1 /* 2 * This is the new netlink-based wireless configuration interface. 3 * 4 * Copyright 2006-2009 Johannes Berg <johannes@sipsolutions.net> 5 */ 6 7 #include <linux/if.h> 8 #include <linux/module.h> 9 #include <linux/err.h> 10 #include <linux/list.h> 11 #include <linux/if_ether.h> 12 #include <linux/ieee80211.h> 13 #include <linux/nl80211.h> 14 #include <linux/rtnetlink.h> 15 #include <linux/netlink.h> 16 #include <linux/etherdevice.h> 17 #include <net/net_namespace.h> 18 #include <net/genetlink.h> 19 #include <net/cfg80211.h> 20 #include <net/sock.h> 21 #include "core.h" 22 #include "nl80211.h" 23 #include "reg.h" 24 25 /* the netlink family */ 26 static struct genl_family nl80211_fam = { 27 .id = GENL_ID_GENERATE, /* don't bother with a hardcoded ID */ 28 .name = "nl80211", /* have users key off the name instead */ 29 .hdrsize = 0, /* no private header */ 30 .version = 1, /* no particular meaning now */ 31 .maxattr = NL80211_ATTR_MAX, 32 .netnsok = true, 33 }; 34 35 /* internal helper: get rdev and dev */ 36 static int get_rdev_dev_by_info_ifindex(struct genl_info *info, 37 struct cfg80211_registered_device **rdev, 38 struct net_device **dev) 39 { 40 struct nlattr **attrs = info->attrs; 41 int ifindex; 42 43 if (!attrs[NL80211_ATTR_IFINDEX]) 44 return -EINVAL; 45 46 ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]); 47 *dev = dev_get_by_index(genl_info_net(info), ifindex); 48 if (!*dev) 49 return -ENODEV; 50 51 *rdev = cfg80211_get_dev_from_ifindex(genl_info_net(info), ifindex); 52 if (IS_ERR(*rdev)) { 53 dev_put(*dev); 54 return PTR_ERR(*rdev); 55 } 56 57 return 0; 58 } 59 60 /* policy for the attributes */ 61 static struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] __read_mostly = { 62 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 }, 63 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING, 64 .len = 20-1 }, 65 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED }, 66 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 }, 67 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 }, 68 [NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 }, 69 [NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 }, 70 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 }, 71 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 }, 72 73 [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 }, 74 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 }, 75 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 }, 76 77 [NL80211_ATTR_MAC] = { .type = NLA_BINARY, .len = ETH_ALEN }, 78 [NL80211_ATTR_PREV_BSSID] = { .type = NLA_BINARY, .len = ETH_ALEN }, 79 80 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, }, 81 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY, 82 .len = WLAN_MAX_KEY_LEN }, 83 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 }, 84 [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 }, 85 [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG }, 86 [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 }, 87 88 [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 }, 89 [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 }, 90 [NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY, 91 .len = IEEE80211_MAX_DATA_LEN }, 92 [NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY, 93 .len = IEEE80211_MAX_DATA_LEN }, 94 [NL80211_ATTR_STA_AID] = { .type = NLA_U16 }, 95 [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED }, 96 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 }, 97 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY, 98 .len = NL80211_MAX_SUPP_RATES }, 99 [NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 }, 100 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 }, 101 [NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ }, 102 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY, 103 .len = IEEE80211_MAX_MESH_ID_LEN }, 104 [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 }, 105 106 [NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 }, 107 [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED }, 108 109 [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 }, 110 [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 }, 111 [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 }, 112 [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY, 113 .len = NL80211_MAX_SUPP_RATES }, 114 115 [NL80211_ATTR_MESH_PARAMS] = { .type = NLA_NESTED }, 116 117 [NL80211_ATTR_HT_CAPABILITY] = { .type = NLA_BINARY, 118 .len = NL80211_HT_CAPABILITY_LEN }, 119 120 [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 }, 121 [NL80211_ATTR_IE] = { .type = NLA_BINARY, 122 .len = IEEE80211_MAX_DATA_LEN }, 123 [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED }, 124 [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED }, 125 126 [NL80211_ATTR_SSID] = { .type = NLA_BINARY, 127 .len = IEEE80211_MAX_SSID_LEN }, 128 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 }, 129 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 }, 130 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG }, 131 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG }, 132 [NL80211_ATTR_USE_MFP] = { .type = NLA_U32 }, 133 [NL80211_ATTR_STA_FLAGS2] = { 134 .len = sizeof(struct nl80211_sta_flag_update), 135 }, 136 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG }, 137 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG }, 138 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 }, 139 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 }, 140 [NL80211_ATTR_PID] = { .type = NLA_U32 }, 141 [NL80211_ATTR_4ADDR] = { .type = NLA_U8 }, 142 [NL80211_ATTR_PMKID] = { .type = NLA_BINARY, 143 .len = WLAN_PMKID_LEN }, 144 }; 145 146 /* policy for the attributes */ 147 static struct nla_policy 148 nl80211_key_policy[NL80211_KEY_MAX + 1] __read_mostly = { 149 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN }, 150 [NL80211_KEY_IDX] = { .type = NLA_U8 }, 151 [NL80211_KEY_CIPHER] = { .type = NLA_U32 }, 152 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 }, 153 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG }, 154 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG }, 155 }; 156 157 /* ifidx get helper */ 158 static int nl80211_get_ifidx(struct netlink_callback *cb) 159 { 160 int res; 161 162 res = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, 163 nl80211_fam.attrbuf, nl80211_fam.maxattr, 164 nl80211_policy); 165 if (res) 166 return res; 167 168 if (!nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]) 169 return -EINVAL; 170 171 res = nla_get_u32(nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]); 172 if (!res) 173 return -EINVAL; 174 return res; 175 } 176 177 /* IE validation */ 178 static bool is_valid_ie_attr(const struct nlattr *attr) 179 { 180 const u8 *pos; 181 int len; 182 183 if (!attr) 184 return true; 185 186 pos = nla_data(attr); 187 len = nla_len(attr); 188 189 while (len) { 190 u8 elemlen; 191 192 if (len < 2) 193 return false; 194 len -= 2; 195 196 elemlen = pos[1]; 197 if (elemlen > len) 198 return false; 199 200 len -= elemlen; 201 pos += 2 + elemlen; 202 } 203 204 return true; 205 } 206 207 /* message building helper */ 208 static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq, 209 int flags, u8 cmd) 210 { 211 /* since there is no private header just add the generic one */ 212 return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd); 213 } 214 215 static int nl80211_msg_put_channel(struct sk_buff *msg, 216 struct ieee80211_channel *chan) 217 { 218 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_FREQ, 219 chan->center_freq); 220 221 if (chan->flags & IEEE80211_CHAN_DISABLED) 222 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_DISABLED); 223 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN) 224 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_PASSIVE_SCAN); 225 if (chan->flags & IEEE80211_CHAN_NO_IBSS) 226 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_NO_IBSS); 227 if (chan->flags & IEEE80211_CHAN_RADAR) 228 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_RADAR); 229 230 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER, 231 DBM_TO_MBM(chan->max_power)); 232 233 return 0; 234 235 nla_put_failure: 236 return -ENOBUFS; 237 } 238 239 /* netlink command implementations */ 240 241 struct key_parse { 242 struct key_params p; 243 int idx; 244 bool def, defmgmt; 245 }; 246 247 static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k) 248 { 249 struct nlattr *tb[NL80211_KEY_MAX + 1]; 250 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key, 251 nl80211_key_policy); 252 if (err) 253 return err; 254 255 k->def = !!tb[NL80211_KEY_DEFAULT]; 256 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT]; 257 258 if (tb[NL80211_KEY_IDX]) 259 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]); 260 261 if (tb[NL80211_KEY_DATA]) { 262 k->p.key = nla_data(tb[NL80211_KEY_DATA]); 263 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]); 264 } 265 266 if (tb[NL80211_KEY_SEQ]) { 267 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]); 268 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]); 269 } 270 271 if (tb[NL80211_KEY_CIPHER]) 272 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]); 273 274 return 0; 275 } 276 277 static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k) 278 { 279 if (info->attrs[NL80211_ATTR_KEY_DATA]) { 280 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]); 281 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]); 282 } 283 284 if (info->attrs[NL80211_ATTR_KEY_SEQ]) { 285 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]); 286 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]); 287 } 288 289 if (info->attrs[NL80211_ATTR_KEY_IDX]) 290 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 291 292 if (info->attrs[NL80211_ATTR_KEY_CIPHER]) 293 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]); 294 295 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT]; 296 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT]; 297 298 return 0; 299 } 300 301 static int nl80211_parse_key(struct genl_info *info, struct key_parse *k) 302 { 303 int err; 304 305 memset(k, 0, sizeof(*k)); 306 k->idx = -1; 307 308 if (info->attrs[NL80211_ATTR_KEY]) 309 err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k); 310 else 311 err = nl80211_parse_key_old(info, k); 312 313 if (err) 314 return err; 315 316 if (k->def && k->defmgmt) 317 return -EINVAL; 318 319 if (k->idx != -1) { 320 if (k->defmgmt) { 321 if (k->idx < 4 || k->idx > 5) 322 return -EINVAL; 323 } else if (k->def) { 324 if (k->idx < 0 || k->idx > 3) 325 return -EINVAL; 326 } else { 327 if (k->idx < 0 || k->idx > 5) 328 return -EINVAL; 329 } 330 } 331 332 return 0; 333 } 334 335 static struct cfg80211_cached_keys * 336 nl80211_parse_connkeys(struct cfg80211_registered_device *rdev, 337 struct nlattr *keys) 338 { 339 struct key_parse parse; 340 struct nlattr *key; 341 struct cfg80211_cached_keys *result; 342 int rem, err, def = 0; 343 344 result = kzalloc(sizeof(*result), GFP_KERNEL); 345 if (!result) 346 return ERR_PTR(-ENOMEM); 347 348 result->def = -1; 349 result->defmgmt = -1; 350 351 nla_for_each_nested(key, keys, rem) { 352 memset(&parse, 0, sizeof(parse)); 353 parse.idx = -1; 354 355 err = nl80211_parse_key_new(key, &parse); 356 if (err) 357 goto error; 358 err = -EINVAL; 359 if (!parse.p.key) 360 goto error; 361 if (parse.idx < 0 || parse.idx > 4) 362 goto error; 363 if (parse.def) { 364 if (def) 365 goto error; 366 def = 1; 367 result->def = parse.idx; 368 } else if (parse.defmgmt) 369 goto error; 370 err = cfg80211_validate_key_settings(rdev, &parse.p, 371 parse.idx, NULL); 372 if (err) 373 goto error; 374 result->params[parse.idx].cipher = parse.p.cipher; 375 result->params[parse.idx].key_len = parse.p.key_len; 376 result->params[parse.idx].key = result->data[parse.idx]; 377 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len); 378 } 379 380 return result; 381 error: 382 kfree(result); 383 return ERR_PTR(err); 384 } 385 386 static int nl80211_key_allowed(struct wireless_dev *wdev) 387 { 388 ASSERT_WDEV_LOCK(wdev); 389 390 if (!netif_running(wdev->netdev)) 391 return -ENETDOWN; 392 393 switch (wdev->iftype) { 394 case NL80211_IFTYPE_AP: 395 case NL80211_IFTYPE_AP_VLAN: 396 break; 397 case NL80211_IFTYPE_ADHOC: 398 if (!wdev->current_bss) 399 return -ENOLINK; 400 break; 401 case NL80211_IFTYPE_STATION: 402 if (wdev->sme_state != CFG80211_SME_CONNECTED) 403 return -ENOLINK; 404 break; 405 default: 406 return -EINVAL; 407 } 408 409 return 0; 410 } 411 412 static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags, 413 struct cfg80211_registered_device *dev) 414 { 415 void *hdr; 416 struct nlattr *nl_bands, *nl_band; 417 struct nlattr *nl_freqs, *nl_freq; 418 struct nlattr *nl_rates, *nl_rate; 419 struct nlattr *nl_modes; 420 struct nlattr *nl_cmds; 421 enum ieee80211_band band; 422 struct ieee80211_channel *chan; 423 struct ieee80211_rate *rate; 424 int i; 425 u16 ifmodes = dev->wiphy.interface_modes; 426 427 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_WIPHY); 428 if (!hdr) 429 return -1; 430 431 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx); 432 NLA_PUT_STRING(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy)); 433 434 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 435 cfg80211_rdev_list_generation); 436 437 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT, 438 dev->wiphy.retry_short); 439 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_LONG, 440 dev->wiphy.retry_long); 441 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, 442 dev->wiphy.frag_threshold); 443 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, 444 dev->wiphy.rts_threshold); 445 446 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS, 447 dev->wiphy.max_scan_ssids); 448 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN, 449 dev->wiphy.max_scan_ie_len); 450 451 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES, 452 sizeof(u32) * dev->wiphy.n_cipher_suites, 453 dev->wiphy.cipher_suites); 454 455 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_PMKIDS, 456 dev->wiphy.max_num_pmkids); 457 458 nl_modes = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_IFTYPES); 459 if (!nl_modes) 460 goto nla_put_failure; 461 462 i = 0; 463 while (ifmodes) { 464 if (ifmodes & 1) 465 NLA_PUT_FLAG(msg, i); 466 ifmodes >>= 1; 467 i++; 468 } 469 470 nla_nest_end(msg, nl_modes); 471 472 nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS); 473 if (!nl_bands) 474 goto nla_put_failure; 475 476 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 477 if (!dev->wiphy.bands[band]) 478 continue; 479 480 nl_band = nla_nest_start(msg, band); 481 if (!nl_band) 482 goto nla_put_failure; 483 484 /* add HT info */ 485 if (dev->wiphy.bands[band]->ht_cap.ht_supported) { 486 NLA_PUT(msg, NL80211_BAND_ATTR_HT_MCS_SET, 487 sizeof(dev->wiphy.bands[band]->ht_cap.mcs), 488 &dev->wiphy.bands[band]->ht_cap.mcs); 489 NLA_PUT_U16(msg, NL80211_BAND_ATTR_HT_CAPA, 490 dev->wiphy.bands[band]->ht_cap.cap); 491 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR, 492 dev->wiphy.bands[band]->ht_cap.ampdu_factor); 493 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY, 494 dev->wiphy.bands[band]->ht_cap.ampdu_density); 495 } 496 497 /* add frequencies */ 498 nl_freqs = nla_nest_start(msg, NL80211_BAND_ATTR_FREQS); 499 if (!nl_freqs) 500 goto nla_put_failure; 501 502 for (i = 0; i < dev->wiphy.bands[band]->n_channels; i++) { 503 nl_freq = nla_nest_start(msg, i); 504 if (!nl_freq) 505 goto nla_put_failure; 506 507 chan = &dev->wiphy.bands[band]->channels[i]; 508 509 if (nl80211_msg_put_channel(msg, chan)) 510 goto nla_put_failure; 511 512 nla_nest_end(msg, nl_freq); 513 } 514 515 nla_nest_end(msg, nl_freqs); 516 517 /* add bitrates */ 518 nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES); 519 if (!nl_rates) 520 goto nla_put_failure; 521 522 for (i = 0; i < dev->wiphy.bands[band]->n_bitrates; i++) { 523 nl_rate = nla_nest_start(msg, i); 524 if (!nl_rate) 525 goto nla_put_failure; 526 527 rate = &dev->wiphy.bands[band]->bitrates[i]; 528 NLA_PUT_U32(msg, NL80211_BITRATE_ATTR_RATE, 529 rate->bitrate); 530 if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) 531 NLA_PUT_FLAG(msg, 532 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE); 533 534 nla_nest_end(msg, nl_rate); 535 } 536 537 nla_nest_end(msg, nl_rates); 538 539 nla_nest_end(msg, nl_band); 540 } 541 nla_nest_end(msg, nl_bands); 542 543 nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS); 544 if (!nl_cmds) 545 goto nla_put_failure; 546 547 i = 0; 548 #define CMD(op, n) \ 549 do { \ 550 if (dev->ops->op) { \ 551 i++; \ 552 NLA_PUT_U32(msg, i, NL80211_CMD_ ## n); \ 553 } \ 554 } while (0) 555 556 CMD(add_virtual_intf, NEW_INTERFACE); 557 CMD(change_virtual_intf, SET_INTERFACE); 558 CMD(add_key, NEW_KEY); 559 CMD(add_beacon, NEW_BEACON); 560 CMD(add_station, NEW_STATION); 561 CMD(add_mpath, NEW_MPATH); 562 CMD(set_mesh_params, SET_MESH_PARAMS); 563 CMD(change_bss, SET_BSS); 564 CMD(auth, AUTHENTICATE); 565 CMD(assoc, ASSOCIATE); 566 CMD(deauth, DEAUTHENTICATE); 567 CMD(disassoc, DISASSOCIATE); 568 CMD(join_ibss, JOIN_IBSS); 569 CMD(set_pmksa, SET_PMKSA); 570 CMD(del_pmksa, DEL_PMKSA); 571 CMD(flush_pmksa, FLUSH_PMKSA); 572 if (dev->wiphy.flags & WIPHY_FLAG_NETNS_OK) { 573 i++; 574 NLA_PUT_U32(msg, i, NL80211_CMD_SET_WIPHY_NETNS); 575 } 576 577 #undef CMD 578 579 if (dev->ops->connect || dev->ops->auth) { 580 i++; 581 NLA_PUT_U32(msg, i, NL80211_CMD_CONNECT); 582 } 583 584 if (dev->ops->disconnect || dev->ops->deauth) { 585 i++; 586 NLA_PUT_U32(msg, i, NL80211_CMD_DISCONNECT); 587 } 588 589 nla_nest_end(msg, nl_cmds); 590 591 return genlmsg_end(msg, hdr); 592 593 nla_put_failure: 594 genlmsg_cancel(msg, hdr); 595 return -EMSGSIZE; 596 } 597 598 static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb) 599 { 600 int idx = 0; 601 int start = cb->args[0]; 602 struct cfg80211_registered_device *dev; 603 604 mutex_lock(&cfg80211_mutex); 605 list_for_each_entry(dev, &cfg80211_rdev_list, list) { 606 if (!net_eq(wiphy_net(&dev->wiphy), sock_net(skb->sk))) 607 continue; 608 if (++idx <= start) 609 continue; 610 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid, 611 cb->nlh->nlmsg_seq, NLM_F_MULTI, 612 dev) < 0) { 613 idx--; 614 break; 615 } 616 } 617 mutex_unlock(&cfg80211_mutex); 618 619 cb->args[0] = idx; 620 621 return skb->len; 622 } 623 624 static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info) 625 { 626 struct sk_buff *msg; 627 struct cfg80211_registered_device *dev; 628 629 dev = cfg80211_get_dev_from_info(info); 630 if (IS_ERR(dev)) 631 return PTR_ERR(dev); 632 633 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 634 if (!msg) 635 goto out_err; 636 637 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0) 638 goto out_free; 639 640 cfg80211_unlock_rdev(dev); 641 642 return genlmsg_reply(msg, info); 643 644 out_free: 645 nlmsg_free(msg); 646 out_err: 647 cfg80211_unlock_rdev(dev); 648 return -ENOBUFS; 649 } 650 651 static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = { 652 [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 }, 653 [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 }, 654 [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 }, 655 [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 }, 656 [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 }, 657 }; 658 659 static int parse_txq_params(struct nlattr *tb[], 660 struct ieee80211_txq_params *txq_params) 661 { 662 if (!tb[NL80211_TXQ_ATTR_QUEUE] || !tb[NL80211_TXQ_ATTR_TXOP] || 663 !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] || 664 !tb[NL80211_TXQ_ATTR_AIFS]) 665 return -EINVAL; 666 667 txq_params->queue = nla_get_u8(tb[NL80211_TXQ_ATTR_QUEUE]); 668 txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]); 669 txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]); 670 txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]); 671 txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]); 672 673 return 0; 674 } 675 676 static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info) 677 { 678 struct cfg80211_registered_device *rdev; 679 int result = 0, rem_txq_params = 0; 680 struct nlattr *nl_txq_params; 681 u32 changed; 682 u8 retry_short = 0, retry_long = 0; 683 u32 frag_threshold = 0, rts_threshold = 0; 684 685 rtnl_lock(); 686 687 mutex_lock(&cfg80211_mutex); 688 689 rdev = __cfg80211_rdev_from_info(info); 690 if (IS_ERR(rdev)) { 691 mutex_unlock(&cfg80211_mutex); 692 result = PTR_ERR(rdev); 693 goto unlock; 694 } 695 696 mutex_lock(&rdev->mtx); 697 698 if (info->attrs[NL80211_ATTR_WIPHY_NAME]) 699 result = cfg80211_dev_rename( 700 rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME])); 701 702 mutex_unlock(&cfg80211_mutex); 703 704 if (result) 705 goto bad_res; 706 707 if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) { 708 struct ieee80211_txq_params txq_params; 709 struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1]; 710 711 if (!rdev->ops->set_txq_params) { 712 result = -EOPNOTSUPP; 713 goto bad_res; 714 } 715 716 nla_for_each_nested(nl_txq_params, 717 info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS], 718 rem_txq_params) { 719 nla_parse(tb, NL80211_TXQ_ATTR_MAX, 720 nla_data(nl_txq_params), 721 nla_len(nl_txq_params), 722 txq_params_policy); 723 result = parse_txq_params(tb, &txq_params); 724 if (result) 725 goto bad_res; 726 727 result = rdev->ops->set_txq_params(&rdev->wiphy, 728 &txq_params); 729 if (result) 730 goto bad_res; 731 } 732 } 733 734 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 735 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 736 u32 freq; 737 738 result = -EINVAL; 739 740 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 741 channel_type = nla_get_u32(info->attrs[ 742 NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 743 if (channel_type != NL80211_CHAN_NO_HT && 744 channel_type != NL80211_CHAN_HT20 && 745 channel_type != NL80211_CHAN_HT40PLUS && 746 channel_type != NL80211_CHAN_HT40MINUS) 747 goto bad_res; 748 } 749 750 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 751 752 mutex_lock(&rdev->devlist_mtx); 753 result = rdev_set_freq(rdev, NULL, freq, channel_type); 754 mutex_unlock(&rdev->devlist_mtx); 755 if (result) 756 goto bad_res; 757 } 758 759 changed = 0; 760 761 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) { 762 retry_short = nla_get_u8( 763 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]); 764 if (retry_short == 0) { 765 result = -EINVAL; 766 goto bad_res; 767 } 768 changed |= WIPHY_PARAM_RETRY_SHORT; 769 } 770 771 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) { 772 retry_long = nla_get_u8( 773 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]); 774 if (retry_long == 0) { 775 result = -EINVAL; 776 goto bad_res; 777 } 778 changed |= WIPHY_PARAM_RETRY_LONG; 779 } 780 781 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) { 782 frag_threshold = nla_get_u32( 783 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]); 784 if (frag_threshold < 256) { 785 result = -EINVAL; 786 goto bad_res; 787 } 788 if (frag_threshold != (u32) -1) { 789 /* 790 * Fragments (apart from the last one) are required to 791 * have even length. Make the fragmentation code 792 * simpler by stripping LSB should someone try to use 793 * odd threshold value. 794 */ 795 frag_threshold &= ~0x1; 796 } 797 changed |= WIPHY_PARAM_FRAG_THRESHOLD; 798 } 799 800 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) { 801 rts_threshold = nla_get_u32( 802 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]); 803 changed |= WIPHY_PARAM_RTS_THRESHOLD; 804 } 805 806 if (changed) { 807 u8 old_retry_short, old_retry_long; 808 u32 old_frag_threshold, old_rts_threshold; 809 810 if (!rdev->ops->set_wiphy_params) { 811 result = -EOPNOTSUPP; 812 goto bad_res; 813 } 814 815 old_retry_short = rdev->wiphy.retry_short; 816 old_retry_long = rdev->wiphy.retry_long; 817 old_frag_threshold = rdev->wiphy.frag_threshold; 818 old_rts_threshold = rdev->wiphy.rts_threshold; 819 820 if (changed & WIPHY_PARAM_RETRY_SHORT) 821 rdev->wiphy.retry_short = retry_short; 822 if (changed & WIPHY_PARAM_RETRY_LONG) 823 rdev->wiphy.retry_long = retry_long; 824 if (changed & WIPHY_PARAM_FRAG_THRESHOLD) 825 rdev->wiphy.frag_threshold = frag_threshold; 826 if (changed & WIPHY_PARAM_RTS_THRESHOLD) 827 rdev->wiphy.rts_threshold = rts_threshold; 828 829 result = rdev->ops->set_wiphy_params(&rdev->wiphy, changed); 830 if (result) { 831 rdev->wiphy.retry_short = old_retry_short; 832 rdev->wiphy.retry_long = old_retry_long; 833 rdev->wiphy.frag_threshold = old_frag_threshold; 834 rdev->wiphy.rts_threshold = old_rts_threshold; 835 } 836 } 837 838 bad_res: 839 mutex_unlock(&rdev->mtx); 840 unlock: 841 rtnl_unlock(); 842 return result; 843 } 844 845 846 static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags, 847 struct cfg80211_registered_device *rdev, 848 struct net_device *dev) 849 { 850 void *hdr; 851 852 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_INTERFACE); 853 if (!hdr) 854 return -1; 855 856 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 857 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 858 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, dev->name); 859 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, dev->ieee80211_ptr->iftype); 860 861 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 862 rdev->devlist_generation ^ 863 (cfg80211_rdev_list_generation << 2)); 864 865 return genlmsg_end(msg, hdr); 866 867 nla_put_failure: 868 genlmsg_cancel(msg, hdr); 869 return -EMSGSIZE; 870 } 871 872 static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb) 873 { 874 int wp_idx = 0; 875 int if_idx = 0; 876 int wp_start = cb->args[0]; 877 int if_start = cb->args[1]; 878 struct cfg80211_registered_device *rdev; 879 struct wireless_dev *wdev; 880 881 mutex_lock(&cfg80211_mutex); 882 list_for_each_entry(rdev, &cfg80211_rdev_list, list) { 883 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk))) 884 continue; 885 if (wp_idx < wp_start) { 886 wp_idx++; 887 continue; 888 } 889 if_idx = 0; 890 891 mutex_lock(&rdev->devlist_mtx); 892 list_for_each_entry(wdev, &rdev->netdev_list, list) { 893 if (if_idx < if_start) { 894 if_idx++; 895 continue; 896 } 897 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid, 898 cb->nlh->nlmsg_seq, NLM_F_MULTI, 899 rdev, wdev->netdev) < 0) { 900 mutex_unlock(&rdev->devlist_mtx); 901 goto out; 902 } 903 if_idx++; 904 } 905 mutex_unlock(&rdev->devlist_mtx); 906 907 wp_idx++; 908 } 909 out: 910 mutex_unlock(&cfg80211_mutex); 911 912 cb->args[0] = wp_idx; 913 cb->args[1] = if_idx; 914 915 return skb->len; 916 } 917 918 static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info) 919 { 920 struct sk_buff *msg; 921 struct cfg80211_registered_device *dev; 922 struct net_device *netdev; 923 int err; 924 925 err = get_rdev_dev_by_info_ifindex(info, &dev, &netdev); 926 if (err) 927 return err; 928 929 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 930 if (!msg) 931 goto out_err; 932 933 if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0, 934 dev, netdev) < 0) 935 goto out_free; 936 937 dev_put(netdev); 938 cfg80211_unlock_rdev(dev); 939 940 return genlmsg_reply(msg, info); 941 942 out_free: 943 nlmsg_free(msg); 944 out_err: 945 dev_put(netdev); 946 cfg80211_unlock_rdev(dev); 947 return -ENOBUFS; 948 } 949 950 static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = { 951 [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG }, 952 [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG }, 953 [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG }, 954 [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG }, 955 [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG }, 956 }; 957 958 static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags) 959 { 960 struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1]; 961 int flag; 962 963 *mntrflags = 0; 964 965 if (!nla) 966 return -EINVAL; 967 968 if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX, 969 nla, mntr_flags_policy)) 970 return -EINVAL; 971 972 for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++) 973 if (flags[flag]) 974 *mntrflags |= (1<<flag); 975 976 return 0; 977 } 978 979 static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev, 980 struct net_device *netdev, u8 use_4addr, 981 enum nl80211_iftype iftype) 982 { 983 if (!use_4addr) { 984 if (netdev && netdev->br_port) 985 return -EBUSY; 986 return 0; 987 } 988 989 switch (iftype) { 990 case NL80211_IFTYPE_AP_VLAN: 991 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP) 992 return 0; 993 break; 994 case NL80211_IFTYPE_STATION: 995 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION) 996 return 0; 997 break; 998 default: 999 break; 1000 } 1001 1002 return -EOPNOTSUPP; 1003 } 1004 1005 static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info) 1006 { 1007 struct cfg80211_registered_device *rdev; 1008 struct vif_params params; 1009 int err; 1010 enum nl80211_iftype otype, ntype; 1011 struct net_device *dev; 1012 u32 _flags, *flags = NULL; 1013 bool change = false; 1014 1015 memset(¶ms, 0, sizeof(params)); 1016 1017 rtnl_lock(); 1018 1019 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 1020 if (err) 1021 goto unlock_rtnl; 1022 1023 otype = ntype = dev->ieee80211_ptr->iftype; 1024 1025 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1026 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1027 if (otype != ntype) 1028 change = true; 1029 if (ntype > NL80211_IFTYPE_MAX) { 1030 err = -EINVAL; 1031 goto unlock; 1032 } 1033 } 1034 1035 if (info->attrs[NL80211_ATTR_MESH_ID]) { 1036 if (ntype != NL80211_IFTYPE_MESH_POINT) { 1037 err = -EINVAL; 1038 goto unlock; 1039 } 1040 params.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]); 1041 params.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1042 change = true; 1043 } 1044 1045 if (info->attrs[NL80211_ATTR_4ADDR]) { 1046 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1047 change = true; 1048 err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype); 1049 if (err) 1050 goto unlock; 1051 } else { 1052 params.use_4addr = -1; 1053 } 1054 1055 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) { 1056 if (ntype != NL80211_IFTYPE_MONITOR) { 1057 err = -EINVAL; 1058 goto unlock; 1059 } 1060 err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS], 1061 &_flags); 1062 if (err) 1063 goto unlock; 1064 1065 flags = &_flags; 1066 change = true; 1067 } 1068 1069 if (change) 1070 err = cfg80211_change_iface(rdev, dev, ntype, flags, ¶ms); 1071 else 1072 err = 0; 1073 1074 if (!err && params.use_4addr != -1) 1075 dev->ieee80211_ptr->use_4addr = params.use_4addr; 1076 1077 unlock: 1078 dev_put(dev); 1079 cfg80211_unlock_rdev(rdev); 1080 unlock_rtnl: 1081 rtnl_unlock(); 1082 return err; 1083 } 1084 1085 static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) 1086 { 1087 struct cfg80211_registered_device *rdev; 1088 struct vif_params params; 1089 int err; 1090 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED; 1091 u32 flags; 1092 1093 memset(¶ms, 0, sizeof(params)); 1094 1095 if (!info->attrs[NL80211_ATTR_IFNAME]) 1096 return -EINVAL; 1097 1098 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1099 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1100 if (type > NL80211_IFTYPE_MAX) 1101 return -EINVAL; 1102 } 1103 1104 rtnl_lock(); 1105 1106 rdev = cfg80211_get_dev_from_info(info); 1107 if (IS_ERR(rdev)) { 1108 err = PTR_ERR(rdev); 1109 goto unlock_rtnl; 1110 } 1111 1112 if (!rdev->ops->add_virtual_intf || 1113 !(rdev->wiphy.interface_modes & (1 << type))) { 1114 err = -EOPNOTSUPP; 1115 goto unlock; 1116 } 1117 1118 if (type == NL80211_IFTYPE_MESH_POINT && 1119 info->attrs[NL80211_ATTR_MESH_ID]) { 1120 params.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]); 1121 params.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1122 } 1123 1124 if (info->attrs[NL80211_ATTR_4ADDR]) { 1125 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1126 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type); 1127 if (err) 1128 goto unlock; 1129 } 1130 1131 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ? 1132 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL, 1133 &flags); 1134 err = rdev->ops->add_virtual_intf(&rdev->wiphy, 1135 nla_data(info->attrs[NL80211_ATTR_IFNAME]), 1136 type, err ? NULL : &flags, ¶ms); 1137 1138 unlock: 1139 cfg80211_unlock_rdev(rdev); 1140 unlock_rtnl: 1141 rtnl_unlock(); 1142 return err; 1143 } 1144 1145 static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info) 1146 { 1147 struct cfg80211_registered_device *rdev; 1148 int err; 1149 struct net_device *dev; 1150 1151 rtnl_lock(); 1152 1153 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 1154 if (err) 1155 goto unlock_rtnl; 1156 1157 if (!rdev->ops->del_virtual_intf) { 1158 err = -EOPNOTSUPP; 1159 goto out; 1160 } 1161 1162 err = rdev->ops->del_virtual_intf(&rdev->wiphy, dev); 1163 1164 out: 1165 cfg80211_unlock_rdev(rdev); 1166 dev_put(dev); 1167 unlock_rtnl: 1168 rtnl_unlock(); 1169 return err; 1170 } 1171 1172 struct get_key_cookie { 1173 struct sk_buff *msg; 1174 int error; 1175 int idx; 1176 }; 1177 1178 static void get_key_callback(void *c, struct key_params *params) 1179 { 1180 struct nlattr *key; 1181 struct get_key_cookie *cookie = c; 1182 1183 if (params->key) 1184 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_DATA, 1185 params->key_len, params->key); 1186 1187 if (params->seq) 1188 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_SEQ, 1189 params->seq_len, params->seq); 1190 1191 if (params->cipher) 1192 NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER, 1193 params->cipher); 1194 1195 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY); 1196 if (!key) 1197 goto nla_put_failure; 1198 1199 if (params->key) 1200 NLA_PUT(cookie->msg, NL80211_KEY_DATA, 1201 params->key_len, params->key); 1202 1203 if (params->seq) 1204 NLA_PUT(cookie->msg, NL80211_KEY_SEQ, 1205 params->seq_len, params->seq); 1206 1207 if (params->cipher) 1208 NLA_PUT_U32(cookie->msg, NL80211_KEY_CIPHER, 1209 params->cipher); 1210 1211 NLA_PUT_U8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx); 1212 1213 nla_nest_end(cookie->msg, key); 1214 1215 return; 1216 nla_put_failure: 1217 cookie->error = 1; 1218 } 1219 1220 static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info) 1221 { 1222 struct cfg80211_registered_device *rdev; 1223 int err; 1224 struct net_device *dev; 1225 u8 key_idx = 0; 1226 u8 *mac_addr = NULL; 1227 struct get_key_cookie cookie = { 1228 .error = 0, 1229 }; 1230 void *hdr; 1231 struct sk_buff *msg; 1232 1233 if (info->attrs[NL80211_ATTR_KEY_IDX]) 1234 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 1235 1236 if (key_idx > 5) 1237 return -EINVAL; 1238 1239 if (info->attrs[NL80211_ATTR_MAC]) 1240 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1241 1242 rtnl_lock(); 1243 1244 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 1245 if (err) 1246 goto unlock_rtnl; 1247 1248 if (!rdev->ops->get_key) { 1249 err = -EOPNOTSUPP; 1250 goto out; 1251 } 1252 1253 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1254 if (!msg) { 1255 err = -ENOMEM; 1256 goto out; 1257 } 1258 1259 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 1260 NL80211_CMD_NEW_KEY); 1261 1262 if (IS_ERR(hdr)) { 1263 err = PTR_ERR(hdr); 1264 goto free_msg; 1265 } 1266 1267 cookie.msg = msg; 1268 cookie.idx = key_idx; 1269 1270 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1271 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx); 1272 if (mac_addr) 1273 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 1274 1275 err = rdev->ops->get_key(&rdev->wiphy, dev, key_idx, mac_addr, 1276 &cookie, get_key_callback); 1277 1278 if (err) 1279 goto free_msg; 1280 1281 if (cookie.error) 1282 goto nla_put_failure; 1283 1284 genlmsg_end(msg, hdr); 1285 err = genlmsg_reply(msg, info); 1286 goto out; 1287 1288 nla_put_failure: 1289 err = -ENOBUFS; 1290 free_msg: 1291 nlmsg_free(msg); 1292 out: 1293 cfg80211_unlock_rdev(rdev); 1294 dev_put(dev); 1295 unlock_rtnl: 1296 rtnl_unlock(); 1297 1298 return err; 1299 } 1300 1301 static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info) 1302 { 1303 struct cfg80211_registered_device *rdev; 1304 struct key_parse key; 1305 int err; 1306 struct net_device *dev; 1307 int (*func)(struct wiphy *wiphy, struct net_device *netdev, 1308 u8 key_index); 1309 1310 err = nl80211_parse_key(info, &key); 1311 if (err) 1312 return err; 1313 1314 if (key.idx < 0) 1315 return -EINVAL; 1316 1317 /* only support setting default key */ 1318 if (!key.def && !key.defmgmt) 1319 return -EINVAL; 1320 1321 rtnl_lock(); 1322 1323 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 1324 if (err) 1325 goto unlock_rtnl; 1326 1327 if (key.def) 1328 func = rdev->ops->set_default_key; 1329 else 1330 func = rdev->ops->set_default_mgmt_key; 1331 1332 if (!func) { 1333 err = -EOPNOTSUPP; 1334 goto out; 1335 } 1336 1337 wdev_lock(dev->ieee80211_ptr); 1338 err = nl80211_key_allowed(dev->ieee80211_ptr); 1339 if (!err) 1340 err = func(&rdev->wiphy, dev, key.idx); 1341 1342 #ifdef CONFIG_CFG80211_WEXT 1343 if (!err) { 1344 if (func == rdev->ops->set_default_key) 1345 dev->ieee80211_ptr->wext.default_key = key.idx; 1346 else 1347 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx; 1348 } 1349 #endif 1350 wdev_unlock(dev->ieee80211_ptr); 1351 1352 out: 1353 cfg80211_unlock_rdev(rdev); 1354 dev_put(dev); 1355 1356 unlock_rtnl: 1357 rtnl_unlock(); 1358 1359 return err; 1360 } 1361 1362 static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info) 1363 { 1364 struct cfg80211_registered_device *rdev; 1365 int err; 1366 struct net_device *dev; 1367 struct key_parse key; 1368 u8 *mac_addr = NULL; 1369 1370 err = nl80211_parse_key(info, &key); 1371 if (err) 1372 return err; 1373 1374 if (!key.p.key) 1375 return -EINVAL; 1376 1377 if (info->attrs[NL80211_ATTR_MAC]) 1378 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1379 1380 rtnl_lock(); 1381 1382 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 1383 if (err) 1384 goto unlock_rtnl; 1385 1386 if (!rdev->ops->add_key) { 1387 err = -EOPNOTSUPP; 1388 goto out; 1389 } 1390 1391 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx, mac_addr)) { 1392 err = -EINVAL; 1393 goto out; 1394 } 1395 1396 wdev_lock(dev->ieee80211_ptr); 1397 err = nl80211_key_allowed(dev->ieee80211_ptr); 1398 if (!err) 1399 err = rdev->ops->add_key(&rdev->wiphy, dev, key.idx, 1400 mac_addr, &key.p); 1401 wdev_unlock(dev->ieee80211_ptr); 1402 1403 out: 1404 cfg80211_unlock_rdev(rdev); 1405 dev_put(dev); 1406 unlock_rtnl: 1407 rtnl_unlock(); 1408 1409 return err; 1410 } 1411 1412 static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info) 1413 { 1414 struct cfg80211_registered_device *rdev; 1415 int err; 1416 struct net_device *dev; 1417 u8 *mac_addr = NULL; 1418 struct key_parse key; 1419 1420 err = nl80211_parse_key(info, &key); 1421 if (err) 1422 return err; 1423 1424 if (info->attrs[NL80211_ATTR_MAC]) 1425 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1426 1427 rtnl_lock(); 1428 1429 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 1430 if (err) 1431 goto unlock_rtnl; 1432 1433 if (!rdev->ops->del_key) { 1434 err = -EOPNOTSUPP; 1435 goto out; 1436 } 1437 1438 wdev_lock(dev->ieee80211_ptr); 1439 err = nl80211_key_allowed(dev->ieee80211_ptr); 1440 if (!err) 1441 err = rdev->ops->del_key(&rdev->wiphy, dev, key.idx, mac_addr); 1442 1443 #ifdef CONFIG_CFG80211_WEXT 1444 if (!err) { 1445 if (key.idx == dev->ieee80211_ptr->wext.default_key) 1446 dev->ieee80211_ptr->wext.default_key = -1; 1447 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key) 1448 dev->ieee80211_ptr->wext.default_mgmt_key = -1; 1449 } 1450 #endif 1451 wdev_unlock(dev->ieee80211_ptr); 1452 1453 out: 1454 cfg80211_unlock_rdev(rdev); 1455 dev_put(dev); 1456 1457 unlock_rtnl: 1458 rtnl_unlock(); 1459 1460 return err; 1461 } 1462 1463 static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info) 1464 { 1465 int (*call)(struct wiphy *wiphy, struct net_device *dev, 1466 struct beacon_parameters *info); 1467 struct cfg80211_registered_device *rdev; 1468 int err; 1469 struct net_device *dev; 1470 struct beacon_parameters params; 1471 int haveinfo = 0; 1472 1473 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_BEACON_TAIL])) 1474 return -EINVAL; 1475 1476 rtnl_lock(); 1477 1478 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 1479 if (err) 1480 goto unlock_rtnl; 1481 1482 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP) { 1483 err = -EOPNOTSUPP; 1484 goto out; 1485 } 1486 1487 switch (info->genlhdr->cmd) { 1488 case NL80211_CMD_NEW_BEACON: 1489 /* these are required for NEW_BEACON */ 1490 if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] || 1491 !info->attrs[NL80211_ATTR_DTIM_PERIOD] || 1492 !info->attrs[NL80211_ATTR_BEACON_HEAD]) { 1493 err = -EINVAL; 1494 goto out; 1495 } 1496 1497 call = rdev->ops->add_beacon; 1498 break; 1499 case NL80211_CMD_SET_BEACON: 1500 call = rdev->ops->set_beacon; 1501 break; 1502 default: 1503 WARN_ON(1); 1504 err = -EOPNOTSUPP; 1505 goto out; 1506 } 1507 1508 if (!call) { 1509 err = -EOPNOTSUPP; 1510 goto out; 1511 } 1512 1513 memset(¶ms, 0, sizeof(params)); 1514 1515 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) { 1516 params.interval = 1517 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 1518 haveinfo = 1; 1519 } 1520 1521 if (info->attrs[NL80211_ATTR_DTIM_PERIOD]) { 1522 params.dtim_period = 1523 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]); 1524 haveinfo = 1; 1525 } 1526 1527 if (info->attrs[NL80211_ATTR_BEACON_HEAD]) { 1528 params.head = nla_data(info->attrs[NL80211_ATTR_BEACON_HEAD]); 1529 params.head_len = 1530 nla_len(info->attrs[NL80211_ATTR_BEACON_HEAD]); 1531 haveinfo = 1; 1532 } 1533 1534 if (info->attrs[NL80211_ATTR_BEACON_TAIL]) { 1535 params.tail = nla_data(info->attrs[NL80211_ATTR_BEACON_TAIL]); 1536 params.tail_len = 1537 nla_len(info->attrs[NL80211_ATTR_BEACON_TAIL]); 1538 haveinfo = 1; 1539 } 1540 1541 if (!haveinfo) { 1542 err = -EINVAL; 1543 goto out; 1544 } 1545 1546 err = call(&rdev->wiphy, dev, ¶ms); 1547 1548 out: 1549 cfg80211_unlock_rdev(rdev); 1550 dev_put(dev); 1551 unlock_rtnl: 1552 rtnl_unlock(); 1553 1554 return err; 1555 } 1556 1557 static int nl80211_del_beacon(struct sk_buff *skb, struct genl_info *info) 1558 { 1559 struct cfg80211_registered_device *rdev; 1560 int err; 1561 struct net_device *dev; 1562 1563 rtnl_lock(); 1564 1565 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 1566 if (err) 1567 goto unlock_rtnl; 1568 1569 if (!rdev->ops->del_beacon) { 1570 err = -EOPNOTSUPP; 1571 goto out; 1572 } 1573 1574 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP) { 1575 err = -EOPNOTSUPP; 1576 goto out; 1577 } 1578 err = rdev->ops->del_beacon(&rdev->wiphy, dev); 1579 1580 out: 1581 cfg80211_unlock_rdev(rdev); 1582 dev_put(dev); 1583 unlock_rtnl: 1584 rtnl_unlock(); 1585 1586 return err; 1587 } 1588 1589 static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = { 1590 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG }, 1591 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG }, 1592 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG }, 1593 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG }, 1594 }; 1595 1596 static int parse_station_flags(struct genl_info *info, 1597 struct station_parameters *params) 1598 { 1599 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1]; 1600 struct nlattr *nla; 1601 int flag; 1602 1603 /* 1604 * Try parsing the new attribute first so userspace 1605 * can specify both for older kernels. 1606 */ 1607 nla = info->attrs[NL80211_ATTR_STA_FLAGS2]; 1608 if (nla) { 1609 struct nl80211_sta_flag_update *sta_flags; 1610 1611 sta_flags = nla_data(nla); 1612 params->sta_flags_mask = sta_flags->mask; 1613 params->sta_flags_set = sta_flags->set; 1614 if ((params->sta_flags_mask | 1615 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID)) 1616 return -EINVAL; 1617 return 0; 1618 } 1619 1620 /* if present, parse the old attribute */ 1621 1622 nla = info->attrs[NL80211_ATTR_STA_FLAGS]; 1623 if (!nla) 1624 return 0; 1625 1626 if (nla_parse_nested(flags, NL80211_STA_FLAG_MAX, 1627 nla, sta_flags_policy)) 1628 return -EINVAL; 1629 1630 params->sta_flags_mask = (1 << __NL80211_STA_FLAG_AFTER_LAST) - 1; 1631 params->sta_flags_mask &= ~1; 1632 1633 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++) 1634 if (flags[flag]) 1635 params->sta_flags_set |= (1<<flag); 1636 1637 return 0; 1638 } 1639 1640 static u16 nl80211_calculate_bitrate(struct rate_info *rate) 1641 { 1642 int modulation, streams, bitrate; 1643 1644 if (!(rate->flags & RATE_INFO_FLAGS_MCS)) 1645 return rate->legacy; 1646 1647 /* the formula below does only work for MCS values smaller than 32 */ 1648 if (rate->mcs >= 32) 1649 return 0; 1650 1651 modulation = rate->mcs & 7; 1652 streams = (rate->mcs >> 3) + 1; 1653 1654 bitrate = (rate->flags & RATE_INFO_FLAGS_40_MHZ_WIDTH) ? 1655 13500000 : 6500000; 1656 1657 if (modulation < 4) 1658 bitrate *= (modulation + 1); 1659 else if (modulation == 4) 1660 bitrate *= (modulation + 2); 1661 else 1662 bitrate *= (modulation + 3); 1663 1664 bitrate *= streams; 1665 1666 if (rate->flags & RATE_INFO_FLAGS_SHORT_GI) 1667 bitrate = (bitrate / 9) * 10; 1668 1669 /* do NOT round down here */ 1670 return (bitrate + 50000) / 100000; 1671 } 1672 1673 static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq, 1674 int flags, struct net_device *dev, 1675 u8 *mac_addr, struct station_info *sinfo) 1676 { 1677 void *hdr; 1678 struct nlattr *sinfoattr, *txrate; 1679 u16 bitrate; 1680 1681 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 1682 if (!hdr) 1683 return -1; 1684 1685 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1686 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 1687 1688 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, sinfo->generation); 1689 1690 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO); 1691 if (!sinfoattr) 1692 goto nla_put_failure; 1693 if (sinfo->filled & STATION_INFO_INACTIVE_TIME) 1694 NLA_PUT_U32(msg, NL80211_STA_INFO_INACTIVE_TIME, 1695 sinfo->inactive_time); 1696 if (sinfo->filled & STATION_INFO_RX_BYTES) 1697 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_BYTES, 1698 sinfo->rx_bytes); 1699 if (sinfo->filled & STATION_INFO_TX_BYTES) 1700 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_BYTES, 1701 sinfo->tx_bytes); 1702 if (sinfo->filled & STATION_INFO_LLID) 1703 NLA_PUT_U16(msg, NL80211_STA_INFO_LLID, 1704 sinfo->llid); 1705 if (sinfo->filled & STATION_INFO_PLID) 1706 NLA_PUT_U16(msg, NL80211_STA_INFO_PLID, 1707 sinfo->plid); 1708 if (sinfo->filled & STATION_INFO_PLINK_STATE) 1709 NLA_PUT_U8(msg, NL80211_STA_INFO_PLINK_STATE, 1710 sinfo->plink_state); 1711 if (sinfo->filled & STATION_INFO_SIGNAL) 1712 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL, 1713 sinfo->signal); 1714 if (sinfo->filled & STATION_INFO_TX_BITRATE) { 1715 txrate = nla_nest_start(msg, NL80211_STA_INFO_TX_BITRATE); 1716 if (!txrate) 1717 goto nla_put_failure; 1718 1719 /* nl80211_calculate_bitrate will return 0 for mcs >= 32 */ 1720 bitrate = nl80211_calculate_bitrate(&sinfo->txrate); 1721 if (bitrate > 0) 1722 NLA_PUT_U16(msg, NL80211_RATE_INFO_BITRATE, bitrate); 1723 1724 if (sinfo->txrate.flags & RATE_INFO_FLAGS_MCS) 1725 NLA_PUT_U8(msg, NL80211_RATE_INFO_MCS, 1726 sinfo->txrate.mcs); 1727 if (sinfo->txrate.flags & RATE_INFO_FLAGS_40_MHZ_WIDTH) 1728 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_40_MHZ_WIDTH); 1729 if (sinfo->txrate.flags & RATE_INFO_FLAGS_SHORT_GI) 1730 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_SHORT_GI); 1731 1732 nla_nest_end(msg, txrate); 1733 } 1734 if (sinfo->filled & STATION_INFO_RX_PACKETS) 1735 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_PACKETS, 1736 sinfo->rx_packets); 1737 if (sinfo->filled & STATION_INFO_TX_PACKETS) 1738 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_PACKETS, 1739 sinfo->tx_packets); 1740 nla_nest_end(msg, sinfoattr); 1741 1742 return genlmsg_end(msg, hdr); 1743 1744 nla_put_failure: 1745 genlmsg_cancel(msg, hdr); 1746 return -EMSGSIZE; 1747 } 1748 1749 static int nl80211_dump_station(struct sk_buff *skb, 1750 struct netlink_callback *cb) 1751 { 1752 struct station_info sinfo; 1753 struct cfg80211_registered_device *dev; 1754 struct net_device *netdev; 1755 u8 mac_addr[ETH_ALEN]; 1756 int ifidx = cb->args[0]; 1757 int sta_idx = cb->args[1]; 1758 int err; 1759 1760 if (!ifidx) 1761 ifidx = nl80211_get_ifidx(cb); 1762 if (ifidx < 0) 1763 return ifidx; 1764 1765 rtnl_lock(); 1766 1767 netdev = __dev_get_by_index(sock_net(skb->sk), ifidx); 1768 if (!netdev) { 1769 err = -ENODEV; 1770 goto out_rtnl; 1771 } 1772 1773 dev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx); 1774 if (IS_ERR(dev)) { 1775 err = PTR_ERR(dev); 1776 goto out_rtnl; 1777 } 1778 1779 if (!dev->ops->dump_station) { 1780 err = -EOPNOTSUPP; 1781 goto out_err; 1782 } 1783 1784 while (1) { 1785 err = dev->ops->dump_station(&dev->wiphy, netdev, sta_idx, 1786 mac_addr, &sinfo); 1787 if (err == -ENOENT) 1788 break; 1789 if (err) 1790 goto out_err; 1791 1792 if (nl80211_send_station(skb, 1793 NETLINK_CB(cb->skb).pid, 1794 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1795 netdev, mac_addr, 1796 &sinfo) < 0) 1797 goto out; 1798 1799 sta_idx++; 1800 } 1801 1802 1803 out: 1804 cb->args[1] = sta_idx; 1805 err = skb->len; 1806 out_err: 1807 cfg80211_unlock_rdev(dev); 1808 out_rtnl: 1809 rtnl_unlock(); 1810 1811 return err; 1812 } 1813 1814 static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info) 1815 { 1816 struct cfg80211_registered_device *rdev; 1817 int err; 1818 struct net_device *dev; 1819 struct station_info sinfo; 1820 struct sk_buff *msg; 1821 u8 *mac_addr = NULL; 1822 1823 memset(&sinfo, 0, sizeof(sinfo)); 1824 1825 if (!info->attrs[NL80211_ATTR_MAC]) 1826 return -EINVAL; 1827 1828 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1829 1830 rtnl_lock(); 1831 1832 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 1833 if (err) 1834 goto out_rtnl; 1835 1836 if (!rdev->ops->get_station) { 1837 err = -EOPNOTSUPP; 1838 goto out; 1839 } 1840 1841 err = rdev->ops->get_station(&rdev->wiphy, dev, mac_addr, &sinfo); 1842 if (err) 1843 goto out; 1844 1845 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1846 if (!msg) 1847 goto out; 1848 1849 if (nl80211_send_station(msg, info->snd_pid, info->snd_seq, 0, 1850 dev, mac_addr, &sinfo) < 0) 1851 goto out_free; 1852 1853 err = genlmsg_reply(msg, info); 1854 goto out; 1855 1856 out_free: 1857 nlmsg_free(msg); 1858 out: 1859 cfg80211_unlock_rdev(rdev); 1860 dev_put(dev); 1861 out_rtnl: 1862 rtnl_unlock(); 1863 1864 return err; 1865 } 1866 1867 /* 1868 * Get vlan interface making sure it is running and on the right wiphy. 1869 */ 1870 static int get_vlan(struct genl_info *info, 1871 struct cfg80211_registered_device *rdev, 1872 struct net_device **vlan) 1873 { 1874 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN]; 1875 *vlan = NULL; 1876 1877 if (vlanattr) { 1878 *vlan = dev_get_by_index(genl_info_net(info), 1879 nla_get_u32(vlanattr)); 1880 if (!*vlan) 1881 return -ENODEV; 1882 if (!(*vlan)->ieee80211_ptr) 1883 return -EINVAL; 1884 if ((*vlan)->ieee80211_ptr->wiphy != &rdev->wiphy) 1885 return -EINVAL; 1886 if (!netif_running(*vlan)) 1887 return -ENETDOWN; 1888 } 1889 return 0; 1890 } 1891 1892 static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info) 1893 { 1894 struct cfg80211_registered_device *rdev; 1895 int err; 1896 struct net_device *dev; 1897 struct station_parameters params; 1898 u8 *mac_addr = NULL; 1899 1900 memset(¶ms, 0, sizeof(params)); 1901 1902 params.listen_interval = -1; 1903 1904 if (info->attrs[NL80211_ATTR_STA_AID]) 1905 return -EINVAL; 1906 1907 if (!info->attrs[NL80211_ATTR_MAC]) 1908 return -EINVAL; 1909 1910 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1911 1912 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) { 1913 params.supported_rates = 1914 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 1915 params.supported_rates_len = 1916 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 1917 } 1918 1919 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 1920 params.listen_interval = 1921 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 1922 1923 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 1924 params.ht_capa = 1925 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 1926 1927 if (parse_station_flags(info, ¶ms)) 1928 return -EINVAL; 1929 1930 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) 1931 params.plink_action = 1932 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]); 1933 1934 rtnl_lock(); 1935 1936 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 1937 if (err) 1938 goto out_rtnl; 1939 1940 err = get_vlan(info, rdev, ¶ms.vlan); 1941 if (err) 1942 goto out; 1943 1944 /* validate settings */ 1945 err = 0; 1946 1947 switch (dev->ieee80211_ptr->iftype) { 1948 case NL80211_IFTYPE_AP: 1949 case NL80211_IFTYPE_AP_VLAN: 1950 /* disallow mesh-specific things */ 1951 if (params.plink_action) 1952 err = -EINVAL; 1953 break; 1954 case NL80211_IFTYPE_STATION: 1955 /* disallow everything but AUTHORIZED flag */ 1956 if (params.plink_action) 1957 err = -EINVAL; 1958 if (params.vlan) 1959 err = -EINVAL; 1960 if (params.supported_rates) 1961 err = -EINVAL; 1962 if (params.ht_capa) 1963 err = -EINVAL; 1964 if (params.listen_interval >= 0) 1965 err = -EINVAL; 1966 if (params.sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED)) 1967 err = -EINVAL; 1968 break; 1969 case NL80211_IFTYPE_MESH_POINT: 1970 /* disallow things mesh doesn't support */ 1971 if (params.vlan) 1972 err = -EINVAL; 1973 if (params.ht_capa) 1974 err = -EINVAL; 1975 if (params.listen_interval >= 0) 1976 err = -EINVAL; 1977 if (params.supported_rates) 1978 err = -EINVAL; 1979 if (params.sta_flags_mask) 1980 err = -EINVAL; 1981 break; 1982 default: 1983 err = -EINVAL; 1984 } 1985 1986 if (err) 1987 goto out; 1988 1989 if (!rdev->ops->change_station) { 1990 err = -EOPNOTSUPP; 1991 goto out; 1992 } 1993 1994 err = rdev->ops->change_station(&rdev->wiphy, dev, mac_addr, ¶ms); 1995 1996 out: 1997 if (params.vlan) 1998 dev_put(params.vlan); 1999 cfg80211_unlock_rdev(rdev); 2000 dev_put(dev); 2001 out_rtnl: 2002 rtnl_unlock(); 2003 2004 return err; 2005 } 2006 2007 static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info) 2008 { 2009 struct cfg80211_registered_device *rdev; 2010 int err; 2011 struct net_device *dev; 2012 struct station_parameters params; 2013 u8 *mac_addr = NULL; 2014 2015 memset(¶ms, 0, sizeof(params)); 2016 2017 if (!info->attrs[NL80211_ATTR_MAC]) 2018 return -EINVAL; 2019 2020 if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2021 return -EINVAL; 2022 2023 if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) 2024 return -EINVAL; 2025 2026 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2027 params.supported_rates = 2028 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2029 params.supported_rates_len = 2030 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2031 params.listen_interval = 2032 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2033 2034 if (info->attrs[NL80211_ATTR_STA_AID]) { 2035 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]); 2036 if (!params.aid || params.aid > IEEE80211_MAX_AID) 2037 return -EINVAL; 2038 } 2039 2040 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2041 params.ht_capa = 2042 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2043 2044 if (parse_station_flags(info, ¶ms)) 2045 return -EINVAL; 2046 2047 rtnl_lock(); 2048 2049 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 2050 if (err) 2051 goto out_rtnl; 2052 2053 err = get_vlan(info, rdev, ¶ms.vlan); 2054 if (err) 2055 goto out; 2056 2057 /* validate settings */ 2058 err = 0; 2059 2060 switch (dev->ieee80211_ptr->iftype) { 2061 case NL80211_IFTYPE_AP: 2062 case NL80211_IFTYPE_AP_VLAN: 2063 /* all ok but must have AID */ 2064 if (!params.aid) 2065 err = -EINVAL; 2066 break; 2067 case NL80211_IFTYPE_MESH_POINT: 2068 /* disallow things mesh doesn't support */ 2069 if (params.vlan) 2070 err = -EINVAL; 2071 if (params.aid) 2072 err = -EINVAL; 2073 if (params.ht_capa) 2074 err = -EINVAL; 2075 if (params.listen_interval >= 0) 2076 err = -EINVAL; 2077 if (params.supported_rates) 2078 err = -EINVAL; 2079 if (params.sta_flags_mask) 2080 err = -EINVAL; 2081 break; 2082 default: 2083 err = -EINVAL; 2084 } 2085 2086 if (err) 2087 goto out; 2088 2089 if (!rdev->ops->add_station) { 2090 err = -EOPNOTSUPP; 2091 goto out; 2092 } 2093 2094 if (!netif_running(dev)) { 2095 err = -ENETDOWN; 2096 goto out; 2097 } 2098 2099 err = rdev->ops->add_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2100 2101 out: 2102 if (params.vlan) 2103 dev_put(params.vlan); 2104 cfg80211_unlock_rdev(rdev); 2105 dev_put(dev); 2106 out_rtnl: 2107 rtnl_unlock(); 2108 2109 return err; 2110 } 2111 2112 static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info) 2113 { 2114 struct cfg80211_registered_device *rdev; 2115 int err; 2116 struct net_device *dev; 2117 u8 *mac_addr = NULL; 2118 2119 if (info->attrs[NL80211_ATTR_MAC]) 2120 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2121 2122 rtnl_lock(); 2123 2124 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 2125 if (err) 2126 goto out_rtnl; 2127 2128 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2129 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 2130 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) { 2131 err = -EINVAL; 2132 goto out; 2133 } 2134 2135 if (!rdev->ops->del_station) { 2136 err = -EOPNOTSUPP; 2137 goto out; 2138 } 2139 2140 err = rdev->ops->del_station(&rdev->wiphy, dev, mac_addr); 2141 2142 out: 2143 cfg80211_unlock_rdev(rdev); 2144 dev_put(dev); 2145 out_rtnl: 2146 rtnl_unlock(); 2147 2148 return err; 2149 } 2150 2151 static int nl80211_send_mpath(struct sk_buff *msg, u32 pid, u32 seq, 2152 int flags, struct net_device *dev, 2153 u8 *dst, u8 *next_hop, 2154 struct mpath_info *pinfo) 2155 { 2156 void *hdr; 2157 struct nlattr *pinfoattr; 2158 2159 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 2160 if (!hdr) 2161 return -1; 2162 2163 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2164 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst); 2165 NLA_PUT(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop); 2166 2167 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, pinfo->generation); 2168 2169 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO); 2170 if (!pinfoattr) 2171 goto nla_put_failure; 2172 if (pinfo->filled & MPATH_INFO_FRAME_QLEN) 2173 NLA_PUT_U32(msg, NL80211_MPATH_INFO_FRAME_QLEN, 2174 pinfo->frame_qlen); 2175 if (pinfo->filled & MPATH_INFO_SN) 2176 NLA_PUT_U32(msg, NL80211_MPATH_INFO_SN, 2177 pinfo->sn); 2178 if (pinfo->filled & MPATH_INFO_METRIC) 2179 NLA_PUT_U32(msg, NL80211_MPATH_INFO_METRIC, 2180 pinfo->metric); 2181 if (pinfo->filled & MPATH_INFO_EXPTIME) 2182 NLA_PUT_U32(msg, NL80211_MPATH_INFO_EXPTIME, 2183 pinfo->exptime); 2184 if (pinfo->filled & MPATH_INFO_FLAGS) 2185 NLA_PUT_U8(msg, NL80211_MPATH_INFO_FLAGS, 2186 pinfo->flags); 2187 if (pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT) 2188 NLA_PUT_U32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT, 2189 pinfo->discovery_timeout); 2190 if (pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES) 2191 NLA_PUT_U8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES, 2192 pinfo->discovery_retries); 2193 2194 nla_nest_end(msg, pinfoattr); 2195 2196 return genlmsg_end(msg, hdr); 2197 2198 nla_put_failure: 2199 genlmsg_cancel(msg, hdr); 2200 return -EMSGSIZE; 2201 } 2202 2203 static int nl80211_dump_mpath(struct sk_buff *skb, 2204 struct netlink_callback *cb) 2205 { 2206 struct mpath_info pinfo; 2207 struct cfg80211_registered_device *dev; 2208 struct net_device *netdev; 2209 u8 dst[ETH_ALEN]; 2210 u8 next_hop[ETH_ALEN]; 2211 int ifidx = cb->args[0]; 2212 int path_idx = cb->args[1]; 2213 int err; 2214 2215 if (!ifidx) 2216 ifidx = nl80211_get_ifidx(cb); 2217 if (ifidx < 0) 2218 return ifidx; 2219 2220 rtnl_lock(); 2221 2222 netdev = __dev_get_by_index(sock_net(skb->sk), ifidx); 2223 if (!netdev) { 2224 err = -ENODEV; 2225 goto out_rtnl; 2226 } 2227 2228 dev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx); 2229 if (IS_ERR(dev)) { 2230 err = PTR_ERR(dev); 2231 goto out_rtnl; 2232 } 2233 2234 if (!dev->ops->dump_mpath) { 2235 err = -EOPNOTSUPP; 2236 goto out_err; 2237 } 2238 2239 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) { 2240 err = -EOPNOTSUPP; 2241 goto out_err; 2242 } 2243 2244 while (1) { 2245 err = dev->ops->dump_mpath(&dev->wiphy, netdev, path_idx, 2246 dst, next_hop, &pinfo); 2247 if (err == -ENOENT) 2248 break; 2249 if (err) 2250 goto out_err; 2251 2252 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).pid, 2253 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2254 netdev, dst, next_hop, 2255 &pinfo) < 0) 2256 goto out; 2257 2258 path_idx++; 2259 } 2260 2261 2262 out: 2263 cb->args[1] = path_idx; 2264 err = skb->len; 2265 out_err: 2266 cfg80211_unlock_rdev(dev); 2267 out_rtnl: 2268 rtnl_unlock(); 2269 2270 return err; 2271 } 2272 2273 static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info) 2274 { 2275 struct cfg80211_registered_device *rdev; 2276 int err; 2277 struct net_device *dev; 2278 struct mpath_info pinfo; 2279 struct sk_buff *msg; 2280 u8 *dst = NULL; 2281 u8 next_hop[ETH_ALEN]; 2282 2283 memset(&pinfo, 0, sizeof(pinfo)); 2284 2285 if (!info->attrs[NL80211_ATTR_MAC]) 2286 return -EINVAL; 2287 2288 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2289 2290 rtnl_lock(); 2291 2292 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 2293 if (err) 2294 goto out_rtnl; 2295 2296 if (!rdev->ops->get_mpath) { 2297 err = -EOPNOTSUPP; 2298 goto out; 2299 } 2300 2301 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) { 2302 err = -EOPNOTSUPP; 2303 goto out; 2304 } 2305 2306 err = rdev->ops->get_mpath(&rdev->wiphy, dev, dst, next_hop, &pinfo); 2307 if (err) 2308 goto out; 2309 2310 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2311 if (!msg) 2312 goto out; 2313 2314 if (nl80211_send_mpath(msg, info->snd_pid, info->snd_seq, 0, 2315 dev, dst, next_hop, &pinfo) < 0) 2316 goto out_free; 2317 2318 err = genlmsg_reply(msg, info); 2319 goto out; 2320 2321 out_free: 2322 nlmsg_free(msg); 2323 out: 2324 cfg80211_unlock_rdev(rdev); 2325 dev_put(dev); 2326 out_rtnl: 2327 rtnl_unlock(); 2328 2329 return err; 2330 } 2331 2332 static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info) 2333 { 2334 struct cfg80211_registered_device *rdev; 2335 int err; 2336 struct net_device *dev; 2337 u8 *dst = NULL; 2338 u8 *next_hop = NULL; 2339 2340 if (!info->attrs[NL80211_ATTR_MAC]) 2341 return -EINVAL; 2342 2343 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 2344 return -EINVAL; 2345 2346 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2347 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 2348 2349 rtnl_lock(); 2350 2351 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 2352 if (err) 2353 goto out_rtnl; 2354 2355 if (!rdev->ops->change_mpath) { 2356 err = -EOPNOTSUPP; 2357 goto out; 2358 } 2359 2360 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) { 2361 err = -EOPNOTSUPP; 2362 goto out; 2363 } 2364 2365 if (!netif_running(dev)) { 2366 err = -ENETDOWN; 2367 goto out; 2368 } 2369 2370 err = rdev->ops->change_mpath(&rdev->wiphy, dev, dst, next_hop); 2371 2372 out: 2373 cfg80211_unlock_rdev(rdev); 2374 dev_put(dev); 2375 out_rtnl: 2376 rtnl_unlock(); 2377 2378 return err; 2379 } 2380 static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info) 2381 { 2382 struct cfg80211_registered_device *rdev; 2383 int err; 2384 struct net_device *dev; 2385 u8 *dst = NULL; 2386 u8 *next_hop = NULL; 2387 2388 if (!info->attrs[NL80211_ATTR_MAC]) 2389 return -EINVAL; 2390 2391 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 2392 return -EINVAL; 2393 2394 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2395 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 2396 2397 rtnl_lock(); 2398 2399 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 2400 if (err) 2401 goto out_rtnl; 2402 2403 if (!rdev->ops->add_mpath) { 2404 err = -EOPNOTSUPP; 2405 goto out; 2406 } 2407 2408 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) { 2409 err = -EOPNOTSUPP; 2410 goto out; 2411 } 2412 2413 if (!netif_running(dev)) { 2414 err = -ENETDOWN; 2415 goto out; 2416 } 2417 2418 err = rdev->ops->add_mpath(&rdev->wiphy, dev, dst, next_hop); 2419 2420 out: 2421 cfg80211_unlock_rdev(rdev); 2422 dev_put(dev); 2423 out_rtnl: 2424 rtnl_unlock(); 2425 2426 return err; 2427 } 2428 2429 static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info) 2430 { 2431 struct cfg80211_registered_device *rdev; 2432 int err; 2433 struct net_device *dev; 2434 u8 *dst = NULL; 2435 2436 if (info->attrs[NL80211_ATTR_MAC]) 2437 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2438 2439 rtnl_lock(); 2440 2441 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 2442 if (err) 2443 goto out_rtnl; 2444 2445 if (!rdev->ops->del_mpath) { 2446 err = -EOPNOTSUPP; 2447 goto out; 2448 } 2449 2450 err = rdev->ops->del_mpath(&rdev->wiphy, dev, dst); 2451 2452 out: 2453 cfg80211_unlock_rdev(rdev); 2454 dev_put(dev); 2455 out_rtnl: 2456 rtnl_unlock(); 2457 2458 return err; 2459 } 2460 2461 static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info) 2462 { 2463 struct cfg80211_registered_device *rdev; 2464 int err; 2465 struct net_device *dev; 2466 struct bss_parameters params; 2467 2468 memset(¶ms, 0, sizeof(params)); 2469 /* default to not changing parameters */ 2470 params.use_cts_prot = -1; 2471 params.use_short_preamble = -1; 2472 params.use_short_slot_time = -1; 2473 2474 if (info->attrs[NL80211_ATTR_BSS_CTS_PROT]) 2475 params.use_cts_prot = 2476 nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]); 2477 if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]) 2478 params.use_short_preamble = 2479 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]); 2480 if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]) 2481 params.use_short_slot_time = 2482 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]); 2483 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 2484 params.basic_rates = 2485 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 2486 params.basic_rates_len = 2487 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 2488 } 2489 2490 rtnl_lock(); 2491 2492 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 2493 if (err) 2494 goto out_rtnl; 2495 2496 if (!rdev->ops->change_bss) { 2497 err = -EOPNOTSUPP; 2498 goto out; 2499 } 2500 2501 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP) { 2502 err = -EOPNOTSUPP; 2503 goto out; 2504 } 2505 2506 err = rdev->ops->change_bss(&rdev->wiphy, dev, ¶ms); 2507 2508 out: 2509 cfg80211_unlock_rdev(rdev); 2510 dev_put(dev); 2511 out_rtnl: 2512 rtnl_unlock(); 2513 2514 return err; 2515 } 2516 2517 static const struct nla_policy 2518 reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = { 2519 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 }, 2520 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 }, 2521 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 }, 2522 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 }, 2523 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 }, 2524 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 }, 2525 }; 2526 2527 static int parse_reg_rule(struct nlattr *tb[], 2528 struct ieee80211_reg_rule *reg_rule) 2529 { 2530 struct ieee80211_freq_range *freq_range = ®_rule->freq_range; 2531 struct ieee80211_power_rule *power_rule = ®_rule->power_rule; 2532 2533 if (!tb[NL80211_ATTR_REG_RULE_FLAGS]) 2534 return -EINVAL; 2535 if (!tb[NL80211_ATTR_FREQ_RANGE_START]) 2536 return -EINVAL; 2537 if (!tb[NL80211_ATTR_FREQ_RANGE_END]) 2538 return -EINVAL; 2539 if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) 2540 return -EINVAL; 2541 if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]) 2542 return -EINVAL; 2543 2544 reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]); 2545 2546 freq_range->start_freq_khz = 2547 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]); 2548 freq_range->end_freq_khz = 2549 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]); 2550 freq_range->max_bandwidth_khz = 2551 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]); 2552 2553 power_rule->max_eirp = 2554 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]); 2555 2556 if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]) 2557 power_rule->max_antenna_gain = 2558 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]); 2559 2560 return 0; 2561 } 2562 2563 static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info) 2564 { 2565 int r; 2566 char *data = NULL; 2567 2568 /* 2569 * You should only get this when cfg80211 hasn't yet initialized 2570 * completely when built-in to the kernel right between the time 2571 * window between nl80211_init() and regulatory_init(), if that is 2572 * even possible. 2573 */ 2574 mutex_lock(&cfg80211_mutex); 2575 if (unlikely(!cfg80211_regdomain)) { 2576 mutex_unlock(&cfg80211_mutex); 2577 return -EINPROGRESS; 2578 } 2579 mutex_unlock(&cfg80211_mutex); 2580 2581 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 2582 return -EINVAL; 2583 2584 data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 2585 2586 #ifdef CONFIG_WIRELESS_OLD_REGULATORY 2587 /* We ignore world regdom requests with the old regdom setup */ 2588 if (is_world_regdom(data)) 2589 return -EINVAL; 2590 #endif 2591 2592 r = regulatory_hint_user(data); 2593 2594 return r; 2595 } 2596 2597 static int nl80211_get_mesh_params(struct sk_buff *skb, 2598 struct genl_info *info) 2599 { 2600 struct cfg80211_registered_device *rdev; 2601 struct mesh_config cur_params; 2602 int err; 2603 struct net_device *dev; 2604 void *hdr; 2605 struct nlattr *pinfoattr; 2606 struct sk_buff *msg; 2607 2608 rtnl_lock(); 2609 2610 /* Look up our device */ 2611 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 2612 if (err) 2613 goto out_rtnl; 2614 2615 if (!rdev->ops->get_mesh_params) { 2616 err = -EOPNOTSUPP; 2617 goto out; 2618 } 2619 2620 /* Get the mesh params */ 2621 err = rdev->ops->get_mesh_params(&rdev->wiphy, dev, &cur_params); 2622 if (err) 2623 goto out; 2624 2625 /* Draw up a netlink message to send back */ 2626 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2627 if (!msg) { 2628 err = -ENOBUFS; 2629 goto out; 2630 } 2631 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 2632 NL80211_CMD_GET_MESH_PARAMS); 2633 if (!hdr) 2634 goto nla_put_failure; 2635 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MESH_PARAMS); 2636 if (!pinfoattr) 2637 goto nla_put_failure; 2638 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2639 NLA_PUT_U16(msg, NL80211_MESHCONF_RETRY_TIMEOUT, 2640 cur_params.dot11MeshRetryTimeout); 2641 NLA_PUT_U16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT, 2642 cur_params.dot11MeshConfirmTimeout); 2643 NLA_PUT_U16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT, 2644 cur_params.dot11MeshHoldingTimeout); 2645 NLA_PUT_U16(msg, NL80211_MESHCONF_MAX_PEER_LINKS, 2646 cur_params.dot11MeshMaxPeerLinks); 2647 NLA_PUT_U8(msg, NL80211_MESHCONF_MAX_RETRIES, 2648 cur_params.dot11MeshMaxRetries); 2649 NLA_PUT_U8(msg, NL80211_MESHCONF_TTL, 2650 cur_params.dot11MeshTTL); 2651 NLA_PUT_U8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 2652 cur_params.auto_open_plinks); 2653 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 2654 cur_params.dot11MeshHWMPmaxPREQretries); 2655 NLA_PUT_U32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME, 2656 cur_params.path_refresh_time); 2657 NLA_PUT_U16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 2658 cur_params.min_discovery_timeout); 2659 NLA_PUT_U32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 2660 cur_params.dot11MeshHWMPactivePathTimeout); 2661 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 2662 cur_params.dot11MeshHWMPpreqMinInterval); 2663 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 2664 cur_params.dot11MeshHWMPnetDiameterTraversalTime); 2665 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_ROOTMODE, 2666 cur_params.dot11MeshHWMPRootMode); 2667 nla_nest_end(msg, pinfoattr); 2668 genlmsg_end(msg, hdr); 2669 err = genlmsg_reply(msg, info); 2670 goto out; 2671 2672 nla_put_failure: 2673 genlmsg_cancel(msg, hdr); 2674 err = -EMSGSIZE; 2675 out: 2676 /* Cleanup */ 2677 cfg80211_unlock_rdev(rdev); 2678 dev_put(dev); 2679 out_rtnl: 2680 rtnl_unlock(); 2681 2682 return err; 2683 } 2684 2685 #define FILL_IN_MESH_PARAM_IF_SET(table, cfg, param, mask, attr_num, nla_fn) \ 2686 do {\ 2687 if (table[attr_num]) {\ 2688 cfg.param = nla_fn(table[attr_num]); \ 2689 mask |= (1 << (attr_num - 1)); \ 2690 } \ 2691 } while (0);\ 2692 2693 static struct nla_policy 2694 nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] __read_mostly = { 2695 [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 }, 2696 [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 }, 2697 [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 }, 2698 [NL80211_MESHCONF_MAX_PEER_LINKS] = { .type = NLA_U16 }, 2699 [NL80211_MESHCONF_MAX_RETRIES] = { .type = NLA_U8 }, 2700 [NL80211_MESHCONF_TTL] = { .type = NLA_U8 }, 2701 [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = { .type = NLA_U8 }, 2702 2703 [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 }, 2704 [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 }, 2705 [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = { .type = NLA_U16 }, 2706 [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 }, 2707 [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] = { .type = NLA_U16 }, 2708 [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] = { .type = NLA_U16 }, 2709 }; 2710 2711 static int nl80211_set_mesh_params(struct sk_buff *skb, struct genl_info *info) 2712 { 2713 int err; 2714 u32 mask; 2715 struct cfg80211_registered_device *rdev; 2716 struct net_device *dev; 2717 struct mesh_config cfg; 2718 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1]; 2719 struct nlattr *parent_attr; 2720 2721 parent_attr = info->attrs[NL80211_ATTR_MESH_PARAMS]; 2722 if (!parent_attr) 2723 return -EINVAL; 2724 if (nla_parse_nested(tb, NL80211_MESHCONF_ATTR_MAX, 2725 parent_attr, nl80211_meshconf_params_policy)) 2726 return -EINVAL; 2727 2728 rtnl_lock(); 2729 2730 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 2731 if (err) 2732 goto out_rtnl; 2733 2734 if (!rdev->ops->set_mesh_params) { 2735 err = -EOPNOTSUPP; 2736 goto out; 2737 } 2738 2739 /* This makes sure that there aren't more than 32 mesh config 2740 * parameters (otherwise our bitfield scheme would not work.) */ 2741 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32); 2742 2743 /* Fill in the params struct */ 2744 mask = 0; 2745 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, 2746 mask, NL80211_MESHCONF_RETRY_TIMEOUT, nla_get_u16); 2747 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, 2748 mask, NL80211_MESHCONF_CONFIRM_TIMEOUT, nla_get_u16); 2749 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, 2750 mask, NL80211_MESHCONF_HOLDING_TIMEOUT, nla_get_u16); 2751 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, 2752 mask, NL80211_MESHCONF_MAX_PEER_LINKS, nla_get_u16); 2753 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, 2754 mask, NL80211_MESHCONF_MAX_RETRIES, nla_get_u8); 2755 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, 2756 mask, NL80211_MESHCONF_TTL, nla_get_u8); 2757 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, 2758 mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS, nla_get_u8); 2759 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, 2760 mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 2761 nla_get_u8); 2762 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, 2763 mask, NL80211_MESHCONF_PATH_REFRESH_TIME, nla_get_u32); 2764 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, 2765 mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 2766 nla_get_u16); 2767 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout, 2768 mask, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 2769 nla_get_u32); 2770 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval, 2771 mask, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 2772 nla_get_u16); 2773 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 2774 dot11MeshHWMPnetDiameterTraversalTime, 2775 mask, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 2776 nla_get_u16); 2777 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 2778 dot11MeshHWMPRootMode, mask, 2779 NL80211_MESHCONF_HWMP_ROOTMODE, 2780 nla_get_u8); 2781 2782 /* Apply changes */ 2783 err = rdev->ops->set_mesh_params(&rdev->wiphy, dev, &cfg, mask); 2784 2785 out: 2786 /* cleanup */ 2787 cfg80211_unlock_rdev(rdev); 2788 dev_put(dev); 2789 out_rtnl: 2790 rtnl_unlock(); 2791 2792 return err; 2793 } 2794 2795 #undef FILL_IN_MESH_PARAM_IF_SET 2796 2797 static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info) 2798 { 2799 struct sk_buff *msg; 2800 void *hdr = NULL; 2801 struct nlattr *nl_reg_rules; 2802 unsigned int i; 2803 int err = -EINVAL; 2804 2805 mutex_lock(&cfg80211_mutex); 2806 2807 if (!cfg80211_regdomain) 2808 goto out; 2809 2810 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2811 if (!msg) { 2812 err = -ENOBUFS; 2813 goto out; 2814 } 2815 2816 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 2817 NL80211_CMD_GET_REG); 2818 if (!hdr) 2819 goto nla_put_failure; 2820 2821 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, 2822 cfg80211_regdomain->alpha2); 2823 2824 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES); 2825 if (!nl_reg_rules) 2826 goto nla_put_failure; 2827 2828 for (i = 0; i < cfg80211_regdomain->n_reg_rules; i++) { 2829 struct nlattr *nl_reg_rule; 2830 const struct ieee80211_reg_rule *reg_rule; 2831 const struct ieee80211_freq_range *freq_range; 2832 const struct ieee80211_power_rule *power_rule; 2833 2834 reg_rule = &cfg80211_regdomain->reg_rules[i]; 2835 freq_range = ®_rule->freq_range; 2836 power_rule = ®_rule->power_rule; 2837 2838 nl_reg_rule = nla_nest_start(msg, i); 2839 if (!nl_reg_rule) 2840 goto nla_put_failure; 2841 2842 NLA_PUT_U32(msg, NL80211_ATTR_REG_RULE_FLAGS, 2843 reg_rule->flags); 2844 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_START, 2845 freq_range->start_freq_khz); 2846 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_END, 2847 freq_range->end_freq_khz); 2848 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW, 2849 freq_range->max_bandwidth_khz); 2850 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN, 2851 power_rule->max_antenna_gain); 2852 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP, 2853 power_rule->max_eirp); 2854 2855 nla_nest_end(msg, nl_reg_rule); 2856 } 2857 2858 nla_nest_end(msg, nl_reg_rules); 2859 2860 genlmsg_end(msg, hdr); 2861 err = genlmsg_reply(msg, info); 2862 goto out; 2863 2864 nla_put_failure: 2865 genlmsg_cancel(msg, hdr); 2866 err = -EMSGSIZE; 2867 out: 2868 mutex_unlock(&cfg80211_mutex); 2869 return err; 2870 } 2871 2872 static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info) 2873 { 2874 struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1]; 2875 struct nlattr *nl_reg_rule; 2876 char *alpha2 = NULL; 2877 int rem_reg_rules = 0, r = 0; 2878 u32 num_rules = 0, rule_idx = 0, size_of_regd; 2879 struct ieee80211_regdomain *rd = NULL; 2880 2881 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 2882 return -EINVAL; 2883 2884 if (!info->attrs[NL80211_ATTR_REG_RULES]) 2885 return -EINVAL; 2886 2887 alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 2888 2889 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 2890 rem_reg_rules) { 2891 num_rules++; 2892 if (num_rules > NL80211_MAX_SUPP_REG_RULES) 2893 return -EINVAL; 2894 } 2895 2896 mutex_lock(&cfg80211_mutex); 2897 2898 if (!reg_is_valid_request(alpha2)) { 2899 r = -EINVAL; 2900 goto bad_reg; 2901 } 2902 2903 size_of_regd = sizeof(struct ieee80211_regdomain) + 2904 (num_rules * sizeof(struct ieee80211_reg_rule)); 2905 2906 rd = kzalloc(size_of_regd, GFP_KERNEL); 2907 if (!rd) { 2908 r = -ENOMEM; 2909 goto bad_reg; 2910 } 2911 2912 rd->n_reg_rules = num_rules; 2913 rd->alpha2[0] = alpha2[0]; 2914 rd->alpha2[1] = alpha2[1]; 2915 2916 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 2917 rem_reg_rules) { 2918 nla_parse(tb, NL80211_REG_RULE_ATTR_MAX, 2919 nla_data(nl_reg_rule), nla_len(nl_reg_rule), 2920 reg_rule_policy); 2921 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]); 2922 if (r) 2923 goto bad_reg; 2924 2925 rule_idx++; 2926 2927 if (rule_idx > NL80211_MAX_SUPP_REG_RULES) { 2928 r = -EINVAL; 2929 goto bad_reg; 2930 } 2931 } 2932 2933 BUG_ON(rule_idx != num_rules); 2934 2935 r = set_regdom(rd); 2936 2937 mutex_unlock(&cfg80211_mutex); 2938 2939 return r; 2940 2941 bad_reg: 2942 mutex_unlock(&cfg80211_mutex); 2943 kfree(rd); 2944 return r; 2945 } 2946 2947 static int validate_scan_freqs(struct nlattr *freqs) 2948 { 2949 struct nlattr *attr1, *attr2; 2950 int n_channels = 0, tmp1, tmp2; 2951 2952 nla_for_each_nested(attr1, freqs, tmp1) { 2953 n_channels++; 2954 /* 2955 * Some hardware has a limited channel list for 2956 * scanning, and it is pretty much nonsensical 2957 * to scan for a channel twice, so disallow that 2958 * and don't require drivers to check that the 2959 * channel list they get isn't longer than what 2960 * they can scan, as long as they can scan all 2961 * the channels they registered at once. 2962 */ 2963 nla_for_each_nested(attr2, freqs, tmp2) 2964 if (attr1 != attr2 && 2965 nla_get_u32(attr1) == nla_get_u32(attr2)) 2966 return 0; 2967 } 2968 2969 return n_channels; 2970 } 2971 2972 static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info) 2973 { 2974 struct cfg80211_registered_device *rdev; 2975 struct net_device *dev; 2976 struct cfg80211_scan_request *request; 2977 struct cfg80211_ssid *ssid; 2978 struct ieee80211_channel *channel; 2979 struct nlattr *attr; 2980 struct wiphy *wiphy; 2981 int err, tmp, n_ssids = 0, n_channels, i; 2982 enum ieee80211_band band; 2983 size_t ie_len; 2984 2985 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 2986 return -EINVAL; 2987 2988 rtnl_lock(); 2989 2990 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 2991 if (err) 2992 goto out_rtnl; 2993 2994 wiphy = &rdev->wiphy; 2995 2996 if (!rdev->ops->scan) { 2997 err = -EOPNOTSUPP; 2998 goto out; 2999 } 3000 3001 if (!netif_running(dev)) { 3002 err = -ENETDOWN; 3003 goto out; 3004 } 3005 3006 if (rdev->scan_req) { 3007 err = -EBUSY; 3008 goto out; 3009 } 3010 3011 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3012 n_channels = validate_scan_freqs( 3013 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]); 3014 if (!n_channels) { 3015 err = -EINVAL; 3016 goto out; 3017 } 3018 } else { 3019 n_channels = 0; 3020 3021 for (band = 0; band < IEEE80211_NUM_BANDS; band++) 3022 if (wiphy->bands[band]) 3023 n_channels += wiphy->bands[band]->n_channels; 3024 } 3025 3026 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) 3027 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) 3028 n_ssids++; 3029 3030 if (n_ssids > wiphy->max_scan_ssids) { 3031 err = -EINVAL; 3032 goto out; 3033 } 3034 3035 if (info->attrs[NL80211_ATTR_IE]) 3036 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3037 else 3038 ie_len = 0; 3039 3040 if (ie_len > wiphy->max_scan_ie_len) { 3041 err = -EINVAL; 3042 goto out; 3043 } 3044 3045 request = kzalloc(sizeof(*request) 3046 + sizeof(*ssid) * n_ssids 3047 + sizeof(channel) * n_channels 3048 + ie_len, GFP_KERNEL); 3049 if (!request) { 3050 err = -ENOMEM; 3051 goto out; 3052 } 3053 3054 if (n_ssids) 3055 request->ssids = (void *)&request->channels[n_channels]; 3056 request->n_ssids = n_ssids; 3057 if (ie_len) { 3058 if (request->ssids) 3059 request->ie = (void *)(request->ssids + n_ssids); 3060 else 3061 request->ie = (void *)(request->channels + n_channels); 3062 } 3063 3064 i = 0; 3065 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3066 /* user specified, bail out if channel not found */ 3067 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) { 3068 struct ieee80211_channel *chan; 3069 3070 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr)); 3071 3072 if (!chan) { 3073 err = -EINVAL; 3074 goto out_free; 3075 } 3076 3077 /* ignore disabled channels */ 3078 if (chan->flags & IEEE80211_CHAN_DISABLED) 3079 continue; 3080 3081 request->channels[i] = chan; 3082 i++; 3083 } 3084 } else { 3085 /* all channels */ 3086 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 3087 int j; 3088 if (!wiphy->bands[band]) 3089 continue; 3090 for (j = 0; j < wiphy->bands[band]->n_channels; j++) { 3091 struct ieee80211_channel *chan; 3092 3093 chan = &wiphy->bands[band]->channels[j]; 3094 3095 if (chan->flags & IEEE80211_CHAN_DISABLED) 3096 continue; 3097 3098 request->channels[i] = chan; 3099 i++; 3100 } 3101 } 3102 } 3103 3104 if (!i) { 3105 err = -EINVAL; 3106 goto out_free; 3107 } 3108 3109 request->n_channels = i; 3110 3111 i = 0; 3112 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) { 3113 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) { 3114 if (request->ssids[i].ssid_len > IEEE80211_MAX_SSID_LEN) { 3115 err = -EINVAL; 3116 goto out_free; 3117 } 3118 memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr)); 3119 request->ssids[i].ssid_len = nla_len(attr); 3120 i++; 3121 } 3122 } 3123 3124 if (info->attrs[NL80211_ATTR_IE]) { 3125 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3126 memcpy((void *)request->ie, 3127 nla_data(info->attrs[NL80211_ATTR_IE]), 3128 request->ie_len); 3129 } 3130 3131 request->dev = dev; 3132 request->wiphy = &rdev->wiphy; 3133 3134 rdev->scan_req = request; 3135 err = rdev->ops->scan(&rdev->wiphy, dev, request); 3136 3137 if (!err) { 3138 nl80211_send_scan_start(rdev, dev); 3139 dev_hold(dev); 3140 } 3141 3142 out_free: 3143 if (err) { 3144 rdev->scan_req = NULL; 3145 kfree(request); 3146 } 3147 out: 3148 cfg80211_unlock_rdev(rdev); 3149 dev_put(dev); 3150 out_rtnl: 3151 rtnl_unlock(); 3152 3153 return err; 3154 } 3155 3156 static int nl80211_send_bss(struct sk_buff *msg, u32 pid, u32 seq, int flags, 3157 struct cfg80211_registered_device *rdev, 3158 struct wireless_dev *wdev, 3159 struct cfg80211_internal_bss *intbss) 3160 { 3161 struct cfg80211_bss *res = &intbss->pub; 3162 void *hdr; 3163 struct nlattr *bss; 3164 int i; 3165 3166 ASSERT_WDEV_LOCK(wdev); 3167 3168 hdr = nl80211hdr_put(msg, pid, seq, flags, 3169 NL80211_CMD_NEW_SCAN_RESULTS); 3170 if (!hdr) 3171 return -1; 3172 3173 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation); 3174 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex); 3175 3176 bss = nla_nest_start(msg, NL80211_ATTR_BSS); 3177 if (!bss) 3178 goto nla_put_failure; 3179 if (!is_zero_ether_addr(res->bssid)) 3180 NLA_PUT(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid); 3181 if (res->information_elements && res->len_information_elements) 3182 NLA_PUT(msg, NL80211_BSS_INFORMATION_ELEMENTS, 3183 res->len_information_elements, 3184 res->information_elements); 3185 if (res->tsf) 3186 NLA_PUT_U64(msg, NL80211_BSS_TSF, res->tsf); 3187 if (res->beacon_interval) 3188 NLA_PUT_U16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval); 3189 NLA_PUT_U16(msg, NL80211_BSS_CAPABILITY, res->capability); 3190 NLA_PUT_U32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq); 3191 NLA_PUT_U32(msg, NL80211_BSS_SEEN_MS_AGO, 3192 jiffies_to_msecs(jiffies - intbss->ts)); 3193 3194 switch (rdev->wiphy.signal_type) { 3195 case CFG80211_SIGNAL_TYPE_MBM: 3196 NLA_PUT_U32(msg, NL80211_BSS_SIGNAL_MBM, res->signal); 3197 break; 3198 case CFG80211_SIGNAL_TYPE_UNSPEC: 3199 NLA_PUT_U8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal); 3200 break; 3201 default: 3202 break; 3203 } 3204 3205 switch (wdev->iftype) { 3206 case NL80211_IFTYPE_STATION: 3207 if (intbss == wdev->current_bss) 3208 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3209 NL80211_BSS_STATUS_ASSOCIATED); 3210 else for (i = 0; i < MAX_AUTH_BSSES; i++) { 3211 if (intbss != wdev->auth_bsses[i]) 3212 continue; 3213 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3214 NL80211_BSS_STATUS_AUTHENTICATED); 3215 break; 3216 } 3217 break; 3218 case NL80211_IFTYPE_ADHOC: 3219 if (intbss == wdev->current_bss) 3220 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3221 NL80211_BSS_STATUS_IBSS_JOINED); 3222 break; 3223 default: 3224 break; 3225 } 3226 3227 nla_nest_end(msg, bss); 3228 3229 return genlmsg_end(msg, hdr); 3230 3231 nla_put_failure: 3232 genlmsg_cancel(msg, hdr); 3233 return -EMSGSIZE; 3234 } 3235 3236 static int nl80211_dump_scan(struct sk_buff *skb, 3237 struct netlink_callback *cb) 3238 { 3239 struct cfg80211_registered_device *rdev; 3240 struct net_device *dev; 3241 struct cfg80211_internal_bss *scan; 3242 struct wireless_dev *wdev; 3243 int ifidx = cb->args[0]; 3244 int start = cb->args[1], idx = 0; 3245 int err; 3246 3247 if (!ifidx) 3248 ifidx = nl80211_get_ifidx(cb); 3249 if (ifidx < 0) 3250 return ifidx; 3251 cb->args[0] = ifidx; 3252 3253 dev = dev_get_by_index(sock_net(skb->sk), ifidx); 3254 if (!dev) 3255 return -ENODEV; 3256 3257 rdev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx); 3258 if (IS_ERR(rdev)) { 3259 err = PTR_ERR(rdev); 3260 goto out_put_netdev; 3261 } 3262 3263 wdev = dev->ieee80211_ptr; 3264 3265 wdev_lock(wdev); 3266 spin_lock_bh(&rdev->bss_lock); 3267 cfg80211_bss_expire(rdev); 3268 3269 list_for_each_entry(scan, &rdev->bss_list, list) { 3270 if (++idx <= start) 3271 continue; 3272 if (nl80211_send_bss(skb, 3273 NETLINK_CB(cb->skb).pid, 3274 cb->nlh->nlmsg_seq, NLM_F_MULTI, 3275 rdev, wdev, scan) < 0) { 3276 idx--; 3277 goto out; 3278 } 3279 } 3280 3281 out: 3282 spin_unlock_bh(&rdev->bss_lock); 3283 wdev_unlock(wdev); 3284 3285 cb->args[1] = idx; 3286 err = skb->len; 3287 cfg80211_unlock_rdev(rdev); 3288 out_put_netdev: 3289 dev_put(dev); 3290 3291 return err; 3292 } 3293 3294 static int nl80211_send_survey(struct sk_buff *msg, u32 pid, u32 seq, 3295 int flags, struct net_device *dev, 3296 struct survey_info *survey) 3297 { 3298 void *hdr; 3299 struct nlattr *infoattr; 3300 3301 /* Survey without a channel doesn't make sense */ 3302 if (!survey->channel) 3303 return -EINVAL; 3304 3305 hdr = nl80211hdr_put(msg, pid, seq, flags, 3306 NL80211_CMD_NEW_SURVEY_RESULTS); 3307 if (!hdr) 3308 return -ENOMEM; 3309 3310 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 3311 3312 infoattr = nla_nest_start(msg, NL80211_ATTR_SURVEY_INFO); 3313 if (!infoattr) 3314 goto nla_put_failure; 3315 3316 NLA_PUT_U32(msg, NL80211_SURVEY_INFO_FREQUENCY, 3317 survey->channel->center_freq); 3318 if (survey->filled & SURVEY_INFO_NOISE_DBM) 3319 NLA_PUT_U8(msg, NL80211_SURVEY_INFO_NOISE, 3320 survey->noise); 3321 3322 nla_nest_end(msg, infoattr); 3323 3324 return genlmsg_end(msg, hdr); 3325 3326 nla_put_failure: 3327 genlmsg_cancel(msg, hdr); 3328 return -EMSGSIZE; 3329 } 3330 3331 static int nl80211_dump_survey(struct sk_buff *skb, 3332 struct netlink_callback *cb) 3333 { 3334 struct survey_info survey; 3335 struct cfg80211_registered_device *dev; 3336 struct net_device *netdev; 3337 int ifidx = cb->args[0]; 3338 int survey_idx = cb->args[1]; 3339 int res; 3340 3341 if (!ifidx) 3342 ifidx = nl80211_get_ifidx(cb); 3343 if (ifidx < 0) 3344 return ifidx; 3345 cb->args[0] = ifidx; 3346 3347 rtnl_lock(); 3348 3349 netdev = __dev_get_by_index(sock_net(skb->sk), ifidx); 3350 if (!netdev) { 3351 res = -ENODEV; 3352 goto out_rtnl; 3353 } 3354 3355 dev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx); 3356 if (IS_ERR(dev)) { 3357 res = PTR_ERR(dev); 3358 goto out_rtnl; 3359 } 3360 3361 if (!dev->ops->dump_survey) { 3362 res = -EOPNOTSUPP; 3363 goto out_err; 3364 } 3365 3366 while (1) { 3367 res = dev->ops->dump_survey(&dev->wiphy, netdev, survey_idx, 3368 &survey); 3369 if (res == -ENOENT) 3370 break; 3371 if (res) 3372 goto out_err; 3373 3374 if (nl80211_send_survey(skb, 3375 NETLINK_CB(cb->skb).pid, 3376 cb->nlh->nlmsg_seq, NLM_F_MULTI, 3377 netdev, 3378 &survey) < 0) 3379 goto out; 3380 survey_idx++; 3381 } 3382 3383 out: 3384 cb->args[1] = survey_idx; 3385 res = skb->len; 3386 out_err: 3387 cfg80211_unlock_rdev(dev); 3388 out_rtnl: 3389 rtnl_unlock(); 3390 3391 return res; 3392 } 3393 3394 static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type) 3395 { 3396 return auth_type <= NL80211_AUTHTYPE_MAX; 3397 } 3398 3399 static bool nl80211_valid_wpa_versions(u32 wpa_versions) 3400 { 3401 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 | 3402 NL80211_WPA_VERSION_2)); 3403 } 3404 3405 static bool nl80211_valid_akm_suite(u32 akm) 3406 { 3407 return akm == WLAN_AKM_SUITE_8021X || 3408 akm == WLAN_AKM_SUITE_PSK; 3409 } 3410 3411 static bool nl80211_valid_cipher_suite(u32 cipher) 3412 { 3413 return cipher == WLAN_CIPHER_SUITE_WEP40 || 3414 cipher == WLAN_CIPHER_SUITE_WEP104 || 3415 cipher == WLAN_CIPHER_SUITE_TKIP || 3416 cipher == WLAN_CIPHER_SUITE_CCMP || 3417 cipher == WLAN_CIPHER_SUITE_AES_CMAC; 3418 } 3419 3420 3421 static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info) 3422 { 3423 struct cfg80211_registered_device *rdev; 3424 struct net_device *dev; 3425 struct ieee80211_channel *chan; 3426 const u8 *bssid, *ssid, *ie = NULL; 3427 int err, ssid_len, ie_len = 0; 3428 enum nl80211_auth_type auth_type; 3429 struct key_parse key; 3430 3431 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3432 return -EINVAL; 3433 3434 if (!info->attrs[NL80211_ATTR_MAC]) 3435 return -EINVAL; 3436 3437 if (!info->attrs[NL80211_ATTR_AUTH_TYPE]) 3438 return -EINVAL; 3439 3440 if (!info->attrs[NL80211_ATTR_SSID]) 3441 return -EINVAL; 3442 3443 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 3444 return -EINVAL; 3445 3446 err = nl80211_parse_key(info, &key); 3447 if (err) 3448 return err; 3449 3450 if (key.idx >= 0) { 3451 if (!key.p.key || !key.p.key_len) 3452 return -EINVAL; 3453 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 || 3454 key.p.key_len != WLAN_KEY_LEN_WEP40) && 3455 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 || 3456 key.p.key_len != WLAN_KEY_LEN_WEP104)) 3457 return -EINVAL; 3458 if (key.idx > 4) 3459 return -EINVAL; 3460 } else { 3461 key.p.key_len = 0; 3462 key.p.key = NULL; 3463 } 3464 3465 rtnl_lock(); 3466 3467 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 3468 if (err) 3469 goto unlock_rtnl; 3470 3471 if (!rdev->ops->auth) { 3472 err = -EOPNOTSUPP; 3473 goto out; 3474 } 3475 3476 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) { 3477 err = -EOPNOTSUPP; 3478 goto out; 3479 } 3480 3481 if (!netif_running(dev)) { 3482 err = -ENETDOWN; 3483 goto out; 3484 } 3485 3486 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3487 chan = ieee80211_get_channel(&rdev->wiphy, 3488 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 3489 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) { 3490 err = -EINVAL; 3491 goto out; 3492 } 3493 3494 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3495 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 3496 3497 if (info->attrs[NL80211_ATTR_IE]) { 3498 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3499 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3500 } 3501 3502 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 3503 if (!nl80211_valid_auth_type(auth_type)) { 3504 err = -EINVAL; 3505 goto out; 3506 } 3507 3508 err = cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid, 3509 ssid, ssid_len, ie, ie_len, 3510 key.p.key, key.p.key_len, key.idx); 3511 3512 out: 3513 cfg80211_unlock_rdev(rdev); 3514 dev_put(dev); 3515 unlock_rtnl: 3516 rtnl_unlock(); 3517 return err; 3518 } 3519 3520 static int nl80211_crypto_settings(struct genl_info *info, 3521 struct cfg80211_crypto_settings *settings, 3522 int cipher_limit) 3523 { 3524 memset(settings, 0, sizeof(*settings)); 3525 3526 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT]; 3527 3528 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) { 3529 void *data; 3530 int len, i; 3531 3532 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 3533 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 3534 settings->n_ciphers_pairwise = len / sizeof(u32); 3535 3536 if (len % sizeof(u32)) 3537 return -EINVAL; 3538 3539 if (settings->n_ciphers_pairwise > cipher_limit) 3540 return -EINVAL; 3541 3542 memcpy(settings->ciphers_pairwise, data, len); 3543 3544 for (i = 0; i < settings->n_ciphers_pairwise; i++) 3545 if (!nl80211_valid_cipher_suite( 3546 settings->ciphers_pairwise[i])) 3547 return -EINVAL; 3548 } 3549 3550 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) { 3551 settings->cipher_group = 3552 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]); 3553 if (!nl80211_valid_cipher_suite(settings->cipher_group)) 3554 return -EINVAL; 3555 } 3556 3557 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) { 3558 settings->wpa_versions = 3559 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]); 3560 if (!nl80211_valid_wpa_versions(settings->wpa_versions)) 3561 return -EINVAL; 3562 } 3563 3564 if (info->attrs[NL80211_ATTR_AKM_SUITES]) { 3565 void *data; 3566 int len, i; 3567 3568 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]); 3569 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]); 3570 settings->n_akm_suites = len / sizeof(u32); 3571 3572 if (len % sizeof(u32)) 3573 return -EINVAL; 3574 3575 memcpy(settings->akm_suites, data, len); 3576 3577 for (i = 0; i < settings->n_ciphers_pairwise; i++) 3578 if (!nl80211_valid_akm_suite(settings->akm_suites[i])) 3579 return -EINVAL; 3580 } 3581 3582 return 0; 3583 } 3584 3585 static int nl80211_associate(struct sk_buff *skb, struct genl_info *info) 3586 { 3587 struct cfg80211_registered_device *rdev; 3588 struct net_device *dev; 3589 struct cfg80211_crypto_settings crypto; 3590 struct ieee80211_channel *chan, *fixedchan; 3591 const u8 *bssid, *ssid, *ie = NULL, *prev_bssid = NULL; 3592 int err, ssid_len, ie_len = 0; 3593 bool use_mfp = false; 3594 3595 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3596 return -EINVAL; 3597 3598 if (!info->attrs[NL80211_ATTR_MAC] || 3599 !info->attrs[NL80211_ATTR_SSID] || 3600 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 3601 return -EINVAL; 3602 3603 rtnl_lock(); 3604 3605 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 3606 if (err) 3607 goto unlock_rtnl; 3608 3609 if (!rdev->ops->assoc) { 3610 err = -EOPNOTSUPP; 3611 goto out; 3612 } 3613 3614 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) { 3615 err = -EOPNOTSUPP; 3616 goto out; 3617 } 3618 3619 if (!netif_running(dev)) { 3620 err = -ENETDOWN; 3621 goto out; 3622 } 3623 3624 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3625 3626 chan = ieee80211_get_channel(&rdev->wiphy, 3627 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 3628 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) { 3629 err = -EINVAL; 3630 goto out; 3631 } 3632 3633 mutex_lock(&rdev->devlist_mtx); 3634 fixedchan = rdev_fixed_channel(rdev, NULL); 3635 if (fixedchan && chan != fixedchan) { 3636 err = -EBUSY; 3637 mutex_unlock(&rdev->devlist_mtx); 3638 goto out; 3639 } 3640 mutex_unlock(&rdev->devlist_mtx); 3641 3642 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3643 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 3644 3645 if (info->attrs[NL80211_ATTR_IE]) { 3646 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3647 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3648 } 3649 3650 if (info->attrs[NL80211_ATTR_USE_MFP]) { 3651 enum nl80211_mfp mfp = 3652 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]); 3653 if (mfp == NL80211_MFP_REQUIRED) 3654 use_mfp = true; 3655 else if (mfp != NL80211_MFP_NO) { 3656 err = -EINVAL; 3657 goto out; 3658 } 3659 } 3660 3661 if (info->attrs[NL80211_ATTR_PREV_BSSID]) 3662 prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]); 3663 3664 err = nl80211_crypto_settings(info, &crypto, 1); 3665 if (!err) 3666 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid, 3667 ssid, ssid_len, ie, ie_len, use_mfp, 3668 &crypto); 3669 3670 out: 3671 cfg80211_unlock_rdev(rdev); 3672 dev_put(dev); 3673 unlock_rtnl: 3674 rtnl_unlock(); 3675 return err; 3676 } 3677 3678 static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info) 3679 { 3680 struct cfg80211_registered_device *rdev; 3681 struct net_device *dev; 3682 const u8 *ie = NULL, *bssid; 3683 int err, ie_len = 0; 3684 u16 reason_code; 3685 3686 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3687 return -EINVAL; 3688 3689 if (!info->attrs[NL80211_ATTR_MAC]) 3690 return -EINVAL; 3691 3692 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 3693 return -EINVAL; 3694 3695 rtnl_lock(); 3696 3697 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 3698 if (err) 3699 goto unlock_rtnl; 3700 3701 if (!rdev->ops->deauth) { 3702 err = -EOPNOTSUPP; 3703 goto out; 3704 } 3705 3706 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) { 3707 err = -EOPNOTSUPP; 3708 goto out; 3709 } 3710 3711 if (!netif_running(dev)) { 3712 err = -ENETDOWN; 3713 goto out; 3714 } 3715 3716 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3717 3718 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 3719 if (reason_code == 0) { 3720 /* Reason Code 0 is reserved */ 3721 err = -EINVAL; 3722 goto out; 3723 } 3724 3725 if (info->attrs[NL80211_ATTR_IE]) { 3726 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3727 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3728 } 3729 3730 err = cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code); 3731 3732 out: 3733 cfg80211_unlock_rdev(rdev); 3734 dev_put(dev); 3735 unlock_rtnl: 3736 rtnl_unlock(); 3737 return err; 3738 } 3739 3740 static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info) 3741 { 3742 struct cfg80211_registered_device *rdev; 3743 struct net_device *dev; 3744 const u8 *ie = NULL, *bssid; 3745 int err, ie_len = 0; 3746 u16 reason_code; 3747 3748 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3749 return -EINVAL; 3750 3751 if (!info->attrs[NL80211_ATTR_MAC]) 3752 return -EINVAL; 3753 3754 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 3755 return -EINVAL; 3756 3757 rtnl_lock(); 3758 3759 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 3760 if (err) 3761 goto unlock_rtnl; 3762 3763 if (!rdev->ops->disassoc) { 3764 err = -EOPNOTSUPP; 3765 goto out; 3766 } 3767 3768 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) { 3769 err = -EOPNOTSUPP; 3770 goto out; 3771 } 3772 3773 if (!netif_running(dev)) { 3774 err = -ENETDOWN; 3775 goto out; 3776 } 3777 3778 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3779 3780 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 3781 if (reason_code == 0) { 3782 /* Reason Code 0 is reserved */ 3783 err = -EINVAL; 3784 goto out; 3785 } 3786 3787 if (info->attrs[NL80211_ATTR_IE]) { 3788 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3789 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3790 } 3791 3792 err = cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code); 3793 3794 out: 3795 cfg80211_unlock_rdev(rdev); 3796 dev_put(dev); 3797 unlock_rtnl: 3798 rtnl_unlock(); 3799 return err; 3800 } 3801 3802 static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info) 3803 { 3804 struct cfg80211_registered_device *rdev; 3805 struct net_device *dev; 3806 struct cfg80211_ibss_params ibss; 3807 struct wiphy *wiphy; 3808 struct cfg80211_cached_keys *connkeys = NULL; 3809 int err; 3810 3811 memset(&ibss, 0, sizeof(ibss)); 3812 3813 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3814 return -EINVAL; 3815 3816 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 3817 !info->attrs[NL80211_ATTR_SSID] || 3818 !nla_len(info->attrs[NL80211_ATTR_SSID])) 3819 return -EINVAL; 3820 3821 ibss.beacon_interval = 100; 3822 3823 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) { 3824 ibss.beacon_interval = 3825 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 3826 if (ibss.beacon_interval < 1 || ibss.beacon_interval > 10000) 3827 return -EINVAL; 3828 } 3829 3830 rtnl_lock(); 3831 3832 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 3833 if (err) 3834 goto unlock_rtnl; 3835 3836 if (!rdev->ops->join_ibss) { 3837 err = -EOPNOTSUPP; 3838 goto out; 3839 } 3840 3841 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) { 3842 err = -EOPNOTSUPP; 3843 goto out; 3844 } 3845 3846 if (!netif_running(dev)) { 3847 err = -ENETDOWN; 3848 goto out; 3849 } 3850 3851 wiphy = &rdev->wiphy; 3852 3853 if (info->attrs[NL80211_ATTR_MAC]) 3854 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3855 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3856 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 3857 3858 if (info->attrs[NL80211_ATTR_IE]) { 3859 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3860 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3861 } 3862 3863 ibss.channel = ieee80211_get_channel(wiphy, 3864 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 3865 if (!ibss.channel || 3866 ibss.channel->flags & IEEE80211_CHAN_NO_IBSS || 3867 ibss.channel->flags & IEEE80211_CHAN_DISABLED) { 3868 err = -EINVAL; 3869 goto out; 3870 } 3871 3872 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED]; 3873 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; 3874 3875 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) { 3876 connkeys = nl80211_parse_connkeys(rdev, 3877 info->attrs[NL80211_ATTR_KEYS]); 3878 if (IS_ERR(connkeys)) { 3879 err = PTR_ERR(connkeys); 3880 connkeys = NULL; 3881 goto out; 3882 } 3883 } 3884 3885 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys); 3886 3887 out: 3888 cfg80211_unlock_rdev(rdev); 3889 dev_put(dev); 3890 unlock_rtnl: 3891 if (err) 3892 kfree(connkeys); 3893 rtnl_unlock(); 3894 return err; 3895 } 3896 3897 static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info) 3898 { 3899 struct cfg80211_registered_device *rdev; 3900 struct net_device *dev; 3901 int err; 3902 3903 rtnl_lock(); 3904 3905 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 3906 if (err) 3907 goto unlock_rtnl; 3908 3909 if (!rdev->ops->leave_ibss) { 3910 err = -EOPNOTSUPP; 3911 goto out; 3912 } 3913 3914 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) { 3915 err = -EOPNOTSUPP; 3916 goto out; 3917 } 3918 3919 if (!netif_running(dev)) { 3920 err = -ENETDOWN; 3921 goto out; 3922 } 3923 3924 err = cfg80211_leave_ibss(rdev, dev, false); 3925 3926 out: 3927 cfg80211_unlock_rdev(rdev); 3928 dev_put(dev); 3929 unlock_rtnl: 3930 rtnl_unlock(); 3931 return err; 3932 } 3933 3934 #ifdef CONFIG_NL80211_TESTMODE 3935 static struct genl_multicast_group nl80211_testmode_mcgrp = { 3936 .name = "testmode", 3937 }; 3938 3939 static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info) 3940 { 3941 struct cfg80211_registered_device *rdev; 3942 int err; 3943 3944 if (!info->attrs[NL80211_ATTR_TESTDATA]) 3945 return -EINVAL; 3946 3947 rtnl_lock(); 3948 3949 rdev = cfg80211_get_dev_from_info(info); 3950 if (IS_ERR(rdev)) { 3951 err = PTR_ERR(rdev); 3952 goto unlock_rtnl; 3953 } 3954 3955 err = -EOPNOTSUPP; 3956 if (rdev->ops->testmode_cmd) { 3957 rdev->testmode_info = info; 3958 err = rdev->ops->testmode_cmd(&rdev->wiphy, 3959 nla_data(info->attrs[NL80211_ATTR_TESTDATA]), 3960 nla_len(info->attrs[NL80211_ATTR_TESTDATA])); 3961 rdev->testmode_info = NULL; 3962 } 3963 3964 cfg80211_unlock_rdev(rdev); 3965 3966 unlock_rtnl: 3967 rtnl_unlock(); 3968 return err; 3969 } 3970 3971 static struct sk_buff * 3972 __cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev, 3973 int approxlen, u32 pid, u32 seq, gfp_t gfp) 3974 { 3975 struct sk_buff *skb; 3976 void *hdr; 3977 struct nlattr *data; 3978 3979 skb = nlmsg_new(approxlen + 100, gfp); 3980 if (!skb) 3981 return NULL; 3982 3983 hdr = nl80211hdr_put(skb, pid, seq, 0, NL80211_CMD_TESTMODE); 3984 if (!hdr) { 3985 kfree_skb(skb); 3986 return NULL; 3987 } 3988 3989 NLA_PUT_U32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 3990 data = nla_nest_start(skb, NL80211_ATTR_TESTDATA); 3991 3992 ((void **)skb->cb)[0] = rdev; 3993 ((void **)skb->cb)[1] = hdr; 3994 ((void **)skb->cb)[2] = data; 3995 3996 return skb; 3997 3998 nla_put_failure: 3999 kfree_skb(skb); 4000 return NULL; 4001 } 4002 4003 struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy, 4004 int approxlen) 4005 { 4006 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 4007 4008 if (WARN_ON(!rdev->testmode_info)) 4009 return NULL; 4010 4011 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 4012 rdev->testmode_info->snd_pid, 4013 rdev->testmode_info->snd_seq, 4014 GFP_KERNEL); 4015 } 4016 EXPORT_SYMBOL(cfg80211_testmode_alloc_reply_skb); 4017 4018 int cfg80211_testmode_reply(struct sk_buff *skb) 4019 { 4020 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0]; 4021 void *hdr = ((void **)skb->cb)[1]; 4022 struct nlattr *data = ((void **)skb->cb)[2]; 4023 4024 if (WARN_ON(!rdev->testmode_info)) { 4025 kfree_skb(skb); 4026 return -EINVAL; 4027 } 4028 4029 nla_nest_end(skb, data); 4030 genlmsg_end(skb, hdr); 4031 return genlmsg_reply(skb, rdev->testmode_info); 4032 } 4033 EXPORT_SYMBOL(cfg80211_testmode_reply); 4034 4035 struct sk_buff *cfg80211_testmode_alloc_event_skb(struct wiphy *wiphy, 4036 int approxlen, gfp_t gfp) 4037 { 4038 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 4039 4040 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 0, 0, gfp); 4041 } 4042 EXPORT_SYMBOL(cfg80211_testmode_alloc_event_skb); 4043 4044 void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp) 4045 { 4046 void *hdr = ((void **)skb->cb)[1]; 4047 struct nlattr *data = ((void **)skb->cb)[2]; 4048 4049 nla_nest_end(skb, data); 4050 genlmsg_end(skb, hdr); 4051 genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp); 4052 } 4053 EXPORT_SYMBOL(cfg80211_testmode_event); 4054 #endif 4055 4056 static int nl80211_connect(struct sk_buff *skb, struct genl_info *info) 4057 { 4058 struct cfg80211_registered_device *rdev; 4059 struct net_device *dev; 4060 struct cfg80211_connect_params connect; 4061 struct wiphy *wiphy; 4062 struct cfg80211_cached_keys *connkeys = NULL; 4063 int err; 4064 4065 memset(&connect, 0, sizeof(connect)); 4066 4067 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4068 return -EINVAL; 4069 4070 if (!info->attrs[NL80211_ATTR_SSID] || 4071 !nla_len(info->attrs[NL80211_ATTR_SSID])) 4072 return -EINVAL; 4073 4074 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { 4075 connect.auth_type = 4076 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 4077 if (!nl80211_valid_auth_type(connect.auth_type)) 4078 return -EINVAL; 4079 } else 4080 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC; 4081 4082 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY]; 4083 4084 err = nl80211_crypto_settings(info, &connect.crypto, 4085 NL80211_MAX_NR_CIPHER_SUITES); 4086 if (err) 4087 return err; 4088 rtnl_lock(); 4089 4090 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 4091 if (err) 4092 goto unlock_rtnl; 4093 4094 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) { 4095 err = -EOPNOTSUPP; 4096 goto out; 4097 } 4098 4099 if (!netif_running(dev)) { 4100 err = -ENETDOWN; 4101 goto out; 4102 } 4103 4104 wiphy = &rdev->wiphy; 4105 4106 if (info->attrs[NL80211_ATTR_MAC]) 4107 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4108 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4109 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4110 4111 if (info->attrs[NL80211_ATTR_IE]) { 4112 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4113 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4114 } 4115 4116 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 4117 connect.channel = 4118 ieee80211_get_channel(wiphy, 4119 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 4120 if (!connect.channel || 4121 connect.channel->flags & IEEE80211_CHAN_DISABLED) { 4122 err = -EINVAL; 4123 goto out; 4124 } 4125 } 4126 4127 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) { 4128 connkeys = nl80211_parse_connkeys(rdev, 4129 info->attrs[NL80211_ATTR_KEYS]); 4130 if (IS_ERR(connkeys)) { 4131 err = PTR_ERR(connkeys); 4132 connkeys = NULL; 4133 goto out; 4134 } 4135 } 4136 4137 err = cfg80211_connect(rdev, dev, &connect, connkeys); 4138 4139 out: 4140 cfg80211_unlock_rdev(rdev); 4141 dev_put(dev); 4142 unlock_rtnl: 4143 if (err) 4144 kfree(connkeys); 4145 rtnl_unlock(); 4146 return err; 4147 } 4148 4149 static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info) 4150 { 4151 struct cfg80211_registered_device *rdev; 4152 struct net_device *dev; 4153 int err; 4154 u16 reason; 4155 4156 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 4157 reason = WLAN_REASON_DEAUTH_LEAVING; 4158 else 4159 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 4160 4161 if (reason == 0) 4162 return -EINVAL; 4163 4164 rtnl_lock(); 4165 4166 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 4167 if (err) 4168 goto unlock_rtnl; 4169 4170 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) { 4171 err = -EOPNOTSUPP; 4172 goto out; 4173 } 4174 4175 if (!netif_running(dev)) { 4176 err = -ENETDOWN; 4177 goto out; 4178 } 4179 4180 err = cfg80211_disconnect(rdev, dev, reason, true); 4181 4182 out: 4183 cfg80211_unlock_rdev(rdev); 4184 dev_put(dev); 4185 unlock_rtnl: 4186 rtnl_unlock(); 4187 return err; 4188 } 4189 4190 static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info) 4191 { 4192 struct cfg80211_registered_device *rdev; 4193 struct net *net; 4194 int err; 4195 u32 pid; 4196 4197 if (!info->attrs[NL80211_ATTR_PID]) 4198 return -EINVAL; 4199 4200 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]); 4201 4202 rtnl_lock(); 4203 4204 rdev = cfg80211_get_dev_from_info(info); 4205 if (IS_ERR(rdev)) { 4206 err = PTR_ERR(rdev); 4207 goto out_rtnl; 4208 } 4209 4210 net = get_net_ns_by_pid(pid); 4211 if (IS_ERR(net)) { 4212 err = PTR_ERR(net); 4213 goto out; 4214 } 4215 4216 err = 0; 4217 4218 /* check if anything to do */ 4219 if (net_eq(wiphy_net(&rdev->wiphy), net)) 4220 goto out_put_net; 4221 4222 err = cfg80211_switch_netns(rdev, net); 4223 out_put_net: 4224 put_net(net); 4225 out: 4226 cfg80211_unlock_rdev(rdev); 4227 out_rtnl: 4228 rtnl_unlock(); 4229 return err; 4230 } 4231 4232 static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info) 4233 { 4234 struct cfg80211_registered_device *rdev; 4235 int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev, 4236 struct cfg80211_pmksa *pmksa) = NULL; 4237 int err; 4238 struct net_device *dev; 4239 struct cfg80211_pmksa pmksa; 4240 4241 memset(&pmksa, 0, sizeof(struct cfg80211_pmksa)); 4242 4243 if (!info->attrs[NL80211_ATTR_MAC]) 4244 return -EINVAL; 4245 4246 if (!info->attrs[NL80211_ATTR_PMKID]) 4247 return -EINVAL; 4248 4249 rtnl_lock(); 4250 4251 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 4252 if (err) 4253 goto out_rtnl; 4254 4255 pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]); 4256 pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4257 4258 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) { 4259 err = -EOPNOTSUPP; 4260 goto out; 4261 } 4262 4263 switch (info->genlhdr->cmd) { 4264 case NL80211_CMD_SET_PMKSA: 4265 rdev_ops = rdev->ops->set_pmksa; 4266 break; 4267 case NL80211_CMD_DEL_PMKSA: 4268 rdev_ops = rdev->ops->del_pmksa; 4269 break; 4270 default: 4271 WARN_ON(1); 4272 break; 4273 } 4274 4275 if (!rdev_ops) { 4276 err = -EOPNOTSUPP; 4277 goto out; 4278 } 4279 4280 err = rdev_ops(&rdev->wiphy, dev, &pmksa); 4281 4282 out: 4283 cfg80211_unlock_rdev(rdev); 4284 dev_put(dev); 4285 out_rtnl: 4286 rtnl_unlock(); 4287 4288 return err; 4289 } 4290 4291 static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info) 4292 { 4293 struct cfg80211_registered_device *rdev; 4294 int err; 4295 struct net_device *dev; 4296 4297 rtnl_lock(); 4298 4299 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 4300 if (err) 4301 goto out_rtnl; 4302 4303 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) { 4304 err = -EOPNOTSUPP; 4305 goto out; 4306 } 4307 4308 if (!rdev->ops->flush_pmksa) { 4309 err = -EOPNOTSUPP; 4310 goto out; 4311 } 4312 4313 err = rdev->ops->flush_pmksa(&rdev->wiphy, dev); 4314 4315 out: 4316 cfg80211_unlock_rdev(rdev); 4317 dev_put(dev); 4318 out_rtnl: 4319 rtnl_unlock(); 4320 4321 return err; 4322 4323 } 4324 4325 static struct genl_ops nl80211_ops[] = { 4326 { 4327 .cmd = NL80211_CMD_GET_WIPHY, 4328 .doit = nl80211_get_wiphy, 4329 .dumpit = nl80211_dump_wiphy, 4330 .policy = nl80211_policy, 4331 /* can be retrieved by unprivileged users */ 4332 }, 4333 { 4334 .cmd = NL80211_CMD_SET_WIPHY, 4335 .doit = nl80211_set_wiphy, 4336 .policy = nl80211_policy, 4337 .flags = GENL_ADMIN_PERM, 4338 }, 4339 { 4340 .cmd = NL80211_CMD_GET_INTERFACE, 4341 .doit = nl80211_get_interface, 4342 .dumpit = nl80211_dump_interface, 4343 .policy = nl80211_policy, 4344 /* can be retrieved by unprivileged users */ 4345 }, 4346 { 4347 .cmd = NL80211_CMD_SET_INTERFACE, 4348 .doit = nl80211_set_interface, 4349 .policy = nl80211_policy, 4350 .flags = GENL_ADMIN_PERM, 4351 }, 4352 { 4353 .cmd = NL80211_CMD_NEW_INTERFACE, 4354 .doit = nl80211_new_interface, 4355 .policy = nl80211_policy, 4356 .flags = GENL_ADMIN_PERM, 4357 }, 4358 { 4359 .cmd = NL80211_CMD_DEL_INTERFACE, 4360 .doit = nl80211_del_interface, 4361 .policy = nl80211_policy, 4362 .flags = GENL_ADMIN_PERM, 4363 }, 4364 { 4365 .cmd = NL80211_CMD_GET_KEY, 4366 .doit = nl80211_get_key, 4367 .policy = nl80211_policy, 4368 .flags = GENL_ADMIN_PERM, 4369 }, 4370 { 4371 .cmd = NL80211_CMD_SET_KEY, 4372 .doit = nl80211_set_key, 4373 .policy = nl80211_policy, 4374 .flags = GENL_ADMIN_PERM, 4375 }, 4376 { 4377 .cmd = NL80211_CMD_NEW_KEY, 4378 .doit = nl80211_new_key, 4379 .policy = nl80211_policy, 4380 .flags = GENL_ADMIN_PERM, 4381 }, 4382 { 4383 .cmd = NL80211_CMD_DEL_KEY, 4384 .doit = nl80211_del_key, 4385 .policy = nl80211_policy, 4386 .flags = GENL_ADMIN_PERM, 4387 }, 4388 { 4389 .cmd = NL80211_CMD_SET_BEACON, 4390 .policy = nl80211_policy, 4391 .flags = GENL_ADMIN_PERM, 4392 .doit = nl80211_addset_beacon, 4393 }, 4394 { 4395 .cmd = NL80211_CMD_NEW_BEACON, 4396 .policy = nl80211_policy, 4397 .flags = GENL_ADMIN_PERM, 4398 .doit = nl80211_addset_beacon, 4399 }, 4400 { 4401 .cmd = NL80211_CMD_DEL_BEACON, 4402 .policy = nl80211_policy, 4403 .flags = GENL_ADMIN_PERM, 4404 .doit = nl80211_del_beacon, 4405 }, 4406 { 4407 .cmd = NL80211_CMD_GET_STATION, 4408 .doit = nl80211_get_station, 4409 .dumpit = nl80211_dump_station, 4410 .policy = nl80211_policy, 4411 }, 4412 { 4413 .cmd = NL80211_CMD_SET_STATION, 4414 .doit = nl80211_set_station, 4415 .policy = nl80211_policy, 4416 .flags = GENL_ADMIN_PERM, 4417 }, 4418 { 4419 .cmd = NL80211_CMD_NEW_STATION, 4420 .doit = nl80211_new_station, 4421 .policy = nl80211_policy, 4422 .flags = GENL_ADMIN_PERM, 4423 }, 4424 { 4425 .cmd = NL80211_CMD_DEL_STATION, 4426 .doit = nl80211_del_station, 4427 .policy = nl80211_policy, 4428 .flags = GENL_ADMIN_PERM, 4429 }, 4430 { 4431 .cmd = NL80211_CMD_GET_MPATH, 4432 .doit = nl80211_get_mpath, 4433 .dumpit = nl80211_dump_mpath, 4434 .policy = nl80211_policy, 4435 .flags = GENL_ADMIN_PERM, 4436 }, 4437 { 4438 .cmd = NL80211_CMD_SET_MPATH, 4439 .doit = nl80211_set_mpath, 4440 .policy = nl80211_policy, 4441 .flags = GENL_ADMIN_PERM, 4442 }, 4443 { 4444 .cmd = NL80211_CMD_NEW_MPATH, 4445 .doit = nl80211_new_mpath, 4446 .policy = nl80211_policy, 4447 .flags = GENL_ADMIN_PERM, 4448 }, 4449 { 4450 .cmd = NL80211_CMD_DEL_MPATH, 4451 .doit = nl80211_del_mpath, 4452 .policy = nl80211_policy, 4453 .flags = GENL_ADMIN_PERM, 4454 }, 4455 { 4456 .cmd = NL80211_CMD_SET_BSS, 4457 .doit = nl80211_set_bss, 4458 .policy = nl80211_policy, 4459 .flags = GENL_ADMIN_PERM, 4460 }, 4461 { 4462 .cmd = NL80211_CMD_GET_REG, 4463 .doit = nl80211_get_reg, 4464 .policy = nl80211_policy, 4465 /* can be retrieved by unprivileged users */ 4466 }, 4467 { 4468 .cmd = NL80211_CMD_SET_REG, 4469 .doit = nl80211_set_reg, 4470 .policy = nl80211_policy, 4471 .flags = GENL_ADMIN_PERM, 4472 }, 4473 { 4474 .cmd = NL80211_CMD_REQ_SET_REG, 4475 .doit = nl80211_req_set_reg, 4476 .policy = nl80211_policy, 4477 .flags = GENL_ADMIN_PERM, 4478 }, 4479 { 4480 .cmd = NL80211_CMD_GET_MESH_PARAMS, 4481 .doit = nl80211_get_mesh_params, 4482 .policy = nl80211_policy, 4483 /* can be retrieved by unprivileged users */ 4484 }, 4485 { 4486 .cmd = NL80211_CMD_SET_MESH_PARAMS, 4487 .doit = nl80211_set_mesh_params, 4488 .policy = nl80211_policy, 4489 .flags = GENL_ADMIN_PERM, 4490 }, 4491 { 4492 .cmd = NL80211_CMD_TRIGGER_SCAN, 4493 .doit = nl80211_trigger_scan, 4494 .policy = nl80211_policy, 4495 .flags = GENL_ADMIN_PERM, 4496 }, 4497 { 4498 .cmd = NL80211_CMD_GET_SCAN, 4499 .policy = nl80211_policy, 4500 .dumpit = nl80211_dump_scan, 4501 }, 4502 { 4503 .cmd = NL80211_CMD_AUTHENTICATE, 4504 .doit = nl80211_authenticate, 4505 .policy = nl80211_policy, 4506 .flags = GENL_ADMIN_PERM, 4507 }, 4508 { 4509 .cmd = NL80211_CMD_ASSOCIATE, 4510 .doit = nl80211_associate, 4511 .policy = nl80211_policy, 4512 .flags = GENL_ADMIN_PERM, 4513 }, 4514 { 4515 .cmd = NL80211_CMD_DEAUTHENTICATE, 4516 .doit = nl80211_deauthenticate, 4517 .policy = nl80211_policy, 4518 .flags = GENL_ADMIN_PERM, 4519 }, 4520 { 4521 .cmd = NL80211_CMD_DISASSOCIATE, 4522 .doit = nl80211_disassociate, 4523 .policy = nl80211_policy, 4524 .flags = GENL_ADMIN_PERM, 4525 }, 4526 { 4527 .cmd = NL80211_CMD_JOIN_IBSS, 4528 .doit = nl80211_join_ibss, 4529 .policy = nl80211_policy, 4530 .flags = GENL_ADMIN_PERM, 4531 }, 4532 { 4533 .cmd = NL80211_CMD_LEAVE_IBSS, 4534 .doit = nl80211_leave_ibss, 4535 .policy = nl80211_policy, 4536 .flags = GENL_ADMIN_PERM, 4537 }, 4538 #ifdef CONFIG_NL80211_TESTMODE 4539 { 4540 .cmd = NL80211_CMD_TESTMODE, 4541 .doit = nl80211_testmode_do, 4542 .policy = nl80211_policy, 4543 .flags = GENL_ADMIN_PERM, 4544 }, 4545 #endif 4546 { 4547 .cmd = NL80211_CMD_CONNECT, 4548 .doit = nl80211_connect, 4549 .policy = nl80211_policy, 4550 .flags = GENL_ADMIN_PERM, 4551 }, 4552 { 4553 .cmd = NL80211_CMD_DISCONNECT, 4554 .doit = nl80211_disconnect, 4555 .policy = nl80211_policy, 4556 .flags = GENL_ADMIN_PERM, 4557 }, 4558 { 4559 .cmd = NL80211_CMD_SET_WIPHY_NETNS, 4560 .doit = nl80211_wiphy_netns, 4561 .policy = nl80211_policy, 4562 .flags = GENL_ADMIN_PERM, 4563 }, 4564 { 4565 .cmd = NL80211_CMD_GET_SURVEY, 4566 .policy = nl80211_policy, 4567 .dumpit = nl80211_dump_survey, 4568 }, 4569 { 4570 .cmd = NL80211_CMD_SET_PMKSA, 4571 .doit = nl80211_setdel_pmksa, 4572 .policy = nl80211_policy, 4573 .flags = GENL_ADMIN_PERM, 4574 }, 4575 { 4576 .cmd = NL80211_CMD_DEL_PMKSA, 4577 .doit = nl80211_setdel_pmksa, 4578 .policy = nl80211_policy, 4579 .flags = GENL_ADMIN_PERM, 4580 }, 4581 { 4582 .cmd = NL80211_CMD_FLUSH_PMKSA, 4583 .doit = nl80211_flush_pmksa, 4584 .policy = nl80211_policy, 4585 .flags = GENL_ADMIN_PERM, 4586 }, 4587 4588 }; 4589 static struct genl_multicast_group nl80211_mlme_mcgrp = { 4590 .name = "mlme", 4591 }; 4592 4593 /* multicast groups */ 4594 static struct genl_multicast_group nl80211_config_mcgrp = { 4595 .name = "config", 4596 }; 4597 static struct genl_multicast_group nl80211_scan_mcgrp = { 4598 .name = "scan", 4599 }; 4600 static struct genl_multicast_group nl80211_regulatory_mcgrp = { 4601 .name = "regulatory", 4602 }; 4603 4604 /* notification functions */ 4605 4606 void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev) 4607 { 4608 struct sk_buff *msg; 4609 4610 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4611 if (!msg) 4612 return; 4613 4614 if (nl80211_send_wiphy(msg, 0, 0, 0, rdev) < 0) { 4615 nlmsg_free(msg); 4616 return; 4617 } 4618 4619 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 4620 nl80211_config_mcgrp.id, GFP_KERNEL); 4621 } 4622 4623 static int nl80211_add_scan_req(struct sk_buff *msg, 4624 struct cfg80211_registered_device *rdev) 4625 { 4626 struct cfg80211_scan_request *req = rdev->scan_req; 4627 struct nlattr *nest; 4628 int i; 4629 4630 ASSERT_RDEV_LOCK(rdev); 4631 4632 if (WARN_ON(!req)) 4633 return 0; 4634 4635 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS); 4636 if (!nest) 4637 goto nla_put_failure; 4638 for (i = 0; i < req->n_ssids; i++) 4639 NLA_PUT(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid); 4640 nla_nest_end(msg, nest); 4641 4642 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES); 4643 if (!nest) 4644 goto nla_put_failure; 4645 for (i = 0; i < req->n_channels; i++) 4646 NLA_PUT_U32(msg, i, req->channels[i]->center_freq); 4647 nla_nest_end(msg, nest); 4648 4649 if (req->ie) 4650 NLA_PUT(msg, NL80211_ATTR_IE, req->ie_len, req->ie); 4651 4652 return 0; 4653 nla_put_failure: 4654 return -ENOBUFS; 4655 } 4656 4657 static int nl80211_send_scan_msg(struct sk_buff *msg, 4658 struct cfg80211_registered_device *rdev, 4659 struct net_device *netdev, 4660 u32 pid, u32 seq, int flags, 4661 u32 cmd) 4662 { 4663 void *hdr; 4664 4665 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd); 4666 if (!hdr) 4667 return -1; 4668 4669 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 4670 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 4671 4672 /* ignore errors and send incomplete event anyway */ 4673 nl80211_add_scan_req(msg, rdev); 4674 4675 return genlmsg_end(msg, hdr); 4676 4677 nla_put_failure: 4678 genlmsg_cancel(msg, hdr); 4679 return -EMSGSIZE; 4680 } 4681 4682 void nl80211_send_scan_start(struct cfg80211_registered_device *rdev, 4683 struct net_device *netdev) 4684 { 4685 struct sk_buff *msg; 4686 4687 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 4688 if (!msg) 4689 return; 4690 4691 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 4692 NL80211_CMD_TRIGGER_SCAN) < 0) { 4693 nlmsg_free(msg); 4694 return; 4695 } 4696 4697 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 4698 nl80211_scan_mcgrp.id, GFP_KERNEL); 4699 } 4700 4701 void nl80211_send_scan_done(struct cfg80211_registered_device *rdev, 4702 struct net_device *netdev) 4703 { 4704 struct sk_buff *msg; 4705 4706 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4707 if (!msg) 4708 return; 4709 4710 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 4711 NL80211_CMD_NEW_SCAN_RESULTS) < 0) { 4712 nlmsg_free(msg); 4713 return; 4714 } 4715 4716 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 4717 nl80211_scan_mcgrp.id, GFP_KERNEL); 4718 } 4719 4720 void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev, 4721 struct net_device *netdev) 4722 { 4723 struct sk_buff *msg; 4724 4725 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4726 if (!msg) 4727 return; 4728 4729 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 4730 NL80211_CMD_SCAN_ABORTED) < 0) { 4731 nlmsg_free(msg); 4732 return; 4733 } 4734 4735 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 4736 nl80211_scan_mcgrp.id, GFP_KERNEL); 4737 } 4738 4739 /* 4740 * This can happen on global regulatory changes or device specific settings 4741 * based on custom world regulatory domains. 4742 */ 4743 void nl80211_send_reg_change_event(struct regulatory_request *request) 4744 { 4745 struct sk_buff *msg; 4746 void *hdr; 4747 4748 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4749 if (!msg) 4750 return; 4751 4752 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_CHANGE); 4753 if (!hdr) { 4754 nlmsg_free(msg); 4755 return; 4756 } 4757 4758 /* Userspace can always count this one always being set */ 4759 NLA_PUT_U8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator); 4760 4761 if (request->alpha2[0] == '0' && request->alpha2[1] == '0') 4762 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 4763 NL80211_REGDOM_TYPE_WORLD); 4764 else if (request->alpha2[0] == '9' && request->alpha2[1] == '9') 4765 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 4766 NL80211_REGDOM_TYPE_CUSTOM_WORLD); 4767 else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') || 4768 request->intersect) 4769 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 4770 NL80211_REGDOM_TYPE_INTERSECTION); 4771 else { 4772 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 4773 NL80211_REGDOM_TYPE_COUNTRY); 4774 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, request->alpha2); 4775 } 4776 4777 if (wiphy_idx_valid(request->wiphy_idx)) 4778 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx); 4779 4780 if (genlmsg_end(msg, hdr) < 0) { 4781 nlmsg_free(msg); 4782 return; 4783 } 4784 4785 rcu_read_lock(); 4786 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 4787 GFP_ATOMIC); 4788 rcu_read_unlock(); 4789 4790 return; 4791 4792 nla_put_failure: 4793 genlmsg_cancel(msg, hdr); 4794 nlmsg_free(msg); 4795 } 4796 4797 static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev, 4798 struct net_device *netdev, 4799 const u8 *buf, size_t len, 4800 enum nl80211_commands cmd, gfp_t gfp) 4801 { 4802 struct sk_buff *msg; 4803 void *hdr; 4804 4805 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 4806 if (!msg) 4807 return; 4808 4809 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 4810 if (!hdr) { 4811 nlmsg_free(msg); 4812 return; 4813 } 4814 4815 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 4816 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 4817 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 4818 4819 if (genlmsg_end(msg, hdr) < 0) { 4820 nlmsg_free(msg); 4821 return; 4822 } 4823 4824 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 4825 nl80211_mlme_mcgrp.id, gfp); 4826 return; 4827 4828 nla_put_failure: 4829 genlmsg_cancel(msg, hdr); 4830 nlmsg_free(msg); 4831 } 4832 4833 void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev, 4834 struct net_device *netdev, const u8 *buf, 4835 size_t len, gfp_t gfp) 4836 { 4837 nl80211_send_mlme_event(rdev, netdev, buf, len, 4838 NL80211_CMD_AUTHENTICATE, gfp); 4839 } 4840 4841 void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev, 4842 struct net_device *netdev, const u8 *buf, 4843 size_t len, gfp_t gfp) 4844 { 4845 nl80211_send_mlme_event(rdev, netdev, buf, len, 4846 NL80211_CMD_ASSOCIATE, gfp); 4847 } 4848 4849 void nl80211_send_deauth(struct cfg80211_registered_device *rdev, 4850 struct net_device *netdev, const u8 *buf, 4851 size_t len, gfp_t gfp) 4852 { 4853 nl80211_send_mlme_event(rdev, netdev, buf, len, 4854 NL80211_CMD_DEAUTHENTICATE, gfp); 4855 } 4856 4857 void nl80211_send_disassoc(struct cfg80211_registered_device *rdev, 4858 struct net_device *netdev, const u8 *buf, 4859 size_t len, gfp_t gfp) 4860 { 4861 nl80211_send_mlme_event(rdev, netdev, buf, len, 4862 NL80211_CMD_DISASSOCIATE, gfp); 4863 } 4864 4865 static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev, 4866 struct net_device *netdev, int cmd, 4867 const u8 *addr, gfp_t gfp) 4868 { 4869 struct sk_buff *msg; 4870 void *hdr; 4871 4872 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 4873 if (!msg) 4874 return; 4875 4876 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 4877 if (!hdr) { 4878 nlmsg_free(msg); 4879 return; 4880 } 4881 4882 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 4883 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 4884 NLA_PUT_FLAG(msg, NL80211_ATTR_TIMED_OUT); 4885 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 4886 4887 if (genlmsg_end(msg, hdr) < 0) { 4888 nlmsg_free(msg); 4889 return; 4890 } 4891 4892 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 4893 nl80211_mlme_mcgrp.id, gfp); 4894 return; 4895 4896 nla_put_failure: 4897 genlmsg_cancel(msg, hdr); 4898 nlmsg_free(msg); 4899 } 4900 4901 void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev, 4902 struct net_device *netdev, const u8 *addr, 4903 gfp_t gfp) 4904 { 4905 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE, 4906 addr, gfp); 4907 } 4908 4909 void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev, 4910 struct net_device *netdev, const u8 *addr, 4911 gfp_t gfp) 4912 { 4913 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE, 4914 addr, gfp); 4915 } 4916 4917 void nl80211_send_connect_result(struct cfg80211_registered_device *rdev, 4918 struct net_device *netdev, const u8 *bssid, 4919 const u8 *req_ie, size_t req_ie_len, 4920 const u8 *resp_ie, size_t resp_ie_len, 4921 u16 status, gfp_t gfp) 4922 { 4923 struct sk_buff *msg; 4924 void *hdr; 4925 4926 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 4927 if (!msg) 4928 return; 4929 4930 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT); 4931 if (!hdr) { 4932 nlmsg_free(msg); 4933 return; 4934 } 4935 4936 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 4937 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 4938 if (bssid) 4939 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 4940 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status); 4941 if (req_ie) 4942 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 4943 if (resp_ie) 4944 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 4945 4946 if (genlmsg_end(msg, hdr) < 0) { 4947 nlmsg_free(msg); 4948 return; 4949 } 4950 4951 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 4952 nl80211_mlme_mcgrp.id, gfp); 4953 return; 4954 4955 nla_put_failure: 4956 genlmsg_cancel(msg, hdr); 4957 nlmsg_free(msg); 4958 4959 } 4960 4961 void nl80211_send_roamed(struct cfg80211_registered_device *rdev, 4962 struct net_device *netdev, const u8 *bssid, 4963 const u8 *req_ie, size_t req_ie_len, 4964 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp) 4965 { 4966 struct sk_buff *msg; 4967 void *hdr; 4968 4969 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 4970 if (!msg) 4971 return; 4972 4973 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM); 4974 if (!hdr) { 4975 nlmsg_free(msg); 4976 return; 4977 } 4978 4979 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 4980 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 4981 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 4982 if (req_ie) 4983 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 4984 if (resp_ie) 4985 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 4986 4987 if (genlmsg_end(msg, hdr) < 0) { 4988 nlmsg_free(msg); 4989 return; 4990 } 4991 4992 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 4993 nl80211_mlme_mcgrp.id, gfp); 4994 return; 4995 4996 nla_put_failure: 4997 genlmsg_cancel(msg, hdr); 4998 nlmsg_free(msg); 4999 5000 } 5001 5002 void nl80211_send_disconnected(struct cfg80211_registered_device *rdev, 5003 struct net_device *netdev, u16 reason, 5004 const u8 *ie, size_t ie_len, bool from_ap) 5005 { 5006 struct sk_buff *msg; 5007 void *hdr; 5008 5009 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 5010 if (!msg) 5011 return; 5012 5013 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT); 5014 if (!hdr) { 5015 nlmsg_free(msg); 5016 return; 5017 } 5018 5019 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5020 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5021 if (from_ap && reason) 5022 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason); 5023 if (from_ap) 5024 NLA_PUT_FLAG(msg, NL80211_ATTR_DISCONNECTED_BY_AP); 5025 if (ie) 5026 NLA_PUT(msg, NL80211_ATTR_IE, ie_len, ie); 5027 5028 if (genlmsg_end(msg, hdr) < 0) { 5029 nlmsg_free(msg); 5030 return; 5031 } 5032 5033 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5034 nl80211_mlme_mcgrp.id, GFP_KERNEL); 5035 return; 5036 5037 nla_put_failure: 5038 genlmsg_cancel(msg, hdr); 5039 nlmsg_free(msg); 5040 5041 } 5042 5043 void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev, 5044 struct net_device *netdev, const u8 *bssid, 5045 gfp_t gfp) 5046 { 5047 struct sk_buff *msg; 5048 void *hdr; 5049 5050 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5051 if (!msg) 5052 return; 5053 5054 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS); 5055 if (!hdr) { 5056 nlmsg_free(msg); 5057 return; 5058 } 5059 5060 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5061 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5062 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 5063 5064 if (genlmsg_end(msg, hdr) < 0) { 5065 nlmsg_free(msg); 5066 return; 5067 } 5068 5069 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5070 nl80211_mlme_mcgrp.id, gfp); 5071 return; 5072 5073 nla_put_failure: 5074 genlmsg_cancel(msg, hdr); 5075 nlmsg_free(msg); 5076 } 5077 5078 void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev, 5079 struct net_device *netdev, const u8 *addr, 5080 enum nl80211_key_type key_type, int key_id, 5081 const u8 *tsc, gfp_t gfp) 5082 { 5083 struct sk_buff *msg; 5084 void *hdr; 5085 5086 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5087 if (!msg) 5088 return; 5089 5090 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE); 5091 if (!hdr) { 5092 nlmsg_free(msg); 5093 return; 5094 } 5095 5096 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5097 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5098 if (addr) 5099 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 5100 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE, key_type); 5101 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_id); 5102 if (tsc) 5103 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, 6, tsc); 5104 5105 if (genlmsg_end(msg, hdr) < 0) { 5106 nlmsg_free(msg); 5107 return; 5108 } 5109 5110 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5111 nl80211_mlme_mcgrp.id, gfp); 5112 return; 5113 5114 nla_put_failure: 5115 genlmsg_cancel(msg, hdr); 5116 nlmsg_free(msg); 5117 } 5118 5119 void nl80211_send_beacon_hint_event(struct wiphy *wiphy, 5120 struct ieee80211_channel *channel_before, 5121 struct ieee80211_channel *channel_after) 5122 { 5123 struct sk_buff *msg; 5124 void *hdr; 5125 struct nlattr *nl_freq; 5126 5127 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 5128 if (!msg) 5129 return; 5130 5131 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT); 5132 if (!hdr) { 5133 nlmsg_free(msg); 5134 return; 5135 } 5136 5137 /* 5138 * Since we are applying the beacon hint to a wiphy we know its 5139 * wiphy_idx is valid 5140 */ 5141 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)); 5142 5143 /* Before */ 5144 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE); 5145 if (!nl_freq) 5146 goto nla_put_failure; 5147 if (nl80211_msg_put_channel(msg, channel_before)) 5148 goto nla_put_failure; 5149 nla_nest_end(msg, nl_freq); 5150 5151 /* After */ 5152 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER); 5153 if (!nl_freq) 5154 goto nla_put_failure; 5155 if (nl80211_msg_put_channel(msg, channel_after)) 5156 goto nla_put_failure; 5157 nla_nest_end(msg, nl_freq); 5158 5159 if (genlmsg_end(msg, hdr) < 0) { 5160 nlmsg_free(msg); 5161 return; 5162 } 5163 5164 rcu_read_lock(); 5165 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 5166 GFP_ATOMIC); 5167 rcu_read_unlock(); 5168 5169 return; 5170 5171 nla_put_failure: 5172 genlmsg_cancel(msg, hdr); 5173 nlmsg_free(msg); 5174 } 5175 5176 /* initialisation/exit functions */ 5177 5178 int nl80211_init(void) 5179 { 5180 int err; 5181 5182 err = genl_register_family_with_ops(&nl80211_fam, 5183 nl80211_ops, ARRAY_SIZE(nl80211_ops)); 5184 if (err) 5185 return err; 5186 5187 err = genl_register_mc_group(&nl80211_fam, &nl80211_config_mcgrp); 5188 if (err) 5189 goto err_out; 5190 5191 err = genl_register_mc_group(&nl80211_fam, &nl80211_scan_mcgrp); 5192 if (err) 5193 goto err_out; 5194 5195 err = genl_register_mc_group(&nl80211_fam, &nl80211_regulatory_mcgrp); 5196 if (err) 5197 goto err_out; 5198 5199 err = genl_register_mc_group(&nl80211_fam, &nl80211_mlme_mcgrp); 5200 if (err) 5201 goto err_out; 5202 5203 #ifdef CONFIG_NL80211_TESTMODE 5204 err = genl_register_mc_group(&nl80211_fam, &nl80211_testmode_mcgrp); 5205 if (err) 5206 goto err_out; 5207 #endif 5208 5209 return 0; 5210 err_out: 5211 genl_unregister_family(&nl80211_fam); 5212 return err; 5213 } 5214 5215 void nl80211_exit(void) 5216 { 5217 genl_unregister_family(&nl80211_fam); 5218 } 5219