1 /* 2 * This is the new netlink-based wireless configuration interface. 3 * 4 * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net> 5 */ 6 7 #include <linux/if.h> 8 #include <linux/module.h> 9 #include <linux/err.h> 10 #include <linux/slab.h> 11 #include <linux/list.h> 12 #include <linux/if_ether.h> 13 #include <linux/ieee80211.h> 14 #include <linux/nl80211.h> 15 #include <linux/rtnetlink.h> 16 #include <linux/netlink.h> 17 #include <linux/etherdevice.h> 18 #include <net/net_namespace.h> 19 #include <net/genetlink.h> 20 #include <net/cfg80211.h> 21 #include <net/sock.h> 22 #include "core.h" 23 #include "nl80211.h" 24 #include "reg.h" 25 26 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb, 27 struct genl_info *info); 28 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb, 29 struct genl_info *info); 30 31 /* the netlink family */ 32 static struct genl_family nl80211_fam = { 33 .id = GENL_ID_GENERATE, /* don't bother with a hardcoded ID */ 34 .name = "nl80211", /* have users key off the name instead */ 35 .hdrsize = 0, /* no private header */ 36 .version = 1, /* no particular meaning now */ 37 .maxattr = NL80211_ATTR_MAX, 38 .netnsok = true, 39 .pre_doit = nl80211_pre_doit, 40 .post_doit = nl80211_post_doit, 41 }; 42 43 /* internal helper: get rdev and dev */ 44 static int get_rdev_dev_by_info_ifindex(struct genl_info *info, 45 struct cfg80211_registered_device **rdev, 46 struct net_device **dev) 47 { 48 struct nlattr **attrs = info->attrs; 49 int ifindex; 50 51 if (!attrs[NL80211_ATTR_IFINDEX]) 52 return -EINVAL; 53 54 ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]); 55 *dev = dev_get_by_index(genl_info_net(info), ifindex); 56 if (!*dev) 57 return -ENODEV; 58 59 *rdev = cfg80211_get_dev_from_ifindex(genl_info_net(info), ifindex); 60 if (IS_ERR(*rdev)) { 61 dev_put(*dev); 62 return PTR_ERR(*rdev); 63 } 64 65 return 0; 66 } 67 68 /* policy for the attributes */ 69 static const struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] = { 70 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 }, 71 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING, 72 .len = 20-1 }, 73 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED }, 74 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 }, 75 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 }, 76 [NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 }, 77 [NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 }, 78 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 }, 79 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 }, 80 [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 }, 81 82 [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 }, 83 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 }, 84 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 }, 85 86 [NL80211_ATTR_MAC] = { .type = NLA_BINARY, .len = ETH_ALEN }, 87 [NL80211_ATTR_PREV_BSSID] = { .type = NLA_BINARY, .len = ETH_ALEN }, 88 89 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, }, 90 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY, 91 .len = WLAN_MAX_KEY_LEN }, 92 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 }, 93 [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 }, 94 [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG }, 95 [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 }, 96 [NL80211_ATTR_KEY_TYPE] = { .type = NLA_U32 }, 97 98 [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 }, 99 [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 }, 100 [NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY, 101 .len = IEEE80211_MAX_DATA_LEN }, 102 [NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY, 103 .len = IEEE80211_MAX_DATA_LEN }, 104 [NL80211_ATTR_STA_AID] = { .type = NLA_U16 }, 105 [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED }, 106 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 }, 107 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY, 108 .len = NL80211_MAX_SUPP_RATES }, 109 [NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 }, 110 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 }, 111 [NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ }, 112 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY, 113 .len = IEEE80211_MAX_MESH_ID_LEN }, 114 [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 }, 115 116 [NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 }, 117 [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED }, 118 119 [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 }, 120 [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 }, 121 [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 }, 122 [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY, 123 .len = NL80211_MAX_SUPP_RATES }, 124 125 [NL80211_ATTR_MESH_PARAMS] = { .type = NLA_NESTED }, 126 127 [NL80211_ATTR_HT_CAPABILITY] = { .type = NLA_BINARY, 128 .len = NL80211_HT_CAPABILITY_LEN }, 129 130 [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 }, 131 [NL80211_ATTR_IE] = { .type = NLA_BINARY, 132 .len = IEEE80211_MAX_DATA_LEN }, 133 [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED }, 134 [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED }, 135 136 [NL80211_ATTR_SSID] = { .type = NLA_BINARY, 137 .len = IEEE80211_MAX_SSID_LEN }, 138 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 }, 139 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 }, 140 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG }, 141 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG }, 142 [NL80211_ATTR_USE_MFP] = { .type = NLA_U32 }, 143 [NL80211_ATTR_STA_FLAGS2] = { 144 .len = sizeof(struct nl80211_sta_flag_update), 145 }, 146 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG }, 147 [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 }, 148 [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG }, 149 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG }, 150 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 }, 151 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 }, 152 [NL80211_ATTR_PID] = { .type = NLA_U32 }, 153 [NL80211_ATTR_4ADDR] = { .type = NLA_U8 }, 154 [NL80211_ATTR_PMKID] = { .type = NLA_BINARY, 155 .len = WLAN_PMKID_LEN }, 156 [NL80211_ATTR_DURATION] = { .type = NLA_U32 }, 157 [NL80211_ATTR_COOKIE] = { .type = NLA_U64 }, 158 [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED }, 159 [NL80211_ATTR_FRAME] = { .type = NLA_BINARY, 160 .len = IEEE80211_MAX_DATA_LEN }, 161 [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, }, 162 [NL80211_ATTR_PS_STATE] = { .type = NLA_U32 }, 163 [NL80211_ATTR_CQM] = { .type = NLA_NESTED, }, 164 [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG }, 165 [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 }, 166 167 [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 }, 168 [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 }, 169 [NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 }, 170 }; 171 172 /* policy for the key attributes */ 173 static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = { 174 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN }, 175 [NL80211_KEY_IDX] = { .type = NLA_U8 }, 176 [NL80211_KEY_CIPHER] = { .type = NLA_U32 }, 177 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 }, 178 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG }, 179 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG }, 180 [NL80211_KEY_TYPE] = { .type = NLA_U32 }, 181 }; 182 183 /* ifidx get helper */ 184 static int nl80211_get_ifidx(struct netlink_callback *cb) 185 { 186 int res; 187 188 res = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, 189 nl80211_fam.attrbuf, nl80211_fam.maxattr, 190 nl80211_policy); 191 if (res) 192 return res; 193 194 if (!nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]) 195 return -EINVAL; 196 197 res = nla_get_u32(nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]); 198 if (!res) 199 return -EINVAL; 200 return res; 201 } 202 203 static int nl80211_prepare_netdev_dump(struct sk_buff *skb, 204 struct netlink_callback *cb, 205 struct cfg80211_registered_device **rdev, 206 struct net_device **dev) 207 { 208 int ifidx = cb->args[0]; 209 int err; 210 211 if (!ifidx) 212 ifidx = nl80211_get_ifidx(cb); 213 if (ifidx < 0) 214 return ifidx; 215 216 cb->args[0] = ifidx; 217 218 rtnl_lock(); 219 220 *dev = __dev_get_by_index(sock_net(skb->sk), ifidx); 221 if (!*dev) { 222 err = -ENODEV; 223 goto out_rtnl; 224 } 225 226 *rdev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx); 227 if (IS_ERR(dev)) { 228 err = PTR_ERR(dev); 229 goto out_rtnl; 230 } 231 232 return 0; 233 out_rtnl: 234 rtnl_unlock(); 235 return err; 236 } 237 238 static void nl80211_finish_netdev_dump(struct cfg80211_registered_device *rdev) 239 { 240 cfg80211_unlock_rdev(rdev); 241 rtnl_unlock(); 242 } 243 244 /* IE validation */ 245 static bool is_valid_ie_attr(const struct nlattr *attr) 246 { 247 const u8 *pos; 248 int len; 249 250 if (!attr) 251 return true; 252 253 pos = nla_data(attr); 254 len = nla_len(attr); 255 256 while (len) { 257 u8 elemlen; 258 259 if (len < 2) 260 return false; 261 len -= 2; 262 263 elemlen = pos[1]; 264 if (elemlen > len) 265 return false; 266 267 len -= elemlen; 268 pos += 2 + elemlen; 269 } 270 271 return true; 272 } 273 274 /* message building helper */ 275 static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq, 276 int flags, u8 cmd) 277 { 278 /* since there is no private header just add the generic one */ 279 return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd); 280 } 281 282 static int nl80211_msg_put_channel(struct sk_buff *msg, 283 struct ieee80211_channel *chan) 284 { 285 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_FREQ, 286 chan->center_freq); 287 288 if (chan->flags & IEEE80211_CHAN_DISABLED) 289 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_DISABLED); 290 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN) 291 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_PASSIVE_SCAN); 292 if (chan->flags & IEEE80211_CHAN_NO_IBSS) 293 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_NO_IBSS); 294 if (chan->flags & IEEE80211_CHAN_RADAR) 295 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_RADAR); 296 297 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER, 298 DBM_TO_MBM(chan->max_power)); 299 300 return 0; 301 302 nla_put_failure: 303 return -ENOBUFS; 304 } 305 306 /* netlink command implementations */ 307 308 struct key_parse { 309 struct key_params p; 310 int idx; 311 int type; 312 bool def, defmgmt; 313 }; 314 315 static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k) 316 { 317 struct nlattr *tb[NL80211_KEY_MAX + 1]; 318 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key, 319 nl80211_key_policy); 320 if (err) 321 return err; 322 323 k->def = !!tb[NL80211_KEY_DEFAULT]; 324 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT]; 325 326 if (tb[NL80211_KEY_IDX]) 327 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]); 328 329 if (tb[NL80211_KEY_DATA]) { 330 k->p.key = nla_data(tb[NL80211_KEY_DATA]); 331 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]); 332 } 333 334 if (tb[NL80211_KEY_SEQ]) { 335 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]); 336 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]); 337 } 338 339 if (tb[NL80211_KEY_CIPHER]) 340 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]); 341 342 if (tb[NL80211_KEY_TYPE]) { 343 k->type = nla_get_u32(tb[NL80211_KEY_TYPE]); 344 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) 345 return -EINVAL; 346 } 347 348 return 0; 349 } 350 351 static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k) 352 { 353 if (info->attrs[NL80211_ATTR_KEY_DATA]) { 354 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]); 355 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]); 356 } 357 358 if (info->attrs[NL80211_ATTR_KEY_SEQ]) { 359 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]); 360 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]); 361 } 362 363 if (info->attrs[NL80211_ATTR_KEY_IDX]) 364 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 365 366 if (info->attrs[NL80211_ATTR_KEY_CIPHER]) 367 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]); 368 369 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT]; 370 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT]; 371 372 if (info->attrs[NL80211_ATTR_KEY_TYPE]) { 373 k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); 374 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) 375 return -EINVAL; 376 } 377 378 return 0; 379 } 380 381 static int nl80211_parse_key(struct genl_info *info, struct key_parse *k) 382 { 383 int err; 384 385 memset(k, 0, sizeof(*k)); 386 k->idx = -1; 387 k->type = -1; 388 389 if (info->attrs[NL80211_ATTR_KEY]) 390 err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k); 391 else 392 err = nl80211_parse_key_old(info, k); 393 394 if (err) 395 return err; 396 397 if (k->def && k->defmgmt) 398 return -EINVAL; 399 400 if (k->idx != -1) { 401 if (k->defmgmt) { 402 if (k->idx < 4 || k->idx > 5) 403 return -EINVAL; 404 } else if (k->def) { 405 if (k->idx < 0 || k->idx > 3) 406 return -EINVAL; 407 } else { 408 if (k->idx < 0 || k->idx > 5) 409 return -EINVAL; 410 } 411 } 412 413 return 0; 414 } 415 416 static struct cfg80211_cached_keys * 417 nl80211_parse_connkeys(struct cfg80211_registered_device *rdev, 418 struct nlattr *keys) 419 { 420 struct key_parse parse; 421 struct nlattr *key; 422 struct cfg80211_cached_keys *result; 423 int rem, err, def = 0; 424 425 result = kzalloc(sizeof(*result), GFP_KERNEL); 426 if (!result) 427 return ERR_PTR(-ENOMEM); 428 429 result->def = -1; 430 result->defmgmt = -1; 431 432 nla_for_each_nested(key, keys, rem) { 433 memset(&parse, 0, sizeof(parse)); 434 parse.idx = -1; 435 436 err = nl80211_parse_key_new(key, &parse); 437 if (err) 438 goto error; 439 err = -EINVAL; 440 if (!parse.p.key) 441 goto error; 442 if (parse.idx < 0 || parse.idx > 4) 443 goto error; 444 if (parse.def) { 445 if (def) 446 goto error; 447 def = 1; 448 result->def = parse.idx; 449 } else if (parse.defmgmt) 450 goto error; 451 err = cfg80211_validate_key_settings(rdev, &parse.p, 452 parse.idx, false, NULL); 453 if (err) 454 goto error; 455 result->params[parse.idx].cipher = parse.p.cipher; 456 result->params[parse.idx].key_len = parse.p.key_len; 457 result->params[parse.idx].key = result->data[parse.idx]; 458 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len); 459 } 460 461 return result; 462 error: 463 kfree(result); 464 return ERR_PTR(err); 465 } 466 467 static int nl80211_key_allowed(struct wireless_dev *wdev) 468 { 469 ASSERT_WDEV_LOCK(wdev); 470 471 switch (wdev->iftype) { 472 case NL80211_IFTYPE_AP: 473 case NL80211_IFTYPE_AP_VLAN: 474 case NL80211_IFTYPE_P2P_GO: 475 break; 476 case NL80211_IFTYPE_ADHOC: 477 if (!wdev->current_bss) 478 return -ENOLINK; 479 break; 480 case NL80211_IFTYPE_STATION: 481 case NL80211_IFTYPE_P2P_CLIENT: 482 if (wdev->sme_state != CFG80211_SME_CONNECTED) 483 return -ENOLINK; 484 break; 485 default: 486 return -EINVAL; 487 } 488 489 return 0; 490 } 491 492 static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags, 493 struct cfg80211_registered_device *dev) 494 { 495 void *hdr; 496 struct nlattr *nl_bands, *nl_band; 497 struct nlattr *nl_freqs, *nl_freq; 498 struct nlattr *nl_rates, *nl_rate; 499 struct nlattr *nl_modes; 500 struct nlattr *nl_cmds; 501 enum ieee80211_band band; 502 struct ieee80211_channel *chan; 503 struct ieee80211_rate *rate; 504 int i; 505 u16 ifmodes = dev->wiphy.interface_modes; 506 const struct ieee80211_txrx_stypes *mgmt_stypes = 507 dev->wiphy.mgmt_stypes; 508 509 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_WIPHY); 510 if (!hdr) 511 return -1; 512 513 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx); 514 NLA_PUT_STRING(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy)); 515 516 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 517 cfg80211_rdev_list_generation); 518 519 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT, 520 dev->wiphy.retry_short); 521 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_LONG, 522 dev->wiphy.retry_long); 523 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, 524 dev->wiphy.frag_threshold); 525 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, 526 dev->wiphy.rts_threshold); 527 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS, 528 dev->wiphy.coverage_class); 529 530 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS, 531 dev->wiphy.max_scan_ssids); 532 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN, 533 dev->wiphy.max_scan_ie_len); 534 535 if (dev->wiphy.flags & WIPHY_FLAG_IBSS_RSN) 536 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_IBSS_RSN); 537 538 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES, 539 sizeof(u32) * dev->wiphy.n_cipher_suites, 540 dev->wiphy.cipher_suites); 541 542 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_PMKIDS, 543 dev->wiphy.max_num_pmkids); 544 545 if (dev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) 546 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE); 547 548 nl_modes = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_IFTYPES); 549 if (!nl_modes) 550 goto nla_put_failure; 551 552 i = 0; 553 while (ifmodes) { 554 if (ifmodes & 1) 555 NLA_PUT_FLAG(msg, i); 556 ifmodes >>= 1; 557 i++; 558 } 559 560 nla_nest_end(msg, nl_modes); 561 562 nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS); 563 if (!nl_bands) 564 goto nla_put_failure; 565 566 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 567 if (!dev->wiphy.bands[band]) 568 continue; 569 570 nl_band = nla_nest_start(msg, band); 571 if (!nl_band) 572 goto nla_put_failure; 573 574 /* add HT info */ 575 if (dev->wiphy.bands[band]->ht_cap.ht_supported) { 576 NLA_PUT(msg, NL80211_BAND_ATTR_HT_MCS_SET, 577 sizeof(dev->wiphy.bands[band]->ht_cap.mcs), 578 &dev->wiphy.bands[band]->ht_cap.mcs); 579 NLA_PUT_U16(msg, NL80211_BAND_ATTR_HT_CAPA, 580 dev->wiphy.bands[band]->ht_cap.cap); 581 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR, 582 dev->wiphy.bands[band]->ht_cap.ampdu_factor); 583 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY, 584 dev->wiphy.bands[band]->ht_cap.ampdu_density); 585 } 586 587 /* add frequencies */ 588 nl_freqs = nla_nest_start(msg, NL80211_BAND_ATTR_FREQS); 589 if (!nl_freqs) 590 goto nla_put_failure; 591 592 for (i = 0; i < dev->wiphy.bands[band]->n_channels; i++) { 593 nl_freq = nla_nest_start(msg, i); 594 if (!nl_freq) 595 goto nla_put_failure; 596 597 chan = &dev->wiphy.bands[band]->channels[i]; 598 599 if (nl80211_msg_put_channel(msg, chan)) 600 goto nla_put_failure; 601 602 nla_nest_end(msg, nl_freq); 603 } 604 605 nla_nest_end(msg, nl_freqs); 606 607 /* add bitrates */ 608 nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES); 609 if (!nl_rates) 610 goto nla_put_failure; 611 612 for (i = 0; i < dev->wiphy.bands[band]->n_bitrates; i++) { 613 nl_rate = nla_nest_start(msg, i); 614 if (!nl_rate) 615 goto nla_put_failure; 616 617 rate = &dev->wiphy.bands[band]->bitrates[i]; 618 NLA_PUT_U32(msg, NL80211_BITRATE_ATTR_RATE, 619 rate->bitrate); 620 if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) 621 NLA_PUT_FLAG(msg, 622 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE); 623 624 nla_nest_end(msg, nl_rate); 625 } 626 627 nla_nest_end(msg, nl_rates); 628 629 nla_nest_end(msg, nl_band); 630 } 631 nla_nest_end(msg, nl_bands); 632 633 nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS); 634 if (!nl_cmds) 635 goto nla_put_failure; 636 637 i = 0; 638 #define CMD(op, n) \ 639 do { \ 640 if (dev->ops->op) { \ 641 i++; \ 642 NLA_PUT_U32(msg, i, NL80211_CMD_ ## n); \ 643 } \ 644 } while (0) 645 646 CMD(add_virtual_intf, NEW_INTERFACE); 647 CMD(change_virtual_intf, SET_INTERFACE); 648 CMD(add_key, NEW_KEY); 649 CMD(add_beacon, NEW_BEACON); 650 CMD(add_station, NEW_STATION); 651 CMD(add_mpath, NEW_MPATH); 652 CMD(set_mesh_params, SET_MESH_PARAMS); 653 CMD(change_bss, SET_BSS); 654 CMD(auth, AUTHENTICATE); 655 CMD(assoc, ASSOCIATE); 656 CMD(deauth, DEAUTHENTICATE); 657 CMD(disassoc, DISASSOCIATE); 658 CMD(join_ibss, JOIN_IBSS); 659 CMD(set_pmksa, SET_PMKSA); 660 CMD(del_pmksa, DEL_PMKSA); 661 CMD(flush_pmksa, FLUSH_PMKSA); 662 CMD(remain_on_channel, REMAIN_ON_CHANNEL); 663 CMD(set_bitrate_mask, SET_TX_BITRATE_MASK); 664 CMD(mgmt_tx, FRAME); 665 if (dev->wiphy.flags & WIPHY_FLAG_NETNS_OK) { 666 i++; 667 NLA_PUT_U32(msg, i, NL80211_CMD_SET_WIPHY_NETNS); 668 } 669 CMD(set_channel, SET_CHANNEL); 670 CMD(set_wds_peer, SET_WDS_PEER); 671 672 #undef CMD 673 674 if (dev->ops->connect || dev->ops->auth) { 675 i++; 676 NLA_PUT_U32(msg, i, NL80211_CMD_CONNECT); 677 } 678 679 if (dev->ops->disconnect || dev->ops->deauth) { 680 i++; 681 NLA_PUT_U32(msg, i, NL80211_CMD_DISCONNECT); 682 } 683 684 nla_nest_end(msg, nl_cmds); 685 686 if (mgmt_stypes) { 687 u16 stypes; 688 struct nlattr *nl_ftypes, *nl_ifs; 689 enum nl80211_iftype ift; 690 691 nl_ifs = nla_nest_start(msg, NL80211_ATTR_TX_FRAME_TYPES); 692 if (!nl_ifs) 693 goto nla_put_failure; 694 695 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { 696 nl_ftypes = nla_nest_start(msg, ift); 697 if (!nl_ftypes) 698 goto nla_put_failure; 699 i = 0; 700 stypes = mgmt_stypes[ift].tx; 701 while (stypes) { 702 if (stypes & 1) 703 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, 704 (i << 4) | IEEE80211_FTYPE_MGMT); 705 stypes >>= 1; 706 i++; 707 } 708 nla_nest_end(msg, nl_ftypes); 709 } 710 711 nla_nest_end(msg, nl_ifs); 712 713 nl_ifs = nla_nest_start(msg, NL80211_ATTR_RX_FRAME_TYPES); 714 if (!nl_ifs) 715 goto nla_put_failure; 716 717 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { 718 nl_ftypes = nla_nest_start(msg, ift); 719 if (!nl_ftypes) 720 goto nla_put_failure; 721 i = 0; 722 stypes = mgmt_stypes[ift].rx; 723 while (stypes) { 724 if (stypes & 1) 725 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, 726 (i << 4) | IEEE80211_FTYPE_MGMT); 727 stypes >>= 1; 728 i++; 729 } 730 nla_nest_end(msg, nl_ftypes); 731 } 732 nla_nest_end(msg, nl_ifs); 733 } 734 735 return genlmsg_end(msg, hdr); 736 737 nla_put_failure: 738 genlmsg_cancel(msg, hdr); 739 return -EMSGSIZE; 740 } 741 742 static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb) 743 { 744 int idx = 0; 745 int start = cb->args[0]; 746 struct cfg80211_registered_device *dev; 747 748 mutex_lock(&cfg80211_mutex); 749 list_for_each_entry(dev, &cfg80211_rdev_list, list) { 750 if (!net_eq(wiphy_net(&dev->wiphy), sock_net(skb->sk))) 751 continue; 752 if (++idx <= start) 753 continue; 754 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid, 755 cb->nlh->nlmsg_seq, NLM_F_MULTI, 756 dev) < 0) { 757 idx--; 758 break; 759 } 760 } 761 mutex_unlock(&cfg80211_mutex); 762 763 cb->args[0] = idx; 764 765 return skb->len; 766 } 767 768 static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info) 769 { 770 struct sk_buff *msg; 771 struct cfg80211_registered_device *dev = info->user_ptr[0]; 772 773 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 774 if (!msg) 775 return -ENOMEM; 776 777 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0) { 778 nlmsg_free(msg); 779 return -ENOBUFS; 780 } 781 782 return genlmsg_reply(msg, info); 783 } 784 785 static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = { 786 [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 }, 787 [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 }, 788 [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 }, 789 [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 }, 790 [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 }, 791 }; 792 793 static int parse_txq_params(struct nlattr *tb[], 794 struct ieee80211_txq_params *txq_params) 795 { 796 if (!tb[NL80211_TXQ_ATTR_QUEUE] || !tb[NL80211_TXQ_ATTR_TXOP] || 797 !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] || 798 !tb[NL80211_TXQ_ATTR_AIFS]) 799 return -EINVAL; 800 801 txq_params->queue = nla_get_u8(tb[NL80211_TXQ_ATTR_QUEUE]); 802 txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]); 803 txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]); 804 txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]); 805 txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]); 806 807 return 0; 808 } 809 810 static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev) 811 { 812 /* 813 * You can only set the channel explicitly for AP, mesh 814 * and WDS type interfaces; all others have their channel 815 * managed via their respective "establish a connection" 816 * command (connect, join, ...) 817 * 818 * Monitors are special as they are normally slaved to 819 * whatever else is going on, so they behave as though 820 * you tried setting the wiphy channel itself. 821 */ 822 return !wdev || 823 wdev->iftype == NL80211_IFTYPE_AP || 824 wdev->iftype == NL80211_IFTYPE_WDS || 825 wdev->iftype == NL80211_IFTYPE_MESH_POINT || 826 wdev->iftype == NL80211_IFTYPE_MONITOR || 827 wdev->iftype == NL80211_IFTYPE_P2P_GO; 828 } 829 830 static int __nl80211_set_channel(struct cfg80211_registered_device *rdev, 831 struct wireless_dev *wdev, 832 struct genl_info *info) 833 { 834 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 835 u32 freq; 836 int result; 837 838 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 839 return -EINVAL; 840 841 if (!nl80211_can_set_dev_channel(wdev)) 842 return -EOPNOTSUPP; 843 844 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 845 channel_type = nla_get_u32(info->attrs[ 846 NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 847 if (channel_type != NL80211_CHAN_NO_HT && 848 channel_type != NL80211_CHAN_HT20 && 849 channel_type != NL80211_CHAN_HT40PLUS && 850 channel_type != NL80211_CHAN_HT40MINUS) 851 return -EINVAL; 852 } 853 854 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 855 856 mutex_lock(&rdev->devlist_mtx); 857 if (wdev) { 858 wdev_lock(wdev); 859 result = cfg80211_set_freq(rdev, wdev, freq, channel_type); 860 wdev_unlock(wdev); 861 } else { 862 result = cfg80211_set_freq(rdev, NULL, freq, channel_type); 863 } 864 mutex_unlock(&rdev->devlist_mtx); 865 866 return result; 867 } 868 869 static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info) 870 { 871 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 872 struct net_device *netdev = info->user_ptr[1]; 873 874 return __nl80211_set_channel(rdev, netdev->ieee80211_ptr, info); 875 } 876 877 static int nl80211_set_wds_peer(struct sk_buff *skb, struct genl_info *info) 878 { 879 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 880 struct net_device *dev = info->user_ptr[1]; 881 struct wireless_dev *wdev = dev->ieee80211_ptr; 882 const u8 *bssid; 883 884 if (!info->attrs[NL80211_ATTR_MAC]) 885 return -EINVAL; 886 887 if (netif_running(dev)) 888 return -EBUSY; 889 890 if (!rdev->ops->set_wds_peer) 891 return -EOPNOTSUPP; 892 893 if (wdev->iftype != NL80211_IFTYPE_WDS) 894 return -EOPNOTSUPP; 895 896 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 897 return rdev->ops->set_wds_peer(wdev->wiphy, dev, bssid); 898 } 899 900 901 static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info) 902 { 903 struct cfg80211_registered_device *rdev; 904 struct net_device *netdev = NULL; 905 struct wireless_dev *wdev; 906 int result = 0, rem_txq_params = 0; 907 struct nlattr *nl_txq_params; 908 u32 changed; 909 u8 retry_short = 0, retry_long = 0; 910 u32 frag_threshold = 0, rts_threshold = 0; 911 u8 coverage_class = 0; 912 913 /* 914 * Try to find the wiphy and netdev. Normally this 915 * function shouldn't need the netdev, but this is 916 * done for backward compatibility -- previously 917 * setting the channel was done per wiphy, but now 918 * it is per netdev. Previous userland like hostapd 919 * also passed a netdev to set_wiphy, so that it is 920 * possible to let that go to the right netdev! 921 */ 922 mutex_lock(&cfg80211_mutex); 923 924 if (info->attrs[NL80211_ATTR_IFINDEX]) { 925 int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]); 926 927 netdev = dev_get_by_index(genl_info_net(info), ifindex); 928 if (netdev && netdev->ieee80211_ptr) { 929 rdev = wiphy_to_dev(netdev->ieee80211_ptr->wiphy); 930 mutex_lock(&rdev->mtx); 931 } else 932 netdev = NULL; 933 } 934 935 if (!netdev) { 936 rdev = __cfg80211_rdev_from_info(info); 937 if (IS_ERR(rdev)) { 938 mutex_unlock(&cfg80211_mutex); 939 return PTR_ERR(rdev); 940 } 941 wdev = NULL; 942 netdev = NULL; 943 result = 0; 944 945 mutex_lock(&rdev->mtx); 946 } else if (netif_running(netdev) && 947 nl80211_can_set_dev_channel(netdev->ieee80211_ptr)) 948 wdev = netdev->ieee80211_ptr; 949 else 950 wdev = NULL; 951 952 /* 953 * end workaround code, by now the rdev is available 954 * and locked, and wdev may or may not be NULL. 955 */ 956 957 if (info->attrs[NL80211_ATTR_WIPHY_NAME]) 958 result = cfg80211_dev_rename( 959 rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME])); 960 961 mutex_unlock(&cfg80211_mutex); 962 963 if (result) 964 goto bad_res; 965 966 if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) { 967 struct ieee80211_txq_params txq_params; 968 struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1]; 969 970 if (!rdev->ops->set_txq_params) { 971 result = -EOPNOTSUPP; 972 goto bad_res; 973 } 974 975 nla_for_each_nested(nl_txq_params, 976 info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS], 977 rem_txq_params) { 978 nla_parse(tb, NL80211_TXQ_ATTR_MAX, 979 nla_data(nl_txq_params), 980 nla_len(nl_txq_params), 981 txq_params_policy); 982 result = parse_txq_params(tb, &txq_params); 983 if (result) 984 goto bad_res; 985 986 result = rdev->ops->set_txq_params(&rdev->wiphy, 987 &txq_params); 988 if (result) 989 goto bad_res; 990 } 991 } 992 993 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 994 result = __nl80211_set_channel(rdev, wdev, info); 995 if (result) 996 goto bad_res; 997 } 998 999 if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) { 1000 enum nl80211_tx_power_setting type; 1001 int idx, mbm = 0; 1002 1003 if (!rdev->ops->set_tx_power) { 1004 result = -EOPNOTSUPP; 1005 goto bad_res; 1006 } 1007 1008 idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING; 1009 type = nla_get_u32(info->attrs[idx]); 1010 1011 if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] && 1012 (type != NL80211_TX_POWER_AUTOMATIC)) { 1013 result = -EINVAL; 1014 goto bad_res; 1015 } 1016 1017 if (type != NL80211_TX_POWER_AUTOMATIC) { 1018 idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL; 1019 mbm = nla_get_u32(info->attrs[idx]); 1020 } 1021 1022 result = rdev->ops->set_tx_power(&rdev->wiphy, type, mbm); 1023 if (result) 1024 goto bad_res; 1025 } 1026 1027 changed = 0; 1028 1029 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) { 1030 retry_short = nla_get_u8( 1031 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]); 1032 if (retry_short == 0) { 1033 result = -EINVAL; 1034 goto bad_res; 1035 } 1036 changed |= WIPHY_PARAM_RETRY_SHORT; 1037 } 1038 1039 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) { 1040 retry_long = nla_get_u8( 1041 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]); 1042 if (retry_long == 0) { 1043 result = -EINVAL; 1044 goto bad_res; 1045 } 1046 changed |= WIPHY_PARAM_RETRY_LONG; 1047 } 1048 1049 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) { 1050 frag_threshold = nla_get_u32( 1051 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]); 1052 if (frag_threshold < 256) { 1053 result = -EINVAL; 1054 goto bad_res; 1055 } 1056 if (frag_threshold != (u32) -1) { 1057 /* 1058 * Fragments (apart from the last one) are required to 1059 * have even length. Make the fragmentation code 1060 * simpler by stripping LSB should someone try to use 1061 * odd threshold value. 1062 */ 1063 frag_threshold &= ~0x1; 1064 } 1065 changed |= WIPHY_PARAM_FRAG_THRESHOLD; 1066 } 1067 1068 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) { 1069 rts_threshold = nla_get_u32( 1070 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]); 1071 changed |= WIPHY_PARAM_RTS_THRESHOLD; 1072 } 1073 1074 if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) { 1075 coverage_class = nla_get_u8( 1076 info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]); 1077 changed |= WIPHY_PARAM_COVERAGE_CLASS; 1078 } 1079 1080 if (changed) { 1081 u8 old_retry_short, old_retry_long; 1082 u32 old_frag_threshold, old_rts_threshold; 1083 u8 old_coverage_class; 1084 1085 if (!rdev->ops->set_wiphy_params) { 1086 result = -EOPNOTSUPP; 1087 goto bad_res; 1088 } 1089 1090 old_retry_short = rdev->wiphy.retry_short; 1091 old_retry_long = rdev->wiphy.retry_long; 1092 old_frag_threshold = rdev->wiphy.frag_threshold; 1093 old_rts_threshold = rdev->wiphy.rts_threshold; 1094 old_coverage_class = rdev->wiphy.coverage_class; 1095 1096 if (changed & WIPHY_PARAM_RETRY_SHORT) 1097 rdev->wiphy.retry_short = retry_short; 1098 if (changed & WIPHY_PARAM_RETRY_LONG) 1099 rdev->wiphy.retry_long = retry_long; 1100 if (changed & WIPHY_PARAM_FRAG_THRESHOLD) 1101 rdev->wiphy.frag_threshold = frag_threshold; 1102 if (changed & WIPHY_PARAM_RTS_THRESHOLD) 1103 rdev->wiphy.rts_threshold = rts_threshold; 1104 if (changed & WIPHY_PARAM_COVERAGE_CLASS) 1105 rdev->wiphy.coverage_class = coverage_class; 1106 1107 result = rdev->ops->set_wiphy_params(&rdev->wiphy, changed); 1108 if (result) { 1109 rdev->wiphy.retry_short = old_retry_short; 1110 rdev->wiphy.retry_long = old_retry_long; 1111 rdev->wiphy.frag_threshold = old_frag_threshold; 1112 rdev->wiphy.rts_threshold = old_rts_threshold; 1113 rdev->wiphy.coverage_class = old_coverage_class; 1114 } 1115 } 1116 1117 bad_res: 1118 mutex_unlock(&rdev->mtx); 1119 if (netdev) 1120 dev_put(netdev); 1121 return result; 1122 } 1123 1124 1125 static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags, 1126 struct cfg80211_registered_device *rdev, 1127 struct net_device *dev) 1128 { 1129 void *hdr; 1130 1131 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_INTERFACE); 1132 if (!hdr) 1133 return -1; 1134 1135 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1136 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 1137 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, dev->name); 1138 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, dev->ieee80211_ptr->iftype); 1139 1140 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 1141 rdev->devlist_generation ^ 1142 (cfg80211_rdev_list_generation << 2)); 1143 1144 return genlmsg_end(msg, hdr); 1145 1146 nla_put_failure: 1147 genlmsg_cancel(msg, hdr); 1148 return -EMSGSIZE; 1149 } 1150 1151 static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb) 1152 { 1153 int wp_idx = 0; 1154 int if_idx = 0; 1155 int wp_start = cb->args[0]; 1156 int if_start = cb->args[1]; 1157 struct cfg80211_registered_device *rdev; 1158 struct wireless_dev *wdev; 1159 1160 mutex_lock(&cfg80211_mutex); 1161 list_for_each_entry(rdev, &cfg80211_rdev_list, list) { 1162 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk))) 1163 continue; 1164 if (wp_idx < wp_start) { 1165 wp_idx++; 1166 continue; 1167 } 1168 if_idx = 0; 1169 1170 mutex_lock(&rdev->devlist_mtx); 1171 list_for_each_entry(wdev, &rdev->netdev_list, list) { 1172 if (if_idx < if_start) { 1173 if_idx++; 1174 continue; 1175 } 1176 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid, 1177 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1178 rdev, wdev->netdev) < 0) { 1179 mutex_unlock(&rdev->devlist_mtx); 1180 goto out; 1181 } 1182 if_idx++; 1183 } 1184 mutex_unlock(&rdev->devlist_mtx); 1185 1186 wp_idx++; 1187 } 1188 out: 1189 mutex_unlock(&cfg80211_mutex); 1190 1191 cb->args[0] = wp_idx; 1192 cb->args[1] = if_idx; 1193 1194 return skb->len; 1195 } 1196 1197 static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info) 1198 { 1199 struct sk_buff *msg; 1200 struct cfg80211_registered_device *dev = info->user_ptr[0]; 1201 struct net_device *netdev = info->user_ptr[1]; 1202 1203 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1204 if (!msg) 1205 return -ENOMEM; 1206 1207 if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0, 1208 dev, netdev) < 0) { 1209 nlmsg_free(msg); 1210 return -ENOBUFS; 1211 } 1212 1213 return genlmsg_reply(msg, info); 1214 } 1215 1216 static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = { 1217 [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG }, 1218 [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG }, 1219 [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG }, 1220 [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG }, 1221 [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG }, 1222 }; 1223 1224 static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags) 1225 { 1226 struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1]; 1227 int flag; 1228 1229 *mntrflags = 0; 1230 1231 if (!nla) 1232 return -EINVAL; 1233 1234 if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX, 1235 nla, mntr_flags_policy)) 1236 return -EINVAL; 1237 1238 for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++) 1239 if (flags[flag]) 1240 *mntrflags |= (1<<flag); 1241 1242 return 0; 1243 } 1244 1245 static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev, 1246 struct net_device *netdev, u8 use_4addr, 1247 enum nl80211_iftype iftype) 1248 { 1249 if (!use_4addr) { 1250 if (netdev && (netdev->priv_flags & IFF_BRIDGE_PORT)) 1251 return -EBUSY; 1252 return 0; 1253 } 1254 1255 switch (iftype) { 1256 case NL80211_IFTYPE_AP_VLAN: 1257 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP) 1258 return 0; 1259 break; 1260 case NL80211_IFTYPE_STATION: 1261 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION) 1262 return 0; 1263 break; 1264 default: 1265 break; 1266 } 1267 1268 return -EOPNOTSUPP; 1269 } 1270 1271 static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info) 1272 { 1273 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1274 struct vif_params params; 1275 int err; 1276 enum nl80211_iftype otype, ntype; 1277 struct net_device *dev = info->user_ptr[1]; 1278 u32 _flags, *flags = NULL; 1279 bool change = false; 1280 1281 memset(¶ms, 0, sizeof(params)); 1282 1283 otype = ntype = dev->ieee80211_ptr->iftype; 1284 1285 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1286 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1287 if (otype != ntype) 1288 change = true; 1289 if (ntype > NL80211_IFTYPE_MAX) 1290 return -EINVAL; 1291 } 1292 1293 if (info->attrs[NL80211_ATTR_MESH_ID]) { 1294 if (ntype != NL80211_IFTYPE_MESH_POINT) 1295 return -EINVAL; 1296 params.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]); 1297 params.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1298 change = true; 1299 } 1300 1301 if (info->attrs[NL80211_ATTR_4ADDR]) { 1302 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1303 change = true; 1304 err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype); 1305 if (err) 1306 return err; 1307 } else { 1308 params.use_4addr = -1; 1309 } 1310 1311 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) { 1312 if (ntype != NL80211_IFTYPE_MONITOR) 1313 return -EINVAL; 1314 err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS], 1315 &_flags); 1316 if (err) 1317 return err; 1318 1319 flags = &_flags; 1320 change = true; 1321 } 1322 1323 if (change) 1324 err = cfg80211_change_iface(rdev, dev, ntype, flags, ¶ms); 1325 else 1326 err = 0; 1327 1328 if (!err && params.use_4addr != -1) 1329 dev->ieee80211_ptr->use_4addr = params.use_4addr; 1330 1331 return err; 1332 } 1333 1334 static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) 1335 { 1336 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1337 struct vif_params params; 1338 int err; 1339 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED; 1340 u32 flags; 1341 1342 memset(¶ms, 0, sizeof(params)); 1343 1344 if (!info->attrs[NL80211_ATTR_IFNAME]) 1345 return -EINVAL; 1346 1347 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1348 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1349 if (type > NL80211_IFTYPE_MAX) 1350 return -EINVAL; 1351 } 1352 1353 if (!rdev->ops->add_virtual_intf || 1354 !(rdev->wiphy.interface_modes & (1 << type))) 1355 return -EOPNOTSUPP; 1356 1357 if (type == NL80211_IFTYPE_MESH_POINT && 1358 info->attrs[NL80211_ATTR_MESH_ID]) { 1359 params.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]); 1360 params.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1361 } 1362 1363 if (info->attrs[NL80211_ATTR_4ADDR]) { 1364 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1365 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type); 1366 if (err) 1367 return err; 1368 } 1369 1370 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ? 1371 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL, 1372 &flags); 1373 err = rdev->ops->add_virtual_intf(&rdev->wiphy, 1374 nla_data(info->attrs[NL80211_ATTR_IFNAME]), 1375 type, err ? NULL : &flags, ¶ms); 1376 1377 return err; 1378 } 1379 1380 static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info) 1381 { 1382 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1383 struct net_device *dev = info->user_ptr[1]; 1384 1385 if (!rdev->ops->del_virtual_intf) 1386 return -EOPNOTSUPP; 1387 1388 return rdev->ops->del_virtual_intf(&rdev->wiphy, dev); 1389 } 1390 1391 struct get_key_cookie { 1392 struct sk_buff *msg; 1393 int error; 1394 int idx; 1395 }; 1396 1397 static void get_key_callback(void *c, struct key_params *params) 1398 { 1399 struct nlattr *key; 1400 struct get_key_cookie *cookie = c; 1401 1402 if (params->key) 1403 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_DATA, 1404 params->key_len, params->key); 1405 1406 if (params->seq) 1407 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_SEQ, 1408 params->seq_len, params->seq); 1409 1410 if (params->cipher) 1411 NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER, 1412 params->cipher); 1413 1414 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY); 1415 if (!key) 1416 goto nla_put_failure; 1417 1418 if (params->key) 1419 NLA_PUT(cookie->msg, NL80211_KEY_DATA, 1420 params->key_len, params->key); 1421 1422 if (params->seq) 1423 NLA_PUT(cookie->msg, NL80211_KEY_SEQ, 1424 params->seq_len, params->seq); 1425 1426 if (params->cipher) 1427 NLA_PUT_U32(cookie->msg, NL80211_KEY_CIPHER, 1428 params->cipher); 1429 1430 NLA_PUT_U8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx); 1431 1432 nla_nest_end(cookie->msg, key); 1433 1434 return; 1435 nla_put_failure: 1436 cookie->error = 1; 1437 } 1438 1439 static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info) 1440 { 1441 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1442 int err; 1443 struct net_device *dev = info->user_ptr[1]; 1444 u8 key_idx = 0; 1445 const u8 *mac_addr = NULL; 1446 bool pairwise; 1447 struct get_key_cookie cookie = { 1448 .error = 0, 1449 }; 1450 void *hdr; 1451 struct sk_buff *msg; 1452 1453 if (info->attrs[NL80211_ATTR_KEY_IDX]) 1454 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 1455 1456 if (key_idx > 5) 1457 return -EINVAL; 1458 1459 if (info->attrs[NL80211_ATTR_MAC]) 1460 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1461 1462 pairwise = !!mac_addr; 1463 if (info->attrs[NL80211_ATTR_KEY_TYPE]) { 1464 u32 kt = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); 1465 if (kt >= NUM_NL80211_KEYTYPES) 1466 return -EINVAL; 1467 if (kt != NL80211_KEYTYPE_GROUP && 1468 kt != NL80211_KEYTYPE_PAIRWISE) 1469 return -EINVAL; 1470 pairwise = kt == NL80211_KEYTYPE_PAIRWISE; 1471 } 1472 1473 if (!rdev->ops->get_key) 1474 return -EOPNOTSUPP; 1475 1476 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1477 if (!msg) 1478 return -ENOMEM; 1479 1480 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 1481 NL80211_CMD_NEW_KEY); 1482 if (IS_ERR(hdr)) 1483 return PTR_ERR(hdr); 1484 1485 cookie.msg = msg; 1486 cookie.idx = key_idx; 1487 1488 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1489 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx); 1490 if (mac_addr) 1491 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 1492 1493 if (pairwise && mac_addr && 1494 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) 1495 return -ENOENT; 1496 1497 err = rdev->ops->get_key(&rdev->wiphy, dev, key_idx, pairwise, 1498 mac_addr, &cookie, get_key_callback); 1499 1500 if (err) 1501 goto free_msg; 1502 1503 if (cookie.error) 1504 goto nla_put_failure; 1505 1506 genlmsg_end(msg, hdr); 1507 return genlmsg_reply(msg, info); 1508 1509 nla_put_failure: 1510 err = -ENOBUFS; 1511 free_msg: 1512 nlmsg_free(msg); 1513 return err; 1514 } 1515 1516 static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info) 1517 { 1518 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1519 struct key_parse key; 1520 int err; 1521 struct net_device *dev = info->user_ptr[1]; 1522 int (*func)(struct wiphy *wiphy, struct net_device *netdev, 1523 u8 key_index); 1524 1525 err = nl80211_parse_key(info, &key); 1526 if (err) 1527 return err; 1528 1529 if (key.idx < 0) 1530 return -EINVAL; 1531 1532 /* only support setting default key */ 1533 if (!key.def && !key.defmgmt) 1534 return -EINVAL; 1535 1536 if (key.def) 1537 func = rdev->ops->set_default_key; 1538 else 1539 func = rdev->ops->set_default_mgmt_key; 1540 1541 if (!func) 1542 return -EOPNOTSUPP; 1543 1544 wdev_lock(dev->ieee80211_ptr); 1545 err = nl80211_key_allowed(dev->ieee80211_ptr); 1546 if (!err) 1547 err = func(&rdev->wiphy, dev, key.idx); 1548 1549 #ifdef CONFIG_CFG80211_WEXT 1550 if (!err) { 1551 if (func == rdev->ops->set_default_key) 1552 dev->ieee80211_ptr->wext.default_key = key.idx; 1553 else 1554 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx; 1555 } 1556 #endif 1557 wdev_unlock(dev->ieee80211_ptr); 1558 1559 return err; 1560 } 1561 1562 static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info) 1563 { 1564 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1565 int err; 1566 struct net_device *dev = info->user_ptr[1]; 1567 struct key_parse key; 1568 const u8 *mac_addr = NULL; 1569 1570 err = nl80211_parse_key(info, &key); 1571 if (err) 1572 return err; 1573 1574 if (!key.p.key) 1575 return -EINVAL; 1576 1577 if (info->attrs[NL80211_ATTR_MAC]) 1578 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1579 1580 if (key.type == -1) { 1581 if (mac_addr) 1582 key.type = NL80211_KEYTYPE_PAIRWISE; 1583 else 1584 key.type = NL80211_KEYTYPE_GROUP; 1585 } 1586 1587 /* for now */ 1588 if (key.type != NL80211_KEYTYPE_PAIRWISE && 1589 key.type != NL80211_KEYTYPE_GROUP) 1590 return -EINVAL; 1591 1592 if (!rdev->ops->add_key) 1593 return -EOPNOTSUPP; 1594 1595 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx, 1596 key.type == NL80211_KEYTYPE_PAIRWISE, 1597 mac_addr)) 1598 return -EINVAL; 1599 1600 wdev_lock(dev->ieee80211_ptr); 1601 err = nl80211_key_allowed(dev->ieee80211_ptr); 1602 if (!err) 1603 err = rdev->ops->add_key(&rdev->wiphy, dev, key.idx, 1604 key.type == NL80211_KEYTYPE_PAIRWISE, 1605 mac_addr, &key.p); 1606 wdev_unlock(dev->ieee80211_ptr); 1607 1608 return err; 1609 } 1610 1611 static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info) 1612 { 1613 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1614 int err; 1615 struct net_device *dev = info->user_ptr[1]; 1616 u8 *mac_addr = NULL; 1617 struct key_parse key; 1618 1619 err = nl80211_parse_key(info, &key); 1620 if (err) 1621 return err; 1622 1623 if (info->attrs[NL80211_ATTR_MAC]) 1624 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1625 1626 if (key.type == -1) { 1627 if (mac_addr) 1628 key.type = NL80211_KEYTYPE_PAIRWISE; 1629 else 1630 key.type = NL80211_KEYTYPE_GROUP; 1631 } 1632 1633 /* for now */ 1634 if (key.type != NL80211_KEYTYPE_PAIRWISE && 1635 key.type != NL80211_KEYTYPE_GROUP) 1636 return -EINVAL; 1637 1638 if (!rdev->ops->del_key) 1639 return -EOPNOTSUPP; 1640 1641 wdev_lock(dev->ieee80211_ptr); 1642 err = nl80211_key_allowed(dev->ieee80211_ptr); 1643 1644 if (key.type == NL80211_KEYTYPE_PAIRWISE && mac_addr && 1645 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) 1646 err = -ENOENT; 1647 1648 if (!err) 1649 err = rdev->ops->del_key(&rdev->wiphy, dev, key.idx, 1650 key.type == NL80211_KEYTYPE_PAIRWISE, 1651 mac_addr); 1652 1653 #ifdef CONFIG_CFG80211_WEXT 1654 if (!err) { 1655 if (key.idx == dev->ieee80211_ptr->wext.default_key) 1656 dev->ieee80211_ptr->wext.default_key = -1; 1657 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key) 1658 dev->ieee80211_ptr->wext.default_mgmt_key = -1; 1659 } 1660 #endif 1661 wdev_unlock(dev->ieee80211_ptr); 1662 1663 return err; 1664 } 1665 1666 static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info) 1667 { 1668 int (*call)(struct wiphy *wiphy, struct net_device *dev, 1669 struct beacon_parameters *info); 1670 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1671 struct net_device *dev = info->user_ptr[1]; 1672 struct beacon_parameters params; 1673 int haveinfo = 0; 1674 1675 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_BEACON_TAIL])) 1676 return -EINVAL; 1677 1678 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 1679 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 1680 return -EOPNOTSUPP; 1681 1682 switch (info->genlhdr->cmd) { 1683 case NL80211_CMD_NEW_BEACON: 1684 /* these are required for NEW_BEACON */ 1685 if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] || 1686 !info->attrs[NL80211_ATTR_DTIM_PERIOD] || 1687 !info->attrs[NL80211_ATTR_BEACON_HEAD]) 1688 return -EINVAL; 1689 1690 call = rdev->ops->add_beacon; 1691 break; 1692 case NL80211_CMD_SET_BEACON: 1693 call = rdev->ops->set_beacon; 1694 break; 1695 default: 1696 WARN_ON(1); 1697 return -EOPNOTSUPP; 1698 } 1699 1700 if (!call) 1701 return -EOPNOTSUPP; 1702 1703 memset(¶ms, 0, sizeof(params)); 1704 1705 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) { 1706 params.interval = 1707 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 1708 haveinfo = 1; 1709 } 1710 1711 if (info->attrs[NL80211_ATTR_DTIM_PERIOD]) { 1712 params.dtim_period = 1713 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]); 1714 haveinfo = 1; 1715 } 1716 1717 if (info->attrs[NL80211_ATTR_BEACON_HEAD]) { 1718 params.head = nla_data(info->attrs[NL80211_ATTR_BEACON_HEAD]); 1719 params.head_len = 1720 nla_len(info->attrs[NL80211_ATTR_BEACON_HEAD]); 1721 haveinfo = 1; 1722 } 1723 1724 if (info->attrs[NL80211_ATTR_BEACON_TAIL]) { 1725 params.tail = nla_data(info->attrs[NL80211_ATTR_BEACON_TAIL]); 1726 params.tail_len = 1727 nla_len(info->attrs[NL80211_ATTR_BEACON_TAIL]); 1728 haveinfo = 1; 1729 } 1730 1731 if (!haveinfo) 1732 return -EINVAL; 1733 1734 return call(&rdev->wiphy, dev, ¶ms); 1735 } 1736 1737 static int nl80211_del_beacon(struct sk_buff *skb, struct genl_info *info) 1738 { 1739 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1740 struct net_device *dev = info->user_ptr[1]; 1741 1742 if (!rdev->ops->del_beacon) 1743 return -EOPNOTSUPP; 1744 1745 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 1746 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 1747 return -EOPNOTSUPP; 1748 1749 return rdev->ops->del_beacon(&rdev->wiphy, dev); 1750 } 1751 1752 static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = { 1753 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG }, 1754 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG }, 1755 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG }, 1756 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG }, 1757 }; 1758 1759 static int parse_station_flags(struct genl_info *info, 1760 struct station_parameters *params) 1761 { 1762 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1]; 1763 struct nlattr *nla; 1764 int flag; 1765 1766 /* 1767 * Try parsing the new attribute first so userspace 1768 * can specify both for older kernels. 1769 */ 1770 nla = info->attrs[NL80211_ATTR_STA_FLAGS2]; 1771 if (nla) { 1772 struct nl80211_sta_flag_update *sta_flags; 1773 1774 sta_flags = nla_data(nla); 1775 params->sta_flags_mask = sta_flags->mask; 1776 params->sta_flags_set = sta_flags->set; 1777 if ((params->sta_flags_mask | 1778 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID)) 1779 return -EINVAL; 1780 return 0; 1781 } 1782 1783 /* if present, parse the old attribute */ 1784 1785 nla = info->attrs[NL80211_ATTR_STA_FLAGS]; 1786 if (!nla) 1787 return 0; 1788 1789 if (nla_parse_nested(flags, NL80211_STA_FLAG_MAX, 1790 nla, sta_flags_policy)) 1791 return -EINVAL; 1792 1793 params->sta_flags_mask = (1 << __NL80211_STA_FLAG_AFTER_LAST) - 1; 1794 params->sta_flags_mask &= ~1; 1795 1796 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++) 1797 if (flags[flag]) 1798 params->sta_flags_set |= (1<<flag); 1799 1800 return 0; 1801 } 1802 1803 static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq, 1804 int flags, struct net_device *dev, 1805 const u8 *mac_addr, struct station_info *sinfo) 1806 { 1807 void *hdr; 1808 struct nlattr *sinfoattr, *txrate; 1809 u16 bitrate; 1810 1811 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 1812 if (!hdr) 1813 return -1; 1814 1815 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1816 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 1817 1818 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, sinfo->generation); 1819 1820 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO); 1821 if (!sinfoattr) 1822 goto nla_put_failure; 1823 if (sinfo->filled & STATION_INFO_INACTIVE_TIME) 1824 NLA_PUT_U32(msg, NL80211_STA_INFO_INACTIVE_TIME, 1825 sinfo->inactive_time); 1826 if (sinfo->filled & STATION_INFO_RX_BYTES) 1827 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_BYTES, 1828 sinfo->rx_bytes); 1829 if (sinfo->filled & STATION_INFO_TX_BYTES) 1830 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_BYTES, 1831 sinfo->tx_bytes); 1832 if (sinfo->filled & STATION_INFO_LLID) 1833 NLA_PUT_U16(msg, NL80211_STA_INFO_LLID, 1834 sinfo->llid); 1835 if (sinfo->filled & STATION_INFO_PLID) 1836 NLA_PUT_U16(msg, NL80211_STA_INFO_PLID, 1837 sinfo->plid); 1838 if (sinfo->filled & STATION_INFO_PLINK_STATE) 1839 NLA_PUT_U8(msg, NL80211_STA_INFO_PLINK_STATE, 1840 sinfo->plink_state); 1841 if (sinfo->filled & STATION_INFO_SIGNAL) 1842 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL, 1843 sinfo->signal); 1844 if (sinfo->filled & STATION_INFO_TX_BITRATE) { 1845 txrate = nla_nest_start(msg, NL80211_STA_INFO_TX_BITRATE); 1846 if (!txrate) 1847 goto nla_put_failure; 1848 1849 /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */ 1850 bitrate = cfg80211_calculate_bitrate(&sinfo->txrate); 1851 if (bitrate > 0) 1852 NLA_PUT_U16(msg, NL80211_RATE_INFO_BITRATE, bitrate); 1853 1854 if (sinfo->txrate.flags & RATE_INFO_FLAGS_MCS) 1855 NLA_PUT_U8(msg, NL80211_RATE_INFO_MCS, 1856 sinfo->txrate.mcs); 1857 if (sinfo->txrate.flags & RATE_INFO_FLAGS_40_MHZ_WIDTH) 1858 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_40_MHZ_WIDTH); 1859 if (sinfo->txrate.flags & RATE_INFO_FLAGS_SHORT_GI) 1860 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_SHORT_GI); 1861 1862 nla_nest_end(msg, txrate); 1863 } 1864 if (sinfo->filled & STATION_INFO_RX_PACKETS) 1865 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_PACKETS, 1866 sinfo->rx_packets); 1867 if (sinfo->filled & STATION_INFO_TX_PACKETS) 1868 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_PACKETS, 1869 sinfo->tx_packets); 1870 if (sinfo->filled & STATION_INFO_TX_RETRIES) 1871 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_RETRIES, 1872 sinfo->tx_retries); 1873 if (sinfo->filled & STATION_INFO_TX_FAILED) 1874 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_FAILED, 1875 sinfo->tx_failed); 1876 nla_nest_end(msg, sinfoattr); 1877 1878 return genlmsg_end(msg, hdr); 1879 1880 nla_put_failure: 1881 genlmsg_cancel(msg, hdr); 1882 return -EMSGSIZE; 1883 } 1884 1885 static int nl80211_dump_station(struct sk_buff *skb, 1886 struct netlink_callback *cb) 1887 { 1888 struct station_info sinfo; 1889 struct cfg80211_registered_device *dev; 1890 struct net_device *netdev; 1891 u8 mac_addr[ETH_ALEN]; 1892 int sta_idx = cb->args[1]; 1893 int err; 1894 1895 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 1896 if (err) 1897 return err; 1898 1899 if (!dev->ops->dump_station) { 1900 err = -EOPNOTSUPP; 1901 goto out_err; 1902 } 1903 1904 while (1) { 1905 err = dev->ops->dump_station(&dev->wiphy, netdev, sta_idx, 1906 mac_addr, &sinfo); 1907 if (err == -ENOENT) 1908 break; 1909 if (err) 1910 goto out_err; 1911 1912 if (nl80211_send_station(skb, 1913 NETLINK_CB(cb->skb).pid, 1914 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1915 netdev, mac_addr, 1916 &sinfo) < 0) 1917 goto out; 1918 1919 sta_idx++; 1920 } 1921 1922 1923 out: 1924 cb->args[1] = sta_idx; 1925 err = skb->len; 1926 out_err: 1927 nl80211_finish_netdev_dump(dev); 1928 1929 return err; 1930 } 1931 1932 static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info) 1933 { 1934 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1935 struct net_device *dev = info->user_ptr[1]; 1936 struct station_info sinfo; 1937 struct sk_buff *msg; 1938 u8 *mac_addr = NULL; 1939 int err; 1940 1941 memset(&sinfo, 0, sizeof(sinfo)); 1942 1943 if (!info->attrs[NL80211_ATTR_MAC]) 1944 return -EINVAL; 1945 1946 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1947 1948 if (!rdev->ops->get_station) 1949 return -EOPNOTSUPP; 1950 1951 err = rdev->ops->get_station(&rdev->wiphy, dev, mac_addr, &sinfo); 1952 if (err) 1953 return err; 1954 1955 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1956 if (!msg) 1957 return -ENOMEM; 1958 1959 if (nl80211_send_station(msg, info->snd_pid, info->snd_seq, 0, 1960 dev, mac_addr, &sinfo) < 0) { 1961 nlmsg_free(msg); 1962 return -ENOBUFS; 1963 } 1964 1965 return genlmsg_reply(msg, info); 1966 } 1967 1968 /* 1969 * Get vlan interface making sure it is running and on the right wiphy. 1970 */ 1971 static int get_vlan(struct genl_info *info, 1972 struct cfg80211_registered_device *rdev, 1973 struct net_device **vlan) 1974 { 1975 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN]; 1976 *vlan = NULL; 1977 1978 if (vlanattr) { 1979 *vlan = dev_get_by_index(genl_info_net(info), 1980 nla_get_u32(vlanattr)); 1981 if (!*vlan) 1982 return -ENODEV; 1983 if (!(*vlan)->ieee80211_ptr) 1984 return -EINVAL; 1985 if ((*vlan)->ieee80211_ptr->wiphy != &rdev->wiphy) 1986 return -EINVAL; 1987 if (!netif_running(*vlan)) 1988 return -ENETDOWN; 1989 } 1990 return 0; 1991 } 1992 1993 static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info) 1994 { 1995 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1996 int err; 1997 struct net_device *dev = info->user_ptr[1]; 1998 struct station_parameters params; 1999 u8 *mac_addr = NULL; 2000 2001 memset(¶ms, 0, sizeof(params)); 2002 2003 params.listen_interval = -1; 2004 2005 if (info->attrs[NL80211_ATTR_STA_AID]) 2006 return -EINVAL; 2007 2008 if (!info->attrs[NL80211_ATTR_MAC]) 2009 return -EINVAL; 2010 2011 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2012 2013 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) { 2014 params.supported_rates = 2015 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2016 params.supported_rates_len = 2017 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2018 } 2019 2020 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2021 params.listen_interval = 2022 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2023 2024 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2025 params.ht_capa = 2026 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2027 2028 if (parse_station_flags(info, ¶ms)) 2029 return -EINVAL; 2030 2031 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) 2032 params.plink_action = 2033 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]); 2034 2035 err = get_vlan(info, rdev, ¶ms.vlan); 2036 if (err) 2037 goto out; 2038 2039 /* validate settings */ 2040 err = 0; 2041 2042 switch (dev->ieee80211_ptr->iftype) { 2043 case NL80211_IFTYPE_AP: 2044 case NL80211_IFTYPE_AP_VLAN: 2045 case NL80211_IFTYPE_P2P_GO: 2046 /* disallow mesh-specific things */ 2047 if (params.plink_action) 2048 err = -EINVAL; 2049 break; 2050 case NL80211_IFTYPE_P2P_CLIENT: 2051 case NL80211_IFTYPE_STATION: 2052 /* disallow everything but AUTHORIZED flag */ 2053 if (params.plink_action) 2054 err = -EINVAL; 2055 if (params.vlan) 2056 err = -EINVAL; 2057 if (params.supported_rates) 2058 err = -EINVAL; 2059 if (params.ht_capa) 2060 err = -EINVAL; 2061 if (params.listen_interval >= 0) 2062 err = -EINVAL; 2063 if (params.sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED)) 2064 err = -EINVAL; 2065 break; 2066 case NL80211_IFTYPE_MESH_POINT: 2067 /* disallow things mesh doesn't support */ 2068 if (params.vlan) 2069 err = -EINVAL; 2070 if (params.ht_capa) 2071 err = -EINVAL; 2072 if (params.listen_interval >= 0) 2073 err = -EINVAL; 2074 if (params.supported_rates) 2075 err = -EINVAL; 2076 if (params.sta_flags_mask) 2077 err = -EINVAL; 2078 break; 2079 default: 2080 err = -EINVAL; 2081 } 2082 2083 if (err) 2084 goto out; 2085 2086 if (!rdev->ops->change_station) { 2087 err = -EOPNOTSUPP; 2088 goto out; 2089 } 2090 2091 err = rdev->ops->change_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2092 2093 out: 2094 if (params.vlan) 2095 dev_put(params.vlan); 2096 2097 return err; 2098 } 2099 2100 static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info) 2101 { 2102 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2103 int err; 2104 struct net_device *dev = info->user_ptr[1]; 2105 struct station_parameters params; 2106 u8 *mac_addr = NULL; 2107 2108 memset(¶ms, 0, sizeof(params)); 2109 2110 if (!info->attrs[NL80211_ATTR_MAC]) 2111 return -EINVAL; 2112 2113 if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2114 return -EINVAL; 2115 2116 if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) 2117 return -EINVAL; 2118 2119 if (!info->attrs[NL80211_ATTR_STA_AID]) 2120 return -EINVAL; 2121 2122 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2123 params.supported_rates = 2124 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2125 params.supported_rates_len = 2126 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2127 params.listen_interval = 2128 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2129 2130 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]); 2131 if (!params.aid || params.aid > IEEE80211_MAX_AID) 2132 return -EINVAL; 2133 2134 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2135 params.ht_capa = 2136 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2137 2138 if (parse_station_flags(info, ¶ms)) 2139 return -EINVAL; 2140 2141 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2142 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 2143 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2144 return -EINVAL; 2145 2146 err = get_vlan(info, rdev, ¶ms.vlan); 2147 if (err) 2148 goto out; 2149 2150 /* validate settings */ 2151 err = 0; 2152 2153 if (!rdev->ops->add_station) { 2154 err = -EOPNOTSUPP; 2155 goto out; 2156 } 2157 2158 err = rdev->ops->add_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2159 2160 out: 2161 if (params.vlan) 2162 dev_put(params.vlan); 2163 return err; 2164 } 2165 2166 static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info) 2167 { 2168 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2169 struct net_device *dev = info->user_ptr[1]; 2170 u8 *mac_addr = NULL; 2171 2172 if (info->attrs[NL80211_ATTR_MAC]) 2173 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2174 2175 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2176 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 2177 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 2178 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2179 return -EINVAL; 2180 2181 if (!rdev->ops->del_station) 2182 return -EOPNOTSUPP; 2183 2184 return rdev->ops->del_station(&rdev->wiphy, dev, mac_addr); 2185 } 2186 2187 static int nl80211_send_mpath(struct sk_buff *msg, u32 pid, u32 seq, 2188 int flags, struct net_device *dev, 2189 u8 *dst, u8 *next_hop, 2190 struct mpath_info *pinfo) 2191 { 2192 void *hdr; 2193 struct nlattr *pinfoattr; 2194 2195 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 2196 if (!hdr) 2197 return -1; 2198 2199 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2200 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst); 2201 NLA_PUT(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop); 2202 2203 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, pinfo->generation); 2204 2205 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO); 2206 if (!pinfoattr) 2207 goto nla_put_failure; 2208 if (pinfo->filled & MPATH_INFO_FRAME_QLEN) 2209 NLA_PUT_U32(msg, NL80211_MPATH_INFO_FRAME_QLEN, 2210 pinfo->frame_qlen); 2211 if (pinfo->filled & MPATH_INFO_SN) 2212 NLA_PUT_U32(msg, NL80211_MPATH_INFO_SN, 2213 pinfo->sn); 2214 if (pinfo->filled & MPATH_INFO_METRIC) 2215 NLA_PUT_U32(msg, NL80211_MPATH_INFO_METRIC, 2216 pinfo->metric); 2217 if (pinfo->filled & MPATH_INFO_EXPTIME) 2218 NLA_PUT_U32(msg, NL80211_MPATH_INFO_EXPTIME, 2219 pinfo->exptime); 2220 if (pinfo->filled & MPATH_INFO_FLAGS) 2221 NLA_PUT_U8(msg, NL80211_MPATH_INFO_FLAGS, 2222 pinfo->flags); 2223 if (pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT) 2224 NLA_PUT_U32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT, 2225 pinfo->discovery_timeout); 2226 if (pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES) 2227 NLA_PUT_U8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES, 2228 pinfo->discovery_retries); 2229 2230 nla_nest_end(msg, pinfoattr); 2231 2232 return genlmsg_end(msg, hdr); 2233 2234 nla_put_failure: 2235 genlmsg_cancel(msg, hdr); 2236 return -EMSGSIZE; 2237 } 2238 2239 static int nl80211_dump_mpath(struct sk_buff *skb, 2240 struct netlink_callback *cb) 2241 { 2242 struct mpath_info pinfo; 2243 struct cfg80211_registered_device *dev; 2244 struct net_device *netdev; 2245 u8 dst[ETH_ALEN]; 2246 u8 next_hop[ETH_ALEN]; 2247 int path_idx = cb->args[1]; 2248 int err; 2249 2250 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 2251 if (err) 2252 return err; 2253 2254 if (!dev->ops->dump_mpath) { 2255 err = -EOPNOTSUPP; 2256 goto out_err; 2257 } 2258 2259 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) { 2260 err = -EOPNOTSUPP; 2261 goto out_err; 2262 } 2263 2264 while (1) { 2265 err = dev->ops->dump_mpath(&dev->wiphy, netdev, path_idx, 2266 dst, next_hop, &pinfo); 2267 if (err == -ENOENT) 2268 break; 2269 if (err) 2270 goto out_err; 2271 2272 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).pid, 2273 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2274 netdev, dst, next_hop, 2275 &pinfo) < 0) 2276 goto out; 2277 2278 path_idx++; 2279 } 2280 2281 2282 out: 2283 cb->args[1] = path_idx; 2284 err = skb->len; 2285 out_err: 2286 nl80211_finish_netdev_dump(dev); 2287 return err; 2288 } 2289 2290 static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info) 2291 { 2292 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2293 int err; 2294 struct net_device *dev = info->user_ptr[1]; 2295 struct mpath_info pinfo; 2296 struct sk_buff *msg; 2297 u8 *dst = NULL; 2298 u8 next_hop[ETH_ALEN]; 2299 2300 memset(&pinfo, 0, sizeof(pinfo)); 2301 2302 if (!info->attrs[NL80211_ATTR_MAC]) 2303 return -EINVAL; 2304 2305 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2306 2307 if (!rdev->ops->get_mpath) 2308 return -EOPNOTSUPP; 2309 2310 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2311 return -EOPNOTSUPP; 2312 2313 err = rdev->ops->get_mpath(&rdev->wiphy, dev, dst, next_hop, &pinfo); 2314 if (err) 2315 return err; 2316 2317 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2318 if (!msg) 2319 return -ENOMEM; 2320 2321 if (nl80211_send_mpath(msg, info->snd_pid, info->snd_seq, 0, 2322 dev, dst, next_hop, &pinfo) < 0) { 2323 nlmsg_free(msg); 2324 return -ENOBUFS; 2325 } 2326 2327 return genlmsg_reply(msg, info); 2328 } 2329 2330 static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info) 2331 { 2332 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2333 struct net_device *dev = info->user_ptr[1]; 2334 u8 *dst = NULL; 2335 u8 *next_hop = NULL; 2336 2337 if (!info->attrs[NL80211_ATTR_MAC]) 2338 return -EINVAL; 2339 2340 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 2341 return -EINVAL; 2342 2343 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2344 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 2345 2346 if (!rdev->ops->change_mpath) 2347 return -EOPNOTSUPP; 2348 2349 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2350 return -EOPNOTSUPP; 2351 2352 return rdev->ops->change_mpath(&rdev->wiphy, dev, dst, next_hop); 2353 } 2354 2355 static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info) 2356 { 2357 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2358 struct net_device *dev = info->user_ptr[1]; 2359 u8 *dst = NULL; 2360 u8 *next_hop = NULL; 2361 2362 if (!info->attrs[NL80211_ATTR_MAC]) 2363 return -EINVAL; 2364 2365 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 2366 return -EINVAL; 2367 2368 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2369 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 2370 2371 if (!rdev->ops->add_mpath) 2372 return -EOPNOTSUPP; 2373 2374 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2375 return -EOPNOTSUPP; 2376 2377 return rdev->ops->add_mpath(&rdev->wiphy, dev, dst, next_hop); 2378 } 2379 2380 static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info) 2381 { 2382 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2383 struct net_device *dev = info->user_ptr[1]; 2384 u8 *dst = NULL; 2385 2386 if (info->attrs[NL80211_ATTR_MAC]) 2387 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2388 2389 if (!rdev->ops->del_mpath) 2390 return -EOPNOTSUPP; 2391 2392 return rdev->ops->del_mpath(&rdev->wiphy, dev, dst); 2393 } 2394 2395 static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info) 2396 { 2397 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2398 struct net_device *dev = info->user_ptr[1]; 2399 struct bss_parameters params; 2400 2401 memset(¶ms, 0, sizeof(params)); 2402 /* default to not changing parameters */ 2403 params.use_cts_prot = -1; 2404 params.use_short_preamble = -1; 2405 params.use_short_slot_time = -1; 2406 params.ap_isolate = -1; 2407 2408 if (info->attrs[NL80211_ATTR_BSS_CTS_PROT]) 2409 params.use_cts_prot = 2410 nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]); 2411 if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]) 2412 params.use_short_preamble = 2413 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]); 2414 if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]) 2415 params.use_short_slot_time = 2416 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]); 2417 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 2418 params.basic_rates = 2419 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 2420 params.basic_rates_len = 2421 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 2422 } 2423 if (info->attrs[NL80211_ATTR_AP_ISOLATE]) 2424 params.ap_isolate = !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]); 2425 2426 if (!rdev->ops->change_bss) 2427 return -EOPNOTSUPP; 2428 2429 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2430 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2431 return -EOPNOTSUPP; 2432 2433 return rdev->ops->change_bss(&rdev->wiphy, dev, ¶ms); 2434 } 2435 2436 static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = { 2437 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 }, 2438 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 }, 2439 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 }, 2440 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 }, 2441 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 }, 2442 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 }, 2443 }; 2444 2445 static int parse_reg_rule(struct nlattr *tb[], 2446 struct ieee80211_reg_rule *reg_rule) 2447 { 2448 struct ieee80211_freq_range *freq_range = ®_rule->freq_range; 2449 struct ieee80211_power_rule *power_rule = ®_rule->power_rule; 2450 2451 if (!tb[NL80211_ATTR_REG_RULE_FLAGS]) 2452 return -EINVAL; 2453 if (!tb[NL80211_ATTR_FREQ_RANGE_START]) 2454 return -EINVAL; 2455 if (!tb[NL80211_ATTR_FREQ_RANGE_END]) 2456 return -EINVAL; 2457 if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) 2458 return -EINVAL; 2459 if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]) 2460 return -EINVAL; 2461 2462 reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]); 2463 2464 freq_range->start_freq_khz = 2465 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]); 2466 freq_range->end_freq_khz = 2467 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]); 2468 freq_range->max_bandwidth_khz = 2469 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]); 2470 2471 power_rule->max_eirp = 2472 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]); 2473 2474 if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]) 2475 power_rule->max_antenna_gain = 2476 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]); 2477 2478 return 0; 2479 } 2480 2481 static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info) 2482 { 2483 int r; 2484 char *data = NULL; 2485 2486 /* 2487 * You should only get this when cfg80211 hasn't yet initialized 2488 * completely when built-in to the kernel right between the time 2489 * window between nl80211_init() and regulatory_init(), if that is 2490 * even possible. 2491 */ 2492 mutex_lock(&cfg80211_mutex); 2493 if (unlikely(!cfg80211_regdomain)) { 2494 mutex_unlock(&cfg80211_mutex); 2495 return -EINPROGRESS; 2496 } 2497 mutex_unlock(&cfg80211_mutex); 2498 2499 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 2500 return -EINVAL; 2501 2502 data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 2503 2504 r = regulatory_hint_user(data); 2505 2506 return r; 2507 } 2508 2509 static int nl80211_get_mesh_params(struct sk_buff *skb, 2510 struct genl_info *info) 2511 { 2512 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2513 struct mesh_config cur_params; 2514 int err; 2515 struct net_device *dev = info->user_ptr[1]; 2516 void *hdr; 2517 struct nlattr *pinfoattr; 2518 struct sk_buff *msg; 2519 2520 if (!rdev->ops->get_mesh_params) 2521 return -EOPNOTSUPP; 2522 2523 /* Get the mesh params */ 2524 err = rdev->ops->get_mesh_params(&rdev->wiphy, dev, &cur_params); 2525 if (err) 2526 return err; 2527 2528 /* Draw up a netlink message to send back */ 2529 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2530 if (!msg) 2531 return -ENOMEM; 2532 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 2533 NL80211_CMD_GET_MESH_PARAMS); 2534 if (!hdr) 2535 goto nla_put_failure; 2536 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MESH_PARAMS); 2537 if (!pinfoattr) 2538 goto nla_put_failure; 2539 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2540 NLA_PUT_U16(msg, NL80211_MESHCONF_RETRY_TIMEOUT, 2541 cur_params.dot11MeshRetryTimeout); 2542 NLA_PUT_U16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT, 2543 cur_params.dot11MeshConfirmTimeout); 2544 NLA_PUT_U16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT, 2545 cur_params.dot11MeshHoldingTimeout); 2546 NLA_PUT_U16(msg, NL80211_MESHCONF_MAX_PEER_LINKS, 2547 cur_params.dot11MeshMaxPeerLinks); 2548 NLA_PUT_U8(msg, NL80211_MESHCONF_MAX_RETRIES, 2549 cur_params.dot11MeshMaxRetries); 2550 NLA_PUT_U8(msg, NL80211_MESHCONF_TTL, 2551 cur_params.dot11MeshTTL); 2552 NLA_PUT_U8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 2553 cur_params.auto_open_plinks); 2554 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 2555 cur_params.dot11MeshHWMPmaxPREQretries); 2556 NLA_PUT_U32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME, 2557 cur_params.path_refresh_time); 2558 NLA_PUT_U16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 2559 cur_params.min_discovery_timeout); 2560 NLA_PUT_U32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 2561 cur_params.dot11MeshHWMPactivePathTimeout); 2562 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 2563 cur_params.dot11MeshHWMPpreqMinInterval); 2564 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 2565 cur_params.dot11MeshHWMPnetDiameterTraversalTime); 2566 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_ROOTMODE, 2567 cur_params.dot11MeshHWMPRootMode); 2568 nla_nest_end(msg, pinfoattr); 2569 genlmsg_end(msg, hdr); 2570 return genlmsg_reply(msg, info); 2571 2572 nla_put_failure: 2573 genlmsg_cancel(msg, hdr); 2574 nlmsg_free(msg); 2575 return -ENOBUFS; 2576 } 2577 2578 #define FILL_IN_MESH_PARAM_IF_SET(table, cfg, param, mask, attr_num, nla_fn) \ 2579 do {\ 2580 if (table[attr_num]) {\ 2581 cfg.param = nla_fn(table[attr_num]); \ 2582 mask |= (1 << (attr_num - 1)); \ 2583 } \ 2584 } while (0);\ 2585 2586 static const struct nla_policy nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = { 2587 [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 }, 2588 [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 }, 2589 [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 }, 2590 [NL80211_MESHCONF_MAX_PEER_LINKS] = { .type = NLA_U16 }, 2591 [NL80211_MESHCONF_MAX_RETRIES] = { .type = NLA_U8 }, 2592 [NL80211_MESHCONF_TTL] = { .type = NLA_U8 }, 2593 [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = { .type = NLA_U8 }, 2594 2595 [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 }, 2596 [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 }, 2597 [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = { .type = NLA_U16 }, 2598 [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 }, 2599 [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] = { .type = NLA_U16 }, 2600 [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] = { .type = NLA_U16 }, 2601 }; 2602 2603 static int nl80211_set_mesh_params(struct sk_buff *skb, struct genl_info *info) 2604 { 2605 u32 mask; 2606 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2607 struct net_device *dev = info->user_ptr[1]; 2608 struct mesh_config cfg; 2609 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1]; 2610 struct nlattr *parent_attr; 2611 2612 parent_attr = info->attrs[NL80211_ATTR_MESH_PARAMS]; 2613 if (!parent_attr) 2614 return -EINVAL; 2615 if (nla_parse_nested(tb, NL80211_MESHCONF_ATTR_MAX, 2616 parent_attr, nl80211_meshconf_params_policy)) 2617 return -EINVAL; 2618 2619 if (!rdev->ops->set_mesh_params) 2620 return -EOPNOTSUPP; 2621 2622 /* This makes sure that there aren't more than 32 mesh config 2623 * parameters (otherwise our bitfield scheme would not work.) */ 2624 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32); 2625 2626 /* Fill in the params struct */ 2627 mask = 0; 2628 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, 2629 mask, NL80211_MESHCONF_RETRY_TIMEOUT, nla_get_u16); 2630 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, 2631 mask, NL80211_MESHCONF_CONFIRM_TIMEOUT, nla_get_u16); 2632 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, 2633 mask, NL80211_MESHCONF_HOLDING_TIMEOUT, nla_get_u16); 2634 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, 2635 mask, NL80211_MESHCONF_MAX_PEER_LINKS, nla_get_u16); 2636 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, 2637 mask, NL80211_MESHCONF_MAX_RETRIES, nla_get_u8); 2638 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, 2639 mask, NL80211_MESHCONF_TTL, nla_get_u8); 2640 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, 2641 mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS, nla_get_u8); 2642 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, 2643 mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 2644 nla_get_u8); 2645 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, 2646 mask, NL80211_MESHCONF_PATH_REFRESH_TIME, nla_get_u32); 2647 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, 2648 mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 2649 nla_get_u16); 2650 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout, 2651 mask, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 2652 nla_get_u32); 2653 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval, 2654 mask, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 2655 nla_get_u16); 2656 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 2657 dot11MeshHWMPnetDiameterTraversalTime, 2658 mask, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 2659 nla_get_u16); 2660 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 2661 dot11MeshHWMPRootMode, mask, 2662 NL80211_MESHCONF_HWMP_ROOTMODE, 2663 nla_get_u8); 2664 2665 /* Apply changes */ 2666 return rdev->ops->set_mesh_params(&rdev->wiphy, dev, &cfg, mask); 2667 } 2668 2669 #undef FILL_IN_MESH_PARAM_IF_SET 2670 2671 static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info) 2672 { 2673 struct sk_buff *msg; 2674 void *hdr = NULL; 2675 struct nlattr *nl_reg_rules; 2676 unsigned int i; 2677 int err = -EINVAL; 2678 2679 mutex_lock(&cfg80211_mutex); 2680 2681 if (!cfg80211_regdomain) 2682 goto out; 2683 2684 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2685 if (!msg) { 2686 err = -ENOBUFS; 2687 goto out; 2688 } 2689 2690 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 2691 NL80211_CMD_GET_REG); 2692 if (!hdr) 2693 goto nla_put_failure; 2694 2695 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, 2696 cfg80211_regdomain->alpha2); 2697 2698 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES); 2699 if (!nl_reg_rules) 2700 goto nla_put_failure; 2701 2702 for (i = 0; i < cfg80211_regdomain->n_reg_rules; i++) { 2703 struct nlattr *nl_reg_rule; 2704 const struct ieee80211_reg_rule *reg_rule; 2705 const struct ieee80211_freq_range *freq_range; 2706 const struct ieee80211_power_rule *power_rule; 2707 2708 reg_rule = &cfg80211_regdomain->reg_rules[i]; 2709 freq_range = ®_rule->freq_range; 2710 power_rule = ®_rule->power_rule; 2711 2712 nl_reg_rule = nla_nest_start(msg, i); 2713 if (!nl_reg_rule) 2714 goto nla_put_failure; 2715 2716 NLA_PUT_U32(msg, NL80211_ATTR_REG_RULE_FLAGS, 2717 reg_rule->flags); 2718 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_START, 2719 freq_range->start_freq_khz); 2720 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_END, 2721 freq_range->end_freq_khz); 2722 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW, 2723 freq_range->max_bandwidth_khz); 2724 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN, 2725 power_rule->max_antenna_gain); 2726 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP, 2727 power_rule->max_eirp); 2728 2729 nla_nest_end(msg, nl_reg_rule); 2730 } 2731 2732 nla_nest_end(msg, nl_reg_rules); 2733 2734 genlmsg_end(msg, hdr); 2735 err = genlmsg_reply(msg, info); 2736 goto out; 2737 2738 nla_put_failure: 2739 genlmsg_cancel(msg, hdr); 2740 nlmsg_free(msg); 2741 err = -EMSGSIZE; 2742 out: 2743 mutex_unlock(&cfg80211_mutex); 2744 return err; 2745 } 2746 2747 static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info) 2748 { 2749 struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1]; 2750 struct nlattr *nl_reg_rule; 2751 char *alpha2 = NULL; 2752 int rem_reg_rules = 0, r = 0; 2753 u32 num_rules = 0, rule_idx = 0, size_of_regd; 2754 struct ieee80211_regdomain *rd = NULL; 2755 2756 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 2757 return -EINVAL; 2758 2759 if (!info->attrs[NL80211_ATTR_REG_RULES]) 2760 return -EINVAL; 2761 2762 alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 2763 2764 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 2765 rem_reg_rules) { 2766 num_rules++; 2767 if (num_rules > NL80211_MAX_SUPP_REG_RULES) 2768 return -EINVAL; 2769 } 2770 2771 mutex_lock(&cfg80211_mutex); 2772 2773 if (!reg_is_valid_request(alpha2)) { 2774 r = -EINVAL; 2775 goto bad_reg; 2776 } 2777 2778 size_of_regd = sizeof(struct ieee80211_regdomain) + 2779 (num_rules * sizeof(struct ieee80211_reg_rule)); 2780 2781 rd = kzalloc(size_of_regd, GFP_KERNEL); 2782 if (!rd) { 2783 r = -ENOMEM; 2784 goto bad_reg; 2785 } 2786 2787 rd->n_reg_rules = num_rules; 2788 rd->alpha2[0] = alpha2[0]; 2789 rd->alpha2[1] = alpha2[1]; 2790 2791 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 2792 rem_reg_rules) { 2793 nla_parse(tb, NL80211_REG_RULE_ATTR_MAX, 2794 nla_data(nl_reg_rule), nla_len(nl_reg_rule), 2795 reg_rule_policy); 2796 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]); 2797 if (r) 2798 goto bad_reg; 2799 2800 rule_idx++; 2801 2802 if (rule_idx > NL80211_MAX_SUPP_REG_RULES) { 2803 r = -EINVAL; 2804 goto bad_reg; 2805 } 2806 } 2807 2808 BUG_ON(rule_idx != num_rules); 2809 2810 r = set_regdom(rd); 2811 2812 mutex_unlock(&cfg80211_mutex); 2813 2814 return r; 2815 2816 bad_reg: 2817 mutex_unlock(&cfg80211_mutex); 2818 kfree(rd); 2819 return r; 2820 } 2821 2822 static int validate_scan_freqs(struct nlattr *freqs) 2823 { 2824 struct nlattr *attr1, *attr2; 2825 int n_channels = 0, tmp1, tmp2; 2826 2827 nla_for_each_nested(attr1, freqs, tmp1) { 2828 n_channels++; 2829 /* 2830 * Some hardware has a limited channel list for 2831 * scanning, and it is pretty much nonsensical 2832 * to scan for a channel twice, so disallow that 2833 * and don't require drivers to check that the 2834 * channel list they get isn't longer than what 2835 * they can scan, as long as they can scan all 2836 * the channels they registered at once. 2837 */ 2838 nla_for_each_nested(attr2, freqs, tmp2) 2839 if (attr1 != attr2 && 2840 nla_get_u32(attr1) == nla_get_u32(attr2)) 2841 return 0; 2842 } 2843 2844 return n_channels; 2845 } 2846 2847 static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info) 2848 { 2849 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2850 struct net_device *dev = info->user_ptr[1]; 2851 struct cfg80211_scan_request *request; 2852 struct cfg80211_ssid *ssid; 2853 struct ieee80211_channel *channel; 2854 struct nlattr *attr; 2855 struct wiphy *wiphy; 2856 int err, tmp, n_ssids = 0, n_channels, i; 2857 enum ieee80211_band band; 2858 size_t ie_len; 2859 2860 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 2861 return -EINVAL; 2862 2863 wiphy = &rdev->wiphy; 2864 2865 if (!rdev->ops->scan) 2866 return -EOPNOTSUPP; 2867 2868 if (rdev->scan_req) 2869 return -EBUSY; 2870 2871 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 2872 n_channels = validate_scan_freqs( 2873 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]); 2874 if (!n_channels) 2875 return -EINVAL; 2876 } else { 2877 n_channels = 0; 2878 2879 for (band = 0; band < IEEE80211_NUM_BANDS; band++) 2880 if (wiphy->bands[band]) 2881 n_channels += wiphy->bands[band]->n_channels; 2882 } 2883 2884 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) 2885 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) 2886 n_ssids++; 2887 2888 if (n_ssids > wiphy->max_scan_ssids) 2889 return -EINVAL; 2890 2891 if (info->attrs[NL80211_ATTR_IE]) 2892 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 2893 else 2894 ie_len = 0; 2895 2896 if (ie_len > wiphy->max_scan_ie_len) 2897 return -EINVAL; 2898 2899 request = kzalloc(sizeof(*request) 2900 + sizeof(*ssid) * n_ssids 2901 + sizeof(channel) * n_channels 2902 + ie_len, GFP_KERNEL); 2903 if (!request) 2904 return -ENOMEM; 2905 2906 if (n_ssids) 2907 request->ssids = (void *)&request->channels[n_channels]; 2908 request->n_ssids = n_ssids; 2909 if (ie_len) { 2910 if (request->ssids) 2911 request->ie = (void *)(request->ssids + n_ssids); 2912 else 2913 request->ie = (void *)(request->channels + n_channels); 2914 } 2915 2916 i = 0; 2917 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 2918 /* user specified, bail out if channel not found */ 2919 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) { 2920 struct ieee80211_channel *chan; 2921 2922 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr)); 2923 2924 if (!chan) { 2925 err = -EINVAL; 2926 goto out_free; 2927 } 2928 2929 /* ignore disabled channels */ 2930 if (chan->flags & IEEE80211_CHAN_DISABLED) 2931 continue; 2932 2933 request->channels[i] = chan; 2934 i++; 2935 } 2936 } else { 2937 /* all channels */ 2938 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 2939 int j; 2940 if (!wiphy->bands[band]) 2941 continue; 2942 for (j = 0; j < wiphy->bands[band]->n_channels; j++) { 2943 struct ieee80211_channel *chan; 2944 2945 chan = &wiphy->bands[band]->channels[j]; 2946 2947 if (chan->flags & IEEE80211_CHAN_DISABLED) 2948 continue; 2949 2950 request->channels[i] = chan; 2951 i++; 2952 } 2953 } 2954 } 2955 2956 if (!i) { 2957 err = -EINVAL; 2958 goto out_free; 2959 } 2960 2961 request->n_channels = i; 2962 2963 i = 0; 2964 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) { 2965 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) { 2966 if (request->ssids[i].ssid_len > IEEE80211_MAX_SSID_LEN) { 2967 err = -EINVAL; 2968 goto out_free; 2969 } 2970 memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr)); 2971 request->ssids[i].ssid_len = nla_len(attr); 2972 i++; 2973 } 2974 } 2975 2976 if (info->attrs[NL80211_ATTR_IE]) { 2977 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 2978 memcpy((void *)request->ie, 2979 nla_data(info->attrs[NL80211_ATTR_IE]), 2980 request->ie_len); 2981 } 2982 2983 request->dev = dev; 2984 request->wiphy = &rdev->wiphy; 2985 2986 rdev->scan_req = request; 2987 err = rdev->ops->scan(&rdev->wiphy, dev, request); 2988 2989 if (!err) { 2990 nl80211_send_scan_start(rdev, dev); 2991 dev_hold(dev); 2992 } else { 2993 out_free: 2994 rdev->scan_req = NULL; 2995 kfree(request); 2996 } 2997 2998 return err; 2999 } 3000 3001 static int nl80211_send_bss(struct sk_buff *msg, u32 pid, u32 seq, int flags, 3002 struct cfg80211_registered_device *rdev, 3003 struct wireless_dev *wdev, 3004 struct cfg80211_internal_bss *intbss) 3005 { 3006 struct cfg80211_bss *res = &intbss->pub; 3007 void *hdr; 3008 struct nlattr *bss; 3009 int i; 3010 3011 ASSERT_WDEV_LOCK(wdev); 3012 3013 hdr = nl80211hdr_put(msg, pid, seq, flags, 3014 NL80211_CMD_NEW_SCAN_RESULTS); 3015 if (!hdr) 3016 return -1; 3017 3018 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation); 3019 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex); 3020 3021 bss = nla_nest_start(msg, NL80211_ATTR_BSS); 3022 if (!bss) 3023 goto nla_put_failure; 3024 if (!is_zero_ether_addr(res->bssid)) 3025 NLA_PUT(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid); 3026 if (res->information_elements && res->len_information_elements) 3027 NLA_PUT(msg, NL80211_BSS_INFORMATION_ELEMENTS, 3028 res->len_information_elements, 3029 res->information_elements); 3030 if (res->beacon_ies && res->len_beacon_ies && 3031 res->beacon_ies != res->information_elements) 3032 NLA_PUT(msg, NL80211_BSS_BEACON_IES, 3033 res->len_beacon_ies, res->beacon_ies); 3034 if (res->tsf) 3035 NLA_PUT_U64(msg, NL80211_BSS_TSF, res->tsf); 3036 if (res->beacon_interval) 3037 NLA_PUT_U16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval); 3038 NLA_PUT_U16(msg, NL80211_BSS_CAPABILITY, res->capability); 3039 NLA_PUT_U32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq); 3040 NLA_PUT_U32(msg, NL80211_BSS_SEEN_MS_AGO, 3041 jiffies_to_msecs(jiffies - intbss->ts)); 3042 3043 switch (rdev->wiphy.signal_type) { 3044 case CFG80211_SIGNAL_TYPE_MBM: 3045 NLA_PUT_U32(msg, NL80211_BSS_SIGNAL_MBM, res->signal); 3046 break; 3047 case CFG80211_SIGNAL_TYPE_UNSPEC: 3048 NLA_PUT_U8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal); 3049 break; 3050 default: 3051 break; 3052 } 3053 3054 switch (wdev->iftype) { 3055 case NL80211_IFTYPE_P2P_CLIENT: 3056 case NL80211_IFTYPE_STATION: 3057 if (intbss == wdev->current_bss) 3058 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3059 NL80211_BSS_STATUS_ASSOCIATED); 3060 else for (i = 0; i < MAX_AUTH_BSSES; i++) { 3061 if (intbss != wdev->auth_bsses[i]) 3062 continue; 3063 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3064 NL80211_BSS_STATUS_AUTHENTICATED); 3065 break; 3066 } 3067 break; 3068 case NL80211_IFTYPE_ADHOC: 3069 if (intbss == wdev->current_bss) 3070 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3071 NL80211_BSS_STATUS_IBSS_JOINED); 3072 break; 3073 default: 3074 break; 3075 } 3076 3077 nla_nest_end(msg, bss); 3078 3079 return genlmsg_end(msg, hdr); 3080 3081 nla_put_failure: 3082 genlmsg_cancel(msg, hdr); 3083 return -EMSGSIZE; 3084 } 3085 3086 static int nl80211_dump_scan(struct sk_buff *skb, 3087 struct netlink_callback *cb) 3088 { 3089 struct cfg80211_registered_device *rdev; 3090 struct net_device *dev; 3091 struct cfg80211_internal_bss *scan; 3092 struct wireless_dev *wdev; 3093 int start = cb->args[1], idx = 0; 3094 int err; 3095 3096 err = nl80211_prepare_netdev_dump(skb, cb, &rdev, &dev); 3097 if (err) 3098 return err; 3099 3100 wdev = dev->ieee80211_ptr; 3101 3102 wdev_lock(wdev); 3103 spin_lock_bh(&rdev->bss_lock); 3104 cfg80211_bss_expire(rdev); 3105 3106 list_for_each_entry(scan, &rdev->bss_list, list) { 3107 if (++idx <= start) 3108 continue; 3109 if (nl80211_send_bss(skb, 3110 NETLINK_CB(cb->skb).pid, 3111 cb->nlh->nlmsg_seq, NLM_F_MULTI, 3112 rdev, wdev, scan) < 0) { 3113 idx--; 3114 break; 3115 } 3116 } 3117 3118 spin_unlock_bh(&rdev->bss_lock); 3119 wdev_unlock(wdev); 3120 3121 cb->args[1] = idx; 3122 nl80211_finish_netdev_dump(rdev); 3123 3124 return skb->len; 3125 } 3126 3127 static int nl80211_send_survey(struct sk_buff *msg, u32 pid, u32 seq, 3128 int flags, struct net_device *dev, 3129 struct survey_info *survey) 3130 { 3131 void *hdr; 3132 struct nlattr *infoattr; 3133 3134 /* Survey without a channel doesn't make sense */ 3135 if (!survey->channel) 3136 return -EINVAL; 3137 3138 hdr = nl80211hdr_put(msg, pid, seq, flags, 3139 NL80211_CMD_NEW_SURVEY_RESULTS); 3140 if (!hdr) 3141 return -ENOMEM; 3142 3143 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 3144 3145 infoattr = nla_nest_start(msg, NL80211_ATTR_SURVEY_INFO); 3146 if (!infoattr) 3147 goto nla_put_failure; 3148 3149 NLA_PUT_U32(msg, NL80211_SURVEY_INFO_FREQUENCY, 3150 survey->channel->center_freq); 3151 if (survey->filled & SURVEY_INFO_NOISE_DBM) 3152 NLA_PUT_U8(msg, NL80211_SURVEY_INFO_NOISE, 3153 survey->noise); 3154 if (survey->filled & SURVEY_INFO_IN_USE) 3155 NLA_PUT_FLAG(msg, NL80211_SURVEY_INFO_IN_USE); 3156 if (survey->filled & SURVEY_INFO_CHANNEL_TIME) 3157 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME, 3158 survey->channel_time); 3159 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_BUSY) 3160 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY, 3161 survey->channel_time_busy); 3162 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_EXT_BUSY) 3163 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_EXT_BUSY, 3164 survey->channel_time_ext_busy); 3165 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_RX) 3166 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_RX, 3167 survey->channel_time_rx); 3168 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_TX) 3169 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_TX, 3170 survey->channel_time_tx); 3171 3172 nla_nest_end(msg, infoattr); 3173 3174 return genlmsg_end(msg, hdr); 3175 3176 nla_put_failure: 3177 genlmsg_cancel(msg, hdr); 3178 return -EMSGSIZE; 3179 } 3180 3181 static int nl80211_dump_survey(struct sk_buff *skb, 3182 struct netlink_callback *cb) 3183 { 3184 struct survey_info survey; 3185 struct cfg80211_registered_device *dev; 3186 struct net_device *netdev; 3187 int survey_idx = cb->args[1]; 3188 int res; 3189 3190 res = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 3191 if (res) 3192 return res; 3193 3194 if (!dev->ops->dump_survey) { 3195 res = -EOPNOTSUPP; 3196 goto out_err; 3197 } 3198 3199 while (1) { 3200 res = dev->ops->dump_survey(&dev->wiphy, netdev, survey_idx, 3201 &survey); 3202 if (res == -ENOENT) 3203 break; 3204 if (res) 3205 goto out_err; 3206 3207 if (nl80211_send_survey(skb, 3208 NETLINK_CB(cb->skb).pid, 3209 cb->nlh->nlmsg_seq, NLM_F_MULTI, 3210 netdev, 3211 &survey) < 0) 3212 goto out; 3213 survey_idx++; 3214 } 3215 3216 out: 3217 cb->args[1] = survey_idx; 3218 res = skb->len; 3219 out_err: 3220 nl80211_finish_netdev_dump(dev); 3221 return res; 3222 } 3223 3224 static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type) 3225 { 3226 return auth_type <= NL80211_AUTHTYPE_MAX; 3227 } 3228 3229 static bool nl80211_valid_wpa_versions(u32 wpa_versions) 3230 { 3231 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 | 3232 NL80211_WPA_VERSION_2)); 3233 } 3234 3235 static bool nl80211_valid_akm_suite(u32 akm) 3236 { 3237 return akm == WLAN_AKM_SUITE_8021X || 3238 akm == WLAN_AKM_SUITE_PSK; 3239 } 3240 3241 static bool nl80211_valid_cipher_suite(u32 cipher) 3242 { 3243 return cipher == WLAN_CIPHER_SUITE_WEP40 || 3244 cipher == WLAN_CIPHER_SUITE_WEP104 || 3245 cipher == WLAN_CIPHER_SUITE_TKIP || 3246 cipher == WLAN_CIPHER_SUITE_CCMP || 3247 cipher == WLAN_CIPHER_SUITE_AES_CMAC; 3248 } 3249 3250 3251 static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info) 3252 { 3253 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3254 struct net_device *dev = info->user_ptr[1]; 3255 struct ieee80211_channel *chan; 3256 const u8 *bssid, *ssid, *ie = NULL; 3257 int err, ssid_len, ie_len = 0; 3258 enum nl80211_auth_type auth_type; 3259 struct key_parse key; 3260 bool local_state_change; 3261 3262 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3263 return -EINVAL; 3264 3265 if (!info->attrs[NL80211_ATTR_MAC]) 3266 return -EINVAL; 3267 3268 if (!info->attrs[NL80211_ATTR_AUTH_TYPE]) 3269 return -EINVAL; 3270 3271 if (!info->attrs[NL80211_ATTR_SSID]) 3272 return -EINVAL; 3273 3274 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 3275 return -EINVAL; 3276 3277 err = nl80211_parse_key(info, &key); 3278 if (err) 3279 return err; 3280 3281 if (key.idx >= 0) { 3282 if (key.type != -1 && key.type != NL80211_KEYTYPE_GROUP) 3283 return -EINVAL; 3284 if (!key.p.key || !key.p.key_len) 3285 return -EINVAL; 3286 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 || 3287 key.p.key_len != WLAN_KEY_LEN_WEP40) && 3288 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 || 3289 key.p.key_len != WLAN_KEY_LEN_WEP104)) 3290 return -EINVAL; 3291 if (key.idx > 4) 3292 return -EINVAL; 3293 } else { 3294 key.p.key_len = 0; 3295 key.p.key = NULL; 3296 } 3297 3298 if (key.idx >= 0) { 3299 int i; 3300 bool ok = false; 3301 for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) { 3302 if (key.p.cipher == rdev->wiphy.cipher_suites[i]) { 3303 ok = true; 3304 break; 3305 } 3306 } 3307 if (!ok) 3308 return -EINVAL; 3309 } 3310 3311 if (!rdev->ops->auth) 3312 return -EOPNOTSUPP; 3313 3314 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3315 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3316 return -EOPNOTSUPP; 3317 3318 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3319 chan = ieee80211_get_channel(&rdev->wiphy, 3320 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 3321 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) 3322 return -EINVAL; 3323 3324 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3325 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 3326 3327 if (info->attrs[NL80211_ATTR_IE]) { 3328 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3329 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3330 } 3331 3332 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 3333 if (!nl80211_valid_auth_type(auth_type)) 3334 return -EINVAL; 3335 3336 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 3337 3338 return cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid, 3339 ssid, ssid_len, ie, ie_len, 3340 key.p.key, key.p.key_len, key.idx, 3341 local_state_change); 3342 } 3343 3344 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, 3345 struct genl_info *info, 3346 struct cfg80211_crypto_settings *settings, 3347 int cipher_limit) 3348 { 3349 memset(settings, 0, sizeof(*settings)); 3350 3351 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT]; 3352 3353 if (info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) { 3354 u16 proto; 3355 proto = nla_get_u16( 3356 info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]); 3357 settings->control_port_ethertype = cpu_to_be16(proto); 3358 if (!(rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) && 3359 proto != ETH_P_PAE) 3360 return -EINVAL; 3361 if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT]) 3362 settings->control_port_no_encrypt = true; 3363 } else 3364 settings->control_port_ethertype = cpu_to_be16(ETH_P_PAE); 3365 3366 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) { 3367 void *data; 3368 int len, i; 3369 3370 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 3371 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 3372 settings->n_ciphers_pairwise = len / sizeof(u32); 3373 3374 if (len % sizeof(u32)) 3375 return -EINVAL; 3376 3377 if (settings->n_ciphers_pairwise > cipher_limit) 3378 return -EINVAL; 3379 3380 memcpy(settings->ciphers_pairwise, data, len); 3381 3382 for (i = 0; i < settings->n_ciphers_pairwise; i++) 3383 if (!nl80211_valid_cipher_suite( 3384 settings->ciphers_pairwise[i])) 3385 return -EINVAL; 3386 } 3387 3388 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) { 3389 settings->cipher_group = 3390 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]); 3391 if (!nl80211_valid_cipher_suite(settings->cipher_group)) 3392 return -EINVAL; 3393 } 3394 3395 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) { 3396 settings->wpa_versions = 3397 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]); 3398 if (!nl80211_valid_wpa_versions(settings->wpa_versions)) 3399 return -EINVAL; 3400 } 3401 3402 if (info->attrs[NL80211_ATTR_AKM_SUITES]) { 3403 void *data; 3404 int len, i; 3405 3406 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]); 3407 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]); 3408 settings->n_akm_suites = len / sizeof(u32); 3409 3410 if (len % sizeof(u32)) 3411 return -EINVAL; 3412 3413 memcpy(settings->akm_suites, data, len); 3414 3415 for (i = 0; i < settings->n_ciphers_pairwise; i++) 3416 if (!nl80211_valid_akm_suite(settings->akm_suites[i])) 3417 return -EINVAL; 3418 } 3419 3420 return 0; 3421 } 3422 3423 static int nl80211_associate(struct sk_buff *skb, struct genl_info *info) 3424 { 3425 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3426 struct net_device *dev = info->user_ptr[1]; 3427 struct cfg80211_crypto_settings crypto; 3428 struct ieee80211_channel *chan; 3429 const u8 *bssid, *ssid, *ie = NULL, *prev_bssid = NULL; 3430 int err, ssid_len, ie_len = 0; 3431 bool use_mfp = false; 3432 3433 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3434 return -EINVAL; 3435 3436 if (!info->attrs[NL80211_ATTR_MAC] || 3437 !info->attrs[NL80211_ATTR_SSID] || 3438 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 3439 return -EINVAL; 3440 3441 if (!rdev->ops->assoc) 3442 return -EOPNOTSUPP; 3443 3444 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3445 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3446 return -EOPNOTSUPP; 3447 3448 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3449 3450 chan = ieee80211_get_channel(&rdev->wiphy, 3451 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 3452 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) 3453 return -EINVAL; 3454 3455 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3456 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 3457 3458 if (info->attrs[NL80211_ATTR_IE]) { 3459 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3460 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3461 } 3462 3463 if (info->attrs[NL80211_ATTR_USE_MFP]) { 3464 enum nl80211_mfp mfp = 3465 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]); 3466 if (mfp == NL80211_MFP_REQUIRED) 3467 use_mfp = true; 3468 else if (mfp != NL80211_MFP_NO) 3469 return -EINVAL; 3470 } 3471 3472 if (info->attrs[NL80211_ATTR_PREV_BSSID]) 3473 prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]); 3474 3475 err = nl80211_crypto_settings(rdev, info, &crypto, 1); 3476 if (!err) 3477 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid, 3478 ssid, ssid_len, ie, ie_len, use_mfp, 3479 &crypto); 3480 3481 return err; 3482 } 3483 3484 static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info) 3485 { 3486 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3487 struct net_device *dev = info->user_ptr[1]; 3488 const u8 *ie = NULL, *bssid; 3489 int ie_len = 0; 3490 u16 reason_code; 3491 bool local_state_change; 3492 3493 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3494 return -EINVAL; 3495 3496 if (!info->attrs[NL80211_ATTR_MAC]) 3497 return -EINVAL; 3498 3499 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 3500 return -EINVAL; 3501 3502 if (!rdev->ops->deauth) 3503 return -EOPNOTSUPP; 3504 3505 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3506 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3507 return -EOPNOTSUPP; 3508 3509 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3510 3511 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 3512 if (reason_code == 0) { 3513 /* Reason Code 0 is reserved */ 3514 return -EINVAL; 3515 } 3516 3517 if (info->attrs[NL80211_ATTR_IE]) { 3518 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3519 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3520 } 3521 3522 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 3523 3524 return cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code, 3525 local_state_change); 3526 } 3527 3528 static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info) 3529 { 3530 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3531 struct net_device *dev = info->user_ptr[1]; 3532 const u8 *ie = NULL, *bssid; 3533 int ie_len = 0; 3534 u16 reason_code; 3535 bool local_state_change; 3536 3537 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3538 return -EINVAL; 3539 3540 if (!info->attrs[NL80211_ATTR_MAC]) 3541 return -EINVAL; 3542 3543 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 3544 return -EINVAL; 3545 3546 if (!rdev->ops->disassoc) 3547 return -EOPNOTSUPP; 3548 3549 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3550 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3551 return -EOPNOTSUPP; 3552 3553 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3554 3555 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 3556 if (reason_code == 0) { 3557 /* Reason Code 0 is reserved */ 3558 return -EINVAL; 3559 } 3560 3561 if (info->attrs[NL80211_ATTR_IE]) { 3562 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3563 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3564 } 3565 3566 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 3567 3568 return cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code, 3569 local_state_change); 3570 } 3571 3572 static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info) 3573 { 3574 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3575 struct net_device *dev = info->user_ptr[1]; 3576 struct cfg80211_ibss_params ibss; 3577 struct wiphy *wiphy; 3578 struct cfg80211_cached_keys *connkeys = NULL; 3579 int err; 3580 3581 memset(&ibss, 0, sizeof(ibss)); 3582 3583 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3584 return -EINVAL; 3585 3586 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 3587 !info->attrs[NL80211_ATTR_SSID] || 3588 !nla_len(info->attrs[NL80211_ATTR_SSID])) 3589 return -EINVAL; 3590 3591 ibss.beacon_interval = 100; 3592 3593 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) { 3594 ibss.beacon_interval = 3595 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 3596 if (ibss.beacon_interval < 1 || ibss.beacon_interval > 10000) 3597 return -EINVAL; 3598 } 3599 3600 if (!rdev->ops->join_ibss) 3601 return -EOPNOTSUPP; 3602 3603 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 3604 return -EOPNOTSUPP; 3605 3606 wiphy = &rdev->wiphy; 3607 3608 if (info->attrs[NL80211_ATTR_MAC]) 3609 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3610 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3611 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 3612 3613 if (info->attrs[NL80211_ATTR_IE]) { 3614 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3615 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3616 } 3617 3618 ibss.channel = ieee80211_get_channel(wiphy, 3619 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 3620 if (!ibss.channel || 3621 ibss.channel->flags & IEEE80211_CHAN_NO_IBSS || 3622 ibss.channel->flags & IEEE80211_CHAN_DISABLED) 3623 return -EINVAL; 3624 3625 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED]; 3626 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; 3627 3628 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 3629 u8 *rates = 3630 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 3631 int n_rates = 3632 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 3633 struct ieee80211_supported_band *sband = 3634 wiphy->bands[ibss.channel->band]; 3635 int i, j; 3636 3637 if (n_rates == 0) 3638 return -EINVAL; 3639 3640 for (i = 0; i < n_rates; i++) { 3641 int rate = (rates[i] & 0x7f) * 5; 3642 bool found = false; 3643 3644 for (j = 0; j < sband->n_bitrates; j++) { 3645 if (sband->bitrates[j].bitrate == rate) { 3646 found = true; 3647 ibss.basic_rates |= BIT(j); 3648 break; 3649 } 3650 } 3651 if (!found) 3652 return -EINVAL; 3653 } 3654 } 3655 3656 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) { 3657 connkeys = nl80211_parse_connkeys(rdev, 3658 info->attrs[NL80211_ATTR_KEYS]); 3659 if (IS_ERR(connkeys)) 3660 return PTR_ERR(connkeys); 3661 } 3662 3663 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys); 3664 if (err) 3665 kfree(connkeys); 3666 return err; 3667 } 3668 3669 static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info) 3670 { 3671 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3672 struct net_device *dev = info->user_ptr[1]; 3673 3674 if (!rdev->ops->leave_ibss) 3675 return -EOPNOTSUPP; 3676 3677 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 3678 return -EOPNOTSUPP; 3679 3680 return cfg80211_leave_ibss(rdev, dev, false); 3681 } 3682 3683 #ifdef CONFIG_NL80211_TESTMODE 3684 static struct genl_multicast_group nl80211_testmode_mcgrp = { 3685 .name = "testmode", 3686 }; 3687 3688 static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info) 3689 { 3690 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3691 int err; 3692 3693 if (!info->attrs[NL80211_ATTR_TESTDATA]) 3694 return -EINVAL; 3695 3696 err = -EOPNOTSUPP; 3697 if (rdev->ops->testmode_cmd) { 3698 rdev->testmode_info = info; 3699 err = rdev->ops->testmode_cmd(&rdev->wiphy, 3700 nla_data(info->attrs[NL80211_ATTR_TESTDATA]), 3701 nla_len(info->attrs[NL80211_ATTR_TESTDATA])); 3702 rdev->testmode_info = NULL; 3703 } 3704 3705 return err; 3706 } 3707 3708 static struct sk_buff * 3709 __cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev, 3710 int approxlen, u32 pid, u32 seq, gfp_t gfp) 3711 { 3712 struct sk_buff *skb; 3713 void *hdr; 3714 struct nlattr *data; 3715 3716 skb = nlmsg_new(approxlen + 100, gfp); 3717 if (!skb) 3718 return NULL; 3719 3720 hdr = nl80211hdr_put(skb, pid, seq, 0, NL80211_CMD_TESTMODE); 3721 if (!hdr) { 3722 kfree_skb(skb); 3723 return NULL; 3724 } 3725 3726 NLA_PUT_U32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 3727 data = nla_nest_start(skb, NL80211_ATTR_TESTDATA); 3728 3729 ((void **)skb->cb)[0] = rdev; 3730 ((void **)skb->cb)[1] = hdr; 3731 ((void **)skb->cb)[2] = data; 3732 3733 return skb; 3734 3735 nla_put_failure: 3736 kfree_skb(skb); 3737 return NULL; 3738 } 3739 3740 struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy, 3741 int approxlen) 3742 { 3743 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 3744 3745 if (WARN_ON(!rdev->testmode_info)) 3746 return NULL; 3747 3748 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 3749 rdev->testmode_info->snd_pid, 3750 rdev->testmode_info->snd_seq, 3751 GFP_KERNEL); 3752 } 3753 EXPORT_SYMBOL(cfg80211_testmode_alloc_reply_skb); 3754 3755 int cfg80211_testmode_reply(struct sk_buff *skb) 3756 { 3757 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0]; 3758 void *hdr = ((void **)skb->cb)[1]; 3759 struct nlattr *data = ((void **)skb->cb)[2]; 3760 3761 if (WARN_ON(!rdev->testmode_info)) { 3762 kfree_skb(skb); 3763 return -EINVAL; 3764 } 3765 3766 nla_nest_end(skb, data); 3767 genlmsg_end(skb, hdr); 3768 return genlmsg_reply(skb, rdev->testmode_info); 3769 } 3770 EXPORT_SYMBOL(cfg80211_testmode_reply); 3771 3772 struct sk_buff *cfg80211_testmode_alloc_event_skb(struct wiphy *wiphy, 3773 int approxlen, gfp_t gfp) 3774 { 3775 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 3776 3777 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 0, 0, gfp); 3778 } 3779 EXPORT_SYMBOL(cfg80211_testmode_alloc_event_skb); 3780 3781 void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp) 3782 { 3783 void *hdr = ((void **)skb->cb)[1]; 3784 struct nlattr *data = ((void **)skb->cb)[2]; 3785 3786 nla_nest_end(skb, data); 3787 genlmsg_end(skb, hdr); 3788 genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp); 3789 } 3790 EXPORT_SYMBOL(cfg80211_testmode_event); 3791 #endif 3792 3793 static int nl80211_connect(struct sk_buff *skb, struct genl_info *info) 3794 { 3795 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3796 struct net_device *dev = info->user_ptr[1]; 3797 struct cfg80211_connect_params connect; 3798 struct wiphy *wiphy; 3799 struct cfg80211_cached_keys *connkeys = NULL; 3800 int err; 3801 3802 memset(&connect, 0, sizeof(connect)); 3803 3804 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3805 return -EINVAL; 3806 3807 if (!info->attrs[NL80211_ATTR_SSID] || 3808 !nla_len(info->attrs[NL80211_ATTR_SSID])) 3809 return -EINVAL; 3810 3811 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { 3812 connect.auth_type = 3813 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 3814 if (!nl80211_valid_auth_type(connect.auth_type)) 3815 return -EINVAL; 3816 } else 3817 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC; 3818 3819 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY]; 3820 3821 err = nl80211_crypto_settings(rdev, info, &connect.crypto, 3822 NL80211_MAX_NR_CIPHER_SUITES); 3823 if (err) 3824 return err; 3825 3826 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3827 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3828 return -EOPNOTSUPP; 3829 3830 wiphy = &rdev->wiphy; 3831 3832 if (info->attrs[NL80211_ATTR_MAC]) 3833 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3834 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3835 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 3836 3837 if (info->attrs[NL80211_ATTR_IE]) { 3838 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3839 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3840 } 3841 3842 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 3843 connect.channel = 3844 ieee80211_get_channel(wiphy, 3845 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 3846 if (!connect.channel || 3847 connect.channel->flags & IEEE80211_CHAN_DISABLED) 3848 return -EINVAL; 3849 } 3850 3851 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) { 3852 connkeys = nl80211_parse_connkeys(rdev, 3853 info->attrs[NL80211_ATTR_KEYS]); 3854 if (IS_ERR(connkeys)) 3855 return PTR_ERR(connkeys); 3856 } 3857 3858 err = cfg80211_connect(rdev, dev, &connect, connkeys); 3859 if (err) 3860 kfree(connkeys); 3861 return err; 3862 } 3863 3864 static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info) 3865 { 3866 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3867 struct net_device *dev = info->user_ptr[1]; 3868 u16 reason; 3869 3870 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 3871 reason = WLAN_REASON_DEAUTH_LEAVING; 3872 else 3873 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 3874 3875 if (reason == 0) 3876 return -EINVAL; 3877 3878 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3879 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3880 return -EOPNOTSUPP; 3881 3882 return cfg80211_disconnect(rdev, dev, reason, true); 3883 } 3884 3885 static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info) 3886 { 3887 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3888 struct net *net; 3889 int err; 3890 u32 pid; 3891 3892 if (!info->attrs[NL80211_ATTR_PID]) 3893 return -EINVAL; 3894 3895 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]); 3896 3897 net = get_net_ns_by_pid(pid); 3898 if (IS_ERR(net)) 3899 return PTR_ERR(net); 3900 3901 err = 0; 3902 3903 /* check if anything to do */ 3904 if (!net_eq(wiphy_net(&rdev->wiphy), net)) 3905 err = cfg80211_switch_netns(rdev, net); 3906 3907 put_net(net); 3908 return err; 3909 } 3910 3911 static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info) 3912 { 3913 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3914 int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev, 3915 struct cfg80211_pmksa *pmksa) = NULL; 3916 struct net_device *dev = info->user_ptr[1]; 3917 struct cfg80211_pmksa pmksa; 3918 3919 memset(&pmksa, 0, sizeof(struct cfg80211_pmksa)); 3920 3921 if (!info->attrs[NL80211_ATTR_MAC]) 3922 return -EINVAL; 3923 3924 if (!info->attrs[NL80211_ATTR_PMKID]) 3925 return -EINVAL; 3926 3927 pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]); 3928 pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3929 3930 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3931 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3932 return -EOPNOTSUPP; 3933 3934 switch (info->genlhdr->cmd) { 3935 case NL80211_CMD_SET_PMKSA: 3936 rdev_ops = rdev->ops->set_pmksa; 3937 break; 3938 case NL80211_CMD_DEL_PMKSA: 3939 rdev_ops = rdev->ops->del_pmksa; 3940 break; 3941 default: 3942 WARN_ON(1); 3943 break; 3944 } 3945 3946 if (!rdev_ops) 3947 return -EOPNOTSUPP; 3948 3949 return rdev_ops(&rdev->wiphy, dev, &pmksa); 3950 } 3951 3952 static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info) 3953 { 3954 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3955 struct net_device *dev = info->user_ptr[1]; 3956 3957 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3958 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3959 return -EOPNOTSUPP; 3960 3961 if (!rdev->ops->flush_pmksa) 3962 return -EOPNOTSUPP; 3963 3964 return rdev->ops->flush_pmksa(&rdev->wiphy, dev); 3965 } 3966 3967 static int nl80211_remain_on_channel(struct sk_buff *skb, 3968 struct genl_info *info) 3969 { 3970 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3971 struct net_device *dev = info->user_ptr[1]; 3972 struct ieee80211_channel *chan; 3973 struct sk_buff *msg; 3974 void *hdr; 3975 u64 cookie; 3976 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 3977 u32 freq, duration; 3978 int err; 3979 3980 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 3981 !info->attrs[NL80211_ATTR_DURATION]) 3982 return -EINVAL; 3983 3984 duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); 3985 3986 /* 3987 * We should be on that channel for at least one jiffie, 3988 * and more than 5 seconds seems excessive. 3989 */ 3990 if (!duration || !msecs_to_jiffies(duration) || duration > 5000) 3991 return -EINVAL; 3992 3993 if (!rdev->ops->remain_on_channel) 3994 return -EOPNOTSUPP; 3995 3996 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 3997 channel_type = nla_get_u32( 3998 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 3999 if (channel_type != NL80211_CHAN_NO_HT && 4000 channel_type != NL80211_CHAN_HT20 && 4001 channel_type != NL80211_CHAN_HT40PLUS && 4002 channel_type != NL80211_CHAN_HT40MINUS) 4003 return -EINVAL; 4004 } 4005 4006 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 4007 chan = rdev_freq_to_chan(rdev, freq, channel_type); 4008 if (chan == NULL) 4009 return -EINVAL; 4010 4011 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4012 if (!msg) 4013 return -ENOMEM; 4014 4015 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 4016 NL80211_CMD_REMAIN_ON_CHANNEL); 4017 4018 if (IS_ERR(hdr)) { 4019 err = PTR_ERR(hdr); 4020 goto free_msg; 4021 } 4022 4023 err = rdev->ops->remain_on_channel(&rdev->wiphy, dev, chan, 4024 channel_type, duration, &cookie); 4025 4026 if (err) 4027 goto free_msg; 4028 4029 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 4030 4031 genlmsg_end(msg, hdr); 4032 4033 return genlmsg_reply(msg, info); 4034 4035 nla_put_failure: 4036 err = -ENOBUFS; 4037 free_msg: 4038 nlmsg_free(msg); 4039 return err; 4040 } 4041 4042 static int nl80211_cancel_remain_on_channel(struct sk_buff *skb, 4043 struct genl_info *info) 4044 { 4045 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4046 struct net_device *dev = info->user_ptr[1]; 4047 u64 cookie; 4048 4049 if (!info->attrs[NL80211_ATTR_COOKIE]) 4050 return -EINVAL; 4051 4052 if (!rdev->ops->cancel_remain_on_channel) 4053 return -EOPNOTSUPP; 4054 4055 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); 4056 4057 return rdev->ops->cancel_remain_on_channel(&rdev->wiphy, dev, cookie); 4058 } 4059 4060 static u32 rateset_to_mask(struct ieee80211_supported_band *sband, 4061 u8 *rates, u8 rates_len) 4062 { 4063 u8 i; 4064 u32 mask = 0; 4065 4066 for (i = 0; i < rates_len; i++) { 4067 int rate = (rates[i] & 0x7f) * 5; 4068 int ridx; 4069 for (ridx = 0; ridx < sband->n_bitrates; ridx++) { 4070 struct ieee80211_rate *srate = 4071 &sband->bitrates[ridx]; 4072 if (rate == srate->bitrate) { 4073 mask |= 1 << ridx; 4074 break; 4075 } 4076 } 4077 if (ridx == sband->n_bitrates) 4078 return 0; /* rate not found */ 4079 } 4080 4081 return mask; 4082 } 4083 4084 static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = { 4085 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY, 4086 .len = NL80211_MAX_SUPP_RATES }, 4087 }; 4088 4089 static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb, 4090 struct genl_info *info) 4091 { 4092 struct nlattr *tb[NL80211_TXRATE_MAX + 1]; 4093 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4094 struct cfg80211_bitrate_mask mask; 4095 int rem, i; 4096 struct net_device *dev = info->user_ptr[1]; 4097 struct nlattr *tx_rates; 4098 struct ieee80211_supported_band *sband; 4099 4100 if (info->attrs[NL80211_ATTR_TX_RATES] == NULL) 4101 return -EINVAL; 4102 4103 if (!rdev->ops->set_bitrate_mask) 4104 return -EOPNOTSUPP; 4105 4106 memset(&mask, 0, sizeof(mask)); 4107 /* Default to all rates enabled */ 4108 for (i = 0; i < IEEE80211_NUM_BANDS; i++) { 4109 sband = rdev->wiphy.bands[i]; 4110 mask.control[i].legacy = 4111 sband ? (1 << sband->n_bitrates) - 1 : 0; 4112 } 4113 4114 /* 4115 * The nested attribute uses enum nl80211_band as the index. This maps 4116 * directly to the enum ieee80211_band values used in cfg80211. 4117 */ 4118 nla_for_each_nested(tx_rates, info->attrs[NL80211_ATTR_TX_RATES], rem) 4119 { 4120 enum ieee80211_band band = nla_type(tx_rates); 4121 if (band < 0 || band >= IEEE80211_NUM_BANDS) 4122 return -EINVAL; 4123 sband = rdev->wiphy.bands[band]; 4124 if (sband == NULL) 4125 return -EINVAL; 4126 nla_parse(tb, NL80211_TXRATE_MAX, nla_data(tx_rates), 4127 nla_len(tx_rates), nl80211_txattr_policy); 4128 if (tb[NL80211_TXRATE_LEGACY]) { 4129 mask.control[band].legacy = rateset_to_mask( 4130 sband, 4131 nla_data(tb[NL80211_TXRATE_LEGACY]), 4132 nla_len(tb[NL80211_TXRATE_LEGACY])); 4133 if (mask.control[band].legacy == 0) 4134 return -EINVAL; 4135 } 4136 } 4137 4138 return rdev->ops->set_bitrate_mask(&rdev->wiphy, dev, NULL, &mask); 4139 } 4140 4141 static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info) 4142 { 4143 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4144 struct net_device *dev = info->user_ptr[1]; 4145 u16 frame_type = IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_ACTION; 4146 4147 if (!info->attrs[NL80211_ATTR_FRAME_MATCH]) 4148 return -EINVAL; 4149 4150 if (info->attrs[NL80211_ATTR_FRAME_TYPE]) 4151 frame_type = nla_get_u16(info->attrs[NL80211_ATTR_FRAME_TYPE]); 4152 4153 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4154 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 4155 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 4156 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 4157 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 4158 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 4159 return -EOPNOTSUPP; 4160 4161 /* not much point in registering if we can't reply */ 4162 if (!rdev->ops->mgmt_tx) 4163 return -EOPNOTSUPP; 4164 4165 return cfg80211_mlme_register_mgmt(dev->ieee80211_ptr, info->snd_pid, 4166 frame_type, 4167 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]), 4168 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH])); 4169 } 4170 4171 static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info) 4172 { 4173 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4174 struct net_device *dev = info->user_ptr[1]; 4175 struct ieee80211_channel *chan; 4176 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 4177 bool channel_type_valid = false; 4178 u32 freq; 4179 int err; 4180 void *hdr; 4181 u64 cookie; 4182 struct sk_buff *msg; 4183 4184 if (!info->attrs[NL80211_ATTR_FRAME] || 4185 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 4186 return -EINVAL; 4187 4188 if (!rdev->ops->mgmt_tx) 4189 return -EOPNOTSUPP; 4190 4191 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4192 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 4193 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 4194 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 4195 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 4196 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 4197 return -EOPNOTSUPP; 4198 4199 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 4200 channel_type = nla_get_u32( 4201 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 4202 if (channel_type != NL80211_CHAN_NO_HT && 4203 channel_type != NL80211_CHAN_HT20 && 4204 channel_type != NL80211_CHAN_HT40PLUS && 4205 channel_type != NL80211_CHAN_HT40MINUS) 4206 return -EINVAL; 4207 channel_type_valid = true; 4208 } 4209 4210 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 4211 chan = rdev_freq_to_chan(rdev, freq, channel_type); 4212 if (chan == NULL) 4213 return -EINVAL; 4214 4215 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4216 if (!msg) 4217 return -ENOMEM; 4218 4219 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 4220 NL80211_CMD_FRAME); 4221 4222 if (IS_ERR(hdr)) { 4223 err = PTR_ERR(hdr); 4224 goto free_msg; 4225 } 4226 err = cfg80211_mlme_mgmt_tx(rdev, dev, chan, channel_type, 4227 channel_type_valid, 4228 nla_data(info->attrs[NL80211_ATTR_FRAME]), 4229 nla_len(info->attrs[NL80211_ATTR_FRAME]), 4230 &cookie); 4231 if (err) 4232 goto free_msg; 4233 4234 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 4235 4236 genlmsg_end(msg, hdr); 4237 return genlmsg_reply(msg, info); 4238 4239 nla_put_failure: 4240 err = -ENOBUFS; 4241 free_msg: 4242 nlmsg_free(msg); 4243 return err; 4244 } 4245 4246 static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info) 4247 { 4248 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4249 struct wireless_dev *wdev; 4250 struct net_device *dev = info->user_ptr[1]; 4251 u8 ps_state; 4252 bool state; 4253 int err; 4254 4255 if (!info->attrs[NL80211_ATTR_PS_STATE]) 4256 return -EINVAL; 4257 4258 ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]); 4259 4260 if (ps_state != NL80211_PS_DISABLED && ps_state != NL80211_PS_ENABLED) 4261 return -EINVAL; 4262 4263 wdev = dev->ieee80211_ptr; 4264 4265 if (!rdev->ops->set_power_mgmt) 4266 return -EOPNOTSUPP; 4267 4268 state = (ps_state == NL80211_PS_ENABLED) ? true : false; 4269 4270 if (state == wdev->ps) 4271 return 0; 4272 4273 err = rdev->ops->set_power_mgmt(wdev->wiphy, dev, state, 4274 wdev->ps_timeout); 4275 if (!err) 4276 wdev->ps = state; 4277 return err; 4278 } 4279 4280 static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info) 4281 { 4282 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4283 enum nl80211_ps_state ps_state; 4284 struct wireless_dev *wdev; 4285 struct net_device *dev = info->user_ptr[1]; 4286 struct sk_buff *msg; 4287 void *hdr; 4288 int err; 4289 4290 wdev = dev->ieee80211_ptr; 4291 4292 if (!rdev->ops->set_power_mgmt) 4293 return -EOPNOTSUPP; 4294 4295 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4296 if (!msg) 4297 return -ENOMEM; 4298 4299 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 4300 NL80211_CMD_GET_POWER_SAVE); 4301 if (!hdr) { 4302 err = -ENOBUFS; 4303 goto free_msg; 4304 } 4305 4306 if (wdev->ps) 4307 ps_state = NL80211_PS_ENABLED; 4308 else 4309 ps_state = NL80211_PS_DISABLED; 4310 4311 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE, ps_state); 4312 4313 genlmsg_end(msg, hdr); 4314 return genlmsg_reply(msg, info); 4315 4316 nla_put_failure: 4317 err = -ENOBUFS; 4318 free_msg: 4319 nlmsg_free(msg); 4320 return err; 4321 } 4322 4323 static struct nla_policy 4324 nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] __read_mostly = { 4325 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 }, 4326 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 }, 4327 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 }, 4328 }; 4329 4330 static int nl80211_set_cqm_rssi(struct genl_info *info, 4331 s32 threshold, u32 hysteresis) 4332 { 4333 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4334 struct wireless_dev *wdev; 4335 struct net_device *dev = info->user_ptr[1]; 4336 4337 if (threshold > 0) 4338 return -EINVAL; 4339 4340 wdev = dev->ieee80211_ptr; 4341 4342 if (!rdev->ops->set_cqm_rssi_config) 4343 return -EOPNOTSUPP; 4344 4345 if (wdev->iftype != NL80211_IFTYPE_STATION && 4346 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT) 4347 return -EOPNOTSUPP; 4348 4349 return rdev->ops->set_cqm_rssi_config(wdev->wiphy, dev, 4350 threshold, hysteresis); 4351 } 4352 4353 static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info) 4354 { 4355 struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1]; 4356 struct nlattr *cqm; 4357 int err; 4358 4359 cqm = info->attrs[NL80211_ATTR_CQM]; 4360 if (!cqm) { 4361 err = -EINVAL; 4362 goto out; 4363 } 4364 4365 err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm, 4366 nl80211_attr_cqm_policy); 4367 if (err) 4368 goto out; 4369 4370 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] && 4371 attrs[NL80211_ATTR_CQM_RSSI_HYST]) { 4372 s32 threshold; 4373 u32 hysteresis; 4374 threshold = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_THOLD]); 4375 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]); 4376 err = nl80211_set_cqm_rssi(info, threshold, hysteresis); 4377 } else 4378 err = -EINVAL; 4379 4380 out: 4381 return err; 4382 } 4383 4384 #define NL80211_FLAG_NEED_WIPHY 0x01 4385 #define NL80211_FLAG_NEED_NETDEV 0x02 4386 #define NL80211_FLAG_NEED_RTNL 0x04 4387 #define NL80211_FLAG_CHECK_NETDEV_UP 0x08 4388 #define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\ 4389 NL80211_FLAG_CHECK_NETDEV_UP) 4390 4391 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb, 4392 struct genl_info *info) 4393 { 4394 struct cfg80211_registered_device *rdev; 4395 struct net_device *dev; 4396 int err; 4397 bool rtnl = ops->internal_flags & NL80211_FLAG_NEED_RTNL; 4398 4399 if (rtnl) 4400 rtnl_lock(); 4401 4402 if (ops->internal_flags & NL80211_FLAG_NEED_WIPHY) { 4403 rdev = cfg80211_get_dev_from_info(info); 4404 if (IS_ERR(rdev)) { 4405 if (rtnl) 4406 rtnl_unlock(); 4407 return PTR_ERR(rdev); 4408 } 4409 info->user_ptr[0] = rdev; 4410 } else if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV) { 4411 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 4412 if (err) { 4413 if (rtnl) 4414 rtnl_unlock(); 4415 return err; 4416 } 4417 if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP && 4418 !netif_running(dev)) { 4419 cfg80211_unlock_rdev(rdev); 4420 dev_put(dev); 4421 if (rtnl) 4422 rtnl_unlock(); 4423 return -ENETDOWN; 4424 } 4425 info->user_ptr[0] = rdev; 4426 info->user_ptr[1] = dev; 4427 } 4428 4429 return 0; 4430 } 4431 4432 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb, 4433 struct genl_info *info) 4434 { 4435 if (info->user_ptr[0]) 4436 cfg80211_unlock_rdev(info->user_ptr[0]); 4437 if (info->user_ptr[1]) 4438 dev_put(info->user_ptr[1]); 4439 if (ops->internal_flags & NL80211_FLAG_NEED_RTNL) 4440 rtnl_unlock(); 4441 } 4442 4443 static struct genl_ops nl80211_ops[] = { 4444 { 4445 .cmd = NL80211_CMD_GET_WIPHY, 4446 .doit = nl80211_get_wiphy, 4447 .dumpit = nl80211_dump_wiphy, 4448 .policy = nl80211_policy, 4449 /* can be retrieved by unprivileged users */ 4450 .internal_flags = NL80211_FLAG_NEED_WIPHY, 4451 }, 4452 { 4453 .cmd = NL80211_CMD_SET_WIPHY, 4454 .doit = nl80211_set_wiphy, 4455 .policy = nl80211_policy, 4456 .flags = GENL_ADMIN_PERM, 4457 .internal_flags = NL80211_FLAG_NEED_RTNL, 4458 }, 4459 { 4460 .cmd = NL80211_CMD_GET_INTERFACE, 4461 .doit = nl80211_get_interface, 4462 .dumpit = nl80211_dump_interface, 4463 .policy = nl80211_policy, 4464 /* can be retrieved by unprivileged users */ 4465 .internal_flags = NL80211_FLAG_NEED_NETDEV, 4466 }, 4467 { 4468 .cmd = NL80211_CMD_SET_INTERFACE, 4469 .doit = nl80211_set_interface, 4470 .policy = nl80211_policy, 4471 .flags = GENL_ADMIN_PERM, 4472 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4473 NL80211_FLAG_NEED_RTNL, 4474 }, 4475 { 4476 .cmd = NL80211_CMD_NEW_INTERFACE, 4477 .doit = nl80211_new_interface, 4478 .policy = nl80211_policy, 4479 .flags = GENL_ADMIN_PERM, 4480 .internal_flags = NL80211_FLAG_NEED_WIPHY | 4481 NL80211_FLAG_NEED_RTNL, 4482 }, 4483 { 4484 .cmd = NL80211_CMD_DEL_INTERFACE, 4485 .doit = nl80211_del_interface, 4486 .policy = nl80211_policy, 4487 .flags = GENL_ADMIN_PERM, 4488 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4489 NL80211_FLAG_NEED_RTNL, 4490 }, 4491 { 4492 .cmd = NL80211_CMD_GET_KEY, 4493 .doit = nl80211_get_key, 4494 .policy = nl80211_policy, 4495 .flags = GENL_ADMIN_PERM, 4496 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4497 NL80211_FLAG_NEED_RTNL, 4498 }, 4499 { 4500 .cmd = NL80211_CMD_SET_KEY, 4501 .doit = nl80211_set_key, 4502 .policy = nl80211_policy, 4503 .flags = GENL_ADMIN_PERM, 4504 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4505 NL80211_FLAG_NEED_RTNL, 4506 }, 4507 { 4508 .cmd = NL80211_CMD_NEW_KEY, 4509 .doit = nl80211_new_key, 4510 .policy = nl80211_policy, 4511 .flags = GENL_ADMIN_PERM, 4512 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4513 NL80211_FLAG_NEED_RTNL, 4514 }, 4515 { 4516 .cmd = NL80211_CMD_DEL_KEY, 4517 .doit = nl80211_del_key, 4518 .policy = nl80211_policy, 4519 .flags = GENL_ADMIN_PERM, 4520 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4521 NL80211_FLAG_NEED_RTNL, 4522 }, 4523 { 4524 .cmd = NL80211_CMD_SET_BEACON, 4525 .policy = nl80211_policy, 4526 .flags = GENL_ADMIN_PERM, 4527 .doit = nl80211_addset_beacon, 4528 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4529 NL80211_FLAG_NEED_RTNL, 4530 }, 4531 { 4532 .cmd = NL80211_CMD_NEW_BEACON, 4533 .policy = nl80211_policy, 4534 .flags = GENL_ADMIN_PERM, 4535 .doit = nl80211_addset_beacon, 4536 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4537 NL80211_FLAG_NEED_RTNL, 4538 }, 4539 { 4540 .cmd = NL80211_CMD_DEL_BEACON, 4541 .policy = nl80211_policy, 4542 .flags = GENL_ADMIN_PERM, 4543 .doit = nl80211_del_beacon, 4544 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4545 NL80211_FLAG_NEED_RTNL, 4546 }, 4547 { 4548 .cmd = NL80211_CMD_GET_STATION, 4549 .doit = nl80211_get_station, 4550 .dumpit = nl80211_dump_station, 4551 .policy = nl80211_policy, 4552 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4553 NL80211_FLAG_NEED_RTNL, 4554 }, 4555 { 4556 .cmd = NL80211_CMD_SET_STATION, 4557 .doit = nl80211_set_station, 4558 .policy = nl80211_policy, 4559 .flags = GENL_ADMIN_PERM, 4560 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4561 NL80211_FLAG_NEED_RTNL, 4562 }, 4563 { 4564 .cmd = NL80211_CMD_NEW_STATION, 4565 .doit = nl80211_new_station, 4566 .policy = nl80211_policy, 4567 .flags = GENL_ADMIN_PERM, 4568 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4569 NL80211_FLAG_NEED_RTNL, 4570 }, 4571 { 4572 .cmd = NL80211_CMD_DEL_STATION, 4573 .doit = nl80211_del_station, 4574 .policy = nl80211_policy, 4575 .flags = GENL_ADMIN_PERM, 4576 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4577 NL80211_FLAG_NEED_RTNL, 4578 }, 4579 { 4580 .cmd = NL80211_CMD_GET_MPATH, 4581 .doit = nl80211_get_mpath, 4582 .dumpit = nl80211_dump_mpath, 4583 .policy = nl80211_policy, 4584 .flags = GENL_ADMIN_PERM, 4585 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4586 NL80211_FLAG_NEED_RTNL, 4587 }, 4588 { 4589 .cmd = NL80211_CMD_SET_MPATH, 4590 .doit = nl80211_set_mpath, 4591 .policy = nl80211_policy, 4592 .flags = GENL_ADMIN_PERM, 4593 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4594 NL80211_FLAG_NEED_RTNL, 4595 }, 4596 { 4597 .cmd = NL80211_CMD_NEW_MPATH, 4598 .doit = nl80211_new_mpath, 4599 .policy = nl80211_policy, 4600 .flags = GENL_ADMIN_PERM, 4601 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4602 NL80211_FLAG_NEED_RTNL, 4603 }, 4604 { 4605 .cmd = NL80211_CMD_DEL_MPATH, 4606 .doit = nl80211_del_mpath, 4607 .policy = nl80211_policy, 4608 .flags = GENL_ADMIN_PERM, 4609 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4610 NL80211_FLAG_NEED_RTNL, 4611 }, 4612 { 4613 .cmd = NL80211_CMD_SET_BSS, 4614 .doit = nl80211_set_bss, 4615 .policy = nl80211_policy, 4616 .flags = GENL_ADMIN_PERM, 4617 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4618 NL80211_FLAG_NEED_RTNL, 4619 }, 4620 { 4621 .cmd = NL80211_CMD_GET_REG, 4622 .doit = nl80211_get_reg, 4623 .policy = nl80211_policy, 4624 /* can be retrieved by unprivileged users */ 4625 }, 4626 { 4627 .cmd = NL80211_CMD_SET_REG, 4628 .doit = nl80211_set_reg, 4629 .policy = nl80211_policy, 4630 .flags = GENL_ADMIN_PERM, 4631 }, 4632 { 4633 .cmd = NL80211_CMD_REQ_SET_REG, 4634 .doit = nl80211_req_set_reg, 4635 .policy = nl80211_policy, 4636 .flags = GENL_ADMIN_PERM, 4637 }, 4638 { 4639 .cmd = NL80211_CMD_GET_MESH_PARAMS, 4640 .doit = nl80211_get_mesh_params, 4641 .policy = nl80211_policy, 4642 /* can be retrieved by unprivileged users */ 4643 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4644 NL80211_FLAG_NEED_RTNL, 4645 }, 4646 { 4647 .cmd = NL80211_CMD_SET_MESH_PARAMS, 4648 .doit = nl80211_set_mesh_params, 4649 .policy = nl80211_policy, 4650 .flags = GENL_ADMIN_PERM, 4651 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4652 NL80211_FLAG_NEED_RTNL, 4653 }, 4654 { 4655 .cmd = NL80211_CMD_TRIGGER_SCAN, 4656 .doit = nl80211_trigger_scan, 4657 .policy = nl80211_policy, 4658 .flags = GENL_ADMIN_PERM, 4659 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4660 NL80211_FLAG_NEED_RTNL, 4661 }, 4662 { 4663 .cmd = NL80211_CMD_GET_SCAN, 4664 .policy = nl80211_policy, 4665 .dumpit = nl80211_dump_scan, 4666 }, 4667 { 4668 .cmd = NL80211_CMD_AUTHENTICATE, 4669 .doit = nl80211_authenticate, 4670 .policy = nl80211_policy, 4671 .flags = GENL_ADMIN_PERM, 4672 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4673 NL80211_FLAG_NEED_RTNL, 4674 }, 4675 { 4676 .cmd = NL80211_CMD_ASSOCIATE, 4677 .doit = nl80211_associate, 4678 .policy = nl80211_policy, 4679 .flags = GENL_ADMIN_PERM, 4680 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4681 NL80211_FLAG_NEED_RTNL, 4682 }, 4683 { 4684 .cmd = NL80211_CMD_DEAUTHENTICATE, 4685 .doit = nl80211_deauthenticate, 4686 .policy = nl80211_policy, 4687 .flags = GENL_ADMIN_PERM, 4688 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4689 NL80211_FLAG_NEED_RTNL, 4690 }, 4691 { 4692 .cmd = NL80211_CMD_DISASSOCIATE, 4693 .doit = nl80211_disassociate, 4694 .policy = nl80211_policy, 4695 .flags = GENL_ADMIN_PERM, 4696 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4697 NL80211_FLAG_NEED_RTNL, 4698 }, 4699 { 4700 .cmd = NL80211_CMD_JOIN_IBSS, 4701 .doit = nl80211_join_ibss, 4702 .policy = nl80211_policy, 4703 .flags = GENL_ADMIN_PERM, 4704 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4705 NL80211_FLAG_NEED_RTNL, 4706 }, 4707 { 4708 .cmd = NL80211_CMD_LEAVE_IBSS, 4709 .doit = nl80211_leave_ibss, 4710 .policy = nl80211_policy, 4711 .flags = GENL_ADMIN_PERM, 4712 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4713 NL80211_FLAG_NEED_RTNL, 4714 }, 4715 #ifdef CONFIG_NL80211_TESTMODE 4716 { 4717 .cmd = NL80211_CMD_TESTMODE, 4718 .doit = nl80211_testmode_do, 4719 .policy = nl80211_policy, 4720 .flags = GENL_ADMIN_PERM, 4721 .internal_flags = NL80211_FLAG_NEED_WIPHY | 4722 NL80211_FLAG_NEED_RTNL, 4723 }, 4724 #endif 4725 { 4726 .cmd = NL80211_CMD_CONNECT, 4727 .doit = nl80211_connect, 4728 .policy = nl80211_policy, 4729 .flags = GENL_ADMIN_PERM, 4730 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4731 NL80211_FLAG_NEED_RTNL, 4732 }, 4733 { 4734 .cmd = NL80211_CMD_DISCONNECT, 4735 .doit = nl80211_disconnect, 4736 .policy = nl80211_policy, 4737 .flags = GENL_ADMIN_PERM, 4738 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4739 NL80211_FLAG_NEED_RTNL, 4740 }, 4741 { 4742 .cmd = NL80211_CMD_SET_WIPHY_NETNS, 4743 .doit = nl80211_wiphy_netns, 4744 .policy = nl80211_policy, 4745 .flags = GENL_ADMIN_PERM, 4746 .internal_flags = NL80211_FLAG_NEED_WIPHY | 4747 NL80211_FLAG_NEED_RTNL, 4748 }, 4749 { 4750 .cmd = NL80211_CMD_GET_SURVEY, 4751 .policy = nl80211_policy, 4752 .dumpit = nl80211_dump_survey, 4753 }, 4754 { 4755 .cmd = NL80211_CMD_SET_PMKSA, 4756 .doit = nl80211_setdel_pmksa, 4757 .policy = nl80211_policy, 4758 .flags = GENL_ADMIN_PERM, 4759 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4760 NL80211_FLAG_NEED_RTNL, 4761 }, 4762 { 4763 .cmd = NL80211_CMD_DEL_PMKSA, 4764 .doit = nl80211_setdel_pmksa, 4765 .policy = nl80211_policy, 4766 .flags = GENL_ADMIN_PERM, 4767 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4768 NL80211_FLAG_NEED_RTNL, 4769 }, 4770 { 4771 .cmd = NL80211_CMD_FLUSH_PMKSA, 4772 .doit = nl80211_flush_pmksa, 4773 .policy = nl80211_policy, 4774 .flags = GENL_ADMIN_PERM, 4775 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4776 NL80211_FLAG_NEED_RTNL, 4777 }, 4778 { 4779 .cmd = NL80211_CMD_REMAIN_ON_CHANNEL, 4780 .doit = nl80211_remain_on_channel, 4781 .policy = nl80211_policy, 4782 .flags = GENL_ADMIN_PERM, 4783 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4784 NL80211_FLAG_NEED_RTNL, 4785 }, 4786 { 4787 .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 4788 .doit = nl80211_cancel_remain_on_channel, 4789 .policy = nl80211_policy, 4790 .flags = GENL_ADMIN_PERM, 4791 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4792 NL80211_FLAG_NEED_RTNL, 4793 }, 4794 { 4795 .cmd = NL80211_CMD_SET_TX_BITRATE_MASK, 4796 .doit = nl80211_set_tx_bitrate_mask, 4797 .policy = nl80211_policy, 4798 .flags = GENL_ADMIN_PERM, 4799 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4800 NL80211_FLAG_NEED_RTNL, 4801 }, 4802 { 4803 .cmd = NL80211_CMD_REGISTER_FRAME, 4804 .doit = nl80211_register_mgmt, 4805 .policy = nl80211_policy, 4806 .flags = GENL_ADMIN_PERM, 4807 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4808 NL80211_FLAG_NEED_RTNL, 4809 }, 4810 { 4811 .cmd = NL80211_CMD_FRAME, 4812 .doit = nl80211_tx_mgmt, 4813 .policy = nl80211_policy, 4814 .flags = GENL_ADMIN_PERM, 4815 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4816 NL80211_FLAG_NEED_RTNL, 4817 }, 4818 { 4819 .cmd = NL80211_CMD_SET_POWER_SAVE, 4820 .doit = nl80211_set_power_save, 4821 .policy = nl80211_policy, 4822 .flags = GENL_ADMIN_PERM, 4823 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4824 NL80211_FLAG_NEED_RTNL, 4825 }, 4826 { 4827 .cmd = NL80211_CMD_GET_POWER_SAVE, 4828 .doit = nl80211_get_power_save, 4829 .policy = nl80211_policy, 4830 /* can be retrieved by unprivileged users */ 4831 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4832 NL80211_FLAG_NEED_RTNL, 4833 }, 4834 { 4835 .cmd = NL80211_CMD_SET_CQM, 4836 .doit = nl80211_set_cqm, 4837 .policy = nl80211_policy, 4838 .flags = GENL_ADMIN_PERM, 4839 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4840 NL80211_FLAG_NEED_RTNL, 4841 }, 4842 { 4843 .cmd = NL80211_CMD_SET_CHANNEL, 4844 .doit = nl80211_set_channel, 4845 .policy = nl80211_policy, 4846 .flags = GENL_ADMIN_PERM, 4847 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4848 NL80211_FLAG_NEED_RTNL, 4849 }, 4850 { 4851 .cmd = NL80211_CMD_SET_WDS_PEER, 4852 .doit = nl80211_set_wds_peer, 4853 .policy = nl80211_policy, 4854 .flags = GENL_ADMIN_PERM, 4855 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4856 NL80211_FLAG_NEED_RTNL, 4857 }, 4858 }; 4859 4860 static struct genl_multicast_group nl80211_mlme_mcgrp = { 4861 .name = "mlme", 4862 }; 4863 4864 /* multicast groups */ 4865 static struct genl_multicast_group nl80211_config_mcgrp = { 4866 .name = "config", 4867 }; 4868 static struct genl_multicast_group nl80211_scan_mcgrp = { 4869 .name = "scan", 4870 }; 4871 static struct genl_multicast_group nl80211_regulatory_mcgrp = { 4872 .name = "regulatory", 4873 }; 4874 4875 /* notification functions */ 4876 4877 void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev) 4878 { 4879 struct sk_buff *msg; 4880 4881 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4882 if (!msg) 4883 return; 4884 4885 if (nl80211_send_wiphy(msg, 0, 0, 0, rdev) < 0) { 4886 nlmsg_free(msg); 4887 return; 4888 } 4889 4890 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 4891 nl80211_config_mcgrp.id, GFP_KERNEL); 4892 } 4893 4894 static int nl80211_add_scan_req(struct sk_buff *msg, 4895 struct cfg80211_registered_device *rdev) 4896 { 4897 struct cfg80211_scan_request *req = rdev->scan_req; 4898 struct nlattr *nest; 4899 int i; 4900 4901 ASSERT_RDEV_LOCK(rdev); 4902 4903 if (WARN_ON(!req)) 4904 return 0; 4905 4906 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS); 4907 if (!nest) 4908 goto nla_put_failure; 4909 for (i = 0; i < req->n_ssids; i++) 4910 NLA_PUT(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid); 4911 nla_nest_end(msg, nest); 4912 4913 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES); 4914 if (!nest) 4915 goto nla_put_failure; 4916 for (i = 0; i < req->n_channels; i++) 4917 NLA_PUT_U32(msg, i, req->channels[i]->center_freq); 4918 nla_nest_end(msg, nest); 4919 4920 if (req->ie) 4921 NLA_PUT(msg, NL80211_ATTR_IE, req->ie_len, req->ie); 4922 4923 return 0; 4924 nla_put_failure: 4925 return -ENOBUFS; 4926 } 4927 4928 static int nl80211_send_scan_msg(struct sk_buff *msg, 4929 struct cfg80211_registered_device *rdev, 4930 struct net_device *netdev, 4931 u32 pid, u32 seq, int flags, 4932 u32 cmd) 4933 { 4934 void *hdr; 4935 4936 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd); 4937 if (!hdr) 4938 return -1; 4939 4940 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 4941 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 4942 4943 /* ignore errors and send incomplete event anyway */ 4944 nl80211_add_scan_req(msg, rdev); 4945 4946 return genlmsg_end(msg, hdr); 4947 4948 nla_put_failure: 4949 genlmsg_cancel(msg, hdr); 4950 return -EMSGSIZE; 4951 } 4952 4953 void nl80211_send_scan_start(struct cfg80211_registered_device *rdev, 4954 struct net_device *netdev) 4955 { 4956 struct sk_buff *msg; 4957 4958 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 4959 if (!msg) 4960 return; 4961 4962 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 4963 NL80211_CMD_TRIGGER_SCAN) < 0) { 4964 nlmsg_free(msg); 4965 return; 4966 } 4967 4968 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 4969 nl80211_scan_mcgrp.id, GFP_KERNEL); 4970 } 4971 4972 void nl80211_send_scan_done(struct cfg80211_registered_device *rdev, 4973 struct net_device *netdev) 4974 { 4975 struct sk_buff *msg; 4976 4977 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4978 if (!msg) 4979 return; 4980 4981 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 4982 NL80211_CMD_NEW_SCAN_RESULTS) < 0) { 4983 nlmsg_free(msg); 4984 return; 4985 } 4986 4987 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 4988 nl80211_scan_mcgrp.id, GFP_KERNEL); 4989 } 4990 4991 void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev, 4992 struct net_device *netdev) 4993 { 4994 struct sk_buff *msg; 4995 4996 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4997 if (!msg) 4998 return; 4999 5000 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 5001 NL80211_CMD_SCAN_ABORTED) < 0) { 5002 nlmsg_free(msg); 5003 return; 5004 } 5005 5006 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5007 nl80211_scan_mcgrp.id, GFP_KERNEL); 5008 } 5009 5010 /* 5011 * This can happen on global regulatory changes or device specific settings 5012 * based on custom world regulatory domains. 5013 */ 5014 void nl80211_send_reg_change_event(struct regulatory_request *request) 5015 { 5016 struct sk_buff *msg; 5017 void *hdr; 5018 5019 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5020 if (!msg) 5021 return; 5022 5023 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_CHANGE); 5024 if (!hdr) { 5025 nlmsg_free(msg); 5026 return; 5027 } 5028 5029 /* Userspace can always count this one always being set */ 5030 NLA_PUT_U8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator); 5031 5032 if (request->alpha2[0] == '0' && request->alpha2[1] == '0') 5033 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 5034 NL80211_REGDOM_TYPE_WORLD); 5035 else if (request->alpha2[0] == '9' && request->alpha2[1] == '9') 5036 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 5037 NL80211_REGDOM_TYPE_CUSTOM_WORLD); 5038 else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') || 5039 request->intersect) 5040 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 5041 NL80211_REGDOM_TYPE_INTERSECTION); 5042 else { 5043 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 5044 NL80211_REGDOM_TYPE_COUNTRY); 5045 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, request->alpha2); 5046 } 5047 5048 if (wiphy_idx_valid(request->wiphy_idx)) 5049 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx); 5050 5051 if (genlmsg_end(msg, hdr) < 0) { 5052 nlmsg_free(msg); 5053 return; 5054 } 5055 5056 rcu_read_lock(); 5057 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 5058 GFP_ATOMIC); 5059 rcu_read_unlock(); 5060 5061 return; 5062 5063 nla_put_failure: 5064 genlmsg_cancel(msg, hdr); 5065 nlmsg_free(msg); 5066 } 5067 5068 static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev, 5069 struct net_device *netdev, 5070 const u8 *buf, size_t len, 5071 enum nl80211_commands cmd, gfp_t gfp) 5072 { 5073 struct sk_buff *msg; 5074 void *hdr; 5075 5076 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5077 if (!msg) 5078 return; 5079 5080 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 5081 if (!hdr) { 5082 nlmsg_free(msg); 5083 return; 5084 } 5085 5086 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5087 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5088 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 5089 5090 if (genlmsg_end(msg, hdr) < 0) { 5091 nlmsg_free(msg); 5092 return; 5093 } 5094 5095 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5096 nl80211_mlme_mcgrp.id, gfp); 5097 return; 5098 5099 nla_put_failure: 5100 genlmsg_cancel(msg, hdr); 5101 nlmsg_free(msg); 5102 } 5103 5104 void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev, 5105 struct net_device *netdev, const u8 *buf, 5106 size_t len, gfp_t gfp) 5107 { 5108 nl80211_send_mlme_event(rdev, netdev, buf, len, 5109 NL80211_CMD_AUTHENTICATE, gfp); 5110 } 5111 5112 void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev, 5113 struct net_device *netdev, const u8 *buf, 5114 size_t len, gfp_t gfp) 5115 { 5116 nl80211_send_mlme_event(rdev, netdev, buf, len, 5117 NL80211_CMD_ASSOCIATE, gfp); 5118 } 5119 5120 void nl80211_send_deauth(struct cfg80211_registered_device *rdev, 5121 struct net_device *netdev, const u8 *buf, 5122 size_t len, gfp_t gfp) 5123 { 5124 nl80211_send_mlme_event(rdev, netdev, buf, len, 5125 NL80211_CMD_DEAUTHENTICATE, gfp); 5126 } 5127 5128 void nl80211_send_disassoc(struct cfg80211_registered_device *rdev, 5129 struct net_device *netdev, const u8 *buf, 5130 size_t len, gfp_t gfp) 5131 { 5132 nl80211_send_mlme_event(rdev, netdev, buf, len, 5133 NL80211_CMD_DISASSOCIATE, gfp); 5134 } 5135 5136 static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev, 5137 struct net_device *netdev, int cmd, 5138 const u8 *addr, gfp_t gfp) 5139 { 5140 struct sk_buff *msg; 5141 void *hdr; 5142 5143 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5144 if (!msg) 5145 return; 5146 5147 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 5148 if (!hdr) { 5149 nlmsg_free(msg); 5150 return; 5151 } 5152 5153 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5154 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5155 NLA_PUT_FLAG(msg, NL80211_ATTR_TIMED_OUT); 5156 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 5157 5158 if (genlmsg_end(msg, hdr) < 0) { 5159 nlmsg_free(msg); 5160 return; 5161 } 5162 5163 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5164 nl80211_mlme_mcgrp.id, gfp); 5165 return; 5166 5167 nla_put_failure: 5168 genlmsg_cancel(msg, hdr); 5169 nlmsg_free(msg); 5170 } 5171 5172 void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev, 5173 struct net_device *netdev, const u8 *addr, 5174 gfp_t gfp) 5175 { 5176 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE, 5177 addr, gfp); 5178 } 5179 5180 void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev, 5181 struct net_device *netdev, const u8 *addr, 5182 gfp_t gfp) 5183 { 5184 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE, 5185 addr, gfp); 5186 } 5187 5188 void nl80211_send_connect_result(struct cfg80211_registered_device *rdev, 5189 struct net_device *netdev, const u8 *bssid, 5190 const u8 *req_ie, size_t req_ie_len, 5191 const u8 *resp_ie, size_t resp_ie_len, 5192 u16 status, gfp_t gfp) 5193 { 5194 struct sk_buff *msg; 5195 void *hdr; 5196 5197 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 5198 if (!msg) 5199 return; 5200 5201 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT); 5202 if (!hdr) { 5203 nlmsg_free(msg); 5204 return; 5205 } 5206 5207 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5208 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5209 if (bssid) 5210 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 5211 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status); 5212 if (req_ie) 5213 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 5214 if (resp_ie) 5215 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 5216 5217 if (genlmsg_end(msg, hdr) < 0) { 5218 nlmsg_free(msg); 5219 return; 5220 } 5221 5222 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5223 nl80211_mlme_mcgrp.id, gfp); 5224 return; 5225 5226 nla_put_failure: 5227 genlmsg_cancel(msg, hdr); 5228 nlmsg_free(msg); 5229 5230 } 5231 5232 void nl80211_send_roamed(struct cfg80211_registered_device *rdev, 5233 struct net_device *netdev, const u8 *bssid, 5234 const u8 *req_ie, size_t req_ie_len, 5235 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp) 5236 { 5237 struct sk_buff *msg; 5238 void *hdr; 5239 5240 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 5241 if (!msg) 5242 return; 5243 5244 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM); 5245 if (!hdr) { 5246 nlmsg_free(msg); 5247 return; 5248 } 5249 5250 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5251 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5252 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 5253 if (req_ie) 5254 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 5255 if (resp_ie) 5256 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 5257 5258 if (genlmsg_end(msg, hdr) < 0) { 5259 nlmsg_free(msg); 5260 return; 5261 } 5262 5263 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5264 nl80211_mlme_mcgrp.id, gfp); 5265 return; 5266 5267 nla_put_failure: 5268 genlmsg_cancel(msg, hdr); 5269 nlmsg_free(msg); 5270 5271 } 5272 5273 void nl80211_send_disconnected(struct cfg80211_registered_device *rdev, 5274 struct net_device *netdev, u16 reason, 5275 const u8 *ie, size_t ie_len, bool from_ap) 5276 { 5277 struct sk_buff *msg; 5278 void *hdr; 5279 5280 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 5281 if (!msg) 5282 return; 5283 5284 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT); 5285 if (!hdr) { 5286 nlmsg_free(msg); 5287 return; 5288 } 5289 5290 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5291 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5292 if (from_ap && reason) 5293 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason); 5294 if (from_ap) 5295 NLA_PUT_FLAG(msg, NL80211_ATTR_DISCONNECTED_BY_AP); 5296 if (ie) 5297 NLA_PUT(msg, NL80211_ATTR_IE, ie_len, ie); 5298 5299 if (genlmsg_end(msg, hdr) < 0) { 5300 nlmsg_free(msg); 5301 return; 5302 } 5303 5304 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5305 nl80211_mlme_mcgrp.id, GFP_KERNEL); 5306 return; 5307 5308 nla_put_failure: 5309 genlmsg_cancel(msg, hdr); 5310 nlmsg_free(msg); 5311 5312 } 5313 5314 void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev, 5315 struct net_device *netdev, const u8 *bssid, 5316 gfp_t gfp) 5317 { 5318 struct sk_buff *msg; 5319 void *hdr; 5320 5321 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5322 if (!msg) 5323 return; 5324 5325 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS); 5326 if (!hdr) { 5327 nlmsg_free(msg); 5328 return; 5329 } 5330 5331 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5332 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5333 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 5334 5335 if (genlmsg_end(msg, hdr) < 0) { 5336 nlmsg_free(msg); 5337 return; 5338 } 5339 5340 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5341 nl80211_mlme_mcgrp.id, gfp); 5342 return; 5343 5344 nla_put_failure: 5345 genlmsg_cancel(msg, hdr); 5346 nlmsg_free(msg); 5347 } 5348 5349 void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev, 5350 struct net_device *netdev, const u8 *addr, 5351 enum nl80211_key_type key_type, int key_id, 5352 const u8 *tsc, gfp_t gfp) 5353 { 5354 struct sk_buff *msg; 5355 void *hdr; 5356 5357 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5358 if (!msg) 5359 return; 5360 5361 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE); 5362 if (!hdr) { 5363 nlmsg_free(msg); 5364 return; 5365 } 5366 5367 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5368 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5369 if (addr) 5370 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 5371 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE, key_type); 5372 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_id); 5373 if (tsc) 5374 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, 6, tsc); 5375 5376 if (genlmsg_end(msg, hdr) < 0) { 5377 nlmsg_free(msg); 5378 return; 5379 } 5380 5381 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5382 nl80211_mlme_mcgrp.id, gfp); 5383 return; 5384 5385 nla_put_failure: 5386 genlmsg_cancel(msg, hdr); 5387 nlmsg_free(msg); 5388 } 5389 5390 void nl80211_send_beacon_hint_event(struct wiphy *wiphy, 5391 struct ieee80211_channel *channel_before, 5392 struct ieee80211_channel *channel_after) 5393 { 5394 struct sk_buff *msg; 5395 void *hdr; 5396 struct nlattr *nl_freq; 5397 5398 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 5399 if (!msg) 5400 return; 5401 5402 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT); 5403 if (!hdr) { 5404 nlmsg_free(msg); 5405 return; 5406 } 5407 5408 /* 5409 * Since we are applying the beacon hint to a wiphy we know its 5410 * wiphy_idx is valid 5411 */ 5412 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)); 5413 5414 /* Before */ 5415 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE); 5416 if (!nl_freq) 5417 goto nla_put_failure; 5418 if (nl80211_msg_put_channel(msg, channel_before)) 5419 goto nla_put_failure; 5420 nla_nest_end(msg, nl_freq); 5421 5422 /* After */ 5423 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER); 5424 if (!nl_freq) 5425 goto nla_put_failure; 5426 if (nl80211_msg_put_channel(msg, channel_after)) 5427 goto nla_put_failure; 5428 nla_nest_end(msg, nl_freq); 5429 5430 if (genlmsg_end(msg, hdr) < 0) { 5431 nlmsg_free(msg); 5432 return; 5433 } 5434 5435 rcu_read_lock(); 5436 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 5437 GFP_ATOMIC); 5438 rcu_read_unlock(); 5439 5440 return; 5441 5442 nla_put_failure: 5443 genlmsg_cancel(msg, hdr); 5444 nlmsg_free(msg); 5445 } 5446 5447 static void nl80211_send_remain_on_chan_event( 5448 int cmd, struct cfg80211_registered_device *rdev, 5449 struct net_device *netdev, u64 cookie, 5450 struct ieee80211_channel *chan, 5451 enum nl80211_channel_type channel_type, 5452 unsigned int duration, gfp_t gfp) 5453 { 5454 struct sk_buff *msg; 5455 void *hdr; 5456 5457 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5458 if (!msg) 5459 return; 5460 5461 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 5462 if (!hdr) { 5463 nlmsg_free(msg); 5464 return; 5465 } 5466 5467 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5468 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5469 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq); 5470 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, channel_type); 5471 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 5472 5473 if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL) 5474 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration); 5475 5476 if (genlmsg_end(msg, hdr) < 0) { 5477 nlmsg_free(msg); 5478 return; 5479 } 5480 5481 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5482 nl80211_mlme_mcgrp.id, gfp); 5483 return; 5484 5485 nla_put_failure: 5486 genlmsg_cancel(msg, hdr); 5487 nlmsg_free(msg); 5488 } 5489 5490 void nl80211_send_remain_on_channel(struct cfg80211_registered_device *rdev, 5491 struct net_device *netdev, u64 cookie, 5492 struct ieee80211_channel *chan, 5493 enum nl80211_channel_type channel_type, 5494 unsigned int duration, gfp_t gfp) 5495 { 5496 nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL, 5497 rdev, netdev, cookie, chan, 5498 channel_type, duration, gfp); 5499 } 5500 5501 void nl80211_send_remain_on_channel_cancel( 5502 struct cfg80211_registered_device *rdev, struct net_device *netdev, 5503 u64 cookie, struct ieee80211_channel *chan, 5504 enum nl80211_channel_type channel_type, gfp_t gfp) 5505 { 5506 nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 5507 rdev, netdev, cookie, chan, 5508 channel_type, 0, gfp); 5509 } 5510 5511 void nl80211_send_sta_event(struct cfg80211_registered_device *rdev, 5512 struct net_device *dev, const u8 *mac_addr, 5513 struct station_info *sinfo, gfp_t gfp) 5514 { 5515 struct sk_buff *msg; 5516 5517 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 5518 if (!msg) 5519 return; 5520 5521 if (nl80211_send_station(msg, 0, 0, 0, dev, mac_addr, sinfo) < 0) { 5522 nlmsg_free(msg); 5523 return; 5524 } 5525 5526 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5527 nl80211_mlme_mcgrp.id, gfp); 5528 } 5529 5530 int nl80211_send_mgmt(struct cfg80211_registered_device *rdev, 5531 struct net_device *netdev, u32 nlpid, 5532 int freq, const u8 *buf, size_t len, gfp_t gfp) 5533 { 5534 struct sk_buff *msg; 5535 void *hdr; 5536 int err; 5537 5538 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5539 if (!msg) 5540 return -ENOMEM; 5541 5542 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME); 5543 if (!hdr) { 5544 nlmsg_free(msg); 5545 return -ENOMEM; 5546 } 5547 5548 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5549 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5550 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq); 5551 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 5552 5553 err = genlmsg_end(msg, hdr); 5554 if (err < 0) { 5555 nlmsg_free(msg); 5556 return err; 5557 } 5558 5559 err = genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 5560 if (err < 0) 5561 return err; 5562 return 0; 5563 5564 nla_put_failure: 5565 genlmsg_cancel(msg, hdr); 5566 nlmsg_free(msg); 5567 return -ENOBUFS; 5568 } 5569 5570 void nl80211_send_mgmt_tx_status(struct cfg80211_registered_device *rdev, 5571 struct net_device *netdev, u64 cookie, 5572 const u8 *buf, size_t len, bool ack, 5573 gfp_t gfp) 5574 { 5575 struct sk_buff *msg; 5576 void *hdr; 5577 5578 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5579 if (!msg) 5580 return; 5581 5582 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME_TX_STATUS); 5583 if (!hdr) { 5584 nlmsg_free(msg); 5585 return; 5586 } 5587 5588 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5589 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5590 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 5591 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 5592 if (ack) 5593 NLA_PUT_FLAG(msg, NL80211_ATTR_ACK); 5594 5595 if (genlmsg_end(msg, hdr) < 0) { 5596 nlmsg_free(msg); 5597 return; 5598 } 5599 5600 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp); 5601 return; 5602 5603 nla_put_failure: 5604 genlmsg_cancel(msg, hdr); 5605 nlmsg_free(msg); 5606 } 5607 5608 void 5609 nl80211_send_cqm_rssi_notify(struct cfg80211_registered_device *rdev, 5610 struct net_device *netdev, 5611 enum nl80211_cqm_rssi_threshold_event rssi_event, 5612 gfp_t gfp) 5613 { 5614 struct sk_buff *msg; 5615 struct nlattr *pinfoattr; 5616 void *hdr; 5617 5618 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 5619 if (!msg) 5620 return; 5621 5622 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM); 5623 if (!hdr) { 5624 nlmsg_free(msg); 5625 return; 5626 } 5627 5628 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5629 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5630 5631 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM); 5632 if (!pinfoattr) 5633 goto nla_put_failure; 5634 5635 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT, 5636 rssi_event); 5637 5638 nla_nest_end(msg, pinfoattr); 5639 5640 if (genlmsg_end(msg, hdr) < 0) { 5641 nlmsg_free(msg); 5642 return; 5643 } 5644 5645 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5646 nl80211_mlme_mcgrp.id, gfp); 5647 return; 5648 5649 nla_put_failure: 5650 genlmsg_cancel(msg, hdr); 5651 nlmsg_free(msg); 5652 } 5653 5654 static int nl80211_netlink_notify(struct notifier_block * nb, 5655 unsigned long state, 5656 void *_notify) 5657 { 5658 struct netlink_notify *notify = _notify; 5659 struct cfg80211_registered_device *rdev; 5660 struct wireless_dev *wdev; 5661 5662 if (state != NETLINK_URELEASE) 5663 return NOTIFY_DONE; 5664 5665 rcu_read_lock(); 5666 5667 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) 5668 list_for_each_entry_rcu(wdev, &rdev->netdev_list, list) 5669 cfg80211_mlme_unregister_socket(wdev, notify->pid); 5670 5671 rcu_read_unlock(); 5672 5673 return NOTIFY_DONE; 5674 } 5675 5676 static struct notifier_block nl80211_netlink_notifier = { 5677 .notifier_call = nl80211_netlink_notify, 5678 }; 5679 5680 /* initialisation/exit functions */ 5681 5682 int nl80211_init(void) 5683 { 5684 int err; 5685 5686 err = genl_register_family_with_ops(&nl80211_fam, 5687 nl80211_ops, ARRAY_SIZE(nl80211_ops)); 5688 if (err) 5689 return err; 5690 5691 err = genl_register_mc_group(&nl80211_fam, &nl80211_config_mcgrp); 5692 if (err) 5693 goto err_out; 5694 5695 err = genl_register_mc_group(&nl80211_fam, &nl80211_scan_mcgrp); 5696 if (err) 5697 goto err_out; 5698 5699 err = genl_register_mc_group(&nl80211_fam, &nl80211_regulatory_mcgrp); 5700 if (err) 5701 goto err_out; 5702 5703 err = genl_register_mc_group(&nl80211_fam, &nl80211_mlme_mcgrp); 5704 if (err) 5705 goto err_out; 5706 5707 #ifdef CONFIG_NL80211_TESTMODE 5708 err = genl_register_mc_group(&nl80211_fam, &nl80211_testmode_mcgrp); 5709 if (err) 5710 goto err_out; 5711 #endif 5712 5713 err = netlink_register_notifier(&nl80211_netlink_notifier); 5714 if (err) 5715 goto err_out; 5716 5717 return 0; 5718 err_out: 5719 genl_unregister_family(&nl80211_fam); 5720 return err; 5721 } 5722 5723 void nl80211_exit(void) 5724 { 5725 netlink_unregister_notifier(&nl80211_netlink_notifier); 5726 genl_unregister_family(&nl80211_fam); 5727 } 5728