1 /* 2 * This is the new netlink-based wireless configuration interface. 3 * 4 * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net> 5 */ 6 7 #include <linux/if.h> 8 #include <linux/module.h> 9 #include <linux/err.h> 10 #include <linux/slab.h> 11 #include <linux/list.h> 12 #include <linux/if_ether.h> 13 #include <linux/ieee80211.h> 14 #include <linux/nl80211.h> 15 #include <linux/rtnetlink.h> 16 #include <linux/netlink.h> 17 #include <linux/etherdevice.h> 18 #include <net/net_namespace.h> 19 #include <net/genetlink.h> 20 #include <net/cfg80211.h> 21 #include <net/sock.h> 22 #include "core.h" 23 #include "nl80211.h" 24 #include "reg.h" 25 26 static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type); 27 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, 28 struct genl_info *info, 29 struct cfg80211_crypto_settings *settings, 30 int cipher_limit); 31 32 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb, 33 struct genl_info *info); 34 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb, 35 struct genl_info *info); 36 37 /* the netlink family */ 38 static struct genl_family nl80211_fam = { 39 .id = GENL_ID_GENERATE, /* don't bother with a hardcoded ID */ 40 .name = "nl80211", /* have users key off the name instead */ 41 .hdrsize = 0, /* no private header */ 42 .version = 1, /* no particular meaning now */ 43 .maxattr = NL80211_ATTR_MAX, 44 .netnsok = true, 45 .pre_doit = nl80211_pre_doit, 46 .post_doit = nl80211_post_doit, 47 }; 48 49 /* internal helper: get rdev and dev */ 50 static int get_rdev_dev_by_ifindex(struct net *netns, struct nlattr **attrs, 51 struct cfg80211_registered_device **rdev, 52 struct net_device **dev) 53 { 54 int ifindex; 55 56 if (!attrs[NL80211_ATTR_IFINDEX]) 57 return -EINVAL; 58 59 ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]); 60 *dev = dev_get_by_index(netns, ifindex); 61 if (!*dev) 62 return -ENODEV; 63 64 *rdev = cfg80211_get_dev_from_ifindex(netns, ifindex); 65 if (IS_ERR(*rdev)) { 66 dev_put(*dev); 67 return PTR_ERR(*rdev); 68 } 69 70 return 0; 71 } 72 73 /* policy for the attributes */ 74 static const struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] = { 75 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 }, 76 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING, 77 .len = 20-1 }, 78 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED }, 79 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 }, 80 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 }, 81 [NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 }, 82 [NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 }, 83 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 }, 84 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 }, 85 [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 }, 86 87 [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 }, 88 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 }, 89 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 }, 90 91 [NL80211_ATTR_MAC] = { .len = ETH_ALEN }, 92 [NL80211_ATTR_PREV_BSSID] = { .len = ETH_ALEN }, 93 94 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, }, 95 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY, 96 .len = WLAN_MAX_KEY_LEN }, 97 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 }, 98 [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 }, 99 [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG }, 100 [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 }, 101 [NL80211_ATTR_KEY_TYPE] = { .type = NLA_U32 }, 102 103 [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 }, 104 [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 }, 105 [NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY, 106 .len = IEEE80211_MAX_DATA_LEN }, 107 [NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY, 108 .len = IEEE80211_MAX_DATA_LEN }, 109 [NL80211_ATTR_STA_AID] = { .type = NLA_U16 }, 110 [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED }, 111 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 }, 112 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY, 113 .len = NL80211_MAX_SUPP_RATES }, 114 [NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 }, 115 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 }, 116 [NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ }, 117 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY, 118 .len = IEEE80211_MAX_MESH_ID_LEN }, 119 [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 }, 120 121 [NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 }, 122 [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED }, 123 124 [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 }, 125 [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 }, 126 [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 }, 127 [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY, 128 .len = NL80211_MAX_SUPP_RATES }, 129 [NL80211_ATTR_BSS_HT_OPMODE] = { .type = NLA_U16 }, 130 131 [NL80211_ATTR_MESH_CONFIG] = { .type = NLA_NESTED }, 132 [NL80211_ATTR_SUPPORT_MESH_AUTH] = { .type = NLA_FLAG }, 133 134 [NL80211_ATTR_HT_CAPABILITY] = { .len = NL80211_HT_CAPABILITY_LEN }, 135 136 [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 }, 137 [NL80211_ATTR_IE] = { .type = NLA_BINARY, 138 .len = IEEE80211_MAX_DATA_LEN }, 139 [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED }, 140 [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED }, 141 142 [NL80211_ATTR_SSID] = { .type = NLA_BINARY, 143 .len = IEEE80211_MAX_SSID_LEN }, 144 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 }, 145 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 }, 146 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG }, 147 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG }, 148 [NL80211_ATTR_USE_MFP] = { .type = NLA_U32 }, 149 [NL80211_ATTR_STA_FLAGS2] = { 150 .len = sizeof(struct nl80211_sta_flag_update), 151 }, 152 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG }, 153 [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 }, 154 [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG }, 155 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG }, 156 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 }, 157 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 }, 158 [NL80211_ATTR_PID] = { .type = NLA_U32 }, 159 [NL80211_ATTR_4ADDR] = { .type = NLA_U8 }, 160 [NL80211_ATTR_PMKID] = { .type = NLA_BINARY, 161 .len = WLAN_PMKID_LEN }, 162 [NL80211_ATTR_DURATION] = { .type = NLA_U32 }, 163 [NL80211_ATTR_COOKIE] = { .type = NLA_U64 }, 164 [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED }, 165 [NL80211_ATTR_FRAME] = { .type = NLA_BINARY, 166 .len = IEEE80211_MAX_DATA_LEN }, 167 [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, }, 168 [NL80211_ATTR_PS_STATE] = { .type = NLA_U32 }, 169 [NL80211_ATTR_CQM] = { .type = NLA_NESTED, }, 170 [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG }, 171 [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 }, 172 [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 }, 173 [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 }, 174 [NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 }, 175 [NL80211_ATTR_WIPHY_ANTENNA_TX] = { .type = NLA_U32 }, 176 [NL80211_ATTR_WIPHY_ANTENNA_RX] = { .type = NLA_U32 }, 177 [NL80211_ATTR_MCAST_RATE] = { .type = NLA_U32 }, 178 [NL80211_ATTR_OFFCHANNEL_TX_OK] = { .type = NLA_FLAG }, 179 [NL80211_ATTR_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, 180 [NL80211_ATTR_WOWLAN_TRIGGERS] = { .type = NLA_NESTED }, 181 [NL80211_ATTR_STA_PLINK_STATE] = { .type = NLA_U8 }, 182 [NL80211_ATTR_SCHED_SCAN_INTERVAL] = { .type = NLA_U32 }, 183 [NL80211_ATTR_REKEY_DATA] = { .type = NLA_NESTED }, 184 [NL80211_ATTR_SCAN_SUPP_RATES] = { .type = NLA_NESTED }, 185 [NL80211_ATTR_HIDDEN_SSID] = { .type = NLA_U32 }, 186 [NL80211_ATTR_IE_PROBE_RESP] = { .type = NLA_BINARY, 187 .len = IEEE80211_MAX_DATA_LEN }, 188 [NL80211_ATTR_IE_ASSOC_RESP] = { .type = NLA_BINARY, 189 .len = IEEE80211_MAX_DATA_LEN }, 190 [NL80211_ATTR_ROAM_SUPPORT] = { .type = NLA_FLAG }, 191 [NL80211_ATTR_SCHED_SCAN_MATCH] = { .type = NLA_NESTED }, 192 [NL80211_ATTR_TX_NO_CCK_RATE] = { .type = NLA_FLAG }, 193 [NL80211_ATTR_TDLS_ACTION] = { .type = NLA_U8 }, 194 [NL80211_ATTR_TDLS_DIALOG_TOKEN] = { .type = NLA_U8 }, 195 [NL80211_ATTR_TDLS_OPERATION] = { .type = NLA_U8 }, 196 [NL80211_ATTR_TDLS_SUPPORT] = { .type = NLA_FLAG }, 197 [NL80211_ATTR_TDLS_EXTERNAL_SETUP] = { .type = NLA_FLAG }, 198 [NL80211_ATTR_DONT_WAIT_FOR_ACK] = { .type = NLA_FLAG }, 199 [NL80211_ATTR_PROBE_RESP] = { .type = NLA_BINARY, 200 .len = IEEE80211_MAX_DATA_LEN }, 201 [NL80211_ATTR_DFS_REGION] = { .type = NLA_U8 }, 202 [NL80211_ATTR_DISABLE_HT] = { .type = NLA_FLAG }, 203 [NL80211_ATTR_HT_CAPABILITY_MASK] = { 204 .len = NL80211_HT_CAPABILITY_LEN 205 }, 206 [NL80211_ATTR_NOACK_MAP] = { .type = NLA_U16 }, 207 }; 208 209 /* policy for the key attributes */ 210 static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = { 211 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN }, 212 [NL80211_KEY_IDX] = { .type = NLA_U8 }, 213 [NL80211_KEY_CIPHER] = { .type = NLA_U32 }, 214 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 }, 215 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG }, 216 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG }, 217 [NL80211_KEY_TYPE] = { .type = NLA_U32 }, 218 [NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, 219 }; 220 221 /* policy for the key default flags */ 222 static const struct nla_policy 223 nl80211_key_default_policy[NUM_NL80211_KEY_DEFAULT_TYPES] = { 224 [NL80211_KEY_DEFAULT_TYPE_UNICAST] = { .type = NLA_FLAG }, 225 [NL80211_KEY_DEFAULT_TYPE_MULTICAST] = { .type = NLA_FLAG }, 226 }; 227 228 /* policy for WoWLAN attributes */ 229 static const struct nla_policy 230 nl80211_wowlan_policy[NUM_NL80211_WOWLAN_TRIG] = { 231 [NL80211_WOWLAN_TRIG_ANY] = { .type = NLA_FLAG }, 232 [NL80211_WOWLAN_TRIG_DISCONNECT] = { .type = NLA_FLAG }, 233 [NL80211_WOWLAN_TRIG_MAGIC_PKT] = { .type = NLA_FLAG }, 234 [NL80211_WOWLAN_TRIG_PKT_PATTERN] = { .type = NLA_NESTED }, 235 [NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE] = { .type = NLA_FLAG }, 236 [NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST] = { .type = NLA_FLAG }, 237 [NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE] = { .type = NLA_FLAG }, 238 [NL80211_WOWLAN_TRIG_RFKILL_RELEASE] = { .type = NLA_FLAG }, 239 }; 240 241 /* policy for GTK rekey offload attributes */ 242 static const struct nla_policy 243 nl80211_rekey_policy[NUM_NL80211_REKEY_DATA] = { 244 [NL80211_REKEY_DATA_KEK] = { .len = NL80211_KEK_LEN }, 245 [NL80211_REKEY_DATA_KCK] = { .len = NL80211_KCK_LEN }, 246 [NL80211_REKEY_DATA_REPLAY_CTR] = { .len = NL80211_REPLAY_CTR_LEN }, 247 }; 248 249 static const struct nla_policy 250 nl80211_match_policy[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1] = { 251 [NL80211_ATTR_SCHED_SCAN_MATCH_SSID] = { .type = NLA_BINARY, 252 .len = IEEE80211_MAX_SSID_LEN }, 253 }; 254 255 /* ifidx get helper */ 256 static int nl80211_get_ifidx(struct netlink_callback *cb) 257 { 258 int res; 259 260 res = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, 261 nl80211_fam.attrbuf, nl80211_fam.maxattr, 262 nl80211_policy); 263 if (res) 264 return res; 265 266 if (!nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]) 267 return -EINVAL; 268 269 res = nla_get_u32(nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]); 270 if (!res) 271 return -EINVAL; 272 return res; 273 } 274 275 static int nl80211_prepare_netdev_dump(struct sk_buff *skb, 276 struct netlink_callback *cb, 277 struct cfg80211_registered_device **rdev, 278 struct net_device **dev) 279 { 280 int ifidx = cb->args[0]; 281 int err; 282 283 if (!ifidx) 284 ifidx = nl80211_get_ifidx(cb); 285 if (ifidx < 0) 286 return ifidx; 287 288 cb->args[0] = ifidx; 289 290 rtnl_lock(); 291 292 *dev = __dev_get_by_index(sock_net(skb->sk), ifidx); 293 if (!*dev) { 294 err = -ENODEV; 295 goto out_rtnl; 296 } 297 298 *rdev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx); 299 if (IS_ERR(*rdev)) { 300 err = PTR_ERR(*rdev); 301 goto out_rtnl; 302 } 303 304 return 0; 305 out_rtnl: 306 rtnl_unlock(); 307 return err; 308 } 309 310 static void nl80211_finish_netdev_dump(struct cfg80211_registered_device *rdev) 311 { 312 cfg80211_unlock_rdev(rdev); 313 rtnl_unlock(); 314 } 315 316 /* IE validation */ 317 static bool is_valid_ie_attr(const struct nlattr *attr) 318 { 319 const u8 *pos; 320 int len; 321 322 if (!attr) 323 return true; 324 325 pos = nla_data(attr); 326 len = nla_len(attr); 327 328 while (len) { 329 u8 elemlen; 330 331 if (len < 2) 332 return false; 333 len -= 2; 334 335 elemlen = pos[1]; 336 if (elemlen > len) 337 return false; 338 339 len -= elemlen; 340 pos += 2 + elemlen; 341 } 342 343 return true; 344 } 345 346 /* message building helper */ 347 static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq, 348 int flags, u8 cmd) 349 { 350 /* since there is no private header just add the generic one */ 351 return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd); 352 } 353 354 static int nl80211_msg_put_channel(struct sk_buff *msg, 355 struct ieee80211_channel *chan) 356 { 357 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_FREQ, 358 chan->center_freq); 359 360 if (chan->flags & IEEE80211_CHAN_DISABLED) 361 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_DISABLED); 362 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN) 363 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_PASSIVE_SCAN); 364 if (chan->flags & IEEE80211_CHAN_NO_IBSS) 365 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_NO_IBSS); 366 if (chan->flags & IEEE80211_CHAN_RADAR) 367 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_RADAR); 368 369 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER, 370 DBM_TO_MBM(chan->max_power)); 371 372 return 0; 373 374 nla_put_failure: 375 return -ENOBUFS; 376 } 377 378 /* netlink command implementations */ 379 380 struct key_parse { 381 struct key_params p; 382 int idx; 383 int type; 384 bool def, defmgmt; 385 bool def_uni, def_multi; 386 }; 387 388 static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k) 389 { 390 struct nlattr *tb[NL80211_KEY_MAX + 1]; 391 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key, 392 nl80211_key_policy); 393 if (err) 394 return err; 395 396 k->def = !!tb[NL80211_KEY_DEFAULT]; 397 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT]; 398 399 if (k->def) { 400 k->def_uni = true; 401 k->def_multi = true; 402 } 403 if (k->defmgmt) 404 k->def_multi = true; 405 406 if (tb[NL80211_KEY_IDX]) 407 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]); 408 409 if (tb[NL80211_KEY_DATA]) { 410 k->p.key = nla_data(tb[NL80211_KEY_DATA]); 411 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]); 412 } 413 414 if (tb[NL80211_KEY_SEQ]) { 415 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]); 416 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]); 417 } 418 419 if (tb[NL80211_KEY_CIPHER]) 420 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]); 421 422 if (tb[NL80211_KEY_TYPE]) { 423 k->type = nla_get_u32(tb[NL80211_KEY_TYPE]); 424 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) 425 return -EINVAL; 426 } 427 428 if (tb[NL80211_KEY_DEFAULT_TYPES]) { 429 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES]; 430 int err = nla_parse_nested(kdt, 431 NUM_NL80211_KEY_DEFAULT_TYPES - 1, 432 tb[NL80211_KEY_DEFAULT_TYPES], 433 nl80211_key_default_policy); 434 if (err) 435 return err; 436 437 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST]; 438 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST]; 439 } 440 441 return 0; 442 } 443 444 static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k) 445 { 446 if (info->attrs[NL80211_ATTR_KEY_DATA]) { 447 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]); 448 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]); 449 } 450 451 if (info->attrs[NL80211_ATTR_KEY_SEQ]) { 452 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]); 453 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]); 454 } 455 456 if (info->attrs[NL80211_ATTR_KEY_IDX]) 457 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 458 459 if (info->attrs[NL80211_ATTR_KEY_CIPHER]) 460 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]); 461 462 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT]; 463 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT]; 464 465 if (k->def) { 466 k->def_uni = true; 467 k->def_multi = true; 468 } 469 if (k->defmgmt) 470 k->def_multi = true; 471 472 if (info->attrs[NL80211_ATTR_KEY_TYPE]) { 473 k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); 474 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) 475 return -EINVAL; 476 } 477 478 if (info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES]) { 479 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES]; 480 int err = nla_parse_nested( 481 kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1, 482 info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES], 483 nl80211_key_default_policy); 484 if (err) 485 return err; 486 487 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST]; 488 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST]; 489 } 490 491 return 0; 492 } 493 494 static int nl80211_parse_key(struct genl_info *info, struct key_parse *k) 495 { 496 int err; 497 498 memset(k, 0, sizeof(*k)); 499 k->idx = -1; 500 k->type = -1; 501 502 if (info->attrs[NL80211_ATTR_KEY]) 503 err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k); 504 else 505 err = nl80211_parse_key_old(info, k); 506 507 if (err) 508 return err; 509 510 if (k->def && k->defmgmt) 511 return -EINVAL; 512 513 if (k->defmgmt) { 514 if (k->def_uni || !k->def_multi) 515 return -EINVAL; 516 } 517 518 if (k->idx != -1) { 519 if (k->defmgmt) { 520 if (k->idx < 4 || k->idx > 5) 521 return -EINVAL; 522 } else if (k->def) { 523 if (k->idx < 0 || k->idx > 3) 524 return -EINVAL; 525 } else { 526 if (k->idx < 0 || k->idx > 5) 527 return -EINVAL; 528 } 529 } 530 531 return 0; 532 } 533 534 static struct cfg80211_cached_keys * 535 nl80211_parse_connkeys(struct cfg80211_registered_device *rdev, 536 struct nlattr *keys) 537 { 538 struct key_parse parse; 539 struct nlattr *key; 540 struct cfg80211_cached_keys *result; 541 int rem, err, def = 0; 542 543 result = kzalloc(sizeof(*result), GFP_KERNEL); 544 if (!result) 545 return ERR_PTR(-ENOMEM); 546 547 result->def = -1; 548 result->defmgmt = -1; 549 550 nla_for_each_nested(key, keys, rem) { 551 memset(&parse, 0, sizeof(parse)); 552 parse.idx = -1; 553 554 err = nl80211_parse_key_new(key, &parse); 555 if (err) 556 goto error; 557 err = -EINVAL; 558 if (!parse.p.key) 559 goto error; 560 if (parse.idx < 0 || parse.idx > 4) 561 goto error; 562 if (parse.def) { 563 if (def) 564 goto error; 565 def = 1; 566 result->def = parse.idx; 567 if (!parse.def_uni || !parse.def_multi) 568 goto error; 569 } else if (parse.defmgmt) 570 goto error; 571 err = cfg80211_validate_key_settings(rdev, &parse.p, 572 parse.idx, false, NULL); 573 if (err) 574 goto error; 575 result->params[parse.idx].cipher = parse.p.cipher; 576 result->params[parse.idx].key_len = parse.p.key_len; 577 result->params[parse.idx].key = result->data[parse.idx]; 578 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len); 579 } 580 581 return result; 582 error: 583 kfree(result); 584 return ERR_PTR(err); 585 } 586 587 static int nl80211_key_allowed(struct wireless_dev *wdev) 588 { 589 ASSERT_WDEV_LOCK(wdev); 590 591 switch (wdev->iftype) { 592 case NL80211_IFTYPE_AP: 593 case NL80211_IFTYPE_AP_VLAN: 594 case NL80211_IFTYPE_P2P_GO: 595 case NL80211_IFTYPE_MESH_POINT: 596 break; 597 case NL80211_IFTYPE_ADHOC: 598 if (!wdev->current_bss) 599 return -ENOLINK; 600 break; 601 case NL80211_IFTYPE_STATION: 602 case NL80211_IFTYPE_P2P_CLIENT: 603 if (wdev->sme_state != CFG80211_SME_CONNECTED) 604 return -ENOLINK; 605 break; 606 default: 607 return -EINVAL; 608 } 609 610 return 0; 611 } 612 613 static int nl80211_put_iftypes(struct sk_buff *msg, u32 attr, u16 ifmodes) 614 { 615 struct nlattr *nl_modes = nla_nest_start(msg, attr); 616 int i; 617 618 if (!nl_modes) 619 goto nla_put_failure; 620 621 i = 0; 622 while (ifmodes) { 623 if (ifmodes & 1) 624 NLA_PUT_FLAG(msg, i); 625 ifmodes >>= 1; 626 i++; 627 } 628 629 nla_nest_end(msg, nl_modes); 630 return 0; 631 632 nla_put_failure: 633 return -ENOBUFS; 634 } 635 636 static int nl80211_put_iface_combinations(struct wiphy *wiphy, 637 struct sk_buff *msg) 638 { 639 struct nlattr *nl_combis; 640 int i, j; 641 642 nl_combis = nla_nest_start(msg, 643 NL80211_ATTR_INTERFACE_COMBINATIONS); 644 if (!nl_combis) 645 goto nla_put_failure; 646 647 for (i = 0; i < wiphy->n_iface_combinations; i++) { 648 const struct ieee80211_iface_combination *c; 649 struct nlattr *nl_combi, *nl_limits; 650 651 c = &wiphy->iface_combinations[i]; 652 653 nl_combi = nla_nest_start(msg, i + 1); 654 if (!nl_combi) 655 goto nla_put_failure; 656 657 nl_limits = nla_nest_start(msg, NL80211_IFACE_COMB_LIMITS); 658 if (!nl_limits) 659 goto nla_put_failure; 660 661 for (j = 0; j < c->n_limits; j++) { 662 struct nlattr *nl_limit; 663 664 nl_limit = nla_nest_start(msg, j + 1); 665 if (!nl_limit) 666 goto nla_put_failure; 667 NLA_PUT_U32(msg, NL80211_IFACE_LIMIT_MAX, 668 c->limits[j].max); 669 if (nl80211_put_iftypes(msg, NL80211_IFACE_LIMIT_TYPES, 670 c->limits[j].types)) 671 goto nla_put_failure; 672 nla_nest_end(msg, nl_limit); 673 } 674 675 nla_nest_end(msg, nl_limits); 676 677 if (c->beacon_int_infra_match) 678 NLA_PUT_FLAG(msg, 679 NL80211_IFACE_COMB_STA_AP_BI_MATCH); 680 NLA_PUT_U32(msg, NL80211_IFACE_COMB_NUM_CHANNELS, 681 c->num_different_channels); 682 NLA_PUT_U32(msg, NL80211_IFACE_COMB_MAXNUM, 683 c->max_interfaces); 684 685 nla_nest_end(msg, nl_combi); 686 } 687 688 nla_nest_end(msg, nl_combis); 689 690 return 0; 691 nla_put_failure: 692 return -ENOBUFS; 693 } 694 695 static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags, 696 struct cfg80211_registered_device *dev) 697 { 698 void *hdr; 699 struct nlattr *nl_bands, *nl_band; 700 struct nlattr *nl_freqs, *nl_freq; 701 struct nlattr *nl_rates, *nl_rate; 702 struct nlattr *nl_cmds; 703 enum ieee80211_band band; 704 struct ieee80211_channel *chan; 705 struct ieee80211_rate *rate; 706 int i; 707 const struct ieee80211_txrx_stypes *mgmt_stypes = 708 dev->wiphy.mgmt_stypes; 709 710 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_WIPHY); 711 if (!hdr) 712 return -1; 713 714 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx); 715 NLA_PUT_STRING(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy)); 716 717 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 718 cfg80211_rdev_list_generation); 719 720 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT, 721 dev->wiphy.retry_short); 722 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_LONG, 723 dev->wiphy.retry_long); 724 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, 725 dev->wiphy.frag_threshold); 726 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, 727 dev->wiphy.rts_threshold); 728 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS, 729 dev->wiphy.coverage_class); 730 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS, 731 dev->wiphy.max_scan_ssids); 732 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS, 733 dev->wiphy.max_sched_scan_ssids); 734 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN, 735 dev->wiphy.max_scan_ie_len); 736 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCHED_SCAN_IE_LEN, 737 dev->wiphy.max_sched_scan_ie_len); 738 NLA_PUT_U8(msg, NL80211_ATTR_MAX_MATCH_SETS, 739 dev->wiphy.max_match_sets); 740 741 if (dev->wiphy.flags & WIPHY_FLAG_IBSS_RSN) 742 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_IBSS_RSN); 743 if (dev->wiphy.flags & WIPHY_FLAG_MESH_AUTH) 744 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_MESH_AUTH); 745 if (dev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) 746 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_AP_UAPSD); 747 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_FW_ROAM) 748 NLA_PUT_FLAG(msg, NL80211_ATTR_ROAM_SUPPORT); 749 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) 750 NLA_PUT_FLAG(msg, NL80211_ATTR_TDLS_SUPPORT); 751 if (dev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP) 752 NLA_PUT_FLAG(msg, NL80211_ATTR_TDLS_EXTERNAL_SETUP); 753 754 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES, 755 sizeof(u32) * dev->wiphy.n_cipher_suites, 756 dev->wiphy.cipher_suites); 757 758 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_PMKIDS, 759 dev->wiphy.max_num_pmkids); 760 761 if (dev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) 762 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE); 763 764 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_TX, 765 dev->wiphy.available_antennas_tx); 766 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_RX, 767 dev->wiphy.available_antennas_rx); 768 769 if (dev->wiphy.flags & WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD) 770 NLA_PUT_U32(msg, NL80211_ATTR_PROBE_RESP_OFFLOAD, 771 dev->wiphy.probe_resp_offload); 772 773 if ((dev->wiphy.available_antennas_tx || 774 dev->wiphy.available_antennas_rx) && dev->ops->get_antenna) { 775 u32 tx_ant = 0, rx_ant = 0; 776 int res; 777 res = dev->ops->get_antenna(&dev->wiphy, &tx_ant, &rx_ant); 778 if (!res) { 779 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_TX, tx_ant); 780 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_RX, rx_ant); 781 } 782 } 783 784 if (nl80211_put_iftypes(msg, NL80211_ATTR_SUPPORTED_IFTYPES, 785 dev->wiphy.interface_modes)) 786 goto nla_put_failure; 787 788 nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS); 789 if (!nl_bands) 790 goto nla_put_failure; 791 792 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 793 if (!dev->wiphy.bands[band]) 794 continue; 795 796 nl_band = nla_nest_start(msg, band); 797 if (!nl_band) 798 goto nla_put_failure; 799 800 /* add HT info */ 801 if (dev->wiphy.bands[band]->ht_cap.ht_supported) { 802 NLA_PUT(msg, NL80211_BAND_ATTR_HT_MCS_SET, 803 sizeof(dev->wiphy.bands[band]->ht_cap.mcs), 804 &dev->wiphy.bands[band]->ht_cap.mcs); 805 NLA_PUT_U16(msg, NL80211_BAND_ATTR_HT_CAPA, 806 dev->wiphy.bands[band]->ht_cap.cap); 807 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR, 808 dev->wiphy.bands[band]->ht_cap.ampdu_factor); 809 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY, 810 dev->wiphy.bands[band]->ht_cap.ampdu_density); 811 } 812 813 /* add frequencies */ 814 nl_freqs = nla_nest_start(msg, NL80211_BAND_ATTR_FREQS); 815 if (!nl_freqs) 816 goto nla_put_failure; 817 818 for (i = 0; i < dev->wiphy.bands[band]->n_channels; i++) { 819 nl_freq = nla_nest_start(msg, i); 820 if (!nl_freq) 821 goto nla_put_failure; 822 823 chan = &dev->wiphy.bands[band]->channels[i]; 824 825 if (nl80211_msg_put_channel(msg, chan)) 826 goto nla_put_failure; 827 828 nla_nest_end(msg, nl_freq); 829 } 830 831 nla_nest_end(msg, nl_freqs); 832 833 /* add bitrates */ 834 nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES); 835 if (!nl_rates) 836 goto nla_put_failure; 837 838 for (i = 0; i < dev->wiphy.bands[band]->n_bitrates; i++) { 839 nl_rate = nla_nest_start(msg, i); 840 if (!nl_rate) 841 goto nla_put_failure; 842 843 rate = &dev->wiphy.bands[band]->bitrates[i]; 844 NLA_PUT_U32(msg, NL80211_BITRATE_ATTR_RATE, 845 rate->bitrate); 846 if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) 847 NLA_PUT_FLAG(msg, 848 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE); 849 850 nla_nest_end(msg, nl_rate); 851 } 852 853 nla_nest_end(msg, nl_rates); 854 855 nla_nest_end(msg, nl_band); 856 } 857 nla_nest_end(msg, nl_bands); 858 859 nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS); 860 if (!nl_cmds) 861 goto nla_put_failure; 862 863 i = 0; 864 #define CMD(op, n) \ 865 do { \ 866 if (dev->ops->op) { \ 867 i++; \ 868 NLA_PUT_U32(msg, i, NL80211_CMD_ ## n); \ 869 } \ 870 } while (0) 871 872 CMD(add_virtual_intf, NEW_INTERFACE); 873 CMD(change_virtual_intf, SET_INTERFACE); 874 CMD(add_key, NEW_KEY); 875 CMD(add_beacon, NEW_BEACON); 876 CMD(add_station, NEW_STATION); 877 CMD(add_mpath, NEW_MPATH); 878 CMD(update_mesh_config, SET_MESH_CONFIG); 879 CMD(change_bss, SET_BSS); 880 CMD(auth, AUTHENTICATE); 881 CMD(assoc, ASSOCIATE); 882 CMD(deauth, DEAUTHENTICATE); 883 CMD(disassoc, DISASSOCIATE); 884 CMD(join_ibss, JOIN_IBSS); 885 CMD(join_mesh, JOIN_MESH); 886 CMD(set_pmksa, SET_PMKSA); 887 CMD(del_pmksa, DEL_PMKSA); 888 CMD(flush_pmksa, FLUSH_PMKSA); 889 if (dev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL) 890 CMD(remain_on_channel, REMAIN_ON_CHANNEL); 891 CMD(set_bitrate_mask, SET_TX_BITRATE_MASK); 892 CMD(mgmt_tx, FRAME); 893 CMD(mgmt_tx_cancel_wait, FRAME_WAIT_CANCEL); 894 if (dev->wiphy.flags & WIPHY_FLAG_NETNS_OK) { 895 i++; 896 NLA_PUT_U32(msg, i, NL80211_CMD_SET_WIPHY_NETNS); 897 } 898 CMD(set_channel, SET_CHANNEL); 899 CMD(set_wds_peer, SET_WDS_PEER); 900 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) { 901 CMD(tdls_mgmt, TDLS_MGMT); 902 CMD(tdls_oper, TDLS_OPER); 903 } 904 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) 905 CMD(sched_scan_start, START_SCHED_SCAN); 906 CMD(probe_client, PROBE_CLIENT); 907 CMD(set_noack_map, SET_NOACK_MAP); 908 if (dev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS) { 909 i++; 910 NLA_PUT_U32(msg, i, NL80211_CMD_REGISTER_BEACONS); 911 } 912 913 #ifdef CONFIG_NL80211_TESTMODE 914 CMD(testmode_cmd, TESTMODE); 915 #endif 916 917 #undef CMD 918 919 if (dev->ops->connect || dev->ops->auth) { 920 i++; 921 NLA_PUT_U32(msg, i, NL80211_CMD_CONNECT); 922 } 923 924 if (dev->ops->disconnect || dev->ops->deauth) { 925 i++; 926 NLA_PUT_U32(msg, i, NL80211_CMD_DISCONNECT); 927 } 928 929 nla_nest_end(msg, nl_cmds); 930 931 if (dev->ops->remain_on_channel && 932 dev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL) 933 NLA_PUT_U32(msg, NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION, 934 dev->wiphy.max_remain_on_channel_duration); 935 936 if (dev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX) 937 NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK); 938 939 if (mgmt_stypes) { 940 u16 stypes; 941 struct nlattr *nl_ftypes, *nl_ifs; 942 enum nl80211_iftype ift; 943 944 nl_ifs = nla_nest_start(msg, NL80211_ATTR_TX_FRAME_TYPES); 945 if (!nl_ifs) 946 goto nla_put_failure; 947 948 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { 949 nl_ftypes = nla_nest_start(msg, ift); 950 if (!nl_ftypes) 951 goto nla_put_failure; 952 i = 0; 953 stypes = mgmt_stypes[ift].tx; 954 while (stypes) { 955 if (stypes & 1) 956 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, 957 (i << 4) | IEEE80211_FTYPE_MGMT); 958 stypes >>= 1; 959 i++; 960 } 961 nla_nest_end(msg, nl_ftypes); 962 } 963 964 nla_nest_end(msg, nl_ifs); 965 966 nl_ifs = nla_nest_start(msg, NL80211_ATTR_RX_FRAME_TYPES); 967 if (!nl_ifs) 968 goto nla_put_failure; 969 970 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { 971 nl_ftypes = nla_nest_start(msg, ift); 972 if (!nl_ftypes) 973 goto nla_put_failure; 974 i = 0; 975 stypes = mgmt_stypes[ift].rx; 976 while (stypes) { 977 if (stypes & 1) 978 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, 979 (i << 4) | IEEE80211_FTYPE_MGMT); 980 stypes >>= 1; 981 i++; 982 } 983 nla_nest_end(msg, nl_ftypes); 984 } 985 nla_nest_end(msg, nl_ifs); 986 } 987 988 if (dev->wiphy.wowlan.flags || dev->wiphy.wowlan.n_patterns) { 989 struct nlattr *nl_wowlan; 990 991 nl_wowlan = nla_nest_start(msg, 992 NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED); 993 if (!nl_wowlan) 994 goto nla_put_failure; 995 996 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_ANY) 997 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_ANY); 998 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_DISCONNECT) 999 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_DISCONNECT); 1000 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_MAGIC_PKT) 1001 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT); 1002 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_SUPPORTS_GTK_REKEY) 1003 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED); 1004 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE) 1005 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE); 1006 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ) 1007 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST); 1008 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_4WAY_HANDSHAKE) 1009 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE); 1010 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_RFKILL_RELEASE) 1011 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE); 1012 if (dev->wiphy.wowlan.n_patterns) { 1013 struct nl80211_wowlan_pattern_support pat = { 1014 .max_patterns = dev->wiphy.wowlan.n_patterns, 1015 .min_pattern_len = 1016 dev->wiphy.wowlan.pattern_min_len, 1017 .max_pattern_len = 1018 dev->wiphy.wowlan.pattern_max_len, 1019 }; 1020 NLA_PUT(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN, 1021 sizeof(pat), &pat); 1022 } 1023 1024 nla_nest_end(msg, nl_wowlan); 1025 } 1026 1027 if (nl80211_put_iftypes(msg, NL80211_ATTR_SOFTWARE_IFTYPES, 1028 dev->wiphy.software_iftypes)) 1029 goto nla_put_failure; 1030 1031 if (nl80211_put_iface_combinations(&dev->wiphy, msg)) 1032 goto nla_put_failure; 1033 1034 if (dev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME) 1035 NLA_PUT_U32(msg, NL80211_ATTR_DEVICE_AP_SME, 1036 dev->wiphy.ap_sme_capa); 1037 1038 NLA_PUT_U32(msg, NL80211_ATTR_FEATURE_FLAGS, dev->wiphy.features); 1039 1040 if (dev->wiphy.ht_capa_mod_mask) 1041 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY_MASK, 1042 sizeof(*dev->wiphy.ht_capa_mod_mask), 1043 dev->wiphy.ht_capa_mod_mask); 1044 1045 return genlmsg_end(msg, hdr); 1046 1047 nla_put_failure: 1048 genlmsg_cancel(msg, hdr); 1049 return -EMSGSIZE; 1050 } 1051 1052 static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb) 1053 { 1054 int idx = 0; 1055 int start = cb->args[0]; 1056 struct cfg80211_registered_device *dev; 1057 1058 mutex_lock(&cfg80211_mutex); 1059 list_for_each_entry(dev, &cfg80211_rdev_list, list) { 1060 if (!net_eq(wiphy_net(&dev->wiphy), sock_net(skb->sk))) 1061 continue; 1062 if (++idx <= start) 1063 continue; 1064 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid, 1065 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1066 dev) < 0) { 1067 idx--; 1068 break; 1069 } 1070 } 1071 mutex_unlock(&cfg80211_mutex); 1072 1073 cb->args[0] = idx; 1074 1075 return skb->len; 1076 } 1077 1078 static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info) 1079 { 1080 struct sk_buff *msg; 1081 struct cfg80211_registered_device *dev = info->user_ptr[0]; 1082 1083 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1084 if (!msg) 1085 return -ENOMEM; 1086 1087 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0) { 1088 nlmsg_free(msg); 1089 return -ENOBUFS; 1090 } 1091 1092 return genlmsg_reply(msg, info); 1093 } 1094 1095 static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = { 1096 [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 }, 1097 [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 }, 1098 [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 }, 1099 [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 }, 1100 [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 }, 1101 }; 1102 1103 static int parse_txq_params(struct nlattr *tb[], 1104 struct ieee80211_txq_params *txq_params) 1105 { 1106 if (!tb[NL80211_TXQ_ATTR_QUEUE] || !tb[NL80211_TXQ_ATTR_TXOP] || 1107 !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] || 1108 !tb[NL80211_TXQ_ATTR_AIFS]) 1109 return -EINVAL; 1110 1111 txq_params->queue = nla_get_u8(tb[NL80211_TXQ_ATTR_QUEUE]); 1112 txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]); 1113 txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]); 1114 txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]); 1115 txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]); 1116 1117 return 0; 1118 } 1119 1120 static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev) 1121 { 1122 /* 1123 * You can only set the channel explicitly for AP, mesh 1124 * and WDS type interfaces; all others have their channel 1125 * managed via their respective "establish a connection" 1126 * command (connect, join, ...) 1127 * 1128 * Monitors are special as they are normally slaved to 1129 * whatever else is going on, so they behave as though 1130 * you tried setting the wiphy channel itself. 1131 */ 1132 return !wdev || 1133 wdev->iftype == NL80211_IFTYPE_AP || 1134 wdev->iftype == NL80211_IFTYPE_WDS || 1135 wdev->iftype == NL80211_IFTYPE_MESH_POINT || 1136 wdev->iftype == NL80211_IFTYPE_MONITOR || 1137 wdev->iftype == NL80211_IFTYPE_P2P_GO; 1138 } 1139 1140 static int __nl80211_set_channel(struct cfg80211_registered_device *rdev, 1141 struct wireless_dev *wdev, 1142 struct genl_info *info) 1143 { 1144 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 1145 u32 freq; 1146 int result; 1147 1148 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 1149 return -EINVAL; 1150 1151 if (!nl80211_can_set_dev_channel(wdev)) 1152 return -EOPNOTSUPP; 1153 1154 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 1155 channel_type = nla_get_u32(info->attrs[ 1156 NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 1157 if (channel_type != NL80211_CHAN_NO_HT && 1158 channel_type != NL80211_CHAN_HT20 && 1159 channel_type != NL80211_CHAN_HT40PLUS && 1160 channel_type != NL80211_CHAN_HT40MINUS) 1161 return -EINVAL; 1162 } 1163 1164 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 1165 1166 mutex_lock(&rdev->devlist_mtx); 1167 if (wdev) { 1168 wdev_lock(wdev); 1169 result = cfg80211_set_freq(rdev, wdev, freq, channel_type); 1170 wdev_unlock(wdev); 1171 } else { 1172 result = cfg80211_set_freq(rdev, NULL, freq, channel_type); 1173 } 1174 mutex_unlock(&rdev->devlist_mtx); 1175 1176 return result; 1177 } 1178 1179 static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info) 1180 { 1181 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1182 struct net_device *netdev = info->user_ptr[1]; 1183 1184 return __nl80211_set_channel(rdev, netdev->ieee80211_ptr, info); 1185 } 1186 1187 static int nl80211_set_wds_peer(struct sk_buff *skb, struct genl_info *info) 1188 { 1189 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1190 struct net_device *dev = info->user_ptr[1]; 1191 struct wireless_dev *wdev = dev->ieee80211_ptr; 1192 const u8 *bssid; 1193 1194 if (!info->attrs[NL80211_ATTR_MAC]) 1195 return -EINVAL; 1196 1197 if (netif_running(dev)) 1198 return -EBUSY; 1199 1200 if (!rdev->ops->set_wds_peer) 1201 return -EOPNOTSUPP; 1202 1203 if (wdev->iftype != NL80211_IFTYPE_WDS) 1204 return -EOPNOTSUPP; 1205 1206 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 1207 return rdev->ops->set_wds_peer(wdev->wiphy, dev, bssid); 1208 } 1209 1210 1211 static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info) 1212 { 1213 struct cfg80211_registered_device *rdev; 1214 struct net_device *netdev = NULL; 1215 struct wireless_dev *wdev; 1216 int result = 0, rem_txq_params = 0; 1217 struct nlattr *nl_txq_params; 1218 u32 changed; 1219 u8 retry_short = 0, retry_long = 0; 1220 u32 frag_threshold = 0, rts_threshold = 0; 1221 u8 coverage_class = 0; 1222 1223 /* 1224 * Try to find the wiphy and netdev. Normally this 1225 * function shouldn't need the netdev, but this is 1226 * done for backward compatibility -- previously 1227 * setting the channel was done per wiphy, but now 1228 * it is per netdev. Previous userland like hostapd 1229 * also passed a netdev to set_wiphy, so that it is 1230 * possible to let that go to the right netdev! 1231 */ 1232 mutex_lock(&cfg80211_mutex); 1233 1234 if (info->attrs[NL80211_ATTR_IFINDEX]) { 1235 int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]); 1236 1237 netdev = dev_get_by_index(genl_info_net(info), ifindex); 1238 if (netdev && netdev->ieee80211_ptr) { 1239 rdev = wiphy_to_dev(netdev->ieee80211_ptr->wiphy); 1240 mutex_lock(&rdev->mtx); 1241 } else 1242 netdev = NULL; 1243 } 1244 1245 if (!netdev) { 1246 rdev = __cfg80211_rdev_from_info(info); 1247 if (IS_ERR(rdev)) { 1248 mutex_unlock(&cfg80211_mutex); 1249 return PTR_ERR(rdev); 1250 } 1251 wdev = NULL; 1252 netdev = NULL; 1253 result = 0; 1254 1255 mutex_lock(&rdev->mtx); 1256 } else if (netif_running(netdev) && 1257 nl80211_can_set_dev_channel(netdev->ieee80211_ptr)) 1258 wdev = netdev->ieee80211_ptr; 1259 else 1260 wdev = NULL; 1261 1262 /* 1263 * end workaround code, by now the rdev is available 1264 * and locked, and wdev may or may not be NULL. 1265 */ 1266 1267 if (info->attrs[NL80211_ATTR_WIPHY_NAME]) 1268 result = cfg80211_dev_rename( 1269 rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME])); 1270 1271 mutex_unlock(&cfg80211_mutex); 1272 1273 if (result) 1274 goto bad_res; 1275 1276 if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) { 1277 struct ieee80211_txq_params txq_params; 1278 struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1]; 1279 1280 if (!rdev->ops->set_txq_params) { 1281 result = -EOPNOTSUPP; 1282 goto bad_res; 1283 } 1284 1285 if (!netdev) { 1286 result = -EINVAL; 1287 goto bad_res; 1288 } 1289 1290 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 1291 netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) { 1292 result = -EINVAL; 1293 goto bad_res; 1294 } 1295 1296 nla_for_each_nested(nl_txq_params, 1297 info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS], 1298 rem_txq_params) { 1299 nla_parse(tb, NL80211_TXQ_ATTR_MAX, 1300 nla_data(nl_txq_params), 1301 nla_len(nl_txq_params), 1302 txq_params_policy); 1303 result = parse_txq_params(tb, &txq_params); 1304 if (result) 1305 goto bad_res; 1306 1307 result = rdev->ops->set_txq_params(&rdev->wiphy, 1308 netdev, 1309 &txq_params); 1310 if (result) 1311 goto bad_res; 1312 } 1313 } 1314 1315 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 1316 result = __nl80211_set_channel(rdev, wdev, info); 1317 if (result) 1318 goto bad_res; 1319 } 1320 1321 if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) { 1322 enum nl80211_tx_power_setting type; 1323 int idx, mbm = 0; 1324 1325 if (!rdev->ops->set_tx_power) { 1326 result = -EOPNOTSUPP; 1327 goto bad_res; 1328 } 1329 1330 idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING; 1331 type = nla_get_u32(info->attrs[idx]); 1332 1333 if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] && 1334 (type != NL80211_TX_POWER_AUTOMATIC)) { 1335 result = -EINVAL; 1336 goto bad_res; 1337 } 1338 1339 if (type != NL80211_TX_POWER_AUTOMATIC) { 1340 idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL; 1341 mbm = nla_get_u32(info->attrs[idx]); 1342 } 1343 1344 result = rdev->ops->set_tx_power(&rdev->wiphy, type, mbm); 1345 if (result) 1346 goto bad_res; 1347 } 1348 1349 if (info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX] && 1350 info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]) { 1351 u32 tx_ant, rx_ant; 1352 if ((!rdev->wiphy.available_antennas_tx && 1353 !rdev->wiphy.available_antennas_rx) || 1354 !rdev->ops->set_antenna) { 1355 result = -EOPNOTSUPP; 1356 goto bad_res; 1357 } 1358 1359 tx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX]); 1360 rx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]); 1361 1362 /* reject antenna configurations which don't match the 1363 * available antenna masks, except for the "all" mask */ 1364 if ((~tx_ant && (tx_ant & ~rdev->wiphy.available_antennas_tx)) || 1365 (~rx_ant && (rx_ant & ~rdev->wiphy.available_antennas_rx))) { 1366 result = -EINVAL; 1367 goto bad_res; 1368 } 1369 1370 tx_ant = tx_ant & rdev->wiphy.available_antennas_tx; 1371 rx_ant = rx_ant & rdev->wiphy.available_antennas_rx; 1372 1373 result = rdev->ops->set_antenna(&rdev->wiphy, tx_ant, rx_ant); 1374 if (result) 1375 goto bad_res; 1376 } 1377 1378 changed = 0; 1379 1380 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) { 1381 retry_short = nla_get_u8( 1382 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]); 1383 if (retry_short == 0) { 1384 result = -EINVAL; 1385 goto bad_res; 1386 } 1387 changed |= WIPHY_PARAM_RETRY_SHORT; 1388 } 1389 1390 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) { 1391 retry_long = nla_get_u8( 1392 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]); 1393 if (retry_long == 0) { 1394 result = -EINVAL; 1395 goto bad_res; 1396 } 1397 changed |= WIPHY_PARAM_RETRY_LONG; 1398 } 1399 1400 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) { 1401 frag_threshold = nla_get_u32( 1402 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]); 1403 if (frag_threshold < 256) { 1404 result = -EINVAL; 1405 goto bad_res; 1406 } 1407 if (frag_threshold != (u32) -1) { 1408 /* 1409 * Fragments (apart from the last one) are required to 1410 * have even length. Make the fragmentation code 1411 * simpler by stripping LSB should someone try to use 1412 * odd threshold value. 1413 */ 1414 frag_threshold &= ~0x1; 1415 } 1416 changed |= WIPHY_PARAM_FRAG_THRESHOLD; 1417 } 1418 1419 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) { 1420 rts_threshold = nla_get_u32( 1421 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]); 1422 changed |= WIPHY_PARAM_RTS_THRESHOLD; 1423 } 1424 1425 if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) { 1426 coverage_class = nla_get_u8( 1427 info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]); 1428 changed |= WIPHY_PARAM_COVERAGE_CLASS; 1429 } 1430 1431 if (changed) { 1432 u8 old_retry_short, old_retry_long; 1433 u32 old_frag_threshold, old_rts_threshold; 1434 u8 old_coverage_class; 1435 1436 if (!rdev->ops->set_wiphy_params) { 1437 result = -EOPNOTSUPP; 1438 goto bad_res; 1439 } 1440 1441 old_retry_short = rdev->wiphy.retry_short; 1442 old_retry_long = rdev->wiphy.retry_long; 1443 old_frag_threshold = rdev->wiphy.frag_threshold; 1444 old_rts_threshold = rdev->wiphy.rts_threshold; 1445 old_coverage_class = rdev->wiphy.coverage_class; 1446 1447 if (changed & WIPHY_PARAM_RETRY_SHORT) 1448 rdev->wiphy.retry_short = retry_short; 1449 if (changed & WIPHY_PARAM_RETRY_LONG) 1450 rdev->wiphy.retry_long = retry_long; 1451 if (changed & WIPHY_PARAM_FRAG_THRESHOLD) 1452 rdev->wiphy.frag_threshold = frag_threshold; 1453 if (changed & WIPHY_PARAM_RTS_THRESHOLD) 1454 rdev->wiphy.rts_threshold = rts_threshold; 1455 if (changed & WIPHY_PARAM_COVERAGE_CLASS) 1456 rdev->wiphy.coverage_class = coverage_class; 1457 1458 result = rdev->ops->set_wiphy_params(&rdev->wiphy, changed); 1459 if (result) { 1460 rdev->wiphy.retry_short = old_retry_short; 1461 rdev->wiphy.retry_long = old_retry_long; 1462 rdev->wiphy.frag_threshold = old_frag_threshold; 1463 rdev->wiphy.rts_threshold = old_rts_threshold; 1464 rdev->wiphy.coverage_class = old_coverage_class; 1465 } 1466 } 1467 1468 bad_res: 1469 mutex_unlock(&rdev->mtx); 1470 if (netdev) 1471 dev_put(netdev); 1472 return result; 1473 } 1474 1475 1476 static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags, 1477 struct cfg80211_registered_device *rdev, 1478 struct net_device *dev) 1479 { 1480 void *hdr; 1481 1482 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_INTERFACE); 1483 if (!hdr) 1484 return -1; 1485 1486 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1487 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 1488 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, dev->name); 1489 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, dev->ieee80211_ptr->iftype); 1490 1491 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 1492 rdev->devlist_generation ^ 1493 (cfg80211_rdev_list_generation << 2)); 1494 1495 return genlmsg_end(msg, hdr); 1496 1497 nla_put_failure: 1498 genlmsg_cancel(msg, hdr); 1499 return -EMSGSIZE; 1500 } 1501 1502 static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb) 1503 { 1504 int wp_idx = 0; 1505 int if_idx = 0; 1506 int wp_start = cb->args[0]; 1507 int if_start = cb->args[1]; 1508 struct cfg80211_registered_device *rdev; 1509 struct wireless_dev *wdev; 1510 1511 mutex_lock(&cfg80211_mutex); 1512 list_for_each_entry(rdev, &cfg80211_rdev_list, list) { 1513 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk))) 1514 continue; 1515 if (wp_idx < wp_start) { 1516 wp_idx++; 1517 continue; 1518 } 1519 if_idx = 0; 1520 1521 mutex_lock(&rdev->devlist_mtx); 1522 list_for_each_entry(wdev, &rdev->netdev_list, list) { 1523 if (if_idx < if_start) { 1524 if_idx++; 1525 continue; 1526 } 1527 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid, 1528 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1529 rdev, wdev->netdev) < 0) { 1530 mutex_unlock(&rdev->devlist_mtx); 1531 goto out; 1532 } 1533 if_idx++; 1534 } 1535 mutex_unlock(&rdev->devlist_mtx); 1536 1537 wp_idx++; 1538 } 1539 out: 1540 mutex_unlock(&cfg80211_mutex); 1541 1542 cb->args[0] = wp_idx; 1543 cb->args[1] = if_idx; 1544 1545 return skb->len; 1546 } 1547 1548 static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info) 1549 { 1550 struct sk_buff *msg; 1551 struct cfg80211_registered_device *dev = info->user_ptr[0]; 1552 struct net_device *netdev = info->user_ptr[1]; 1553 1554 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1555 if (!msg) 1556 return -ENOMEM; 1557 1558 if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0, 1559 dev, netdev) < 0) { 1560 nlmsg_free(msg); 1561 return -ENOBUFS; 1562 } 1563 1564 return genlmsg_reply(msg, info); 1565 } 1566 1567 static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = { 1568 [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG }, 1569 [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG }, 1570 [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG }, 1571 [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG }, 1572 [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG }, 1573 }; 1574 1575 static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags) 1576 { 1577 struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1]; 1578 int flag; 1579 1580 *mntrflags = 0; 1581 1582 if (!nla) 1583 return -EINVAL; 1584 1585 if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX, 1586 nla, mntr_flags_policy)) 1587 return -EINVAL; 1588 1589 for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++) 1590 if (flags[flag]) 1591 *mntrflags |= (1<<flag); 1592 1593 return 0; 1594 } 1595 1596 static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev, 1597 struct net_device *netdev, u8 use_4addr, 1598 enum nl80211_iftype iftype) 1599 { 1600 if (!use_4addr) { 1601 if (netdev && (netdev->priv_flags & IFF_BRIDGE_PORT)) 1602 return -EBUSY; 1603 return 0; 1604 } 1605 1606 switch (iftype) { 1607 case NL80211_IFTYPE_AP_VLAN: 1608 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP) 1609 return 0; 1610 break; 1611 case NL80211_IFTYPE_STATION: 1612 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION) 1613 return 0; 1614 break; 1615 default: 1616 break; 1617 } 1618 1619 return -EOPNOTSUPP; 1620 } 1621 1622 static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info) 1623 { 1624 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1625 struct vif_params params; 1626 int err; 1627 enum nl80211_iftype otype, ntype; 1628 struct net_device *dev = info->user_ptr[1]; 1629 u32 _flags, *flags = NULL; 1630 bool change = false; 1631 1632 memset(¶ms, 0, sizeof(params)); 1633 1634 otype = ntype = dev->ieee80211_ptr->iftype; 1635 1636 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1637 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1638 if (otype != ntype) 1639 change = true; 1640 if (ntype > NL80211_IFTYPE_MAX) 1641 return -EINVAL; 1642 } 1643 1644 if (info->attrs[NL80211_ATTR_MESH_ID]) { 1645 struct wireless_dev *wdev = dev->ieee80211_ptr; 1646 1647 if (ntype != NL80211_IFTYPE_MESH_POINT) 1648 return -EINVAL; 1649 if (netif_running(dev)) 1650 return -EBUSY; 1651 1652 wdev_lock(wdev); 1653 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != 1654 IEEE80211_MAX_MESH_ID_LEN); 1655 wdev->mesh_id_up_len = 1656 nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1657 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), 1658 wdev->mesh_id_up_len); 1659 wdev_unlock(wdev); 1660 } 1661 1662 if (info->attrs[NL80211_ATTR_4ADDR]) { 1663 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1664 change = true; 1665 err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype); 1666 if (err) 1667 return err; 1668 } else { 1669 params.use_4addr = -1; 1670 } 1671 1672 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) { 1673 if (ntype != NL80211_IFTYPE_MONITOR) 1674 return -EINVAL; 1675 err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS], 1676 &_flags); 1677 if (err) 1678 return err; 1679 1680 flags = &_flags; 1681 change = true; 1682 } 1683 1684 if (change) 1685 err = cfg80211_change_iface(rdev, dev, ntype, flags, ¶ms); 1686 else 1687 err = 0; 1688 1689 if (!err && params.use_4addr != -1) 1690 dev->ieee80211_ptr->use_4addr = params.use_4addr; 1691 1692 return err; 1693 } 1694 1695 static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) 1696 { 1697 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1698 struct vif_params params; 1699 struct net_device *dev; 1700 int err; 1701 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED; 1702 u32 flags; 1703 1704 memset(¶ms, 0, sizeof(params)); 1705 1706 if (!info->attrs[NL80211_ATTR_IFNAME]) 1707 return -EINVAL; 1708 1709 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1710 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1711 if (type > NL80211_IFTYPE_MAX) 1712 return -EINVAL; 1713 } 1714 1715 if (!rdev->ops->add_virtual_intf || 1716 !(rdev->wiphy.interface_modes & (1 << type))) 1717 return -EOPNOTSUPP; 1718 1719 if (info->attrs[NL80211_ATTR_4ADDR]) { 1720 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1721 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type); 1722 if (err) 1723 return err; 1724 } 1725 1726 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ? 1727 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL, 1728 &flags); 1729 dev = rdev->ops->add_virtual_intf(&rdev->wiphy, 1730 nla_data(info->attrs[NL80211_ATTR_IFNAME]), 1731 type, err ? NULL : &flags, ¶ms); 1732 if (IS_ERR(dev)) 1733 return PTR_ERR(dev); 1734 1735 if (type == NL80211_IFTYPE_MESH_POINT && 1736 info->attrs[NL80211_ATTR_MESH_ID]) { 1737 struct wireless_dev *wdev = dev->ieee80211_ptr; 1738 1739 wdev_lock(wdev); 1740 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != 1741 IEEE80211_MAX_MESH_ID_LEN); 1742 wdev->mesh_id_up_len = 1743 nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1744 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), 1745 wdev->mesh_id_up_len); 1746 wdev_unlock(wdev); 1747 } 1748 1749 return 0; 1750 } 1751 1752 static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info) 1753 { 1754 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1755 struct net_device *dev = info->user_ptr[1]; 1756 1757 if (!rdev->ops->del_virtual_intf) 1758 return -EOPNOTSUPP; 1759 1760 return rdev->ops->del_virtual_intf(&rdev->wiphy, dev); 1761 } 1762 1763 static int nl80211_set_noack_map(struct sk_buff *skb, struct genl_info *info) 1764 { 1765 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1766 struct net_device *dev = info->user_ptr[1]; 1767 u16 noack_map; 1768 1769 if (!info->attrs[NL80211_ATTR_NOACK_MAP]) 1770 return -EINVAL; 1771 1772 if (!rdev->ops->set_noack_map) 1773 return -EOPNOTSUPP; 1774 1775 noack_map = nla_get_u16(info->attrs[NL80211_ATTR_NOACK_MAP]); 1776 1777 return rdev->ops->set_noack_map(&rdev->wiphy, dev, noack_map); 1778 } 1779 1780 struct get_key_cookie { 1781 struct sk_buff *msg; 1782 int error; 1783 int idx; 1784 }; 1785 1786 static void get_key_callback(void *c, struct key_params *params) 1787 { 1788 struct nlattr *key; 1789 struct get_key_cookie *cookie = c; 1790 1791 if (params->key) 1792 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_DATA, 1793 params->key_len, params->key); 1794 1795 if (params->seq) 1796 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_SEQ, 1797 params->seq_len, params->seq); 1798 1799 if (params->cipher) 1800 NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER, 1801 params->cipher); 1802 1803 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY); 1804 if (!key) 1805 goto nla_put_failure; 1806 1807 if (params->key) 1808 NLA_PUT(cookie->msg, NL80211_KEY_DATA, 1809 params->key_len, params->key); 1810 1811 if (params->seq) 1812 NLA_PUT(cookie->msg, NL80211_KEY_SEQ, 1813 params->seq_len, params->seq); 1814 1815 if (params->cipher) 1816 NLA_PUT_U32(cookie->msg, NL80211_KEY_CIPHER, 1817 params->cipher); 1818 1819 NLA_PUT_U8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx); 1820 1821 nla_nest_end(cookie->msg, key); 1822 1823 return; 1824 nla_put_failure: 1825 cookie->error = 1; 1826 } 1827 1828 static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info) 1829 { 1830 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1831 int err; 1832 struct net_device *dev = info->user_ptr[1]; 1833 u8 key_idx = 0; 1834 const u8 *mac_addr = NULL; 1835 bool pairwise; 1836 struct get_key_cookie cookie = { 1837 .error = 0, 1838 }; 1839 void *hdr; 1840 struct sk_buff *msg; 1841 1842 if (info->attrs[NL80211_ATTR_KEY_IDX]) 1843 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 1844 1845 if (key_idx > 5) 1846 return -EINVAL; 1847 1848 if (info->attrs[NL80211_ATTR_MAC]) 1849 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1850 1851 pairwise = !!mac_addr; 1852 if (info->attrs[NL80211_ATTR_KEY_TYPE]) { 1853 u32 kt = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); 1854 if (kt >= NUM_NL80211_KEYTYPES) 1855 return -EINVAL; 1856 if (kt != NL80211_KEYTYPE_GROUP && 1857 kt != NL80211_KEYTYPE_PAIRWISE) 1858 return -EINVAL; 1859 pairwise = kt == NL80211_KEYTYPE_PAIRWISE; 1860 } 1861 1862 if (!rdev->ops->get_key) 1863 return -EOPNOTSUPP; 1864 1865 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1866 if (!msg) 1867 return -ENOMEM; 1868 1869 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 1870 NL80211_CMD_NEW_KEY); 1871 if (IS_ERR(hdr)) 1872 return PTR_ERR(hdr); 1873 1874 cookie.msg = msg; 1875 cookie.idx = key_idx; 1876 1877 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1878 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx); 1879 if (mac_addr) 1880 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 1881 1882 if (pairwise && mac_addr && 1883 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) 1884 return -ENOENT; 1885 1886 err = rdev->ops->get_key(&rdev->wiphy, dev, key_idx, pairwise, 1887 mac_addr, &cookie, get_key_callback); 1888 1889 if (err) 1890 goto free_msg; 1891 1892 if (cookie.error) 1893 goto nla_put_failure; 1894 1895 genlmsg_end(msg, hdr); 1896 return genlmsg_reply(msg, info); 1897 1898 nla_put_failure: 1899 err = -ENOBUFS; 1900 free_msg: 1901 nlmsg_free(msg); 1902 return err; 1903 } 1904 1905 static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info) 1906 { 1907 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1908 struct key_parse key; 1909 int err; 1910 struct net_device *dev = info->user_ptr[1]; 1911 1912 err = nl80211_parse_key(info, &key); 1913 if (err) 1914 return err; 1915 1916 if (key.idx < 0) 1917 return -EINVAL; 1918 1919 /* only support setting default key */ 1920 if (!key.def && !key.defmgmt) 1921 return -EINVAL; 1922 1923 wdev_lock(dev->ieee80211_ptr); 1924 1925 if (key.def) { 1926 if (!rdev->ops->set_default_key) { 1927 err = -EOPNOTSUPP; 1928 goto out; 1929 } 1930 1931 err = nl80211_key_allowed(dev->ieee80211_ptr); 1932 if (err) 1933 goto out; 1934 1935 err = rdev->ops->set_default_key(&rdev->wiphy, dev, key.idx, 1936 key.def_uni, key.def_multi); 1937 1938 if (err) 1939 goto out; 1940 1941 #ifdef CONFIG_CFG80211_WEXT 1942 dev->ieee80211_ptr->wext.default_key = key.idx; 1943 #endif 1944 } else { 1945 if (key.def_uni || !key.def_multi) { 1946 err = -EINVAL; 1947 goto out; 1948 } 1949 1950 if (!rdev->ops->set_default_mgmt_key) { 1951 err = -EOPNOTSUPP; 1952 goto out; 1953 } 1954 1955 err = nl80211_key_allowed(dev->ieee80211_ptr); 1956 if (err) 1957 goto out; 1958 1959 err = rdev->ops->set_default_mgmt_key(&rdev->wiphy, 1960 dev, key.idx); 1961 if (err) 1962 goto out; 1963 1964 #ifdef CONFIG_CFG80211_WEXT 1965 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx; 1966 #endif 1967 } 1968 1969 out: 1970 wdev_unlock(dev->ieee80211_ptr); 1971 1972 return err; 1973 } 1974 1975 static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info) 1976 { 1977 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1978 int err; 1979 struct net_device *dev = info->user_ptr[1]; 1980 struct key_parse key; 1981 const u8 *mac_addr = NULL; 1982 1983 err = nl80211_parse_key(info, &key); 1984 if (err) 1985 return err; 1986 1987 if (!key.p.key) 1988 return -EINVAL; 1989 1990 if (info->attrs[NL80211_ATTR_MAC]) 1991 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1992 1993 if (key.type == -1) { 1994 if (mac_addr) 1995 key.type = NL80211_KEYTYPE_PAIRWISE; 1996 else 1997 key.type = NL80211_KEYTYPE_GROUP; 1998 } 1999 2000 /* for now */ 2001 if (key.type != NL80211_KEYTYPE_PAIRWISE && 2002 key.type != NL80211_KEYTYPE_GROUP) 2003 return -EINVAL; 2004 2005 if (!rdev->ops->add_key) 2006 return -EOPNOTSUPP; 2007 2008 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx, 2009 key.type == NL80211_KEYTYPE_PAIRWISE, 2010 mac_addr)) 2011 return -EINVAL; 2012 2013 wdev_lock(dev->ieee80211_ptr); 2014 err = nl80211_key_allowed(dev->ieee80211_ptr); 2015 if (!err) 2016 err = rdev->ops->add_key(&rdev->wiphy, dev, key.idx, 2017 key.type == NL80211_KEYTYPE_PAIRWISE, 2018 mac_addr, &key.p); 2019 wdev_unlock(dev->ieee80211_ptr); 2020 2021 return err; 2022 } 2023 2024 static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info) 2025 { 2026 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2027 int err; 2028 struct net_device *dev = info->user_ptr[1]; 2029 u8 *mac_addr = NULL; 2030 struct key_parse key; 2031 2032 err = nl80211_parse_key(info, &key); 2033 if (err) 2034 return err; 2035 2036 if (info->attrs[NL80211_ATTR_MAC]) 2037 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2038 2039 if (key.type == -1) { 2040 if (mac_addr) 2041 key.type = NL80211_KEYTYPE_PAIRWISE; 2042 else 2043 key.type = NL80211_KEYTYPE_GROUP; 2044 } 2045 2046 /* for now */ 2047 if (key.type != NL80211_KEYTYPE_PAIRWISE && 2048 key.type != NL80211_KEYTYPE_GROUP) 2049 return -EINVAL; 2050 2051 if (!rdev->ops->del_key) 2052 return -EOPNOTSUPP; 2053 2054 wdev_lock(dev->ieee80211_ptr); 2055 err = nl80211_key_allowed(dev->ieee80211_ptr); 2056 2057 if (key.type == NL80211_KEYTYPE_PAIRWISE && mac_addr && 2058 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) 2059 err = -ENOENT; 2060 2061 if (!err) 2062 err = rdev->ops->del_key(&rdev->wiphy, dev, key.idx, 2063 key.type == NL80211_KEYTYPE_PAIRWISE, 2064 mac_addr); 2065 2066 #ifdef CONFIG_CFG80211_WEXT 2067 if (!err) { 2068 if (key.idx == dev->ieee80211_ptr->wext.default_key) 2069 dev->ieee80211_ptr->wext.default_key = -1; 2070 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key) 2071 dev->ieee80211_ptr->wext.default_mgmt_key = -1; 2072 } 2073 #endif 2074 wdev_unlock(dev->ieee80211_ptr); 2075 2076 return err; 2077 } 2078 2079 static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info) 2080 { 2081 int (*call)(struct wiphy *wiphy, struct net_device *dev, 2082 struct beacon_parameters *info); 2083 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2084 struct net_device *dev = info->user_ptr[1]; 2085 struct wireless_dev *wdev = dev->ieee80211_ptr; 2086 struct beacon_parameters params; 2087 int haveinfo = 0, err; 2088 2089 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_BEACON_TAIL]) || 2090 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]) || 2091 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE_PROBE_RESP]) || 2092 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE_ASSOC_RESP])) 2093 return -EINVAL; 2094 2095 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2096 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2097 return -EOPNOTSUPP; 2098 2099 memset(¶ms, 0, sizeof(params)); 2100 2101 switch (info->genlhdr->cmd) { 2102 case NL80211_CMD_NEW_BEACON: 2103 /* these are required for NEW_BEACON */ 2104 if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] || 2105 !info->attrs[NL80211_ATTR_DTIM_PERIOD] || 2106 !info->attrs[NL80211_ATTR_BEACON_HEAD]) 2107 return -EINVAL; 2108 2109 params.interval = 2110 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 2111 params.dtim_period = 2112 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]); 2113 2114 err = cfg80211_validate_beacon_int(rdev, params.interval); 2115 if (err) 2116 return err; 2117 2118 /* 2119 * In theory, some of these attributes could be required for 2120 * NEW_BEACON, but since they were not used when the command was 2121 * originally added, keep them optional for old user space 2122 * programs to work with drivers that do not need the additional 2123 * information. 2124 */ 2125 if (info->attrs[NL80211_ATTR_SSID]) { 2126 params.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 2127 params.ssid_len = 2128 nla_len(info->attrs[NL80211_ATTR_SSID]); 2129 if (params.ssid_len == 0 || 2130 params.ssid_len > IEEE80211_MAX_SSID_LEN) 2131 return -EINVAL; 2132 } 2133 2134 if (info->attrs[NL80211_ATTR_HIDDEN_SSID]) { 2135 params.hidden_ssid = nla_get_u32( 2136 info->attrs[NL80211_ATTR_HIDDEN_SSID]); 2137 if (params.hidden_ssid != 2138 NL80211_HIDDEN_SSID_NOT_IN_USE && 2139 params.hidden_ssid != 2140 NL80211_HIDDEN_SSID_ZERO_LEN && 2141 params.hidden_ssid != 2142 NL80211_HIDDEN_SSID_ZERO_CONTENTS) 2143 return -EINVAL; 2144 } 2145 2146 params.privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; 2147 2148 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { 2149 params.auth_type = nla_get_u32( 2150 info->attrs[NL80211_ATTR_AUTH_TYPE]); 2151 if (!nl80211_valid_auth_type(params.auth_type)) 2152 return -EINVAL; 2153 } else 2154 params.auth_type = NL80211_AUTHTYPE_AUTOMATIC; 2155 2156 err = nl80211_crypto_settings(rdev, info, ¶ms.crypto, 2157 NL80211_MAX_NR_CIPHER_SUITES); 2158 if (err) 2159 return err; 2160 2161 call = rdev->ops->add_beacon; 2162 break; 2163 case NL80211_CMD_SET_BEACON: 2164 call = rdev->ops->set_beacon; 2165 break; 2166 default: 2167 WARN_ON(1); 2168 return -EOPNOTSUPP; 2169 } 2170 2171 if (!call) 2172 return -EOPNOTSUPP; 2173 2174 if (info->attrs[NL80211_ATTR_BEACON_HEAD]) { 2175 params.head = nla_data(info->attrs[NL80211_ATTR_BEACON_HEAD]); 2176 params.head_len = 2177 nla_len(info->attrs[NL80211_ATTR_BEACON_HEAD]); 2178 haveinfo = 1; 2179 } 2180 2181 if (info->attrs[NL80211_ATTR_BEACON_TAIL]) { 2182 params.tail = nla_data(info->attrs[NL80211_ATTR_BEACON_TAIL]); 2183 params.tail_len = 2184 nla_len(info->attrs[NL80211_ATTR_BEACON_TAIL]); 2185 haveinfo = 1; 2186 } 2187 2188 if (!haveinfo) 2189 return -EINVAL; 2190 2191 if (info->attrs[NL80211_ATTR_IE]) { 2192 params.beacon_ies = nla_data(info->attrs[NL80211_ATTR_IE]); 2193 params.beacon_ies_len = nla_len(info->attrs[NL80211_ATTR_IE]); 2194 } 2195 2196 if (info->attrs[NL80211_ATTR_IE_PROBE_RESP]) { 2197 params.proberesp_ies = 2198 nla_data(info->attrs[NL80211_ATTR_IE_PROBE_RESP]); 2199 params.proberesp_ies_len = 2200 nla_len(info->attrs[NL80211_ATTR_IE_PROBE_RESP]); 2201 } 2202 2203 if (info->attrs[NL80211_ATTR_IE_ASSOC_RESP]) { 2204 params.assocresp_ies = 2205 nla_data(info->attrs[NL80211_ATTR_IE_ASSOC_RESP]); 2206 params.assocresp_ies_len = 2207 nla_len(info->attrs[NL80211_ATTR_IE_ASSOC_RESP]); 2208 } 2209 2210 if (info->attrs[NL80211_ATTR_PROBE_RESP]) { 2211 params.probe_resp = 2212 nla_data(info->attrs[NL80211_ATTR_PROBE_RESP]); 2213 params.probe_resp_len = 2214 nla_len(info->attrs[NL80211_ATTR_PROBE_RESP]); 2215 } 2216 2217 err = call(&rdev->wiphy, dev, ¶ms); 2218 if (!err && params.interval) 2219 wdev->beacon_interval = params.interval; 2220 return err; 2221 } 2222 2223 static int nl80211_del_beacon(struct sk_buff *skb, struct genl_info *info) 2224 { 2225 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2226 struct net_device *dev = info->user_ptr[1]; 2227 struct wireless_dev *wdev = dev->ieee80211_ptr; 2228 int err; 2229 2230 if (!rdev->ops->del_beacon) 2231 return -EOPNOTSUPP; 2232 2233 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2234 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2235 return -EOPNOTSUPP; 2236 2237 err = rdev->ops->del_beacon(&rdev->wiphy, dev); 2238 if (!err) 2239 wdev->beacon_interval = 0; 2240 return err; 2241 } 2242 2243 static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = { 2244 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG }, 2245 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG }, 2246 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG }, 2247 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG }, 2248 [NL80211_STA_FLAG_AUTHENTICATED] = { .type = NLA_FLAG }, 2249 [NL80211_STA_FLAG_TDLS_PEER] = { .type = NLA_FLAG }, 2250 }; 2251 2252 static int parse_station_flags(struct genl_info *info, 2253 struct station_parameters *params) 2254 { 2255 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1]; 2256 struct nlattr *nla; 2257 int flag; 2258 2259 /* 2260 * Try parsing the new attribute first so userspace 2261 * can specify both for older kernels. 2262 */ 2263 nla = info->attrs[NL80211_ATTR_STA_FLAGS2]; 2264 if (nla) { 2265 struct nl80211_sta_flag_update *sta_flags; 2266 2267 sta_flags = nla_data(nla); 2268 params->sta_flags_mask = sta_flags->mask; 2269 params->sta_flags_set = sta_flags->set; 2270 if ((params->sta_flags_mask | 2271 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID)) 2272 return -EINVAL; 2273 return 0; 2274 } 2275 2276 /* if present, parse the old attribute */ 2277 2278 nla = info->attrs[NL80211_ATTR_STA_FLAGS]; 2279 if (!nla) 2280 return 0; 2281 2282 if (nla_parse_nested(flags, NL80211_STA_FLAG_MAX, 2283 nla, sta_flags_policy)) 2284 return -EINVAL; 2285 2286 params->sta_flags_mask = (1 << __NL80211_STA_FLAG_AFTER_LAST) - 1; 2287 params->sta_flags_mask &= ~1; 2288 2289 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++) 2290 if (flags[flag]) 2291 params->sta_flags_set |= (1<<flag); 2292 2293 return 0; 2294 } 2295 2296 static bool nl80211_put_sta_rate(struct sk_buff *msg, struct rate_info *info, 2297 int attr) 2298 { 2299 struct nlattr *rate; 2300 u16 bitrate; 2301 2302 rate = nla_nest_start(msg, attr); 2303 if (!rate) 2304 goto nla_put_failure; 2305 2306 /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */ 2307 bitrate = cfg80211_calculate_bitrate(info); 2308 if (bitrate > 0) 2309 NLA_PUT_U16(msg, NL80211_RATE_INFO_BITRATE, bitrate); 2310 2311 if (info->flags & RATE_INFO_FLAGS_MCS) 2312 NLA_PUT_U8(msg, NL80211_RATE_INFO_MCS, info->mcs); 2313 if (info->flags & RATE_INFO_FLAGS_40_MHZ_WIDTH) 2314 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_40_MHZ_WIDTH); 2315 if (info->flags & RATE_INFO_FLAGS_SHORT_GI) 2316 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_SHORT_GI); 2317 2318 nla_nest_end(msg, rate); 2319 return true; 2320 2321 nla_put_failure: 2322 return false; 2323 } 2324 2325 static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq, 2326 int flags, struct net_device *dev, 2327 const u8 *mac_addr, struct station_info *sinfo) 2328 { 2329 void *hdr; 2330 struct nlattr *sinfoattr, *bss_param; 2331 2332 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 2333 if (!hdr) 2334 return -1; 2335 2336 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2337 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 2338 2339 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, sinfo->generation); 2340 2341 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO); 2342 if (!sinfoattr) 2343 goto nla_put_failure; 2344 if (sinfo->filled & STATION_INFO_CONNECTED_TIME) 2345 NLA_PUT_U32(msg, NL80211_STA_INFO_CONNECTED_TIME, 2346 sinfo->connected_time); 2347 if (sinfo->filled & STATION_INFO_INACTIVE_TIME) 2348 NLA_PUT_U32(msg, NL80211_STA_INFO_INACTIVE_TIME, 2349 sinfo->inactive_time); 2350 if (sinfo->filled & STATION_INFO_RX_BYTES) 2351 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_BYTES, 2352 sinfo->rx_bytes); 2353 if (sinfo->filled & STATION_INFO_TX_BYTES) 2354 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_BYTES, 2355 sinfo->tx_bytes); 2356 if (sinfo->filled & STATION_INFO_LLID) 2357 NLA_PUT_U16(msg, NL80211_STA_INFO_LLID, 2358 sinfo->llid); 2359 if (sinfo->filled & STATION_INFO_PLID) 2360 NLA_PUT_U16(msg, NL80211_STA_INFO_PLID, 2361 sinfo->plid); 2362 if (sinfo->filled & STATION_INFO_PLINK_STATE) 2363 NLA_PUT_U8(msg, NL80211_STA_INFO_PLINK_STATE, 2364 sinfo->plink_state); 2365 if (sinfo->filled & STATION_INFO_SIGNAL) 2366 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL, 2367 sinfo->signal); 2368 if (sinfo->filled & STATION_INFO_SIGNAL_AVG) 2369 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL_AVG, 2370 sinfo->signal_avg); 2371 if (sinfo->filled & STATION_INFO_TX_BITRATE) { 2372 if (!nl80211_put_sta_rate(msg, &sinfo->txrate, 2373 NL80211_STA_INFO_TX_BITRATE)) 2374 goto nla_put_failure; 2375 } 2376 if (sinfo->filled & STATION_INFO_RX_BITRATE) { 2377 if (!nl80211_put_sta_rate(msg, &sinfo->rxrate, 2378 NL80211_STA_INFO_RX_BITRATE)) 2379 goto nla_put_failure; 2380 } 2381 if (sinfo->filled & STATION_INFO_RX_PACKETS) 2382 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_PACKETS, 2383 sinfo->rx_packets); 2384 if (sinfo->filled & STATION_INFO_TX_PACKETS) 2385 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_PACKETS, 2386 sinfo->tx_packets); 2387 if (sinfo->filled & STATION_INFO_TX_RETRIES) 2388 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_RETRIES, 2389 sinfo->tx_retries); 2390 if (sinfo->filled & STATION_INFO_TX_FAILED) 2391 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_FAILED, 2392 sinfo->tx_failed); 2393 if (sinfo->filled & STATION_INFO_BSS_PARAM) { 2394 bss_param = nla_nest_start(msg, NL80211_STA_INFO_BSS_PARAM); 2395 if (!bss_param) 2396 goto nla_put_failure; 2397 2398 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_CTS_PROT) 2399 NLA_PUT_FLAG(msg, NL80211_STA_BSS_PARAM_CTS_PROT); 2400 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_PREAMBLE) 2401 NLA_PUT_FLAG(msg, NL80211_STA_BSS_PARAM_SHORT_PREAMBLE); 2402 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_SLOT_TIME) 2403 NLA_PUT_FLAG(msg, 2404 NL80211_STA_BSS_PARAM_SHORT_SLOT_TIME); 2405 NLA_PUT_U8(msg, NL80211_STA_BSS_PARAM_DTIM_PERIOD, 2406 sinfo->bss_param.dtim_period); 2407 NLA_PUT_U16(msg, NL80211_STA_BSS_PARAM_BEACON_INTERVAL, 2408 sinfo->bss_param.beacon_interval); 2409 2410 nla_nest_end(msg, bss_param); 2411 } 2412 if (sinfo->filled & STATION_INFO_STA_FLAGS) 2413 NLA_PUT(msg, NL80211_STA_INFO_STA_FLAGS, 2414 sizeof(struct nl80211_sta_flag_update), 2415 &sinfo->sta_flags); 2416 nla_nest_end(msg, sinfoattr); 2417 2418 if (sinfo->filled & STATION_INFO_ASSOC_REQ_IES) 2419 NLA_PUT(msg, NL80211_ATTR_IE, sinfo->assoc_req_ies_len, 2420 sinfo->assoc_req_ies); 2421 2422 return genlmsg_end(msg, hdr); 2423 2424 nla_put_failure: 2425 genlmsg_cancel(msg, hdr); 2426 return -EMSGSIZE; 2427 } 2428 2429 static int nl80211_dump_station(struct sk_buff *skb, 2430 struct netlink_callback *cb) 2431 { 2432 struct station_info sinfo; 2433 struct cfg80211_registered_device *dev; 2434 struct net_device *netdev; 2435 u8 mac_addr[ETH_ALEN]; 2436 int sta_idx = cb->args[1]; 2437 int err; 2438 2439 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 2440 if (err) 2441 return err; 2442 2443 if (!dev->ops->dump_station) { 2444 err = -EOPNOTSUPP; 2445 goto out_err; 2446 } 2447 2448 while (1) { 2449 memset(&sinfo, 0, sizeof(sinfo)); 2450 err = dev->ops->dump_station(&dev->wiphy, netdev, sta_idx, 2451 mac_addr, &sinfo); 2452 if (err == -ENOENT) 2453 break; 2454 if (err) 2455 goto out_err; 2456 2457 if (nl80211_send_station(skb, 2458 NETLINK_CB(cb->skb).pid, 2459 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2460 netdev, mac_addr, 2461 &sinfo) < 0) 2462 goto out; 2463 2464 sta_idx++; 2465 } 2466 2467 2468 out: 2469 cb->args[1] = sta_idx; 2470 err = skb->len; 2471 out_err: 2472 nl80211_finish_netdev_dump(dev); 2473 2474 return err; 2475 } 2476 2477 static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info) 2478 { 2479 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2480 struct net_device *dev = info->user_ptr[1]; 2481 struct station_info sinfo; 2482 struct sk_buff *msg; 2483 u8 *mac_addr = NULL; 2484 int err; 2485 2486 memset(&sinfo, 0, sizeof(sinfo)); 2487 2488 if (!info->attrs[NL80211_ATTR_MAC]) 2489 return -EINVAL; 2490 2491 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2492 2493 if (!rdev->ops->get_station) 2494 return -EOPNOTSUPP; 2495 2496 err = rdev->ops->get_station(&rdev->wiphy, dev, mac_addr, &sinfo); 2497 if (err) 2498 return err; 2499 2500 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2501 if (!msg) 2502 return -ENOMEM; 2503 2504 if (nl80211_send_station(msg, info->snd_pid, info->snd_seq, 0, 2505 dev, mac_addr, &sinfo) < 0) { 2506 nlmsg_free(msg); 2507 return -ENOBUFS; 2508 } 2509 2510 return genlmsg_reply(msg, info); 2511 } 2512 2513 /* 2514 * Get vlan interface making sure it is running and on the right wiphy. 2515 */ 2516 static struct net_device *get_vlan(struct genl_info *info, 2517 struct cfg80211_registered_device *rdev) 2518 { 2519 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN]; 2520 struct net_device *v; 2521 int ret; 2522 2523 if (!vlanattr) 2524 return NULL; 2525 2526 v = dev_get_by_index(genl_info_net(info), nla_get_u32(vlanattr)); 2527 if (!v) 2528 return ERR_PTR(-ENODEV); 2529 2530 if (!v->ieee80211_ptr || v->ieee80211_ptr->wiphy != &rdev->wiphy) { 2531 ret = -EINVAL; 2532 goto error; 2533 } 2534 2535 if (!netif_running(v)) { 2536 ret = -ENETDOWN; 2537 goto error; 2538 } 2539 2540 return v; 2541 error: 2542 dev_put(v); 2543 return ERR_PTR(ret); 2544 } 2545 2546 static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info) 2547 { 2548 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2549 int err; 2550 struct net_device *dev = info->user_ptr[1]; 2551 struct station_parameters params; 2552 u8 *mac_addr = NULL; 2553 2554 memset(¶ms, 0, sizeof(params)); 2555 2556 params.listen_interval = -1; 2557 params.plink_state = -1; 2558 2559 if (info->attrs[NL80211_ATTR_STA_AID]) 2560 return -EINVAL; 2561 2562 if (!info->attrs[NL80211_ATTR_MAC]) 2563 return -EINVAL; 2564 2565 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2566 2567 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) { 2568 params.supported_rates = 2569 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2570 params.supported_rates_len = 2571 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2572 } 2573 2574 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2575 params.listen_interval = 2576 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2577 2578 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2579 params.ht_capa = 2580 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2581 2582 if (!rdev->ops->change_station) 2583 return -EOPNOTSUPP; 2584 2585 if (parse_station_flags(info, ¶ms)) 2586 return -EINVAL; 2587 2588 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) 2589 params.plink_action = 2590 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]); 2591 2592 if (info->attrs[NL80211_ATTR_STA_PLINK_STATE]) 2593 params.plink_state = 2594 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_STATE]); 2595 2596 switch (dev->ieee80211_ptr->iftype) { 2597 case NL80211_IFTYPE_AP: 2598 case NL80211_IFTYPE_AP_VLAN: 2599 case NL80211_IFTYPE_P2P_GO: 2600 /* disallow mesh-specific things */ 2601 if (params.plink_action) 2602 return -EINVAL; 2603 2604 /* TDLS can't be set, ... */ 2605 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) 2606 return -EINVAL; 2607 /* 2608 * ... but don't bother the driver with it. This works around 2609 * a hostapd/wpa_supplicant issue -- it always includes the 2610 * TLDS_PEER flag in the mask even for AP mode. 2611 */ 2612 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER); 2613 2614 /* accept only the listed bits */ 2615 if (params.sta_flags_mask & 2616 ~(BIT(NL80211_STA_FLAG_AUTHORIZED) | 2617 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) | 2618 BIT(NL80211_STA_FLAG_WME) | 2619 BIT(NL80211_STA_FLAG_MFP))) 2620 return -EINVAL; 2621 2622 /* must be last in here for error handling */ 2623 params.vlan = get_vlan(info, rdev); 2624 if (IS_ERR(params.vlan)) 2625 return PTR_ERR(params.vlan); 2626 break; 2627 case NL80211_IFTYPE_P2P_CLIENT: 2628 case NL80211_IFTYPE_STATION: 2629 /* disallow things sta doesn't support */ 2630 if (params.plink_action) 2631 return -EINVAL; 2632 if (params.ht_capa) 2633 return -EINVAL; 2634 if (params.listen_interval >= 0) 2635 return -EINVAL; 2636 /* 2637 * Don't allow userspace to change the TDLS_PEER flag, 2638 * but silently ignore attempts to change it since we 2639 * don't have state here to verify that it doesn't try 2640 * to change the flag. 2641 */ 2642 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER); 2643 2644 /* reject any changes other than AUTHORIZED */ 2645 if (params.sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED)) 2646 return -EINVAL; 2647 break; 2648 case NL80211_IFTYPE_MESH_POINT: 2649 /* disallow things mesh doesn't support */ 2650 if (params.vlan) 2651 return -EINVAL; 2652 if (params.ht_capa) 2653 return -EINVAL; 2654 if (params.listen_interval >= 0) 2655 return -EINVAL; 2656 /* 2657 * No special handling for TDLS here -- the userspace 2658 * mesh code doesn't have this bug. 2659 */ 2660 if (params.sta_flags_mask & 2661 ~(BIT(NL80211_STA_FLAG_AUTHENTICATED) | 2662 BIT(NL80211_STA_FLAG_MFP) | 2663 BIT(NL80211_STA_FLAG_AUTHORIZED))) 2664 return -EINVAL; 2665 break; 2666 default: 2667 return -EOPNOTSUPP; 2668 } 2669 2670 /* be aware of params.vlan when changing code here */ 2671 2672 err = rdev->ops->change_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2673 2674 if (params.vlan) 2675 dev_put(params.vlan); 2676 2677 return err; 2678 } 2679 2680 static struct nla_policy 2681 nl80211_sta_wme_policy[NL80211_STA_WME_MAX + 1] __read_mostly = { 2682 [NL80211_STA_WME_UAPSD_QUEUES] = { .type = NLA_U8 }, 2683 [NL80211_STA_WME_MAX_SP] = { .type = NLA_U8 }, 2684 }; 2685 2686 static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info) 2687 { 2688 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2689 int err; 2690 struct net_device *dev = info->user_ptr[1]; 2691 struct station_parameters params; 2692 u8 *mac_addr = NULL; 2693 2694 memset(¶ms, 0, sizeof(params)); 2695 2696 if (!info->attrs[NL80211_ATTR_MAC]) 2697 return -EINVAL; 2698 2699 if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2700 return -EINVAL; 2701 2702 if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) 2703 return -EINVAL; 2704 2705 if (!info->attrs[NL80211_ATTR_STA_AID]) 2706 return -EINVAL; 2707 2708 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2709 params.supported_rates = 2710 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2711 params.supported_rates_len = 2712 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2713 params.listen_interval = 2714 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2715 2716 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]); 2717 if (!params.aid || params.aid > IEEE80211_MAX_AID) 2718 return -EINVAL; 2719 2720 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2721 params.ht_capa = 2722 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2723 2724 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) 2725 params.plink_action = 2726 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]); 2727 2728 if (!rdev->ops->add_station) 2729 return -EOPNOTSUPP; 2730 2731 if (parse_station_flags(info, ¶ms)) 2732 return -EINVAL; 2733 2734 switch (dev->ieee80211_ptr->iftype) { 2735 case NL80211_IFTYPE_AP: 2736 case NL80211_IFTYPE_AP_VLAN: 2737 case NL80211_IFTYPE_P2P_GO: 2738 /* parse WME attributes if sta is WME capable */ 2739 if ((rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) && 2740 (params.sta_flags_set & BIT(NL80211_STA_FLAG_WME)) && 2741 info->attrs[NL80211_ATTR_STA_WME]) { 2742 struct nlattr *tb[NL80211_STA_WME_MAX + 1]; 2743 struct nlattr *nla; 2744 2745 nla = info->attrs[NL80211_ATTR_STA_WME]; 2746 err = nla_parse_nested(tb, NL80211_STA_WME_MAX, nla, 2747 nl80211_sta_wme_policy); 2748 if (err) 2749 return err; 2750 2751 if (tb[NL80211_STA_WME_UAPSD_QUEUES]) 2752 params.uapsd_queues = 2753 nla_get_u8(tb[NL80211_STA_WME_UAPSD_QUEUES]); 2754 if (params.uapsd_queues & 2755 ~IEEE80211_WMM_IE_STA_QOSINFO_AC_MASK) 2756 return -EINVAL; 2757 2758 if (tb[NL80211_STA_WME_MAX_SP]) 2759 params.max_sp = 2760 nla_get_u8(tb[NL80211_STA_WME_MAX_SP]); 2761 2762 if (params.max_sp & 2763 ~IEEE80211_WMM_IE_STA_QOSINFO_SP_MASK) 2764 return -EINVAL; 2765 2766 params.sta_modify_mask |= STATION_PARAM_APPLY_UAPSD; 2767 } 2768 /* TDLS peers cannot be added */ 2769 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) 2770 return -EINVAL; 2771 /* but don't bother the driver with it */ 2772 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER); 2773 2774 /* must be last in here for error handling */ 2775 params.vlan = get_vlan(info, rdev); 2776 if (IS_ERR(params.vlan)) 2777 return PTR_ERR(params.vlan); 2778 break; 2779 case NL80211_IFTYPE_MESH_POINT: 2780 /* TDLS peers cannot be added */ 2781 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) 2782 return -EINVAL; 2783 break; 2784 case NL80211_IFTYPE_STATION: 2785 /* Only TDLS peers can be added */ 2786 if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))) 2787 return -EINVAL; 2788 /* Can only add if TDLS ... */ 2789 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS)) 2790 return -EOPNOTSUPP; 2791 /* ... with external setup is supported */ 2792 if (!(rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP)) 2793 return -EOPNOTSUPP; 2794 break; 2795 default: 2796 return -EOPNOTSUPP; 2797 } 2798 2799 /* be aware of params.vlan when changing code here */ 2800 2801 err = rdev->ops->add_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2802 2803 if (params.vlan) 2804 dev_put(params.vlan); 2805 return err; 2806 } 2807 2808 static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info) 2809 { 2810 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2811 struct net_device *dev = info->user_ptr[1]; 2812 u8 *mac_addr = NULL; 2813 2814 if (info->attrs[NL80211_ATTR_MAC]) 2815 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2816 2817 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2818 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 2819 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 2820 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2821 return -EINVAL; 2822 2823 if (!rdev->ops->del_station) 2824 return -EOPNOTSUPP; 2825 2826 return rdev->ops->del_station(&rdev->wiphy, dev, mac_addr); 2827 } 2828 2829 static int nl80211_send_mpath(struct sk_buff *msg, u32 pid, u32 seq, 2830 int flags, struct net_device *dev, 2831 u8 *dst, u8 *next_hop, 2832 struct mpath_info *pinfo) 2833 { 2834 void *hdr; 2835 struct nlattr *pinfoattr; 2836 2837 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 2838 if (!hdr) 2839 return -1; 2840 2841 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2842 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst); 2843 NLA_PUT(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop); 2844 2845 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, pinfo->generation); 2846 2847 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO); 2848 if (!pinfoattr) 2849 goto nla_put_failure; 2850 if (pinfo->filled & MPATH_INFO_FRAME_QLEN) 2851 NLA_PUT_U32(msg, NL80211_MPATH_INFO_FRAME_QLEN, 2852 pinfo->frame_qlen); 2853 if (pinfo->filled & MPATH_INFO_SN) 2854 NLA_PUT_U32(msg, NL80211_MPATH_INFO_SN, 2855 pinfo->sn); 2856 if (pinfo->filled & MPATH_INFO_METRIC) 2857 NLA_PUT_U32(msg, NL80211_MPATH_INFO_METRIC, 2858 pinfo->metric); 2859 if (pinfo->filled & MPATH_INFO_EXPTIME) 2860 NLA_PUT_U32(msg, NL80211_MPATH_INFO_EXPTIME, 2861 pinfo->exptime); 2862 if (pinfo->filled & MPATH_INFO_FLAGS) 2863 NLA_PUT_U8(msg, NL80211_MPATH_INFO_FLAGS, 2864 pinfo->flags); 2865 if (pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT) 2866 NLA_PUT_U32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT, 2867 pinfo->discovery_timeout); 2868 if (pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES) 2869 NLA_PUT_U8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES, 2870 pinfo->discovery_retries); 2871 2872 nla_nest_end(msg, pinfoattr); 2873 2874 return genlmsg_end(msg, hdr); 2875 2876 nla_put_failure: 2877 genlmsg_cancel(msg, hdr); 2878 return -EMSGSIZE; 2879 } 2880 2881 static int nl80211_dump_mpath(struct sk_buff *skb, 2882 struct netlink_callback *cb) 2883 { 2884 struct mpath_info pinfo; 2885 struct cfg80211_registered_device *dev; 2886 struct net_device *netdev; 2887 u8 dst[ETH_ALEN]; 2888 u8 next_hop[ETH_ALEN]; 2889 int path_idx = cb->args[1]; 2890 int err; 2891 2892 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 2893 if (err) 2894 return err; 2895 2896 if (!dev->ops->dump_mpath) { 2897 err = -EOPNOTSUPP; 2898 goto out_err; 2899 } 2900 2901 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) { 2902 err = -EOPNOTSUPP; 2903 goto out_err; 2904 } 2905 2906 while (1) { 2907 err = dev->ops->dump_mpath(&dev->wiphy, netdev, path_idx, 2908 dst, next_hop, &pinfo); 2909 if (err == -ENOENT) 2910 break; 2911 if (err) 2912 goto out_err; 2913 2914 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).pid, 2915 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2916 netdev, dst, next_hop, 2917 &pinfo) < 0) 2918 goto out; 2919 2920 path_idx++; 2921 } 2922 2923 2924 out: 2925 cb->args[1] = path_idx; 2926 err = skb->len; 2927 out_err: 2928 nl80211_finish_netdev_dump(dev); 2929 return err; 2930 } 2931 2932 static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info) 2933 { 2934 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2935 int err; 2936 struct net_device *dev = info->user_ptr[1]; 2937 struct mpath_info pinfo; 2938 struct sk_buff *msg; 2939 u8 *dst = NULL; 2940 u8 next_hop[ETH_ALEN]; 2941 2942 memset(&pinfo, 0, sizeof(pinfo)); 2943 2944 if (!info->attrs[NL80211_ATTR_MAC]) 2945 return -EINVAL; 2946 2947 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2948 2949 if (!rdev->ops->get_mpath) 2950 return -EOPNOTSUPP; 2951 2952 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2953 return -EOPNOTSUPP; 2954 2955 err = rdev->ops->get_mpath(&rdev->wiphy, dev, dst, next_hop, &pinfo); 2956 if (err) 2957 return err; 2958 2959 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2960 if (!msg) 2961 return -ENOMEM; 2962 2963 if (nl80211_send_mpath(msg, info->snd_pid, info->snd_seq, 0, 2964 dev, dst, next_hop, &pinfo) < 0) { 2965 nlmsg_free(msg); 2966 return -ENOBUFS; 2967 } 2968 2969 return genlmsg_reply(msg, info); 2970 } 2971 2972 static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info) 2973 { 2974 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2975 struct net_device *dev = info->user_ptr[1]; 2976 u8 *dst = NULL; 2977 u8 *next_hop = NULL; 2978 2979 if (!info->attrs[NL80211_ATTR_MAC]) 2980 return -EINVAL; 2981 2982 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 2983 return -EINVAL; 2984 2985 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2986 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 2987 2988 if (!rdev->ops->change_mpath) 2989 return -EOPNOTSUPP; 2990 2991 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2992 return -EOPNOTSUPP; 2993 2994 return rdev->ops->change_mpath(&rdev->wiphy, dev, dst, next_hop); 2995 } 2996 2997 static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info) 2998 { 2999 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3000 struct net_device *dev = info->user_ptr[1]; 3001 u8 *dst = NULL; 3002 u8 *next_hop = NULL; 3003 3004 if (!info->attrs[NL80211_ATTR_MAC]) 3005 return -EINVAL; 3006 3007 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 3008 return -EINVAL; 3009 3010 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 3011 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 3012 3013 if (!rdev->ops->add_mpath) 3014 return -EOPNOTSUPP; 3015 3016 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 3017 return -EOPNOTSUPP; 3018 3019 return rdev->ops->add_mpath(&rdev->wiphy, dev, dst, next_hop); 3020 } 3021 3022 static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info) 3023 { 3024 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3025 struct net_device *dev = info->user_ptr[1]; 3026 u8 *dst = NULL; 3027 3028 if (info->attrs[NL80211_ATTR_MAC]) 3029 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 3030 3031 if (!rdev->ops->del_mpath) 3032 return -EOPNOTSUPP; 3033 3034 return rdev->ops->del_mpath(&rdev->wiphy, dev, dst); 3035 } 3036 3037 static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info) 3038 { 3039 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3040 struct net_device *dev = info->user_ptr[1]; 3041 struct bss_parameters params; 3042 3043 memset(¶ms, 0, sizeof(params)); 3044 /* default to not changing parameters */ 3045 params.use_cts_prot = -1; 3046 params.use_short_preamble = -1; 3047 params.use_short_slot_time = -1; 3048 params.ap_isolate = -1; 3049 params.ht_opmode = -1; 3050 3051 if (info->attrs[NL80211_ATTR_BSS_CTS_PROT]) 3052 params.use_cts_prot = 3053 nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]); 3054 if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]) 3055 params.use_short_preamble = 3056 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]); 3057 if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]) 3058 params.use_short_slot_time = 3059 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]); 3060 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 3061 params.basic_rates = 3062 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 3063 params.basic_rates_len = 3064 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 3065 } 3066 if (info->attrs[NL80211_ATTR_AP_ISOLATE]) 3067 params.ap_isolate = !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]); 3068 if (info->attrs[NL80211_ATTR_BSS_HT_OPMODE]) 3069 params.ht_opmode = 3070 nla_get_u16(info->attrs[NL80211_ATTR_BSS_HT_OPMODE]); 3071 3072 if (!rdev->ops->change_bss) 3073 return -EOPNOTSUPP; 3074 3075 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 3076 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 3077 return -EOPNOTSUPP; 3078 3079 return rdev->ops->change_bss(&rdev->wiphy, dev, ¶ms); 3080 } 3081 3082 static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = { 3083 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 }, 3084 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 }, 3085 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 }, 3086 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 }, 3087 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 }, 3088 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 }, 3089 }; 3090 3091 static int parse_reg_rule(struct nlattr *tb[], 3092 struct ieee80211_reg_rule *reg_rule) 3093 { 3094 struct ieee80211_freq_range *freq_range = ®_rule->freq_range; 3095 struct ieee80211_power_rule *power_rule = ®_rule->power_rule; 3096 3097 if (!tb[NL80211_ATTR_REG_RULE_FLAGS]) 3098 return -EINVAL; 3099 if (!tb[NL80211_ATTR_FREQ_RANGE_START]) 3100 return -EINVAL; 3101 if (!tb[NL80211_ATTR_FREQ_RANGE_END]) 3102 return -EINVAL; 3103 if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) 3104 return -EINVAL; 3105 if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]) 3106 return -EINVAL; 3107 3108 reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]); 3109 3110 freq_range->start_freq_khz = 3111 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]); 3112 freq_range->end_freq_khz = 3113 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]); 3114 freq_range->max_bandwidth_khz = 3115 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]); 3116 3117 power_rule->max_eirp = 3118 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]); 3119 3120 if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]) 3121 power_rule->max_antenna_gain = 3122 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]); 3123 3124 return 0; 3125 } 3126 3127 static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info) 3128 { 3129 int r; 3130 char *data = NULL; 3131 3132 /* 3133 * You should only get this when cfg80211 hasn't yet initialized 3134 * completely when built-in to the kernel right between the time 3135 * window between nl80211_init() and regulatory_init(), if that is 3136 * even possible. 3137 */ 3138 mutex_lock(&cfg80211_mutex); 3139 if (unlikely(!cfg80211_regdomain)) { 3140 mutex_unlock(&cfg80211_mutex); 3141 return -EINPROGRESS; 3142 } 3143 mutex_unlock(&cfg80211_mutex); 3144 3145 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 3146 return -EINVAL; 3147 3148 data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 3149 3150 r = regulatory_hint_user(data); 3151 3152 return r; 3153 } 3154 3155 static int nl80211_get_mesh_config(struct sk_buff *skb, 3156 struct genl_info *info) 3157 { 3158 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3159 struct net_device *dev = info->user_ptr[1]; 3160 struct wireless_dev *wdev = dev->ieee80211_ptr; 3161 struct mesh_config cur_params; 3162 int err = 0; 3163 void *hdr; 3164 struct nlattr *pinfoattr; 3165 struct sk_buff *msg; 3166 3167 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) 3168 return -EOPNOTSUPP; 3169 3170 if (!rdev->ops->get_mesh_config) 3171 return -EOPNOTSUPP; 3172 3173 wdev_lock(wdev); 3174 /* If not connected, get default parameters */ 3175 if (!wdev->mesh_id_len) 3176 memcpy(&cur_params, &default_mesh_config, sizeof(cur_params)); 3177 else 3178 err = rdev->ops->get_mesh_config(&rdev->wiphy, dev, 3179 &cur_params); 3180 wdev_unlock(wdev); 3181 3182 if (err) 3183 return err; 3184 3185 /* Draw up a netlink message to send back */ 3186 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 3187 if (!msg) 3188 return -ENOMEM; 3189 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 3190 NL80211_CMD_GET_MESH_CONFIG); 3191 if (!hdr) 3192 goto out; 3193 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG); 3194 if (!pinfoattr) 3195 goto nla_put_failure; 3196 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 3197 NLA_PUT_U16(msg, NL80211_MESHCONF_RETRY_TIMEOUT, 3198 cur_params.dot11MeshRetryTimeout); 3199 NLA_PUT_U16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT, 3200 cur_params.dot11MeshConfirmTimeout); 3201 NLA_PUT_U16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT, 3202 cur_params.dot11MeshHoldingTimeout); 3203 NLA_PUT_U16(msg, NL80211_MESHCONF_MAX_PEER_LINKS, 3204 cur_params.dot11MeshMaxPeerLinks); 3205 NLA_PUT_U8(msg, NL80211_MESHCONF_MAX_RETRIES, 3206 cur_params.dot11MeshMaxRetries); 3207 NLA_PUT_U8(msg, NL80211_MESHCONF_TTL, 3208 cur_params.dot11MeshTTL); 3209 NLA_PUT_U8(msg, NL80211_MESHCONF_ELEMENT_TTL, 3210 cur_params.element_ttl); 3211 NLA_PUT_U8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 3212 cur_params.auto_open_plinks); 3213 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 3214 cur_params.dot11MeshHWMPmaxPREQretries); 3215 NLA_PUT_U32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME, 3216 cur_params.path_refresh_time); 3217 NLA_PUT_U16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 3218 cur_params.min_discovery_timeout); 3219 NLA_PUT_U32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 3220 cur_params.dot11MeshHWMPactivePathTimeout); 3221 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 3222 cur_params.dot11MeshHWMPpreqMinInterval); 3223 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL, 3224 cur_params.dot11MeshHWMPperrMinInterval); 3225 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 3226 cur_params.dot11MeshHWMPnetDiameterTraversalTime); 3227 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_ROOTMODE, 3228 cur_params.dot11MeshHWMPRootMode); 3229 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_RANN_INTERVAL, 3230 cur_params.dot11MeshHWMPRannInterval); 3231 NLA_PUT_U8(msg, NL80211_MESHCONF_GATE_ANNOUNCEMENTS, 3232 cur_params.dot11MeshGateAnnouncementProtocol); 3233 nla_nest_end(msg, pinfoattr); 3234 genlmsg_end(msg, hdr); 3235 return genlmsg_reply(msg, info); 3236 3237 nla_put_failure: 3238 genlmsg_cancel(msg, hdr); 3239 out: 3240 nlmsg_free(msg); 3241 return -ENOBUFS; 3242 } 3243 3244 static const struct nla_policy nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = { 3245 [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 }, 3246 [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 }, 3247 [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 }, 3248 [NL80211_MESHCONF_MAX_PEER_LINKS] = { .type = NLA_U16 }, 3249 [NL80211_MESHCONF_MAX_RETRIES] = { .type = NLA_U8 }, 3250 [NL80211_MESHCONF_TTL] = { .type = NLA_U8 }, 3251 [NL80211_MESHCONF_ELEMENT_TTL] = { .type = NLA_U8 }, 3252 [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = { .type = NLA_U8 }, 3253 3254 [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 }, 3255 [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 }, 3256 [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = { .type = NLA_U16 }, 3257 [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 }, 3258 [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] = { .type = NLA_U16 }, 3259 [NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL] = { .type = NLA_U16 }, 3260 [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] = { .type = NLA_U16 }, 3261 [NL80211_MESHCONF_HWMP_ROOTMODE] = { .type = NLA_U8 }, 3262 [NL80211_MESHCONF_HWMP_RANN_INTERVAL] = { .type = NLA_U16 }, 3263 [NL80211_MESHCONF_GATE_ANNOUNCEMENTS] = { .type = NLA_U8 }, 3264 }; 3265 3266 static const struct nla_policy 3267 nl80211_mesh_setup_params_policy[NL80211_MESH_SETUP_ATTR_MAX+1] = { 3268 [NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 }, 3269 [NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 }, 3270 [NL80211_MESH_SETUP_USERSPACE_AUTH] = { .type = NLA_FLAG }, 3271 [NL80211_MESH_SETUP_IE] = { .type = NLA_BINARY, 3272 .len = IEEE80211_MAX_DATA_LEN }, 3273 [NL80211_MESH_SETUP_USERSPACE_AMPE] = { .type = NLA_FLAG }, 3274 }; 3275 3276 static int nl80211_parse_mesh_config(struct genl_info *info, 3277 struct mesh_config *cfg, 3278 u32 *mask_out) 3279 { 3280 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1]; 3281 u32 mask = 0; 3282 3283 #define FILL_IN_MESH_PARAM_IF_SET(table, cfg, param, mask, attr_num, nla_fn) \ 3284 do {\ 3285 if (table[attr_num]) {\ 3286 cfg->param = nla_fn(table[attr_num]); \ 3287 mask |= (1 << (attr_num - 1)); \ 3288 } \ 3289 } while (0);\ 3290 3291 3292 if (!info->attrs[NL80211_ATTR_MESH_CONFIG]) 3293 return -EINVAL; 3294 if (nla_parse_nested(tb, NL80211_MESHCONF_ATTR_MAX, 3295 info->attrs[NL80211_ATTR_MESH_CONFIG], 3296 nl80211_meshconf_params_policy)) 3297 return -EINVAL; 3298 3299 /* This makes sure that there aren't more than 32 mesh config 3300 * parameters (otherwise our bitfield scheme would not work.) */ 3301 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32); 3302 3303 /* Fill in the params struct */ 3304 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, 3305 mask, NL80211_MESHCONF_RETRY_TIMEOUT, nla_get_u16); 3306 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, 3307 mask, NL80211_MESHCONF_CONFIRM_TIMEOUT, nla_get_u16); 3308 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, 3309 mask, NL80211_MESHCONF_HOLDING_TIMEOUT, nla_get_u16); 3310 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, 3311 mask, NL80211_MESHCONF_MAX_PEER_LINKS, nla_get_u16); 3312 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, 3313 mask, NL80211_MESHCONF_MAX_RETRIES, nla_get_u8); 3314 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, 3315 mask, NL80211_MESHCONF_TTL, nla_get_u8); 3316 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl, 3317 mask, NL80211_MESHCONF_ELEMENT_TTL, nla_get_u8); 3318 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, 3319 mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS, nla_get_u8); 3320 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, 3321 mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 3322 nla_get_u8); 3323 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, 3324 mask, NL80211_MESHCONF_PATH_REFRESH_TIME, nla_get_u32); 3325 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, 3326 mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 3327 nla_get_u16); 3328 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout, 3329 mask, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 3330 nla_get_u32); 3331 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval, 3332 mask, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 3333 nla_get_u16); 3334 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPperrMinInterval, 3335 mask, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL, 3336 nla_get_u16); 3337 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3338 dot11MeshHWMPnetDiameterTraversalTime, 3339 mask, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 3340 nla_get_u16); 3341 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3342 dot11MeshHWMPRootMode, mask, 3343 NL80211_MESHCONF_HWMP_ROOTMODE, 3344 nla_get_u8); 3345 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3346 dot11MeshHWMPRannInterval, mask, 3347 NL80211_MESHCONF_HWMP_RANN_INTERVAL, 3348 nla_get_u16); 3349 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3350 dot11MeshGateAnnouncementProtocol, mask, 3351 NL80211_MESHCONF_GATE_ANNOUNCEMENTS, 3352 nla_get_u8); 3353 if (mask_out) 3354 *mask_out = mask; 3355 3356 return 0; 3357 3358 #undef FILL_IN_MESH_PARAM_IF_SET 3359 } 3360 3361 static int nl80211_parse_mesh_setup(struct genl_info *info, 3362 struct mesh_setup *setup) 3363 { 3364 struct nlattr *tb[NL80211_MESH_SETUP_ATTR_MAX + 1]; 3365 3366 if (!info->attrs[NL80211_ATTR_MESH_SETUP]) 3367 return -EINVAL; 3368 if (nla_parse_nested(tb, NL80211_MESH_SETUP_ATTR_MAX, 3369 info->attrs[NL80211_ATTR_MESH_SETUP], 3370 nl80211_mesh_setup_params_policy)) 3371 return -EINVAL; 3372 3373 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL]) 3374 setup->path_sel_proto = 3375 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])) ? 3376 IEEE80211_PATH_PROTOCOL_VENDOR : 3377 IEEE80211_PATH_PROTOCOL_HWMP; 3378 3379 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC]) 3380 setup->path_metric = 3381 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])) ? 3382 IEEE80211_PATH_METRIC_VENDOR : 3383 IEEE80211_PATH_METRIC_AIRTIME; 3384 3385 3386 if (tb[NL80211_MESH_SETUP_IE]) { 3387 struct nlattr *ieattr = 3388 tb[NL80211_MESH_SETUP_IE]; 3389 if (!is_valid_ie_attr(ieattr)) 3390 return -EINVAL; 3391 setup->ie = nla_data(ieattr); 3392 setup->ie_len = nla_len(ieattr); 3393 } 3394 setup->is_authenticated = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AUTH]); 3395 setup->is_secure = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AMPE]); 3396 3397 return 0; 3398 } 3399 3400 static int nl80211_update_mesh_config(struct sk_buff *skb, 3401 struct genl_info *info) 3402 { 3403 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3404 struct net_device *dev = info->user_ptr[1]; 3405 struct wireless_dev *wdev = dev->ieee80211_ptr; 3406 struct mesh_config cfg; 3407 u32 mask; 3408 int err; 3409 3410 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) 3411 return -EOPNOTSUPP; 3412 3413 if (!rdev->ops->update_mesh_config) 3414 return -EOPNOTSUPP; 3415 3416 err = nl80211_parse_mesh_config(info, &cfg, &mask); 3417 if (err) 3418 return err; 3419 3420 wdev_lock(wdev); 3421 if (!wdev->mesh_id_len) 3422 err = -ENOLINK; 3423 3424 if (!err) 3425 err = rdev->ops->update_mesh_config(&rdev->wiphy, dev, 3426 mask, &cfg); 3427 3428 wdev_unlock(wdev); 3429 3430 return err; 3431 } 3432 3433 static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info) 3434 { 3435 struct sk_buff *msg; 3436 void *hdr = NULL; 3437 struct nlattr *nl_reg_rules; 3438 unsigned int i; 3439 int err = -EINVAL; 3440 3441 mutex_lock(&cfg80211_mutex); 3442 3443 if (!cfg80211_regdomain) 3444 goto out; 3445 3446 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 3447 if (!msg) { 3448 err = -ENOBUFS; 3449 goto out; 3450 } 3451 3452 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 3453 NL80211_CMD_GET_REG); 3454 if (!hdr) 3455 goto put_failure; 3456 3457 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, 3458 cfg80211_regdomain->alpha2); 3459 if (cfg80211_regdomain->dfs_region) 3460 NLA_PUT_U8(msg, NL80211_ATTR_DFS_REGION, 3461 cfg80211_regdomain->dfs_region); 3462 3463 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES); 3464 if (!nl_reg_rules) 3465 goto nla_put_failure; 3466 3467 for (i = 0; i < cfg80211_regdomain->n_reg_rules; i++) { 3468 struct nlattr *nl_reg_rule; 3469 const struct ieee80211_reg_rule *reg_rule; 3470 const struct ieee80211_freq_range *freq_range; 3471 const struct ieee80211_power_rule *power_rule; 3472 3473 reg_rule = &cfg80211_regdomain->reg_rules[i]; 3474 freq_range = ®_rule->freq_range; 3475 power_rule = ®_rule->power_rule; 3476 3477 nl_reg_rule = nla_nest_start(msg, i); 3478 if (!nl_reg_rule) 3479 goto nla_put_failure; 3480 3481 NLA_PUT_U32(msg, NL80211_ATTR_REG_RULE_FLAGS, 3482 reg_rule->flags); 3483 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_START, 3484 freq_range->start_freq_khz); 3485 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_END, 3486 freq_range->end_freq_khz); 3487 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW, 3488 freq_range->max_bandwidth_khz); 3489 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN, 3490 power_rule->max_antenna_gain); 3491 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP, 3492 power_rule->max_eirp); 3493 3494 nla_nest_end(msg, nl_reg_rule); 3495 } 3496 3497 nla_nest_end(msg, nl_reg_rules); 3498 3499 genlmsg_end(msg, hdr); 3500 err = genlmsg_reply(msg, info); 3501 goto out; 3502 3503 nla_put_failure: 3504 genlmsg_cancel(msg, hdr); 3505 put_failure: 3506 nlmsg_free(msg); 3507 err = -EMSGSIZE; 3508 out: 3509 mutex_unlock(&cfg80211_mutex); 3510 return err; 3511 } 3512 3513 static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info) 3514 { 3515 struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1]; 3516 struct nlattr *nl_reg_rule; 3517 char *alpha2 = NULL; 3518 int rem_reg_rules = 0, r = 0; 3519 u32 num_rules = 0, rule_idx = 0, size_of_regd; 3520 u8 dfs_region = 0; 3521 struct ieee80211_regdomain *rd = NULL; 3522 3523 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 3524 return -EINVAL; 3525 3526 if (!info->attrs[NL80211_ATTR_REG_RULES]) 3527 return -EINVAL; 3528 3529 alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 3530 3531 if (info->attrs[NL80211_ATTR_DFS_REGION]) 3532 dfs_region = nla_get_u8(info->attrs[NL80211_ATTR_DFS_REGION]); 3533 3534 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 3535 rem_reg_rules) { 3536 num_rules++; 3537 if (num_rules > NL80211_MAX_SUPP_REG_RULES) 3538 return -EINVAL; 3539 } 3540 3541 mutex_lock(&cfg80211_mutex); 3542 3543 if (!reg_is_valid_request(alpha2)) { 3544 r = -EINVAL; 3545 goto bad_reg; 3546 } 3547 3548 size_of_regd = sizeof(struct ieee80211_regdomain) + 3549 (num_rules * sizeof(struct ieee80211_reg_rule)); 3550 3551 rd = kzalloc(size_of_regd, GFP_KERNEL); 3552 if (!rd) { 3553 r = -ENOMEM; 3554 goto bad_reg; 3555 } 3556 3557 rd->n_reg_rules = num_rules; 3558 rd->alpha2[0] = alpha2[0]; 3559 rd->alpha2[1] = alpha2[1]; 3560 3561 /* 3562 * Disable DFS master mode if the DFS region was 3563 * not supported or known on this kernel. 3564 */ 3565 if (reg_supported_dfs_region(dfs_region)) 3566 rd->dfs_region = dfs_region; 3567 3568 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 3569 rem_reg_rules) { 3570 nla_parse(tb, NL80211_REG_RULE_ATTR_MAX, 3571 nla_data(nl_reg_rule), nla_len(nl_reg_rule), 3572 reg_rule_policy); 3573 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]); 3574 if (r) 3575 goto bad_reg; 3576 3577 rule_idx++; 3578 3579 if (rule_idx > NL80211_MAX_SUPP_REG_RULES) { 3580 r = -EINVAL; 3581 goto bad_reg; 3582 } 3583 } 3584 3585 BUG_ON(rule_idx != num_rules); 3586 3587 r = set_regdom(rd); 3588 3589 mutex_unlock(&cfg80211_mutex); 3590 3591 return r; 3592 3593 bad_reg: 3594 mutex_unlock(&cfg80211_mutex); 3595 kfree(rd); 3596 return r; 3597 } 3598 3599 static int validate_scan_freqs(struct nlattr *freqs) 3600 { 3601 struct nlattr *attr1, *attr2; 3602 int n_channels = 0, tmp1, tmp2; 3603 3604 nla_for_each_nested(attr1, freqs, tmp1) { 3605 n_channels++; 3606 /* 3607 * Some hardware has a limited channel list for 3608 * scanning, and it is pretty much nonsensical 3609 * to scan for a channel twice, so disallow that 3610 * and don't require drivers to check that the 3611 * channel list they get isn't longer than what 3612 * they can scan, as long as they can scan all 3613 * the channels they registered at once. 3614 */ 3615 nla_for_each_nested(attr2, freqs, tmp2) 3616 if (attr1 != attr2 && 3617 nla_get_u32(attr1) == nla_get_u32(attr2)) 3618 return 0; 3619 } 3620 3621 return n_channels; 3622 } 3623 3624 static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info) 3625 { 3626 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3627 struct net_device *dev = info->user_ptr[1]; 3628 struct cfg80211_scan_request *request; 3629 struct nlattr *attr; 3630 struct wiphy *wiphy; 3631 int err, tmp, n_ssids = 0, n_channels, i; 3632 size_t ie_len; 3633 3634 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3635 return -EINVAL; 3636 3637 wiphy = &rdev->wiphy; 3638 3639 if (!rdev->ops->scan) 3640 return -EOPNOTSUPP; 3641 3642 if (rdev->scan_req) 3643 return -EBUSY; 3644 3645 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3646 n_channels = validate_scan_freqs( 3647 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]); 3648 if (!n_channels) 3649 return -EINVAL; 3650 } else { 3651 enum ieee80211_band band; 3652 n_channels = 0; 3653 3654 for (band = 0; band < IEEE80211_NUM_BANDS; band++) 3655 if (wiphy->bands[band]) 3656 n_channels += wiphy->bands[band]->n_channels; 3657 } 3658 3659 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) 3660 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) 3661 n_ssids++; 3662 3663 if (n_ssids > wiphy->max_scan_ssids) 3664 return -EINVAL; 3665 3666 if (info->attrs[NL80211_ATTR_IE]) 3667 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3668 else 3669 ie_len = 0; 3670 3671 if (ie_len > wiphy->max_scan_ie_len) 3672 return -EINVAL; 3673 3674 request = kzalloc(sizeof(*request) 3675 + sizeof(*request->ssids) * n_ssids 3676 + sizeof(*request->channels) * n_channels 3677 + ie_len, GFP_KERNEL); 3678 if (!request) 3679 return -ENOMEM; 3680 3681 if (n_ssids) 3682 request->ssids = (void *)&request->channels[n_channels]; 3683 request->n_ssids = n_ssids; 3684 if (ie_len) { 3685 if (request->ssids) 3686 request->ie = (void *)(request->ssids + n_ssids); 3687 else 3688 request->ie = (void *)(request->channels + n_channels); 3689 } 3690 3691 i = 0; 3692 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3693 /* user specified, bail out if channel not found */ 3694 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) { 3695 struct ieee80211_channel *chan; 3696 3697 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr)); 3698 3699 if (!chan) { 3700 err = -EINVAL; 3701 goto out_free; 3702 } 3703 3704 /* ignore disabled channels */ 3705 if (chan->flags & IEEE80211_CHAN_DISABLED) 3706 continue; 3707 3708 request->channels[i] = chan; 3709 i++; 3710 } 3711 } else { 3712 enum ieee80211_band band; 3713 3714 /* all channels */ 3715 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 3716 int j; 3717 if (!wiphy->bands[band]) 3718 continue; 3719 for (j = 0; j < wiphy->bands[band]->n_channels; j++) { 3720 struct ieee80211_channel *chan; 3721 3722 chan = &wiphy->bands[band]->channels[j]; 3723 3724 if (chan->flags & IEEE80211_CHAN_DISABLED) 3725 continue; 3726 3727 request->channels[i] = chan; 3728 i++; 3729 } 3730 } 3731 } 3732 3733 if (!i) { 3734 err = -EINVAL; 3735 goto out_free; 3736 } 3737 3738 request->n_channels = i; 3739 3740 i = 0; 3741 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) { 3742 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) { 3743 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) { 3744 err = -EINVAL; 3745 goto out_free; 3746 } 3747 request->ssids[i].ssid_len = nla_len(attr); 3748 memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr)); 3749 i++; 3750 } 3751 } 3752 3753 if (info->attrs[NL80211_ATTR_IE]) { 3754 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3755 memcpy((void *)request->ie, 3756 nla_data(info->attrs[NL80211_ATTR_IE]), 3757 request->ie_len); 3758 } 3759 3760 for (i = 0; i < IEEE80211_NUM_BANDS; i++) 3761 if (wiphy->bands[i]) 3762 request->rates[i] = 3763 (1 << wiphy->bands[i]->n_bitrates) - 1; 3764 3765 if (info->attrs[NL80211_ATTR_SCAN_SUPP_RATES]) { 3766 nla_for_each_nested(attr, 3767 info->attrs[NL80211_ATTR_SCAN_SUPP_RATES], 3768 tmp) { 3769 enum ieee80211_band band = nla_type(attr); 3770 3771 if (band < 0 || band >= IEEE80211_NUM_BANDS) { 3772 err = -EINVAL; 3773 goto out_free; 3774 } 3775 err = ieee80211_get_ratemask(wiphy->bands[band], 3776 nla_data(attr), 3777 nla_len(attr), 3778 &request->rates[band]); 3779 if (err) 3780 goto out_free; 3781 } 3782 } 3783 3784 request->no_cck = 3785 nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]); 3786 3787 request->dev = dev; 3788 request->wiphy = &rdev->wiphy; 3789 3790 rdev->scan_req = request; 3791 err = rdev->ops->scan(&rdev->wiphy, dev, request); 3792 3793 if (!err) { 3794 nl80211_send_scan_start(rdev, dev); 3795 dev_hold(dev); 3796 } else { 3797 out_free: 3798 rdev->scan_req = NULL; 3799 kfree(request); 3800 } 3801 3802 return err; 3803 } 3804 3805 static int nl80211_start_sched_scan(struct sk_buff *skb, 3806 struct genl_info *info) 3807 { 3808 struct cfg80211_sched_scan_request *request; 3809 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3810 struct net_device *dev = info->user_ptr[1]; 3811 struct nlattr *attr; 3812 struct wiphy *wiphy; 3813 int err, tmp, n_ssids = 0, n_match_sets = 0, n_channels, i; 3814 u32 interval; 3815 enum ieee80211_band band; 3816 size_t ie_len; 3817 struct nlattr *tb[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1]; 3818 3819 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) || 3820 !rdev->ops->sched_scan_start) 3821 return -EOPNOTSUPP; 3822 3823 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3824 return -EINVAL; 3825 3826 if (!info->attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]) 3827 return -EINVAL; 3828 3829 interval = nla_get_u32(info->attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]); 3830 if (interval == 0) 3831 return -EINVAL; 3832 3833 wiphy = &rdev->wiphy; 3834 3835 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3836 n_channels = validate_scan_freqs( 3837 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]); 3838 if (!n_channels) 3839 return -EINVAL; 3840 } else { 3841 n_channels = 0; 3842 3843 for (band = 0; band < IEEE80211_NUM_BANDS; band++) 3844 if (wiphy->bands[band]) 3845 n_channels += wiphy->bands[band]->n_channels; 3846 } 3847 3848 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) 3849 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], 3850 tmp) 3851 n_ssids++; 3852 3853 if (n_ssids > wiphy->max_sched_scan_ssids) 3854 return -EINVAL; 3855 3856 if (info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) 3857 nla_for_each_nested(attr, 3858 info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH], 3859 tmp) 3860 n_match_sets++; 3861 3862 if (n_match_sets > wiphy->max_match_sets) 3863 return -EINVAL; 3864 3865 if (info->attrs[NL80211_ATTR_IE]) 3866 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3867 else 3868 ie_len = 0; 3869 3870 if (ie_len > wiphy->max_sched_scan_ie_len) 3871 return -EINVAL; 3872 3873 mutex_lock(&rdev->sched_scan_mtx); 3874 3875 if (rdev->sched_scan_req) { 3876 err = -EINPROGRESS; 3877 goto out; 3878 } 3879 3880 request = kzalloc(sizeof(*request) 3881 + sizeof(*request->ssids) * n_ssids 3882 + sizeof(*request->match_sets) * n_match_sets 3883 + sizeof(*request->channels) * n_channels 3884 + ie_len, GFP_KERNEL); 3885 if (!request) { 3886 err = -ENOMEM; 3887 goto out; 3888 } 3889 3890 if (n_ssids) 3891 request->ssids = (void *)&request->channels[n_channels]; 3892 request->n_ssids = n_ssids; 3893 if (ie_len) { 3894 if (request->ssids) 3895 request->ie = (void *)(request->ssids + n_ssids); 3896 else 3897 request->ie = (void *)(request->channels + n_channels); 3898 } 3899 3900 if (n_match_sets) { 3901 if (request->ie) 3902 request->match_sets = (void *)(request->ie + ie_len); 3903 else if (request->ssids) 3904 request->match_sets = 3905 (void *)(request->ssids + n_ssids); 3906 else 3907 request->match_sets = 3908 (void *)(request->channels + n_channels); 3909 } 3910 request->n_match_sets = n_match_sets; 3911 3912 i = 0; 3913 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3914 /* user specified, bail out if channel not found */ 3915 nla_for_each_nested(attr, 3916 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], 3917 tmp) { 3918 struct ieee80211_channel *chan; 3919 3920 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr)); 3921 3922 if (!chan) { 3923 err = -EINVAL; 3924 goto out_free; 3925 } 3926 3927 /* ignore disabled channels */ 3928 if (chan->flags & IEEE80211_CHAN_DISABLED) 3929 continue; 3930 3931 request->channels[i] = chan; 3932 i++; 3933 } 3934 } else { 3935 /* all channels */ 3936 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 3937 int j; 3938 if (!wiphy->bands[band]) 3939 continue; 3940 for (j = 0; j < wiphy->bands[band]->n_channels; j++) { 3941 struct ieee80211_channel *chan; 3942 3943 chan = &wiphy->bands[band]->channels[j]; 3944 3945 if (chan->flags & IEEE80211_CHAN_DISABLED) 3946 continue; 3947 3948 request->channels[i] = chan; 3949 i++; 3950 } 3951 } 3952 } 3953 3954 if (!i) { 3955 err = -EINVAL; 3956 goto out_free; 3957 } 3958 3959 request->n_channels = i; 3960 3961 i = 0; 3962 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) { 3963 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], 3964 tmp) { 3965 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) { 3966 err = -EINVAL; 3967 goto out_free; 3968 } 3969 request->ssids[i].ssid_len = nla_len(attr); 3970 memcpy(request->ssids[i].ssid, nla_data(attr), 3971 nla_len(attr)); 3972 i++; 3973 } 3974 } 3975 3976 i = 0; 3977 if (info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) { 3978 nla_for_each_nested(attr, 3979 info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH], 3980 tmp) { 3981 struct nlattr *ssid; 3982 3983 nla_parse(tb, NL80211_SCHED_SCAN_MATCH_ATTR_MAX, 3984 nla_data(attr), nla_len(attr), 3985 nl80211_match_policy); 3986 ssid = tb[NL80211_ATTR_SCHED_SCAN_MATCH_SSID]; 3987 if (ssid) { 3988 if (nla_len(ssid) > IEEE80211_MAX_SSID_LEN) { 3989 err = -EINVAL; 3990 goto out_free; 3991 } 3992 memcpy(request->match_sets[i].ssid.ssid, 3993 nla_data(ssid), nla_len(ssid)); 3994 request->match_sets[i].ssid.ssid_len = 3995 nla_len(ssid); 3996 } 3997 i++; 3998 } 3999 } 4000 4001 if (info->attrs[NL80211_ATTR_IE]) { 4002 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4003 memcpy((void *)request->ie, 4004 nla_data(info->attrs[NL80211_ATTR_IE]), 4005 request->ie_len); 4006 } 4007 4008 request->dev = dev; 4009 request->wiphy = &rdev->wiphy; 4010 request->interval = interval; 4011 4012 err = rdev->ops->sched_scan_start(&rdev->wiphy, dev, request); 4013 if (!err) { 4014 rdev->sched_scan_req = request; 4015 nl80211_send_sched_scan(rdev, dev, 4016 NL80211_CMD_START_SCHED_SCAN); 4017 goto out; 4018 } 4019 4020 out_free: 4021 kfree(request); 4022 out: 4023 mutex_unlock(&rdev->sched_scan_mtx); 4024 return err; 4025 } 4026 4027 static int nl80211_stop_sched_scan(struct sk_buff *skb, 4028 struct genl_info *info) 4029 { 4030 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4031 int err; 4032 4033 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) || 4034 !rdev->ops->sched_scan_stop) 4035 return -EOPNOTSUPP; 4036 4037 mutex_lock(&rdev->sched_scan_mtx); 4038 err = __cfg80211_stop_sched_scan(rdev, false); 4039 mutex_unlock(&rdev->sched_scan_mtx); 4040 4041 return err; 4042 } 4043 4044 static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb, 4045 u32 seq, int flags, 4046 struct cfg80211_registered_device *rdev, 4047 struct wireless_dev *wdev, 4048 struct cfg80211_internal_bss *intbss) 4049 { 4050 struct cfg80211_bss *res = &intbss->pub; 4051 void *hdr; 4052 struct nlattr *bss; 4053 int i; 4054 4055 ASSERT_WDEV_LOCK(wdev); 4056 4057 hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).pid, seq, flags, 4058 NL80211_CMD_NEW_SCAN_RESULTS); 4059 if (!hdr) 4060 return -1; 4061 4062 genl_dump_check_consistent(cb, hdr, &nl80211_fam); 4063 4064 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation); 4065 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex); 4066 4067 bss = nla_nest_start(msg, NL80211_ATTR_BSS); 4068 if (!bss) 4069 goto nla_put_failure; 4070 if (!is_zero_ether_addr(res->bssid)) 4071 NLA_PUT(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid); 4072 if (res->information_elements && res->len_information_elements) 4073 NLA_PUT(msg, NL80211_BSS_INFORMATION_ELEMENTS, 4074 res->len_information_elements, 4075 res->information_elements); 4076 if (res->beacon_ies && res->len_beacon_ies && 4077 res->beacon_ies != res->information_elements) 4078 NLA_PUT(msg, NL80211_BSS_BEACON_IES, 4079 res->len_beacon_ies, res->beacon_ies); 4080 if (res->tsf) 4081 NLA_PUT_U64(msg, NL80211_BSS_TSF, res->tsf); 4082 if (res->beacon_interval) 4083 NLA_PUT_U16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval); 4084 NLA_PUT_U16(msg, NL80211_BSS_CAPABILITY, res->capability); 4085 NLA_PUT_U32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq); 4086 NLA_PUT_U32(msg, NL80211_BSS_SEEN_MS_AGO, 4087 jiffies_to_msecs(jiffies - intbss->ts)); 4088 4089 switch (rdev->wiphy.signal_type) { 4090 case CFG80211_SIGNAL_TYPE_MBM: 4091 NLA_PUT_U32(msg, NL80211_BSS_SIGNAL_MBM, res->signal); 4092 break; 4093 case CFG80211_SIGNAL_TYPE_UNSPEC: 4094 NLA_PUT_U8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal); 4095 break; 4096 default: 4097 break; 4098 } 4099 4100 switch (wdev->iftype) { 4101 case NL80211_IFTYPE_P2P_CLIENT: 4102 case NL80211_IFTYPE_STATION: 4103 if (intbss == wdev->current_bss) 4104 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 4105 NL80211_BSS_STATUS_ASSOCIATED); 4106 else for (i = 0; i < MAX_AUTH_BSSES; i++) { 4107 if (intbss != wdev->auth_bsses[i]) 4108 continue; 4109 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 4110 NL80211_BSS_STATUS_AUTHENTICATED); 4111 break; 4112 } 4113 break; 4114 case NL80211_IFTYPE_ADHOC: 4115 if (intbss == wdev->current_bss) 4116 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 4117 NL80211_BSS_STATUS_IBSS_JOINED); 4118 break; 4119 default: 4120 break; 4121 } 4122 4123 nla_nest_end(msg, bss); 4124 4125 return genlmsg_end(msg, hdr); 4126 4127 nla_put_failure: 4128 genlmsg_cancel(msg, hdr); 4129 return -EMSGSIZE; 4130 } 4131 4132 static int nl80211_dump_scan(struct sk_buff *skb, 4133 struct netlink_callback *cb) 4134 { 4135 struct cfg80211_registered_device *rdev; 4136 struct net_device *dev; 4137 struct cfg80211_internal_bss *scan; 4138 struct wireless_dev *wdev; 4139 int start = cb->args[1], idx = 0; 4140 int err; 4141 4142 err = nl80211_prepare_netdev_dump(skb, cb, &rdev, &dev); 4143 if (err) 4144 return err; 4145 4146 wdev = dev->ieee80211_ptr; 4147 4148 wdev_lock(wdev); 4149 spin_lock_bh(&rdev->bss_lock); 4150 cfg80211_bss_expire(rdev); 4151 4152 cb->seq = rdev->bss_generation; 4153 4154 list_for_each_entry(scan, &rdev->bss_list, list) { 4155 if (++idx <= start) 4156 continue; 4157 if (nl80211_send_bss(skb, cb, 4158 cb->nlh->nlmsg_seq, NLM_F_MULTI, 4159 rdev, wdev, scan) < 0) { 4160 idx--; 4161 break; 4162 } 4163 } 4164 4165 spin_unlock_bh(&rdev->bss_lock); 4166 wdev_unlock(wdev); 4167 4168 cb->args[1] = idx; 4169 nl80211_finish_netdev_dump(rdev); 4170 4171 return skb->len; 4172 } 4173 4174 static int nl80211_send_survey(struct sk_buff *msg, u32 pid, u32 seq, 4175 int flags, struct net_device *dev, 4176 struct survey_info *survey) 4177 { 4178 void *hdr; 4179 struct nlattr *infoattr; 4180 4181 hdr = nl80211hdr_put(msg, pid, seq, flags, 4182 NL80211_CMD_NEW_SURVEY_RESULTS); 4183 if (!hdr) 4184 return -ENOMEM; 4185 4186 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 4187 4188 infoattr = nla_nest_start(msg, NL80211_ATTR_SURVEY_INFO); 4189 if (!infoattr) 4190 goto nla_put_failure; 4191 4192 NLA_PUT_U32(msg, NL80211_SURVEY_INFO_FREQUENCY, 4193 survey->channel->center_freq); 4194 if (survey->filled & SURVEY_INFO_NOISE_DBM) 4195 NLA_PUT_U8(msg, NL80211_SURVEY_INFO_NOISE, 4196 survey->noise); 4197 if (survey->filled & SURVEY_INFO_IN_USE) 4198 NLA_PUT_FLAG(msg, NL80211_SURVEY_INFO_IN_USE); 4199 if (survey->filled & SURVEY_INFO_CHANNEL_TIME) 4200 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME, 4201 survey->channel_time); 4202 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_BUSY) 4203 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY, 4204 survey->channel_time_busy); 4205 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_EXT_BUSY) 4206 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_EXT_BUSY, 4207 survey->channel_time_ext_busy); 4208 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_RX) 4209 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_RX, 4210 survey->channel_time_rx); 4211 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_TX) 4212 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_TX, 4213 survey->channel_time_tx); 4214 4215 nla_nest_end(msg, infoattr); 4216 4217 return genlmsg_end(msg, hdr); 4218 4219 nla_put_failure: 4220 genlmsg_cancel(msg, hdr); 4221 return -EMSGSIZE; 4222 } 4223 4224 static int nl80211_dump_survey(struct sk_buff *skb, 4225 struct netlink_callback *cb) 4226 { 4227 struct survey_info survey; 4228 struct cfg80211_registered_device *dev; 4229 struct net_device *netdev; 4230 int survey_idx = cb->args[1]; 4231 int res; 4232 4233 res = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 4234 if (res) 4235 return res; 4236 4237 if (!dev->ops->dump_survey) { 4238 res = -EOPNOTSUPP; 4239 goto out_err; 4240 } 4241 4242 while (1) { 4243 struct ieee80211_channel *chan; 4244 4245 res = dev->ops->dump_survey(&dev->wiphy, netdev, survey_idx, 4246 &survey); 4247 if (res == -ENOENT) 4248 break; 4249 if (res) 4250 goto out_err; 4251 4252 /* Survey without a channel doesn't make sense */ 4253 if (!survey.channel) { 4254 res = -EINVAL; 4255 goto out; 4256 } 4257 4258 chan = ieee80211_get_channel(&dev->wiphy, 4259 survey.channel->center_freq); 4260 if (!chan || chan->flags & IEEE80211_CHAN_DISABLED) { 4261 survey_idx++; 4262 continue; 4263 } 4264 4265 if (nl80211_send_survey(skb, 4266 NETLINK_CB(cb->skb).pid, 4267 cb->nlh->nlmsg_seq, NLM_F_MULTI, 4268 netdev, 4269 &survey) < 0) 4270 goto out; 4271 survey_idx++; 4272 } 4273 4274 out: 4275 cb->args[1] = survey_idx; 4276 res = skb->len; 4277 out_err: 4278 nl80211_finish_netdev_dump(dev); 4279 return res; 4280 } 4281 4282 static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type) 4283 { 4284 return auth_type <= NL80211_AUTHTYPE_MAX; 4285 } 4286 4287 static bool nl80211_valid_wpa_versions(u32 wpa_versions) 4288 { 4289 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 | 4290 NL80211_WPA_VERSION_2)); 4291 } 4292 4293 static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info) 4294 { 4295 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4296 struct net_device *dev = info->user_ptr[1]; 4297 struct ieee80211_channel *chan; 4298 const u8 *bssid, *ssid, *ie = NULL; 4299 int err, ssid_len, ie_len = 0; 4300 enum nl80211_auth_type auth_type; 4301 struct key_parse key; 4302 bool local_state_change; 4303 4304 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4305 return -EINVAL; 4306 4307 if (!info->attrs[NL80211_ATTR_MAC]) 4308 return -EINVAL; 4309 4310 if (!info->attrs[NL80211_ATTR_AUTH_TYPE]) 4311 return -EINVAL; 4312 4313 if (!info->attrs[NL80211_ATTR_SSID]) 4314 return -EINVAL; 4315 4316 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 4317 return -EINVAL; 4318 4319 err = nl80211_parse_key(info, &key); 4320 if (err) 4321 return err; 4322 4323 if (key.idx >= 0) { 4324 if (key.type != -1 && key.type != NL80211_KEYTYPE_GROUP) 4325 return -EINVAL; 4326 if (!key.p.key || !key.p.key_len) 4327 return -EINVAL; 4328 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 || 4329 key.p.key_len != WLAN_KEY_LEN_WEP40) && 4330 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 || 4331 key.p.key_len != WLAN_KEY_LEN_WEP104)) 4332 return -EINVAL; 4333 if (key.idx > 4) 4334 return -EINVAL; 4335 } else { 4336 key.p.key_len = 0; 4337 key.p.key = NULL; 4338 } 4339 4340 if (key.idx >= 0) { 4341 int i; 4342 bool ok = false; 4343 for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) { 4344 if (key.p.cipher == rdev->wiphy.cipher_suites[i]) { 4345 ok = true; 4346 break; 4347 } 4348 } 4349 if (!ok) 4350 return -EINVAL; 4351 } 4352 4353 if (!rdev->ops->auth) 4354 return -EOPNOTSUPP; 4355 4356 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4357 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4358 return -EOPNOTSUPP; 4359 4360 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4361 chan = ieee80211_get_channel(&rdev->wiphy, 4362 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 4363 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) 4364 return -EINVAL; 4365 4366 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4367 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4368 4369 if (info->attrs[NL80211_ATTR_IE]) { 4370 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4371 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4372 } 4373 4374 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 4375 if (!nl80211_valid_auth_type(auth_type)) 4376 return -EINVAL; 4377 4378 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 4379 4380 return cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid, 4381 ssid, ssid_len, ie, ie_len, 4382 key.p.key, key.p.key_len, key.idx, 4383 local_state_change); 4384 } 4385 4386 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, 4387 struct genl_info *info, 4388 struct cfg80211_crypto_settings *settings, 4389 int cipher_limit) 4390 { 4391 memset(settings, 0, sizeof(*settings)); 4392 4393 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT]; 4394 4395 if (info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) { 4396 u16 proto; 4397 proto = nla_get_u16( 4398 info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]); 4399 settings->control_port_ethertype = cpu_to_be16(proto); 4400 if (!(rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) && 4401 proto != ETH_P_PAE) 4402 return -EINVAL; 4403 if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT]) 4404 settings->control_port_no_encrypt = true; 4405 } else 4406 settings->control_port_ethertype = cpu_to_be16(ETH_P_PAE); 4407 4408 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) { 4409 void *data; 4410 int len, i; 4411 4412 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 4413 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 4414 settings->n_ciphers_pairwise = len / sizeof(u32); 4415 4416 if (len % sizeof(u32)) 4417 return -EINVAL; 4418 4419 if (settings->n_ciphers_pairwise > cipher_limit) 4420 return -EINVAL; 4421 4422 memcpy(settings->ciphers_pairwise, data, len); 4423 4424 for (i = 0; i < settings->n_ciphers_pairwise; i++) 4425 if (!cfg80211_supported_cipher_suite( 4426 &rdev->wiphy, 4427 settings->ciphers_pairwise[i])) 4428 return -EINVAL; 4429 } 4430 4431 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) { 4432 settings->cipher_group = 4433 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]); 4434 if (!cfg80211_supported_cipher_suite(&rdev->wiphy, 4435 settings->cipher_group)) 4436 return -EINVAL; 4437 } 4438 4439 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) { 4440 settings->wpa_versions = 4441 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]); 4442 if (!nl80211_valid_wpa_versions(settings->wpa_versions)) 4443 return -EINVAL; 4444 } 4445 4446 if (info->attrs[NL80211_ATTR_AKM_SUITES]) { 4447 void *data; 4448 int len; 4449 4450 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]); 4451 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]); 4452 settings->n_akm_suites = len / sizeof(u32); 4453 4454 if (len % sizeof(u32)) 4455 return -EINVAL; 4456 4457 if (settings->n_akm_suites > NL80211_MAX_NR_AKM_SUITES) 4458 return -EINVAL; 4459 4460 memcpy(settings->akm_suites, data, len); 4461 } 4462 4463 return 0; 4464 } 4465 4466 static int nl80211_associate(struct sk_buff *skb, struct genl_info *info) 4467 { 4468 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4469 struct net_device *dev = info->user_ptr[1]; 4470 struct cfg80211_crypto_settings crypto; 4471 struct ieee80211_channel *chan; 4472 const u8 *bssid, *ssid, *ie = NULL, *prev_bssid = NULL; 4473 int err, ssid_len, ie_len = 0; 4474 bool use_mfp = false; 4475 u32 flags = 0; 4476 struct ieee80211_ht_cap *ht_capa = NULL; 4477 struct ieee80211_ht_cap *ht_capa_mask = NULL; 4478 4479 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4480 return -EINVAL; 4481 4482 if (!info->attrs[NL80211_ATTR_MAC] || 4483 !info->attrs[NL80211_ATTR_SSID] || 4484 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 4485 return -EINVAL; 4486 4487 if (!rdev->ops->assoc) 4488 return -EOPNOTSUPP; 4489 4490 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4491 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4492 return -EOPNOTSUPP; 4493 4494 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4495 4496 chan = ieee80211_get_channel(&rdev->wiphy, 4497 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 4498 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) 4499 return -EINVAL; 4500 4501 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4502 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4503 4504 if (info->attrs[NL80211_ATTR_IE]) { 4505 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4506 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4507 } 4508 4509 if (info->attrs[NL80211_ATTR_USE_MFP]) { 4510 enum nl80211_mfp mfp = 4511 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]); 4512 if (mfp == NL80211_MFP_REQUIRED) 4513 use_mfp = true; 4514 else if (mfp != NL80211_MFP_NO) 4515 return -EINVAL; 4516 } 4517 4518 if (info->attrs[NL80211_ATTR_PREV_BSSID]) 4519 prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]); 4520 4521 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT])) 4522 flags |= ASSOC_REQ_DISABLE_HT; 4523 4524 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) 4525 ht_capa_mask = 4526 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]); 4527 4528 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) { 4529 if (!ht_capa_mask) 4530 return -EINVAL; 4531 ht_capa = nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 4532 } 4533 4534 err = nl80211_crypto_settings(rdev, info, &crypto, 1); 4535 if (!err) 4536 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid, 4537 ssid, ssid_len, ie, ie_len, use_mfp, 4538 &crypto, flags, ht_capa, 4539 ht_capa_mask); 4540 4541 return err; 4542 } 4543 4544 static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info) 4545 { 4546 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4547 struct net_device *dev = info->user_ptr[1]; 4548 const u8 *ie = NULL, *bssid; 4549 int ie_len = 0; 4550 u16 reason_code; 4551 bool local_state_change; 4552 4553 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4554 return -EINVAL; 4555 4556 if (!info->attrs[NL80211_ATTR_MAC]) 4557 return -EINVAL; 4558 4559 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 4560 return -EINVAL; 4561 4562 if (!rdev->ops->deauth) 4563 return -EOPNOTSUPP; 4564 4565 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4566 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4567 return -EOPNOTSUPP; 4568 4569 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4570 4571 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 4572 if (reason_code == 0) { 4573 /* Reason Code 0 is reserved */ 4574 return -EINVAL; 4575 } 4576 4577 if (info->attrs[NL80211_ATTR_IE]) { 4578 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4579 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4580 } 4581 4582 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 4583 4584 return cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code, 4585 local_state_change); 4586 } 4587 4588 static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info) 4589 { 4590 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4591 struct net_device *dev = info->user_ptr[1]; 4592 const u8 *ie = NULL, *bssid; 4593 int ie_len = 0; 4594 u16 reason_code; 4595 bool local_state_change; 4596 4597 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4598 return -EINVAL; 4599 4600 if (!info->attrs[NL80211_ATTR_MAC]) 4601 return -EINVAL; 4602 4603 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 4604 return -EINVAL; 4605 4606 if (!rdev->ops->disassoc) 4607 return -EOPNOTSUPP; 4608 4609 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4610 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4611 return -EOPNOTSUPP; 4612 4613 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4614 4615 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 4616 if (reason_code == 0) { 4617 /* Reason Code 0 is reserved */ 4618 return -EINVAL; 4619 } 4620 4621 if (info->attrs[NL80211_ATTR_IE]) { 4622 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4623 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4624 } 4625 4626 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 4627 4628 return cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code, 4629 local_state_change); 4630 } 4631 4632 static bool 4633 nl80211_parse_mcast_rate(struct cfg80211_registered_device *rdev, 4634 int mcast_rate[IEEE80211_NUM_BANDS], 4635 int rateval) 4636 { 4637 struct wiphy *wiphy = &rdev->wiphy; 4638 bool found = false; 4639 int band, i; 4640 4641 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 4642 struct ieee80211_supported_band *sband; 4643 4644 sband = wiphy->bands[band]; 4645 if (!sband) 4646 continue; 4647 4648 for (i = 0; i < sband->n_bitrates; i++) { 4649 if (sband->bitrates[i].bitrate == rateval) { 4650 mcast_rate[band] = i + 1; 4651 found = true; 4652 break; 4653 } 4654 } 4655 } 4656 4657 return found; 4658 } 4659 4660 static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info) 4661 { 4662 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4663 struct net_device *dev = info->user_ptr[1]; 4664 struct cfg80211_ibss_params ibss; 4665 struct wiphy *wiphy; 4666 struct cfg80211_cached_keys *connkeys = NULL; 4667 int err; 4668 4669 memset(&ibss, 0, sizeof(ibss)); 4670 4671 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4672 return -EINVAL; 4673 4674 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 4675 !info->attrs[NL80211_ATTR_SSID] || 4676 !nla_len(info->attrs[NL80211_ATTR_SSID])) 4677 return -EINVAL; 4678 4679 ibss.beacon_interval = 100; 4680 4681 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) { 4682 ibss.beacon_interval = 4683 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 4684 if (ibss.beacon_interval < 1 || ibss.beacon_interval > 10000) 4685 return -EINVAL; 4686 } 4687 4688 if (!rdev->ops->join_ibss) 4689 return -EOPNOTSUPP; 4690 4691 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 4692 return -EOPNOTSUPP; 4693 4694 wiphy = &rdev->wiphy; 4695 4696 if (info->attrs[NL80211_ATTR_MAC]) { 4697 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4698 4699 if (!is_valid_ether_addr(ibss.bssid)) 4700 return -EINVAL; 4701 } 4702 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4703 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4704 4705 if (info->attrs[NL80211_ATTR_IE]) { 4706 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4707 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4708 } 4709 4710 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 4711 enum nl80211_channel_type channel_type; 4712 4713 channel_type = nla_get_u32( 4714 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 4715 if (channel_type != NL80211_CHAN_NO_HT && 4716 channel_type != NL80211_CHAN_HT20 && 4717 channel_type != NL80211_CHAN_HT40MINUS && 4718 channel_type != NL80211_CHAN_HT40PLUS) 4719 return -EINVAL; 4720 4721 if (channel_type != NL80211_CHAN_NO_HT && 4722 !(wiphy->features & NL80211_FEATURE_HT_IBSS)) 4723 return -EINVAL; 4724 4725 ibss.channel_type = channel_type; 4726 } else { 4727 ibss.channel_type = NL80211_CHAN_NO_HT; 4728 } 4729 4730 ibss.channel = rdev_freq_to_chan(rdev, 4731 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]), 4732 ibss.channel_type); 4733 if (!ibss.channel || 4734 ibss.channel->flags & IEEE80211_CHAN_NO_IBSS || 4735 ibss.channel->flags & IEEE80211_CHAN_DISABLED) 4736 return -EINVAL; 4737 4738 /* Both channels should be able to initiate communication */ 4739 if ((ibss.channel_type == NL80211_CHAN_HT40PLUS || 4740 ibss.channel_type == NL80211_CHAN_HT40MINUS) && 4741 !cfg80211_can_beacon_sec_chan(&rdev->wiphy, ibss.channel, 4742 ibss.channel_type)) 4743 return -EINVAL; 4744 4745 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED]; 4746 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; 4747 4748 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 4749 u8 *rates = 4750 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 4751 int n_rates = 4752 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 4753 struct ieee80211_supported_band *sband = 4754 wiphy->bands[ibss.channel->band]; 4755 int err; 4756 4757 err = ieee80211_get_ratemask(sband, rates, n_rates, 4758 &ibss.basic_rates); 4759 if (err) 4760 return err; 4761 } 4762 4763 if (info->attrs[NL80211_ATTR_MCAST_RATE] && 4764 !nl80211_parse_mcast_rate(rdev, ibss.mcast_rate, 4765 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]))) 4766 return -EINVAL; 4767 4768 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) { 4769 connkeys = nl80211_parse_connkeys(rdev, 4770 info->attrs[NL80211_ATTR_KEYS]); 4771 if (IS_ERR(connkeys)) 4772 return PTR_ERR(connkeys); 4773 } 4774 4775 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys); 4776 if (err) 4777 kfree(connkeys); 4778 return err; 4779 } 4780 4781 static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info) 4782 { 4783 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4784 struct net_device *dev = info->user_ptr[1]; 4785 4786 if (!rdev->ops->leave_ibss) 4787 return -EOPNOTSUPP; 4788 4789 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 4790 return -EOPNOTSUPP; 4791 4792 return cfg80211_leave_ibss(rdev, dev, false); 4793 } 4794 4795 #ifdef CONFIG_NL80211_TESTMODE 4796 static struct genl_multicast_group nl80211_testmode_mcgrp = { 4797 .name = "testmode", 4798 }; 4799 4800 static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info) 4801 { 4802 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4803 int err; 4804 4805 if (!info->attrs[NL80211_ATTR_TESTDATA]) 4806 return -EINVAL; 4807 4808 err = -EOPNOTSUPP; 4809 if (rdev->ops->testmode_cmd) { 4810 rdev->testmode_info = info; 4811 err = rdev->ops->testmode_cmd(&rdev->wiphy, 4812 nla_data(info->attrs[NL80211_ATTR_TESTDATA]), 4813 nla_len(info->attrs[NL80211_ATTR_TESTDATA])); 4814 rdev->testmode_info = NULL; 4815 } 4816 4817 return err; 4818 } 4819 4820 static int nl80211_testmode_dump(struct sk_buff *skb, 4821 struct netlink_callback *cb) 4822 { 4823 struct cfg80211_registered_device *rdev; 4824 int err; 4825 long phy_idx; 4826 void *data = NULL; 4827 int data_len = 0; 4828 4829 if (cb->args[0]) { 4830 /* 4831 * 0 is a valid index, but not valid for args[0], 4832 * so we need to offset by 1. 4833 */ 4834 phy_idx = cb->args[0] - 1; 4835 } else { 4836 err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, 4837 nl80211_fam.attrbuf, nl80211_fam.maxattr, 4838 nl80211_policy); 4839 if (err) 4840 return err; 4841 if (nl80211_fam.attrbuf[NL80211_ATTR_WIPHY]) { 4842 phy_idx = nla_get_u32( 4843 nl80211_fam.attrbuf[NL80211_ATTR_WIPHY]); 4844 } else { 4845 struct net_device *netdev; 4846 4847 err = get_rdev_dev_by_ifindex(sock_net(skb->sk), 4848 nl80211_fam.attrbuf, 4849 &rdev, &netdev); 4850 if (err) 4851 return err; 4852 dev_put(netdev); 4853 phy_idx = rdev->wiphy_idx; 4854 cfg80211_unlock_rdev(rdev); 4855 } 4856 if (nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA]) 4857 cb->args[1] = 4858 (long)nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA]; 4859 } 4860 4861 if (cb->args[1]) { 4862 data = nla_data((void *)cb->args[1]); 4863 data_len = nla_len((void *)cb->args[1]); 4864 } 4865 4866 mutex_lock(&cfg80211_mutex); 4867 rdev = cfg80211_rdev_by_wiphy_idx(phy_idx); 4868 if (!rdev) { 4869 mutex_unlock(&cfg80211_mutex); 4870 return -ENOENT; 4871 } 4872 cfg80211_lock_rdev(rdev); 4873 mutex_unlock(&cfg80211_mutex); 4874 4875 if (!rdev->ops->testmode_dump) { 4876 err = -EOPNOTSUPP; 4877 goto out_err; 4878 } 4879 4880 while (1) { 4881 void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).pid, 4882 cb->nlh->nlmsg_seq, NLM_F_MULTI, 4883 NL80211_CMD_TESTMODE); 4884 struct nlattr *tmdata; 4885 4886 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, phy_idx) < 0) { 4887 genlmsg_cancel(skb, hdr); 4888 break; 4889 } 4890 4891 tmdata = nla_nest_start(skb, NL80211_ATTR_TESTDATA); 4892 if (!tmdata) { 4893 genlmsg_cancel(skb, hdr); 4894 break; 4895 } 4896 err = rdev->ops->testmode_dump(&rdev->wiphy, skb, cb, 4897 data, data_len); 4898 nla_nest_end(skb, tmdata); 4899 4900 if (err == -ENOBUFS || err == -ENOENT) { 4901 genlmsg_cancel(skb, hdr); 4902 break; 4903 } else if (err) { 4904 genlmsg_cancel(skb, hdr); 4905 goto out_err; 4906 } 4907 4908 genlmsg_end(skb, hdr); 4909 } 4910 4911 err = skb->len; 4912 /* see above */ 4913 cb->args[0] = phy_idx + 1; 4914 out_err: 4915 cfg80211_unlock_rdev(rdev); 4916 return err; 4917 } 4918 4919 static struct sk_buff * 4920 __cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev, 4921 int approxlen, u32 pid, u32 seq, gfp_t gfp) 4922 { 4923 struct sk_buff *skb; 4924 void *hdr; 4925 struct nlattr *data; 4926 4927 skb = nlmsg_new(approxlen + 100, gfp); 4928 if (!skb) 4929 return NULL; 4930 4931 hdr = nl80211hdr_put(skb, pid, seq, 0, NL80211_CMD_TESTMODE); 4932 if (!hdr) { 4933 kfree_skb(skb); 4934 return NULL; 4935 } 4936 4937 NLA_PUT_U32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 4938 data = nla_nest_start(skb, NL80211_ATTR_TESTDATA); 4939 4940 ((void **)skb->cb)[0] = rdev; 4941 ((void **)skb->cb)[1] = hdr; 4942 ((void **)skb->cb)[2] = data; 4943 4944 return skb; 4945 4946 nla_put_failure: 4947 kfree_skb(skb); 4948 return NULL; 4949 } 4950 4951 struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy, 4952 int approxlen) 4953 { 4954 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 4955 4956 if (WARN_ON(!rdev->testmode_info)) 4957 return NULL; 4958 4959 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 4960 rdev->testmode_info->snd_pid, 4961 rdev->testmode_info->snd_seq, 4962 GFP_KERNEL); 4963 } 4964 EXPORT_SYMBOL(cfg80211_testmode_alloc_reply_skb); 4965 4966 int cfg80211_testmode_reply(struct sk_buff *skb) 4967 { 4968 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0]; 4969 void *hdr = ((void **)skb->cb)[1]; 4970 struct nlattr *data = ((void **)skb->cb)[2]; 4971 4972 if (WARN_ON(!rdev->testmode_info)) { 4973 kfree_skb(skb); 4974 return -EINVAL; 4975 } 4976 4977 nla_nest_end(skb, data); 4978 genlmsg_end(skb, hdr); 4979 return genlmsg_reply(skb, rdev->testmode_info); 4980 } 4981 EXPORT_SYMBOL(cfg80211_testmode_reply); 4982 4983 struct sk_buff *cfg80211_testmode_alloc_event_skb(struct wiphy *wiphy, 4984 int approxlen, gfp_t gfp) 4985 { 4986 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 4987 4988 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 0, 0, gfp); 4989 } 4990 EXPORT_SYMBOL(cfg80211_testmode_alloc_event_skb); 4991 4992 void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp) 4993 { 4994 void *hdr = ((void **)skb->cb)[1]; 4995 struct nlattr *data = ((void **)skb->cb)[2]; 4996 4997 nla_nest_end(skb, data); 4998 genlmsg_end(skb, hdr); 4999 genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp); 5000 } 5001 EXPORT_SYMBOL(cfg80211_testmode_event); 5002 #endif 5003 5004 static int nl80211_connect(struct sk_buff *skb, struct genl_info *info) 5005 { 5006 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5007 struct net_device *dev = info->user_ptr[1]; 5008 struct cfg80211_connect_params connect; 5009 struct wiphy *wiphy; 5010 struct cfg80211_cached_keys *connkeys = NULL; 5011 int err; 5012 5013 memset(&connect, 0, sizeof(connect)); 5014 5015 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 5016 return -EINVAL; 5017 5018 if (!info->attrs[NL80211_ATTR_SSID] || 5019 !nla_len(info->attrs[NL80211_ATTR_SSID])) 5020 return -EINVAL; 5021 5022 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { 5023 connect.auth_type = 5024 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 5025 if (!nl80211_valid_auth_type(connect.auth_type)) 5026 return -EINVAL; 5027 } else 5028 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC; 5029 5030 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY]; 5031 5032 err = nl80211_crypto_settings(rdev, info, &connect.crypto, 5033 NL80211_MAX_NR_CIPHER_SUITES); 5034 if (err) 5035 return err; 5036 5037 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5038 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 5039 return -EOPNOTSUPP; 5040 5041 wiphy = &rdev->wiphy; 5042 5043 if (info->attrs[NL80211_ATTR_MAC]) 5044 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 5045 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 5046 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 5047 5048 if (info->attrs[NL80211_ATTR_IE]) { 5049 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 5050 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 5051 } 5052 5053 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 5054 connect.channel = 5055 ieee80211_get_channel(wiphy, 5056 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 5057 if (!connect.channel || 5058 connect.channel->flags & IEEE80211_CHAN_DISABLED) 5059 return -EINVAL; 5060 } 5061 5062 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) { 5063 connkeys = nl80211_parse_connkeys(rdev, 5064 info->attrs[NL80211_ATTR_KEYS]); 5065 if (IS_ERR(connkeys)) 5066 return PTR_ERR(connkeys); 5067 } 5068 5069 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT])) 5070 connect.flags |= ASSOC_REQ_DISABLE_HT; 5071 5072 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) 5073 memcpy(&connect.ht_capa_mask, 5074 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]), 5075 sizeof(connect.ht_capa_mask)); 5076 5077 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) { 5078 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) 5079 return -EINVAL; 5080 memcpy(&connect.ht_capa, 5081 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]), 5082 sizeof(connect.ht_capa)); 5083 } 5084 5085 err = cfg80211_connect(rdev, dev, &connect, connkeys); 5086 if (err) 5087 kfree(connkeys); 5088 return err; 5089 } 5090 5091 static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info) 5092 { 5093 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5094 struct net_device *dev = info->user_ptr[1]; 5095 u16 reason; 5096 5097 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 5098 reason = WLAN_REASON_DEAUTH_LEAVING; 5099 else 5100 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 5101 5102 if (reason == 0) 5103 return -EINVAL; 5104 5105 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5106 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 5107 return -EOPNOTSUPP; 5108 5109 return cfg80211_disconnect(rdev, dev, reason, true); 5110 } 5111 5112 static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info) 5113 { 5114 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5115 struct net *net; 5116 int err; 5117 u32 pid; 5118 5119 if (!info->attrs[NL80211_ATTR_PID]) 5120 return -EINVAL; 5121 5122 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]); 5123 5124 net = get_net_ns_by_pid(pid); 5125 if (IS_ERR(net)) 5126 return PTR_ERR(net); 5127 5128 err = 0; 5129 5130 /* check if anything to do */ 5131 if (!net_eq(wiphy_net(&rdev->wiphy), net)) 5132 err = cfg80211_switch_netns(rdev, net); 5133 5134 put_net(net); 5135 return err; 5136 } 5137 5138 static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info) 5139 { 5140 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5141 int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev, 5142 struct cfg80211_pmksa *pmksa) = NULL; 5143 struct net_device *dev = info->user_ptr[1]; 5144 struct cfg80211_pmksa pmksa; 5145 5146 memset(&pmksa, 0, sizeof(struct cfg80211_pmksa)); 5147 5148 if (!info->attrs[NL80211_ATTR_MAC]) 5149 return -EINVAL; 5150 5151 if (!info->attrs[NL80211_ATTR_PMKID]) 5152 return -EINVAL; 5153 5154 pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]); 5155 pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 5156 5157 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5158 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 5159 return -EOPNOTSUPP; 5160 5161 switch (info->genlhdr->cmd) { 5162 case NL80211_CMD_SET_PMKSA: 5163 rdev_ops = rdev->ops->set_pmksa; 5164 break; 5165 case NL80211_CMD_DEL_PMKSA: 5166 rdev_ops = rdev->ops->del_pmksa; 5167 break; 5168 default: 5169 WARN_ON(1); 5170 break; 5171 } 5172 5173 if (!rdev_ops) 5174 return -EOPNOTSUPP; 5175 5176 return rdev_ops(&rdev->wiphy, dev, &pmksa); 5177 } 5178 5179 static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info) 5180 { 5181 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5182 struct net_device *dev = info->user_ptr[1]; 5183 5184 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5185 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 5186 return -EOPNOTSUPP; 5187 5188 if (!rdev->ops->flush_pmksa) 5189 return -EOPNOTSUPP; 5190 5191 return rdev->ops->flush_pmksa(&rdev->wiphy, dev); 5192 } 5193 5194 static int nl80211_tdls_mgmt(struct sk_buff *skb, struct genl_info *info) 5195 { 5196 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5197 struct net_device *dev = info->user_ptr[1]; 5198 u8 action_code, dialog_token; 5199 u16 status_code; 5200 u8 *peer; 5201 5202 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) || 5203 !rdev->ops->tdls_mgmt) 5204 return -EOPNOTSUPP; 5205 5206 if (!info->attrs[NL80211_ATTR_TDLS_ACTION] || 5207 !info->attrs[NL80211_ATTR_STATUS_CODE] || 5208 !info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN] || 5209 !info->attrs[NL80211_ATTR_IE] || 5210 !info->attrs[NL80211_ATTR_MAC]) 5211 return -EINVAL; 5212 5213 peer = nla_data(info->attrs[NL80211_ATTR_MAC]); 5214 action_code = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_ACTION]); 5215 status_code = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]); 5216 dialog_token = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN]); 5217 5218 return rdev->ops->tdls_mgmt(&rdev->wiphy, dev, peer, action_code, 5219 dialog_token, status_code, 5220 nla_data(info->attrs[NL80211_ATTR_IE]), 5221 nla_len(info->attrs[NL80211_ATTR_IE])); 5222 } 5223 5224 static int nl80211_tdls_oper(struct sk_buff *skb, struct genl_info *info) 5225 { 5226 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5227 struct net_device *dev = info->user_ptr[1]; 5228 enum nl80211_tdls_operation operation; 5229 u8 *peer; 5230 5231 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) || 5232 !rdev->ops->tdls_oper) 5233 return -EOPNOTSUPP; 5234 5235 if (!info->attrs[NL80211_ATTR_TDLS_OPERATION] || 5236 !info->attrs[NL80211_ATTR_MAC]) 5237 return -EINVAL; 5238 5239 operation = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_OPERATION]); 5240 peer = nla_data(info->attrs[NL80211_ATTR_MAC]); 5241 5242 return rdev->ops->tdls_oper(&rdev->wiphy, dev, peer, operation); 5243 } 5244 5245 static int nl80211_remain_on_channel(struct sk_buff *skb, 5246 struct genl_info *info) 5247 { 5248 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5249 struct net_device *dev = info->user_ptr[1]; 5250 struct ieee80211_channel *chan; 5251 struct sk_buff *msg; 5252 void *hdr; 5253 u64 cookie; 5254 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 5255 u32 freq, duration; 5256 int err; 5257 5258 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 5259 !info->attrs[NL80211_ATTR_DURATION]) 5260 return -EINVAL; 5261 5262 duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); 5263 5264 /* 5265 * We should be on that channel for at least one jiffie, 5266 * and more than 5 seconds seems excessive. 5267 */ 5268 if (!duration || !msecs_to_jiffies(duration) || 5269 duration > rdev->wiphy.max_remain_on_channel_duration) 5270 return -EINVAL; 5271 5272 if (!rdev->ops->remain_on_channel || 5273 !(rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL)) 5274 return -EOPNOTSUPP; 5275 5276 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 5277 channel_type = nla_get_u32( 5278 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 5279 if (channel_type != NL80211_CHAN_NO_HT && 5280 channel_type != NL80211_CHAN_HT20 && 5281 channel_type != NL80211_CHAN_HT40PLUS && 5282 channel_type != NL80211_CHAN_HT40MINUS) 5283 return -EINVAL; 5284 } 5285 5286 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 5287 chan = rdev_freq_to_chan(rdev, freq, channel_type); 5288 if (chan == NULL) 5289 return -EINVAL; 5290 5291 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5292 if (!msg) 5293 return -ENOMEM; 5294 5295 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5296 NL80211_CMD_REMAIN_ON_CHANNEL); 5297 5298 if (IS_ERR(hdr)) { 5299 err = PTR_ERR(hdr); 5300 goto free_msg; 5301 } 5302 5303 err = rdev->ops->remain_on_channel(&rdev->wiphy, dev, chan, 5304 channel_type, duration, &cookie); 5305 5306 if (err) 5307 goto free_msg; 5308 5309 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 5310 5311 genlmsg_end(msg, hdr); 5312 5313 return genlmsg_reply(msg, info); 5314 5315 nla_put_failure: 5316 err = -ENOBUFS; 5317 free_msg: 5318 nlmsg_free(msg); 5319 return err; 5320 } 5321 5322 static int nl80211_cancel_remain_on_channel(struct sk_buff *skb, 5323 struct genl_info *info) 5324 { 5325 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5326 struct net_device *dev = info->user_ptr[1]; 5327 u64 cookie; 5328 5329 if (!info->attrs[NL80211_ATTR_COOKIE]) 5330 return -EINVAL; 5331 5332 if (!rdev->ops->cancel_remain_on_channel) 5333 return -EOPNOTSUPP; 5334 5335 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); 5336 5337 return rdev->ops->cancel_remain_on_channel(&rdev->wiphy, dev, cookie); 5338 } 5339 5340 static u32 rateset_to_mask(struct ieee80211_supported_band *sband, 5341 u8 *rates, u8 rates_len) 5342 { 5343 u8 i; 5344 u32 mask = 0; 5345 5346 for (i = 0; i < rates_len; i++) { 5347 int rate = (rates[i] & 0x7f) * 5; 5348 int ridx; 5349 for (ridx = 0; ridx < sband->n_bitrates; ridx++) { 5350 struct ieee80211_rate *srate = 5351 &sband->bitrates[ridx]; 5352 if (rate == srate->bitrate) { 5353 mask |= 1 << ridx; 5354 break; 5355 } 5356 } 5357 if (ridx == sband->n_bitrates) 5358 return 0; /* rate not found */ 5359 } 5360 5361 return mask; 5362 } 5363 5364 static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = { 5365 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY, 5366 .len = NL80211_MAX_SUPP_RATES }, 5367 }; 5368 5369 static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb, 5370 struct genl_info *info) 5371 { 5372 struct nlattr *tb[NL80211_TXRATE_MAX + 1]; 5373 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5374 struct cfg80211_bitrate_mask mask; 5375 int rem, i; 5376 struct net_device *dev = info->user_ptr[1]; 5377 struct nlattr *tx_rates; 5378 struct ieee80211_supported_band *sband; 5379 5380 if (info->attrs[NL80211_ATTR_TX_RATES] == NULL) 5381 return -EINVAL; 5382 5383 if (!rdev->ops->set_bitrate_mask) 5384 return -EOPNOTSUPP; 5385 5386 memset(&mask, 0, sizeof(mask)); 5387 /* Default to all rates enabled */ 5388 for (i = 0; i < IEEE80211_NUM_BANDS; i++) { 5389 sband = rdev->wiphy.bands[i]; 5390 mask.control[i].legacy = 5391 sband ? (1 << sband->n_bitrates) - 1 : 0; 5392 } 5393 5394 /* 5395 * The nested attribute uses enum nl80211_band as the index. This maps 5396 * directly to the enum ieee80211_band values used in cfg80211. 5397 */ 5398 nla_for_each_nested(tx_rates, info->attrs[NL80211_ATTR_TX_RATES], rem) 5399 { 5400 enum ieee80211_band band = nla_type(tx_rates); 5401 if (band < 0 || band >= IEEE80211_NUM_BANDS) 5402 return -EINVAL; 5403 sband = rdev->wiphy.bands[band]; 5404 if (sband == NULL) 5405 return -EINVAL; 5406 nla_parse(tb, NL80211_TXRATE_MAX, nla_data(tx_rates), 5407 nla_len(tx_rates), nl80211_txattr_policy); 5408 if (tb[NL80211_TXRATE_LEGACY]) { 5409 mask.control[band].legacy = rateset_to_mask( 5410 sband, 5411 nla_data(tb[NL80211_TXRATE_LEGACY]), 5412 nla_len(tb[NL80211_TXRATE_LEGACY])); 5413 if (mask.control[band].legacy == 0) 5414 return -EINVAL; 5415 } 5416 } 5417 5418 return rdev->ops->set_bitrate_mask(&rdev->wiphy, dev, NULL, &mask); 5419 } 5420 5421 static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info) 5422 { 5423 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5424 struct net_device *dev = info->user_ptr[1]; 5425 u16 frame_type = IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_ACTION; 5426 5427 if (!info->attrs[NL80211_ATTR_FRAME_MATCH]) 5428 return -EINVAL; 5429 5430 if (info->attrs[NL80211_ATTR_FRAME_TYPE]) 5431 frame_type = nla_get_u16(info->attrs[NL80211_ATTR_FRAME_TYPE]); 5432 5433 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5434 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 5435 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 5436 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 5437 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 5438 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 5439 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 5440 return -EOPNOTSUPP; 5441 5442 /* not much point in registering if we can't reply */ 5443 if (!rdev->ops->mgmt_tx) 5444 return -EOPNOTSUPP; 5445 5446 return cfg80211_mlme_register_mgmt(dev->ieee80211_ptr, info->snd_pid, 5447 frame_type, 5448 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]), 5449 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH])); 5450 } 5451 5452 static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info) 5453 { 5454 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5455 struct net_device *dev = info->user_ptr[1]; 5456 struct ieee80211_channel *chan; 5457 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 5458 bool channel_type_valid = false; 5459 u32 freq; 5460 int err; 5461 void *hdr = NULL; 5462 u64 cookie; 5463 struct sk_buff *msg = NULL; 5464 unsigned int wait = 0; 5465 bool offchan, no_cck, dont_wait_for_ack; 5466 5467 dont_wait_for_ack = info->attrs[NL80211_ATTR_DONT_WAIT_FOR_ACK]; 5468 5469 if (!info->attrs[NL80211_ATTR_FRAME] || 5470 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 5471 return -EINVAL; 5472 5473 if (!rdev->ops->mgmt_tx) 5474 return -EOPNOTSUPP; 5475 5476 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5477 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 5478 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 5479 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 5480 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 5481 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 5482 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 5483 return -EOPNOTSUPP; 5484 5485 if (info->attrs[NL80211_ATTR_DURATION]) { 5486 if (!(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX)) 5487 return -EINVAL; 5488 wait = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); 5489 } 5490 5491 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 5492 channel_type = nla_get_u32( 5493 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 5494 if (channel_type != NL80211_CHAN_NO_HT && 5495 channel_type != NL80211_CHAN_HT20 && 5496 channel_type != NL80211_CHAN_HT40PLUS && 5497 channel_type != NL80211_CHAN_HT40MINUS) 5498 return -EINVAL; 5499 channel_type_valid = true; 5500 } 5501 5502 offchan = info->attrs[NL80211_ATTR_OFFCHANNEL_TX_OK]; 5503 5504 if (offchan && !(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX)) 5505 return -EINVAL; 5506 5507 no_cck = nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]); 5508 5509 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 5510 chan = rdev_freq_to_chan(rdev, freq, channel_type); 5511 if (chan == NULL) 5512 return -EINVAL; 5513 5514 if (!dont_wait_for_ack) { 5515 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5516 if (!msg) 5517 return -ENOMEM; 5518 5519 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5520 NL80211_CMD_FRAME); 5521 5522 if (IS_ERR(hdr)) { 5523 err = PTR_ERR(hdr); 5524 goto free_msg; 5525 } 5526 } 5527 5528 err = cfg80211_mlme_mgmt_tx(rdev, dev, chan, offchan, channel_type, 5529 channel_type_valid, wait, 5530 nla_data(info->attrs[NL80211_ATTR_FRAME]), 5531 nla_len(info->attrs[NL80211_ATTR_FRAME]), 5532 no_cck, dont_wait_for_ack, &cookie); 5533 if (err) 5534 goto free_msg; 5535 5536 if (msg) { 5537 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 5538 5539 genlmsg_end(msg, hdr); 5540 return genlmsg_reply(msg, info); 5541 } 5542 5543 return 0; 5544 5545 nla_put_failure: 5546 err = -ENOBUFS; 5547 free_msg: 5548 nlmsg_free(msg); 5549 return err; 5550 } 5551 5552 static int nl80211_tx_mgmt_cancel_wait(struct sk_buff *skb, struct genl_info *info) 5553 { 5554 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5555 struct net_device *dev = info->user_ptr[1]; 5556 u64 cookie; 5557 5558 if (!info->attrs[NL80211_ATTR_COOKIE]) 5559 return -EINVAL; 5560 5561 if (!rdev->ops->mgmt_tx_cancel_wait) 5562 return -EOPNOTSUPP; 5563 5564 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5565 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 5566 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 5567 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 5568 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 5569 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 5570 return -EOPNOTSUPP; 5571 5572 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); 5573 5574 return rdev->ops->mgmt_tx_cancel_wait(&rdev->wiphy, dev, cookie); 5575 } 5576 5577 static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info) 5578 { 5579 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5580 struct wireless_dev *wdev; 5581 struct net_device *dev = info->user_ptr[1]; 5582 u8 ps_state; 5583 bool state; 5584 int err; 5585 5586 if (!info->attrs[NL80211_ATTR_PS_STATE]) 5587 return -EINVAL; 5588 5589 ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]); 5590 5591 if (ps_state != NL80211_PS_DISABLED && ps_state != NL80211_PS_ENABLED) 5592 return -EINVAL; 5593 5594 wdev = dev->ieee80211_ptr; 5595 5596 if (!rdev->ops->set_power_mgmt) 5597 return -EOPNOTSUPP; 5598 5599 state = (ps_state == NL80211_PS_ENABLED) ? true : false; 5600 5601 if (state == wdev->ps) 5602 return 0; 5603 5604 err = rdev->ops->set_power_mgmt(wdev->wiphy, dev, state, 5605 wdev->ps_timeout); 5606 if (!err) 5607 wdev->ps = state; 5608 return err; 5609 } 5610 5611 static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info) 5612 { 5613 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5614 enum nl80211_ps_state ps_state; 5615 struct wireless_dev *wdev; 5616 struct net_device *dev = info->user_ptr[1]; 5617 struct sk_buff *msg; 5618 void *hdr; 5619 int err; 5620 5621 wdev = dev->ieee80211_ptr; 5622 5623 if (!rdev->ops->set_power_mgmt) 5624 return -EOPNOTSUPP; 5625 5626 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5627 if (!msg) 5628 return -ENOMEM; 5629 5630 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5631 NL80211_CMD_GET_POWER_SAVE); 5632 if (!hdr) { 5633 err = -ENOBUFS; 5634 goto free_msg; 5635 } 5636 5637 if (wdev->ps) 5638 ps_state = NL80211_PS_ENABLED; 5639 else 5640 ps_state = NL80211_PS_DISABLED; 5641 5642 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE, ps_state); 5643 5644 genlmsg_end(msg, hdr); 5645 return genlmsg_reply(msg, info); 5646 5647 nla_put_failure: 5648 err = -ENOBUFS; 5649 free_msg: 5650 nlmsg_free(msg); 5651 return err; 5652 } 5653 5654 static struct nla_policy 5655 nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] __read_mostly = { 5656 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 }, 5657 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 }, 5658 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 }, 5659 }; 5660 5661 static int nl80211_set_cqm_rssi(struct genl_info *info, 5662 s32 threshold, u32 hysteresis) 5663 { 5664 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5665 struct wireless_dev *wdev; 5666 struct net_device *dev = info->user_ptr[1]; 5667 5668 if (threshold > 0) 5669 return -EINVAL; 5670 5671 wdev = dev->ieee80211_ptr; 5672 5673 if (!rdev->ops->set_cqm_rssi_config) 5674 return -EOPNOTSUPP; 5675 5676 if (wdev->iftype != NL80211_IFTYPE_STATION && 5677 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT) 5678 return -EOPNOTSUPP; 5679 5680 return rdev->ops->set_cqm_rssi_config(wdev->wiphy, dev, 5681 threshold, hysteresis); 5682 } 5683 5684 static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info) 5685 { 5686 struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1]; 5687 struct nlattr *cqm; 5688 int err; 5689 5690 cqm = info->attrs[NL80211_ATTR_CQM]; 5691 if (!cqm) { 5692 err = -EINVAL; 5693 goto out; 5694 } 5695 5696 err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm, 5697 nl80211_attr_cqm_policy); 5698 if (err) 5699 goto out; 5700 5701 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] && 5702 attrs[NL80211_ATTR_CQM_RSSI_HYST]) { 5703 s32 threshold; 5704 u32 hysteresis; 5705 threshold = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_THOLD]); 5706 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]); 5707 err = nl80211_set_cqm_rssi(info, threshold, hysteresis); 5708 } else 5709 err = -EINVAL; 5710 5711 out: 5712 return err; 5713 } 5714 5715 static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info) 5716 { 5717 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5718 struct net_device *dev = info->user_ptr[1]; 5719 struct mesh_config cfg; 5720 struct mesh_setup setup; 5721 int err; 5722 5723 /* start with default */ 5724 memcpy(&cfg, &default_mesh_config, sizeof(cfg)); 5725 memcpy(&setup, &default_mesh_setup, sizeof(setup)); 5726 5727 if (info->attrs[NL80211_ATTR_MESH_CONFIG]) { 5728 /* and parse parameters if given */ 5729 err = nl80211_parse_mesh_config(info, &cfg, NULL); 5730 if (err) 5731 return err; 5732 } 5733 5734 if (!info->attrs[NL80211_ATTR_MESH_ID] || 5735 !nla_len(info->attrs[NL80211_ATTR_MESH_ID])) 5736 return -EINVAL; 5737 5738 setup.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]); 5739 setup.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 5740 5741 if (info->attrs[NL80211_ATTR_MCAST_RATE] && 5742 !nl80211_parse_mcast_rate(rdev, setup.mcast_rate, 5743 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]))) 5744 return -EINVAL; 5745 5746 if (info->attrs[NL80211_ATTR_MESH_SETUP]) { 5747 /* parse additional setup parameters if given */ 5748 err = nl80211_parse_mesh_setup(info, &setup); 5749 if (err) 5750 return err; 5751 } 5752 5753 return cfg80211_join_mesh(rdev, dev, &setup, &cfg); 5754 } 5755 5756 static int nl80211_leave_mesh(struct sk_buff *skb, struct genl_info *info) 5757 { 5758 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5759 struct net_device *dev = info->user_ptr[1]; 5760 5761 return cfg80211_leave_mesh(rdev, dev); 5762 } 5763 5764 static int nl80211_get_wowlan(struct sk_buff *skb, struct genl_info *info) 5765 { 5766 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5767 struct sk_buff *msg; 5768 void *hdr; 5769 5770 if (!rdev->wiphy.wowlan.flags && !rdev->wiphy.wowlan.n_patterns) 5771 return -EOPNOTSUPP; 5772 5773 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5774 if (!msg) 5775 return -ENOMEM; 5776 5777 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5778 NL80211_CMD_GET_WOWLAN); 5779 if (!hdr) 5780 goto nla_put_failure; 5781 5782 if (rdev->wowlan) { 5783 struct nlattr *nl_wowlan; 5784 5785 nl_wowlan = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS); 5786 if (!nl_wowlan) 5787 goto nla_put_failure; 5788 5789 if (rdev->wowlan->any) 5790 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_ANY); 5791 if (rdev->wowlan->disconnect) 5792 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_DISCONNECT); 5793 if (rdev->wowlan->magic_pkt) 5794 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT); 5795 if (rdev->wowlan->gtk_rekey_failure) 5796 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE); 5797 if (rdev->wowlan->eap_identity_req) 5798 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST); 5799 if (rdev->wowlan->four_way_handshake) 5800 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE); 5801 if (rdev->wowlan->rfkill_release) 5802 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE); 5803 if (rdev->wowlan->n_patterns) { 5804 struct nlattr *nl_pats, *nl_pat; 5805 int i, pat_len; 5806 5807 nl_pats = nla_nest_start(msg, 5808 NL80211_WOWLAN_TRIG_PKT_PATTERN); 5809 if (!nl_pats) 5810 goto nla_put_failure; 5811 5812 for (i = 0; i < rdev->wowlan->n_patterns; i++) { 5813 nl_pat = nla_nest_start(msg, i + 1); 5814 if (!nl_pat) 5815 goto nla_put_failure; 5816 pat_len = rdev->wowlan->patterns[i].pattern_len; 5817 NLA_PUT(msg, NL80211_WOWLAN_PKTPAT_MASK, 5818 DIV_ROUND_UP(pat_len, 8), 5819 rdev->wowlan->patterns[i].mask); 5820 NLA_PUT(msg, NL80211_WOWLAN_PKTPAT_PATTERN, 5821 pat_len, 5822 rdev->wowlan->patterns[i].pattern); 5823 nla_nest_end(msg, nl_pat); 5824 } 5825 nla_nest_end(msg, nl_pats); 5826 } 5827 5828 nla_nest_end(msg, nl_wowlan); 5829 } 5830 5831 genlmsg_end(msg, hdr); 5832 return genlmsg_reply(msg, info); 5833 5834 nla_put_failure: 5835 nlmsg_free(msg); 5836 return -ENOBUFS; 5837 } 5838 5839 static int nl80211_set_wowlan(struct sk_buff *skb, struct genl_info *info) 5840 { 5841 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5842 struct nlattr *tb[NUM_NL80211_WOWLAN_TRIG]; 5843 struct cfg80211_wowlan no_triggers = {}; 5844 struct cfg80211_wowlan new_triggers = {}; 5845 struct wiphy_wowlan_support *wowlan = &rdev->wiphy.wowlan; 5846 int err, i; 5847 5848 if (!rdev->wiphy.wowlan.flags && !rdev->wiphy.wowlan.n_patterns) 5849 return -EOPNOTSUPP; 5850 5851 if (!info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]) 5852 goto no_triggers; 5853 5854 err = nla_parse(tb, MAX_NL80211_WOWLAN_TRIG, 5855 nla_data(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]), 5856 nla_len(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]), 5857 nl80211_wowlan_policy); 5858 if (err) 5859 return err; 5860 5861 if (tb[NL80211_WOWLAN_TRIG_ANY]) { 5862 if (!(wowlan->flags & WIPHY_WOWLAN_ANY)) 5863 return -EINVAL; 5864 new_triggers.any = true; 5865 } 5866 5867 if (tb[NL80211_WOWLAN_TRIG_DISCONNECT]) { 5868 if (!(wowlan->flags & WIPHY_WOWLAN_DISCONNECT)) 5869 return -EINVAL; 5870 new_triggers.disconnect = true; 5871 } 5872 5873 if (tb[NL80211_WOWLAN_TRIG_MAGIC_PKT]) { 5874 if (!(wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT)) 5875 return -EINVAL; 5876 new_triggers.magic_pkt = true; 5877 } 5878 5879 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED]) 5880 return -EINVAL; 5881 5882 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE]) { 5883 if (!(wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE)) 5884 return -EINVAL; 5885 new_triggers.gtk_rekey_failure = true; 5886 } 5887 5888 if (tb[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST]) { 5889 if (!(wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ)) 5890 return -EINVAL; 5891 new_triggers.eap_identity_req = true; 5892 } 5893 5894 if (tb[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE]) { 5895 if (!(wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE)) 5896 return -EINVAL; 5897 new_triggers.four_way_handshake = true; 5898 } 5899 5900 if (tb[NL80211_WOWLAN_TRIG_RFKILL_RELEASE]) { 5901 if (!(wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE)) 5902 return -EINVAL; 5903 new_triggers.rfkill_release = true; 5904 } 5905 5906 if (tb[NL80211_WOWLAN_TRIG_PKT_PATTERN]) { 5907 struct nlattr *pat; 5908 int n_patterns = 0; 5909 int rem, pat_len, mask_len; 5910 struct nlattr *pat_tb[NUM_NL80211_WOWLAN_PKTPAT]; 5911 5912 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN], 5913 rem) 5914 n_patterns++; 5915 if (n_patterns > wowlan->n_patterns) 5916 return -EINVAL; 5917 5918 new_triggers.patterns = kcalloc(n_patterns, 5919 sizeof(new_triggers.patterns[0]), 5920 GFP_KERNEL); 5921 if (!new_triggers.patterns) 5922 return -ENOMEM; 5923 5924 new_triggers.n_patterns = n_patterns; 5925 i = 0; 5926 5927 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN], 5928 rem) { 5929 nla_parse(pat_tb, MAX_NL80211_WOWLAN_PKTPAT, 5930 nla_data(pat), nla_len(pat), NULL); 5931 err = -EINVAL; 5932 if (!pat_tb[NL80211_WOWLAN_PKTPAT_MASK] || 5933 !pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]) 5934 goto error; 5935 pat_len = nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]); 5936 mask_len = DIV_ROUND_UP(pat_len, 8); 5937 if (nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]) != 5938 mask_len) 5939 goto error; 5940 if (pat_len > wowlan->pattern_max_len || 5941 pat_len < wowlan->pattern_min_len) 5942 goto error; 5943 5944 new_triggers.patterns[i].mask = 5945 kmalloc(mask_len + pat_len, GFP_KERNEL); 5946 if (!new_triggers.patterns[i].mask) { 5947 err = -ENOMEM; 5948 goto error; 5949 } 5950 new_triggers.patterns[i].pattern = 5951 new_triggers.patterns[i].mask + mask_len; 5952 memcpy(new_triggers.patterns[i].mask, 5953 nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]), 5954 mask_len); 5955 new_triggers.patterns[i].pattern_len = pat_len; 5956 memcpy(new_triggers.patterns[i].pattern, 5957 nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]), 5958 pat_len); 5959 i++; 5960 } 5961 } 5962 5963 if (memcmp(&new_triggers, &no_triggers, sizeof(new_triggers))) { 5964 struct cfg80211_wowlan *ntrig; 5965 ntrig = kmemdup(&new_triggers, sizeof(new_triggers), 5966 GFP_KERNEL); 5967 if (!ntrig) { 5968 err = -ENOMEM; 5969 goto error; 5970 } 5971 cfg80211_rdev_free_wowlan(rdev); 5972 rdev->wowlan = ntrig; 5973 } else { 5974 no_triggers: 5975 cfg80211_rdev_free_wowlan(rdev); 5976 rdev->wowlan = NULL; 5977 } 5978 5979 return 0; 5980 error: 5981 for (i = 0; i < new_triggers.n_patterns; i++) 5982 kfree(new_triggers.patterns[i].mask); 5983 kfree(new_triggers.patterns); 5984 return err; 5985 } 5986 5987 static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info) 5988 { 5989 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5990 struct net_device *dev = info->user_ptr[1]; 5991 struct wireless_dev *wdev = dev->ieee80211_ptr; 5992 struct nlattr *tb[NUM_NL80211_REKEY_DATA]; 5993 struct cfg80211_gtk_rekey_data rekey_data; 5994 int err; 5995 5996 if (!info->attrs[NL80211_ATTR_REKEY_DATA]) 5997 return -EINVAL; 5998 5999 err = nla_parse(tb, MAX_NL80211_REKEY_DATA, 6000 nla_data(info->attrs[NL80211_ATTR_REKEY_DATA]), 6001 nla_len(info->attrs[NL80211_ATTR_REKEY_DATA]), 6002 nl80211_rekey_policy); 6003 if (err) 6004 return err; 6005 6006 if (nla_len(tb[NL80211_REKEY_DATA_REPLAY_CTR]) != NL80211_REPLAY_CTR_LEN) 6007 return -ERANGE; 6008 if (nla_len(tb[NL80211_REKEY_DATA_KEK]) != NL80211_KEK_LEN) 6009 return -ERANGE; 6010 if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN) 6011 return -ERANGE; 6012 6013 memcpy(rekey_data.kek, nla_data(tb[NL80211_REKEY_DATA_KEK]), 6014 NL80211_KEK_LEN); 6015 memcpy(rekey_data.kck, nla_data(tb[NL80211_REKEY_DATA_KCK]), 6016 NL80211_KCK_LEN); 6017 memcpy(rekey_data.replay_ctr, 6018 nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]), 6019 NL80211_REPLAY_CTR_LEN); 6020 6021 wdev_lock(wdev); 6022 if (!wdev->current_bss) { 6023 err = -ENOTCONN; 6024 goto out; 6025 } 6026 6027 if (!rdev->ops->set_rekey_data) { 6028 err = -EOPNOTSUPP; 6029 goto out; 6030 } 6031 6032 err = rdev->ops->set_rekey_data(&rdev->wiphy, dev, &rekey_data); 6033 out: 6034 wdev_unlock(wdev); 6035 return err; 6036 } 6037 6038 static int nl80211_register_unexpected_frame(struct sk_buff *skb, 6039 struct genl_info *info) 6040 { 6041 struct net_device *dev = info->user_ptr[1]; 6042 struct wireless_dev *wdev = dev->ieee80211_ptr; 6043 6044 if (wdev->iftype != NL80211_IFTYPE_AP && 6045 wdev->iftype != NL80211_IFTYPE_P2P_GO) 6046 return -EINVAL; 6047 6048 if (wdev->ap_unexpected_nlpid) 6049 return -EBUSY; 6050 6051 wdev->ap_unexpected_nlpid = info->snd_pid; 6052 return 0; 6053 } 6054 6055 static int nl80211_probe_client(struct sk_buff *skb, 6056 struct genl_info *info) 6057 { 6058 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 6059 struct net_device *dev = info->user_ptr[1]; 6060 struct wireless_dev *wdev = dev->ieee80211_ptr; 6061 struct sk_buff *msg; 6062 void *hdr; 6063 const u8 *addr; 6064 u64 cookie; 6065 int err; 6066 6067 if (wdev->iftype != NL80211_IFTYPE_AP && 6068 wdev->iftype != NL80211_IFTYPE_P2P_GO) 6069 return -EOPNOTSUPP; 6070 6071 if (!info->attrs[NL80211_ATTR_MAC]) 6072 return -EINVAL; 6073 6074 if (!rdev->ops->probe_client) 6075 return -EOPNOTSUPP; 6076 6077 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6078 if (!msg) 6079 return -ENOMEM; 6080 6081 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 6082 NL80211_CMD_PROBE_CLIENT); 6083 6084 if (IS_ERR(hdr)) { 6085 err = PTR_ERR(hdr); 6086 goto free_msg; 6087 } 6088 6089 addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 6090 6091 err = rdev->ops->probe_client(&rdev->wiphy, dev, addr, &cookie); 6092 if (err) 6093 goto free_msg; 6094 6095 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 6096 6097 genlmsg_end(msg, hdr); 6098 6099 return genlmsg_reply(msg, info); 6100 6101 nla_put_failure: 6102 err = -ENOBUFS; 6103 free_msg: 6104 nlmsg_free(msg); 6105 return err; 6106 } 6107 6108 static int nl80211_register_beacons(struct sk_buff *skb, struct genl_info *info) 6109 { 6110 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 6111 6112 if (!(rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS)) 6113 return -EOPNOTSUPP; 6114 6115 if (rdev->ap_beacons_nlpid) 6116 return -EBUSY; 6117 6118 rdev->ap_beacons_nlpid = info->snd_pid; 6119 6120 return 0; 6121 } 6122 6123 #define NL80211_FLAG_NEED_WIPHY 0x01 6124 #define NL80211_FLAG_NEED_NETDEV 0x02 6125 #define NL80211_FLAG_NEED_RTNL 0x04 6126 #define NL80211_FLAG_CHECK_NETDEV_UP 0x08 6127 #define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\ 6128 NL80211_FLAG_CHECK_NETDEV_UP) 6129 6130 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb, 6131 struct genl_info *info) 6132 { 6133 struct cfg80211_registered_device *rdev; 6134 struct net_device *dev; 6135 int err; 6136 bool rtnl = ops->internal_flags & NL80211_FLAG_NEED_RTNL; 6137 6138 if (rtnl) 6139 rtnl_lock(); 6140 6141 if (ops->internal_flags & NL80211_FLAG_NEED_WIPHY) { 6142 rdev = cfg80211_get_dev_from_info(info); 6143 if (IS_ERR(rdev)) { 6144 if (rtnl) 6145 rtnl_unlock(); 6146 return PTR_ERR(rdev); 6147 } 6148 info->user_ptr[0] = rdev; 6149 } else if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV) { 6150 err = get_rdev_dev_by_ifindex(genl_info_net(info), info->attrs, 6151 &rdev, &dev); 6152 if (err) { 6153 if (rtnl) 6154 rtnl_unlock(); 6155 return err; 6156 } 6157 if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP && 6158 !netif_running(dev)) { 6159 cfg80211_unlock_rdev(rdev); 6160 dev_put(dev); 6161 if (rtnl) 6162 rtnl_unlock(); 6163 return -ENETDOWN; 6164 } 6165 info->user_ptr[0] = rdev; 6166 info->user_ptr[1] = dev; 6167 } 6168 6169 return 0; 6170 } 6171 6172 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb, 6173 struct genl_info *info) 6174 { 6175 if (info->user_ptr[0]) 6176 cfg80211_unlock_rdev(info->user_ptr[0]); 6177 if (info->user_ptr[1]) 6178 dev_put(info->user_ptr[1]); 6179 if (ops->internal_flags & NL80211_FLAG_NEED_RTNL) 6180 rtnl_unlock(); 6181 } 6182 6183 static struct genl_ops nl80211_ops[] = { 6184 { 6185 .cmd = NL80211_CMD_GET_WIPHY, 6186 .doit = nl80211_get_wiphy, 6187 .dumpit = nl80211_dump_wiphy, 6188 .policy = nl80211_policy, 6189 /* can be retrieved by unprivileged users */ 6190 .internal_flags = NL80211_FLAG_NEED_WIPHY, 6191 }, 6192 { 6193 .cmd = NL80211_CMD_SET_WIPHY, 6194 .doit = nl80211_set_wiphy, 6195 .policy = nl80211_policy, 6196 .flags = GENL_ADMIN_PERM, 6197 .internal_flags = NL80211_FLAG_NEED_RTNL, 6198 }, 6199 { 6200 .cmd = NL80211_CMD_GET_INTERFACE, 6201 .doit = nl80211_get_interface, 6202 .dumpit = nl80211_dump_interface, 6203 .policy = nl80211_policy, 6204 /* can be retrieved by unprivileged users */ 6205 .internal_flags = NL80211_FLAG_NEED_NETDEV, 6206 }, 6207 { 6208 .cmd = NL80211_CMD_SET_INTERFACE, 6209 .doit = nl80211_set_interface, 6210 .policy = nl80211_policy, 6211 .flags = GENL_ADMIN_PERM, 6212 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6213 NL80211_FLAG_NEED_RTNL, 6214 }, 6215 { 6216 .cmd = NL80211_CMD_NEW_INTERFACE, 6217 .doit = nl80211_new_interface, 6218 .policy = nl80211_policy, 6219 .flags = GENL_ADMIN_PERM, 6220 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6221 NL80211_FLAG_NEED_RTNL, 6222 }, 6223 { 6224 .cmd = NL80211_CMD_DEL_INTERFACE, 6225 .doit = nl80211_del_interface, 6226 .policy = nl80211_policy, 6227 .flags = GENL_ADMIN_PERM, 6228 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6229 NL80211_FLAG_NEED_RTNL, 6230 }, 6231 { 6232 .cmd = NL80211_CMD_GET_KEY, 6233 .doit = nl80211_get_key, 6234 .policy = nl80211_policy, 6235 .flags = GENL_ADMIN_PERM, 6236 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6237 NL80211_FLAG_NEED_RTNL, 6238 }, 6239 { 6240 .cmd = NL80211_CMD_SET_KEY, 6241 .doit = nl80211_set_key, 6242 .policy = nl80211_policy, 6243 .flags = GENL_ADMIN_PERM, 6244 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6245 NL80211_FLAG_NEED_RTNL, 6246 }, 6247 { 6248 .cmd = NL80211_CMD_NEW_KEY, 6249 .doit = nl80211_new_key, 6250 .policy = nl80211_policy, 6251 .flags = GENL_ADMIN_PERM, 6252 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6253 NL80211_FLAG_NEED_RTNL, 6254 }, 6255 { 6256 .cmd = NL80211_CMD_DEL_KEY, 6257 .doit = nl80211_del_key, 6258 .policy = nl80211_policy, 6259 .flags = GENL_ADMIN_PERM, 6260 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6261 NL80211_FLAG_NEED_RTNL, 6262 }, 6263 { 6264 .cmd = NL80211_CMD_SET_BEACON, 6265 .policy = nl80211_policy, 6266 .flags = GENL_ADMIN_PERM, 6267 .doit = nl80211_addset_beacon, 6268 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6269 NL80211_FLAG_NEED_RTNL, 6270 }, 6271 { 6272 .cmd = NL80211_CMD_NEW_BEACON, 6273 .policy = nl80211_policy, 6274 .flags = GENL_ADMIN_PERM, 6275 .doit = nl80211_addset_beacon, 6276 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6277 NL80211_FLAG_NEED_RTNL, 6278 }, 6279 { 6280 .cmd = NL80211_CMD_DEL_BEACON, 6281 .policy = nl80211_policy, 6282 .flags = GENL_ADMIN_PERM, 6283 .doit = nl80211_del_beacon, 6284 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6285 NL80211_FLAG_NEED_RTNL, 6286 }, 6287 { 6288 .cmd = NL80211_CMD_GET_STATION, 6289 .doit = nl80211_get_station, 6290 .dumpit = nl80211_dump_station, 6291 .policy = nl80211_policy, 6292 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6293 NL80211_FLAG_NEED_RTNL, 6294 }, 6295 { 6296 .cmd = NL80211_CMD_SET_STATION, 6297 .doit = nl80211_set_station, 6298 .policy = nl80211_policy, 6299 .flags = GENL_ADMIN_PERM, 6300 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6301 NL80211_FLAG_NEED_RTNL, 6302 }, 6303 { 6304 .cmd = NL80211_CMD_NEW_STATION, 6305 .doit = nl80211_new_station, 6306 .policy = nl80211_policy, 6307 .flags = GENL_ADMIN_PERM, 6308 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6309 NL80211_FLAG_NEED_RTNL, 6310 }, 6311 { 6312 .cmd = NL80211_CMD_DEL_STATION, 6313 .doit = nl80211_del_station, 6314 .policy = nl80211_policy, 6315 .flags = GENL_ADMIN_PERM, 6316 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6317 NL80211_FLAG_NEED_RTNL, 6318 }, 6319 { 6320 .cmd = NL80211_CMD_GET_MPATH, 6321 .doit = nl80211_get_mpath, 6322 .dumpit = nl80211_dump_mpath, 6323 .policy = nl80211_policy, 6324 .flags = GENL_ADMIN_PERM, 6325 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6326 NL80211_FLAG_NEED_RTNL, 6327 }, 6328 { 6329 .cmd = NL80211_CMD_SET_MPATH, 6330 .doit = nl80211_set_mpath, 6331 .policy = nl80211_policy, 6332 .flags = GENL_ADMIN_PERM, 6333 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6334 NL80211_FLAG_NEED_RTNL, 6335 }, 6336 { 6337 .cmd = NL80211_CMD_NEW_MPATH, 6338 .doit = nl80211_new_mpath, 6339 .policy = nl80211_policy, 6340 .flags = GENL_ADMIN_PERM, 6341 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6342 NL80211_FLAG_NEED_RTNL, 6343 }, 6344 { 6345 .cmd = NL80211_CMD_DEL_MPATH, 6346 .doit = nl80211_del_mpath, 6347 .policy = nl80211_policy, 6348 .flags = GENL_ADMIN_PERM, 6349 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6350 NL80211_FLAG_NEED_RTNL, 6351 }, 6352 { 6353 .cmd = NL80211_CMD_SET_BSS, 6354 .doit = nl80211_set_bss, 6355 .policy = nl80211_policy, 6356 .flags = GENL_ADMIN_PERM, 6357 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6358 NL80211_FLAG_NEED_RTNL, 6359 }, 6360 { 6361 .cmd = NL80211_CMD_GET_REG, 6362 .doit = nl80211_get_reg, 6363 .policy = nl80211_policy, 6364 /* can be retrieved by unprivileged users */ 6365 }, 6366 { 6367 .cmd = NL80211_CMD_SET_REG, 6368 .doit = nl80211_set_reg, 6369 .policy = nl80211_policy, 6370 .flags = GENL_ADMIN_PERM, 6371 }, 6372 { 6373 .cmd = NL80211_CMD_REQ_SET_REG, 6374 .doit = nl80211_req_set_reg, 6375 .policy = nl80211_policy, 6376 .flags = GENL_ADMIN_PERM, 6377 }, 6378 { 6379 .cmd = NL80211_CMD_GET_MESH_CONFIG, 6380 .doit = nl80211_get_mesh_config, 6381 .policy = nl80211_policy, 6382 /* can be retrieved by unprivileged users */ 6383 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6384 NL80211_FLAG_NEED_RTNL, 6385 }, 6386 { 6387 .cmd = NL80211_CMD_SET_MESH_CONFIG, 6388 .doit = nl80211_update_mesh_config, 6389 .policy = nl80211_policy, 6390 .flags = GENL_ADMIN_PERM, 6391 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6392 NL80211_FLAG_NEED_RTNL, 6393 }, 6394 { 6395 .cmd = NL80211_CMD_TRIGGER_SCAN, 6396 .doit = nl80211_trigger_scan, 6397 .policy = nl80211_policy, 6398 .flags = GENL_ADMIN_PERM, 6399 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6400 NL80211_FLAG_NEED_RTNL, 6401 }, 6402 { 6403 .cmd = NL80211_CMD_GET_SCAN, 6404 .policy = nl80211_policy, 6405 .dumpit = nl80211_dump_scan, 6406 }, 6407 { 6408 .cmd = NL80211_CMD_START_SCHED_SCAN, 6409 .doit = nl80211_start_sched_scan, 6410 .policy = nl80211_policy, 6411 .flags = GENL_ADMIN_PERM, 6412 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6413 NL80211_FLAG_NEED_RTNL, 6414 }, 6415 { 6416 .cmd = NL80211_CMD_STOP_SCHED_SCAN, 6417 .doit = nl80211_stop_sched_scan, 6418 .policy = nl80211_policy, 6419 .flags = GENL_ADMIN_PERM, 6420 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6421 NL80211_FLAG_NEED_RTNL, 6422 }, 6423 { 6424 .cmd = NL80211_CMD_AUTHENTICATE, 6425 .doit = nl80211_authenticate, 6426 .policy = nl80211_policy, 6427 .flags = GENL_ADMIN_PERM, 6428 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6429 NL80211_FLAG_NEED_RTNL, 6430 }, 6431 { 6432 .cmd = NL80211_CMD_ASSOCIATE, 6433 .doit = nl80211_associate, 6434 .policy = nl80211_policy, 6435 .flags = GENL_ADMIN_PERM, 6436 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6437 NL80211_FLAG_NEED_RTNL, 6438 }, 6439 { 6440 .cmd = NL80211_CMD_DEAUTHENTICATE, 6441 .doit = nl80211_deauthenticate, 6442 .policy = nl80211_policy, 6443 .flags = GENL_ADMIN_PERM, 6444 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6445 NL80211_FLAG_NEED_RTNL, 6446 }, 6447 { 6448 .cmd = NL80211_CMD_DISASSOCIATE, 6449 .doit = nl80211_disassociate, 6450 .policy = nl80211_policy, 6451 .flags = GENL_ADMIN_PERM, 6452 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6453 NL80211_FLAG_NEED_RTNL, 6454 }, 6455 { 6456 .cmd = NL80211_CMD_JOIN_IBSS, 6457 .doit = nl80211_join_ibss, 6458 .policy = nl80211_policy, 6459 .flags = GENL_ADMIN_PERM, 6460 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6461 NL80211_FLAG_NEED_RTNL, 6462 }, 6463 { 6464 .cmd = NL80211_CMD_LEAVE_IBSS, 6465 .doit = nl80211_leave_ibss, 6466 .policy = nl80211_policy, 6467 .flags = GENL_ADMIN_PERM, 6468 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6469 NL80211_FLAG_NEED_RTNL, 6470 }, 6471 #ifdef CONFIG_NL80211_TESTMODE 6472 { 6473 .cmd = NL80211_CMD_TESTMODE, 6474 .doit = nl80211_testmode_do, 6475 .dumpit = nl80211_testmode_dump, 6476 .policy = nl80211_policy, 6477 .flags = GENL_ADMIN_PERM, 6478 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6479 NL80211_FLAG_NEED_RTNL, 6480 }, 6481 #endif 6482 { 6483 .cmd = NL80211_CMD_CONNECT, 6484 .doit = nl80211_connect, 6485 .policy = nl80211_policy, 6486 .flags = GENL_ADMIN_PERM, 6487 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6488 NL80211_FLAG_NEED_RTNL, 6489 }, 6490 { 6491 .cmd = NL80211_CMD_DISCONNECT, 6492 .doit = nl80211_disconnect, 6493 .policy = nl80211_policy, 6494 .flags = GENL_ADMIN_PERM, 6495 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6496 NL80211_FLAG_NEED_RTNL, 6497 }, 6498 { 6499 .cmd = NL80211_CMD_SET_WIPHY_NETNS, 6500 .doit = nl80211_wiphy_netns, 6501 .policy = nl80211_policy, 6502 .flags = GENL_ADMIN_PERM, 6503 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6504 NL80211_FLAG_NEED_RTNL, 6505 }, 6506 { 6507 .cmd = NL80211_CMD_GET_SURVEY, 6508 .policy = nl80211_policy, 6509 .dumpit = nl80211_dump_survey, 6510 }, 6511 { 6512 .cmd = NL80211_CMD_SET_PMKSA, 6513 .doit = nl80211_setdel_pmksa, 6514 .policy = nl80211_policy, 6515 .flags = GENL_ADMIN_PERM, 6516 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6517 NL80211_FLAG_NEED_RTNL, 6518 }, 6519 { 6520 .cmd = NL80211_CMD_DEL_PMKSA, 6521 .doit = nl80211_setdel_pmksa, 6522 .policy = nl80211_policy, 6523 .flags = GENL_ADMIN_PERM, 6524 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6525 NL80211_FLAG_NEED_RTNL, 6526 }, 6527 { 6528 .cmd = NL80211_CMD_FLUSH_PMKSA, 6529 .doit = nl80211_flush_pmksa, 6530 .policy = nl80211_policy, 6531 .flags = GENL_ADMIN_PERM, 6532 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6533 NL80211_FLAG_NEED_RTNL, 6534 }, 6535 { 6536 .cmd = NL80211_CMD_REMAIN_ON_CHANNEL, 6537 .doit = nl80211_remain_on_channel, 6538 .policy = nl80211_policy, 6539 .flags = GENL_ADMIN_PERM, 6540 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6541 NL80211_FLAG_NEED_RTNL, 6542 }, 6543 { 6544 .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 6545 .doit = nl80211_cancel_remain_on_channel, 6546 .policy = nl80211_policy, 6547 .flags = GENL_ADMIN_PERM, 6548 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6549 NL80211_FLAG_NEED_RTNL, 6550 }, 6551 { 6552 .cmd = NL80211_CMD_SET_TX_BITRATE_MASK, 6553 .doit = nl80211_set_tx_bitrate_mask, 6554 .policy = nl80211_policy, 6555 .flags = GENL_ADMIN_PERM, 6556 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6557 NL80211_FLAG_NEED_RTNL, 6558 }, 6559 { 6560 .cmd = NL80211_CMD_REGISTER_FRAME, 6561 .doit = nl80211_register_mgmt, 6562 .policy = nl80211_policy, 6563 .flags = GENL_ADMIN_PERM, 6564 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6565 NL80211_FLAG_NEED_RTNL, 6566 }, 6567 { 6568 .cmd = NL80211_CMD_FRAME, 6569 .doit = nl80211_tx_mgmt, 6570 .policy = nl80211_policy, 6571 .flags = GENL_ADMIN_PERM, 6572 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6573 NL80211_FLAG_NEED_RTNL, 6574 }, 6575 { 6576 .cmd = NL80211_CMD_FRAME_WAIT_CANCEL, 6577 .doit = nl80211_tx_mgmt_cancel_wait, 6578 .policy = nl80211_policy, 6579 .flags = GENL_ADMIN_PERM, 6580 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6581 NL80211_FLAG_NEED_RTNL, 6582 }, 6583 { 6584 .cmd = NL80211_CMD_SET_POWER_SAVE, 6585 .doit = nl80211_set_power_save, 6586 .policy = nl80211_policy, 6587 .flags = GENL_ADMIN_PERM, 6588 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6589 NL80211_FLAG_NEED_RTNL, 6590 }, 6591 { 6592 .cmd = NL80211_CMD_GET_POWER_SAVE, 6593 .doit = nl80211_get_power_save, 6594 .policy = nl80211_policy, 6595 /* can be retrieved by unprivileged users */ 6596 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6597 NL80211_FLAG_NEED_RTNL, 6598 }, 6599 { 6600 .cmd = NL80211_CMD_SET_CQM, 6601 .doit = nl80211_set_cqm, 6602 .policy = nl80211_policy, 6603 .flags = GENL_ADMIN_PERM, 6604 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6605 NL80211_FLAG_NEED_RTNL, 6606 }, 6607 { 6608 .cmd = NL80211_CMD_SET_CHANNEL, 6609 .doit = nl80211_set_channel, 6610 .policy = nl80211_policy, 6611 .flags = GENL_ADMIN_PERM, 6612 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6613 NL80211_FLAG_NEED_RTNL, 6614 }, 6615 { 6616 .cmd = NL80211_CMD_SET_WDS_PEER, 6617 .doit = nl80211_set_wds_peer, 6618 .policy = nl80211_policy, 6619 .flags = GENL_ADMIN_PERM, 6620 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6621 NL80211_FLAG_NEED_RTNL, 6622 }, 6623 { 6624 .cmd = NL80211_CMD_JOIN_MESH, 6625 .doit = nl80211_join_mesh, 6626 .policy = nl80211_policy, 6627 .flags = GENL_ADMIN_PERM, 6628 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6629 NL80211_FLAG_NEED_RTNL, 6630 }, 6631 { 6632 .cmd = NL80211_CMD_LEAVE_MESH, 6633 .doit = nl80211_leave_mesh, 6634 .policy = nl80211_policy, 6635 .flags = GENL_ADMIN_PERM, 6636 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6637 NL80211_FLAG_NEED_RTNL, 6638 }, 6639 { 6640 .cmd = NL80211_CMD_GET_WOWLAN, 6641 .doit = nl80211_get_wowlan, 6642 .policy = nl80211_policy, 6643 /* can be retrieved by unprivileged users */ 6644 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6645 NL80211_FLAG_NEED_RTNL, 6646 }, 6647 { 6648 .cmd = NL80211_CMD_SET_WOWLAN, 6649 .doit = nl80211_set_wowlan, 6650 .policy = nl80211_policy, 6651 .flags = GENL_ADMIN_PERM, 6652 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6653 NL80211_FLAG_NEED_RTNL, 6654 }, 6655 { 6656 .cmd = NL80211_CMD_SET_REKEY_OFFLOAD, 6657 .doit = nl80211_set_rekey_data, 6658 .policy = nl80211_policy, 6659 .flags = GENL_ADMIN_PERM, 6660 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6661 NL80211_FLAG_NEED_RTNL, 6662 }, 6663 { 6664 .cmd = NL80211_CMD_TDLS_MGMT, 6665 .doit = nl80211_tdls_mgmt, 6666 .policy = nl80211_policy, 6667 .flags = GENL_ADMIN_PERM, 6668 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6669 NL80211_FLAG_NEED_RTNL, 6670 }, 6671 { 6672 .cmd = NL80211_CMD_TDLS_OPER, 6673 .doit = nl80211_tdls_oper, 6674 .policy = nl80211_policy, 6675 .flags = GENL_ADMIN_PERM, 6676 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6677 NL80211_FLAG_NEED_RTNL, 6678 }, 6679 { 6680 .cmd = NL80211_CMD_UNEXPECTED_FRAME, 6681 .doit = nl80211_register_unexpected_frame, 6682 .policy = nl80211_policy, 6683 .flags = GENL_ADMIN_PERM, 6684 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6685 NL80211_FLAG_NEED_RTNL, 6686 }, 6687 { 6688 .cmd = NL80211_CMD_PROBE_CLIENT, 6689 .doit = nl80211_probe_client, 6690 .policy = nl80211_policy, 6691 .flags = GENL_ADMIN_PERM, 6692 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6693 NL80211_FLAG_NEED_RTNL, 6694 }, 6695 { 6696 .cmd = NL80211_CMD_REGISTER_BEACONS, 6697 .doit = nl80211_register_beacons, 6698 .policy = nl80211_policy, 6699 .flags = GENL_ADMIN_PERM, 6700 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6701 NL80211_FLAG_NEED_RTNL, 6702 }, 6703 { 6704 .cmd = NL80211_CMD_SET_NOACK_MAP, 6705 .doit = nl80211_set_noack_map, 6706 .policy = nl80211_policy, 6707 .flags = GENL_ADMIN_PERM, 6708 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6709 NL80211_FLAG_NEED_RTNL, 6710 }, 6711 6712 }; 6713 6714 static struct genl_multicast_group nl80211_mlme_mcgrp = { 6715 .name = "mlme", 6716 }; 6717 6718 /* multicast groups */ 6719 static struct genl_multicast_group nl80211_config_mcgrp = { 6720 .name = "config", 6721 }; 6722 static struct genl_multicast_group nl80211_scan_mcgrp = { 6723 .name = "scan", 6724 }; 6725 static struct genl_multicast_group nl80211_regulatory_mcgrp = { 6726 .name = "regulatory", 6727 }; 6728 6729 /* notification functions */ 6730 6731 void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev) 6732 { 6733 struct sk_buff *msg; 6734 6735 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6736 if (!msg) 6737 return; 6738 6739 if (nl80211_send_wiphy(msg, 0, 0, 0, rdev) < 0) { 6740 nlmsg_free(msg); 6741 return; 6742 } 6743 6744 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6745 nl80211_config_mcgrp.id, GFP_KERNEL); 6746 } 6747 6748 static int nl80211_add_scan_req(struct sk_buff *msg, 6749 struct cfg80211_registered_device *rdev) 6750 { 6751 struct cfg80211_scan_request *req = rdev->scan_req; 6752 struct nlattr *nest; 6753 int i; 6754 6755 ASSERT_RDEV_LOCK(rdev); 6756 6757 if (WARN_ON(!req)) 6758 return 0; 6759 6760 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS); 6761 if (!nest) 6762 goto nla_put_failure; 6763 for (i = 0; i < req->n_ssids; i++) 6764 NLA_PUT(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid); 6765 nla_nest_end(msg, nest); 6766 6767 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES); 6768 if (!nest) 6769 goto nla_put_failure; 6770 for (i = 0; i < req->n_channels; i++) 6771 NLA_PUT_U32(msg, i, req->channels[i]->center_freq); 6772 nla_nest_end(msg, nest); 6773 6774 if (req->ie) 6775 NLA_PUT(msg, NL80211_ATTR_IE, req->ie_len, req->ie); 6776 6777 return 0; 6778 nla_put_failure: 6779 return -ENOBUFS; 6780 } 6781 6782 static int nl80211_send_scan_msg(struct sk_buff *msg, 6783 struct cfg80211_registered_device *rdev, 6784 struct net_device *netdev, 6785 u32 pid, u32 seq, int flags, 6786 u32 cmd) 6787 { 6788 void *hdr; 6789 6790 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd); 6791 if (!hdr) 6792 return -1; 6793 6794 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6795 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6796 6797 /* ignore errors and send incomplete event anyway */ 6798 nl80211_add_scan_req(msg, rdev); 6799 6800 return genlmsg_end(msg, hdr); 6801 6802 nla_put_failure: 6803 genlmsg_cancel(msg, hdr); 6804 return -EMSGSIZE; 6805 } 6806 6807 static int 6808 nl80211_send_sched_scan_msg(struct sk_buff *msg, 6809 struct cfg80211_registered_device *rdev, 6810 struct net_device *netdev, 6811 u32 pid, u32 seq, int flags, u32 cmd) 6812 { 6813 void *hdr; 6814 6815 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd); 6816 if (!hdr) 6817 return -1; 6818 6819 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6820 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6821 6822 return genlmsg_end(msg, hdr); 6823 6824 nla_put_failure: 6825 genlmsg_cancel(msg, hdr); 6826 return -EMSGSIZE; 6827 } 6828 6829 void nl80211_send_scan_start(struct cfg80211_registered_device *rdev, 6830 struct net_device *netdev) 6831 { 6832 struct sk_buff *msg; 6833 6834 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 6835 if (!msg) 6836 return; 6837 6838 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 6839 NL80211_CMD_TRIGGER_SCAN) < 0) { 6840 nlmsg_free(msg); 6841 return; 6842 } 6843 6844 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6845 nl80211_scan_mcgrp.id, GFP_KERNEL); 6846 } 6847 6848 void nl80211_send_scan_done(struct cfg80211_registered_device *rdev, 6849 struct net_device *netdev) 6850 { 6851 struct sk_buff *msg; 6852 6853 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6854 if (!msg) 6855 return; 6856 6857 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 6858 NL80211_CMD_NEW_SCAN_RESULTS) < 0) { 6859 nlmsg_free(msg); 6860 return; 6861 } 6862 6863 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6864 nl80211_scan_mcgrp.id, GFP_KERNEL); 6865 } 6866 6867 void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev, 6868 struct net_device *netdev) 6869 { 6870 struct sk_buff *msg; 6871 6872 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6873 if (!msg) 6874 return; 6875 6876 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 6877 NL80211_CMD_SCAN_ABORTED) < 0) { 6878 nlmsg_free(msg); 6879 return; 6880 } 6881 6882 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6883 nl80211_scan_mcgrp.id, GFP_KERNEL); 6884 } 6885 6886 void nl80211_send_sched_scan_results(struct cfg80211_registered_device *rdev, 6887 struct net_device *netdev) 6888 { 6889 struct sk_buff *msg; 6890 6891 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6892 if (!msg) 6893 return; 6894 6895 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0, 6896 NL80211_CMD_SCHED_SCAN_RESULTS) < 0) { 6897 nlmsg_free(msg); 6898 return; 6899 } 6900 6901 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6902 nl80211_scan_mcgrp.id, GFP_KERNEL); 6903 } 6904 6905 void nl80211_send_sched_scan(struct cfg80211_registered_device *rdev, 6906 struct net_device *netdev, u32 cmd) 6907 { 6908 struct sk_buff *msg; 6909 6910 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 6911 if (!msg) 6912 return; 6913 6914 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0, cmd) < 0) { 6915 nlmsg_free(msg); 6916 return; 6917 } 6918 6919 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6920 nl80211_scan_mcgrp.id, GFP_KERNEL); 6921 } 6922 6923 /* 6924 * This can happen on global regulatory changes or device specific settings 6925 * based on custom world regulatory domains. 6926 */ 6927 void nl80211_send_reg_change_event(struct regulatory_request *request) 6928 { 6929 struct sk_buff *msg; 6930 void *hdr; 6931 6932 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6933 if (!msg) 6934 return; 6935 6936 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_CHANGE); 6937 if (!hdr) { 6938 nlmsg_free(msg); 6939 return; 6940 } 6941 6942 /* Userspace can always count this one always being set */ 6943 NLA_PUT_U8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator); 6944 6945 if (request->alpha2[0] == '0' && request->alpha2[1] == '0') 6946 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 6947 NL80211_REGDOM_TYPE_WORLD); 6948 else if (request->alpha2[0] == '9' && request->alpha2[1] == '9') 6949 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 6950 NL80211_REGDOM_TYPE_CUSTOM_WORLD); 6951 else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') || 6952 request->intersect) 6953 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 6954 NL80211_REGDOM_TYPE_INTERSECTION); 6955 else { 6956 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 6957 NL80211_REGDOM_TYPE_COUNTRY); 6958 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, request->alpha2); 6959 } 6960 6961 if (wiphy_idx_valid(request->wiphy_idx)) 6962 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx); 6963 6964 genlmsg_end(msg, hdr); 6965 6966 rcu_read_lock(); 6967 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 6968 GFP_ATOMIC); 6969 rcu_read_unlock(); 6970 6971 return; 6972 6973 nla_put_failure: 6974 genlmsg_cancel(msg, hdr); 6975 nlmsg_free(msg); 6976 } 6977 6978 static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev, 6979 struct net_device *netdev, 6980 const u8 *buf, size_t len, 6981 enum nl80211_commands cmd, gfp_t gfp) 6982 { 6983 struct sk_buff *msg; 6984 void *hdr; 6985 6986 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 6987 if (!msg) 6988 return; 6989 6990 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 6991 if (!hdr) { 6992 nlmsg_free(msg); 6993 return; 6994 } 6995 6996 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6997 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6998 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 6999 7000 genlmsg_end(msg, hdr); 7001 7002 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7003 nl80211_mlme_mcgrp.id, gfp); 7004 return; 7005 7006 nla_put_failure: 7007 genlmsg_cancel(msg, hdr); 7008 nlmsg_free(msg); 7009 } 7010 7011 void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev, 7012 struct net_device *netdev, const u8 *buf, 7013 size_t len, gfp_t gfp) 7014 { 7015 nl80211_send_mlme_event(rdev, netdev, buf, len, 7016 NL80211_CMD_AUTHENTICATE, gfp); 7017 } 7018 7019 void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev, 7020 struct net_device *netdev, const u8 *buf, 7021 size_t len, gfp_t gfp) 7022 { 7023 nl80211_send_mlme_event(rdev, netdev, buf, len, 7024 NL80211_CMD_ASSOCIATE, gfp); 7025 } 7026 7027 void nl80211_send_deauth(struct cfg80211_registered_device *rdev, 7028 struct net_device *netdev, const u8 *buf, 7029 size_t len, gfp_t gfp) 7030 { 7031 nl80211_send_mlme_event(rdev, netdev, buf, len, 7032 NL80211_CMD_DEAUTHENTICATE, gfp); 7033 } 7034 7035 void nl80211_send_disassoc(struct cfg80211_registered_device *rdev, 7036 struct net_device *netdev, const u8 *buf, 7037 size_t len, gfp_t gfp) 7038 { 7039 nl80211_send_mlme_event(rdev, netdev, buf, len, 7040 NL80211_CMD_DISASSOCIATE, gfp); 7041 } 7042 7043 void nl80211_send_unprot_deauth(struct cfg80211_registered_device *rdev, 7044 struct net_device *netdev, const u8 *buf, 7045 size_t len, gfp_t gfp) 7046 { 7047 nl80211_send_mlme_event(rdev, netdev, buf, len, 7048 NL80211_CMD_UNPROT_DEAUTHENTICATE, gfp); 7049 } 7050 7051 void nl80211_send_unprot_disassoc(struct cfg80211_registered_device *rdev, 7052 struct net_device *netdev, const u8 *buf, 7053 size_t len, gfp_t gfp) 7054 { 7055 nl80211_send_mlme_event(rdev, netdev, buf, len, 7056 NL80211_CMD_UNPROT_DISASSOCIATE, gfp); 7057 } 7058 7059 static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev, 7060 struct net_device *netdev, int cmd, 7061 const u8 *addr, gfp_t gfp) 7062 { 7063 struct sk_buff *msg; 7064 void *hdr; 7065 7066 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7067 if (!msg) 7068 return; 7069 7070 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 7071 if (!hdr) { 7072 nlmsg_free(msg); 7073 return; 7074 } 7075 7076 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7077 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7078 NLA_PUT_FLAG(msg, NL80211_ATTR_TIMED_OUT); 7079 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 7080 7081 genlmsg_end(msg, hdr); 7082 7083 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7084 nl80211_mlme_mcgrp.id, gfp); 7085 return; 7086 7087 nla_put_failure: 7088 genlmsg_cancel(msg, hdr); 7089 nlmsg_free(msg); 7090 } 7091 7092 void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev, 7093 struct net_device *netdev, const u8 *addr, 7094 gfp_t gfp) 7095 { 7096 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE, 7097 addr, gfp); 7098 } 7099 7100 void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev, 7101 struct net_device *netdev, const u8 *addr, 7102 gfp_t gfp) 7103 { 7104 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE, 7105 addr, gfp); 7106 } 7107 7108 void nl80211_send_connect_result(struct cfg80211_registered_device *rdev, 7109 struct net_device *netdev, const u8 *bssid, 7110 const u8 *req_ie, size_t req_ie_len, 7111 const u8 *resp_ie, size_t resp_ie_len, 7112 u16 status, gfp_t gfp) 7113 { 7114 struct sk_buff *msg; 7115 void *hdr; 7116 7117 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7118 if (!msg) 7119 return; 7120 7121 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT); 7122 if (!hdr) { 7123 nlmsg_free(msg); 7124 return; 7125 } 7126 7127 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7128 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7129 if (bssid) 7130 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 7131 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status); 7132 if (req_ie) 7133 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 7134 if (resp_ie) 7135 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 7136 7137 genlmsg_end(msg, hdr); 7138 7139 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7140 nl80211_mlme_mcgrp.id, gfp); 7141 return; 7142 7143 nla_put_failure: 7144 genlmsg_cancel(msg, hdr); 7145 nlmsg_free(msg); 7146 7147 } 7148 7149 void nl80211_send_roamed(struct cfg80211_registered_device *rdev, 7150 struct net_device *netdev, const u8 *bssid, 7151 const u8 *req_ie, size_t req_ie_len, 7152 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp) 7153 { 7154 struct sk_buff *msg; 7155 void *hdr; 7156 7157 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7158 if (!msg) 7159 return; 7160 7161 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM); 7162 if (!hdr) { 7163 nlmsg_free(msg); 7164 return; 7165 } 7166 7167 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7168 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7169 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 7170 if (req_ie) 7171 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 7172 if (resp_ie) 7173 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 7174 7175 genlmsg_end(msg, hdr); 7176 7177 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7178 nl80211_mlme_mcgrp.id, gfp); 7179 return; 7180 7181 nla_put_failure: 7182 genlmsg_cancel(msg, hdr); 7183 nlmsg_free(msg); 7184 7185 } 7186 7187 void nl80211_send_disconnected(struct cfg80211_registered_device *rdev, 7188 struct net_device *netdev, u16 reason, 7189 const u8 *ie, size_t ie_len, bool from_ap) 7190 { 7191 struct sk_buff *msg; 7192 void *hdr; 7193 7194 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 7195 if (!msg) 7196 return; 7197 7198 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT); 7199 if (!hdr) { 7200 nlmsg_free(msg); 7201 return; 7202 } 7203 7204 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7205 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7206 if (from_ap && reason) 7207 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason); 7208 if (from_ap) 7209 NLA_PUT_FLAG(msg, NL80211_ATTR_DISCONNECTED_BY_AP); 7210 if (ie) 7211 NLA_PUT(msg, NL80211_ATTR_IE, ie_len, ie); 7212 7213 genlmsg_end(msg, hdr); 7214 7215 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7216 nl80211_mlme_mcgrp.id, GFP_KERNEL); 7217 return; 7218 7219 nla_put_failure: 7220 genlmsg_cancel(msg, hdr); 7221 nlmsg_free(msg); 7222 7223 } 7224 7225 void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev, 7226 struct net_device *netdev, const u8 *bssid, 7227 gfp_t gfp) 7228 { 7229 struct sk_buff *msg; 7230 void *hdr; 7231 7232 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7233 if (!msg) 7234 return; 7235 7236 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS); 7237 if (!hdr) { 7238 nlmsg_free(msg); 7239 return; 7240 } 7241 7242 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7243 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7244 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 7245 7246 genlmsg_end(msg, hdr); 7247 7248 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7249 nl80211_mlme_mcgrp.id, gfp); 7250 return; 7251 7252 nla_put_failure: 7253 genlmsg_cancel(msg, hdr); 7254 nlmsg_free(msg); 7255 } 7256 7257 void nl80211_send_new_peer_candidate(struct cfg80211_registered_device *rdev, 7258 struct net_device *netdev, 7259 const u8 *macaddr, const u8* ie, u8 ie_len, 7260 gfp_t gfp) 7261 { 7262 struct sk_buff *msg; 7263 void *hdr; 7264 7265 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7266 if (!msg) 7267 return; 7268 7269 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NEW_PEER_CANDIDATE); 7270 if (!hdr) { 7271 nlmsg_free(msg); 7272 return; 7273 } 7274 7275 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7276 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7277 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, macaddr); 7278 if (ie_len && ie) 7279 NLA_PUT(msg, NL80211_ATTR_IE, ie_len , ie); 7280 7281 genlmsg_end(msg, hdr); 7282 7283 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7284 nl80211_mlme_mcgrp.id, gfp); 7285 return; 7286 7287 nla_put_failure: 7288 genlmsg_cancel(msg, hdr); 7289 nlmsg_free(msg); 7290 } 7291 7292 void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev, 7293 struct net_device *netdev, const u8 *addr, 7294 enum nl80211_key_type key_type, int key_id, 7295 const u8 *tsc, gfp_t gfp) 7296 { 7297 struct sk_buff *msg; 7298 void *hdr; 7299 7300 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7301 if (!msg) 7302 return; 7303 7304 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE); 7305 if (!hdr) { 7306 nlmsg_free(msg); 7307 return; 7308 } 7309 7310 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7311 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7312 if (addr) 7313 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 7314 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE, key_type); 7315 if (key_id != -1) 7316 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_id); 7317 if (tsc) 7318 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, 6, tsc); 7319 7320 genlmsg_end(msg, hdr); 7321 7322 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7323 nl80211_mlme_mcgrp.id, gfp); 7324 return; 7325 7326 nla_put_failure: 7327 genlmsg_cancel(msg, hdr); 7328 nlmsg_free(msg); 7329 } 7330 7331 void nl80211_send_beacon_hint_event(struct wiphy *wiphy, 7332 struct ieee80211_channel *channel_before, 7333 struct ieee80211_channel *channel_after) 7334 { 7335 struct sk_buff *msg; 7336 void *hdr; 7337 struct nlattr *nl_freq; 7338 7339 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 7340 if (!msg) 7341 return; 7342 7343 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT); 7344 if (!hdr) { 7345 nlmsg_free(msg); 7346 return; 7347 } 7348 7349 /* 7350 * Since we are applying the beacon hint to a wiphy we know its 7351 * wiphy_idx is valid 7352 */ 7353 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)); 7354 7355 /* Before */ 7356 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE); 7357 if (!nl_freq) 7358 goto nla_put_failure; 7359 if (nl80211_msg_put_channel(msg, channel_before)) 7360 goto nla_put_failure; 7361 nla_nest_end(msg, nl_freq); 7362 7363 /* After */ 7364 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER); 7365 if (!nl_freq) 7366 goto nla_put_failure; 7367 if (nl80211_msg_put_channel(msg, channel_after)) 7368 goto nla_put_failure; 7369 nla_nest_end(msg, nl_freq); 7370 7371 genlmsg_end(msg, hdr); 7372 7373 rcu_read_lock(); 7374 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 7375 GFP_ATOMIC); 7376 rcu_read_unlock(); 7377 7378 return; 7379 7380 nla_put_failure: 7381 genlmsg_cancel(msg, hdr); 7382 nlmsg_free(msg); 7383 } 7384 7385 static void nl80211_send_remain_on_chan_event( 7386 int cmd, struct cfg80211_registered_device *rdev, 7387 struct net_device *netdev, u64 cookie, 7388 struct ieee80211_channel *chan, 7389 enum nl80211_channel_type channel_type, 7390 unsigned int duration, gfp_t gfp) 7391 { 7392 struct sk_buff *msg; 7393 void *hdr; 7394 7395 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7396 if (!msg) 7397 return; 7398 7399 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 7400 if (!hdr) { 7401 nlmsg_free(msg); 7402 return; 7403 } 7404 7405 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7406 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7407 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq); 7408 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, channel_type); 7409 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 7410 7411 if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL) 7412 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration); 7413 7414 genlmsg_end(msg, hdr); 7415 7416 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7417 nl80211_mlme_mcgrp.id, gfp); 7418 return; 7419 7420 nla_put_failure: 7421 genlmsg_cancel(msg, hdr); 7422 nlmsg_free(msg); 7423 } 7424 7425 void nl80211_send_remain_on_channel(struct cfg80211_registered_device *rdev, 7426 struct net_device *netdev, u64 cookie, 7427 struct ieee80211_channel *chan, 7428 enum nl80211_channel_type channel_type, 7429 unsigned int duration, gfp_t gfp) 7430 { 7431 nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL, 7432 rdev, netdev, cookie, chan, 7433 channel_type, duration, gfp); 7434 } 7435 7436 void nl80211_send_remain_on_channel_cancel( 7437 struct cfg80211_registered_device *rdev, struct net_device *netdev, 7438 u64 cookie, struct ieee80211_channel *chan, 7439 enum nl80211_channel_type channel_type, gfp_t gfp) 7440 { 7441 nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 7442 rdev, netdev, cookie, chan, 7443 channel_type, 0, gfp); 7444 } 7445 7446 void nl80211_send_sta_event(struct cfg80211_registered_device *rdev, 7447 struct net_device *dev, const u8 *mac_addr, 7448 struct station_info *sinfo, gfp_t gfp) 7449 { 7450 struct sk_buff *msg; 7451 7452 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7453 if (!msg) 7454 return; 7455 7456 if (nl80211_send_station(msg, 0, 0, 0, dev, mac_addr, sinfo) < 0) { 7457 nlmsg_free(msg); 7458 return; 7459 } 7460 7461 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7462 nl80211_mlme_mcgrp.id, gfp); 7463 } 7464 7465 void nl80211_send_sta_del_event(struct cfg80211_registered_device *rdev, 7466 struct net_device *dev, const u8 *mac_addr, 7467 gfp_t gfp) 7468 { 7469 struct sk_buff *msg; 7470 void *hdr; 7471 7472 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7473 if (!msg) 7474 return; 7475 7476 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DEL_STATION); 7477 if (!hdr) { 7478 nlmsg_free(msg); 7479 return; 7480 } 7481 7482 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 7483 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 7484 7485 genlmsg_end(msg, hdr); 7486 7487 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7488 nl80211_mlme_mcgrp.id, gfp); 7489 return; 7490 7491 nla_put_failure: 7492 genlmsg_cancel(msg, hdr); 7493 nlmsg_free(msg); 7494 } 7495 7496 static bool __nl80211_unexpected_frame(struct net_device *dev, u8 cmd, 7497 const u8 *addr, gfp_t gfp) 7498 { 7499 struct wireless_dev *wdev = dev->ieee80211_ptr; 7500 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy); 7501 struct sk_buff *msg; 7502 void *hdr; 7503 int err; 7504 u32 nlpid = ACCESS_ONCE(wdev->ap_unexpected_nlpid); 7505 7506 if (!nlpid) 7507 return false; 7508 7509 msg = nlmsg_new(100, gfp); 7510 if (!msg) 7511 return true; 7512 7513 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 7514 if (!hdr) { 7515 nlmsg_free(msg); 7516 return true; 7517 } 7518 7519 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7520 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 7521 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 7522 7523 err = genlmsg_end(msg, hdr); 7524 if (err < 0) { 7525 nlmsg_free(msg); 7526 return true; 7527 } 7528 7529 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 7530 return true; 7531 7532 nla_put_failure: 7533 genlmsg_cancel(msg, hdr); 7534 nlmsg_free(msg); 7535 return true; 7536 } 7537 7538 bool nl80211_unexpected_frame(struct net_device *dev, const u8 *addr, gfp_t gfp) 7539 { 7540 return __nl80211_unexpected_frame(dev, NL80211_CMD_UNEXPECTED_FRAME, 7541 addr, gfp); 7542 } 7543 7544 bool nl80211_unexpected_4addr_frame(struct net_device *dev, 7545 const u8 *addr, gfp_t gfp) 7546 { 7547 return __nl80211_unexpected_frame(dev, 7548 NL80211_CMD_UNEXPECTED_4ADDR_FRAME, 7549 addr, gfp); 7550 } 7551 7552 int nl80211_send_mgmt(struct cfg80211_registered_device *rdev, 7553 struct net_device *netdev, u32 nlpid, 7554 int freq, const u8 *buf, size_t len, gfp_t gfp) 7555 { 7556 struct sk_buff *msg; 7557 void *hdr; 7558 7559 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7560 if (!msg) 7561 return -ENOMEM; 7562 7563 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME); 7564 if (!hdr) { 7565 nlmsg_free(msg); 7566 return -ENOMEM; 7567 } 7568 7569 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7570 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7571 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq); 7572 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 7573 7574 genlmsg_end(msg, hdr); 7575 7576 return genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 7577 7578 nla_put_failure: 7579 genlmsg_cancel(msg, hdr); 7580 nlmsg_free(msg); 7581 return -ENOBUFS; 7582 } 7583 7584 void nl80211_send_mgmt_tx_status(struct cfg80211_registered_device *rdev, 7585 struct net_device *netdev, u64 cookie, 7586 const u8 *buf, size_t len, bool ack, 7587 gfp_t gfp) 7588 { 7589 struct sk_buff *msg; 7590 void *hdr; 7591 7592 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7593 if (!msg) 7594 return; 7595 7596 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME_TX_STATUS); 7597 if (!hdr) { 7598 nlmsg_free(msg); 7599 return; 7600 } 7601 7602 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7603 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7604 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 7605 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 7606 if (ack) 7607 NLA_PUT_FLAG(msg, NL80211_ATTR_ACK); 7608 7609 genlmsg_end(msg, hdr); 7610 7611 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp); 7612 return; 7613 7614 nla_put_failure: 7615 genlmsg_cancel(msg, hdr); 7616 nlmsg_free(msg); 7617 } 7618 7619 void 7620 nl80211_send_cqm_rssi_notify(struct cfg80211_registered_device *rdev, 7621 struct net_device *netdev, 7622 enum nl80211_cqm_rssi_threshold_event rssi_event, 7623 gfp_t gfp) 7624 { 7625 struct sk_buff *msg; 7626 struct nlattr *pinfoattr; 7627 void *hdr; 7628 7629 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7630 if (!msg) 7631 return; 7632 7633 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM); 7634 if (!hdr) { 7635 nlmsg_free(msg); 7636 return; 7637 } 7638 7639 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7640 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7641 7642 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM); 7643 if (!pinfoattr) 7644 goto nla_put_failure; 7645 7646 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT, 7647 rssi_event); 7648 7649 nla_nest_end(msg, pinfoattr); 7650 7651 genlmsg_end(msg, hdr); 7652 7653 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7654 nl80211_mlme_mcgrp.id, gfp); 7655 return; 7656 7657 nla_put_failure: 7658 genlmsg_cancel(msg, hdr); 7659 nlmsg_free(msg); 7660 } 7661 7662 void nl80211_gtk_rekey_notify(struct cfg80211_registered_device *rdev, 7663 struct net_device *netdev, const u8 *bssid, 7664 const u8 *replay_ctr, gfp_t gfp) 7665 { 7666 struct sk_buff *msg; 7667 struct nlattr *rekey_attr; 7668 void *hdr; 7669 7670 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7671 if (!msg) 7672 return; 7673 7674 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_REKEY_OFFLOAD); 7675 if (!hdr) { 7676 nlmsg_free(msg); 7677 return; 7678 } 7679 7680 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7681 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7682 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 7683 7684 rekey_attr = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA); 7685 if (!rekey_attr) 7686 goto nla_put_failure; 7687 7688 NLA_PUT(msg, NL80211_REKEY_DATA_REPLAY_CTR, 7689 NL80211_REPLAY_CTR_LEN, replay_ctr); 7690 7691 nla_nest_end(msg, rekey_attr); 7692 7693 genlmsg_end(msg, hdr); 7694 7695 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7696 nl80211_mlme_mcgrp.id, gfp); 7697 return; 7698 7699 nla_put_failure: 7700 genlmsg_cancel(msg, hdr); 7701 nlmsg_free(msg); 7702 } 7703 7704 void nl80211_pmksa_candidate_notify(struct cfg80211_registered_device *rdev, 7705 struct net_device *netdev, int index, 7706 const u8 *bssid, bool preauth, gfp_t gfp) 7707 { 7708 struct sk_buff *msg; 7709 struct nlattr *attr; 7710 void *hdr; 7711 7712 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7713 if (!msg) 7714 return; 7715 7716 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PMKSA_CANDIDATE); 7717 if (!hdr) { 7718 nlmsg_free(msg); 7719 return; 7720 } 7721 7722 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7723 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7724 7725 attr = nla_nest_start(msg, NL80211_ATTR_PMKSA_CANDIDATE); 7726 if (!attr) 7727 goto nla_put_failure; 7728 7729 NLA_PUT_U32(msg, NL80211_PMKSA_CANDIDATE_INDEX, index); 7730 NLA_PUT(msg, NL80211_PMKSA_CANDIDATE_BSSID, ETH_ALEN, bssid); 7731 if (preauth) 7732 NLA_PUT_FLAG(msg, NL80211_PMKSA_CANDIDATE_PREAUTH); 7733 7734 nla_nest_end(msg, attr); 7735 7736 genlmsg_end(msg, hdr); 7737 7738 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7739 nl80211_mlme_mcgrp.id, gfp); 7740 return; 7741 7742 nla_put_failure: 7743 genlmsg_cancel(msg, hdr); 7744 nlmsg_free(msg); 7745 } 7746 7747 void 7748 nl80211_send_cqm_pktloss_notify(struct cfg80211_registered_device *rdev, 7749 struct net_device *netdev, const u8 *peer, 7750 u32 num_packets, gfp_t gfp) 7751 { 7752 struct sk_buff *msg; 7753 struct nlattr *pinfoattr; 7754 void *hdr; 7755 7756 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7757 if (!msg) 7758 return; 7759 7760 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM); 7761 if (!hdr) { 7762 nlmsg_free(msg); 7763 return; 7764 } 7765 7766 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7767 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7768 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, peer); 7769 7770 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM); 7771 if (!pinfoattr) 7772 goto nla_put_failure; 7773 7774 NLA_PUT_U32(msg, NL80211_ATTR_CQM_PKT_LOSS_EVENT, num_packets); 7775 7776 nla_nest_end(msg, pinfoattr); 7777 7778 genlmsg_end(msg, hdr); 7779 7780 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7781 nl80211_mlme_mcgrp.id, gfp); 7782 return; 7783 7784 nla_put_failure: 7785 genlmsg_cancel(msg, hdr); 7786 nlmsg_free(msg); 7787 } 7788 7789 void cfg80211_probe_status(struct net_device *dev, const u8 *addr, 7790 u64 cookie, bool acked, gfp_t gfp) 7791 { 7792 struct wireless_dev *wdev = dev->ieee80211_ptr; 7793 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy); 7794 struct sk_buff *msg; 7795 void *hdr; 7796 int err; 7797 7798 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7799 if (!msg) 7800 return; 7801 7802 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PROBE_CLIENT); 7803 if (!hdr) { 7804 nlmsg_free(msg); 7805 return; 7806 } 7807 7808 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7809 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 7810 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 7811 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 7812 if (acked) 7813 NLA_PUT_FLAG(msg, NL80211_ATTR_ACK); 7814 7815 err = genlmsg_end(msg, hdr); 7816 if (err < 0) { 7817 nlmsg_free(msg); 7818 return; 7819 } 7820 7821 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7822 nl80211_mlme_mcgrp.id, gfp); 7823 return; 7824 7825 nla_put_failure: 7826 genlmsg_cancel(msg, hdr); 7827 nlmsg_free(msg); 7828 } 7829 EXPORT_SYMBOL(cfg80211_probe_status); 7830 7831 void cfg80211_report_obss_beacon(struct wiphy *wiphy, 7832 const u8 *frame, size_t len, 7833 int freq, gfp_t gfp) 7834 { 7835 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 7836 struct sk_buff *msg; 7837 void *hdr; 7838 u32 nlpid = ACCESS_ONCE(rdev->ap_beacons_nlpid); 7839 7840 if (!nlpid) 7841 return; 7842 7843 msg = nlmsg_new(len + 100, gfp); 7844 if (!msg) 7845 return; 7846 7847 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME); 7848 if (!hdr) { 7849 nlmsg_free(msg); 7850 return; 7851 } 7852 7853 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7854 if (freq) 7855 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq); 7856 NLA_PUT(msg, NL80211_ATTR_FRAME, len, frame); 7857 7858 genlmsg_end(msg, hdr); 7859 7860 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 7861 return; 7862 7863 nla_put_failure: 7864 genlmsg_cancel(msg, hdr); 7865 nlmsg_free(msg); 7866 } 7867 EXPORT_SYMBOL(cfg80211_report_obss_beacon); 7868 7869 static int nl80211_netlink_notify(struct notifier_block * nb, 7870 unsigned long state, 7871 void *_notify) 7872 { 7873 struct netlink_notify *notify = _notify; 7874 struct cfg80211_registered_device *rdev; 7875 struct wireless_dev *wdev; 7876 7877 if (state != NETLINK_URELEASE) 7878 return NOTIFY_DONE; 7879 7880 rcu_read_lock(); 7881 7882 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) { 7883 list_for_each_entry_rcu(wdev, &rdev->netdev_list, list) 7884 cfg80211_mlme_unregister_socket(wdev, notify->pid); 7885 if (rdev->ap_beacons_nlpid == notify->pid) 7886 rdev->ap_beacons_nlpid = 0; 7887 } 7888 7889 rcu_read_unlock(); 7890 7891 return NOTIFY_DONE; 7892 } 7893 7894 static struct notifier_block nl80211_netlink_notifier = { 7895 .notifier_call = nl80211_netlink_notify, 7896 }; 7897 7898 /* initialisation/exit functions */ 7899 7900 int nl80211_init(void) 7901 { 7902 int err; 7903 7904 err = genl_register_family_with_ops(&nl80211_fam, 7905 nl80211_ops, ARRAY_SIZE(nl80211_ops)); 7906 if (err) 7907 return err; 7908 7909 err = genl_register_mc_group(&nl80211_fam, &nl80211_config_mcgrp); 7910 if (err) 7911 goto err_out; 7912 7913 err = genl_register_mc_group(&nl80211_fam, &nl80211_scan_mcgrp); 7914 if (err) 7915 goto err_out; 7916 7917 err = genl_register_mc_group(&nl80211_fam, &nl80211_regulatory_mcgrp); 7918 if (err) 7919 goto err_out; 7920 7921 err = genl_register_mc_group(&nl80211_fam, &nl80211_mlme_mcgrp); 7922 if (err) 7923 goto err_out; 7924 7925 #ifdef CONFIG_NL80211_TESTMODE 7926 err = genl_register_mc_group(&nl80211_fam, &nl80211_testmode_mcgrp); 7927 if (err) 7928 goto err_out; 7929 #endif 7930 7931 err = netlink_register_notifier(&nl80211_netlink_notifier); 7932 if (err) 7933 goto err_out; 7934 7935 return 0; 7936 err_out: 7937 genl_unregister_family(&nl80211_fam); 7938 return err; 7939 } 7940 7941 void nl80211_exit(void) 7942 { 7943 netlink_unregister_notifier(&nl80211_netlink_notifier); 7944 genl_unregister_family(&nl80211_fam); 7945 } 7946