(remain_on_channel, REMAIN_ON_CHANNEL); 890 CMD(set_bitrate_mask, SET_TX_BITRATE_MASK); 891 CMD(mgmt_tx, FRAME); 892 CMD(mgmt_tx_cancel_wait, FRAME_WAIT_CANCEL); 893 if (dev->wiphy.flags & WIPHY_FLAG_NETNS_OK) { 894 i++; 895 NLA_PUT_U32(msg, i, NL80211_CMD_SET_WIPHY_NETNS); 896 } 897 CMD(set_channel, SET_CHANNEL); 898 CMD(set_wds_peer, SET_WDS_PEER); 899 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) { 900 CMD(tdls_mgmt, TDLS_MGMT); 901 CMD(tdls_oper, TDLS_OPER); 902 } 903 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) 904 CMD(sched_scan_start, START_SCHED_SCAN); 905 CMD(probe_client, PROBE_CLIENT); 906 CMD(set_noack_map, SET_NOACK_MAP); 907 if (dev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS) { 908 i++; 909 NLA_PUT_U32(msg, i, NL80211_CMD_REGISTER_BEACONS); 910 } 911 912 #ifdef CONFIG_NL80211_TESTMODE 913 CMD(testmode_cmd, TESTMODE); 914 #endif 915 916 #undef CMD 917 918 if (dev->ops->connect || dev->ops->auth) { 919 i++; 920 NLA_PUT_U32(msg, i, NL80211_CMD_CONNECT); 921 } 922 923 if (dev->ops->disconnect || dev->ops->deauth) { 924 i++; 925 NLA_PUT_U32(msg, i, NL80211_CMD_DISCONNECT); 926 } 927 928 nla_nest_end(msg, nl_cmds); 929 930 if (dev->ops->remain_on_channel && 931 dev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL) 932 NLA_PUT_U32(msg, NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION, 933 dev->wiphy.max_remain_on_channel_duration); 934 935 if (dev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX) 936 NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK); 937 938 if (mgmt_stypes) { 939 u16 stypes; 940 struct nlattr *nl_ftypes, *nl_ifs; 941 enum nl80211_iftype ift; 942 943 nl_ifs = nla_nest_start(msg, NL80211_ATTR_TX_FRAME_TYPES); 944 if (!nl_ifs) 945 goto nla_put_failure; 946 947 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { 948 nl_ftypes = nla_nest_start(msg, ift); 949 if (!nl_ftypes) 950 goto nla_put_failure; 951 i = 0; 952 stypes = mgmt_stypes[ift].tx; 953 while (stypes) { 954 if (stypes & 1) 955 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, 956 (i << 4) | IEEE80211_FTYPE_MGMT); 957 stypes >>= 1; 958 i++; 959 } 960 nla_nest_end(msg, nl_ftypes); 961 } 962 963 nla_nest_end(msg, nl_ifs); 964 965 nl_ifs = nla_nest_start(msg, NL80211_ATTR_RX_FRAME_TYPES); 966 if (!nl_ifs) 967 goto nla_put_failure; 968 969 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { 970 nl_ftypes = nla_nest_start(msg, ift); 971 if (!nl_ftypes) 972 goto nla_put_failure; 973 i = 0; 974 stypes = mgmt_stypes[ift].rx; 975 while (stypes) { 976 if (stypes & 1) 977 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, 978 (i << 4) | IEEE80211_FTYPE_MGMT); 979 stypes >>= 1; 980 i++; 981 } 982 nla_nest_end(msg, nl_ftypes); 983 } 984 nla_nest_end(msg, nl_ifs); 985 } 986 987 if (dev->wiphy.wowlan.flags || dev->wiphy.wowlan.n_patterns) { 988 struct nlattr *nl_wowlan; 989 990 nl_wowlan = nla_nest_start(msg, 991 NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED); 992 if (!nl_wowlan) 993 goto nla_put_failure; 994 995 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_ANY) 996 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_ANY); 997 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_DISCONNECT) 998 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_DISCONNECT); 999 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_MAGIC_PKT) 1000 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT); 1001 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_SUPPORTS_GTK_REKEY) 1002 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED); 1003 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE) 1004 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE); 1005 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ) 1006 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST); 1007 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_4WAY_HANDSHAKE) 1008 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE); 1009 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_RFKILL_RELEASE) 1010 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE); 1011 if (dev->wiphy.wowlan.n_patterns) { 1012 struct nl80211_wowlan_pattern_support pat = { 1013 .max_patterns = dev->wiphy.wowlan.n_patterns, 1014 .min_pattern_len = 1015 dev->wiphy.wowlan.pattern_min_len, 1016 .max_pattern_len = 1017 dev->wiphy.wowlan.pattern_max_len, 1018 }; 1019 NLA_PUT(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN, 1020 sizeof(pat), &pat); 1021 } 1022 1023 nla_nest_end(msg, nl_wowlan); 1024 } 1025 1026 if (nl80211_put_iftypes(msg, NL80211_ATTR_SOFTWARE_IFTYPES, 1027 dev->wiphy.software_iftypes)) 1028 goto nla_put_failure; 1029 1030 if (nl80211_put_iface_combinations(&dev->wiphy, msg)) 1031 goto nla_put_failure; 1032 1033 if (dev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME) 1034 NLA_PUT_U32(msg, NL80211_ATTR_DEVICE_AP_SME, 1035 dev->wiphy.ap_sme_capa); 1036 1037 NLA_PUT_U32(msg, NL80211_ATTR_FEATURE_FLAGS, dev->wiphy.features); 1038 1039 if (dev->wiphy.ht_capa_mod_mask) 1040 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY_MASK, 1041 sizeof(*dev->wiphy.ht_capa_mod_mask), 1042 dev->wiphy.ht_capa_mod_mask); 1043 1044 return genlmsg_end(msg, hdr); 1045 1046 nla_put_failure: 1047 genlmsg_cancel(msg, hdr); 1048 return -EMSGSIZE; 1049 } 1050 1051 static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb) 1052 { 1053 int idx = 0; 1054 int start = cb->args[0]; 1055 struct cfg80211_registered_device *dev; 1056 1057 mutex_lock(&cfg80211_mutex); 1058 list_for_each_entry(dev, &cfg80211_rdev_list, list) { 1059 if (!net_eq(wiphy_net(&dev->wiphy), sock_net(skb->sk))) 1060 continue; 1061 if (++idx <= start) 1062 continue; 1063 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid, 1064 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1065 dev) < 0) { 1066 idx--; 1067 break; 1068 } 1069 } 1070 mutex_unlock(&cfg80211_mutex); 1071 1072 cb->args[0] = idx; 1073 1074 return skb->len; 1075 } 1076 1077 static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info) 1078 { 1079 struct sk_buff *msg; 1080 struct cfg80211_registered_device *dev = info->user_ptr[0]; 1081 1082 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1083 if (!msg) 1084 return -ENOMEM; 1085 1086 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0) { 1087 nlmsg_free(msg); 1088 return -ENOBUFS; 1089 } 1090 1091 return genlmsg_reply(msg, info); 1092 } 1093 1094 static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = { 1095 [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 }, 1096 [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 }, 1097 [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 }, 1098 [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 }, 1099 [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 }, 1100 }; 1101 1102 static int parse_txq_params(struct nlattr *tb[], 1103 struct ieee80211_txq_params *txq_params) 1104 { 1105 if (!tb[NL80211_TXQ_ATTR_QUEUE] || !tb[NL80211_TXQ_ATTR_TXOP] || 1106 !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] || 1107 !tb[NL80211_TXQ_ATTR_AIFS]) 1108 return -EINVAL; 1109 1110 txq_params->queue = nla_get_u8(tb[NL80211_TXQ_ATTR_QUEUE]); 1111 txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]); 1112 txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]); 1113 txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]); 1114 txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]); 1115 1116 return 0; 1117 } 1118 1119 static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev) 1120 { 1121 /* 1122 * You can only set the channel explicitly for AP, mesh 1123 * and WDS type interfaces; all others have their channel 1124 * managed via their respective "establish a connection" 1125 * command (connect, join, ...) 1126 * 1127 * Monitors are special as they are normally slaved to 1128 * whatever else is going on, so they behave as though 1129 * you tried setting the wiphy channel itself. 1130 */ 1131 return !wdev || 1132 wdev->iftype == NL80211_IFTYPE_AP || 1133 wdev->iftype == NL80211_IFTYPE_WDS || 1134 wdev->iftype == NL80211_IFTYPE_MESH_POINT || 1135 wdev->iftype == NL80211_IFTYPE_MONITOR || 1136 wdev->iftype == NL80211_IFTYPE_P2P_GO; 1137 } 1138 1139 static int __nl80211_set_channel(struct cfg80211_registered_device *rdev, 1140 struct wireless_dev *wdev, 1141 struct genl_info *info) 1142 { 1143 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 1144 u32 freq; 1145 int result; 1146 1147 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 1148 return -EINVAL; 1149 1150 if (!nl80211_can_set_dev_channel(wdev)) 1151 return -EOPNOTSUPP; 1152 1153 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 1154 channel_type = nla_get_u32(info->attrs[ 1155 NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 1156 if (channel_type != NL80211_CHAN_NO_HT && 1157 channel_type != NL80211_CHAN_HT20 && 1158 channel_type != NL80211_CHAN_HT40PLUS && 1159 channel_type != NL80211_CHAN_HT40MINUS) 1160 return -EINVAL; 1161 } 1162 1163 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 1164 1165 mutex_lock(&rdev->devlist_mtx); 1166 if (wdev) { 1167 wdev_lock(wdev); 1168 result = cfg80211_set_freq(rdev, wdev, freq, channel_type); 1169 wdev_unlock(wdev); 1170 } else { 1171 result = cfg80211_set_freq(rdev, NULL, freq, channel_type); 1172 } 1173 mutex_unlock(&rdev->devlist_mtx); 1174 1175 return result; 1176 } 1177 1178 static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info) 1179 { 1180 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1181 struct net_device *netdev = info->user_ptr[1]; 1182 1183 return __nl80211_set_channel(rdev, netdev->ieee80211_ptr, info); 1184 } 1185 1186 static int nl80211_set_wds_peer(struct sk_buff *skb, struct genl_info *info) 1187 { 1188 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1189 struct net_device *dev = info->user_ptr[1]; 1190 struct wireless_dev *wdev = dev->ieee80211_ptr; 1191 const u8 *bssid; 1192 1193 if (!info->attrs[NL80211_ATTR_MAC]) 1194 return -EINVAL; 1195 1196 if (netif_running(dev)) 1197 return -EBUSY; 1198 1199 if (!rdev->ops->set_wds_peer) 1200 return -EOPNOTSUPP; 1201 1202 if (wdev->iftype != NL80211_IFTYPE_WDS) 1203 return -EOPNOTSUPP; 1204 1205 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 1206 return rdev->ops->set_wds_peer(wdev->wiphy, dev, bssid); 1207 } 1208 1209 1210 static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info) 1211 { 1212 struct cfg80211_registered_device *rdev; 1213 struct net_device *netdev = NULL; 1214 struct wireless_dev *wdev; 1215 int result = 0, rem_txq_params = 0; 1216 struct nlattr *nl_txq_params; 1217 u32 changed; 1218 u8 retry_short = 0, retry_long = 0; 1219 u32 frag_threshold = 0, rts_threshold = 0; 1220 u8 coverage_class = 0; 1221 1222 /* 1223 * Try to find the wiphy and netdev. Normally this 1224 * function shouldn't need the netdev, but this is 1225 * done for backward compatibility -- previously 1226 * setting the channel was done per wiphy, but now 1227 * it is per netdev. Previous userland like hostapd 1228 * also passed a netdev to set_wiphy, so that it is 1229 * possible to let that go to the right netdev! 1230 */ 1231 mutex_lock(&cfg80211_mutex); 1232 1233 if (info->attrs[NL80211_ATTR_IFINDEX]) { 1234 int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]); 1235 1236 netdev = dev_get_by_index(genl_info_net(info), ifindex); 1237 if (netdev && netdev->ieee80211_ptr) { 1238 rdev = wiphy_to_dev(netdev->ieee80211_ptr->wiphy); 1239 mutex_lock(&rdev->mtx); 1240 } else 1241 netdev = NULL; 1242 } 1243 1244 if (!netdev) { 1245 rdev = __cfg80211_rdev_from_info(info); 1246 if (IS_ERR(rdev)) { 1247 mutex_unlock(&cfg80211_mutex); 1248 return PTR_ERR(rdev); 1249 } 1250 wdev = NULL; 1251 netdev = NULL; 1252 result = 0; 1253 1254 mutex_lock(&rdev->mtx); 1255 } else if (netif_running(netdev) && 1256 nl80211_can_set_dev_channel(netdev->ieee80211_ptr)) 1257 wdev = netdev->ieee80211_ptr; 1258 else 1259 wdev = NULL; 1260 1261 /* 1262 * end workaround code, by now the rdev is available 1263 * and locked, and wdev may or may not be NULL. 1264 */ 1265 1266 if (info->attrs[NL80211_ATTR_WIPHY_NAME]) 1267 result = cfg80211_dev_rename( 1268 rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME])); 1269 1270 mutex_unlock(&cfg80211_mutex); 1271 1272 if (result) 1273 goto bad_res; 1274 1275 if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) { 1276 struct ieee80211_txq_params txq_params; 1277 struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1]; 1278 1279 if (!rdev->ops->set_txq_params) { 1280 result = -EOPNOTSUPP; 1281 goto bad_res; 1282 } 1283 1284 if (!netdev) { 1285 result = -EINVAL; 1286 goto bad_res; 1287 } 1288 1289 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 1290 netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) { 1291 result = -EINVAL; 1292 goto bad_res; 1293 } 1294 1295 nla_for_each_nested(nl_txq_params, 1296 info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS], 1297 rem_txq_params) { 1298 nla_parse(tb, NL80211_TXQ_ATTR_MAX, 1299 nla_data(nl_txq_params), 1300 nla_len(nl_txq_params), 1301 txq_params_policy); 1302 result = parse_txq_params(tb, &txq_params); 1303 if (result) 1304 goto bad_res; 1305 1306 result = rdev->ops->set_txq_params(&rdev->wiphy, 1307 netdev, 1308 &txq_params); 1309 if (result) 1310 goto bad_res; 1311 } 1312 } 1313 1314 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 1315 result = __nl80211_set_channel(rdev, wdev, info); 1316 if (result) 1317 goto bad_res; 1318 } 1319 1320 if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) { 1321 enum nl80211_tx_power_setting type; 1322 int idx, mbm = 0; 1323 1324 if (!rdev->ops->set_tx_power) { 1325 result = -EOPNOTSUPP; 1326 goto bad_res; 1327 } 1328 1329 idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING; 1330 type = nla_get_u32(info->attrs[idx]); 1331 1332 if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] && 1333 (type != NL80211_TX_POWER_AUTOMATIC)) { 1334 result = -EINVAL; 1335 goto bad_res; 1336 } 1337 1338 if (type != NL80211_TX_POWER_AUTOMATIC) { 1339 idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL; 1340 mbm = nla_get_u32(info->attrs[idx]); 1341 } 1342 1343 result = rdev->ops->set_tx_power(&rdev->wiphy, type, mbm); 1344 if (result) 1345 goto bad_res; 1346 } 1347 1348 if (info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX] && 1349 info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]) { 1350 u32 tx_ant, rx_ant; 1351 if ((!rdev->wiphy.available_antennas_tx && 1352 !rdev->wiphy.available_antennas_rx) || 1353 !rdev->ops->set_antenna) { 1354 result = -EOPNOTSUPP; 1355 goto bad_res; 1356 } 1357 1358 tx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX]); 1359 rx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]); 1360 1361 /* reject antenna configurations which don't match the 1362 * available antenna masks, except for the "all" mask */ 1363 if ((~tx_ant && (tx_ant & ~rdev->wiphy.available_antennas_tx)) || 1364 (~rx_ant && (rx_ant & ~rdev->wiphy.available_antennas_rx))) { 1365 result = -EINVAL; 1366 goto bad_res; 1367 } 1368 1369 tx_ant = tx_ant & rdev->wiphy.available_antennas_tx; 1370 rx_ant = rx_ant & rdev->wiphy.available_antennas_rx; 1371 1372 result = rdev->ops->set_antenna(&rdev->wiphy, tx_ant, rx_ant); 1373 if (result) 1374 goto bad_res; 1375 } 1376 1377 changed = 0; 1378 1379 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) { 1380 retry_short = nla_get_u8( 1381 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]); 1382 if (retry_short == 0) { 1383 result = -EINVAL; 1384 goto bad_res; 1385 } 1386 changed |= WIPHY_PARAM_RETRY_SHORT; 1387 } 1388 1389 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) { 1390 retry_long = nla_get_u8( 1391 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]); 1392 if (retry_long == 0) { 1393 result = -EINVAL; 1394 goto bad_res; 1395 } 1396 changed |= WIPHY_PARAM_RETRY_LONG; 1397 } 1398 1399 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) { 1400 frag_threshold = nla_get_u32( 1401 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]); 1402 if (frag_threshold < 256) { 1403 result = -EINVAL; 1404 goto bad_res; 1405 } 1406 if (frag_threshold != (u32) -1) { 1407 /* 1408 * Fragments (apart from the last one) are required to 1409 * have even length. Make the fragmentation code 1410 * simpler by stripping LSB should someone try to use 1411 * odd threshold value. 1412 */ 1413 frag_threshold &= ~0x1; 1414 } 1415 changed |= WIPHY_PARAM_FRAG_THRESHOLD; 1416 } 1417 1418 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) { 1419 rts_threshold = nla_get_u32( 1420 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]); 1421 changed |= WIPHY_PARAM_RTS_THRESHOLD; 1422 } 1423 1424 if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) { 1425 coverage_class = nla_get_u8( 1426 info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]); 1427 changed |= WIPHY_PARAM_COVERAGE_CLASS; 1428 } 1429 1430 if (changed) { 1431 u8 old_retry_short, old_retry_long; 1432 u32 old_frag_threshold, old_rts_threshold; 1433 u8 old_coverage_class; 1434 1435 if (!rdev->ops->set_wiphy_params) { 1436 result = -EOPNOTSUPP; 1437 goto bad_res; 1438 } 1439 1440 old_retry_short = rdev->wiphy.retry_short; 1441 old_retry_long = rdev->wiphy.retry_long; 1442 old_frag_threshold = rdev->wiphy.frag_threshold; 1443 old_rts_threshold = rdev->wiphy.rts_threshold; 1444 old_coverage_class = rdev->wiphy.coverage_class; 1445 1446 if (changed & WIPHY_PARAM_RETRY_SHORT) 1447 rdev->wiphy.retry_short = retry_short; 1448 if (changed & WIPHY_PARAM_RETRY_LONG) 1449 rdev->wiphy.retry_long = retry_long; 1450 if (changed & WIPHY_PARAM_FRAG_THRESHOLD) 1451 rdev->wiphy.frag_threshold = frag_threshold; 1452 if (changed & WIPHY_PARAM_RTS_THRESHOLD) 1453 rdev->wiphy.rts_threshold = rts_threshold; 1454 if (changed & WIPHY_PARAM_COVERAGE_CLASS) 1455 rdev->wiphy.coverage_class = coverage_class; 1456 1457 result = rdev->ops->set_wiphy_params(&rdev->wiphy, changed); 1458 if (result) { 1459 rdev->wiphy.retry_short = old_retry_short; 1460 rdev->wiphy.retry_long = old_retry_long; 1461 rdev->wiphy.frag_threshold = old_frag_threshold; 1462 rdev->wiphy.rts_threshold = old_rts_threshold; 1463 rdev->wiphy.coverage_class = old_coverage_class; 1464 } 1465 } 1466 1467 bad_res: 1468 mutex_unlock(&rdev->mtx); 1469 if (netdev) 1470 dev_put(netdev); 1471 return result; 1472 } 1473 1474 1475 static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags, 1476 struct cfg80211_registered_device *rdev, 1477 struct net_device *dev) 1478 { 1479 void *hdr; 1480 1481 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_INTERFACE); 1482 if (!hdr) 1483 return -1; 1484 1485 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1486 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 1487 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, dev->name); 1488 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, dev->ieee80211_ptr->iftype); 1489 1490 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 1491 rdev->devlist_generation ^ 1492 (cfg80211_rdev_list_generation << 2)); 1493 1494 return genlmsg_end(msg, hdr); 1495 1496 nla_put_failure: 1497 genlmsg_cancel(msg, hdr); 1498 return -EMSGSIZE; 1499 } 1500 1501 static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb) 1502 { 1503 int wp_idx = 0; 1504 int if_idx = 0; 1505 int wp_start = cb->args[0]; 1506 int if_start = cb->args[1]; 1507 struct cfg80211_registered_device *rdev; 1508 struct wireless_dev *wdev; 1509 1510 mutex_lock(&cfg80211_mutex); 1511 list_for_each_entry(rdev, &cfg80211_rdev_list, list) { 1512 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk))) 1513 continue; 1514 if (wp_idx < wp_start) { 1515 wp_idx++; 1516 continue; 1517 } 1518 if_idx = 0; 1519 1520 mutex_lock(&rdev->devlist_mtx); 1521 list_for_each_entry(wdev, &rdev->netdev_list, list) { 1522 if (if_idx < if_start) { 1523 if_idx++; 1524 continue; 1525 } 1526 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid, 1527 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1528 rdev, wdev->netdev) < 0) { 1529 mutex_unlock(&rdev->devlist_mtx); 1530 goto out; 1531 } 1532 if_idx++; 1533 } 1534 mutex_unlock(&rdev->devlist_mtx); 1535 1536 wp_idx++; 1537 } 1538 out: 1539 mutex_unlock(&cfg80211_mutex); 1540 1541 cb->args[0] = wp_idx; 1542 cb->args[1] = if_idx; 1543 1544 return skb->len; 1545 } 1546 1547 static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info) 1548 { 1549 struct sk_buff *msg; 1550 struct cfg80211_registered_device *dev = info->user_ptr[0]; 1551 struct net_device *netdev = info->user_ptr[1]; 1552 1553 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1554 if (!msg) 1555 return -ENOMEM; 1556 1557 if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0, 1558 dev, netdev) < 0) { 1559 nlmsg_free(msg); 1560 return -ENOBUFS; 1561 } 1562 1563 return genlmsg_reply(msg, info); 1564 } 1565 1566 static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = { 1567 [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG }, 1568 [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG }, 1569 [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG }, 1570 [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG }, 1571 [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG }, 1572 }; 1573 1574 static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags) 1575 { 1576 struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1]; 1577 int flag; 1578 1579 *mntrflags = 0; 1580 1581 if (!nla) 1582 return -EINVAL; 1583 1584 if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX, 1585 nla, mntr_flags_policy)) 1586 return -EINVAL; 1587 1588 for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++) 1589 if (flags[flag]) 1590 *mntrflags |= (1<<flag); 1591 1592 return 0; 1593 } 1594 1595 static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev, 1596 struct net_device *netdev, u8 use_4addr, 1597 enum nl80211_iftype iftype) 1598 { 1599 if (!use_4addr) { 1600 if (netdev && (netdev->priv_flags & IFF_BRIDGE_PORT)) 1601 return -EBUSY; 1602 return 0; 1603 } 1604 1605 switch (iftype) { 1606 case NL80211_IFTYPE_AP_VLAN: 1607 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP) 1608 return 0; 1609 break; 1610 case NL80211_IFTYPE_STATION: 1611 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION) 1612 return 0; 1613 break; 1614 default: 1615 break; 1616 } 1617 1618 return -EOPNOTSUPP; 1619 } 1620 1621 static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info) 1622 { 1623 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1624 struct vif_params params; 1625 int err; 1626 enum nl80211_iftype otype, ntype; 1627 struct net_device *dev = info->user_ptr[1]; 1628 u32 _flags, *flags = NULL; 1629 bool change = false; 1630 1631 memset(¶ms, 0, sizeof(params)); 1632 1633 otype = ntype = dev->ieee80211_ptr->iftype; 1634 1635 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1636 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1637 if (otype != ntype) 1638 change = true; 1639 if (ntype > NL80211_IFTYPE_MAX) 1640 return -EINVAL; 1641 } 1642 1643 if (info->attrs[NL80211_ATTR_MESH_ID]) { 1644 struct wireless_dev *wdev = dev->ieee80211_ptr; 1645 1646 if (ntype != NL80211_IFTYPE_MESH_POINT) 1647 return -EINVAL; 1648 if (netif_running(dev)) 1649 return -EBUSY; 1650 1651 wdev_lock(wdev); 1652 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != 1653 IEEE80211_MAX_MESH_ID_LEN); 1654 wdev->mesh_id_up_len = 1655 nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1656 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), 1657 wdev->mesh_id_up_len); 1658 wdev_unlock(wdev); 1659 } 1660 1661 if (info->attrs[NL80211_ATTR_4ADDR]) { 1662 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1663 change = true; 1664 err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype); 1665 if (err) 1666 return err; 1667 } else { 1668 params.use_4addr = -1; 1669 } 1670 1671 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) { 1672 if (ntype != NL80211_IFTYPE_MONITOR) 1673 return -EINVAL; 1674 err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS], 1675 &_flags); 1676 if (err) 1677 return err; 1678 1679 flags = &_flags; 1680 change = true; 1681 } 1682 1683 if (change) 1684 err = cfg80211_change_iface(rdev, dev, ntype, flags, ¶ms); 1685 else 1686 err = 0; 1687 1688 if (!err && params.use_4addr != -1) 1689 dev->ieee80211_ptr->use_4addr = params.use_4addr; 1690 1691 return err; 1692 } 1693 1694 static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) 1695 { 1696 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1697 struct vif_params params; 1698 struct net_device *dev; 1699 int err; 1700 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED; 1701 u32 flags; 1702 1703 memset(¶ms, 0, sizeof(params)); 1704 1705 if (!info->attrs[NL80211_ATTR_IFNAME]) 1706 return -EINVAL; 1707 1708 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1709 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1710 if (type > NL80211_IFTYPE_MAX) 1711 return -EINVAL; 1712 } 1713 1714 if (!rdev->ops->add_virtual_intf || 1715 !(rdev->wiphy.interface_modes & (1 << type))) 1716 return -EOPNOTSUPP; 1717 1718 if (info->attrs[NL80211_ATTR_4ADDR]) { 1719 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1720 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type); 1721 if (err) 1722 return err; 1723 } 1724 1725 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ? 1726 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL, 1727 &flags); 1728 dev = rdev->ops->add_virtual_intf(&rdev->wiphy, 1729 nla_data(info->attrs[NL80211_ATTR_IFNAME]), 1730 type, err ? NULL : &flags, ¶ms); 1731 if (IS_ERR(dev)) 1732 return PTR_ERR(dev); 1733 1734 if (type == NL80211_IFTYPE_MESH_POINT && 1735 info->attrs[NL80211_ATTR_MESH_ID]) { 1736 struct wireless_dev *wdev = dev->ieee80211_ptr; 1737 1738 wdev_lock(wdev); 1739 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != 1740 IEEE80211_MAX_MESH_ID_LEN); 1741 wdev->mesh_id_up_len = 1742 nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1743 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), 1744 wdev->mesh_id_up_len); 1745 wdev_unlock(wdev); 1746 } 1747 1748 return 0; 1749 } 1750 1751 static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info) 1752 { 1753 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1754 struct net_device *dev = info->user_ptr[1]; 1755 1756 if (!rdev->ops->del_virtual_intf) 1757 return -EOPNOTSUPP; 1758 1759 return rdev->ops->del_virtual_intf(&rdev->wiphy, dev); 1760 } 1761 1762 static int nl80211_set_noack_map(struct sk_buff *skb, struct genl_info *info) 1763 { 1764 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1765 struct net_device *dev = info->user_ptr[1]; 1766 u16 noack_map; 1767 1768 if (!info->attrs[NL80211_ATTR_NOACK_MAP]) 1769 return -EINVAL; 1770 1771 if (!rdev->ops->set_noack_map) 1772 return -EOPNOTSUPP; 1773 1774 noack_map = nla_get_u16(info->attrs[NL80211_ATTR_NOACK_MAP]); 1775 1776 return rdev->ops->set_noack_map(&rdev->wiphy, dev, noack_map); 1777 } 1778 1779 struct get_key_cookie { 1780 struct sk_buff *msg; 1781 int error; 1782 int idx; 1783 }; 1784 1785 static void get_key_callback(void *c, struct key_params *params) 1786 { 1787 struct nlattr *key; 1788 struct get_key_cookie *cookie = c; 1789 1790 if (params->key) 1791 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_DATA, 1792 params->key_len, params->key); 1793 1794 if (params->seq) 1795 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_SEQ, 1796 params->seq_len, params->seq); 1797 1798 if (params->cipher) 1799 NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER, 1800 params->cipher); 1801 1802 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY); 1803 if (!key) 1804 goto nla_put_failure; 1805 1806 if (params->key) 1807 NLA_PUT(cookie->msg, NL80211_KEY_DATA, 1808 params->key_len, params->key); 1809 1810 if (params->seq) 1811 NLA_PUT(cookie->msg, NL80211_KEY_SEQ, 1812 params->seq_len, params->seq); 1813 1814 if (params->cipher) 1815 NLA_PUT_U32(cookie->msg, NL80211_KEY_CIPHER, 1816 params->cipher); 1817 1818 NLA_PUT_U8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx); 1819 1820 nla_nest_end(cookie->msg, key); 1821 1822 return; 1823 nla_put_failure: 1824 cookie->error = 1; 1825 } 1826 1827 static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info) 1828 { 1829 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1830 int err; 1831 struct net_device *dev = info->user_ptr[1]; 1832 u8 key_idx = 0; 1833 const u8 *mac_addr = NULL; 1834 bool pairwise; 1835 struct get_key_cookie cookie = { 1836 .error = 0, 1837 }; 1838 void *hdr; 1839 struct sk_buff *msg; 1840 1841 if (info->attrs[NL80211_ATTR_KEY_IDX]) 1842 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 1843 1844 if (key_idx > 5) 1845 return -EINVAL; 1846 1847 if (info->attrs[NL80211_ATTR_MAC]) 1848 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1849 1850 pairwise = !!mac_addr; 1851 if (info->attrs[NL80211_ATTR_KEY_TYPE]) { 1852 u32 kt = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); 1853 if (kt >= NUM_NL80211_KEYTYPES) 1854 return -EINVAL; 1855 if (kt != NL80211_KEYTYPE_GROUP && 1856 kt != NL80211_KEYTYPE_PAIRWISE) 1857 return -EINVAL; 1858 pairwise = kt == NL80211_KEYTYPE_PAIRWISE; 1859 } 1860 1861 if (!rdev->ops->get_key) 1862 return -EOPNOTSUPP; 1863 1864 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1865 if (!msg) 1866 return -ENOMEM; 1867 1868 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 1869 NL80211_CMD_NEW_KEY); 1870 if (IS_ERR(hdr)) 1871 return PTR_ERR(hdr); 1872 1873 cookie.msg = msg; 1874 cookie.idx = key_idx; 1875 1876 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1877 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx); 1878 if (mac_addr) 1879 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 1880 1881 if (pairwise && mac_addr && 1882 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) 1883 return -ENOENT; 1884 1885 err = rdev->ops->get_key(&rdev->wiphy, dev, key_idx, pairwise, 1886 mac_addr, &cookie, get_key_callback); 1887 1888 if (err) 1889 goto free_msg; 1890 1891 if (cookie.error) 1892 goto nla_put_failure; 1893 1894 genlmsg_end(msg, hdr); 1895 return genlmsg_reply(msg, info); 1896 1897 nla_put_failure: 1898 err = -ENOBUFS; 1899 free_msg: 1900 nlmsg_free(msg); 1901 return err; 1902 } 1903 1904 static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info) 1905 { 1906 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1907 struct key_parse key; 1908 int err; 1909 struct net_device *dev = info->user_ptr[1]; 1910 1911 err = nl80211_parse_key(info, &key); 1912 if (err) 1913 return err; 1914 1915 if (key.idx < 0) 1916 return -EINVAL; 1917 1918 /* only support setting default key */ 1919 if (!key.def && !key.defmgmt) 1920 return -EINVAL; 1921 1922 wdev_lock(dev->ieee80211_ptr); 1923 1924 if (key.def) { 1925 if (!rdev->ops->set_default_key) { 1926 err = -EOPNOTSUPP; 1927 goto out; 1928 } 1929 1930 err = nl80211_key_allowed(dev->ieee80211_ptr); 1931 if (err) 1932 goto out; 1933 1934 err = rdev->ops->set_default_key(&rdev->wiphy, dev, key.idx, 1935 key.def_uni, key.def_multi); 1936 1937 if (err) 1938 goto out; 1939 1940 #ifdef CONFIG_CFG80211_WEXT 1941 dev->ieee80211_ptr->wext.default_key = key.idx; 1942 #endif 1943 } else { 1944 if (key.def_uni || !key.def_multi) { 1945 err = -EINVAL; 1946 goto out; 1947 } 1948 1949 if (!rdev->ops->set_default_mgmt_key) { 1950 err = -EOPNOTSUPP; 1951 goto out; 1952 } 1953 1954 err = nl80211_key_allowed(dev->ieee80211_ptr); 1955 if (err) 1956 goto out; 1957 1958 err = rdev->ops->set_default_mgmt_key(&rdev->wiphy, 1959 dev, key.idx); 1960 if (err) 1961 goto out; 1962 1963 #ifdef CONFIG_CFG80211_WEXT 1964 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx; 1965 #endif 1966 } 1967 1968 out: 1969 wdev_unlock(dev->ieee80211_ptr); 1970 1971 return err; 1972 } 1973 1974 static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info) 1975 { 1976 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1977 int err; 1978 struct net_device *dev = info->user_ptr[1]; 1979 struct key_parse key; 1980 const u8 *mac_addr = NULL; 1981 1982 err = nl80211_parse_key(info, &key); 1983 if (err) 1984 return err; 1985 1986 if (!key.p.key) 1987 return -EINVAL; 1988 1989 if (info->attrs[NL80211_ATTR_MAC]) 1990 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1991 1992 if (key.type == -1) { 1993 if (mac_addr) 1994 key.type = NL80211_KEYTYPE_PAIRWISE; 1995 else 1996 key.type = NL80211_KEYTYPE_GROUP; 1997 } 1998 1999 /* for now */ 2000 if (key.type != NL80211_KEYTYPE_PAIRWISE && 2001 key.type != NL80211_KEYTYPE_GROUP) 2002 return -EINVAL; 2003 2004 if (!rdev->ops->add_key) 2005 return -EOPNOTSUPP; 2006 2007 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx, 2008 key.type == NL80211_KEYTYPE_PAIRWISE, 2009 mac_addr)) 2010 return -EINVAL; 2011 2012 wdev_lock(dev->ieee80211_ptr); 2013 err = nl80211_key_allowed(dev->ieee80211_ptr); 2014 if (!err) 2015 err = rdev->ops->add_key(&rdev->wiphy, dev, key.idx, 2016 key.type == NL80211_KEYTYPE_PAIRWISE, 2017 mac_addr, &key.p); 2018 wdev_unlock(dev->ieee80211_ptr); 2019 2020 return err; 2021 } 2022 2023 static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info) 2024 { 2025 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2026 int err; 2027 struct net_device *dev = info->user_ptr[1]; 2028 u8 *mac_addr = NULL; 2029 struct key_parse key; 2030 2031 err = nl80211_parse_key(info, &key); 2032 if (err) 2033 return err; 2034 2035 if (info->attrs[NL80211_ATTR_MAC]) 2036 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2037 2038 if (key.type == -1) { 2039 if (mac_addr) 2040 key.type = NL80211_KEYTYPE_PAIRWISE; 2041 else 2042 key.type = NL80211_KEYTYPE_GROUP; 2043 } 2044 2045 /* for now */ 2046 if (key.type != NL80211_KEYTYPE_PAIRWISE && 2047 key.type != NL80211_KEYTYPE_GROUP) 2048 return -EINVAL; 2049 2050 if (!rdev->ops->del_key) 2051 return -EOPNOTSUPP; 2052 2053 wdev_lock(dev->ieee80211_ptr); 2054 err = nl80211_key_allowed(dev->ieee80211_ptr); 2055 2056 if (key.type == NL80211_KEYTYPE_PAIRWISE && mac_addr && 2057 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) 2058 err = -ENOENT; 2059 2060 if (!err) 2061 err = rdev->ops->del_key(&rdev->wiphy, dev, key.idx, 2062 key.type == NL80211_KEYTYPE_PAIRWISE, 2063 mac_addr); 2064 2065 #ifdef CONFIG_CFG80211_WEXT 2066 if (!err) { 2067 if (key.idx == dev->ieee80211_ptr->wext.default_key) 2068 dev->ieee80211_ptr->wext.default_key = -1; 2069 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key) 2070 dev->ieee80211_ptr->wext.default_mgmt_key = -1; 2071 } 2072 #endif 2073 wdev_unlock(dev->ieee80211_ptr); 2074 2075 return err; 2076 } 2077 2078 static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info) 2079 { 2080 int (*call)(struct wiphy *wiphy, struct net_device *dev, 2081 struct beacon_parameters *info); 2082 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2083 struct net_device *dev = info->user_ptr[1]; 2084 struct wireless_dev *wdev = dev->ieee80211_ptr; 2085 struct beacon_parameters params; 2086 int haveinfo = 0, err; 2087 2088 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_BEACON_TAIL]) || 2089 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]) || 2090 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE_PROBE_RESP]) || 2091 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE_ASSOC_RESP])) 2092 return -EINVAL; 2093 2094 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2095 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2096 return -EOPNOTSUPP; 2097 2098 memset(¶ms, 0, sizeof(params)); 2099 2100 switch (info->genlhdr->cmd) { 2101 case NL80211_CMD_NEW_BEACON: 2102 /* these are required for NEW_BEACON */ 2103 if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] || 2104 !info->attrs[NL80211_ATTR_DTIM_PERIOD] || 2105 !info->attrs[NL80211_ATTR_BEACON_HEAD]) 2106 return -EINVAL; 2107 2108 params.interval = 2109 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 2110 params.dtim_period = 2111 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]); 2112 2113 err = cfg80211_validate_beacon_int(rdev, params.interval); 2114 if (err) 2115 return err; 2116 2117 /* 2118 * In theory, some of these attributes could be required for 2119 * NEW_BEACON, but since they were not used when the command was 2120 * originally added, keep them optional for old user space 2121 * programs to work with drivers that do not need the additional 2122 * information. 2123 */ 2124 if (info->attrs[NL80211_ATTR_SSID]) { 2125 params.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 2126 params.ssid_len = 2127 nla_len(info->attrs[NL80211_ATTR_SSID]); 2128 if (params.ssid_len == 0 || 2129 params.ssid_len > IEEE80211_MAX_SSID_LEN) 2130 return -EINVAL; 2131 } 2132 2133 if (info->attrs[NL80211_ATTR_HIDDEN_SSID]) { 2134 params.hidden_ssid = nla_get_u32( 2135 info->attrs[NL80211_ATTR_HIDDEN_SSID]); 2136 if (params.hidden_ssid != 2137 NL80211_HIDDEN_SSID_NOT_IN_USE && 2138 params.hidden_ssid != 2139 NL80211_HIDDEN_SSID_ZERO_LEN && 2140 params.hidden_ssid != 2141 NL80211_HIDDEN_SSID_ZERO_CONTENTS) 2142 return -EINVAL; 2143 } 2144 2145 params.privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; 2146 2147 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { 2148 params.auth_type = nla_get_u32( 2149 info->attrs[NL80211_ATTR_AUTH_TYPE]); 2150 if (!nl80211_valid_auth_type(params.auth_type)) 2151 return -EINVAL; 2152 } else 2153 params.auth_type = NL80211_AUTHTYPE_AUTOMATIC; 2154 2155 err = nl80211_crypto_settings(rdev, info, ¶ms.crypto, 2156 NL80211_MAX_NR_CIPHER_SUITES); 2157 if (err) 2158 return err; 2159 2160 call = rdev->ops->add_beacon; 2161 break; 2162 case NL80211_CMD_SET_BEACON: 2163 call = rdev->ops->set_beacon; 2164 break; 2165 default: 2166 WARN_ON(1); 2167 return -EOPNOTSUPP; 2168 } 2169 2170 if (!call) 2171 return -EOPNOTSUPP; 2172 2173 if (info->attrs[NL80211_ATTR_BEACON_HEAD]) { 2174 params.head = nla_data(info->attrs[NL80211_ATTR_BEACON_HEAD]); 2175 params.head_len = 2176 nla_len(info->attrs[NL80211_ATTR_BEACON_HEAD]); 2177 haveinfo = 1; 2178 } 2179 2180 if (info->attrs[NL80211_ATTR_BEACON_TAIL]) { 2181 params.tail = nla_data(info->attrs[NL80211_ATTR_BEACON_TAIL]); 2182 params.tail_len = 2183 nla_len(info->attrs[NL80211_ATTR_BEACON_TAIL]); 2184 haveinfo = 1; 2185 } 2186 2187 if (!haveinfo) 2188 return -EINVAL; 2189 2190 if (info->attrs[NL80211_ATTR_IE]) { 2191 params.beacon_ies = nla_data(info->attrs[NL80211_ATTR_IE]); 2192 params.beacon_ies_len = nla_len(info->attrs[NL80211_ATTR_IE]); 2193 } 2194 2195 if (info->attrs[NL80211_ATTR_IE_PROBE_RESP]) { 2196 params.proberesp_ies = 2197 nla_data(info->attrs[NL80211_ATTR_IE_PROBE_RESP]); 2198 params.proberesp_ies_len = 2199 nla_len(info->attrs[NL80211_ATTR_IE_PROBE_RESP]); 2200 } 2201 2202 if (info->attrs[NL80211_ATTR_IE_ASSOC_RESP]) { 2203 params.assocresp_ies = 2204 nla_data(info->attrs[NL80211_ATTR_IE_ASSOC_RESP]); 2205 params.assocresp_ies_len = 2206 nla_len(info->attrs[NL80211_ATTR_IE_ASSOC_RESP]); 2207 } 2208 2209 if (info->attrs[NL80211_ATTR_PROBE_RESP]) { 2210 params.probe_resp = 2211 nla_data(info->attrs[NL80211_ATTR_PROBE_RESP]); 2212 params.probe_resp_len = 2213 nla_len(info->attrs[NL80211_ATTR_PROBE_RESP]); 2214 } 2215 2216 err = call(&rdev->wiphy, dev, ¶ms); 2217 if (!err && params.interval) 2218 wdev->beacon_interval = params.interval; 2219 return err; 2220 } 2221 2222 static int nl80211_del_beacon(struct sk_buff *skb, struct genl_info *info) 2223 { 2224 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2225 struct net_device *dev = info->user_ptr[1]; 2226 struct wireless_dev *wdev = dev->ieee80211_ptr; 2227 int err; 2228 2229 if (!rdev->ops->del_beacon) 2230 return -EOPNOTSUPP; 2231 2232 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2233 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2234 return -EOPNOTSUPP; 2235 2236 err = rdev->ops->del_beacon(&rdev->wiphy, dev); 2237 if (!err) 2238 wdev->beacon_interval = 0; 2239 return err; 2240 } 2241 2242 static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = { 2243 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG }, 2244 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG }, 2245 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG }, 2246 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG }, 2247 [NL80211_STA_FLAG_AUTHENTICATED] = { .type = NLA_FLAG }, 2248 [NL80211_STA_FLAG_TDLS_PEER] = { .type = NLA_FLAG }, 2249 }; 2250 2251 static int parse_station_flags(struct genl_info *info, 2252 enum nl80211_iftype iftype, 2253 struct station_parameters *params) 2254 { 2255 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1]; 2256 struct nlattr *nla; 2257 int flag; 2258 2259 /* 2260 * Try parsing the new attribute first so userspace 2261 * can specify both for older kernels. 2262 */ 2263 nla = info->attrs[NL80211_ATTR_STA_FLAGS2]; 2264 if (nla) { 2265 struct nl80211_sta_flag_update *sta_flags; 2266 2267 sta_flags = nla_data(nla); 2268 params->sta_flags_mask = sta_flags->mask; 2269 params->sta_flags_set = sta_flags->set; 2270 if ((params->sta_flags_mask | 2271 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID)) 2272 return -EINVAL; 2273 return 0; 2274 } 2275 2276 /* if present, parse the old attribute */ 2277 2278 nla = info->attrs[NL80211_ATTR_STA_FLAGS]; 2279 if (!nla) 2280 return 0; 2281 2282 if (nla_parse_nested(flags, NL80211_STA_FLAG_MAX, 2283 nla, sta_flags_policy)) 2284 return -EINVAL; 2285 2286 /* 2287 * Only allow certain flags for interface types so that 2288 * other attributes are silently ignored. Remember that 2289 * this is backward compatibility code with old userspace 2290 * and shouldn't be hit in other cases anyway. 2291 */ 2292 switch (iftype) { 2293 case NL80211_IFTYPE_AP: 2294 case NL80211_IFTYPE_AP_VLAN: 2295 case NL80211_IFTYPE_P2P_GO: 2296 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) | 2297 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) | 2298 BIT(NL80211_STA_FLAG_WME) | 2299 BIT(NL80211_STA_FLAG_MFP); 2300 break; 2301 case NL80211_IFTYPE_P2P_CLIENT: 2302 case NL80211_IFTYPE_STATION: 2303 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) | 2304 BIT(NL80211_STA_FLAG_TDLS_PEER); 2305 break; 2306 case NL80211_IFTYPE_MESH_POINT: 2307 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHENTICATED) | 2308 BIT(NL80211_STA_FLAG_MFP) | 2309 BIT(NL80211_STA_FLAG_AUTHORIZED); 2310 default: 2311 return -EINVAL; 2312 } 2313 2314 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++) 2315 if (flags[flag]) 2316 params->sta_flags_set |= (1<<flag); 2317 2318 return 0; 2319 } 2320 2321 static bool nl80211_put_sta_rate(struct sk_buff *msg, struct rate_info *info, 2322 int attr) 2323 { 2324 struct nlattr *rate; 2325 u16 bitrate; 2326 2327 rate = nla_nest_start(msg, attr); 2328 if (!rate) 2329 goto nla_put_failure; 2330 2331 /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */ 2332 bitrate = cfg80211_calculate_bitrate(info); 2333 if (bitrate > 0) 2334 NLA_PUT_U16(msg, NL80211_RATE_INFO_BITRATE, bitrate); 2335 2336 if (info->flags & RATE_INFO_FLAGS_MCS) 2337 NLA_PUT_U8(msg, NL80211_RATE_INFO_MCS, info->mcs); 2338 if (info->flags & RATE_INFO_FLAGS_40_MHZ_WIDTH) 2339 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_40_MHZ_WIDTH); 2340 if (info->flags & RATE_INFO_FLAGS_SHORT_GI) 2341 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_SHORT_GI); 2342 2343 nla_nest_end(msg, rate); 2344 return true; 2345 2346 nla_put_failure: 2347 return false; 2348 } 2349 2350 static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq, 2351 int flags, struct net_device *dev, 2352 const u8 *mac_addr, struct station_info *sinfo) 2353 { 2354 void *hdr; 2355 struct nlattr *sinfoattr, *bss_param; 2356 2357 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 2358 if (!hdr) 2359 return -1; 2360 2361 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2362 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 2363 2364 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, sinfo->generation); 2365 2366 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO); 2367 if (!sinfoattr) 2368 goto nla_put_failure; 2369 if (sinfo->filled & STATION_INFO_CONNECTED_TIME) 2370 NLA_PUT_U32(msg, NL80211_STA_INFO_CONNECTED_TIME, 2371 sinfo->connected_time); 2372 if (sinfo->filled & STATION_INFO_INACTIVE_TIME) 2373 NLA_PUT_U32(msg, NL80211_STA_INFO_INACTIVE_TIME, 2374 sinfo->inactive_time); 2375 if (sinfo->filled & STATION_INFO_RX_BYTES) 2376 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_BYTES, 2377 sinfo->rx_bytes); 2378 if (sinfo->filled & STATION_INFO_TX_BYTES) 2379 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_BYTES, 2380 sinfo->tx_bytes); 2381 if (sinfo->filled & STATION_INFO_LLID) 2382 NLA_PUT_U16(msg, NL80211_STA_INFO_LLID, 2383 sinfo->llid); 2384 if (sinfo->filled & STATION_INFO_PLID) 2385 NLA_PUT_U16(msg, NL80211_STA_INFO_PLID, 2386 sinfo->plid); 2387 if (sinfo->filled & STATION_INFO_PLINK_STATE) 2388 NLA_PUT_U8(msg, NL80211_STA_INFO_PLINK_STATE, 2389 sinfo->plink_state); 2390 if (sinfo->filled & STATION_INFO_SIGNAL) 2391 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL, 2392 sinfo->signal); 2393 if (sinfo->filled & STATION_INFO_SIGNAL_AVG) 2394 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL_AVG, 2395 sinfo->signal_avg); 2396 if (sinfo->filled & STATION_INFO_TX_BITRATE) { 2397 if (!nl80211_put_sta_rate(msg, &sinfo->txrate, 2398 NL80211_STA_INFO_TX_BITRATE)) 2399 goto nla_put_failure; 2400 } 2401 if (sinfo->filled & STATION_INFO_RX_BITRATE) { 2402 if (!nl80211_put_sta_rate(msg, &sinfo->rxrate, 2403 NL80211_STA_INFO_RX_BITRATE)) 2404 goto nla_put_failure; 2405 } 2406 if (sinfo->filled & STATION_INFO_RX_PACKETS) 2407 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_PACKETS, 2408 sinfo->rx_packets); 2409 if (sinfo->filled & STATION_INFO_TX_PACKETS) 2410 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_PACKETS, 2411 sinfo->tx_packets); 2412 if (sinfo->filled & STATION_INFO_TX_RETRIES) 2413 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_RETRIES, 2414 sinfo->tx_retries); 2415 if (sinfo->filled & STATION_INFO_TX_FAILED) 2416 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_FAILED, 2417 sinfo->tx_failed); 2418 if (sinfo->filled & STATION_INFO_BEACON_LOSS_COUNT) 2419 NLA_PUT_U32(msg, NL80211_STA_INFO_BEACON_LOSS, 2420 sinfo->beacon_loss_count); 2421 if (sinfo->filled & STATION_INFO_BSS_PARAM) { 2422 bss_param = nla_nest_start(msg, NL80211_STA_INFO_BSS_PARAM); 2423 if (!bss_param) 2424 goto nla_put_failure; 2425 2426 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_CTS_PROT) 2427 NLA_PUT_FLAG(msg, NL80211_STA_BSS_PARAM_CTS_PROT); 2428 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_PREAMBLE) 2429 NLA_PUT_FLAG(msg, NL80211_STA_BSS_PARAM_SHORT_PREAMBLE); 2430 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_SLOT_TIME) 2431 NLA_PUT_FLAG(msg, 2432 NL80211_STA_BSS_PARAM_SHORT_SLOT_TIME); 2433 NLA_PUT_U8(msg, NL80211_STA_BSS_PARAM_DTIM_PERIOD, 2434 sinfo->bss_param.dtim_period); 2435 NLA_PUT_U16(msg, NL80211_STA_BSS_PARAM_BEACON_INTERVAL, 2436 sinfo->bss_param.beacon_interval); 2437 2438 nla_nest_end(msg, bss_param); 2439 } 2440 if (sinfo->filled & STATION_INFO_STA_FLAGS) 2441 NLA_PUT(msg, NL80211_STA_INFO_STA_FLAGS, 2442 sizeof(struct nl80211_sta_flag_update), 2443 &sinfo->sta_flags); 2444 nla_nest_end(msg, sinfoattr); 2445 2446 if (sinfo->filled & STATION_INFO_ASSOC_REQ_IES) 2447 NLA_PUT(msg, NL80211_ATTR_IE, sinfo->assoc_req_ies_len, 2448 sinfo->assoc_req_ies); 2449 2450 return genlmsg_end(msg, hdr); 2451 2452 nla_put_failure: 2453 genlmsg_cancel(msg, hdr); 2454 return -EMSGSIZE; 2455 } 2456 2457 static int nl80211_dump_station(struct sk_buff *skb, 2458 struct netlink_callback *cb) 2459 { 2460 struct station_info sinfo; 2461 struct cfg80211_registered_device *dev; 2462 struct net_device *netdev; 2463 u8 mac_addr[ETH_ALEN]; 2464 int sta_idx = cb->args[1]; 2465 int err; 2466 2467 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 2468 if (err) 2469 return err; 2470 2471 if (!dev->ops->dump_station) { 2472 err = -EOPNOTSUPP; 2473 goto out_err; 2474 } 2475 2476 while (1) { 2477 memset(&sinfo, 0, sizeof(sinfo)); 2478 err = dev->ops->dump_station(&dev->wiphy, netdev, sta_idx, 2479 mac_addr, &sinfo); 2480 if (err == -ENOENT) 2481 break; 2482 if (err) 2483 goto out_err; 2484 2485 if (nl80211_send_station(skb, 2486 NETLINK_CB(cb->skb).pid, 2487 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2488 netdev, mac_addr, 2489 &sinfo) < 0) 2490 goto out; 2491 2492 sta_idx++; 2493 } 2494 2495 2496 out: 2497 cb->args[1] = sta_idx; 2498 err = skb->len; 2499 out_err: 2500 nl80211_finish_netdev_dump(dev); 2501 2502 return err; 2503 } 2504 2505 static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info) 2506 { 2507 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2508 struct net_device *dev = info->user_ptr[1]; 2509 struct station_info sinfo; 2510 struct sk_buff *msg; 2511 u8 *mac_addr = NULL; 2512 int err; 2513 2514 memset(&sinfo, 0, sizeof(sinfo)); 2515 2516 if (!info->attrs[NL80211_ATTR_MAC]) 2517 return -EINVAL; 2518 2519 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2520 2521 if (!rdev->ops->get_station) 2522 return -EOPNOTSUPP; 2523 2524 err = rdev->ops->get_station(&rdev->wiphy, dev, mac_addr, &sinfo); 2525 if (err) 2526 return err; 2527 2528 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2529 if (!msg) 2530 return -ENOMEM; 2531 2532 if (nl80211_send_station(msg, info->snd_pid, info->snd_seq, 0, 2533 dev, mac_addr, &sinfo) < 0) { 2534 nlmsg_free(msg); 2535 return -ENOBUFS; 2536 } 2537 2538 return genlmsg_reply(msg, info); 2539 } 2540 2541 /* 2542 * Get vlan interface making sure it is running and on the right wiphy. 2543 */ 2544 static struct net_device *get_vlan(struct genl_info *info, 2545 struct cfg80211_registered_device *rdev) 2546 { 2547 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN]; 2548 struct net_device *v; 2549 int ret; 2550 2551 if (!vlanattr) 2552 return NULL; 2553 2554 v = dev_get_by_index(genl_info_net(info), nla_get_u32(vlanattr)); 2555 if (!v) 2556 return ERR_PTR(-ENODEV); 2557 2558 if (!v->ieee80211_ptr || v->ieee80211_ptr->wiphy != &rdev->wiphy) { 2559 ret = -EINVAL; 2560 goto error; 2561 } 2562 2563 if (!netif_running(v)) { 2564 ret = -ENETDOWN; 2565 goto error; 2566 } 2567 2568 return v; 2569 error: 2570 dev_put(v); 2571 return ERR_PTR(ret); 2572 } 2573 2574 static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info) 2575 { 2576 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2577 int err; 2578 struct net_device *dev = info->user_ptr[1]; 2579 struct station_parameters params; 2580 u8 *mac_addr = NULL; 2581 2582 memset(¶ms, 0, sizeof(params)); 2583 2584 params.listen_interval = -1; 2585 params.plink_state = -1; 2586 2587 if (info->attrs[NL80211_ATTR_STA_AID]) 2588 return -EINVAL; 2589 2590 if (!info->attrs[NL80211_ATTR_MAC]) 2591 return -EINVAL; 2592 2593 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2594 2595 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) { 2596 params.supported_rates = 2597 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2598 params.supported_rates_len = 2599 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2600 } 2601 2602 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2603 params.listen_interval = 2604 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2605 2606 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2607 params.ht_capa = 2608 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2609 2610 if (!rdev->ops->change_station) 2611 return -EOPNOTSUPP; 2612 2613 if (parse_station_flags(info, dev->ieee80211_ptr->iftype, ¶ms)) 2614 return -EINVAL; 2615 2616 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) 2617 params.plink_action = 2618 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]); 2619 2620 if (info->attrs[NL80211_ATTR_STA_PLINK_STATE]) 2621 params.plink_state = 2622 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_STATE]); 2623 2624 switch (dev->ieee80211_ptr->iftype) { 2625 case NL80211_IFTYPE_AP: 2626 case NL80211_IFTYPE_AP_VLAN: 2627 case NL80211_IFTYPE_P2P_GO: 2628 /* disallow mesh-specific things */ 2629 if (params.plink_action) 2630 return -EINVAL; 2631 2632 /* TDLS can't be set, ... */ 2633 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) 2634 return -EINVAL; 2635 /* 2636 * ... but don't bother the driver with it. This works around 2637 * a hostapd/wpa_supplicant issue -- it always includes the 2638 * TLDS_PEER flag in the mask even for AP mode. 2639 */ 2640 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER); 2641 2642 /* accept only the listed bits */ 2643 if (params.sta_flags_mask & 2644 ~(BIT(NL80211_STA_FLAG_AUTHORIZED) | 2645 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) | 2646 BIT(NL80211_STA_FLAG_WME) | 2647 BIT(NL80211_STA_FLAG_MFP))) 2648 return -EINVAL; 2649 2650 /* must be last in here for error handling */ 2651 params.vlan = get_vlan(info, rdev); 2652 if (IS_ERR(params.vlan)) 2653 return PTR_ERR(params.vlan); 2654 break; 2655 case NL80211_IFTYPE_P2P_CLIENT: 2656 case NL80211_IFTYPE_STATION: 2657 /* disallow things sta doesn't support */ 2658 if (params.plink_action) 2659 return -EINVAL; 2660 if (params.ht_capa) 2661 return -EINVAL; 2662 if (params.listen_interval >= 0) 2663 return -EINVAL; 2664 /* 2665 * Don't allow userspace to change the TDLS_PEER flag, 2666 * but silently ignore attempts to change it since we 2667 * don't have state here to verify that it doesn't try 2668 * to change the flag. 2669 */ 2670 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER); 2671 2672 /* reject any changes other than AUTHORIZED */ 2673 if (params.sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED)) 2674 return -EINVAL; 2675 break; 2676 case NL80211_IFTYPE_MESH_POINT: 2677 /* disallow things mesh doesn't support */ 2678 if (params.vlan) 2679 return -EINVAL; 2680 if (params.ht_capa) 2681 return -EINVAL; 2682 if (params.listen_interval >= 0) 2683 return -EINVAL; 2684 /* 2685 * No special handling for TDLS here -- the userspace 2686 * mesh code doesn't have this bug. 2687 */ 2688 if (params.sta_flags_mask & 2689 ~(BIT(NL80211_STA_FLAG_AUTHENTICATED) | 2690 BIT(NL80211_STA_FLAG_MFP) | 2691 BIT(NL80211_STA_FLAG_AUTHORIZED))) 2692 return -EINVAL; 2693 break; 2694 default: 2695 return -EOPNOTSUPP; 2696 } 2697 2698 /* be aware of params.vlan when changing code here */ 2699 2700 err = rdev->ops->change_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2701 2702 if (params.vlan) 2703 dev_put(params.vlan); 2704 2705 return err; 2706 } 2707 2708 static struct nla_policy 2709 nl80211_sta_wme_policy[NL80211_STA_WME_MAX + 1] __read_mostly = { 2710 [NL80211_STA_WME_UAPSD_QUEUES] = { .type = NLA_U8 }, 2711 [NL80211_STA_WME_MAX_SP] = { .type = NLA_U8 }, 2712 }; 2713 2714 static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info) 2715 { 2716 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2717 int err; 2718 struct net_device *dev = info->user_ptr[1]; 2719 struct station_parameters params; 2720 u8 *mac_addr = NULL; 2721 2722 memset(¶ms, 0, sizeof(params)); 2723 2724 if (!info->attrs[NL80211_ATTR_MAC]) 2725 return -EINVAL; 2726 2727 if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2728 return -EINVAL; 2729 2730 if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) 2731 return -EINVAL; 2732 2733 if (!info->attrs[NL80211_ATTR_STA_AID]) 2734 return -EINVAL; 2735 2736 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2737 params.supported_rates = 2738 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2739 params.supported_rates_len = 2740 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2741 params.listen_interval = 2742 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2743 2744 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]); 2745 if (!params.aid || params.aid > IEEE80211_MAX_AID) 2746 return -EINVAL; 2747 2748 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2749 params.ht_capa = 2750 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2751 2752 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) 2753 params.plink_action = 2754 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]); 2755 2756 if (!rdev->ops->add_station) 2757 return -EOPNOTSUPP; 2758 2759 if (parse_station_flags(info, dev->ieee80211_ptr->iftype, ¶ms)) 2760 return -EINVAL; 2761 2762 switch (dev->ieee80211_ptr->iftype) { 2763 case NL80211_IFTYPE_AP: 2764 case NL80211_IFTYPE_AP_VLAN: 2765 case NL80211_IFTYPE_P2P_GO: 2766 /* parse WME attributes if sta is WME capable */ 2767 if ((rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) && 2768 (params.sta_flags_set & BIT(NL80211_STA_FLAG_WME)) && 2769 info->attrs[NL80211_ATTR_STA_WME]) { 2770 struct nlattr *tb[NL80211_STA_WME_MAX + 1]; 2771 struct nlattr *nla; 2772 2773 nla = info->attrs[NL80211_ATTR_STA_WME]; 2774 err = nla_parse_nested(tb, NL80211_STA_WME_MAX, nla, 2775 nl80211_sta_wme_policy); 2776 if (err) 2777 return err; 2778 2779 if (tb[NL80211_STA_WME_UAPSD_QUEUES]) 2780 params.uapsd_queues = 2781 nla_get_u8(tb[NL80211_STA_WME_UAPSD_QUEUES]); 2782 if (params.uapsd_queues & 2783 ~IEEE80211_WMM_IE_STA_QOSINFO_AC_MASK) 2784 return -EINVAL; 2785 2786 if (tb[NL80211_STA_WME_MAX_SP]) 2787 params.max_sp = 2788 nla_get_u8(tb[NL80211_STA_WME_MAX_SP]); 2789 2790 if (params.max_sp & 2791 ~IEEE80211_WMM_IE_STA_QOSINFO_SP_MASK) 2792 return -EINVAL; 2793 2794 params.sta_modify_mask |= STATION_PARAM_APPLY_UAPSD; 2795 } 2796 /* TDLS peers cannot be added */ 2797 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) 2798 return -EINVAL; 2799 /* but don't bother the driver with it */ 2800 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER); 2801 2802 /* must be last in here for error handling */ 2803 params.vlan = get_vlan(info, rdev); 2804 if (IS_ERR(params.vlan)) 2805 return PTR_ERR(params.vlan); 2806 break; 2807 case NL80211_IFTYPE_MESH_POINT: 2808 /* TDLS peers cannot be added */ 2809 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) 2810 return -EINVAL; 2811 break; 2812 case NL80211_IFTYPE_STATION: 2813 /* Only TDLS peers can be added */ 2814 if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))) 2815 return -EINVAL; 2816 /* Can only add if TDLS ... */ 2817 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS)) 2818 return -EOPNOTSUPP; 2819 /* ... with external setup is supported */ 2820 if (!(rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP)) 2821 return -EOPNOTSUPP; 2822 break; 2823 default: 2824 return -EOPNOTSUPP; 2825 } 2826 2827 /* be aware of params.vlan when changing code here */ 2828 2829 err = rdev->ops->add_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2830 2831 if (params.vlan) 2832 dev_put(params.vlan); 2833 return err; 2834 } 2835 2836 static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info) 2837 { 2838 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2839 struct net_device *dev = info->user_ptr[1]; 2840 u8 *mac_addr = NULL; 2841 2842 if (info->attrs[NL80211_ATTR_MAC]) 2843 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2844 2845 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2846 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 2847 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 2848 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2849 return -EINVAL; 2850 2851 if (!rdev->ops->del_station) 2852 return -EOPNOTSUPP; 2853 2854 return rdev->ops->del_station(&rdev->wiphy, dev, mac_addr); 2855 } 2856 2857 static int nl80211_send_mpath(struct sk_buff *msg, u32 pid, u32 seq, 2858 int flags, struct net_device *dev, 2859 u8 *dst, u8 *next_hop, 2860 struct mpath_info *pinfo) 2861 { 2862 void *hdr; 2863 struct nlattr *pinfoattr; 2864 2865 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 2866 if (!hdr) 2867 return -1; 2868 2869 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2870 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst); 2871 NLA_PUT(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop); 2872 2873 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, pinfo->generation); 2874 2875 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO); 2876 if (!pinfoattr) 2877 goto nla_put_failure; 2878 if (pinfo->filled & MPATH_INFO_FRAME_QLEN) 2879 NLA_PUT_U32(msg, NL80211_MPATH_INFO_FRAME_QLEN, 2880 pinfo->frame_qlen); 2881 if (pinfo->filled & MPATH_INFO_SN) 2882 NLA_PUT_U32(msg, NL80211_MPATH_INFO_SN, 2883 pinfo->sn); 2884 if (pinfo->filled & MPATH_INFO_METRIC) 2885 NLA_PUT_U32(msg, NL80211_MPATH_INFO_METRIC, 2886 pinfo->metric); 2887 if (pinfo->filled & MPATH_INFO_EXPTIME) 2888 NLA_PUT_U32(msg, NL80211_MPATH_INFO_EXPTIME, 2889 pinfo->exptime); 2890 if (pinfo->filled & MPATH_INFO_FLAGS) 2891 NLA_PUT_U8(msg, NL80211_MPATH_INFO_FLAGS, 2892 pinfo->flags); 2893 if (pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT) 2894 NLA_PUT_U32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT, 2895 pinfo->discovery_timeout); 2896 if (pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES) 2897 NLA_PUT_U8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES, 2898 pinfo->discovery_retries); 2899 2900 nla_nest_end(msg, pinfoattr); 2901 2902 return genlmsg_end(msg, hdr); 2903 2904 nla_put_failure: 2905 genlmsg_cancel(msg, hdr); 2906 return -EMSGSIZE; 2907 } 2908 2909 static int nl80211_dump_mpath(struct sk_buff *skb, 2910 struct netlink_callback *cb) 2911 { 2912 struct mpath_info pinfo; 2913 struct cfg80211_registered_device *dev; 2914 struct net_device *netdev; 2915 u8 dst[ETH_ALEN]; 2916 u8 next_hop[ETH_ALEN]; 2917 int path_idx = cb->args[1]; 2918 int err; 2919 2920 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 2921 if (err) 2922 return err; 2923 2924 if (!dev->ops->dump_mpath) { 2925 err = -EOPNOTSUPP; 2926 goto out_err; 2927 } 2928 2929 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) { 2930 err = -EOPNOTSUPP; 2931 goto out_err; 2932 } 2933 2934 while (1) { 2935 err = dev->ops->dump_mpath(&dev->wiphy, netdev, path_idx, 2936 dst, next_hop, &pinfo); 2937 if (err == -ENOENT) 2938 break; 2939 if (err) 2940 goto out_err; 2941 2942 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).pid, 2943 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2944 netdev, dst, next_hop, 2945 &pinfo) < 0) 2946 goto out; 2947 2948 path_idx++; 2949 } 2950 2951 2952 out: 2953 cb->args[1] = path_idx; 2954 err = skb->len; 2955 out_err: 2956 nl80211_finish_netdev_dump(dev); 2957 return err; 2958 } 2959 2960 static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info) 2961 { 2962 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2963 int err; 2964 struct net_device *dev = info->user_ptr[1]; 2965 struct mpath_info pinfo; 2966 struct sk_buff *msg; 2967 u8 *dst = NULL; 2968 u8 next_hop[ETH_ALEN]; 2969 2970 memset(&pinfo, 0, sizeof(pinfo)); 2971 2972 if (!info->attrs[NL80211_ATTR_MAC]) 2973 return -EINVAL; 2974 2975 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2976 2977 if (!rdev->ops->get_mpath) 2978 return -EOPNOTSUPP; 2979 2980 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2981 return -EOPNOTSUPP; 2982 2983 err = rdev->ops->get_mpath(&rdev->wiphy, dev, dst, next_hop, &pinfo); 2984 if (err) 2985 return err; 2986 2987 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2988 if (!msg) 2989 return -ENOMEM; 2990 2991 if (nl80211_send_mpath(msg, info->snd_pid, info->snd_seq, 0, 2992 dev, dst, next_hop, &pinfo) < 0) { 2993 nlmsg_free(msg); 2994 return -ENOBUFS; 2995 } 2996 2997 return genlmsg_reply(msg, info); 2998 } 2999 3000 static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info) 3001 { 3002 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3003 struct net_device *dev = info->user_ptr[1]; 3004 u8 *dst = NULL; 3005 u8 *next_hop = NULL; 3006 3007 if (!info->attrs[NL80211_ATTR_MAC]) 3008 return -EINVAL; 3009 3010 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 3011 return -EINVAL; 3012 3013 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 3014 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 3015 3016 if (!rdev->ops->change_mpath) 3017 return -EOPNOTSUPP; 3018 3019 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 3020 return -EOPNOTSUPP; 3021 3022 return rdev->ops->change_mpath(&rdev->wiphy, dev, dst, next_hop); 3023 } 3024 3025 static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info) 3026 { 3027 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3028 struct net_device *dev = info->user_ptr[1]; 3029 u8 *dst = NULL; 3030 u8 *next_hop = NULL; 3031 3032 if (!info->attrs[NL80211_ATTR_MAC]) 3033 return -EINVAL; 3034 3035 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 3036 return -EINVAL; 3037 3038 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 3039 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 3040 3041 if (!rdev->ops->add_mpath) 3042 return -EOPNOTSUPP; 3043 3044 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 3045 return -EOPNOTSUPP; 3046 3047 return rdev->ops->add_mpath(&rdev->wiphy, dev, dst, next_hop); 3048 } 3049 3050 static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info) 3051 { 3052 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3053 struct net_device *dev = info->user_ptr[1]; 3054 u8 *dst = NULL; 3055 3056 if (info->attrs[NL80211_ATTR_MAC]) 3057 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 3058 3059 if (!rdev->ops->del_mpath) 3060 return -EOPNOTSUPP; 3061 3062 return rdev->ops->del_mpath(&rdev->wiphy, dev, dst); 3063 } 3064 3065 static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info) 3066 { 3067 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3068 struct net_device *dev = info->user_ptr[1]; 3069 struct bss_parameters params; 3070 3071 memset(¶ms, 0, sizeof(params)); 3072 /* default to not changing parameters */ 3073 params.use_cts_prot = -1; 3074 params.use_short_preamble = -1; 3075 params.use_short_slot_time = -1; 3076 params.ap_isolate = -1; 3077 params.ht_opmode = -1; 3078 3079 if (info->attrs[NL80211_ATTR_BSS_CTS_PROT]) 3080 params.use_cts_prot = 3081 nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]); 3082 if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]) 3083 params.use_short_preamble = 3084 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]); 3085 if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]) 3086 params.use_short_slot_time = 3087 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]); 3088 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 3089 params.basic_rates = 3090 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 3091 params.basic_rates_len = 3092 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 3093 } 3094 if (info->attrs[NL80211_ATTR_AP_ISOLATE]) 3095 params.ap_isolate = !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]); 3096 if (info->attrs[NL80211_ATTR_BSS_HT_OPMODE]) 3097 params.ht_opmode = 3098 nla_get_u16(info->attrs[NL80211_ATTR_BSS_HT_OPMODE]); 3099 3100 if (!rdev->ops->change_bss) 3101 return -EOPNOTSUPP; 3102 3103 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 3104 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 3105 return -EOPNOTSUPP; 3106 3107 return rdev->ops->change_bss(&rdev->wiphy, dev, ¶ms); 3108 } 3109 3110 static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = { 3111 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 }, 3112 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 }, 3113 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 }, 3114 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 }, 3115 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 }, 3116 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 }, 3117 }; 3118 3119 static int parse_reg_rule(struct nlattr *tb[], 3120 struct ieee80211_reg_rule *reg_rule) 3121 { 3122 struct ieee80211_freq_range *freq_range = ®_rule->freq_range; 3123 struct ieee80211_power_rule *power_rule = ®_rule->power_rule; 3124 3125 if (!tb[NL80211_ATTR_REG_RULE_FLAGS]) 3126 return -EINVAL; 3127 if (!tb[NL80211_ATTR_FREQ_RANGE_START]) 3128 return -EINVAL; 3129 if (!tb[NL80211_ATTR_FREQ_RANGE_END]) 3130 return -EINVAL; 3131 if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) 3132 return -EINVAL; 3133 if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]) 3134 return -EINVAL; 3135 3136 reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]); 3137 3138 freq_range->start_freq_khz = 3139 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]); 3140 freq_range->end_freq_khz = 3141 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]); 3142 freq_range->max_bandwidth_khz = 3143 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]); 3144 3145 power_rule->max_eirp = 3146 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]); 3147 3148 if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]) 3149 power_rule->max_antenna_gain = 3150 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]); 3151 3152 return 0; 3153 } 3154 3155 static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info) 3156 { 3157 int r; 3158 char *data = NULL; 3159 3160 /* 3161 * You should only get this when cfg80211 hasn't yet initialized 3162 * completely when built-in to the kernel right between the time 3163 * window between nl80211_init() and regulatory_init(), if that is 3164 * even possible. 3165 */ 3166 mutex_lock(&cfg80211_mutex); 3167 if (unlikely(!cfg80211_regdomain)) { 3168 mutex_unlock(&cfg80211_mutex); 3169 return -EINPROGRESS; 3170 } 3171 mutex_unlock(&cfg80211_mutex); 3172 3173 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 3174 return -EINVAL; 3175 3176 data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 3177 3178 r = regulatory_hint_user(data); 3179 3180 return r; 3181 } 3182 3183 static int nl80211_get_mesh_config(struct sk_buff *skb, 3184 struct genl_info *info) 3185 { 3186 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3187 struct net_device *dev = info->user_ptr[1]; 3188 struct wireless_dev *wdev = dev->ieee80211_ptr; 3189 struct mesh_config cur_params; 3190 int err = 0; 3191 void *hdr; 3192 struct nlattr *pinfoattr; 3193 struct sk_buff *msg; 3194 3195 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) 3196 return -EOPNOTSUPP; 3197 3198 if (!rdev->ops->get_mesh_config) 3199 return -EOPNOTSUPP; 3200 3201 wdev_lock(wdev); 3202 /* If not connected, get default parameters */ 3203 if (!wdev->mesh_id_len) 3204 memcpy(&cur_params, &default_mesh_config, sizeof(cur_params)); 3205 else 3206 err = rdev->ops->get_mesh_config(&rdev->wiphy, dev, 3207 &cur_params); 3208 wdev_unlock(wdev); 3209 3210 if (err) 3211 return err; 3212 3213 /* Draw up a netlink message to send back */ 3214 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 3215 if (!msg) 3216 return -ENOMEM; 3217 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 3218 NL80211_CMD_GET_MESH_CONFIG); 3219 if (!hdr) 3220 goto out; 3221 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG); 3222 if (!pinfoattr) 3223 goto nla_put_failure; 3224 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 3225 NLA_PUT_U16(msg, NL80211_MESHCONF_RETRY_TIMEOUT, 3226 cur_params.dot11MeshRetryTimeout); 3227 NLA_PUT_U16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT, 3228 cur_params.dot11MeshConfirmTimeout); 3229 NLA_PUT_U16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT, 3230 cur_params.dot11MeshHoldingTimeout); 3231 NLA_PUT_U16(msg, NL80211_MESHCONF_MAX_PEER_LINKS, 3232 cur_params.dot11MeshMaxPeerLinks); 3233 NLA_PUT_U8(msg, NL80211_MESHCONF_MAX_RETRIES, 3234 cur_params.dot11MeshMaxRetries); 3235 NLA_PUT_U8(msg, NL80211_MESHCONF_TTL, 3236 cur_params.dot11MeshTTL); 3237 NLA_PUT_U8(msg, NL80211_MESHCONF_ELEMENT_TTL, 3238 cur_params.element_ttl); 3239 NLA_PUT_U8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 3240 cur_params.auto_open_plinks); 3241 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 3242 cur_params.dot11MeshHWMPmaxPREQretries); 3243 NLA_PUT_U32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME, 3244 cur_params.path_refresh_time); 3245 NLA_PUT_U16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 3246 cur_params.min_discovery_timeout); 3247 NLA_PUT_U32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 3248 cur_params.dot11MeshHWMPactivePathTimeout); 3249 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 3250 cur_params.dot11MeshHWMPpreqMinInterval); 3251 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL, 3252 cur_params.dot11MeshHWMPperrMinInterval); 3253 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 3254 cur_params.dot11MeshHWMPnetDiameterTraversalTime); 3255 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_ROOTMODE, 3256 cur_params.dot11MeshHWMPRootMode); 3257 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_RANN_INTERVAL, 3258 cur_params.dot11MeshHWMPRannInterval); 3259 NLA_PUT_U8(msg, NL80211_MESHCONF_GATE_ANNOUNCEMENTS, 3260 cur_params.dot11MeshGateAnnouncementProtocol); 3261 NLA_PUT_U8(msg, NL80211_MESHCONF_FORWARDING, 3262 cur_params.dot11MeshForwarding); 3263 nla_nest_end(msg, pinfoattr); 3264 genlmsg_end(msg, hdr); 3265 return genlmsg_reply(msg, info); 3266 3267 nla_put_failure: 3268 genlmsg_cancel(msg, hdr); 3269 out: 3270 nlmsg_free(msg); 3271 return -ENOBUFS; 3272 } 3273 3274 static const struct nla_policy nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = { 3275 [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 }, 3276 [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 }, 3277 [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 }, 3278 [NL80211_MESHCONF_MAX_PEER_LINKS] = { .type = NLA_U16 }, 3279 [NL80211_MESHCONF_MAX_RETRIES] = { .type = NLA_U8 }, 3280 [NL80211_MESHCONF_TTL] = { .type = NLA_U8 }, 3281 [NL80211_MESHCONF_ELEMENT_TTL] = { .type = NLA_U8 }, 3282 [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = { .type = NLA_U8 }, 3283 3284 [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 }, 3285 [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 }, 3286 [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = { .type = NLA_U16 }, 3287 [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 }, 3288 [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] = { .type = NLA_U16 }, 3289 [NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL] = { .type = NLA_U16 }, 3290 [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] = { .type = NLA_U16 }, 3291 [NL80211_MESHCONF_HWMP_ROOTMODE] = { .type = NLA_U8 }, 3292 [NL80211_MESHCONF_HWMP_RANN_INTERVAL] = { .type = NLA_U16 }, 3293 [NL80211_MESHCONF_GATE_ANNOUNCEMENTS] = { .type = NLA_U8 }, 3294 [NL80211_MESHCONF_FORWARDING] = { .type = NLA_U8 }, 3295 }; 3296 3297 static const struct nla_policy 3298 nl80211_mesh_setup_params_policy[NL80211_MESH_SETUP_ATTR_MAX+1] = { 3299 [NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 }, 3300 [NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 }, 3301 [NL80211_MESH_SETUP_USERSPACE_AUTH] = { .type = NLA_FLAG }, 3302 [NL80211_MESH_SETUP_IE] = { .type = NLA_BINARY, 3303 .len = IEEE80211_MAX_DATA_LEN }, 3304 [NL80211_MESH_SETUP_USERSPACE_AMPE] = { .type = NLA_FLAG }, 3305 }; 3306 3307 static int nl80211_parse_mesh_config(struct genl_info *info, 3308 struct mesh_config *cfg, 3309 u32 *mask_out) 3310 { 3311 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1]; 3312 u32 mask = 0; 3313 3314 #define FILL_IN_MESH_PARAM_IF_SET(table, cfg, param, mask, attr_num, nla_fn) \ 3315 do {\ 3316 if (table[attr_num]) {\ 3317 cfg->param = nla_fn(table[attr_num]); \ 3318 mask |= (1 << (attr_num - 1)); \ 3319 } \ 3320 } while (0);\ 3321 3322 3323 if (!info->attrs[NL80211_ATTR_MESH_CONFIG]) 3324 return -EINVAL; 3325 if (nla_parse_nested(tb, NL80211_MESHCONF_ATTR_MAX, 3326 info->attrs[NL80211_ATTR_MESH_CONFIG], 3327 nl80211_meshconf_params_policy)) 3328 return -EINVAL; 3329 3330 /* This makes sure that there aren't more than 32 mesh config 3331 * parameters (otherwise our bitfield scheme would not work.) */ 3332 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32); 3333 3334 /* Fill in the params struct */ 3335 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, 3336 mask, NL80211_MESHCONF_RETRY_TIMEOUT, nla_get_u16); 3337 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, 3338 mask, NL80211_MESHCONF_CONFIRM_TIMEOUT, nla_get_u16); 3339 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, 3340 mask, NL80211_MESHCONF_HOLDING_TIMEOUT, nla_get_u16); 3341 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, 3342 mask, NL80211_MESHCONF_MAX_PEER_LINKS, nla_get_u16); 3343 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, 3344 mask, NL80211_MESHCONF_MAX_RETRIES, nla_get_u8); 3345 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, 3346 mask, NL80211_MESHCONF_TTL, nla_get_u8); 3347 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl, 3348 mask, NL80211_MESHCONF_ELEMENT_TTL, nla_get_u8); 3349 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, 3350 mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS, nla_get_u8); 3351 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, 3352 mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 3353 nla_get_u8); 3354 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, 3355 mask, NL80211_MESHCONF_PATH_REFRESH_TIME, nla_get_u32); 3356 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, 3357 mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 3358 nla_get_u16); 3359 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout, 3360 mask, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 3361 nla_get_u32); 3362 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval, 3363 mask, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 3364 nla_get_u16); 3365 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPperrMinInterval, 3366 mask, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL, 3367 nla_get_u16); 3368 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3369 dot11MeshHWMPnetDiameterTraversalTime, 3370 mask, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 3371 nla_get_u16); 3372 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3373 dot11MeshHWMPRootMode, mask, 3374 NL80211_MESHCONF_HWMP_ROOTMODE, 3375 nla_get_u8); 3376 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3377 dot11MeshHWMPRannInterval, mask, 3378 NL80211_MESHCONF_HWMP_RANN_INTERVAL, 3379 nla_get_u16); 3380 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3381 dot11MeshGateAnnouncementProtocol, mask, 3382 NL80211_MESHCONF_GATE_ANNOUNCEMENTS, 3383 nla_get_u8); 3384 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshForwarding, 3385 mask, NL80211_MESHCONF_FORWARDING, nla_get_u8); 3386 if (mask_out) 3387 *mask_out = mask; 3388 3389 return 0; 3390 3391 #undef FILL_IN_MESH_PARAM_IF_SET 3392 } 3393 3394 static int nl80211_parse_mesh_setup(struct genl_info *info, 3395 struct mesh_setup *setup) 3396 { 3397 struct nlattr *tb[NL80211_MESH_SETUP_ATTR_MAX + 1]; 3398 3399 if (!info->attrs[NL80211_ATTR_MESH_SETUP]) 3400 return -EINVAL; 3401 if (nla_parse_nested(tb, NL80211_MESH_SETUP_ATTR_MAX, 3402 info->attrs[NL80211_ATTR_MESH_SETUP], 3403 nl80211_mesh_setup_params_policy)) 3404 return -EINVAL; 3405 3406 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL]) 3407 setup->path_sel_proto = 3408 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])) ? 3409 IEEE80211_PATH_PROTOCOL_VENDOR : 3410 IEEE80211_PATH_PROTOCOL_HWMP; 3411 3412 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC]) 3413 setup->path_metric = 3414 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])) ? 3415 IEEE80211_PATH_METRIC_VENDOR : 3416 IEEE80211_PATH_METRIC_AIRTIME; 3417 3418 3419 if (tb[NL80211_MESH_SETUP_IE]) { 3420 struct nlattr *ieattr = 3421 tb[NL80211_MESH_SETUP_IE]; 3422 if (!is_valid_ie_attr(ieattr)) 3423 return -EINVAL; 3424 setup->ie = nla_data(ieattr); 3425 setup->ie_len = nla_len(ieattr); 3426 } 3427 setup->is_authenticated = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AUTH]); 3428 setup->is_secure = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AMPE]); 3429 3430 return 0; 3431 } 3432 3433 static int nl80211_update_mesh_config(struct sk_buff *skb, 3434 struct genl_info *info) 3435 { 3436 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3437 struct net_device *dev = info->user_ptr[1]; 3438 struct wireless_dev *wdev = dev->ieee80211_ptr; 3439 struct mesh_config cfg; 3440 u32 mask; 3441 int err; 3442 3443 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) 3444 return -EOPNOTSUPP; 3445 3446 if (!rdev->ops->update_mesh_config) 3447 return -EOPNOTSUPP; 3448 3449 err = nl80211_parse_mesh_config(info, &cfg, &mask); 3450 if (err) 3451 return err; 3452 3453 wdev_lock(wdev); 3454 if (!wdev->mesh_id_len) 3455 err = -ENOLINK; 3456 3457 if (!err) 3458 err = rdev->ops->update_mesh_config(&rdev->wiphy, dev, 3459 mask, &cfg); 3460 3461 wdev_unlock(wdev); 3462 3463 return err; 3464 } 3465 3466 static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info) 3467 { 3468 struct sk_buff *msg; 3469 void *hdr = NULL; 3470 struct nlattr *nl_reg_rules; 3471 unsigned int i; 3472 int err = -EINVAL; 3473 3474 mutex_lock(&cfg80211_mutex); 3475 3476 if (!cfg80211_regdomain) 3477 goto out; 3478 3479 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 3480 if (!msg) { 3481 err = -ENOBUFS; 3482 goto out; 3483 } 3484 3485 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 3486 NL80211_CMD_GET_REG); 3487 if (!hdr) 3488 goto put_failure; 3489 3490 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, 3491 cfg80211_regdomain->alpha2); 3492 if (cfg80211_regdomain->dfs_region) 3493 NLA_PUT_U8(msg, NL80211_ATTR_DFS_REGION, 3494 cfg80211_regdomain->dfs_region); 3495 3496 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES); 3497 if (!nl_reg_rules) 3498 goto nla_put_failure; 3499 3500 for (i = 0; i < cfg80211_regdomain->n_reg_rules; i++) { 3501 struct nlattr *nl_reg_rule; 3502 const struct ieee80211_reg_rule *reg_rule; 3503 const struct ieee80211_freq_range *freq_range; 3504 const struct ieee80211_power_rule *power_rule; 3505 3506 reg_rule = &cfg80211_regdomain->reg_rules[i]; 3507 freq_range = ®_rule->freq_range; 3508 power_rule = ®_rule->power_rule; 3509 3510 nl_reg_rule = nla_nest_start(msg, i); 3511 if (!nl_reg_rule) 3512 goto nla_put_failure; 3513 3514 NLA_PUT_U32(msg, NL80211_ATTR_REG_RULE_FLAGS, 3515 reg_rule->flags); 3516 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_START, 3517 freq_range->start_freq_khz); 3518 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_END, 3519 freq_range->end_freq_khz); 3520 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW, 3521 freq_range->max_bandwidth_khz); 3522 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN, 3523 power_rule->max_antenna_gain); 3524 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP, 3525 power_rule->max_eirp); 3526 3527 nla_nest_end(msg, nl_reg_rule); 3528 } 3529 3530 nla_nest_end(msg, nl_reg_rules); 3531 3532 genlmsg_end(msg, hdr); 3533 err = genlmsg_reply(msg, info); 3534 goto out; 3535 3536 nla_put_failure: 3537 genlmsg_cancel(msg, hdr); 3538 put_failure: 3539 nlmsg_free(msg); 3540 err = -EMSGSIZE; 3541 out: 3542 mutex_unlock(&cfg80211_mutex); 3543 return err; 3544 } 3545 3546 static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info) 3547 { 3548 struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1]; 3549 struct nlattr *nl_reg_rule; 3550 char *alpha2 = NULL; 3551 int rem_reg_rules = 0, r = 0; 3552 u32 num_rules = 0, rule_idx = 0, size_of_regd; 3553 u8 dfs_region = 0; 3554 struct ieee80211_regdomain *rd = NULL; 3555 3556 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 3557 return -EINVAL; 3558 3559 if (!info->attrs[NL80211_ATTR_REG_RULES]) 3560 return -EINVAL; 3561 3562 alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 3563 3564 if (info->attrs[NL80211_ATTR_DFS_REGION]) 3565 dfs_region = nla_get_u8(info->attrs[NL80211_ATTR_DFS_REGION]); 3566 3567 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 3568 rem_reg_rules) { 3569 num_rules++; 3570 if (num_rules > NL80211_MAX_SUPP_REG_RULES) 3571 return -EINVAL; 3572 } 3573 3574 mutex_lock(&cfg80211_mutex); 3575 3576 if (!reg_is_valid_request(alpha2)) { 3577 r = -EINVAL; 3578 goto bad_reg; 3579 } 3580 3581 size_of_regd = sizeof(struct ieee80211_regdomain) + 3582 (num_rules * sizeof(struct ieee80211_reg_rule)); 3583 3584 rd = kzalloc(size_of_regd, GFP_KERNEL); 3585 if (!rd) { 3586 r = -ENOMEM; 3587 goto bad_reg; 3588 } 3589 3590 rd->n_reg_rules = num_rules; 3591 rd->alpha2[0] = alpha2[0]; 3592 rd->alpha2[1] = alpha2[1]; 3593 3594 /* 3595 * Disable DFS master mode if the DFS region was 3596 * not supported or known on this kernel. 3597 */ 3598 if (reg_supported_dfs_region(dfs_region)) 3599 rd->dfs_region = dfs_region; 3600 3601 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 3602 rem_reg_rules) { 3603 nla_parse(tb, NL80211_REG_RULE_ATTR_MAX, 3604 nla_data(nl_reg_rule), nla_len(nl_reg_rule), 3605 reg_rule_policy); 3606 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]); 3607 if (r) 3608 goto bad_reg; 3609 3610 rule_idx++; 3611 3612 if (rule_idx > NL80211_MAX_SUPP_REG_RULES) { 3613 r = -EINVAL; 3614 goto bad_reg; 3615 } 3616 } 3617 3618 BUG_ON(rule_idx != num_rules); 3619 3620 r = set_regdom(rd); 3621 3622 mutex_unlock(&cfg80211_mutex); 3623 3624 return r; 3625 3626 bad_reg: 3627 mutex_unlock(&cfg80211_mutex); 3628 kfree(rd); 3629 return r; 3630 } 3631 3632 static int validate_scan_freqs(struct nlattr *freqs) 3633 { 3634 struct nlattr *attr1, *attr2; 3635 int n_channels = 0, tmp1, tmp2; 3636 3637 nla_for_each_nested(attr1, freqs, tmp1) { 3638 n_channels++; 3639 /* 3640 * Some hardware has a limited channel list for 3641 * scanning, and it is pretty much nonsensical 3642 * to scan for a channel twice, so disallow that 3643 * and don't require drivers to check that the 3644 * channel list they get isn't longer than what 3645 * they can scan, as long as they can scan all 3646 * the channels they registered at once. 3647 */ 3648 nla_for_each_nested(attr2, freqs, tmp2) 3649 if (attr1 != attr2 && 3650 nla_get_u32(attr1) == nla_get_u32(attr2)) 3651 return 0; 3652 } 3653 3654 return n_channels; 3655 } 3656 3657 static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info) 3658 { 3659 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3660 struct net_device *dev = info->user_ptr[1]; 3661 struct cfg80211_scan_request *request; 3662 struct nlattr *attr; 3663 struct wiphy *wiphy; 3664 int err, tmp, n_ssids = 0, n_channels, i; 3665 size_t ie_len; 3666 3667 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3668 return -EINVAL; 3669 3670 wiphy = &rdev->wiphy; 3671 3672 if (!rdev->ops->scan) 3673 return -EOPNOTSUPP; 3674 3675 if (rdev->scan_req) 3676 return -EBUSY; 3677 3678 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3679 n_channels = validate_scan_freqs( 3680 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]); 3681 if (!n_channels) 3682 return -EINVAL; 3683 } else { 3684 enum ieee80211_band band; 3685 n_channels = 0; 3686 3687 for (band = 0; band < IEEE80211_NUM_BANDS; band++) 3688 if (wiphy->bands[band]) 3689 n_channels += wiphy->bands[band]->n_channels; 3690 } 3691 3692 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) 3693 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) 3694 n_ssids++; 3695 3696 if (n_ssids > wiphy->max_scan_ssids) 3697 return -EINVAL; 3698 3699 if (info->attrs[NL80211_ATTR_IE]) 3700 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3701 else 3702 ie_len = 0; 3703 3704 if (ie_len > wiphy->max_scan_ie_len) 3705 return -EINVAL; 3706 3707 request = kzalloc(sizeof(*request) 3708 + sizeof(*request->ssids) * n_ssids 3709 + sizeof(*request->channels) * n_channels 3710 + ie_len, GFP_KERNEL); 3711 if (!request) 3712 return -ENOMEM; 3713 3714 if (n_ssids) 3715 request->ssids = (void *)&request->channels[n_channels]; 3716 request->n_ssids = n_ssids; 3717 if (ie_len) { 3718 if (request->ssids) 3719 request->ie = (void *)(request->ssids + n_ssids); 3720 else 3721 request->ie = (void *)(request->channels + n_channels); 3722 } 3723 3724 i = 0; 3725 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3726 /* user specified, bail out if channel not found */ 3727 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) { 3728 struct ieee80211_channel *chan; 3729 3730 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr)); 3731 3732 if (!chan) { 3733 err = -EINVAL; 3734 goto out_free; 3735 } 3736 3737 /* ignore disabled channels */ 3738 if (chan->flags & IEEE80211_CHAN_DISABLED) 3739 continue; 3740 3741 request->channels[i] = chan; 3742 i++; 3743 } 3744 } else { 3745 enum ieee80211_band band; 3746 3747 /* all channels */ 3748 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 3749 int j; 3750 if (!wiphy->bands[band]) 3751 continue; 3752 for (j = 0; j < wiphy->bands[band]->n_channels; j++) { 3753 struct ieee80211_channel *chan; 3754 3755 chan = &wiphy->bands[band]->channels[j]; 3756 3757 if (chan->flags & IEEE80211_CHAN_DISABLED) 3758 continue; 3759 3760 request->channels[i] = chan; 3761 i++; 3762 } 3763 } 3764 } 3765 3766 if (!i) { 3767 err = -EINVAL; 3768 goto out_free; 3769 } 3770 3771 request->n_channels = i; 3772 3773 i = 0; 3774 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) { 3775 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) { 3776 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) { 3777 err = -EINVAL; 3778 goto out_free; 3779 } 3780 request->ssids[i].ssid_len = nla_len(attr); 3781 memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr)); 3782 i++; 3783 } 3784 } 3785 3786 if (info->attrs[NL80211_ATTR_IE]) { 3787 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3788 memcpy((void *)request->ie, 3789 nla_data(info->attrs[NL80211_ATTR_IE]), 3790 request->ie_len); 3791 } 3792 3793 for (i = 0; i < IEEE80211_NUM_BANDS; i++) 3794 if (wiphy->bands[i]) 3795 request->rates[i] = 3796 (1 << wiphy->bands[i]->n_bitrates) - 1; 3797 3798 if (info->attrs[NL80211_ATTR_SCAN_SUPP_RATES]) { 3799 nla_for_each_nested(attr, 3800 info->attrs[NL80211_ATTR_SCAN_SUPP_RATES], 3801 tmp) { 3802 enum ieee80211_band band = nla_type(attr); 3803 3804 if (band < 0 || band >= IEEE80211_NUM_BANDS) { 3805 err = -EINVAL; 3806 goto out_free; 3807 } 3808 err = ieee80211_get_ratemask(wiphy->bands[band], 3809 nla_data(attr), 3810 nla_len(attr), 3811 &request->rates[band]); 3812 if (err) 3813 goto out_free; 3814 } 3815 } 3816 3817 request->no_cck = 3818 nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]); 3819 3820 request->dev = dev; 3821 request->wiphy = &rdev->wiphy; 3822 3823 rdev->scan_req = request; 3824 err = rdev->ops->scan(&rdev->wiphy, dev, request); 3825 3826 if (!err) { 3827 nl80211_send_scan_start(rdev, dev); 3828 dev_hold(dev); 3829 } else { 3830 out_free: 3831 rdev->scan_req = NULL; 3832 kfree(request); 3833 } 3834 3835 return err; 3836 } 3837 3838 static int nl80211_start_sched_scan(struct sk_buff *skb, 3839 struct genl_info *info) 3840 { 3841 struct cfg80211_sched_scan_request *request; 3842 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3843 struct net_device *dev = info->user_ptr[1]; 3844 struct nlattr *attr; 3845 struct wiphy *wiphy; 3846 int err, tmp, n_ssids = 0, n_match_sets = 0, n_channels, i; 3847 u32 interval; 3848 enum ieee80211_band band; 3849 size_t ie_len; 3850 struct nlattr *tb[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1]; 3851 3852 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) || 3853 !rdev->ops->sched_scan_start) 3854 return -EOPNOTSUPP; 3855 3856 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3857 return -EINVAL; 3858 3859 if (!info->attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]) 3860 return -EINVAL; 3861 3862 interval = nla_get_u32(info->attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]); 3863 if (interval == 0) 3864 return -EINVAL; 3865 3866 wiphy = &rdev->wiphy; 3867 3868 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3869 n_channels = validate_scan_freqs( 3870 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]); 3871 if (!n_channels) 3872 return -EINVAL; 3873 } else { 3874 n_channels = 0; 3875 3876 for (band = 0; band < IEEE80211_NUM_BANDS; band++) 3877 if (wiphy->bands[band]) 3878 n_channels += wiphy->bands[band]->n_channels; 3879 } 3880 3881 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) 3882 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], 3883 tmp) 3884 n_ssids++; 3885 3886 if (n_ssids > wiphy->max_sched_scan_ssids) 3887 return -EINVAL; 3888 3889 if (info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) 3890 nla_for_each_nested(attr, 3891 info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH], 3892 tmp) 3893 n_match_sets++; 3894 3895 if (n_match_sets > wiphy->max_match_sets) 3896 return -EINVAL; 3897 3898 if (info->attrs[NL80211_ATTR_IE]) 3899 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3900 else 3901 ie_len = 0; 3902 3903 if (ie_len > wiphy->max_sched_scan_ie_len) 3904 return -EINVAL; 3905 3906 mutex_lock(&rdev->sched_scan_mtx); 3907 3908 if (rdev->sched_scan_req) { 3909 err = -EINPROGRESS; 3910 goto out; 3911 } 3912 3913 request = kzalloc(sizeof(*request) 3914 + sizeof(*request->ssids) * n_ssids 3915 + sizeof(*request->match_sets) * n_match_sets 3916 + sizeof(*request->channels) * n_channels 3917 + ie_len, GFP_KERNEL); 3918 if (!request) { 3919 err = -ENOMEM; 3920 goto out; 3921 } 3922 3923 if (n_ssids) 3924 request->ssids = (void *)&request->channels[n_channels]; 3925 request->n_ssids = n_ssids; 3926 if (ie_len) { 3927 if (request->ssids) 3928 request->ie = (void *)(request->ssids + n_ssids); 3929 else 3930 request->ie = (void *)(request->channels + n_channels); 3931 } 3932 3933 if (n_match_sets) { 3934 if (request->ie) 3935 request->match_sets = (void *)(request->ie + ie_len); 3936 else if (request->ssids) 3937 request->match_sets = 3938 (void *)(request->ssids + n_ssids); 3939 else 3940 request->match_sets = 3941 (void *)(request->channels + n_channels); 3942 } 3943 request->n_match_sets = n_match_sets; 3944 3945 i = 0; 3946 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3947 /* user specified, bail out if channel not found */ 3948 nla_for_each_nested(attr, 3949 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], 3950 tmp) { 3951 struct ieee80211_channel *chan; 3952 3953 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr)); 3954 3955 if (!chan) { 3956 err = -EINVAL; 3957 goto out_free; 3958 } 3959 3960 /* ignore disabled channels */ 3961 if (chan->flags & IEEE80211_CHAN_DISABLED) 3962 continue; 3963 3964 request->channels[i] = chan; 3965 i++; 3966 } 3967 } else { 3968 /* all channels */ 3969 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 3970 int j; 3971 if (!wiphy->bands[band]) 3972 continue; 3973 for (j = 0; j < wiphy->bands[band]->n_channels; j++) { 3974 struct ieee80211_channel *chan; 3975 3976 chan = &wiphy->bands[band]->channels[j]; 3977 3978 if (chan->flags & IEEE80211_CHAN_DISABLED) 3979 continue; 3980 3981 request->channels[i] = chan; 3982 i++; 3983 } 3984 } 3985 } 3986 3987 if (!i) { 3988 err = -EINVAL; 3989 goto out_free; 3990 } 3991 3992 request->n_channels = i; 3993 3994 i = 0; 3995 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) { 3996 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], 3997 tmp) { 3998 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) { 3999 err = -EINVAL; 4000 goto out_free; 4001 } 4002 request->ssids[i].ssid_len = nla_len(attr); 4003 memcpy(request->ssids[i].ssid, nla_data(attr), 4004 nla_len(attr)); 4005 i++; 4006 } 4007 } 4008 4009 i = 0; 4010 if (info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) { 4011 nla_for_each_nested(attr, 4012 info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH], 4013 tmp) { 4014 struct nlattr *ssid; 4015 4016 nla_parse(tb, NL80211_SCHED_SCAN_MATCH_ATTR_MAX, 4017 nla_data(attr), nla_len(attr), 4018 nl80211_match_policy); 4019 ssid = tb[NL80211_ATTR_SCHED_SCAN_MATCH_SSID]; 4020 if (ssid) { 4021 if (nla_len(ssid) > IEEE80211_MAX_SSID_LEN) { 4022 err = -EINVAL; 4023 goto out_free; 4024 } 4025 memcpy(request->match_sets[i].ssid.ssid, 4026 nla_data(ssid), nla_len(ssid)); 4027 request->match_sets[i].ssid.ssid_len = 4028 nla_len(ssid); 4029 } 4030 i++; 4031 } 4032 } 4033 4034 if (info->attrs[NL80211_ATTR_IE]) { 4035 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4036 memcpy((void *)request->ie, 4037 nla_data(info->attrs[NL80211_ATTR_IE]), 4038 request->ie_len); 4039 } 4040 4041 request->dev = dev; 4042 request->wiphy = &rdev->wiphy; 4043 request->interval = interval; 4044 4045 err = rdev->ops->sched_scan_start(&rdev->wiphy, dev, request); 4046 if (!err) { 4047 rdev->sched_scan_req = request; 4048 nl80211_send_sched_scan(rdev, dev, 4049 NL80211_CMD_START_SCHED_SCAN); 4050 goto out; 4051 } 4052 4053 out_free: 4054 kfree(request); 4055 out: 4056 mutex_unlock(&rdev->sched_scan_mtx); 4057 return err; 4058 } 4059 4060 static int nl80211_stop_sched_scan(struct sk_buff *skb, 4061 struct genl_info *info) 4062 { 4063 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4064 int err; 4065 4066 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) || 4067 !rdev->ops->sched_scan_stop) 4068 return -EOPNOTSUPP; 4069 4070 mutex_lock(&rdev->sched_scan_mtx); 4071 err = __cfg80211_stop_sched_scan(rdev, false); 4072 mutex_unlock(&rdev->sched_scan_mtx); 4073 4074 return err; 4075 } 4076 4077 static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb, 4078 u32 seq, int flags, 4079 struct cfg80211_registered_device *rdev, 4080 struct wireless_dev *wdev, 4081 struct cfg80211_internal_bss *intbss) 4082 { 4083 struct cfg80211_bss *res = &intbss->pub; 4084 void *hdr; 4085 struct nlattr *bss; 4086 int i; 4087 4088 ASSERT_WDEV_LOCK(wdev); 4089 4090 hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).pid, seq, flags, 4091 NL80211_CMD_NEW_SCAN_RESULTS); 4092 if (!hdr) 4093 return -1; 4094 4095 genl_dump_check_consistent(cb, hdr, &nl80211_fam); 4096 4097 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation); 4098 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex); 4099 4100 bss = nla_nest_start(msg, NL80211_ATTR_BSS); 4101 if (!bss) 4102 goto nla_put_failure; 4103 if (!is_zero_ether_addr(res->bssid)) 4104 NLA_PUT(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid); 4105 if (res->information_elements && res->len_information_elements) 4106 NLA_PUT(msg, NL80211_BSS_INFORMATION_ELEMENTS, 4107 res->len_information_elements, 4108 res->information_elements); 4109 if (res->beacon_ies && res->len_beacon_ies && 4110 res->beacon_ies != res->information_elements) 4111 NLA_PUT(msg, NL80211_BSS_BEACON_IES, 4112 res->len_beacon_ies, res->beacon_ies); 4113 if (res->tsf) 4114 NLA_PUT_U64(msg, NL80211_BSS_TSF, res->tsf); 4115 if (res->beacon_interval) 4116 NLA_PUT_U16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval); 4117 NLA_PUT_U16(msg, NL80211_BSS_CAPABILITY, res->capability); 4118 NLA_PUT_U32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq); 4119 NLA_PUT_U32(msg, NL80211_BSS_SEEN_MS_AGO, 4120 jiffies_to_msecs(jiffies - intbss->ts)); 4121 4122 switch (rdev->wiphy.signal_type) { 4123 case CFG80211_SIGNAL_TYPE_MBM: 4124 NLA_PUT_U32(msg, NL80211_BSS_SIGNAL_MBM, res->signal); 4125 break; 4126 case CFG80211_SIGNAL_TYPE_UNSPEC: 4127 NLA_PUT_U8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal); 4128 break; 4129 default: 4130 break; 4131 } 4132 4133 switch (wdev->iftype) { 4134 case NL80211_IFTYPE_P2P_CLIENT: 4135 case NL80211_IFTYPE_STATION: 4136 if (intbss == wdev->current_bss) 4137 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 4138 NL80211_BSS_STATUS_ASSOCIATED); 4139 else for (i = 0; i < MAX_AUTH_BSSES; i++) { 4140 if (intbss != wdev->auth_bsses[i]) 4141 continue; 4142 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 4143 NL80211_BSS_STATUS_AUTHENTICATED); 4144 break; 4145 } 4146 break; 4147 case NL80211_IFTYPE_ADHOC: 4148 if (intbss == wdev->current_bss) 4149 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 4150 NL80211_BSS_STATUS_IBSS_JOINED); 4151 break; 4152 default: 4153 break; 4154 } 4155 4156 nla_nest_end(msg, bss); 4157 4158 return genlmsg_end(msg, hdr); 4159 4160 nla_put_failure: 4161 genlmsg_cancel(msg, hdr); 4162 return -EMSGSIZE; 4163 } 4164 4165 static int nl80211_dump_scan(struct sk_buff *skb, 4166 struct netlink_callback *cb) 4167 { 4168 struct cfg80211_registered_device *rdev; 4169 struct net_device *dev; 4170 struct cfg80211_internal_bss *scan; 4171 struct wireless_dev *wdev; 4172 int start = cb->args[1], idx = 0; 4173 int err; 4174 4175 err = nl80211_prepare_netdev_dump(skb, cb, &rdev, &dev); 4176 if (err) 4177 return err; 4178 4179 wdev = dev->ieee80211_ptr; 4180 4181 wdev_lock(wdev); 4182 spin_lock_bh(&rdev->bss_lock); 4183 cfg80211_bss_expire(rdev); 4184 4185 cb->seq = rdev->bss_generation; 4186 4187 list_for_each_entry(scan, &rdev->bss_list, list) { 4188 if (++idx <= start) 4189 continue; 4190 if (nl80211_send_bss(skb, cb, 4191 cb->nlh->nlmsg_seq, NLM_F_MULTI, 4192 rdev, wdev, scan) < 0) { 4193 idx--; 4194 break; 4195 } 4196 } 4197 4198 spin_unlock_bh(&rdev->bss_lock); 4199 wdev_unlock(wdev); 4200 4201 cb->args[1] = idx; 4202 nl80211_finish_netdev_dump(rdev); 4203 4204 return skb->len; 4205 } 4206 4207 static int nl80211_send_survey(struct sk_buff *msg, u32 pid, u32 seq, 4208 int flags, struct net_device *dev, 4209 struct survey_info *survey) 4210 { 4211 void *hdr; 4212 struct nlattr *infoattr; 4213 4214 hdr = nl80211hdr_put(msg, pid, seq, flags, 4215 NL80211_CMD_NEW_SURVEY_RESULTS); 4216 if (!hdr) 4217 return -ENOMEM; 4218 4219 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 4220 4221 infoattr = nla_nest_start(msg, NL80211_ATTR_SURVEY_INFO); 4222 if (!infoattr) 4223 goto nla_put_failure; 4224 4225 NLA_PUT_U32(msg, NL80211_SURVEY_INFO_FREQUENCY, 4226 survey->channel->center_freq); 4227 if (survey->filled & SURVEY_INFO_NOISE_DBM) 4228 NLA_PUT_U8(msg, NL80211_SURVEY_INFO_NOISE, 4229 survey->noise); 4230 if (survey->filled & SURVEY_INFO_IN_USE) 4231 NLA_PUT_FLAG(msg, NL80211_SURVEY_INFO_IN_USE); 4232 if (survey->filled & SURVEY_INFO_CHANNEL_TIME) 4233 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME, 4234 survey->channel_time); 4235 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_BUSY) 4236 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY, 4237 survey->channel_time_busy); 4238 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_EXT_BUSY) 4239 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_EXT_BUSY, 4240 survey->channel_time_ext_busy); 4241 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_RX) 4242 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_RX, 4243 survey->channel_time_rx); 4244 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_TX) 4245 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_TX, 4246 survey->channel_time_tx); 4247 4248 nla_nest_end(msg, infoattr); 4249 4250 return genlmsg_end(msg, hdr); 4251 4252 nla_put_failure: 4253 genlmsg_cancel(msg, hdr); 4254 return -EMSGSIZE; 4255 } 4256 4257 static int nl80211_dump_survey(struct sk_buff *skb, 4258 struct netlink_callback *cb) 4259 { 4260 struct survey_info survey; 4261 struct cfg80211_registered_device *dev; 4262 struct net_device *netdev; 4263 int survey_idx = cb->args[1]; 4264 int res; 4265 4266 res = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 4267 if (res) 4268 return res; 4269 4270 if (!dev->ops->dump_survey) { 4271 res = -EOPNOTSUPP; 4272 goto out_err; 4273 } 4274 4275 while (1) { 4276 struct ieee80211_channel *chan; 4277 4278 res = dev->ops->dump_survey(&dev->wiphy, netdev, survey_idx, 4279 &survey); 4280 if (res == -ENOENT) 4281 break; 4282 if (res) 4283 goto out_err; 4284 4285 /* Survey without a channel doesn't make sense */ 4286 if (!survey.channel) { 4287 res = -EINVAL; 4288 goto out; 4289 } 4290 4291 chan = ieee80211_get_channel(&dev->wiphy, 4292 survey.channel->center_freq); 4293 if (!chan || chan->flags & IEEE80211_CHAN_DISABLED) { 4294 survey_idx++; 4295 continue; 4296 } 4297 4298 if (nl80211_send_survey(skb, 4299 NETLINK_CB(cb->skb).pid, 4300 cb->nlh->nlmsg_seq, NLM_F_MULTI, 4301 netdev, 4302 &survey) < 0) 4303 goto out; 4304 survey_idx++; 4305 } 4306 4307 out: 4308 cb->args[1] = survey_idx; 4309 res = skb->len; 4310 out_err: 4311 nl80211_finish_netdev_dump(dev); 4312 return res; 4313 } 4314 4315 static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type) 4316 { 4317 return auth_type <= NL80211_AUTHTYPE_MAX; 4318 } 4319 4320 static bool nl80211_valid_wpa_versions(u32 wpa_versions) 4321 { 4322 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 | 4323 NL80211_WPA_VERSION_2)); 4324 } 4325 4326 static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info) 4327 { 4328 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4329 struct net_device *dev = info->user_ptr[1]; 4330 struct ieee80211_channel *chan; 4331 const u8 *bssid, *ssid, *ie = NULL; 4332 int err, ssid_len, ie_len = 0; 4333 enum nl80211_auth_type auth_type; 4334 struct key_parse key; 4335 bool local_state_change; 4336 4337 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4338 return -EINVAL; 4339 4340 if (!info->attrs[NL80211_ATTR_MAC]) 4341 return -EINVAL; 4342 4343 if (!info->attrs[NL80211_ATTR_AUTH_TYPE]) 4344 return -EINVAL; 4345 4346 if (!info->attrs[NL80211_ATTR_SSID]) 4347 return -EINVAL; 4348 4349 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 4350 return -EINVAL; 4351 4352 err = nl80211_parse_key(info, &key); 4353 if (err) 4354 return err; 4355 4356 if (key.idx >= 0) { 4357 if (key.type != -1 && key.type != NL80211_KEYTYPE_GROUP) 4358 return -EINVAL; 4359 if (!key.p.key || !key.p.key_len) 4360 return -EINVAL; 4361 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 || 4362 key.p.key_len != WLAN_KEY_LEN_WEP40) && 4363 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 || 4364 key.p.key_len != WLAN_KEY_LEN_WEP104)) 4365 return -EINVAL; 4366 if (key.idx > 4) 4367 return -EINVAL; 4368 } else { 4369 key.p.key_len = 0; 4370 key.p.key = NULL; 4371 } 4372 4373 if (key.idx >= 0) { 4374 int i; 4375 bool ok = false; 4376 for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) { 4377 if (key.p.cipher == rdev->wiphy.cipher_suites[i]) { 4378 ok = true; 4379 break; 4380 } 4381 } 4382 if (!ok) 4383 return -EINVAL; 4384 } 4385 4386 if (!rdev->ops->auth) 4387 return -EOPNOTSUPP; 4388 4389 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4390 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4391 return -EOPNOTSUPP; 4392 4393 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4394 chan = ieee80211_get_channel(&rdev->wiphy, 4395 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 4396 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) 4397 return -EINVAL; 4398 4399 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4400 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4401 4402 if (info->attrs[NL80211_ATTR_IE]) { 4403 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4404 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4405 } 4406 4407 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 4408 if (!nl80211_valid_auth_type(auth_type)) 4409 return -EINVAL; 4410 4411 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 4412 4413 return cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid, 4414 ssid, ssid_len, ie, ie_len, 4415 key.p.key, key.p.key_len, key.idx, 4416 local_state_change); 4417 } 4418 4419 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, 4420 struct genl_info *info, 4421 struct cfg80211_crypto_settings *settings, 4422 int cipher_limit) 4423 { 4424 memset(settings, 0, sizeof(*settings)); 4425 4426 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT]; 4427 4428 if (info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) { 4429 u16 proto; 4430 proto = nla_get_u16( 4431 info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]); 4432 settings->control_port_ethertype = cpu_to_be16(proto); 4433 if (!(rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) && 4434 proto != ETH_P_PAE) 4435 return -EINVAL; 4436 if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT]) 4437 settings->control_port_no_encrypt = true; 4438 } else 4439 settings->control_port_ethertype = cpu_to_be16(ETH_P_PAE); 4440 4441 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) { 4442 void *data; 4443 int len, i; 4444 4445 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 4446 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 4447 settings->n_ciphers_pairwise = len / sizeof(u32); 4448 4449 if (len % sizeof(u32)) 4450 return -EINVAL; 4451 4452 if (settings->n_ciphers_pairwise > cipher_limit) 4453 return -EINVAL; 4454 4455 memcpy(settings->ciphers_pairwise, data, len); 4456 4457 for (i = 0; i < settings->n_ciphers_pairwise; i++) 4458 if (!cfg80211_supported_cipher_suite( 4459 &rdev->wiphy, 4460 settings->ciphers_pairwise[i])) 4461 return -EINVAL; 4462 } 4463 4464 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) { 4465 settings->cipher_group = 4466 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]); 4467 if (!cfg80211_supported_cipher_suite(&rdev->wiphy, 4468 settings->cipher_group)) 4469 return -EINVAL; 4470 } 4471 4472 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) { 4473 settings->wpa_versions = 4474 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]); 4475 if (!nl80211_valid_wpa_versions(settings->wpa_versions)) 4476 return -EINVAL; 4477 } 4478 4479 if (info->attrs[NL80211_ATTR_AKM_SUITES]) { 4480 void *data; 4481 int len; 4482 4483 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]); 4484 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]); 4485 settings->n_akm_suites = len / sizeof(u32); 4486 4487 if (len % sizeof(u32)) 4488 return -EINVAL; 4489 4490 if (settings->n_akm_suites > NL80211_MAX_NR_AKM_SUITES) 4491 return -EINVAL; 4492 4493 memcpy(settings->akm_suites, data, len); 4494 } 4495 4496 return 0; 4497 } 4498 4499 static int nl80211_associate(struct sk_buff *skb, struct genl_info *info) 4500 { 4501 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4502 struct net_device *dev = info->user_ptr[1]; 4503 struct cfg80211_crypto_settings crypto; 4504 struct ieee80211_channel *chan; 4505 const u8 *bssid, *ssid, *ie = NULL, *prev_bssid = NULL; 4506 int err, ssid_len, ie_len = 0; 4507 bool use_mfp = false; 4508 u32 flags = 0; 4509 struct ieee80211_ht_cap *ht_capa = NULL; 4510 struct ieee80211_ht_cap *ht_capa_mask = NULL; 4511 4512 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4513 return -EINVAL; 4514 4515 if (!info->attrs[NL80211_ATTR_MAC] || 4516 !info->attrs[NL80211_ATTR_SSID] || 4517 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 4518 return -EINVAL; 4519 4520 if (!rdev->ops->assoc) 4521 return -EOPNOTSUPP; 4522 4523 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4524 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4525 return -EOPNOTSUPP; 4526 4527 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4528 4529 chan = ieee80211_get_channel(&rdev->wiphy, 4530 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 4531 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) 4532 return -EINVAL; 4533 4534 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4535 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4536 4537 if (info->attrs[NL80211_ATTR_IE]) { 4538 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4539 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4540 } 4541 4542 if (info->attrs[NL80211_ATTR_USE_MFP]) { 4543 enum nl80211_mfp mfp = 4544 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]); 4545 if (mfp == NL80211_MFP_REQUIRED) 4546 use_mfp = true; 4547 else if (mfp != NL80211_MFP_NO) 4548 return -EINVAL; 4549 } 4550 4551 if (info->attrs[NL80211_ATTR_PREV_BSSID]) 4552 prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]); 4553 4554 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT])) 4555 flags |= ASSOC_REQ_DISABLE_HT; 4556 4557 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) 4558 ht_capa_mask = 4559 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]); 4560 4561 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) { 4562 if (!ht_capa_mask) 4563 return -EINVAL; 4564 ht_capa = nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 4565 } 4566 4567 err = nl80211_crypto_settings(rdev, info, &crypto, 1); 4568 if (!err) 4569 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid, 4570 ssid, ssid_len, ie, ie_len, use_mfp, 4571 &crypto, flags, ht_capa, 4572 ht_capa_mask); 4573 4574 return err; 4575 } 4576 4577 static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info) 4578 { 4579 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4580 struct net_device *dev = info->user_ptr[1]; 4581 const u8 *ie = NULL, *bssid; 4582 int ie_len = 0; 4583 u16 reason_code; 4584 bool local_state_change; 4585 4586 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4587 return -EINVAL; 4588 4589 if (!info->attrs[NL80211_ATTR_MAC]) 4590 return -EINVAL; 4591 4592 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 4593 return -EINVAL; 4594 4595 if (!rdev->ops->deauth) 4596 return -EOPNOTSUPP; 4597 4598 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4599 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4600 return -EOPNOTSUPP; 4601 4602 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4603 4604 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 4605 if (reason_code == 0) { 4606 /* Reason Code 0 is reserved */ 4607 return -EINVAL; 4608 } 4609 4610 if (info->attrs[NL80211_ATTR_IE]) { 4611 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4612 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4613 } 4614 4615 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 4616 4617 return cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code, 4618 local_state_change); 4619 } 4620 4621 static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info) 4622 { 4623 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4624 struct net_device *dev = info->user_ptr[1]; 4625 const u8 *ie = NULL, *bssid; 4626 int ie_len = 0; 4627 u16 reason_code; 4628 bool local_state_change; 4629 4630 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4631 return -EINVAL; 4632 4633 if (!info->attrs[NL80211_ATTR_MAC]) 4634 return -EINVAL; 4635 4636 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 4637 return -EINVAL; 4638 4639 if (!rdev->ops->disassoc) 4640 return -EOPNOTSUPP; 4641 4642 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4643 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4644 return -EOPNOTSUPP; 4645 4646 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4647 4648 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 4649 if (reason_code == 0) { 4650 /* Reason Code 0 is reserved */ 4651 return -EINVAL; 4652 } 4653 4654 if (info->attrs[NL80211_ATTR_IE]) { 4655 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4656 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4657 } 4658 4659 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 4660 4661 return cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code, 4662 local_state_change); 4663 } 4664 4665 static bool 4666 nl80211_parse_mcast_rate(struct cfg80211_registered_device *rdev, 4667 int mcast_rate[IEEE80211_NUM_BANDS], 4668 int rateval) 4669 { 4670 struct wiphy *wiphy = &rdev->wiphy; 4671 bool found = false; 4672 int band, i; 4673 4674 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 4675 struct ieee80211_supported_band *sband; 4676 4677 sband = wiphy->bands[band]; 4678 if (!sband) 4679 continue; 4680 4681 for (i = 0; i < sband->n_bitrates; i++) { 4682 if (sband->bitrates[i].bitrate == rateval) { 4683 mcast_rate[band] = i + 1; 4684 found = true; 4685 break; 4686 } 4687 } 4688 } 4689 4690 return found; 4691 } 4692 4693 static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info) 4694 { 4695 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4696 struct net_device *dev = info->user_ptr[1]; 4697 struct cfg80211_ibss_params ibss; 4698 struct wiphy *wiphy; 4699 struct cfg80211_cached_keys *connkeys = NULL; 4700 int err; 4701 4702 memset(&ibss, 0, sizeof(ibss)); 4703 4704 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4705 return -EINVAL; 4706 4707 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 4708 !info->attrs[NL80211_ATTR_SSID] || 4709 !nla_len(info->attrs[NL80211_ATTR_SSID])) 4710 return -EINVAL; 4711 4712 ibss.beacon_interval = 100; 4713 4714 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) { 4715 ibss.beacon_interval = 4716 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 4717 if (ibss.beacon_interval < 1 || ibss.beacon_interval > 10000) 4718 return -EINVAL; 4719 } 4720 4721 if (!rdev->ops->join_ibss) 4722 return -EOPNOTSUPP; 4723 4724 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 4725 return -EOPNOTSUPP; 4726 4727 wiphy = &rdev->wiphy; 4728 4729 if (info->attrs[NL80211_ATTR_MAC]) { 4730 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4731 4732 if (!is_valid_ether_addr(ibss.bssid)) 4733 return -EINVAL; 4734 } 4735 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4736 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4737 4738 if (info->attrs[NL80211_ATTR_IE]) { 4739 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4740 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4741 } 4742 4743 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 4744 enum nl80211_channel_type channel_type; 4745 4746 channel_type = nla_get_u32( 4747 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 4748 if (channel_type != NL80211_CHAN_NO_HT && 4749 channel_type != NL80211_CHAN_HT20 && 4750 channel_type != NL80211_CHAN_HT40MINUS && 4751 channel_type != NL80211_CHAN_HT40PLUS) 4752 return -EINVAL; 4753 4754 if (channel_type != NL80211_CHAN_NO_HT && 4755 !(wiphy->features & NL80211_FEATURE_HT_IBSS)) 4756 return -EINVAL; 4757 4758 ibss.channel_type = channel_type; 4759 } else { 4760 ibss.channel_type = NL80211_CHAN_NO_HT; 4761 } 4762 4763 ibss.channel = rdev_freq_to_chan(rdev, 4764 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]), 4765 ibss.channel_type); 4766 if (!ibss.channel || 4767 ibss.channel->flags & IEEE80211_CHAN_NO_IBSS || 4768 ibss.channel->flags & IEEE80211_CHAN_DISABLED) 4769 return -EINVAL; 4770 4771 /* Both channels should be able to initiate communication */ 4772 if ((ibss.channel_type == NL80211_CHAN_HT40PLUS || 4773 ibss.channel_type == NL80211_CHAN_HT40MINUS) && 4774 !cfg80211_can_beacon_sec_chan(&rdev->wiphy, ibss.channel, 4775 ibss.channel_type)) 4776 return -EINVAL; 4777 4778 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED]; 4779 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; 4780 4781 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 4782 u8 *rates = 4783 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 4784 int n_rates = 4785 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 4786 struct ieee80211_supported_band *sband = 4787 wiphy->bands[ibss.channel->band]; 4788 4789 err = ieee80211_get_ratemask(sband, rates, n_rates, 4790 &ibss.basic_rates); 4791 if (err) 4792 return err; 4793 } 4794 4795 if (info->attrs[NL80211_ATTR_MCAST_RATE] && 4796 !nl80211_parse_mcast_rate(rdev, ibss.mcast_rate, 4797 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]))) 4798 return -EINVAL; 4799 4800 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) { 4801 connkeys = nl80211_parse_connkeys(rdev, 4802 info->attrs[NL80211_ATTR_KEYS]); 4803 if (IS_ERR(connkeys)) 4804 return PTR_ERR(connkeys); 4805 } 4806 4807 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys); 4808 if (err) 4809 kfree(connkeys); 4810 return err; 4811 } 4812 4813 static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info) 4814 { 4815 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4816 struct net_device *dev = info->user_ptr[1]; 4817 4818 if (!rdev->ops->leave_ibss) 4819 return -EOPNOTSUPP; 4820 4821 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 4822 return -EOPNOTSUPP; 4823 4824 return cfg80211_leave_ibss(rdev, dev, false); 4825 } 4826 4827 #ifdef CONFIG_NL80211_TESTMODE 4828 static struct genl_multicast_group nl80211_testmode_mcgrp = { 4829 .name = "testmode", 4830 }; 4831 4832 static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info) 4833 { 4834 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4835 int err; 4836 4837 if (!info->attrs[NL80211_ATTR_TESTDATA]) 4838 return -EINVAL; 4839 4840 err = -EOPNOTSUPP; 4841 if (rdev->ops->testmode_cmd) { 4842 rdev->testmode_info = info; 4843 err = rdev->ops->testmode_cmd(&rdev->wiphy, 4844 nla_data(info->attrs[NL80211_ATTR_TESTDATA]), 4845 nla_len(info->attrs[NL80211_ATTR_TESTDATA])); 4846 rdev->testmode_info = NULL; 4847 } 4848 4849 return err; 4850 } 4851 4852 static int nl80211_testmode_dump(struct sk_buff *skb, 4853 struct netlink_callback *cb) 4854 { 4855 struct cfg80211_registered_device *rdev; 4856 int err; 4857 long phy_idx; 4858 void *data = NULL; 4859 int data_len = 0; 4860 4861 if (cb->args[0]) { 4862 /* 4863 * 0 is a valid index, but not valid for args[0], 4864 * so we need to offset by 1. 4865 */ 4866 phy_idx = cb->args[0] - 1; 4867 } else { 4868 err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, 4869 nl80211_fam.attrbuf, nl80211_fam.maxattr, 4870 nl80211_policy); 4871 if (err) 4872 return err; 4873 if (nl80211_fam.attrbuf[NL80211_ATTR_WIPHY]) { 4874 phy_idx = nla_get_u32( 4875 nl80211_fam.attrbuf[NL80211_ATTR_WIPHY]); 4876 } else { 4877 struct net_device *netdev; 4878 4879 err = get_rdev_dev_by_ifindex(sock_net(skb->sk), 4880 nl80211_fam.attrbuf, 4881 &rdev, &netdev); 4882 if (err) 4883 return err; 4884 dev_put(netdev); 4885 phy_idx = rdev->wiphy_idx; 4886 cfg80211_unlock_rdev(rdev); 4887 } 4888 if (nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA]) 4889 cb->args[1] = 4890 (long)nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA]; 4891 } 4892 4893 if (cb->args[1]) { 4894 data = nla_data((void *)cb->args[1]); 4895 data_len = nla_len((void *)cb->args[1]); 4896 } 4897 4898 mutex_lock(&cfg80211_mutex); 4899 rdev = cfg80211_rdev_by_wiphy_idx(phy_idx); 4900 if (!rdev) { 4901 mutex_unlock(&cfg80211_mutex); 4902 return -ENOENT; 4903 } 4904 cfg80211_lock_rdev(rdev); 4905 mutex_unlock(&cfg80211_mutex); 4906 4907 if (!rdev->ops->testmode_dump) { 4908 err = -EOPNOTSUPP; 4909 goto out_err; 4910 } 4911 4912 while (1) { 4913 void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).pid, 4914 cb->nlh->nlmsg_seq, NLM_F_MULTI, 4915 NL80211_CMD_TESTMODE); 4916 struct nlattr *tmdata; 4917 4918 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, phy_idx) < 0) { 4919 genlmsg_cancel(skb, hdr); 4920 break; 4921 } 4922 4923 tmdata = nla_nest_start(skb, NL80211_ATTR_TESTDATA); 4924 if (!tmdata) { 4925 genlmsg_cancel(skb, hdr); 4926 break; 4927 } 4928 err = rdev->ops->testmode_dump(&rdev->wiphy, skb, cb, 4929 data, data_len); 4930 nla_nest_end(skb, tmdata); 4931 4932 if (err == -ENOBUFS || err == -ENOENT) { 4933 genlmsg_cancel(skb, hdr); 4934 break; 4935 } else if (err) { 4936 genlmsg_cancel(skb, hdr); 4937 goto out_err; 4938 } 4939 4940 genlmsg_end(skb, hdr); 4941 } 4942 4943 err = skb->len; 4944 /* see above */ 4945 cb->args[0] = phy_idx + 1; 4946 out_err: 4947 cfg80211_unlock_rdev(rdev); 4948 return err; 4949 } 4950 4951 static struct sk_buff * 4952 __cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev, 4953 int approxlen, u32 pid, u32 seq, gfp_t gfp) 4954 { 4955 struct sk_buff *skb; 4956 void *hdr; 4957 struct nlattr *data; 4958 4959 skb = nlmsg_new(approxlen + 100, gfp); 4960 if (!skb) 4961 return NULL; 4962 4963 hdr = nl80211hdr_put(skb, pid, seq, 0, NL80211_CMD_TESTMODE); 4964 if (!hdr) { 4965 kfree_skb(skb); 4966 return NULL; 4967 } 4968 4969 NLA_PUT_U32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 4970 data = nla_nest_start(skb, NL80211_ATTR_TESTDATA); 4971 4972 ((void **)skb->cb)[0] = rdev; 4973 ((void **)skb->cb)[1] = hdr; 4974 ((void **)skb->cb)[2] = data; 4975 4976 return skb; 4977 4978 nla_put_failure: 4979 kfree_skb(skb); 4980 return NULL; 4981 } 4982 4983 struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy, 4984 int approxlen) 4985 { 4986 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 4987 4988 if (WARN_ON(!rdev->testmode_info)) 4989 return NULL; 4990 4991 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 4992 rdev->testmode_info->snd_pid, 4993 rdev->testmode_info->snd_seq, 4994 GFP_KERNEL); 4995 } 4996 EXPORT_SYMBOL(cfg80211_testmode_alloc_reply_skb); 4997 4998 int cfg80211_testmode_reply(struct sk_buff *skb) 4999 { 5000 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0]; 5001 void *hdr = ((void **)skb->cb)[1]; 5002 struct nlattr *data = ((void **)skb->cb)[2]; 5003 5004 if (WARN_ON(!rdev->testmode_info)) { 5005 kfree_skb(skb); 5006 return -EINVAL; 5007 } 5008 5009 nla_nest_end(skb, data); 5010 genlmsg_end(skb, hdr); 5011 return genlmsg_reply(skb, rdev->testmode_info); 5012 } 5013 EXPORT_SYMBOL(cfg80211_testmode_reply); 5014 5015 struct sk_buff *cfg80211_testmode_alloc_event_skb(struct wiphy *wiphy, 5016 int approxlen, gfp_t gfp) 5017 { 5018 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 5019 5020 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 0, 0, gfp); 5021 } 5022 EXPORT_SYMBOL(cfg80211_testmode_alloc_event_skb); 5023 5024 void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp) 5025 { 5026 void *hdr = ((void **)skb->cb)[1]; 5027 struct nlattr *data = ((void **)skb->cb)[2]; 5028 5029 nla_nest_end(skb, data); 5030 genlmsg_end(skb, hdr); 5031 genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp); 5032 } 5033 EXPORT_SYMBOL(cfg80211_testmode_event); 5034 #endif 5035 5036 static int nl80211_connect(struct sk_buff *skb, struct genl_info *info) 5037 { 5038 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5039 struct net_device *dev = info->user_ptr[1]; 5040 struct cfg80211_connect_params connect; 5041 struct wiphy *wiphy; 5042 struct cfg80211_cached_keys *connkeys = NULL; 5043 int err; 5044 5045 memset(&connect, 0, sizeof(connect)); 5046 5047 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 5048 return -EINVAL; 5049 5050 if (!info->attrs[NL80211_ATTR_SSID] || 5051 !nla_len(info->attrs[NL80211_ATTR_SSID])) 5052 return -EINVAL; 5053 5054 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { 5055 connect.auth_type = 5056 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 5057 if (!nl80211_valid_auth_type(connect.auth_type)) 5058 return -EINVAL; 5059 } else 5060 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC; 5061 5062 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY]; 5063 5064 err = nl80211_crypto_settings(rdev, info, &connect.crypto, 5065 NL80211_MAX_NR_CIPHER_SUITES); 5066 if (err) 5067 return err; 5068 5069 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5070 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 5071 return -EOPNOTSUPP; 5072 5073 wiphy = &rdev->wiphy; 5074 5075 if (info->attrs[NL80211_ATTR_MAC]) 5076 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 5077 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 5078 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 5079 5080 if (info->attrs[NL80211_ATTR_IE]) { 5081 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 5082 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 5083 } 5084 5085 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 5086 connect.channel = 5087 ieee80211_get_channel(wiphy, 5088 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 5089 if (!connect.channel || 5090 connect.channel->flags & IEEE80211_CHAN_DISABLED) 5091 return -EINVAL; 5092 } 5093 5094 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) { 5095 connkeys = nl80211_parse_connkeys(rdev, 5096 info->attrs[NL80211_ATTR_KEYS]); 5097 if (IS_ERR(connkeys)) 5098 return PTR_ERR(connkeys); 5099 } 5100 5101 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT])) 5102 connect.flags |= ASSOC_REQ_DISABLE_HT; 5103 5104 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) 5105 memcpy(&connect.ht_capa_mask, 5106 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]), 5107 sizeof(connect.ht_capa_mask)); 5108 5109 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) { 5110 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) 5111 return -EINVAL; 5112 memcpy(&connect.ht_capa, 5113 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]), 5114 sizeof(connect.ht_capa)); 5115 } 5116 5117 err = cfg80211_connect(rdev, dev, &connect, connkeys); 5118 if (err) 5119 kfree(connkeys); 5120 return err; 5121 } 5122 5123 static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info) 5124 { 5125 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5126 struct net_device *dev = info->user_ptr[1]; 5127 u16 reason; 5128 5129 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 5130 reason = WLAN_REASON_DEAUTH_LEAVING; 5131 else 5132 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 5133 5134 if (reason == 0) 5135 return -EINVAL; 5136 5137 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5138 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 5139 return -EOPNOTSUPP; 5140 5141 return cfg80211_disconnect(rdev, dev, reason, true); 5142 } 5143 5144 static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info) 5145 { 5146 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5147 struct net *net; 5148 int err; 5149 u32 pid; 5150 5151 if (!info->attrs[NL80211_ATTR_PID]) 5152 return -EINVAL; 5153 5154 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]); 5155 5156 net = get_net_ns_by_pid(pid); 5157 if (IS_ERR(net)) 5158 return PTR_ERR(net); 5159 5160 err = 0; 5161 5162 /* check if anything to do */ 5163 if (!net_eq(wiphy_net(&rdev->wiphy), net)) 5164 err = cfg80211_switch_netns(rdev, net); 5165 5166 put_net(net); 5167 return err; 5168 } 5169 5170 static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info) 5171 { 5172 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5173 int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev, 5174 struct cfg80211_pmksa *pmksa) = NULL; 5175 struct net_device *dev = info->user_ptr[1]; 5176 struct cfg80211_pmksa pmksa; 5177 5178 memset(&pmksa, 0, sizeof(struct cfg80211_pmksa)); 5179 5180 if (!info->attrs[NL80211_ATTR_MAC]) 5181 return -EINVAL; 5182 5183 if (!info->attrs[NL80211_ATTR_PMKID]) 5184 return -EINVAL; 5185 5186 pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]); 5187 pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 5188 5189 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5190 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 5191 return -EOPNOTSUPP; 5192 5193 switch (info->genlhdr->cmd) { 5194 case NL80211_CMD_SET_PMKSA: 5195 rdev_ops = rdev->ops->set_pmksa; 5196 break; 5197 case NL80211_CMD_DEL_PMKSA: 5198 rdev_ops = rdev->ops->del_pmksa; 5199 break; 5200 default: 5201 WARN_ON(1); 5202 break; 5203 } 5204 5205 if (!rdev_ops) 5206 return -EOPNOTSUPP; 5207 5208 return rdev_ops(&rdev->wiphy, dev, &pmksa); 5209 } 5210 5211 static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info) 5212 { 5213 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5214 struct net_device *dev = info->user_ptr[1]; 5215 5216 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5217 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 5218 return -EOPNOTSUPP; 5219 5220 if (!rdev->ops->flush_pmksa) 5221 return -EOPNOTSUPP; 5222 5223 return rdev->ops->flush_pmksa(&rdev->wiphy, dev); 5224 } 5225 5226 static int nl80211_tdls_mgmt(struct sk_buff *skb, struct genl_info *info) 5227 { 5228 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5229 struct net_device *dev = info->user_ptr[1]; 5230 u8 action_code, dialog_token; 5231 u16 status_code; 5232 u8 *peer; 5233 5234 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) || 5235 !rdev->ops->tdls_mgmt) 5236 return -EOPNOTSUPP; 5237 5238 if (!info->attrs[NL80211_ATTR_TDLS_ACTION] || 5239 !info->attrs[NL80211_ATTR_STATUS_CODE] || 5240 !info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN] || 5241 !info->attrs[NL80211_ATTR_IE] || 5242 !info->attrs[NL80211_ATTR_MAC]) 5243 return -EINVAL; 5244 5245 peer = nla_data(info->attrs[NL80211_ATTR_MAC]); 5246 action_code = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_ACTION]); 5247 status_code = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]); 5248 dialog_token = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN]); 5249 5250 return rdev->ops->tdls_mgmt(&rdev->wiphy, dev, peer, action_code, 5251 dialog_token, status_code, 5252 nla_data(info->attrs[NL80211_ATTR_IE]), 5253 nla_len(info->attrs[NL80211_ATTR_IE])); 5254 } 5255 5256 static int nl80211_tdls_oper(struct sk_buff *skb, struct genl_info *info) 5257 { 5258 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5259 struct net_device *dev = info->user_ptr[1]; 5260 enum nl80211_tdls_operation operation; 5261 u8 *peer; 5262 5263 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) || 5264 !rdev->ops->tdls_oper) 5265 return -EOPNOTSUPP; 5266 5267 if (!info->attrs[NL80211_ATTR_TDLS_OPERATION] || 5268 !info->attrs[NL80211_ATTR_MAC]) 5269 return -EINVAL; 5270 5271 operation = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_OPERATION]); 5272 peer = nla_data(info->attrs[NL80211_ATTR_MAC]); 5273 5274 return rdev->ops->tdls_oper(&rdev->wiphy, dev, peer, operation); 5275 } 5276 5277 static int nl80211_remain_on_channel(struct sk_buff *skb, 5278 struct genl_info *info) 5279 { 5280 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5281 struct net_device *dev = info->user_ptr[1]; 5282 struct ieee80211_channel *chan; 5283 struct sk_buff *msg; 5284 void *hdr; 5285 u64 cookie; 5286 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 5287 u32 freq, duration; 5288 int err; 5289 5290 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 5291 !info->attrs[NL80211_ATTR_DURATION]) 5292 return -EINVAL; 5293 5294 duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); 5295 5296 /* 5297 * We should be on that channel for at least one jiffie, 5298 * and more than 5 seconds seems excessive. 5299 */ 5300 if (!duration || !msecs_to_jiffies(duration) || 5301 duration > rdev->wiphy.max_remain_on_channel_duration) 5302 return -EINVAL; 5303 5304 if (!rdev->ops->remain_on_channel || 5305 !(rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL)) 5306 return -EOPNOTSUPP; 5307 5308 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 5309 channel_type = nla_get_u32( 5310 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 5311 if (channel_type != NL80211_CHAN_NO_HT && 5312 channel_type != NL80211_CHAN_HT20 && 5313 channel_type != NL80211_CHAN_HT40PLUS && 5314 channel_type != NL80211_CHAN_HT40MINUS) 5315 return -EINVAL; 5316 } 5317 5318 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 5319 chan = rdev_freq_to_chan(rdev, freq, channel_type); 5320 if (chan == NULL) 5321 return -EINVAL; 5322 5323 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5324 if (!msg) 5325 return -ENOMEM; 5326 5327 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5328 NL80211_CMD_REMAIN_ON_CHANNEL); 5329 5330 if (IS_ERR(hdr)) { 5331 err = PTR_ERR(hdr); 5332 goto free_msg; 5333 } 5334 5335 err = rdev->ops->remain_on_channel(&rdev->wiphy, dev, chan, 5336 channel_type, duration, &cookie); 5337 5338 if (err) 5339 goto free_msg; 5340 5341 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 5342 5343 genlmsg_end(msg, hdr); 5344 5345 return genlmsg_reply(msg, info); 5346 5347 nla_put_failure: 5348 err = -ENOBUFS; 5349 free_msg: 5350 nlmsg_free(msg); 5351 return err; 5352 } 5353 5354 static int nl80211_cancel_remain_on_channel(struct sk_buff *skb, 5355 struct genl_info *info) 5356 { 5357 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5358 struct net_device *dev = info->user_ptr[1]; 5359 u64 cookie; 5360 5361 if (!info->attrs[NL80211_ATTR_COOKIE]) 5362 return -EINVAL; 5363 5364 if (!rdev->ops->cancel_remain_on_channel) 5365 return -EOPNOTSUPP; 5366 5367 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); 5368 5369 return rdev->ops->cancel_remain_on_channel(&rdev->wiphy, dev, cookie); 5370 } 5371 5372 static u32 rateset_to_mask(struct ieee80211_supported_band *sband, 5373 u8 *rates, u8 rates_len) 5374 { 5375 u8 i; 5376 u32 mask = 0; 5377 5378 for (i = 0; i < rates_len; i++) { 5379 int rate = (rates[i] & 0x7f) * 5; 5380 int ridx; 5381 for (ridx = 0; ridx < sband->n_bitrates; ridx++) { 5382 struct ieee80211_rate *srate = 5383 &sband->bitrates[ridx]; 5384 if (rate == srate->bitrate) { 5385 mask |= 1 << ridx; 5386 break; 5387 } 5388 } 5389 if (ridx == sband->n_bitrates) 5390 return 0; /* rate not found */ 5391 } 5392 5393 return mask; 5394 } 5395 5396 static bool ht_rateset_to_mask(struct ieee80211_supported_band *sband, 5397 u8 *rates, u8 rates_len, 5398 u8 mcs[IEEE80211_HT_MCS_MASK_LEN]) 5399 { 5400 u8 i; 5401 5402 memset(mcs, 0, IEEE80211_HT_MCS_MASK_LEN); 5403 5404 for (i = 0; i < rates_len; i++) { 5405 int ridx, rbit; 5406 5407 ridx = rates[i] / 8; 5408 rbit = BIT(rates[i] % 8); 5409 5410 /* check validity */ 5411 if ((ridx < 0) || (ridx > IEEE80211_HT_MCS_MASK_LEN)) 5412 return false; 5413 5414 /* check availability */ 5415 if (sband->ht_cap.mcs.rx_mask[ridx] & rbit) 5416 mcs[ridx] |= rbit; 5417 else 5418 return false; 5419 } 5420 5421 return true; 5422 } 5423 5424 static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = { 5425 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY, 5426 .len = NL80211_MAX_SUPP_RATES }, 5427 [NL80211_TXRATE_MCS] = { .type = NLA_BINARY, 5428 .len = NL80211_MAX_SUPP_HT_RATES }, 5429 }; 5430 5431 static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb, 5432 struct genl_info *info) 5433 { 5434 struct nlattr *tb[NL80211_TXRATE_MAX + 1]; 5435 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5436 struct cfg80211_bitrate_mask mask; 5437 int rem, i; 5438 struct net_device *dev = info->user_ptr[1]; 5439 struct nlattr *tx_rates; 5440 struct ieee80211_supported_band *sband; 5441 5442 if (info->attrs[NL80211_ATTR_TX_RATES] == NULL) 5443 return -EINVAL; 5444 5445 if (!rdev->ops->set_bitrate_mask) 5446 return -EOPNOTSUPP; 5447 5448 memset(&mask, 0, sizeof(mask)); 5449 /* Default to all rates enabled */ 5450 for (i = 0; i < IEEE80211_NUM_BANDS; i++) { 5451 sband = rdev->wiphy.bands[i]; 5452 mask.control[i].legacy = 5453 sband ? (1 << sband->n_bitrates) - 1 : 0; 5454 if (sband) 5455 memcpy(mask.control[i].mcs, 5456 sband->ht_cap.mcs.rx_mask, 5457 sizeof(mask.control[i].mcs)); 5458 else 5459 memset(mask.control[i].mcs, 0, 5460 sizeof(mask.control[i].mcs)); 5461 } 5462 5463 /* 5464 * The nested attribute uses enum nl80211_band as the index. This maps 5465 * directly to the enum ieee80211_band values used in cfg80211. 5466 */ 5467 BUILD_BUG_ON(NL80211_MAX_SUPP_HT_RATES > IEEE80211_HT_MCS_MASK_LEN * 8); 5468 nla_for_each_nested(tx_rates, info->attrs[NL80211_ATTR_TX_RATES], rem) 5469 { 5470 enum ieee80211_band band = nla_type(tx_rates); 5471 if (band < 0 || band >= IEEE80211_NUM_BANDS) 5472 return -EINVAL; 5473 sband = rdev->wiphy.bands[band]; 5474 if (sband == NULL) 5475 return -EINVAL; 5476 nla_parse(tb, NL80211_TXRATE_MAX, nla_data(tx_rates), 5477 nla_len(tx_rates), nl80211_txattr_policy); 5478 if (tb[NL80211_TXRATE_LEGACY]) { 5479 mask.control[band].legacy = rateset_to_mask( 5480 sband, 5481 nla_data(tb[NL80211_TXRATE_LEGACY]), 5482 nla_len(tb[NL80211_TXRATE_LEGACY])); 5483 } 5484 if (tb[NL80211_TXRATE_MCS]) { 5485 if (!ht_rateset_to_mask( 5486 sband, 5487 nla_data(tb[NL80211_TXRATE_MCS]), 5488 nla_len(tb[NL80211_TXRATE_MCS]), 5489 mask.control[band].mcs)) 5490 return -EINVAL; 5491 } 5492 5493 if (mask.control[band].legacy == 0) { 5494 /* don't allow empty legacy rates if HT 5495 * is not even supported. */ 5496 if (!rdev->wiphy.bands[band]->ht_cap.ht_supported) 5497 return -EINVAL; 5498 5499 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) 5500 if (mask.control[band].mcs[i]) 5501 break; 5502 5503 /* legacy and mcs rates may not be both empty */ 5504 if (i == IEEE80211_HT_MCS_MASK_LEN) 5505 return -EINVAL; 5506 } 5507 } 5508 5509 return rdev->ops->set_bitrate_mask(&rdev->wiphy, dev, NULL, &mask); 5510 } 5511 5512 static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info) 5513 { 5514 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5515 struct net_device *dev = info->user_ptr[1]; 5516 u16 frame_type = IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_ACTION; 5517 5518 if (!info->attrs[NL80211_ATTR_FRAME_MATCH]) 5519 return -EINVAL; 5520 5521 if (info->attrs[NL80211_ATTR_FRAME_TYPE]) 5522 frame_type = nla_get_u16(info->attrs[NL80211_ATTR_FRAME_TYPE]); 5523 5524 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5525 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 5526 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 5527 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 5528 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 5529 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 5530 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 5531 return -EOPNOTSUPP; 5532 5533 /* not much point in registering if we can't reply */ 5534 if (!rdev->ops->mgmt_tx) 5535 return -EOPNOTSUPP; 5536 5537 return cfg80211_mlme_register_mgmt(dev->ieee80211_ptr, info->snd_pid, 5538 frame_type, 5539 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]), 5540 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH])); 5541 } 5542 5543 static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info) 5544 { 5545 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5546 struct net_device *dev = info->user_ptr[1]; 5547 struct ieee80211_channel *chan; 5548 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 5549 bool channel_type_valid = false; 5550 u32 freq; 5551 int err; 5552 void *hdr = NULL; 5553 u64 cookie; 5554 struct sk_buff *msg = NULL; 5555 unsigned int wait = 0; 5556 bool offchan, no_cck, dont_wait_for_ack; 5557 5558 dont_wait_for_ack = info->attrs[NL80211_ATTR_DONT_WAIT_FOR_ACK]; 5559 5560 if (!info->attrs[NL80211_ATTR_FRAME] || 5561 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 5562 return -EINVAL; 5563 5564 if (!rdev->ops->mgmt_tx) 5565 return -EOPNOTSUPP; 5566 5567 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5568 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 5569 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 5570 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 5571 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 5572 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 5573 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 5574 return -EOPNOTSUPP; 5575 5576 if (info->attrs[NL80211_ATTR_DURATION]) { 5577 if (!(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX)) 5578 return -EINVAL; 5579 wait = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); 5580 } 5581 5582 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 5583 channel_type = nla_get_u32( 5584 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 5585 if (channel_type != NL80211_CHAN_NO_HT && 5586 channel_type != NL80211_CHAN_HT20 && 5587 channel_type != NL80211_CHAN_HT40PLUS && 5588 channel_type != NL80211_CHAN_HT40MINUS) 5589 return -EINVAL; 5590 channel_type_valid = true; 5591 } 5592 5593 offchan = info->attrs[NL80211_ATTR_OFFCHANNEL_TX_OK]; 5594 5595 if (offchan && !(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX)) 5596 return -EINVAL; 5597 5598 no_cck = nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]); 5599 5600 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 5601 chan = rdev_freq_to_chan(rdev, freq, channel_type); 5602 if (chan == NULL) 5603 return -EINVAL; 5604 5605 if (!dont_wait_for_ack) { 5606 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5607 if (!msg) 5608 return -ENOMEM; 5609 5610 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5611 NL80211_CMD_FRAME); 5612 5613 if (IS_ERR(hdr)) { 5614 err = PTR_ERR(hdr); 5615 goto free_msg; 5616 } 5617 } 5618 5619 err = cfg80211_mlme_mgmt_tx(rdev, dev, chan, offchan, channel_type, 5620 channel_type_valid, wait, 5621 nla_data(info->attrs[NL80211_ATTR_FRAME]), 5622 nla_len(info->attrs[NL80211_ATTR_FRAME]), 5623 no_cck, dont_wait_for_ack, &cookie); 5624 if (err) 5625 goto free_msg; 5626 5627 if (msg) { 5628 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 5629 5630 genlmsg_end(msg, hdr); 5631 return genlmsg_reply(msg, info); 5632 } 5633 5634 return 0; 5635 5636 nla_put_failure: 5637 err = -ENOBUFS; 5638 free_msg: 5639 nlmsg_free(msg); 5640 return err; 5641 } 5642 5643 static int nl80211_tx_mgmt_cancel_wait(struct sk_buff *skb, struct genl_info *info) 5644 { 5645 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5646 struct net_device *dev = info->user_ptr[1]; 5647 u64 cookie; 5648 5649 if (!info->attrs[NL80211_ATTR_COOKIE]) 5650 return -EINVAL; 5651 5652 if (!rdev->ops->mgmt_tx_cancel_wait) 5653 return -EOPNOTSUPP; 5654 5655 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5656 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 5657 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 5658 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 5659 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 5660 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 5661 return -EOPNOTSUPP; 5662 5663 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); 5664 5665 return rdev->ops->mgmt_tx_cancel_wait(&rdev->wiphy, dev, cookie); 5666 } 5667 5668 static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info) 5669 { 5670 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5671 struct wireless_dev *wdev; 5672 struct net_device *dev = info->user_ptr[1]; 5673 u8 ps_state; 5674 bool state; 5675 int err; 5676 5677 if (!info->attrs[NL80211_ATTR_PS_STATE]) 5678 return -EINVAL; 5679 5680 ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]); 5681 5682 if (ps_state != NL80211_PS_DISABLED && ps_state != NL80211_PS_ENABLED) 5683 return -EINVAL; 5684 5685 wdev = dev->ieee80211_ptr; 5686 5687 if (!rdev->ops->set_power_mgmt) 5688 return -EOPNOTSUPP; 5689 5690 state = (ps_state == NL80211_PS_ENABLED) ? true : false; 5691 5692 if (state == wdev->ps) 5693 return 0; 5694 5695 err = rdev->ops->set_power_mgmt(wdev->wiphy, dev, state, 5696 wdev->ps_timeout); 5697 if (!err) 5698 wdev->ps = state; 5699 return err; 5700 } 5701 5702 static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info) 5703 { 5704 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5705 enum nl80211_ps_state ps_state; 5706 struct wireless_dev *wdev; 5707 struct net_device *dev = info->user_ptr[1]; 5708 struct sk_buff *msg; 5709 void *hdr; 5710 int err; 5711 5712 wdev = dev->ieee80211_ptr; 5713 5714 if (!rdev->ops->set_power_mgmt) 5715 return -EOPNOTSUPP; 5716 5717 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5718 if (!msg) 5719 return -ENOMEM; 5720 5721 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5722 NL80211_CMD_GET_POWER_SAVE); 5723 if (!hdr) { 5724 err = -ENOBUFS; 5725 goto free_msg; 5726 } 5727 5728 if (wdev->ps) 5729 ps_state = NL80211_PS_ENABLED; 5730 else 5731 ps_state = NL80211_PS_DISABLED; 5732 5733 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE, ps_state); 5734 5735 genlmsg_end(msg, hdr); 5736 return genlmsg_reply(msg, info); 5737 5738 nla_put_failure: 5739 err = -ENOBUFS; 5740 free_msg: 5741 nlmsg_free(msg); 5742 return err; 5743 } 5744 5745 static struct nla_policy 5746 nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] __read_mostly = { 5747 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 }, 5748 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 }, 5749 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 }, 5750 }; 5751 5752 static int nl80211_set_cqm_rssi(struct genl_info *info, 5753 s32 threshold, u32 hysteresis) 5754 { 5755 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5756 struct wireless_dev *wdev; 5757 struct net_device *dev = info->user_ptr[1]; 5758 5759 if (threshold > 0) 5760 return -EINVAL; 5761 5762 wdev = dev->ieee80211_ptr; 5763 5764 if (!rdev->ops->set_cqm_rssi_config) 5765 return -EOPNOTSUPP; 5766 5767 if (wdev->iftype != NL80211_IFTYPE_STATION && 5768 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT) 5769 return -EOPNOTSUPP; 5770 5771 return rdev->ops->set_cqm_rssi_config(wdev->wiphy, dev, 5772 threshold, hysteresis); 5773 } 5774 5775 static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info) 5776 { 5777 struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1]; 5778 struct nlattr *cqm; 5779 int err; 5780 5781 cqm = info->attrs[NL80211_ATTR_CQM]; 5782 if (!cqm) { 5783 err = -EINVAL; 5784 goto out; 5785 } 5786 5787 err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm, 5788 nl80211_attr_cqm_policy); 5789 if (err) 5790 goto out; 5791 5792 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] && 5793 attrs[NL80211_ATTR_CQM_RSSI_HYST]) { 5794 s32 threshold; 5795 u32 hysteresis; 5796 threshold = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_THOLD]); 5797 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]); 5798 err = nl80211_set_cqm_rssi(info, threshold, hysteresis); 5799 } else 5800 err = -EINVAL; 5801 5802 out: 5803 return err; 5804 } 5805 5806 static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info) 5807 { 5808 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5809 struct net_device *dev = info->user_ptr[1]; 5810 struct mesh_config cfg; 5811 struct mesh_setup setup; 5812 int err; 5813 5814 /* start with default */ 5815 memcpy(&cfg, &default_mesh_config, sizeof(cfg)); 5816 memcpy(&setup, &default_mesh_setup, sizeof(setup)); 5817 5818 if (info->attrs[NL80211_ATTR_MESH_CONFIG]) { 5819 /* and parse parameters if given */ 5820 err = nl80211_parse_mesh_config(info, &cfg, NULL); 5821 if (err) 5822 return err; 5823 } 5824 5825 if (!info->attrs[NL80211_ATTR_MESH_ID] || 5826 !nla_len(info->attrs[NL80211_ATTR_MESH_ID])) 5827 return -EINVAL; 5828 5829 setup.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]); 5830 setup.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 5831 5832 if (info->attrs[NL80211_ATTR_MCAST_RATE] && 5833 !nl80211_parse_mcast_rate(rdev, setup.mcast_rate, 5834 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]))) 5835 return -EINVAL; 5836 5837 if (info->attrs[NL80211_ATTR_MESH_SETUP]) { 5838 /* parse additional setup parameters if given */ 5839 err = nl80211_parse_mesh_setup(info, &setup); 5840 if (err) 5841 return err; 5842 } 5843 5844 return cfg80211_join_mesh(rdev, dev, &setup, &cfg); 5845 } 5846 5847 static int nl80211_leave_mesh(struct sk_buff *skb, struct genl_info *info) 5848 { 5849 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5850 struct net_device *dev = info->user_ptr[1]; 5851 5852 return cfg80211_leave_mesh(rdev, dev); 5853 } 5854 5855 static int nl80211_get_wowlan(struct sk_buff *skb, struct genl_info *info) 5856 { 5857 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5858 struct sk_buff *msg; 5859 void *hdr; 5860 5861 if (!rdev->wiphy.wowlan.flags && !rdev->wiphy.wowlan.n_patterns) 5862 return -EOPNOTSUPP; 5863 5864 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5865 if (!msg) 5866 return -ENOMEM; 5867 5868 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5869 NL80211_CMD_GET_WOWLAN); 5870 if (!hdr) 5871 goto nla_put_failure; 5872 5873 if (rdev->wowlan) { 5874 struct nlattr *nl_wowlan; 5875 5876 nl_wowlan = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS); 5877 if (!nl_wowlan) 5878 goto nla_put_failure; 5879 5880 if (rdev->wowlan->any) 5881 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_ANY); 5882 if (rdev->wowlan->disconnect) 5883 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_DISCONNECT); 5884 if (rdev->wowlan->magic_pkt) 5885 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT); 5886 if (rdev->wowlan->gtk_rekey_failure) 5887 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE); 5888 if (rdev->wowlan->eap_identity_req) 5889 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST); 5890 if (rdev->wowlan->four_way_handshake) 5891 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE); 5892 if (rdev->wowlan->rfkill_release) 5893 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE); 5894 if (rdev->wowlan->n_patterns) { 5895 struct nlattr *nl_pats, *nl_pat; 5896 int i, pat_len; 5897 5898 nl_pats = nla_nest_start(msg, 5899 NL80211_WOWLAN_TRIG_PKT_PATTERN); 5900 if (!nl_pats) 5901 goto nla_put_failure; 5902 5903 for (i = 0; i < rdev->wowlan->n_patterns; i++) { 5904 nl_pat = nla_nest_start(msg, i + 1); 5905 if (!nl_pat) 5906 goto nla_put_failure; 5907 pat_len = rdev->wowlan->patterns[i].pattern_len; 5908 NLA_PUT(msg, NL80211_WOWLAN_PKTPAT_MASK, 5909 DIV_ROUND_UP(pat_len, 8), 5910 rdev->wowlan->patterns[i].mask); 5911 NLA_PUT(msg, NL80211_WOWLAN_PKTPAT_PATTERN, 5912 pat_len, 5913 rdev->wowlan->patterns[i].pattern); 5914 nla_nest_end(msg, nl_pat); 5915 } 5916 nla_nest_end(msg, nl_pats); 5917 } 5918 5919 nla_nest_end(msg, nl_wowlan); 5920 } 5921 5922 genlmsg_end(msg, hdr); 5923 return genlmsg_reply(msg, info); 5924 5925 nla_put_failure: 5926 nlmsg_free(msg); 5927 return -ENOBUFS; 5928 } 5929 5930 static int nl80211_set_wowlan(struct sk_buff *skb, struct genl_info *info) 5931 { 5932 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5933 struct nlattr *tb[NUM_NL80211_WOWLAN_TRIG]; 5934 struct cfg80211_wowlan no_triggers = {}; 5935 struct cfg80211_wowlan new_triggers = {}; 5936 struct wiphy_wowlan_support *wowlan = &rdev->wiphy.wowlan; 5937 int err, i; 5938 5939 if (!rdev->wiphy.wowlan.flags && !rdev->wiphy.wowlan.n_patterns) 5940 return -EOPNOTSUPP; 5941 5942 if (!info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]) 5943 goto no_triggers; 5944 5945 err = nla_parse(tb, MAX_NL80211_WOWLAN_TRIG, 5946 nla_data(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]), 5947 nla_len(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]), 5948 nl80211_wowlan_policy); 5949 if (err) 5950 return err; 5951 5952 if (tb[NL80211_WOWLAN_TRIG_ANY]) { 5953 if (!(wowlan->flags & WIPHY_WOWLAN_ANY)) 5954 return -EINVAL; 5955 new_triggers.any = true; 5956 } 5957 5958 if (tb[NL80211_WOWLAN_TRIG_DISCONNECT]) { 5959 if (!(wowlan->flags & WIPHY_WOWLAN_DISCONNECT)) 5960 return -EINVAL; 5961 new_triggers.disconnect = true; 5962 } 5963 5964 if (tb[NL80211_WOWLAN_TRIG_MAGIC_PKT]) { 5965 if (!(wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT)) 5966 return -EINVAL; 5967 new_triggers.magic_pkt = true; 5968 } 5969 5970 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED]) 5971 return -EINVAL; 5972 5973 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE]) { 5974 if (!(wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE)) 5975 return -EINVAL; 5976 new_triggers.gtk_rekey_failure = true; 5977 } 5978 5979 if (tb[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST]) { 5980 if (!(wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ)) 5981 return -EINVAL; 5982 new_triggers.eap_identity_req = true; 5983 } 5984 5985 if (tb[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE]) { 5986 if (!(wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE)) 5987 return -EINVAL; 5988 new_triggers.four_way_handshake = true; 5989 } 5990 5991 if (tb[NL80211_WOWLAN_TRIG_RFKILL_RELEASE]) { 5992 if (!(wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE)) 5993 return -EINVAL; 5994 new_triggers.rfkill_release = true; 5995 } 5996 5997 if (tb[NL80211_WOWLAN_TRIG_PKT_PATTERN]) { 5998 struct nlattr *pat; 5999 int n_patterns = 0; 6000 int rem, pat_len, mask_len; 6001 struct nlattr *pat_tb[NUM_NL80211_WOWLAN_PKTPAT]; 6002 6003 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN], 6004 rem) 6005 n_patterns++; 6006 if (n_patterns > wowlan->n_patterns) 6007 return -EINVAL; 6008 6009 new_triggers.patterns = kcalloc(n_patterns, 6010 sizeof(new_triggers.patterns[0]), 6011 GFP_KERNEL); 6012 if (!new_triggers.patterns) 6013 return -ENOMEM; 6014 6015 new_triggers.n_patterns = n_patterns; 6016 i = 0; 6017 6018 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN], 6019 rem) { 6020 nla_parse(pat_tb, MAX_NL80211_WOWLAN_PKTPAT, 6021 nla_data(pat), nla_len(pat), NULL); 6022 err = -EINVAL; 6023 if (!pat_tb[NL80211_WOWLAN_PKTPAT_MASK] || 6024 !pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]) 6025 goto error; 6026 pat_len = nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]); 6027 mask_len = DIV_ROUND_UP(pat_len, 8); 6028 if (nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]) != 6029 mask_len) 6030 goto error; 6031 if (pat_len > wowlan->pattern_max_len || 6032 pat_len < wowlan->pattern_min_len) 6033 goto error; 6034 6035 new_triggers.patterns[i].mask = 6036 kmalloc(mask_len + pat_len, GFP_KERNEL); 6037 if (!new_triggers.patterns[i].mask) { 6038 err = -ENOMEM; 6039 goto error; 6040 } 6041 new_triggers.patterns[i].pattern = 6042 new_triggers.patterns[i].mask + mask_len; 6043 memcpy(new_triggers.patterns[i].mask, 6044 nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]), 6045 mask_len); 6046 new_triggers.patterns[i].pattern_len = pat_len; 6047 memcpy(new_triggers.patterns[i].pattern, 6048 nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]), 6049 pat_len); 6050 i++; 6051 } 6052 } 6053 6054 if (memcmp(&new_triggers, &no_triggers, sizeof(new_triggers))) { 6055 struct cfg80211_wowlan *ntrig; 6056 ntrig = kmemdup(&new_triggers, sizeof(new_triggers), 6057 GFP_KERNEL); 6058 if (!ntrig) { 6059 err = -ENOMEM; 6060 goto error; 6061 } 6062 cfg80211_rdev_free_wowlan(rdev); 6063 rdev->wowlan = ntrig; 6064 } else { 6065 no_triggers: 6066 cfg80211_rdev_free_wowlan(rdev); 6067 rdev->wowlan = NULL; 6068 } 6069 6070 return 0; 6071 error: 6072 for (i = 0; i < new_triggers.n_patterns; i++) 6073 kfree(new_triggers.patterns[i].mask); 6074 kfree(new_triggers.patterns); 6075 return err; 6076 } 6077 6078 static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info) 6079 { 6080 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 6081 struct net_device *dev = info->user_ptr[1]; 6082 struct wireless_dev *wdev = dev->ieee80211_ptr; 6083 struct nlattr *tb[NUM_NL80211_REKEY_DATA]; 6084 struct cfg80211_gtk_rekey_data rekey_data; 6085 int err; 6086 6087 if (!info->attrs[NL80211_ATTR_REKEY_DATA]) 6088 return -EINVAL; 6089 6090 err = nla_parse(tb, MAX_NL80211_REKEY_DATA, 6091 nla_data(info->attrs[NL80211_ATTR_REKEY_DATA]), 6092 nla_len(info->attrs[NL80211_ATTR_REKEY_DATA]), 6093 nl80211_rekey_policy); 6094 if (err) 6095 return err; 6096 6097 if (nla_len(tb[NL80211_REKEY_DATA_REPLAY_CTR]) != NL80211_REPLAY_CTR_LEN) 6098 return -ERANGE; 6099 if (nla_len(tb[NL80211_REKEY_DATA_KEK]) != NL80211_KEK_LEN) 6100 return -ERANGE; 6101 if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN) 6102 return -ERANGE; 6103 6104 memcpy(rekey_data.kek, nla_data(tb[NL80211_REKEY_DATA_KEK]), 6105 NL80211_KEK_LEN); 6106 memcpy(rekey_data.kck, nla_data(tb[NL80211_REKEY_DATA_KCK]), 6107 NL80211_KCK_LEN); 6108 memcpy(rekey_data.replay_ctr, 6109 nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]), 6110 NL80211_REPLAY_CTR_LEN); 6111 6112 wdev_lock(wdev); 6113 if (!wdev->current_bss) { 6114 err = -ENOTCONN; 6115 goto out; 6116 } 6117 6118 if (!rdev->ops->set_rekey_data) { 6119 err = -EOPNOTSUPP; 6120 goto out; 6121 } 6122 6123 err = rdev->ops->set_rekey_data(&rdev->wiphy, dev, &rekey_data); 6124 out: 6125 wdev_unlock(wdev); 6126 return err; 6127 } 6128 6129 static int nl80211_register_unexpected_frame(struct sk_buff *skb, 6130 struct genl_info *info) 6131 { 6132 struct net_device *dev = info->user_ptr[1]; 6133 struct wireless_dev *wdev = dev->ieee80211_ptr; 6134 6135 if (wdev->iftype != NL80211_IFTYPE_AP && 6136 wdev->iftype != NL80211_IFTYPE_P2P_GO) 6137 return -EINVAL; 6138 6139 if (wdev->ap_unexpected_nlpid) 6140 return -EBUSY; 6141 6142 wdev->ap_unexpected_nlpid = info->snd_pid; 6143 return 0; 6144 } 6145 6146 static int nl80211_probe_client(struct sk_buff *skb, 6147 struct genl_info *info) 6148 { 6149 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 6150 struct net_device *dev = info->user_ptr[1]; 6151 struct wireless_dev *wdev = dev->ieee80211_ptr; 6152 struct sk_buff *msg; 6153 void *hdr; 6154 const u8 *addr; 6155 u64 cookie; 6156 int err; 6157 6158 if (wdev->iftype != NL80211_IFTYPE_AP && 6159 wdev->iftype != NL80211_IFTYPE_P2P_GO) 6160 return -EOPNOTSUPP; 6161 6162 if (!info->attrs[NL80211_ATTR_MAC]) 6163 return -EINVAL; 6164 6165 if (!rdev->ops->probe_client) 6166 return -EOPNOTSUPP; 6167 6168 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6169 if (!msg) 6170 return -ENOMEM; 6171 6172 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 6173 NL80211_CMD_PROBE_CLIENT); 6174 6175 if (IS_ERR(hdr)) { 6176 err = PTR_ERR(hdr); 6177 goto free_msg; 6178 } 6179 6180 addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 6181 6182 err = rdev->ops->probe_client(&rdev->wiphy, dev, addr, &cookie); 6183 if (err) 6184 goto free_msg; 6185 6186 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 6187 6188 genlmsg_end(msg, hdr); 6189 6190 return genlmsg_reply(msg, info); 6191 6192 nla_put_failure: 6193 err = -ENOBUFS; 6194 free_msg: 6195 nlmsg_free(msg); 6196 return err; 6197 } 6198 6199 static int nl80211_register_beacons(struct sk_buff *skb, struct genl_info *info) 6200 { 6201 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 6202 6203 if (!(rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS)) 6204 return -EOPNOTSUPP; 6205 6206 if (rdev->ap_beacons_nlpid) 6207 return -EBUSY; 6208 6209 rdev->ap_beacons_nlpid = info->snd_pid; 6210 6211 return 0; 6212 } 6213 6214 #define NL80211_FLAG_NEED_WIPHY 0x01 6215 #define NL80211_FLAG_NEED_NETDEV 0x02 6216 #define NL80211_FLAG_NEED_RTNL 0x04 6217 #define NL80211_FLAG_CHECK_NETDEV_UP 0x08 6218 #define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\ 6219 NL80211_FLAG_CHECK_NETDEV_UP) 6220 6221 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb, 6222 struct genl_info *info) 6223 { 6224 struct cfg80211_registered_device *rdev; 6225 struct net_device *dev; 6226 int err; 6227 bool rtnl = ops->internal_flags & NL80211_FLAG_NEED_RTNL; 6228 6229 if (rtnl) 6230 rtnl_lock(); 6231 6232 if (ops->internal_flags & NL80211_FLAG_NEED_WIPHY) { 6233 rdev = cfg80211_get_dev_from_info(info); 6234 if (IS_ERR(rdev)) { 6235 if (rtnl) 6236 rtnl_unlock(); 6237 return PTR_ERR(rdev); 6238 } 6239 info->user_ptr[0] = rdev; 6240 } else if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV) { 6241 err = get_rdev_dev_by_ifindex(genl_info_net(info), info->attrs, 6242 &rdev, &dev); 6243 if (err) { 6244 if (rtnl) 6245 rtnl_unlock(); 6246 return err; 6247 } 6248 if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP && 6249 !netif_running(dev)) { 6250 cfg80211_unlock_rdev(rdev); 6251 dev_put(dev); 6252 if (rtnl) 6253 rtnl_unlock(); 6254 return -ENETDOWN; 6255 } 6256 info->user_ptr[0] = rdev; 6257 info->user_ptr[1] = dev; 6258 } 6259 6260 return 0; 6261 } 6262 6263 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb, 6264 struct genl_info *info) 6265 { 6266 if (info->user_ptr[0]) 6267 cfg80211_unlock_rdev(info->user_ptr[0]); 6268 if (info->user_ptr[1]) 6269 dev_put(info->user_ptr[1]); 6270 if (ops->internal_flags & NL80211_FLAG_NEED_RTNL) 6271 rtnl_unlock(); 6272 } 6273 6274 static struct genl_ops nl80211_ops[] = { 6275 { 6276 .cmd = NL80211_CMD_GET_WIPHY, 6277 .doit = nl80211_get_wiphy, 6278 .dumpit = nl80211_dump_wiphy, 6279 .policy = nl80211_policy, 6280 /* can be retrieved by unprivileged users */ 6281 .internal_flags = NL80211_FLAG_NEED_WIPHY, 6282 }, 6283 { 6284 .cmd = NL80211_CMD_SET_WIPHY, 6285 .doit = nl80211_set_wiphy, 6286 .policy = nl80211_policy, 6287 .flags = GENL_ADMIN_PERM, 6288 .internal_flags = NL80211_FLAG_NEED_RTNL, 6289 }, 6290 { 6291 .cmd = NL80211_CMD_GET_INTERFACE, 6292 .doit = nl80211_get_interface, 6293 .dumpit = nl80211_dump_interface, 6294 .policy = nl80211_policy, 6295 /* can be retrieved by unprivileged users */ 6296 .internal_flags = NL80211_FLAG_NEED_NETDEV, 6297 }, 6298 { 6299 .cmd = NL80211_CMD_SET_INTERFACE, 6300 .doit = nl80211_set_interface, 6301 .policy = nl80211_policy, 6302 .flags = GENL_ADMIN_PERM, 6303 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6304 NL80211_FLAG_NEED_RTNL, 6305 }, 6306 { 6307 .cmd = NL80211_CMD_NEW_INTERFACE, 6308 .doit = nl80211_new_interface, 6309 .policy = nl80211_policy, 6310 .flags = GENL_ADMIN_PERM, 6311 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6312 NL80211_FLAG_NEED_RTNL, 6313 }, 6314 { 6315 .cmd = NL80211_CMD_DEL_INTERFACE, 6316 .doit = nl80211_del_interface, 6317 .policy = nl80211_policy, 6318 .flags = GENL_ADMIN_PERM, 6319 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6320 NL80211_FLAG_NEED_RTNL, 6321 }, 6322 { 6323 .cmd = NL80211_CMD_GET_KEY, 6324 .doit = nl80211_get_key, 6325 .policy = nl80211_policy, 6326 .flags = GENL_ADMIN_PERM, 6327 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6328 NL80211_FLAG_NEED_RTNL, 6329 }, 6330 { 6331 .cmd = NL80211_CMD_SET_KEY, 6332 .doit = nl80211_set_key, 6333 .policy = nl80211_policy, 6334 .flags = GENL_ADMIN_PERM, 6335 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6336 NL80211_FLAG_NEED_RTNL, 6337 }, 6338 { 6339 .cmd = NL80211_CMD_NEW_KEY, 6340 .doit = nl80211_new_key, 6341 .policy = nl80211_policy, 6342 .flags = GENL_ADMIN_PERM, 6343 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6344 NL80211_FLAG_NEED_RTNL, 6345 }, 6346 { 6347 .cmd = NL80211_CMD_DEL_KEY, 6348 .doit = nl80211_del_key, 6349 .policy = nl80211_policy, 6350 .flags = GENL_ADMIN_PERM, 6351 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6352 NL80211_FLAG_NEED_RTNL, 6353 }, 6354 { 6355 .cmd = NL80211_CMD_SET_BEACON, 6356 .policy = nl80211_policy, 6357 .flags = GENL_ADMIN_PERM, 6358 .doit = nl80211_addset_beacon, 6359 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6360 NL80211_FLAG_NEED_RTNL, 6361 }, 6362 { 6363 .cmd = NL80211_CMD_NEW_BEACON, 6364 .policy = nl80211_policy, 6365 .flags = GENL_ADMIN_PERM, 6366 .doit = nl80211_addset_beacon, 6367 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6368 NL80211_FLAG_NEED_RTNL, 6369 }, 6370 { 6371 .cmd = NL80211_CMD_DEL_BEACON, 6372 .policy = nl80211_policy, 6373 .flags = GENL_ADMIN_PERM, 6374 .doit = nl80211_del_beacon, 6375 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6376 NL80211_FLAG_NEED_RTNL, 6377 }, 6378 { 6379 .cmd = NL80211_CMD_GET_STATION, 6380 .doit = nl80211_get_station, 6381 .dumpit = nl80211_dump_station, 6382 .policy = nl80211_policy, 6383 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6384 NL80211_FLAG_NEED_RTNL, 6385 }, 6386 { 6387 .cmd = NL80211_CMD_SET_STATION, 6388 .doit = nl80211_set_station, 6389 .policy = nl80211_policy, 6390 .flags = GENL_ADMIN_PERM, 6391 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6392 NL80211_FLAG_NEED_RTNL, 6393 }, 6394 { 6395 .cmd = NL80211_CMD_NEW_STATION, 6396 .doit = nl80211_new_station, 6397 .policy = nl80211_policy, 6398 .flags = GENL_ADMIN_PERM, 6399 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6400 NL80211_FLAG_NEED_RTNL, 6401 }, 6402 { 6403 .cmd = NL80211_CMD_DEL_STATION, 6404 .doit = nl80211_del_station, 6405 .policy = nl80211_policy, 6406 .flags = GENL_ADMIN_PERM, 6407 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6408 NL80211_FLAG_NEED_RTNL, 6409 }, 6410 { 6411 .cmd = NL80211_CMD_GET_MPATH, 6412 .doit = nl80211_get_mpath, 6413 .dumpit = nl80211_dump_mpath, 6414 .policy = nl80211_policy, 6415 .flags = GENL_ADMIN_PERM, 6416 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6417 NL80211_FLAG_NEED_RTNL, 6418 }, 6419 { 6420 .cmd = NL80211_CMD_SET_MPATH, 6421 .doit = nl80211_set_mpath, 6422 .policy = nl80211_policy, 6423 .flags = GENL_ADMIN_PERM, 6424 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6425 NL80211_FLAG_NEED_RTNL, 6426 }, 6427 { 6428 .cmd = NL80211_CMD_NEW_MPATH, 6429 .doit = nl80211_new_mpath, 6430 .policy = nl80211_policy, 6431 .flags = GENL_ADMIN_PERM, 6432 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6433 NL80211_FLAG_NEED_RTNL, 6434 }, 6435 { 6436 .cmd = NL80211_CMD_DEL_MPATH, 6437 .doit = nl80211_del_mpath, 6438 .policy = nl80211_policy, 6439 .flags = GENL_ADMIN_PERM, 6440 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6441 NL80211_FLAG_NEED_RTNL, 6442 }, 6443 { 6444 .cmd = NL80211_CMD_SET_BSS, 6445 .doit = nl80211_set_bss, 6446 .policy = nl80211_policy, 6447 .flags = GENL_ADMIN_PERM, 6448 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6449 NL80211_FLAG_NEED_RTNL, 6450 }, 6451 { 6452 .cmd = NL80211_CMD_GET_REG, 6453 .doit = nl80211_get_reg, 6454 .policy = nl80211_policy, 6455 /* can be retrieved by unprivileged users */ 6456 }, 6457 { 6458 .cmd = NL80211_CMD_SET_REG, 6459 .doit = nl80211_set_reg, 6460 .policy = nl80211_policy, 6461 .flags = GENL_ADMIN_PERM, 6462 }, 6463 { 6464 .cmd = NL80211_CMD_REQ_SET_REG, 6465 .doit = nl80211_req_set_reg, 6466 .policy = nl80211_policy, 6467 .flags = GENL_ADMIN_PERM, 6468 }, 6469 { 6470 .cmd = NL80211_CMD_GET_MESH_CONFIG, 6471 .doit = nl80211_get_mesh_config, 6472 .policy = nl80211_policy, 6473 /* can be retrieved by unprivileged users */ 6474 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6475 NL80211_FLAG_NEED_RTNL, 6476 }, 6477 { 6478 .cmd = NL80211_CMD_SET_MESH_CONFIG, 6479 .doit = nl80211_update_mesh_config, 6480 .policy = nl80211_policy, 6481 .flags = GENL_ADMIN_PERM, 6482 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6483 NL80211_FLAG_NEED_RTNL, 6484 }, 6485 { 6486 .cmd = NL80211_CMD_TRIGGER_SCAN, 6487 .doit = nl80211_trigger_scan, 6488 .policy = nl80211_policy, 6489 .flags = GENL_ADMIN_PERM, 6490 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6491 NL80211_FLAG_NEED_RTNL, 6492 }, 6493 { 6494 .cmd = NL80211_CMD_GET_SCAN, 6495 .policy = nl80211_policy, 6496 .dumpit = nl80211_dump_scan, 6497 }, 6498 { 6499 .cmd = NL80211_CMD_START_SCHED_SCAN, 6500 .doit = nl80211_start_sched_scan, 6501 .policy = nl80211_policy, 6502 .flags = GENL_ADMIN_PERM, 6503 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6504 NL80211_FLAG_NEED_RTNL, 6505 }, 6506 { 6507 .cmd = NL80211_CMD_STOP_SCHED_SCAN, 6508 .doit = nl80211_stop_sched_scan, 6509 .policy = nl80211_policy, 6510 .flags = GENL_ADMIN_PERM, 6511 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6512 NL80211_FLAG_NEED_RTNL, 6513 }, 6514 { 6515 .cmd = NL80211_CMD_AUTHENTICATE, 6516 .doit = nl80211_authenticate, 6517 .policy = nl80211_policy, 6518 .flags = GENL_ADMIN_PERM, 6519 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6520 NL80211_FLAG_NEED_RTNL, 6521 }, 6522 { 6523 .cmd = NL80211_CMD_ASSOCIATE, 6524 .doit = nl80211_associate, 6525 .policy = nl80211_policy, 6526 .flags = GENL_ADMIN_PERM, 6527 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6528 NL80211_FLAG_NEED_RTNL, 6529 }, 6530 { 6531 .cmd = NL80211_CMD_DEAUTHENTICATE, 6532 .doit = nl80211_deauthenticate, 6533 .policy = nl80211_policy, 6534 .flags = GENL_ADMIN_PERM, 6535 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6536 NL80211_FLAG_NEED_RTNL, 6537 }, 6538 { 6539 .cmd = NL80211_CMD_DISASSOCIATE, 6540 .doit = nl80211_disassociate, 6541 .policy = nl80211_policy, 6542 .flags = GENL_ADMIN_PERM, 6543 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6544 NL80211_FLAG_NEED_RTNL, 6545 }, 6546 { 6547 .cmd = NL80211_CMD_JOIN_IBSS, 6548 .doit = nl80211_join_ibss, 6549 .policy = nl80211_policy, 6550 .flags = GENL_ADMIN_PERM, 6551 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6552 NL80211_FLAG_NEED_RTNL, 6553 }, 6554 { 6555 .cmd = NL80211_CMD_LEAVE_IBSS, 6556 .doit = nl80211_leave_ibss, 6557 .policy = nl80211_policy, 6558 .flags = GENL_ADMIN_PERM, 6559 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6560 NL80211_FLAG_NEED_RTNL, 6561 }, 6562 #ifdef CONFIG_NL80211_TESTMODE 6563 { 6564 .cmd = NL80211_CMD_TESTMODE, 6565 .doit = nl80211_testmode_do, 6566 .dumpit = nl80211_testmode_dump, 6567 .policy = nl80211_policy, 6568 .flags = GENL_ADMIN_PERM, 6569 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6570 NL80211_FLAG_NEED_RTNL, 6571 }, 6572 #endif 6573 { 6574 .cmd = NL80211_CMD_CONNECT, 6575 .doit = nl80211_connect, 6576 .policy = nl80211_policy, 6577 .flags = GENL_ADMIN_PERM, 6578 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6579 NL80211_FLAG_NEED_RTNL, 6580 }, 6581 { 6582 .cmd = NL80211_CMD_DISCONNECT, 6583 .doit = nl80211_disconnect, 6584 .policy = nl80211_policy, 6585 .flags = GENL_ADMIN_PERM, 6586 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6587 NL80211_FLAG_NEED_RTNL, 6588 }, 6589 { 6590 .cmd = NL80211_CMD_SET_WIPHY_NETNS, 6591 .doit = nl80211_wiphy_netns, 6592 .policy = nl80211_policy, 6593 .flags = GENL_ADMIN_PERM, 6594 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6595 NL80211_FLAG_NEED_RTNL, 6596 }, 6597 { 6598 .cmd = NL80211_CMD_GET_SURVEY, 6599 .policy = nl80211_policy, 6600 .dumpit = nl80211_dump_survey, 6601 }, 6602 { 6603 .cmd = NL80211_CMD_SET_PMKSA, 6604 .doit = nl80211_setdel_pmksa, 6605 .policy = nl80211_policy, 6606 .flags = GENL_ADMIN_PERM, 6607 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6608 NL80211_FLAG_NEED_RTNL, 6609 }, 6610 { 6611 .cmd = NL80211_CMD_DEL_PMKSA, 6612 .doit = nl80211_setdel_pmksa, 6613 .policy = nl80211_policy, 6614 .flags = GENL_ADMIN_PERM, 6615 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6616 NL80211_FLAG_NEED_RTNL, 6617 }, 6618 { 6619 .cmd = NL80211_CMD_FLUSH_PMKSA, 6620 .doit = nl80211_flush_pmksa, 6621 .policy = nl80211_policy, 6622 .flags = GENL_ADMIN_PERM, 6623 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6624 NL80211_FLAG_NEED_RTNL, 6625 }, 6626 { 6627 .cmd = NL80211_CMD_REMAIN_ON_CHANNEL, 6628 .doit = nl80211_remain_on_channel, 6629 .policy = nl80211_policy, 6630 .flags = GENL_ADMIN_PERM, 6631 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6632 NL80211_FLAG_NEED_RTNL, 6633 }, 6634 { 6635 .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 6636 .doit = nl80211_cancel_remain_on_channel, 6637 .policy = nl80211_policy, 6638 .flags = GENL_ADMIN_PERM, 6639 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6640 NL80211_FLAG_NEED_RTNL, 6641 }, 6642 { 6643 .cmd = NL80211_CMD_SET_TX_BITRATE_MASK, 6644 .doit = nl80211_set_tx_bitrate_mask, 6645 .policy = nl80211_policy, 6646 .flags = GENL_ADMIN_PERM, 6647 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6648 NL80211_FLAG_NEED_RTNL, 6649 }, 6650 { 6651 .cmd = NL80211_CMD_REGISTER_FRAME, 6652 .doit = nl80211_register_mgmt, 6653 .policy = nl80211_policy, 6654 .flags = GENL_ADMIN_PERM, 6655 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6656 NL80211_FLAG_NEED_RTNL, 6657 }, 6658 { 6659 .cmd = NL80211_CMD_FRAME, 6660 .doit = nl80211_tx_mgmt, 6661 .policy = nl80211_policy, 6662 .flags = GENL_ADMIN_PERM, 6663 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6664 NL80211_FLAG_NEED_RTNL, 6665 }, 6666 { 6667 .cmd = NL80211_CMD_FRAME_WAIT_CANCEL, 6668 .doit = nl80211_tx_mgmt_cancel_wait, 6669 .policy = nl80211_policy, 6670 .flags = GENL_ADMIN_PERM, 6671 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6672 NL80211_FLAG_NEED_RTNL, 6673 }, 6674 { 6675 .cmd = NL80211_CMD_SET_POWER_SAVE, 6676 .doit = nl80211_set_power_save, 6677 .policy = nl80211_policy, 6678 .flags = GENL_ADMIN_PERM, 6679 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6680 NL80211_FLAG_NEED_RTNL, 6681 }, 6682 { 6683 .cmd = NL80211_CMD_GET_POWER_SAVE, 6684 .doit = nl80211_get_power_save, 6685 .policy = nl80211_policy, 6686 /* can be retrieved by unprivileged users */ 6687 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6688 NL80211_FLAG_NEED_RTNL, 6689 }, 6690 { 6691 .cmd = NL80211_CMD_SET_CQM, 6692 .doit = nl80211_set_cqm, 6693 .policy = nl80211_policy, 6694 .flags = GENL_ADMIN_PERM, 6695 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6696 NL80211_FLAG_NEED_RTNL, 6697 }, 6698 { 6699 .cmd = NL80211_CMD_SET_CHANNEL, 6700 .doit = nl80211_set_channel, 6701 .policy = nl80211_policy, 6702 .flags = GENL_ADMIN_PERM, 6703 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6704 NL80211_FLAG_NEED_RTNL, 6705 }, 6706 { 6707 .cmd = NL80211_CMD_SET_WDS_PEER, 6708 .doit = nl80211_set_wds_peer, 6709 .policy = nl80211_policy, 6710 .flags = GENL_ADMIN_PERM, 6711 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6712 NL80211_FLAG_NEED_RTNL, 6713 }, 6714 { 6715 .cmd = NL80211_CMD_JOIN_MESH, 6716 .doit = nl80211_join_mesh, 6717 .policy = nl80211_policy, 6718 .flags = GENL_ADMIN_PERM, 6719 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6720 NL80211_FLAG_NEED_RTNL, 6721 }, 6722 { 6723 .cmd = NL80211_CMD_LEAVE_MESH, 6724 .doit = nl80211_leave_mesh, 6725 .policy = nl80211_policy, 6726 .flags = GENL_ADMIN_PERM, 6727 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6728 NL80211_FLAG_NEED_RTNL, 6729 }, 6730 { 6731 .cmd = NL80211_CMD_GET_WOWLAN, 6732 .doit = nl80211_get_wowlan, 6733 .policy = nl80211_policy, 6734 /* can be retrieved by unprivileged users */ 6735 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6736 NL80211_FLAG_NEED_RTNL, 6737 }, 6738 { 6739 .cmd = NL80211_CMD_SET_WOWLAN, 6740 .doit = nl80211_set_wowlan, 6741 .policy = nl80211_policy, 6742 .flags = GENL_ADMIN_PERM, 6743 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6744 NL80211_FLAG_NEED_RTNL, 6745 }, 6746 { 6747 .cmd = NL80211_CMD_SET_REKEY_OFFLOAD, 6748 .doit = nl80211_set_rekey_data, 6749 .policy = nl80211_policy, 6750 .flags = GENL_ADMIN_PERM, 6751 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6752 NL80211_FLAG_NEED_RTNL, 6753 }, 6754 { 6755 .cmd = NL80211_CMD_TDLS_MGMT, 6756 .doit = nl80211_tdls_mgmt, 6757 .policy = nl80211_policy, 6758 .flags = GENL_ADMIN_PERM, 6759 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6760 NL80211_FLAG_NEED_RTNL, 6761 }, 6762 { 6763 .cmd = NL80211_CMD_TDLS_OPER, 6764 .doit = nl80211_tdls_oper, 6765 .policy = nl80211_policy, 6766 .flags = GENL_ADMIN_PERM, 6767 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6768 NL80211_FLAG_NEED_RTNL, 6769 }, 6770 { 6771 .cmd = NL80211_CMD_UNEXPECTED_FRAME, 6772 .doit = nl80211_register_unexpected_frame, 6773 .policy = nl80211_policy, 6774 .flags = GENL_ADMIN_PERM, 6775 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6776 NL80211_FLAG_NEED_RTNL, 6777 }, 6778 { 6779 .cmd = NL80211_CMD_PROBE_CLIENT, 6780 .doit = nl80211_probe_client, 6781 .policy = nl80211_policy, 6782 .flags = GENL_ADMIN_PERM, 6783 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6784 NL80211_FLAG_NEED_RTNL, 6785 }, 6786 { 6787 .cmd = NL80211_CMD_REGISTER_BEACONS, 6788 .doit = nl80211_register_beacons, 6789 .policy = nl80211_policy, 6790 .flags = GENL_ADMIN_PERM, 6791 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6792 NL80211_FLAG_NEED_RTNL, 6793 }, 6794 { 6795 .cmd = NL80211_CMD_SET_NOACK_MAP, 6796 .doit = nl80211_set_noack_map, 6797 .policy = nl80211_policy, 6798 .flags = GENL_ADMIN_PERM, 6799 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6800 NL80211_FLAG_NEED_RTNL, 6801 }, 6802 6803 }; 6804 6805 static struct genl_multicast_group nl80211_mlme_mcgrp = { 6806 .name = "mlme", 6807 }; 6808 6809 /* multicast groups */ 6810 static struct genl_multicast_group nl80211_config_mcgrp = { 6811 .name = "config", 6812 }; 6813 static struct genl_multicast_group nl80211_scan_mcgrp = { 6814 .name = "scan", 6815 }; 6816 static struct genl_multicast_group nl80211_regulatory_mcgrp = { 6817 .name = "regulatory", 6818 }; 6819 6820 /* notification functions */ 6821 6822 void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev) 6823 { 6824 struct sk_buff *msg; 6825 6826 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6827 if (!msg) 6828 return; 6829 6830 if (nl80211_send_wiphy(msg, 0, 0, 0, rdev) < 0) { 6831 nlmsg_free(msg); 6832 return; 6833 } 6834 6835 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6836 nl80211_config_mcgrp.id, GFP_KERNEL); 6837 } 6838 6839 static int nl80211_add_scan_req(struct sk_buff *msg, 6840 struct cfg80211_registered_device *rdev) 6841 { 6842 struct cfg80211_scan_request *req = rdev->scan_req; 6843 struct nlattr *nest; 6844 int i; 6845 6846 ASSERT_RDEV_LOCK(rdev); 6847 6848 if (WARN_ON(!req)) 6849 return 0; 6850 6851 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS); 6852 if (!nest) 6853 goto nla_put_failure; 6854 for (i = 0; i < req->n_ssids; i++) 6855 NLA_PUT(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid); 6856 nla_nest_end(msg, nest); 6857 6858 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES); 6859 if (!nest) 6860 goto nla_put_failure; 6861 for (i = 0; i < req->n_channels; i++) 6862 NLA_PUT_U32(msg, i, req->channels[i]->center_freq); 6863 nla_nest_end(msg, nest); 6864 6865 if (req->ie) 6866 NLA_PUT(msg, NL80211_ATTR_IE, req->ie_len, req->ie); 6867 6868 return 0; 6869 nla_put_failure: 6870 return -ENOBUFS; 6871 } 6872 6873 static int nl80211_send_scan_msg(struct sk_buff *msg, 6874 struct cfg80211_registered_device *rdev, 6875 struct net_device *netdev, 6876 u32 pid, u32 seq, int flags, 6877 u32 cmd) 6878 { 6879 void *hdr; 6880 6881 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd); 6882 if (!hdr) 6883 return -1; 6884 6885 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6886 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6887 6888 /* ignore errors and send incomplete event anyway */ 6889 nl80211_add_scan_req(msg, rdev); 6890 6891 return genlmsg_end(msg, hdr); 6892 6893 nla_put_failure: 6894 genlmsg_cancel(msg, hdr); 6895 return -EMSGSIZE; 6896 } 6897 6898 static int 6899 nl80211_send_sched_scan_msg(struct sk_buff *msg, 6900 struct cfg80211_registered_device *rdev, 6901 struct net_device *netdev, 6902 u32 pid, u32 seq, int flags, u32 cmd) 6903 { 6904 void *hdr; 6905 6906 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd); 6907 if (!hdr) 6908 return -1; 6909 6910 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6911 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6912 6913 return genlmsg_end(msg, hdr); 6914 6915 nla_put_failure: 6916 genlmsg_cancel(msg, hdr); 6917 return -EMSGSIZE; 6918 } 6919 6920 void nl80211_send_scan_start(struct cfg80211_registered_device *rdev, 6921 struct net_device *netdev) 6922 { 6923 struct sk_buff *msg; 6924 6925 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 6926 if (!msg) 6927 return; 6928 6929 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 6930 NL80211_CMD_TRIGGER_SCAN) < 0) { 6931 nlmsg_free(msg); 6932 return; 6933 } 6934 6935 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6936 nl80211_scan_mcgrp.id, GFP_KERNEL); 6937 } 6938 6939 void nl80211_send_scan_done(struct cfg80211_registered_device *rdev, 6940 struct net_device *netdev) 6941 { 6942 struct sk_buff *msg; 6943 6944 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6945 if (!msg) 6946 return; 6947 6948 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 6949 NL80211_CMD_NEW_SCAN_RESULTS) < 0) { 6950 nlmsg_free(msg); 6951 return; 6952 } 6953 6954 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6955 nl80211_scan_mcgrp.id, GFP_KERNEL); 6956 } 6957 6958 void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev, 6959 struct net_device *netdev) 6960 { 6961 struct sk_buff *msg; 6962 6963 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6964 if (!msg) 6965 return; 6966 6967 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 6968 NL80211_CMD_SCAN_ABORTED) < 0) { 6969 nlmsg_free(msg); 6970 return; 6971 } 6972 6973 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6974 nl80211_scan_mcgrp.id, GFP_KERNEL); 6975 } 6976 6977 void nl80211_send_sched_scan_results(struct cfg80211_registered_device *rdev, 6978 struct net_device *netdev) 6979 { 6980 struct sk_buff *msg; 6981 6982 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6983 if (!msg) 6984 return; 6985 6986 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0, 6987 NL80211_CMD_SCHED_SCAN_RESULTS) < 0) { 6988 nlmsg_free(msg); 6989 return; 6990 } 6991 6992 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6993 nl80211_scan_mcgrp.id, GFP_KERNEL); 6994 } 6995 6996 void nl80211_send_sched_scan(struct cfg80211_registered_device *rdev, 6997 struct net_device *netdev, u32 cmd) 6998 { 6999 struct sk_buff *msg; 7000 7001 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 7002 if (!msg) 7003 return; 7004 7005 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0, cmd) < 0) { 7006 nlmsg_free(msg); 7007 return; 7008 } 7009 7010 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7011 nl80211_scan_mcgrp.id, GFP_KERNEL); 7012 } 7013 7014 /* 7015 * This can happen on global regulatory changes or device specific settings 7016 * based on custom world regulatory domains. 7017 */ 7018 void nl80211_send_reg_change_event(struct regulatory_request *request) 7019 { 7020 struct sk_buff *msg; 7021 void *hdr; 7022 7023 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 7024 if (!msg) 7025 return; 7026 7027 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_CHANGE); 7028 if (!hdr) { 7029 nlmsg_free(msg); 7030 return; 7031 } 7032 7033 /* Userspace can always count this one always being set */ 7034 NLA_PUT_U8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator); 7035 7036 if (request->alpha2[0] == '0' && request->alpha2[1] == '0') 7037 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 7038 NL80211_REGDOM_TYPE_WORLD); 7039 else if (request->alpha2[0] == '9' && request->alpha2[1] == '9') 7040 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 7041 NL80211_REGDOM_TYPE_CUSTOM_WORLD); 7042 else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') || 7043 request->intersect) 7044 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 7045 NL80211_REGDOM_TYPE_INTERSECTION); 7046 else { 7047 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 7048 NL80211_REGDOM_TYPE_COUNTRY); 7049 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, request->alpha2); 7050 } 7051 7052 if (wiphy_idx_valid(request->wiphy_idx)) 7053 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx); 7054 7055 genlmsg_end(msg, hdr); 7056 7057 rcu_read_lock(); 7058 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 7059 GFP_ATOMIC); 7060 rcu_read_unlock(); 7061 7062 return; 7063 7064 nla_put_failure: 7065 genlmsg_cancel(msg, hdr); 7066 nlmsg_free(msg); 7067 } 7068 7069 static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev, 7070 struct net_device *netdev, 7071 const u8 *buf, size_t len, 7072 enum nl80211_commands cmd, gfp_t gfp) 7073 { 7074 struct sk_buff *msg; 7075 void *hdr; 7076 7077 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7078 if (!msg) 7079 return; 7080 7081 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 7082 if (!hdr) { 7083 nlmsg_free(msg); 7084 return; 7085 } 7086 7087 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7088 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7089 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 7090 7091 genlmsg_end(msg, hdr); 7092 7093 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7094 nl80211_mlme_mcgrp.id, gfp); 7095 return; 7096 7097 nla_put_failure: 7098 genlmsg_cancel(msg, hdr); 7099 nlmsg_free(msg); 7100 } 7101 7102 void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev, 7103 struct net_device *netdev, const u8 *buf, 7104 size_t len, gfp_t gfp) 7105 { 7106 nl80211_send_mlme_event(rdev, netdev, buf, len, 7107 NL80211_CMD_AUTHENTICATE, gfp); 7108 } 7109 7110 void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev, 7111 struct net_device *netdev, const u8 *buf, 7112 size_t len, gfp_t gfp) 7113 { 7114 nl80211_send_mlme_event(rdev, netdev, buf, len, 7115 NL80211_CMD_ASSOCIATE, gfp); 7116 } 7117 7118 void nl80211_send_deauth(struct cfg80211_registered_device *rdev, 7119 struct net_device *netdev, const u8 *buf, 7120 size_t len, gfp_t gfp) 7121 { 7122 nl80211_send_mlme_event(rdev, netdev, buf, len, 7123 NL80211_CMD_DEAUTHENTICATE, gfp); 7124 } 7125 7126 void nl80211_send_disassoc(struct cfg80211_registered_device *rdev, 7127 struct net_device *netdev, const u8 *buf, 7128 size_t len, gfp_t gfp) 7129 { 7130 nl80211_send_mlme_event(rdev, netdev, buf, len, 7131 NL80211_CMD_DISASSOCIATE, gfp); 7132 } 7133 7134 void nl80211_send_unprot_deauth(struct cfg80211_registered_device *rdev, 7135 struct net_device *netdev, const u8 *buf, 7136 size_t len, gfp_t gfp) 7137 { 7138 nl80211_send_mlme_event(rdev, netdev, buf, len, 7139 NL80211_CMD_UNPROT_DEAUTHENTICATE, gfp); 7140 } 7141 7142 void nl80211_send_unprot_disassoc(struct cfg80211_registered_device *rdev, 7143 struct net_device *netdev, const u8 *buf, 7144 size_t len, gfp_t gfp) 7145 { 7146 nl80211_send_mlme_event(rdev, netdev, buf, len, 7147 NL80211_CMD_UNPROT_DISASSOCIATE, gfp); 7148 } 7149 7150 static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev, 7151 struct net_device *netdev, int cmd, 7152 const u8 *addr, gfp_t gfp) 7153 { 7154 struct sk_buff *msg; 7155 void *hdr; 7156 7157 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7158 if (!msg) 7159 return; 7160 7161 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 7162 if (!hdr) { 7163 nlmsg_free(msg); 7164 return; 7165 } 7166 7167 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7168 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7169 NLA_PUT_FLAG(msg, NL80211_ATTR_TIMED_OUT); 7170 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 7171 7172 genlmsg_end(msg, hdr); 7173 7174 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7175 nl80211_mlme_mcgrp.id, gfp); 7176 return; 7177 7178 nla_put_failure: 7179 genlmsg_cancel(msg, hdr); 7180 nlmsg_free(msg); 7181 } 7182 7183 void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev, 7184 struct net_device *netdev, const u8 *addr, 7185 gfp_t gfp) 7186 { 7187 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE, 7188 addr, gfp); 7189 } 7190 7191 void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev, 7192 struct net_device *netdev, const u8 *addr, 7193 gfp_t gfp) 7194 { 7195 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE, 7196 addr, gfp); 7197 } 7198 7199 void nl80211_send_connect_result(struct cfg80211_registered_device *rdev, 7200 struct net_device *netdev, const u8 *bssid, 7201 const u8 *req_ie, size_t req_ie_len, 7202 const u8 *resp_ie, size_t resp_ie_len, 7203 u16 status, gfp_t gfp) 7204 { 7205 struct sk_buff *msg; 7206 void *hdr; 7207 7208 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7209 if (!msg) 7210 return; 7211 7212 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT); 7213 if (!hdr) { 7214 nlmsg_free(msg); 7215 return; 7216 } 7217 7218 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7219 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7220 if (bssid) 7221 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 7222 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status); 7223 if (req_ie) 7224 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 7225 if (resp_ie) 7226 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 7227 7228 genlmsg_end(msg, hdr); 7229 7230 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7231 nl80211_mlme_mcgrp.id, gfp); 7232 return; 7233 7234 nla_put_failure: 7235 genlmsg_cancel(msg, hdr); 7236 nlmsg_free(msg); 7237 7238 } 7239 7240 void nl80211_send_roamed(struct cfg80211_registered_device *rdev, 7241 struct net_device *netdev, const u8 *bssid, 7242 const u8 *req_ie, size_t req_ie_len, 7243 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp) 7244 { 7245 struct sk_buff *msg; 7246 void *hdr; 7247 7248 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7249 if (!msg) 7250 return; 7251 7252 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM); 7253 if (!hdr) { 7254 nlmsg_free(msg); 7255 return; 7256 } 7257 7258 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7259 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7260 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 7261 if (req_ie) 7262 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 7263 if (resp_ie) 7264 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 7265 7266 genlmsg_end(msg, hdr); 7267 7268 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7269 nl80211_mlme_mcgrp.id, gfp); 7270 return; 7271 7272 nla_put_failure: 7273 genlmsg_cancel(msg, hdr); 7274 nlmsg_free(msg); 7275 7276 } 7277 7278 void nl80211_send_disconnected(struct cfg80211_registered_device *rdev, 7279 struct net_device *netdev, u16 reason, 7280 const u8 *ie, size_t ie_len, bool from_ap) 7281 { 7282 struct sk_buff *msg; 7283 void *hdr; 7284 7285 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 7286 if (!msg) 7287 return; 7288 7289 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT); 7290 if (!hdr) { 7291 nlmsg_free(msg); 7292 return; 7293 } 7294 7295 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7296 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7297 if (from_ap && reason) 7298 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason); 7299 if (from_ap) 7300 NLA_PUT_FLAG(msg, NL80211_ATTR_DISCONNECTED_BY_AP); 7301 if (ie) 7302 NLA_PUT(msg, NL80211_ATTR_IE, ie_len, ie); 7303 7304 genlmsg_end(msg, hdr); 7305 7306 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7307 nl80211_mlme_mcgrp.id, GFP_KERNEL); 7308 return; 7309 7310 nla_put_failure: 7311 genlmsg_cancel(msg, hdr); 7312 nlmsg_free(msg); 7313 7314 } 7315 7316 void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev, 7317 struct net_device *netdev, const u8 *bssid, 7318 gfp_t gfp) 7319 { 7320 struct sk_buff *msg; 7321 void *hdr; 7322 7323 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7324 if (!msg) 7325 return; 7326 7327 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS); 7328 if (!hdr) { 7329 nlmsg_free(msg); 7330 return; 7331 } 7332 7333 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7334 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7335 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 7336 7337 genlmsg_end(msg, hdr); 7338 7339 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7340 nl80211_mlme_mcgrp.id, gfp); 7341 return; 7342 7343 nla_put_failure: 7344 genlmsg_cancel(msg, hdr); 7345 nlmsg_free(msg); 7346 } 7347 7348 void nl80211_send_new_peer_candidate(struct cfg80211_registered_device *rdev, 7349 struct net_device *netdev, 7350 const u8 *macaddr, const u8* ie, u8 ie_len, 7351 gfp_t gfp) 7352 { 7353 struct sk_buff *msg; 7354 void *hdr; 7355 7356 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7357 if (!msg) 7358 return; 7359 7360 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NEW_PEER_CANDIDATE); 7361 if (!hdr) { 7362 nlmsg_free(msg); 7363 return; 7364 } 7365 7366 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7367 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7368 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, macaddr); 7369 if (ie_len && ie) 7370 NLA_PUT(msg, NL80211_ATTR_IE, ie_len , ie); 7371 7372 genlmsg_end(msg, hdr); 7373 7374 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7375 nl80211_mlme_mcgrp.id, gfp); 7376 return; 7377 7378 nla_put_failure: 7379 genlmsg_cancel(msg, hdr); 7380 nlmsg_free(msg); 7381 } 7382 7383 void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev, 7384 struct net_device *netdev, const u8 *addr, 7385 enum nl80211_key_type key_type, int key_id, 7386 const u8 *tsc, gfp_t gfp) 7387 { 7388 struct sk_buff *msg; 7389 void *hdr; 7390 7391 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7392 if (!msg) 7393 return; 7394 7395 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE); 7396 if (!hdr) { 7397 nlmsg_free(msg); 7398 return; 7399 } 7400 7401 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7402 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7403 if (addr) 7404 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 7405 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE, key_type); 7406 if (key_id != -1) 7407 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_id); 7408 if (tsc) 7409 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, 6, tsc); 7410 7411 genlmsg_end(msg, hdr); 7412 7413 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7414 nl80211_mlme_mcgrp.id, gfp); 7415 return; 7416 7417 nla_put_failure: 7418 genlmsg_cancel(msg, hdr); 7419 nlmsg_free(msg); 7420 } 7421 7422 void nl80211_send_beacon_hint_event(struct wiphy *wiphy, 7423 struct ieee80211_channel *channel_before, 7424 struct ieee80211_channel *channel_after) 7425 { 7426 struct sk_buff *msg; 7427 void *hdr; 7428 struct nlattr *nl_freq; 7429 7430 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 7431 if (!msg) 7432 return; 7433 7434 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT); 7435 if (!hdr) { 7436 nlmsg_free(msg); 7437 return; 7438 } 7439 7440 /* 7441 * Since we are applying the beacon hint to a wiphy we know its 7442 * wiphy_idx is valid 7443 */ 7444 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)); 7445 7446 /* Before */ 7447 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE); 7448 if (!nl_freq) 7449 goto nla_put_failure; 7450 if (nl80211_msg_put_channel(msg, channel_before)) 7451 goto nla_put_failure; 7452 nla_nest_end(msg, nl_freq); 7453 7454 /* After */ 7455 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER); 7456 if (!nl_freq) 7457 goto nla_put_failure; 7458 if (nl80211_msg_put_channel(msg, channel_after)) 7459 goto nla_put_failure; 7460 nla_nest_end(msg, nl_freq); 7461 7462 genlmsg_end(msg, hdr); 7463 7464 rcu_read_lock(); 7465 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 7466 GFP_ATOMIC); 7467 rcu_read_unlock(); 7468 7469 return; 7470 7471 nla_put_failure: 7472 genlmsg_cancel(msg, hdr); 7473 nlmsg_free(msg); 7474 } 7475 7476 static void nl80211_send_remain_on_chan_event( 7477 int cmd, struct cfg80211_registered_device *rdev, 7478 struct net_device *netdev, u64 cookie, 7479 struct ieee80211_channel *chan, 7480 enum nl80211_channel_type channel_type, 7481 unsigned int duration, gfp_t gfp) 7482 { 7483 struct sk_buff *msg; 7484 void *hdr; 7485 7486 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7487 if (!msg) 7488 return; 7489 7490 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 7491 if (!hdr) { 7492 nlmsg_free(msg); 7493 return; 7494 } 7495 7496 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7497 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7498 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq); 7499 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, channel_type); 7500 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 7501 7502 if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL) 7503 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration); 7504 7505 genlmsg_end(msg, hdr); 7506 7507 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7508 nl80211_mlme_mcgrp.id, gfp); 7509 return; 7510 7511 nla_put_failure: 7512 genlmsg_cancel(msg, hdr); 7513 nlmsg_free(msg); 7514 } 7515 7516 void nl80211_send_remain_on_channel(struct cfg80211_registered_device *rdev, 7517 struct net_device *netdev, u64 cookie, 7518 struct ieee80211_channel *chan, 7519 enum nl80211_channel_type channel_type, 7520 unsigned int duration, gfp_t gfp) 7521 { 7522 nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL, 7523 rdev, netdev, cookie, chan, 7524 channel_type, duration, gfp); 7525 } 7526 7527 void nl80211_send_remain_on_channel_cancel( 7528 struct cfg80211_registered_device *rdev, struct net_device *netdev, 7529 u64 cookie, struct ieee80211_channel *chan, 7530 enum nl80211_channel_type channel_type, gfp_t gfp) 7531 { 7532 nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 7533 rdev, netdev, cookie, chan, 7534 channel_type, 0, gfp); 7535 } 7536 7537 void nl80211_send_sta_event(struct cfg80211_registered_device *rdev, 7538 struct net_device *dev, const u8 *mac_addr, 7539 struct station_info *sinfo, gfp_t gfp) 7540 { 7541 struct sk_buff *msg; 7542 7543 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7544 if (!msg) 7545 return; 7546 7547 if (nl80211_send_station(msg, 0, 0, 0, dev, mac_addr, sinfo) < 0) { 7548 nlmsg_free(msg); 7549 return; 7550 } 7551 7552 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7553 nl80211_mlme_mcgrp.id, gfp); 7554 } 7555 7556 void nl80211_send_sta_del_event(struct cfg80211_registered_device *rdev, 7557 struct net_device *dev, const u8 *mac_addr, 7558 gfp_t gfp) 7559 { 7560 struct sk_buff *msg; 7561 void *hdr; 7562 7563 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7564 if (!msg) 7565 return; 7566 7567 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DEL_STATION); 7568 if (!hdr) { 7569 nlmsg_free(msg); 7570 return; 7571 } 7572 7573 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 7574 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 7575 7576 genlmsg_end(msg, hdr); 7577 7578 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7579 nl80211_mlme_mcgrp.id, gfp); 7580 return; 7581 7582 nla_put_failure: 7583 genlmsg_cancel(msg, hdr); 7584 nlmsg_free(msg); 7585 } 7586 7587 static bool __nl80211_unexpected_frame(struct net_device *dev, u8 cmd, 7588 const u8 *addr, gfp_t gfp) 7589 { 7590 struct wireless_dev *wdev = dev->ieee80211_ptr; 7591 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy); 7592 struct sk_buff *msg; 7593 void *hdr; 7594 int err; 7595 u32 nlpid = ACCESS_ONCE(wdev->ap_unexpected_nlpid); 7596 7597 if (!nlpid) 7598 return false; 7599 7600 msg = nlmsg_new(100, gfp); 7601 if (!msg) 7602 return true; 7603 7604 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 7605 if (!hdr) { 7606 nlmsg_free(msg); 7607 return true; 7608 } 7609 7610 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7611 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 7612 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 7613 7614 err = genlmsg_end(msg, hdr); 7615 if (err < 0) { 7616 nlmsg_free(msg); 7617 return true; 7618 } 7619 7620 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 7621 return true; 7622 7623 nla_put_failure: 7624 genlmsg_cancel(msg, hdr); 7625 nlmsg_free(msg); 7626 return true; 7627 } 7628 7629 bool nl80211_unexpected_frame(struct net_device *dev, const u8 *addr, gfp_t gfp) 7630 { 7631 return __nl80211_unexpected_frame(dev, NL80211_CMD_UNEXPECTED_FRAME, 7632 addr, gfp); 7633 } 7634 7635 bool nl80211_unexpected_4addr_frame(struct net_device *dev, 7636 const u8 *addr, gfp_t gfp) 7637 { 7638 return __nl80211_unexpected_frame(dev, 7639 NL80211_CMD_UNEXPECTED_4ADDR_FRAME, 7640 addr, gfp); 7641 } 7642 7643 int nl80211_send_mgmt(struct cfg80211_registered_device *rdev, 7644 struct net_device *netdev, u32 nlpid, 7645 int freq, const u8 *buf, size_t len, gfp_t gfp) 7646 { 7647 struct sk_buff *msg; 7648 void *hdr; 7649 7650 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7651 if (!msg) 7652 return -ENOMEM; 7653 7654 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME); 7655 if (!hdr) { 7656 nlmsg_free(msg); 7657 return -ENOMEM; 7658 } 7659 7660 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7661 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7662 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq); 7663 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 7664 7665 genlmsg_end(msg, hdr); 7666 7667 return genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 7668 7669 nla_put_failure: 7670 genlmsg_cancel(msg, hdr); 7671 nlmsg_free(msg); 7672 return -ENOBUFS; 7673 } 7674 7675 void nl80211_send_mgmt_tx_status(struct cfg80211_registered_device *rdev, 7676 struct net_device *netdev, u64 cookie, 7677 const u8 *buf, size_t len, bool ack, 7678 gfp_t gfp) 7679 { 7680 struct sk_buff *msg; 7681 void *hdr; 7682 7683 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7684 if (!msg) 7685 return; 7686 7687 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME_TX_STATUS); 7688 if (!hdr) { 7689 nlmsg_free(msg); 7690 return; 7691 } 7692 7693 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7694 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7695 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 7696 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 7697 if (ack) 7698 NLA_PUT_FLAG(msg, NL80211_ATTR_ACK); 7699 7700 genlmsg_end(msg, hdr); 7701 7702 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp); 7703 return; 7704 7705 nla_put_failure: 7706 genlmsg_cancel(msg, hdr); 7707 nlmsg_free(msg); 7708 } 7709 7710 void 7711 nl80211_send_cqm_rssi_notify(struct cfg80211_registered_device *rdev, 7712 struct net_device *netdev, 7713 enum nl80211_cqm_rssi_threshold_event rssi_event, 7714 gfp_t gfp) 7715 { 7716 struct sk_buff *msg; 7717 struct nlattr *pinfoattr; 7718 void *hdr; 7719 7720 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7721 if (!msg) 7722 return; 7723 7724 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM); 7725 if (!hdr) { 7726 nlmsg_free(msg); 7727 return; 7728 } 7729 7730 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7731 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7732 7733 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM); 7734 if (!pinfoattr) 7735 goto nla_put_failure; 7736 7737 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT, 7738 rssi_event); 7739 7740 nla_nest_end(msg, pinfoattr); 7741 7742 genlmsg_end(msg, hdr); 7743 7744 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7745 nl80211_mlme_mcgrp.id, gfp); 7746 return; 7747 7748 nla_put_failure: 7749 genlmsg_cancel(msg, hdr); 7750 nlmsg_free(msg); 7751 } 7752 7753 void nl80211_gtk_rekey_notify(struct cfg80211_registered_device *rdev, 7754 struct net_device *netdev, const u8 *bssid, 7755 const u8 *replay_ctr, gfp_t gfp) 7756 { 7757 struct sk_buff *msg; 7758 struct nlattr *rekey_attr; 7759 void *hdr; 7760 7761 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7762 if (!msg) 7763 return; 7764 7765 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_REKEY_OFFLOAD); 7766 if (!hdr) { 7767 nlmsg_free(msg); 7768 return; 7769 } 7770 7771 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7772 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7773 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 7774 7775 rekey_attr = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA); 7776 if (!rekey_attr) 7777 goto nla_put_failure; 7778 7779 NLA_PUT(msg, NL80211_REKEY_DATA_REPLAY_CTR, 7780 NL80211_REPLAY_CTR_LEN, replay_ctr); 7781 7782 nla_nest_end(msg, rekey_attr); 7783 7784 genlmsg_end(msg, hdr); 7785 7786 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7787 nl80211_mlme_mcgrp.id, gfp); 7788 return; 7789 7790 nla_put_failure: 7791 genlmsg_cancel(msg, hdr); 7792 nlmsg_free(msg); 7793 } 7794 7795 void nl80211_pmksa_candidate_notify(struct cfg80211_registered_device *rdev, 7796 struct net_device *netdev, int index, 7797 const u8 *bssid, bool preauth, gfp_t gfp) 7798 { 7799 struct sk_buff *msg; 7800 struct nlattr *attr; 7801 void *hdr; 7802 7803 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7804 if (!msg) 7805 return; 7806 7807 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PMKSA_CANDIDATE); 7808 if (!hdr) { 7809 nlmsg_free(msg); 7810 return; 7811 } 7812 7813 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7814 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7815 7816 attr = nla_nest_start(msg, NL80211_ATTR_PMKSA_CANDIDATE); 7817 if (!attr) 7818 goto nla_put_failure; 7819 7820 NLA_PUT_U32(msg, NL80211_PMKSA_CANDIDATE_INDEX, index); 7821 NLA_PUT(msg, NL80211_PMKSA_CANDIDATE_BSSID, ETH_ALEN, bssid); 7822 if (preauth) 7823 NLA_PUT_FLAG(msg, NL80211_PMKSA_CANDIDATE_PREAUTH); 7824 7825 nla_nest_end(msg, attr); 7826 7827 genlmsg_end(msg, hdr); 7828 7829 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7830 nl80211_mlme_mcgrp.id, gfp); 7831 return; 7832 7833 nla_put_failure: 7834 genlmsg_cancel(msg, hdr); 7835 nlmsg_free(msg); 7836 } 7837 7838 void 7839 nl80211_send_cqm_pktloss_notify(struct cfg80211_registered_device *rdev, 7840 struct net_device *netdev, const u8 *peer, 7841 u32 num_packets, gfp_t gfp) 7842 { 7843 struct sk_buff *msg; 7844 struct nlattr *pinfoattr; 7845 void *hdr; 7846 7847 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7848 if (!msg) 7849 return; 7850 7851 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM); 7852 if (!hdr) { 7853 nlmsg_free(msg); 7854 return; 7855 } 7856 7857 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7858 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7859 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, peer); 7860 7861 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM); 7862 if (!pinfoattr) 7863 goto nla_put_failure; 7864 7865 NLA_PUT_U32(msg, NL80211_ATTR_CQM_PKT_LOSS_EVENT, num_packets); 7866 7867 nla_nest_end(msg, pinfoattr); 7868 7869 genlmsg_end(msg, hdr); 7870 7871 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7872 nl80211_mlme_mcgrp.id, gfp); 7873 return; 7874 7875 nla_put_failure: 7876 genlmsg_cancel(msg, hdr); 7877 nlmsg_free(msg); 7878 } 7879 7880 void cfg80211_probe_status(struct net_device *dev, const u8 *addr, 7881 u64 cookie, bool acked, gfp_t gfp) 7882 { 7883 struct wireless_dev *wdev = dev->ieee80211_ptr; 7884 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy); 7885 struct sk_buff *msg; 7886 void *hdr; 7887 int err; 7888 7889 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7890 if (!msg) 7891 return; 7892 7893 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PROBE_CLIENT); 7894 if (!hdr) { 7895 nlmsg_free(msg); 7896 return; 7897 } 7898 7899 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7900 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 7901 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 7902 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 7903 if (acked) 7904 NLA_PUT_FLAG(msg, NL80211_ATTR_ACK); 7905 7906 err = genlmsg_end(msg, hdr); 7907 if (err < 0) { 7908 nlmsg_free(msg); 7909 return; 7910 } 7911 7912 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7913 nl80211_mlme_mcgrp.id, gfp); 7914 return; 7915 7916 nla_put_failure: 7917 genlmsg_cancel(msg, hdr); 7918 nlmsg_free(msg); 7919 } 7920 EXPORT_SYMBOL(cfg80211_probe_status); 7921 7922 void cfg80211_report_obss_beacon(struct wiphy *wiphy, 7923 const u8 *frame, size_t len, 7924 int freq, gfp_t gfp) 7925 { 7926 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 7927 struct sk_buff *msg; 7928 void *hdr; 7929 u32 nlpid = ACCESS_ONCE(rdev->ap_beacons_nlpid); 7930 7931 if (!nlpid) 7932 return; 7933 7934 msg = nlmsg_new(len + 100, gfp); 7935 if (!msg) 7936 return; 7937 7938 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME); 7939 if (!hdr) { 7940 nlmsg_free(msg); 7941 return; 7942 } 7943 7944 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7945 if (freq) 7946 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq); 7947 NLA_PUT(msg, NL80211_ATTR_FRAME, len, frame); 7948 7949 genlmsg_end(msg, hdr); 7950 7951 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 7952 return; 7953 7954 nla_put_failure: 7955 genlmsg_cancel(msg, hdr); 7956 nlmsg_free(msg); 7957 } 7958 EXPORT_SYMBOL(cfg80211_report_obss_beacon); 7959 7960 static int nl80211_netlink_notify(struct notifier_block * nb, 7961 unsigned long state, 7962 void *_notify) 7963 { 7964 struct netlink_notify *notify = _notify; 7965 struct cfg80211_registered_device *rdev; 7966 struct wireless_dev *wdev; 7967 7968 if (state != NETLINK_URELEASE) 7969 return NOTIFY_DONE; 7970 7971 rcu_read_lock(); 7972 7973 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) { 7974 list_for_each_entry_rcu(wdev, &rdev->netdev_list, list) 7975 cfg80211_mlme_unregister_socket(wdev, notify->pid); 7976 if (rdev->ap_beacons_nlpid == notify->pid) 7977 rdev->ap_beacons_nlpid = 0; 7978 } 7979 7980 rcu_read_unlock(); 7981 7982 return NOTIFY_DONE; 7983 } 7984 7985 static struct notifier_block nl80211_netlink_notifier = { 7986 .notifier_call = nl80211_netlink_notify, 7987 }; 7988 7989 /* initialisation/exit functions */ 7990 7991 int nl80211_init(void) 7992 { 7993 int err; 7994 7995 err = genl_register_family_with_ops(&nl80211_fam, 7996 nl80211_ops, ARRAY_SIZE(nl80211_ops)); 7997 if (err) 7998 return err; 7999 8000 err = genl_register_mc_group(&nl80211_fam, &nl80211_config_mcgrp); 8001 if (err) 8002 goto err_out; 8003 8004 err = genl_register_mc_group(&nl80211_fam, &nl80211_scan_mcgrp); 8005 if (err) 8006 goto err_out; 8007 8008 err = genl_register_mc_group(&nl80211_fam, &nl80211_regulatory_mcgrp); 8009 if (err) 8010 goto err_out; 8011 8012 err = genl_register_mc_group(&nl80211_fam, &nl80211_mlme_mcgrp); 8013 if (err) 8014 goto err_out; 8015 8016 #ifdef CONFIG_NL80211_TESTMODE 8017 err = genl_register_mc_group(&nl80211_fam, &nl80211_testmode_mcgrp); 8018 if (err) 8019 goto err_out; 8020 #endif 8021 8022 err = netlink_register_notifier(&nl80211_netlink_notifier); 8023 if (err) 8024 goto err_out; 8025 8026 return 0; 8027 err_out: 8028 genl_unregister_family(&nl80211_fam); 8029 return err; 8030 } 8031 8032 void nl80211_exit(void) 8033 { 8034 netlink_unregister_notifier(&nl80211_netlink_notifier); 8035 genl_unregister_family(&nl80211_fam); 8036 } 8037